nicolep218

[nicolep218]

Not sure if I should post here or start new thread but this darn svchost is ruining my life!

I have tried everything I can but it keeps coming back so I am turning to the pros.

Not sure where or how to post all the logs...

Nicole

[LDTate]

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

[nicolep218]

thanks so much Hope I did this right....

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Database version: v2012.04.02.03

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Nicole :: NICOLE-PC [administrator]

4/3/2012 3:43:32 PM

mbam-log-2012-04-03 (15-43-32).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 249171

Time elapsed: 33 minute(s), 22 second(s)

Memory Processes Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> 3388 -> Delete on reboot.

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)

My computer won't let me down load DDS.

[LDTate]

OK.

Lets try this:

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

Next:

Download TDSSKiller from here and save it to your Desktop.

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
   
   
2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
   
   
3. Click the Start Scan button.
   
   
4. If a suspicious object is detected, the default action will be Skip, click on Continue.
   
   
5. If Malicious objects are found then ensure Cure is selected
   
6. If TDLFS File System is found then ensure Delete is selected
   
7. Then click Continue Reboot now to finish the cleaning process.
   
   

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

[nicolep218]

It ran.

DDS txt

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Nicole at 16:19:39 on 2012-04-03

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3999.1400 [GMT -6:00]

.

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\AESTSr64.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Windows\System32\rundll32.exe

C:\Users\Nicole\AppData\Roaming\Google\Google Talk\googletalk.exe

C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\SMINST\BLService.exe

C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe

C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe

C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

-netsvcs

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msntask.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe

C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\ytbb.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

c:\program files (x86)\aim toolbar\aimtbServer.exe

c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msntask.exe

C:\ProgramData\0ea6T22u.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\ProgramData\0ea6T22u.exe

C:\ProgramData\0ea6T22u.exe

C:\Windows\system32\SearchFilterHost.exe

C:\ProgramData\0ea6T22u.exe

C:\ProgramData\0ea6T22u.exe

C:\ProgramData\0ea6T22u.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\ProgramData\0ea6T22u.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\ProgramData\0ea6T22u.exe

C:\ProgramData\0ea6T22u.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb

uStart Page = hxxp://www.aol.com/?src=aim

uInternet Settings,ProxyOverride = <local>;*.local

uURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll

uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll

mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

mURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll

mWinlogon: Userinit=userinit.exe,

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Somoto Toolbar: {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll

BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll

TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll

TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll

TB: Somoto Toolbar: {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll

TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe

uRun: [Google Update] "C:\Users\Nicole\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [googletalk] C:\Users\Nicole\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart

uRun: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN

uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

uRun: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

uRun: [meapdx] rundll32.exe "C:\Users\Nicole\AppData\Local\Temp\meapdx.dll",DAE

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"

mRun: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"

mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

mRun: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"

mRun: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"

mRun: [uCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"

mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

mRun: [updatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"

mRun: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

dRun: [dplaysvr] C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe

dRun: [drivermgr] \devicemgrpro.exe

dRun: [ACFinder] "C:\Windows\system32\config\systemprofile\AppData\Local\AppCore\ACFinder\ACFinder.exe"

dRun: [Mshost Manager] \svchost.exe

dRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe -update activex

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

LSP: mswsock.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{3E64E3BA-7A35-4FB8-987F-08294445E1ED} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{C2370A83-364F-4105-905A-275EB21DFC24} : DhcpNameServer = 192.168.1.1

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Somoto Toolbar: {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dll

BHO-X64: Somoto Toolbar - No File

BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll

BHO-X64: AIM Toolbar Loader - No File

BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll

TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll

TB-X64: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll

TB-X64: Somoto Toolbar: {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dll

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll

TB-X64: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"

mRun-x64: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"

mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun-x64: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

mRun-x64: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"

mRun-x64: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"

mRun-x64: [uCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"

mRun-x64: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

mRun-x64: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

mRun-x64: [updatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"

mRun-x64: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

Hosts: 149.5.18.172 www.google-analytics.com.

Hosts: 149.5.18.172 ad-emea.doubleclick.net.

Hosts: 149.5.18.172 www.statcounter.com.

Hosts: 108.163.215.51 www.google-analytics.com.

Hosts: 108.163.215.51 ad-emea.doubleclick.net.

.

Note: multiple HOSTS entries found. Please refer to Attach.txt

.

============= SERVICES / DRIVERS ===============

.

R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/08/24 03:12:36];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-11-28 146928]

R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\AESTSr64.exe [2009-8-24 89088]

R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]

R2 Recovery Service for Windows;Recovery Service for Windows;C:\Program Files (x86)\SMINST\BLService.exe [2009-1-13 365952]

R2 TVCapSvc;TV Background Capture Service (TVBCS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2008-11-26 296320]

R2 TVSched;TV Task Scheduler (TVTS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2008-11-26 116096]

R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-1-13 222512]

R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-21 136176]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-21 136176]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe --> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [?]

.

=============== Created Last 30 ================

.

2012-04-03 06:42:05 20480 ------w- C:\Windows\svchost.exe

2012-04-02 05:06:14 -------- d-----w- C:\e

2012-04-02 04:20:34 -------- d-----w- C:\Data

2012-04-02 04:15:50 119296 ----a-w- C:\ProgramData\0ea6T22u.exe

2012-04-02 03:37:35 -------- d-----w- C:\Program Files\iPod

2012-04-02 03:37:34 -------- d-----w- C:\Program Files\iTunes

2012-04-01 09:42:59 995328 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll

2012-03-31 05:03:07 1008141 ----a-w- C:\Users\Nicole\rkill.com

2012-03-31 04:18:52 -------- d-----w- C:\Users\Nicole\AppData\Roaming\DriverCure

2012-03-31 04:18:51 -------- d-----w- C:\Users\Nicole\AppData\Roaming\ParetoLogic

2012-03-31 04:18:36 -------- d-----w- C:\ProgramData\ParetoLogic

2012-03-31 04:18:36 -------- d-----w- C:\Program Files (x86)\ParetoLogic

2012-03-30 11:29:44 -------- d-----w- C:\a264f848cfff78beb326d7

2012-03-30 06:05:38 210051234 ----a-w- C:\devicemgrpro.exe

2012-03-28 05:30:02 -------- d-sh--w- C:\Windows\System32\%APPDATA%

2012-03-28 03:32:26 389024 ----a-w- C:\Users\Nicole\unhide.exe

2012-03-27 04:55:24 -------- d-----we C:\Windows\system64

2012-03-27 04:47:37 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3FE113D2-E217-42BC-9FDA-0A27BD528A20}\mpengine.dll

2012-03-25 20:30:11 -------- d-----w- C:\ProgramData\AVG2012

2012-03-25 19:02:10 -------- d-----w- C:\ProgramData\PC Tools

2012-03-19 06:11:34 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

2012-03-16 23:12:19 -------- d-----w- C:\Windows\PCHEALTH

2012-03-11 08:33:47 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\6690.tmp

2012-03-11 08:33:47 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\6641.tmp

2012-03-06 07:12:14 -------- d-----w- C:\Users\Nicole\AppData\Local\Diagnostics

.

==================== Find3M ====================

.

2012-04-01 09:42:59 91648 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe

2012-02-23 15:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe

2012-02-15 06:27:54 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-02-15 05:44:57 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-02-15 04:47:21 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-02-15 04:46:59 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-02-10 06:18:10 1541120 ----a-w- C:\Windows\System32\DWrite.dll

2012-02-10 06:17:55 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll

2012-02-10 06:17:54 902656 ----a-w- C:\Windows\System32\d2d1.dll

2012-02-10 06:17:54 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll

2012-02-10 06:17:54 197120 ----a-w- C:\Windows\System32\d3d10_1.dll

2012-02-10 05:41:38 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-02-10 05:41:20 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2012-02-10 05:41:20 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2012-02-10 05:41:20 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

2012-02-10 05:41:19 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

2012-02-03 04:16:03 3143168 ----a-w- C:\Windows\System32\win32k.sys

2012-01-25 06:27:11 76288 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-01-25 06:27:11 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-01-25 06:20:59 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

.

============= FINISH: 16:22:51.88 ===============

[LDTate]

Whether you wish to continue with cleaning or not, you should be aware that you may have been infected by a backdoor trojan. This type of program has the ability to steal passwords and other information from your system. If you are using your computer for sensitive purposes such as internet banking then I recommend you take the following steps immediately:

• Use another, uninfected computer to change all your internet passwords, especially ones with financial implications such as banks, paypal, ebay, etc. You should also change the passwords for any other site you use.
  
• Call your bank(s), credit card company or any other institution which may be affected and advise them that your login/password or credit card information may have been stolen and ask what steps to take with regard to your account.
  
• Consider what other private information could possibly have been taken from your computer and take appropriate steps
  
• Removing this infection can also disable the ability to connect to the internet.

This infection can almost certainly be cleaned, but as the malware could be configured to run any program a remote attacker requires, it will be impossible to be 100% sure that the machine is clean, if this is unacceptable to you then you should consider reformatting the system partition and reinstalling Windows as this is the only 100% sure answer.

Please post back to let me know how you wish to proceed.

[nicolep218]

Okay Let's proceed. Your Knowledge is appreciated.

did you still want me to download TDSSKiller?

[LDTate]

Yes, run TDSKIller per instructions

[nicolep218]

TDS

16:29:12.0335 3116 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32

16:29:12.0903 3116 ============================================================

16:29:12.0903 3116 Current date / time: 2012/04/03 16:29:12.0903

16:29:12.0903 3116 SystemInfo:

16:29:12.0903 3116

16:29:12.0903 3116 OS Version: 6.1.7600 ServicePack: 0.0

16:29:12.0903 3116 Product type: Workstation

16:29:12.0903 3116 ComputerName: NICOLE-PC

16:29:12.0903 3116 UserName: Nicole

16:29:12.0903 3116 Windows directory: C:\Windows

16:29:12.0903 3116 System windows directory: C:\Windows

16:29:12.0903 3116 Running under WOW64

16:29:12.0903 3116 Processor architecture: Intel x64

16:29:12.0904 3116 Number of processors: 2

16:29:12.0904 3116 Page size: 0x1000

16:29:12.0904 3116 Boot type: Normal boot

16:29:12.0904 3116 ============================================================

16:29:14.0987 3116 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:29:14.0999 3116 \Device\Harddisk0\DR0:

16:29:14.0999 3116 MBR used

16:29:14.0999 3116 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23A1A800

16:29:14.0999 3116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23A1B000, BlocksNum 0x1A12000

16:29:15.0075 3116 Initialize success

16:29:15.0075 3116 ============================================================

16:33:15.0787 5764 ============================================================

16:33:15.0787 5764 Scan started

16:33:15.0787 5764 Mode: Manual; SigCheck; TDLFS;

16:33:15.0787 5764 ============================================================

16:33:23.0405 5764 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

16:33:23.0643 5764 1394ohci - ok

16:33:23.0710 5764 Accelerometer (60fbb29ccce48b4c3a6517caf42c3496) C:\Windows\system32\DRIVERS\Accelerometer.sys

16:33:23.0755 5764 Accelerometer - ok

16:33:23.0812 5764 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

16:33:23.0872 5764 ACPI - ok

16:33:23.0928 5764 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

16:33:24.0083 5764 AcpiPmi - ok

16:33:24.0161 5764 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

16:33:24.0201 5764 adp94xx - ok

16:33:24.0250 5764 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

16:33:24.0289 5764 adpahci - ok

16:33:24.0323 5764 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

16:33:24.0348 5764 adpu320 - ok

16:33:24.0394 5764 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

16:33:24.0717 5764 AeLookupSvc - ok

16:33:24.0836 5764 AESTFilters (7f66523a27754afcfecae2f5eb643a4a) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\AESTSr64.exe

16:33:24.0923 5764 AESTFilters - ok

16:33:25.0033 5764 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys

16:33:25.0168 5764 AFD - ok

16:33:25.0394 5764 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys

16:33:25.0536 5764 AgereSoftModem - ok

16:33:25.0595 5764 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

16:33:25.0614 5764 agp440 - ok

16:33:25.0696 5764 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

16:33:25.0814 5764 ALG - ok

16:33:25.0887 5764 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

16:33:25.0901 5764 aliide - ok

16:33:25.0934 5764 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

16:33:25.0948 5764 amdide - ok

16:33:26.0006 5764 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

16:33:26.0084 5764 AmdK8 - ok

16:33:26.0129 5764 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

16:33:26.0195 5764 AmdPPM - ok

16:33:26.0265 5764 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

16:33:26.0281 5764 amdsata - ok

16:33:26.0341 5764 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

16:33:26.0363 5764 amdsbs - ok

16:33:26.0398 5764 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

16:33:26.0412 5764 amdxata - ok

16:33:26.0448 5764 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

16:33:26.0554 5764 AppID - ok

16:33:26.0609 5764 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

16:33:26.0701 5764 AppIDSvc - ok

16:33:26.0756 5764 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll

16:33:26.0848 5764 Appinfo - ok

16:33:27.0012 5764 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

16:33:27.0029 5764 Apple Mobile Device - ok

16:33:27.0228 5764 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

16:33:27.0263 5764 arc - ok

16:33:27.0295 5764 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

16:33:27.0317 5764 arcsas - ok

16:33:27.0426 5764 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

16:33:27.0564 5764 AsyncMac - ok

16:33:27.0599 5764 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

16:33:27.0616 5764 atapi - ok

16:33:27.0701 5764 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

16:33:27.0861 5764 AudioEndpointBuilder - ok

16:33:27.0879 5764 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

16:33:28.0014 5764 AudioSrv - ok

16:33:28.0078 5764 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll

16:33:28.0400 5764 AxInstSV - ok

16:33:28.0523 5764 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

16:33:28.0686 5764 b06bdrv - ok

16:33:28.0767 5764 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

16:33:28.0847 5764 b57nd60a - ok

16:33:28.0953 5764 BCM43XX (f509c4fd2eba6af4fd8794aeb6f3efb7) C:\Windows\system32\DRIVERS\bcmwl664.sys

16:33:29.0153 5764 BCM43XX - ok

16:33:29.0215 5764 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

16:33:29.0362 5764 BDESVC - ok

16:33:29.0445 5764 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

16:33:29.0564 5764 Beep - ok

16:33:29.0644 5764 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll

16:33:29.0929 5764 BITS - ok

16:33:29.0983 5764 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

16:33:30.0081 5764 blbdrive - ok

16:33:30.0206 5764 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

16:33:30.0228 5764 Bonjour Service - ok

16:33:30.0274 5764 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

16:33:30.0478 5764 bowser - ok

16:33:30.0499 5764 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

16:33:30.0556 5764 BrFiltLo - ok

16:33:30.0593 5764 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

16:33:30.0633 5764 BrFiltUp - ok

16:33:30.0727 5764 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll

16:33:30.0845 5764 Browser - ok

16:33:30.0874 5764 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

16:33:30.0933 5764 Brserid - ok

16:33:31.0060 5764 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

16:33:31.0119 5764 BrSerWdm - ok

16:33:31.0158 5764 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

16:33:31.0219 5764 BrUsbMdm - ok

16:33:31.0259 5764 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

16:33:31.0321 5764 BrUsbSer - ok

16:33:31.0349 5764 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

16:33:31.0465 5764 BTHMODEM - ok

16:33:31.0554 5764 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

16:33:31.0755 5764 bthserv - ok

16:33:31.0784 5764 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

16:33:31.0863 5764 cdfs - ok

16:33:31.0931 5764 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

16:33:32.0006 5764 cdrom - ok

16:33:32.0062 5764 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

16:33:32.0193 5764 CertPropSvc - ok

16:33:32.0287 5764 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

16:33:32.0381 5764 circlass - ok

16:33:32.0413 5764 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

16:33:32.0442 5764 CLFS - ok

16:33:32.0523 5764 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:33:32.0539 5764 clr_optimization_v2.0.50727_32 - ok

16:33:32.0604 5764 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

16:33:32.0622 5764 clr_optimization_v2.0.50727_64 - ok

16:33:32.0722 5764 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

16:33:32.0780 5764 clr_optimization_v4.0.30319_32 - ok

16:33:32.0830 5764 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

16:33:32.0855 5764 clr_optimization_v4.0.30319_64 - ok

16:33:32.0999 5764 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

16:33:33.0048 5764 CmBatt - ok

16:33:33.0086 5764 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

16:33:33.0100 5764 cmdide - ok

16:33:33.0165 5764 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys

16:33:33.0291 5764 CNG - ok

16:33:33.0844 5764 Com4QLBEx (12e94e225bd7b05a2bccd5c0b841e921) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

16:33:33.0860 5764 Com4QLBEx - ok

16:33:34.0059 5764 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

16:33:34.0075 5764 Compbatt - ok

16:33:34.0149 5764 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

16:33:34.0226 5764 CompositeBus - ok

16:33:34.0254 5764 COMSysApp - ok

16:33:34.0288 5764 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

16:33:34.0306 5764 crcdisk - ok

16:33:34.0379 5764 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll

16:33:34.0514 5764 CryptSvc - ok

16:33:34.0577 5764 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

16:33:34.0806 5764 DcomLaunch - ok

16:33:34.0933 5764 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

16:33:35.0036 5764 defragsvc - ok

16:33:35.0098 5764 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

16:33:35.0257 5764 DfsC - ok

16:33:35.0359 5764 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll

16:33:35.0511 5764 Dhcp - ok

16:33:35.0599 5764 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

16:33:35.0766 5764 discache - ok

16:33:35.0825 5764 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

16:33:35.0846 5764 Disk - ok

16:33:35.0917 5764 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll

16:33:36.0021 5764 Dnscache - ok

16:33:36.0073 5764 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll

16:33:36.0222 5764 dot3svc - ok

16:33:36.0257 5764 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll

16:33:36.0439 5764 DPS - ok

16:33:36.0536 5764 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

16:33:36.0573 5764 drmkaud - ok

16:33:36.0620 5764 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

16:33:36.0701 5764 DXGKrnl - ok

16:33:36.0720 5764 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

16:33:36.0823 5764 EapHost - ok

16:33:36.0977 5764 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

16:33:37.0290 5764 ebdrv - ok

16:33:37.0330 5764 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe

16:33:37.0478 5764 EFS - ok

16:33:37.0563 5764 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe

16:33:37.0801 5764 ehRecvr - ok

16:33:37.0853 5764 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

16:33:39.0583 5764 ehSched - ok

16:33:39.0795 5764 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

16:33:39.0838 5764 elxstor - ok

16:33:39.0934 5764 enecir (f218a3a27ed6592c0e22ec3595554447) C:\Windows\system32\DRIVERS\enecir.sys

16:33:40.0001 5764 enecir - ok

16:33:40.0073 5764 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

16:33:40.0138 5764 ErrDev - ok

16:33:40.0201 5764 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

16:33:40.0336 5764 EventSystem - ok

16:33:40.0382 5764 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

16:33:40.0487 5764 exfat - ok

16:33:40.0542 5764 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

16:33:40.0655 5764 fastfat - ok

16:33:40.0731 5764 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe

16:33:40.0835 5764 Fax - ok

16:33:40.0867 5764 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

16:33:40.0925 5764 fdc - ok

16:33:41.0013 5764 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

16:33:41.0071 5764 fdPHost - ok

16:33:41.0098 5764 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

16:33:41.0179 5764 FDResPub - ok

16:33:41.0224 5764 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

16:33:41.0239 5764 FileInfo - ok

16:33:41.0271 5764 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

16:33:41.0365 5764 Filetrace - ok

16:33:41.0400 5764 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

16:33:41.0476 5764 flpydisk - ok

16:33:41.0517 5764 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

16:33:41.0542 5764 FltMgr - ok

16:33:41.0599 5764 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll

16:33:41.0722 5764 FontCache - ok

16:33:41.0857 5764 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

16:33:41.0869 5764 FontCache3.0.0.0 - ok

16:33:41.0928 5764 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

16:33:41.0943 5764 FsDepends - ok

16:33:41.0960 5764 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

16:33:41.0974 5764 Fs_Rec - ok

16:33:42.0062 5764 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

16:33:42.0096 5764 fvevol - ok

16:33:42.0154 5764 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

16:33:42.0177 5764 gagp30kx - ok

16:33:42.0303 5764 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

16:33:42.0318 5764 GamesAppService - ok

16:33:42.0368 5764 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

16:33:42.0377 5764 GEARAspiWDM - ok

16:33:42.0437 5764 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll

16:33:42.0517 5764 gpsvc - ok

16:33:42.0598 5764 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:33:42.0611 5764 gupdate - ok

16:33:42.0642 5764 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:33:42.0653 5764 gupdatem - ok

16:33:42.0719 5764 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

16:33:42.0891 5764 hcw85cir - ok

16:33:42.0939 5764 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

16:33:43.0017 5764 HDAudBus - ok

16:33:43.0086 5764 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

16:33:43.0383 5764 HidBatt - ok

16:33:43.0430 5764 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

16:33:43.0707 5764 HidBth - ok

16:33:43.0746 5764 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

16:33:44.0022 5764 HidIr - ok

16:33:44.0071 5764 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

16:33:44.0295 5764 hidserv - ok

16:33:44.0359 5764 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

16:33:44.0517 5764 HidUsb - ok

16:33:44.0623 5764 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll

16:33:44.0739 5764 hkmsvc - ok

16:33:44.0772 5764 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll

16:33:44.0872 5764 HomeGroupListener - ok

16:33:44.0913 5764 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll

16:33:44.0981 5764 HomeGroupProvider - ok

16:33:45.0133 5764 HP Health Check Service (a19b0bb5a7eb6df2dd4a0711d36955ee) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

16:33:45.0169 5764 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning

16:33:45.0169 5764 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)

16:33:45.0244 5764 hpdskflt (4a435ca815a54639ca09ddf75d751ebc) C:\Windows\system32\DRIVERS\hpdskflt.sys

16:33:45.0254 5764 hpdskflt - ok

16:33:45.0312 5764 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

16:33:45.0416 5764 HpqKbFiltr - ok

16:33:45.0582 5764 hpqwmiex (188ff0adf66768d53ad94f43972e1e9a) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

16:33:45.0634 5764 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning

16:33:45.0634 5764 hpqwmiex - detected UnsignedFile.Multi.Generic (1)

16:33:45.0789 5764 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

16:33:45.0805 5764 HpSAMD - ok

16:33:45.0961 5764 hpsrv (6bf024ea61d7894bf4af0b10a90b546e) C:\Windows\system32\Hpservice.exe

16:33:46.0019 5764 hpsrv - ok

16:33:46.0116 5764 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

16:33:46.0310 5764 HTTP - ok

16:33:46.0350 5764 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

16:33:46.0363 5764 hwpolicy - ok

16:33:46.0386 5764 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

16:33:46.0410 5764 i8042prt - ok

16:33:46.0488 5764 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

16:33:46.0516 5764 iaStorV - ok

16:33:46.0639 5764 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

16:33:46.0671 5764 IDriverT ( UnsignedFile.Multi.Generic ) - warning

16:33:46.0671 5764 IDriverT - detected UnsignedFile.Multi.Generic (1)

16:33:46.0819 5764 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

16:33:46.0860 5764 idsvc - ok

16:33:47.0342 5764 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys

16:33:47.0741 5764 igfx - ok

16:33:47.0855 5764 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

16:33:47.0873 5764 iirsp - ok

16:33:47.0984 5764 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll

16:33:48.0312 5764 IKEEXT - ok

16:33:48.0375 5764 IntcHdmiAddService (be1cb000c655396c9def09aee3ea2d67) C:\Windows\system32\drivers\IntcHdmi.sys

16:33:48.0592 5764 IntcHdmiAddService - ok

16:33:48.0659 5764 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

16:33:48.0681 5764 intelide - ok

16:33:48.0749 5764 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

16:33:48.0873 5764 intelppm - ok

16:33:48.0932 5764 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

16:33:49.0038 5764 IPBusEnum - ok

16:33:49.0132 5764 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:33:49.0366 5764 IpFilterDriver - ok

16:33:49.0393 5764 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

16:33:49.0463 5764 IPMIDRV - ok

16:33:49.0555 5764 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

16:33:49.0903 5764 IPNAT - ok

16:33:50.0045 5764 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

16:33:50.0227 5764 iPod Service - ok

16:33:50.0371 5764 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

16:33:50.0399 5764 IRENUM - ok

16:33:50.0435 5764 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

16:33:50.0451 5764 isapnp - ok

16:33:50.0498 5764 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

16:33:50.0586 5764 iScsiPrt - ok

16:33:50.0638 5764 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

16:33:50.0658 5764 kbdclass - ok

16:33:50.0725 5764 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

16:33:50.0800 5764 kbdhid - ok

16:33:50.0842 5764 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

16:33:50.0896 5764 KeyIso - ok

16:33:50.0924 5764 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys

16:33:50.0961 5764 KSecDD - ok

16:33:51.0116 5764 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys

16:33:51.0144 5764 KSecPkg - ok

16:33:51.0284 5764 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

16:33:51.0373 5764 ksthunk - ok

16:33:51.0541 5764 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

16:33:51.0893 5764 KtmRm - ok

16:33:51.0965 5764 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll

16:33:53.0424 5764 LanmanServer - ok

16:33:53.0663 5764 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll

16:33:54.0127 5764 LanmanWorkstation - ok

16:33:54.0335 5764 LightScribeService (abf90fc5a127f481219b873c1b8dfc1c) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

16:33:54.0364 5764 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

16:33:54.0364 5764 LightScribeService - detected UnsignedFile.Multi.Generic (1)

16:33:54.0607 5764 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

16:33:54.0773 5764 lltdio - ok

16:33:55.0325 5764 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

16:33:55.0429 5764 lltdsvc - ok

16:33:55.0489 5764 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

16:33:55.0552 5764 lmhosts - ok

16:33:55.0648 5764 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

16:33:55.0666 5764 LSI_FC - ok

16:33:55.0689 5764 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

16:33:55.0725 5764 LSI_SAS - ok

16:33:55.0750 5764 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

16:33:55.0789 5764 LSI_SAS2 - ok

16:33:55.0826 5764 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

16:33:55.0844 5764 LSI_SCSI - ok

16:33:55.0878 5764 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

16:33:56.0058 5764 luafv - ok

16:33:56.0131 5764 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll

16:33:56.0188 5764 Mcx2Svc - ok

16:33:56.0227 5764 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

16:33:56.0242 5764 megasas - ok

16:33:56.0277 5764 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

16:33:56.0355 5764 MegaSR - ok

16:33:56.0384 5764 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

16:33:56.0478 5764 MMCSS - ok

16:33:56.0526 5764 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

16:33:56.0609 5764 Modem - ok

16:33:56.0681 5764 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

16:33:56.0743 5764 monitor - ok

16:33:56.0778 5764 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

16:33:56.0809 5764 mouclass - ok

16:33:56.0828 5764 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

16:33:56.0909 5764 mouhid - ok

16:33:56.0925 5764 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

16:33:56.0942 5764 mountmgr - ok

16:33:56.0969 5764 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

16:33:56.0989 5764 mpio - ok

16:33:57.0023 5764 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

16:33:57.0101 5764 mpsdrv - ok

16:33:57.0140 5764 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

16:33:57.0200 5764 MRxDAV - ok

16:33:57.0256 5764 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

16:33:57.0287 5764 mrxsmb - ok

16:33:57.0334 5764 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:33:57.0407 5764 mrxsmb10 - ok

16:33:57.0462 5764 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:33:57.0534 5764 mrxsmb20 - ok

16:33:57.0594 5764 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

16:33:57.0610 5764 msahci - ok

16:33:57.0668 5764 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

16:33:57.0686 5764 msdsm - ok

16:33:57.0740 5764 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

16:33:57.0806 5764 MSDTC - ok

16:33:57.0853 5764 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

16:33:57.0925 5764 Msfs - ok

16:33:57.0959 5764 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

16:33:58.0085 5764 mshidkmdf - ok

16:33:58.0109 5764 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

16:33:58.0124 5764 msisadrv - ok

16:33:58.0215 5764 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

16:33:58.0394 5764 MSiSCSI - ok

16:33:58.0405 5764 msiserver - ok

16:33:58.0448 5764 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

16:33:58.0560 5764 MSKSSRV - ok

16:33:58.0596 5764 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

16:33:58.0729 5764 MSPCLOCK - ok

16:33:58.0767 5764 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

16:33:58.0889 5764 MSPQM - ok

16:33:58.0943 5764 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

16:33:58.0977 5764 MsRPC - ok

16:33:59.0006 5764 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

16:33:59.0025 5764 mssmbios - ok

16:33:59.0058 5764 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

16:33:59.0252 5764 MSTEE - ok

16:33:59.0291 5764 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

16:33:59.0338 5764 MTConfig - ok

16:33:59.0373 5764 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

16:33:59.0410 5764 Mup - ok

16:33:59.0475 5764 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll

16:33:59.0628 5764 napagent - ok

16:33:59.0699 5764 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

16:33:59.0799 5764 NativeWifiP - ok

16:33:59.0874 5764 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

16:33:59.0962 5764 NDIS - ok

16:33:59.0984 5764 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

16:34:00.0073 5764 NdisCap - ok

16:34:00.0125 5764 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

16:34:00.0235 5764 NdisTapi - ok

16:34:00.0325 5764 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

16:34:00.0501 5764 Ndisuio - ok

16:34:00.0569 5764 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

16:34:00.0652 5764 NdisWan - ok

16:34:00.0676 5764 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

16:34:00.0818 5764 NDProxy - ok

16:34:00.0891 5764 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

16:34:01.0046 5764 NetBIOS - ok

16:34:01.0085 5764 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

16:34:01.0210 5764 NetBT - ok

16:34:01.0247 5764 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

16:34:01.0288 5764 Netlogon - ok

16:34:01.0359 5764 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

16:34:01.0455 5764 Netman - ok

16:34:01.0534 5764 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

16:34:01.0641 5764 netprofm - ok

16:34:01.0853 5764 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:34:01.0887 5764 NetTcpPortSharing - ok

16:34:01.0979 5764 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

16:34:02.0001 5764 nfrd960 - ok

16:34:02.0071 5764 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll

16:34:02.0163 5764 NlaSvc - ok

16:34:02.0183 5764 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

16:34:02.0355 5764 Npfs - ok

16:34:02.0391 5764 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

16:34:02.0493 5764 nsi - ok

16:34:02.0516 5764 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

16:34:02.0671 5764 nsiproxy - ok

16:34:02.0825 5764 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

16:34:02.0925 5764 Ntfs - ok

16:34:02.0977 5764 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

16:34:03.0118 5764 Null - ok

16:34:03.0217 5764 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

16:34:03.0244 5764 nvraid - ok

16:34:03.0311 5764 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

16:34:03.0368 5764 nvstor - ok

16:34:03.0442 5764 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

16:34:03.0471 5764 nv_agp - ok

16:34:03.0638 5764 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

16:34:03.0758 5764 odserv - ok

16:34:03.0961 5764 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

16:34:04.0089 5764 ohci1394 - ok

16:34:04.0237 5764 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

16:34:04.0256 5764 ose - ok

16:34:04.0373 5764 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

16:34:04.0534 5764 p2pimsvc - ok

16:34:04.0589 5764 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

16:34:04.0677 5764 p2psvc - ok

16:34:04.0744 5764 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

16:34:04.0775 5764 Parport - ok

16:34:04.0797 5764 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

16:34:04.0818 5764 partmgr - ok

16:34:04.0838 5764 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

16:34:04.0900 5764 PcaSvc - ok

16:34:04.0946 5764 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

16:34:04.0971 5764 pci - ok

16:34:04.0995 5764 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

16:34:05.0013 5764 pciide - ok

16:34:05.0039 5764 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

16:34:05.0065 5764 pcmcia - ok

16:34:05.0116 5764 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

16:34:05.0137 5764 pcw - ok

16:34:05.0347 5764 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

16:34:05.0551 5764 PEAUTH - ok

16:34:06.0299 5764 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

16:34:06.0349 5764 PerfHost - ok

16:34:06.0504 5764 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll

16:34:06.0876 5764 pla - ok

16:34:06.0958 5764 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll

16:34:07.0162 5764 PlugPlay - ok

16:34:07.0213 5764 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

16:34:07.0299 5764 PNRPAutoReg - ok

16:34:07.0341 5764 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

16:34:07.0372 5764 PNRPsvc - ok

16:34:07.0444 5764 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll

16:34:07.0567 5764 PolicyAgent - ok

16:34:07.0621 5764 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

16:34:07.0778 5764 Power - ok

16:34:07.0874 5764 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

16:34:08.0123 5764 PptpMiniport - ok

16:34:08.0241 5764 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

16:34:08.0318 5764 Processor - ok

16:34:08.0375 5764 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll

16:34:08.0495 5764 ProfSvc - ok

16:34:08.0564 5764 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

16:34:08.0594 5764 ProtectedStorage - ok

16:34:08.0668 5764 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

16:34:08.0807 5764 Psched - ok

16:34:08.0896 5764 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

16:34:09.0003 5764 ql2300 - ok

16:34:09.0052 5764 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

16:34:09.0132 5764 ql40xx - ok

16:34:09.0182 5764 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

16:34:09.0273 5764 QWAVE - ok

16:34:09.0312 5764 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

16:34:09.0426 5764 QWAVEdrv - ok

16:34:09.0459 5764 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

16:34:09.0636 5764 RasAcd - ok

16:34:09.0785 5764 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

16:34:09.0948 5764 RasAgileVpn - ok

16:34:10.0024 5764 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

16:34:10.0140 5764 RasAuto - ok

16:34:10.0192 5764 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

16:34:10.0339 5764 Rasl2tp - ok

16:34:10.0391 5764 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll

16:34:10.0614 5764 RasMan - ok

16:34:10.0636 5764 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

16:34:10.0731 5764 RasPppoe - ok

16:34:10.0785 5764 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

16:34:10.0954 5764 RasSstp - ok

16:34:11.0001 5764 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

16:34:11.0164 5764 rdbss - ok

16:34:11.0200 5764 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

16:34:11.0253 5764 rdpbus - ok

16:34:11.0299 5764 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

16:34:11.0397 5764 RDPCDD - ok

16:34:11.0461 5764 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

16:34:11.0646 5764 RDPENCDD - ok

16:34:11.0681 5764 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

16:34:11.0933 5764 RDPREFMP - ok

16:34:11.0976 5764 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys

16:34:12.0068 5764 RDPWD - ok

16:34:12.0092 5764 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

16:34:12.0118 5764 rdyboost - ok

16:34:12.0252 5764 Recovery Service for Windows (bc0a4d47472b042537f4e57b950415fa) C:\Program Files (x86)\SMINST\BLService.exe

16:34:12.0291 5764 Recovery Service for Windows - ok

16:34:12.0340 5764 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

16:34:12.0524 5764 RemoteAccess - ok

16:34:12.0575 5764 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

16:34:12.0656 5764 RemoteRegistry - ok

16:34:12.0787 5764 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

16:34:12.0803 5764 RichVideo ( UnsignedFile.Multi.Generic ) - warning

16:34:12.0804 5764 RichVideo - detected UnsignedFile.Multi.Generic (1)

16:34:12.0838 5764 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

16:34:12.0940 5764 RpcEptMapper - ok

16:34:12.0994 5764 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

16:34:13.0088 5764 RpcLocator - ok

16:34:13.0134 5764 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

16:34:14.0577 5764 RpcSs - ok

16:34:14.0883 5764 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

16:34:15.0120 5764 rspndr - ok

16:34:15.0204 5764 RTL8169 (8b91737da75add21cb1554b38089196a) C:\Windows\system32\DRIVERS\Rtlh64.sys

16:34:15.0296 5764 RTL8169 - ok

16:34:15.0351 5764 RTSTOR (aa3987386cf7d9005c42bc974634bd56) C:\Windows\system32\drivers\RTSTOR64.SYS

16:34:15.0418 5764 RTSTOR - ok

16:34:15.0468 5764 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

16:34:15.0491 5764 SamSs - ok

16:34:15.0555 5764 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

16:34:15.0576 5764 sbp2port - ok

16:34:15.0635 5764 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

16:34:15.0805 5764 SCardSvr - ok

16:34:15.0849 5764 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

16:34:15.0959 5764 scfilter - ok

16:34:16.0294 5764 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll

16:34:16.0544 5764 Schedule - ok

16:34:16.0582 5764 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

16:34:16.0727 5764 SCPolicySvc - ok

16:34:16.0786 5764 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll

16:34:17.0037 5764 SDRSVC - ok

16:34:17.0201 5764 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

16:34:17.0337 5764 secdrv - ok

16:34:17.0367 5764 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll

16:34:17.0445 5764 seclogon - ok

16:34:17.0467 5764 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

16:34:17.0584 5764 SENS - ok

16:34:17.0604 5764 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

16:34:17.0685 5764 SensrSvc - ok

16:34:17.0741 5764 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

16:34:17.0764 5764 Serenum - ok

16:34:17.0819 5764 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

16:34:17.0857 5764 Serial - ok

16:34:17.0880 5764 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

16:34:17.0942 5764 sermouse - ok

16:34:18.0038 5764 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll

16:34:18.0112 5764 SessionEnv - ok

16:34:18.0154 5764 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

16:34:18.0279 5764 sffdisk - ok

16:34:18.0304 5764 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

16:34:18.0360 5764 sffp_mmc - ok

16:34:18.0381 5764 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

16:34:18.0526 5764 sffp_sd - ok

16:34:18.0566 5764 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

16:34:18.0675 5764 sfloppy - ok

16:34:18.0735 5764 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

16:34:18.0856 5764 SharedAccess - ok

16:34:18.0907 5764 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll

16:34:19.0005 5764 ShellHWDetection - ok

16:34:19.0103 5764 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

16:34:19.0124 5764 SiSRaid2 - ok

16:34:19.0146 5764 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

16:34:19.0166 5764 SiSRaid4 - ok

16:34:19.0221 5764 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

16:34:19.0380 5764 Smb - ok

16:34:19.0456 5764 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

16:34:19.0506 5764 SNMPTRAP - ok

16:34:19.0587 5764 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

16:34:19.0609 5764 spldr - ok

16:34:19.0670 5764 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe

16:34:19.0832 5764 Spooler - ok

16:34:19.0976 5764 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe

16:34:20.0241 5764 sppsvc - ok

16:34:20.0281 5764 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

16:34:20.0391 5764 sppuinotify - ok

16:34:20.0464 5764 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

16:34:20.0712 5764 srv - ok

16:34:20.0753 5764 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

16:34:20.0815 5764 srv2 - ok

16:34:20.0853 5764 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

16:34:20.0988 5764 srvnet - ok

16:34:21.0046 5764 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

16:34:21.0177 5764 SSDPSRV - ok

16:34:21.0227 5764 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

16:34:21.0330 5764 SstpSvc - ok

16:34:21.0709 5764 STacSV (a400c503b256cd7c8289b2a943370415) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\STacSV64.exe

16:34:21.0772 5764 STacSV - ok

16:34:21.0848 5764 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

16:34:21.0870 5764 stexstor - ok

16:34:21.0931 5764 STHDA (0c2bf91cdc0575f5713a4d2d5118bc06) C:\Windows\system32\DRIVERS\stwrt64.sys

16:34:21.0983 5764 STHDA - ok

16:34:22.0065 5764 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll

16:34:22.0168 5764 stisvc - ok

16:34:22.0202 5764 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

16:34:22.0222 5764 swenum - ok

16:34:22.0288 5764 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

16:34:22.0440 5764 swprv - ok

16:34:22.0601 5764 SynTP (5bfcf934891022e15404befe0f5ece9f) C:\Windows\system32\DRIVERS\SynTP.sys

16:34:22.0641 5764 SynTP - ok

16:34:22.0733 5764 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll

16:34:22.0888 5764 SysMain - ok

16:34:22.0927 5764 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll

16:34:23.0013 5764 TabletInputService - ok

16:34:23.0053 5764 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll

16:34:23.0200 5764 TapiSrv - ok

16:34:23.0232 5764 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

16:34:23.0445 5764 TBS - ok

16:34:23.0638 5764 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys

16:34:23.0858 5764 Tcpip - ok

16:34:23.0996 5764 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys

16:34:24.0154 5764 TCPIP6 - ok

16:34:24.0205 5764 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

16:34:24.0360 5764 tcpipreg - ok

16:34:24.0408 5764 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

16:34:24.0572 5764 TDPIPE - ok

16:34:24.0608 5764 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys

16:34:24.0692 5764 TDTCP - ok

16:34:24.0723 5764 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

16:34:24.0977 5764 tdx - ok

16:34:25.0020 5764 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

16:34:25.0045 5764 TermDD - ok

16:34:25.0126 5764 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll

16:34:25.0309 5764 TermService - ok

16:34:25.0471 5764 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

16:34:25.0597 5764 Themes - ok

16:34:25.0649 5764 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

16:34:25.0738 5764 THREADORDER - ok

16:34:25.0765 5764 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

16:34:25.0920 5764 TrkWks - ok

16:34:26.0012 5764 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe

16:34:26.0061 5764 TrustedInstaller - ok

16:34:26.0142 5764 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

16:34:26.0316 5764 tssecsrv - ok

16:34:26.0401 5764 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

16:34:26.0549 5764 tunnel - ok

16:34:26.0993 5764 TVCapSvc (1c31169dddc70c1605f703da701eaeea) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe

16:34:27.0014 5764 TVCapSvc - ok

16:34:27.0024 5764 TVSched (290b8c381dbc15d3dbcbd2bdb6b0ba12) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe

16:34:27.0040 5764 TVSched - ok

16:34:27.0205 5764 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

16:34:27.0228 5764 uagp35 - ok

16:34:27.0258 5764 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

16:34:27.0419 5764 udfs - ok

16:34:27.0479 5764 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

16:34:27.0538 5764 UI0Detect - ok

16:34:27.0627 5764 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

16:34:27.0648 5764 uliagpkx - ok

16:34:27.0685 5764 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

16:34:27.0817 5764 umbus - ok

16:34:27.0849 5764 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

16:34:27.0927 5764 UmPass - ok

16:34:27.0987 5764 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

16:34:28.0095 5764 upnphost - ok

16:34:28.0181 5764 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

16:34:28.0246 5764 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning

16:34:28.0247 5764 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)

16:34:28.0315 5764 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys

16:34:28.0347 5764 usbccgp - ok

16:34:28.0413 5764 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

16:34:28.0491 5764 usbcir - ok

16:34:28.0536 5764 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys

16:34:28.0568 5764 usbehci - ok

16:34:28.0645 5764 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys

16:34:28.0709 5764 usbhub - ok

16:34:28.0748 5764 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys

16:34:28.0802 5764 usbohci - ok

16:34:28.0835 5764 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

16:34:28.0883 5764 usbprint - ok

16:34:28.0906 5764 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:34:28.0943 5764 USBSTOR - ok

16:34:28.0971 5764 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys

16:34:29.0037 5764 usbuhci - ok

16:34:29.0109 5764 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

16:34:29.0166 5764 usbvideo - ok

16:34:29.0218 5764 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

16:34:29.0297 5764 UxSms - ok

16:34:29.0334 5764 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

16:34:29.0360 5764 VaultSvc - ok

16:34:29.0451 5764 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

16:34:29.0470 5764 vdrvroot - ok

16:34:29.0524 5764 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe

16:34:29.0654 5764 vds - ok

16:34:29.0699 5764 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

16:34:29.0740 5764 vga - ok

16:34:29.0794 5764 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

16:34:29.0923 5764 VgaSave - ok

16:34:29.0958 5764 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

16:34:29.0984 5764 vhdmp - ok

16:34:30.0009 5764 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

16:34:30.0028 5764 viaide - ok

16:34:30.0084 5764 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

16:34:30.0105 5764 volmgr - ok

16:34:30.0139 5764 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

16:34:30.0174 5764 volmgrx - ok

16:34:30.0210 5764 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

16:34:30.0239 5764 volsnap - ok

16:34:30.0293 5764 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

16:34:30.0317 5764 vsmraid - ok

16:34:30.0428 5764 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe

16:34:30.0549 5764 VSS - ok

16:34:30.0586 5764 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

16:34:30.0718 5764 vwifibus - ok

16:34:30.0761 5764 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

16:34:31.0051 5764 W32Time - ok

16:34:31.0130 5764 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

16:34:31.0181 5764 WacomPen - ok

16:34:31.0256 5764 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

16:34:31.0381 5764 WANARP - ok

16:34:31.0400 5764 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

16:34:31.0517 5764 Wanarpv6 - ok

16:34:31.0626 5764 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

16:34:31.0701 5764 WatAdminSvc - ok

16:34:31.0793 5764 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe

16:34:31.0963 5764 wbengine - ok

16:34:32.0059 5764 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

16:34:32.0107 5764 WbioSrvc - ok

16:34:32.0146 5764 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll

16:34:32.0218 5764 wcncsvc - ok

16:34:32.0244 5764 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

16:34:32.0385 5764 WcsPlugInService - ok

16:34:32.0440 5764 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

16:34:32.0464 5764 Wd - ok

16:34:32.0542 5764 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

16:34:32.0660 5764 Wdf01000 - ok

16:34:32.0690 5764 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

16:34:32.0803 5764 WdiServiceHost - ok

16:34:32.0810 5764 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

16:34:32.0850 5764 WdiSystemHost - ok

16:34:32.0914 5764 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll

16:34:33.0026 5764 WebClient - ok

16:34:33.0055 5764 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

16:34:33.0203 5764 Wecsvc - ok

16:34:33.0261 5764 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

16:34:34.0771 5764 wercplsupport - ok

16:34:35.0025 5764 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

16:34:35.0210 5764 WerSvc - ok

16:34:35.0385 5764 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

16:34:35.0473 5764 WfpLwf - ok

16:34:35.0533 5764 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

16:34:35.0556 5764 WIMMount - ok

16:34:35.0566 5764 WinHttpAutoProxySvc - ok

16:34:35.0657 5764 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

16:34:35.0773 5764 Winmgmt - ok

16:34:35.0916 5764 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll

16:34:36.0146 5764 WinRM - ok

16:34:36.0338 5764 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys

16:34:36.0375 5764 WinUsb - ok

16:34:36.0463 5764 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

16:34:36.0562 5764 Wlansvc - ok

16:34:36.0692 5764 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

16:34:36.0759 5764 WmiAcpi - ok

16:34:36.0841 5764 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

16:34:36.0878 5764 wmiApSrv - ok

16:34:36.0963 5764 WMPNetworkSvc - ok

16:34:37.0010 5764 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

16:34:37.0096 5764 WPCSvc - ok

16:34:37.0125 5764 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll

16:34:37.0279 5764 WPDBusEnum - ok

16:34:37.0395 5764 WPFFontCache_v0400 - ok

16:34:37.0466 5764 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

16:34:37.0583 5764 ws2ifsl - ok

16:34:37.0596 5764 WSearch - ok

16:34:37.0710 5764 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll

16:34:37.0920 5764 wuauserv - ok

16:34:37.0987 5764 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

16:34:38.0115 5764 WudfPf - ok

16:34:38.0174 5764 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

16:34:38.0257 5764 WUDFRd - ok

16:34:38.0304 5764 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll

16:34:38.0419 5764 wudfsvc - ok

16:34:38.0464 5764 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

16:34:38.0540 5764 WwanSvc - ok

16:34:38.0718 5764 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

16:34:38.0761 5764 YahooAUService - ok

16:34:38.0867 5764 {55662437-DA8C-40c0-AADA-2C816A897A49} (1cacfef9e5dd866c5b79a135ee729e18) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl

16:34:38.0884 5764 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok

16:34:38.0932 5764 MBR (0x1B8) (0f84f2562620c40d8a3e1908c8075675) \Device\Harddisk0\DR0

16:34:38.0962 5764 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected

16:34:38.0962 5764 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)

16:34:39.0011 5764 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

16:34:39.0011 5764 \Device\Harddisk0\DR0 - detected TDSS File System (1)

16:34:39.0046 5764 Boot (0x1200) (d15ccac574f71726c34a3b3151b9ca5e) \Device\Harddisk0\DR0\Partition0

16:34:39.0048 5764 \Device\Harddisk0\DR0\Partition0 - ok

16:34:39.0080 5764 Boot (0x1200) (3b6cb7abd56f4842f192eb2e335ade78) \Device\Harddisk0\DR0\Partition1

16:34:39.0082 5764 \Device\Harddisk0\DR0\Partition1 - ok

16:34:39.0083 5764 ============================================================

16:34:39.0083 5764 Scan finished

16:34:39.0083 5764 ============================================================

16:34:39.0106 3840 Detected object count: 8

16:34:39.0106 3840 Actual detected object count: 8

16:36:42.0806 3840 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user

16:36:42.0806 3840 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:36:42.0807 3840 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user

16:36:42.0807 3840 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:36:42.0811 3840 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

16:36:42.0811 3840 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:36:42.0814 3840 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

16:36:42.0814 3840 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:36:42.0819 3840 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user

16:36:42.0819 3840 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:36:42.0820 3840 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user

16:36:42.0820 3840 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:36:42.0961 3840 \Device\Harddisk0\DR0\# - copied to quarantine

16:36:42.0962 3840 \Device\Harddisk0\DR0 - copied to quarantine

16:36:43.0002 3840 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

16:36:43.0006 3840 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine

16:36:43.0011 3840 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine

16:36:43.0016 3840 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine

16:36:43.0028 3840 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine

16:36:43.0040 3840 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine

16:36:43.0042 3840 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine

16:36:43.0043 3840 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine

16:36:43.0045 3840 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine

16:36:43.0047 3840 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine

16:36:43.0050 3840 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine

16:36:43.0052 3840 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine

16:36:43.0086 3840 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot

16:36:43.0087 3840 \Device\Harddisk0\DR0 - ok

16:36:43.0633 3840 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure

16:36:43.0634 3840 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

16:36:43.0634 3840 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

16:36:57.0514 6540 Deinitialize success

[LDTate]

You must Reboot if you haven't aleady

Please run it again and delete only these 2 that are leftover

16:36:43.0634 3840 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

16:36:43.0634 3840 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Then run a new MBAM scan

[nicolep218]

When I ran it again I could only see one \Device\Harddisk0\DR0 to delete

[LDTate]

If it's one of these \Device\Harddisk0\DR0 ( TDSS File System )

Then delete it.

Reboot and run a new MBAM

[nicolep218]

MBAM.

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Database version: v2012.04.02.03

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Nicole :: NICOLE-PC [administrator]

4/3/2012 5:22:38 PM

mbam-log-2012-04-03 (17-22-38).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 245765

Time elapsed: 25 minute(s), 27 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

Did you need the last TDSS log?

[LDTate]

 
Did you need the last TDSS log?

Sure,

Let me know how it's running too

[nicolep218]

16:59:04.0934 3416 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32

16:59:05.0380 3416 ============================================================

16:59:05.0380 3416 Current date / time: 2012/04/03 16:59:05.0380

16:59:05.0380 3416 SystemInfo:

16:59:05.0381 3416

16:59:05.0381 3416 OS Version: 6.1.7600 ServicePack: 0.0

16:59:05.0381 3416 Product type: Workstation

16:59:05.0381 3416 ComputerName: NICOLE-PC

16:59:05.0381 3416 UserName: Nicole

16:59:05.0381 3416 Windows directory: C:\Windows

16:59:05.0381 3416 System windows directory: C:\Windows

16:59:05.0381 3416 Running under WOW64

16:59:05.0381 3416 Processor architecture: Intel x64

16:59:05.0381 3416 Number of processors: 2

16:59:05.0381 3416 Page size: 0x1000

16:59:05.0381 3416 Boot type: Normal boot

16:59:05.0381 3416 ============================================================

16:59:06.0647 3416 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:59:06.0659 3416 \Device\Harddisk0\DR0:

16:59:06.0659 3416 MBR used

16:59:06.0659 3416 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23A1A800

16:59:06.0659 3416 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23A1B000, BlocksNum 0x1A12000

16:59:06.0732 3416 Initialize success

16:59:06.0732 3416 ============================================================

16:59:15.0603 0308 ============================================================

16:59:15.0603 0308 Scan started

16:59:15.0603 0308 Mode: Manual; SigCheck; TDLFS;

16:59:15.0603 0308 ============================================================

16:59:16.0926 0308 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

16:59:17.0072 0308 1394ohci - ok

16:59:17.0143 0308 Accelerometer (60fbb29ccce48b4c3a6517caf42c3496) C:\Windows\system32\DRIVERS\Accelerometer.sys

16:59:17.0157 0308 Accelerometer - ok

16:59:17.0211 0308 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

16:59:17.0232 0308 ACPI - ok

16:59:17.0283 0308 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

16:59:17.0380 0308 AcpiPmi - ok

16:59:17.0448 0308 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

16:59:17.0480 0308 adp94xx - ok

16:59:17.0504 0308 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

16:59:17.0521 0308 adpahci - ok

16:59:17.0543 0308 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

16:59:17.0558 0308 adpu320 - ok

16:59:17.0604 0308 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

16:59:17.0677 0308 AeLookupSvc - ok

16:59:17.0802 0308 AESTFilters (7f66523a27754afcfecae2f5eb643a4a) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\AESTSr64.exe

16:59:17.0844 0308 AESTFilters - ok

16:59:17.0954 0308 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys

16:59:18.0034 0308 AFD - ok

16:59:18.0128 0308 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys

16:59:18.0234 0308 AgereSoftModem - ok

16:59:18.0282 0308 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

16:59:18.0303 0308 agp440 - ok

16:59:18.0373 0308 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

16:59:18.0422 0308 ALG - ok

16:59:18.0486 0308 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

16:59:18.0503 0308 aliide - ok

16:59:18.0521 0308 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

16:59:18.0536 0308 amdide - ok

16:59:18.0582 0308 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

16:59:18.0618 0308 AmdK8 - ok

16:59:18.0650 0308 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

16:59:18.0682 0308 AmdPPM - ok

16:59:18.0730 0308 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

16:59:18.0748 0308 amdsata - ok

16:59:18.0806 0308 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

16:59:18.0824 0308 amdsbs - ok

16:59:18.0841 0308 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

16:59:18.0852 0308 amdxata - ok

16:59:18.0893 0308 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

16:59:18.0939 0308 AppID - ok

16:59:18.0997 0308 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

16:59:19.0141 0308 AppIDSvc - ok

16:59:19.0166 0308 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll

16:59:19.0232 0308 Appinfo - ok

16:59:19.0410 0308 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

16:59:19.0425 0308 Apple Mobile Device - ok

16:59:19.0504 0308 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

16:59:19.0523 0308 arc - ok

16:59:19.0550 0308 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

16:59:19.0570 0308 arcsas - ok

16:59:19.0626 0308 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

16:59:19.0690 0308 AsyncMac - ok

16:59:19.0731 0308 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

16:59:19.0740 0308 atapi - ok

16:59:19.0821 0308 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

16:59:19.0924 0308 AudioEndpointBuilder - ok

16:59:19.0936 0308 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

16:59:19.0980 0308 AudioSrv - ok

16:59:20.0032 0308 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll

16:59:20.0139 0308 AxInstSV - ok

16:59:20.0232 0308 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

16:59:20.0312 0308 b06bdrv - ok

16:59:20.0396 0308 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

16:59:20.0442 0308 b57nd60a - ok

16:59:20.0553 0308 BCM43XX (f509c4fd2eba6af4fd8794aeb6f3efb7) C:\Windows\system32\DRIVERS\bcmwl664.sys

16:59:20.0600 0308 BCM43XX - ok

16:59:20.0635 0308 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

16:59:20.0683 0308 BDESVC - ok

16:59:20.0721 0308 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

16:59:20.0792 0308 Beep - ok

16:59:20.0855 0308 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll

16:59:20.0974 0308 BITS - ok

16:59:21.0012 0308 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

16:59:21.0054 0308 blbdrive - ok

16:59:21.0201 0308 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

16:59:21.0223 0308 Bonjour Service - ok

16:59:21.0282 0308 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

16:59:21.0351 0308 bowser - ok

16:59:21.0407 0308 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

16:59:21.0456 0308 BrFiltLo - ok

16:59:21.0489 0308 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

16:59:21.0533 0308 BrFiltUp - ok

16:59:21.0601 0308 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll

16:59:21.0688 0308 Browser - ok

16:59:21.0725 0308 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

16:59:21.0768 0308 Brserid - ok

16:59:21.0801 0308 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

16:59:21.0853 0308 BrSerWdm - ok

16:59:21.0899 0308 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

16:59:21.0918 0308 BrUsbMdm - ok

16:59:21.0934 0308 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

16:59:21.0972 0308 BrUsbSer - ok

16:59:22.0012 0308 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

16:59:22.0064 0308 BTHMODEM - ok

16:59:22.0117 0308 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

16:59:22.0181 0308 bthserv - ok

16:59:22.0214 0308 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

16:59:22.0253 0308 cdfs - ok

16:59:22.0304 0308 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

16:59:22.0351 0308 cdrom - ok

16:59:22.0391 0308 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

16:59:22.0453 0308 CertPropSvc - ok

16:59:22.0506 0308 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

16:59:22.0554 0308 circlass - ok

16:59:22.0598 0308 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

16:59:22.0626 0308 CLFS - ok

16:59:22.0708 0308 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:59:22.0719 0308 clr_optimization_v2.0.50727_32 - ok

16:59:22.0789 0308 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

16:59:22.0806 0308 clr_optimization_v2.0.50727_64 - ok

16:59:22.0885 0308 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

16:59:22.0903 0308 clr_optimization_v4.0.30319_32 - ok

16:59:22.0949 0308 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

16:59:22.0965 0308 clr_optimization_v4.0.30319_64 - ok

16:59:23.0107 0308 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

16:59:23.0147 0308 CmBatt - ok

16:59:23.0182 0308 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

16:59:23.0197 0308 cmdide - ok

16:59:23.0238 0308 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys

16:59:23.0270 0308 CNG - ok

16:59:23.0430 0308 Com4QLBEx (12e94e225bd7b05a2bccd5c0b841e921) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

16:59:23.0445 0308 Com4QLBEx - ok

16:59:23.0489 0308 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

16:59:23.0499 0308 Compbatt - ok

16:59:23.0545 0308 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

16:59:23.0594 0308 CompositeBus - ok

16:59:23.0621 0308 COMSysApp - ok

16:59:23.0651 0308 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

16:59:23.0662 0308 crcdisk - ok

16:59:23.0729 0308 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll

16:59:23.0802 0308 CryptSvc - ok

16:59:23.0856 0308 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

16:59:23.0926 0308 DcomLaunch - ok

16:59:23.0973 0308 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

16:59:24.0043 0308 defragsvc - ok

16:59:24.0104 0308 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

16:59:24.0158 0308 DfsC - ok

16:59:24.0454 0308 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll

16:59:24.0528 0308 Dhcp - ok

16:59:24.0572 0308 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

16:59:24.0642 0308 discache - ok

16:59:24.0698 0308 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

16:59:24.0717 0308 Disk - ok

16:59:24.0757 0308 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll

16:59:24.0802 0308 Dnscache - ok

16:59:24.0856 0308 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll

16:59:24.0922 0308 dot3svc - ok

16:59:24.0951 0308 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll

16:59:25.0016 0308 DPS - ok

16:59:25.0098 0308 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

16:59:25.0119 0308 drmkaud - ok

16:59:25.0168 0308 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

16:59:25.0193 0308 DXGKrnl - ok

16:59:25.0215 0308 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

16:59:25.0272 0308 EapHost - ok

16:59:25.0386 0308 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

16:59:25.0528 0308 ebdrv - ok

16:59:25.0570 0308 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe

16:59:25.0610 0308 EFS - ok

16:59:25.0693 0308 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe

16:59:25.0751 0308 ehRecvr - ok

16:59:25.0792 0308 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

16:59:25.0822 0308 ehSched - ok

16:59:25.0976 0308 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

16:59:26.0017 0308 elxstor - ok

16:59:26.0072 0308 enecir (f218a3a27ed6592c0e22ec3595554447) C:\Windows\system32\DRIVERS\enecir.sys

16:59:26.0117 0308 enecir - ok

16:59:26.0155 0308 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

16:59:26.0196 0308 ErrDev - ok

16:59:26.0249 0308 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

16:59:26.0312 0308 EventSystem - ok

16:59:26.0352 0308 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

16:59:26.0416 0308 exfat - ok

16:59:26.0452 0308 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

16:59:26.0517 0308 fastfat - ok

16:59:26.0590 0308 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe

16:59:26.0656 0308 Fax - ok

16:59:26.0693 0308 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

16:59:26.0737 0308 fdc - ok

16:59:26.0796 0308 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

16:59:26.0852 0308 fdPHost - ok

16:59:26.0869 0308 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

16:59:26.0935 0308 FDResPub - ok

16:59:26.0962 0308 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

16:59:26.0974 0308 FileInfo - ok

16:59:26.0987 0308 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

16:59:27.0052 0308 Filetrace - ok

16:59:27.0082 0308 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

16:59:27.0112 0308 flpydisk - ok

16:59:27.0154 0308 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

16:59:27.0170 0308 FltMgr - ok

16:59:27.0222 0308 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll

16:59:27.0295 0308 FontCache - ok

16:59:27.0439 0308 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

16:59:27.0447 0308 FontCache3.0.0.0 - ok

16:59:27.0466 0308 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

16:59:27.0477 0308 FsDepends - ok

16:59:27.0498 0308 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

16:59:27.0508 0308 Fs_Rec - ok

16:59:27.0576 0308 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

16:59:27.0593 0308 fvevol - ok

16:59:27.0647 0308 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

16:59:27.0659 0308 gagp30kx - ok

16:59:27.0785 0308 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

16:59:27.0803 0308 GamesAppService - ok

16:59:27.0861 0308 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

16:59:27.0872 0308 GEARAspiWDM - ok

16:59:27.0940 0308 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll

16:59:28.0002 0308 gpsvc - ok

16:59:28.0080 0308 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:59:28.0095 0308 gupdate - ok

16:59:28.0124 0308 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:59:28.0133 0308 gupdatem - ok

16:59:28.0201 0308 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

16:59:28.0247 0308 hcw85cir - ok

16:59:28.0298 0308 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

16:59:28.0339 0308 HDAudBus - ok

16:59:28.0377 0308 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

16:59:28.0417 0308 HidBatt - ok

16:59:28.0456 0308 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

16:59:28.0503 0308 HidBth - ok

16:59:28.0533 0308 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

16:59:28.0583 0308 HidIr - ok

16:59:28.0619 0308 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

16:59:28.0687 0308 hidserv - ok

16:59:28.0740 0308 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

16:59:28.0783 0308 HidUsb - ok

16:59:28.0827 0308 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll

16:59:28.0911 0308 hkmsvc - ok

16:59:28.0952 0308 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll

16:59:28.0987 0308 HomeGroupListener - ok

16:59:29.0027 0308 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll

16:59:29.0058 0308 HomeGroupProvider - ok

16:59:29.0192 0308 HP Health Check Service (a19b0bb5a7eb6df2dd4a0711d36955ee) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

16:59:29.0198 0308 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning

16:59:29.0198 0308 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)

16:59:29.0269 0308 hpdskflt (4a435ca815a54639ca09ddf75d751ebc) C:\Windows\system32\DRIVERS\hpdskflt.sys

16:59:29.0278 0308 hpdskflt - ok

16:59:29.0339 0308 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

16:59:29.0377 0308 HpqKbFiltr - ok

16:59:29.0475 0308 hpqwmiex (188ff0adf66768d53ad94f43972e1e9a) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

16:59:29.0539 0308 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning

16:59:29.0539 0308 hpqwmiex - detected UnsignedFile.Multi.Generic (1)

16:59:29.0604 0308 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

16:59:29.0624 0308 HpSAMD - ok

16:59:29.0676 0308 hpsrv (6bf024ea61d7894bf4af0b10a90b546e) C:\Windows\system32\Hpservice.exe

16:59:29.0688 0308 hpsrv - ok

16:59:29.0730 0308 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

16:59:29.0805 0308 HTTP - ok

16:59:29.0841 0308 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

16:59:29.0851 0308 hwpolicy - ok

16:59:29.0900 0308 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

16:59:29.0915 0308 i8042prt - ok

16:59:29.0982 0308 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

16:59:30.0006 0308 iaStorV - ok

16:59:30.0132 0308 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

16:59:30.0148 0308 IDriverT ( UnsignedFile.Multi.Generic ) - warning

16:59:30.0149 0308 IDriverT - detected UnsignedFile.Multi.Generic (1)

16:59:30.0301 0308 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

16:59:30.0357 0308 idsvc - ok

16:59:30.0594 0308 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys

16:59:30.0818 0308 igfx - ok

16:59:30.0900 0308 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

16:59:30.0919 0308 iirsp - ok

16:59:30.0998 0308 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll

16:59:31.0116 0308 IKEEXT - ok

16:59:31.0177 0308 IntcHdmiAddService (be1cb000c655396c9def09aee3ea2d67) C:\Windows\system32\drivers\IntcHdmi.sys

16:59:31.0216 0308 IntcHdmiAddService - ok

16:59:31.0250 0308 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

16:59:31.0260 0308 intelide - ok

16:59:31.0315 0308 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

16:59:31.0362 0308 intelppm - ok

16:59:31.0412 0308 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

16:59:31.0498 0308 IPBusEnum - ok

16:59:31.0534 0308 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:59:31.0572 0308 IpFilterDriver - ok

16:59:31.0595 0308 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

16:59:31.0635 0308 IPMIDRV - ok

16:59:31.0690 0308 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

16:59:31.0746 0308 IPNAT - ok

16:59:31.0859 0308 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

16:59:31.0889 0308 iPod Service - ok

16:59:31.0951 0308 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

16:59:31.0968 0308 IRENUM - ok

16:59:31.0992 0308 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

16:59:32.0004 0308 isapnp - ok

16:59:32.0055 0308 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

16:59:32.0070 0308 iScsiPrt - ok

16:59:32.0128 0308 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

16:59:32.0139 0308 kbdclass - ok

16:59:32.0183 0308 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

16:59:32.0222 0308 kbdhid - ok

16:59:32.0264 0308 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

16:59:32.0286 0308 KeyIso - ok

16:59:32.0303 0308 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys

16:59:32.0316 0308 KSecDD - ok

16:59:32.0339 0308 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys

16:59:32.0351 0308 KSecPkg - ok

16:59:32.0374 0308 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

16:59:32.0434 0308 ksthunk - ok

16:59:32.0497 0308 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

16:59:32.0556 0308 KtmRm - ok

16:59:32.0610 0308 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll

16:59:32.0646 0308 LanmanServer - ok

16:59:32.0719 0308 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll

16:59:32.0789 0308 LanmanWorkstation - ok

16:59:32.0946 0308 LightScribeService (abf90fc5a127f481219b873c1b8dfc1c) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

16:59:32.0963 0308 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

16:59:32.0963 0308 LightScribeService - detected UnsignedFile.Multi.Generic (1)

16:59:33.0063 0308 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

16:59:33.0130 0308 lltdio - ok

16:59:33.0203 0308 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

16:59:33.0282 0308 lltdsvc - ok

16:59:33.0311 0308 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

16:59:33.0349 0308 lmhosts - ok

16:59:33.0403 0308 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

16:59:33.0415 0308 LSI_FC - ok

16:59:33.0433 0308 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

16:59:33.0445 0308 LSI_SAS - ok

16:59:33.0460 0308 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

16:59:33.0472 0308 LSI_SAS2 - ok

16:59:33.0491 0308 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

16:59:33.0504 0308 LSI_SCSI - ok

16:59:33.0555 0308 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

16:59:33.0611 0308 luafv - ok

16:59:33.0653 0308 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll

16:59:33.0703 0308 Mcx2Svc - ok

16:59:33.0737 0308 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

16:59:33.0748 0308 megasas - ok

16:59:33.0776 0308 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

16:59:33.0792 0308 MegaSR - ok

16:59:33.0816 0308 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

16:59:33.0879 0308 MMCSS - ok

16:59:33.0914 0308 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

16:59:33.0971 0308 Modem - ok

16:59:34.0024 0308 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

16:59:34.0041 0308 monitor - ok

16:59:34.0088 0308 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

16:59:34.0099 0308 mouclass - ok

16:59:34.0161 0308 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

16:59:34.0196 0308 mouhid - ok

16:59:34.0235 0308 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

16:59:34.0247 0308 mountmgr - ok

16:59:34.0268 0308 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

16:59:34.0283 0308 mpio - ok

16:59:34.0300 0308 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

16:59:34.0340 0308 mpsdrv - ok

16:59:34.0361 0308 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

16:59:34.0399 0308 MRxDAV - ok

16:59:34.0454 0308 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

16:59:34.0483 0308 mrxsmb - ok

16:59:34.0544 0308 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:59:34.0621 0308 mrxsmb10 - ok

16:59:34.0770 0308 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:59:34.0820 0308 mrxsmb20 - ok

16:59:34.0871 0308 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

16:59:34.0888 0308 msahci - ok

16:59:34.0935 0308 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

16:59:34.0956 0308 msdsm - ok

16:59:35.0006 0308 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

16:59:35.0052 0308 MSDTC - ok

16:59:35.0097 0308 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

16:59:35.0170 0308 Msfs - ok

16:59:35.0202 0308 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

16:59:35.0239 0308 mshidkmdf - ok

16:59:35.0252 0308 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

16:59:35.0263 0308 msisadrv - ok

16:59:35.0337 0308 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

16:59:35.0410 0308 MSiSCSI - ok

16:59:35.0419 0308 msiserver - ok

16:59:35.0458 0308 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

16:59:35.0528 0308 MSKSSRV - ok

16:59:35.0573 0308 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

16:59:35.0639 0308 MSPCLOCK - ok

16:59:35.0666 0308 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

16:59:35.0737 0308 MSPQM - ok

16:59:35.0774 0308 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

16:59:35.0791 0308 MsRPC - ok

16:59:35.0815 0308 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

16:59:35.0826 0308 mssmbios - ok

16:59:35.0846 0308 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

16:59:35.0919 0308 MSTEE - ok

16:59:35.0956 0308 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

16:59:35.0992 0308 MTConfig - ok

16:59:36.0027 0308 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

16:59:36.0037 0308 Mup - ok

16:59:36.0083 0308 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll

16:59:36.0147 0308 napagent - ok

16:59:36.0208 0308 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

16:59:36.0248 0308 NativeWifiP - ok

16:59:36.0313 0308 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

16:59:36.0351 0308 NDIS - ok

16:59:36.0371 0308 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

16:59:36.0429 0308 NdisCap - ok

16:59:36.0479 0308 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

16:59:36.0545 0308 NdisTapi - ok

16:59:36.0590 0308 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

16:59:36.0644 0308 Ndisuio - ok

16:59:36.0678 0308 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

16:59:36.0720 0308 NdisWan - ok

16:59:36.0741 0308 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

16:59:36.0798 0308 NDProxy - ok

16:59:36.0834 0308 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

16:59:36.0911 0308 NetBIOS - ok

16:59:36.0948 0308 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

16:59:37.0017 0308 NetBT - ok

16:59:37.0056 0308 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

16:59:37.0070 0308 Netlogon - ok

16:59:37.0134 0308 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

16:59:37.0182 0308 Netman - ok

16:59:37.0254 0308 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

16:59:37.0346 0308 netprofm - ok

16:59:37.0492 0308 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:59:37.0508 0308 NetTcpPortSharing - ok

16:59:37.0588 0308 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

16:59:37.0608 0308 nfrd960 - ok

16:59:37.0680 0308 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll

16:59:37.0772 0308 NlaSvc - ok

16:59:37.0803 0308 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

16:59:37.0886 0308 Npfs - ok

16:59:37.0922 0308 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

16:59:37.0960 0308 nsi - ok

16:59:37.0980 0308 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

16:59:38.0038 0308 nsiproxy - ok

16:59:38.0116 0308 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

16:59:38.0198 0308 Ntfs - ok

16:59:38.0219 0308 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

16:59:38.0273 0308 Null - ok

16:59:38.0314 0308 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

16:59:38.0327 0308 nvraid - ok

16:59:38.0352 0308 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

16:59:38.0366 0308 nvstor - ok

16:59:38.0417 0308 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

16:59:38.0430 0308 nv_agp - ok

16:59:38.0556 0308 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

16:59:38.0577 0308 odserv - ok

16:59:38.0603 0308 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

16:59:38.0640 0308 ohci1394 - ok

16:59:38.0712 0308 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

16:59:38.0730 0308 ose - ok

16:59:38.0790 0308 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

16:59:38.0819 0308 p2pimsvc - ok

16:59:38.0863 0308 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

16:59:38.0924 0308 p2psvc - ok

16:59:38.0996 0308 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

16:59:39.0019 0308 Parport - ok

16:59:39.0037 0308 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

16:59:39.0048 0308 partmgr - ok

16:59:39.0067 0308 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

16:59:39.0115 0308 PcaSvc - ok

16:59:39.0152 0308 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

16:59:39.0166 0308 pci - ok

16:59:39.0179 0308 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

16:59:39.0190 0308 pciide - ok

16:59:39.0211 0308 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

16:59:39.0226 0308 pcmcia - ok

16:59:39.0245 0308 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

16:59:39.0256 0308 pcw - ok

16:59:39.0296 0308 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

16:59:39.0376 0308 PEAUTH - ok

16:59:39.0483 0308 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

16:59:39.0527 0308 PerfHost - ok

16:59:39.0613 0308 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll

16:59:39.0713 0308 pla - ok

16:59:39.0774 0308 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll

16:59:39.0841 0308 PlugPlay - ok

16:59:39.0872 0308 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

16:59:39.0914 0308 PNRPAutoReg - ok

16:59:39.0957 0308 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

16:59:39.0973 0308 PNRPsvc - ok

16:59:40.0028 0308 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll

16:59:40.0093 0308 PolicyAgent - ok

16:59:40.0137 0308 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

16:59:40.0213 0308 Power - ok

16:59:40.0302 0308 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

16:59:40.0382 0308 PptpMiniport - ok

16:59:40.0435 0308 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

16:59:40.0476 0308 Processor - ok

16:59:40.0536 0308 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll

16:59:40.0620 0308 ProfSvc - ok

16:59:40.0658 0308 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

16:59:40.0672 0308 ProtectedStorage - ok

16:59:40.0740 0308 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

16:59:40.0826 0308 Psched - ok

16:59:40.0907 0308 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

16:59:40.0987 0308 ql2300 - ok

16:59:41.0013 0308 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

16:59:41.0025 0308 ql40xx - ok

16:59:41.0075 0308 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

16:59:41.0119 0308 QWAVE - ok

16:59:41.0151 0308 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

16:59:41.0189 0308 QWAVEdrv - ok

16:59:41.0220 0308 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

16:59:41.0257 0308 RasAcd - ok

16:59:41.0313 0308 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

16:59:41.0398 0308 RasAgileVpn - ok

16:59:41.0429 0308 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

16:59:41.0500 0308 RasAuto - ok

16:59:41.0530 0308 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

16:59:41.0588 0308 Rasl2tp - ok

16:59:41.0628 0308 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll

16:59:41.0671 0308 RasMan - ok

16:59:41.0696 0308 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

16:59:41.0761 0308 RasPppoe - ok

16:59:41.0800 0308 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

16:59:41.0859 0308 RasSstp - ok

16:59:41.0893 0308 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

16:59:41.0957 0308 rdbss - ok

16:59:41.0994 0308 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

16:59:42.0034 0308 rdpbus - ok

16:59:42.0070 0308 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

16:59:42.0146 0308 RDPCDD - ok

16:59:42.0199 0308 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

16:59:42.0275 0308 RDPENCDD - ok

16:59:42.0308 0308 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

16:59:42.0345 0308 RDPREFMP - ok

16:59:42.0380 0308 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys

16:59:42.0424 0308 RDPWD - ok

16:59:42.0463 0308 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

16:59:42.0477 0308 rdyboost - ok

16:59:42.0612 0308 Recovery Service for Windows (bc0a4d47472b042537f4e57b950415fa) C:\Program Files (x86)\SMINST\BLService.exe

16:59:42.0627 0308 Recovery Service for Windows - ok

16:59:42.0678 0308 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

16:59:42.0724 0308 RemoteAccess - ok

16:59:42.0768 0308 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

16:59:42.0808 0308 RemoteRegistry - ok

16:59:42.0935 0308 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

16:59:42.0945 0308 RichVideo ( UnsignedFile.Multi.Generic ) - warning

16:59:42.0945 0308 RichVideo - detected UnsignedFile.Multi.Generic (1)

16:59:42.0976 0308 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

16:59:43.0051 0308 RpcEptMapper - ok

16:59:43.0098 0308 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

16:59:43.0143 0308 RpcLocator - ok

16:59:43.0193 0308 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

16:59:43.0247 0308 RpcSs - ok

16:59:43.0330 0308 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

16:59:43.0411 0308 rspndr - ok

16:59:43.0485 0308 RTL8169 (8b91737da75add21cb1554b38089196a) C:\Windows\system32\DRIVERS\Rtlh64.sys

16:59:43.0543 0308 RTL8169 - ok

16:59:43.0577 0308 RTSTOR (aa3987386cf7d9005c42bc974634bd56) C:\Windows\system32\drivers\RTSTOR64.SYS

16:59:43.0588 0308 RTSTOR - ok

16:59:43.0616 0308 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

16:59:43.0629 0308 SamSs - ok

16:59:43.0647 0308 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

16:59:43.0660 0308 sbp2port - ok

16:59:43.0704 0308 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

16:59:43.0767 0308 SCardSvr - ok

16:59:43.0797 0308 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

16:59:43.0865 0308 scfilter - ok

16:59:43.0940 0308 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll

16:59:44.0003 0308 Schedule - ok

16:59:44.0040 0308 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

16:59:44.0076 0308 SCPolicySvc - ok

16:59:44.0119 0308 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll

16:59:44.0183 0308 SDRSVC - ok

16:59:44.0270 0308 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

16:59:44.0348 0308 secdrv - ok

16:59:44.0381 0308 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll

16:59:44.0419 0308 seclogon - ok

16:59:44.0436 0308 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

16:59:44.0475 0308 SENS - ok

16:59:44.0495 0308 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

16:59:44.0528 0308 SensrSvc - ok

16:59:44.0565 0308 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

16:59:44.0578 0308 Serenum - ok

16:59:44.0621 0308 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

16:59:44.0655 0308 Serial - ok

16:59:44.0682 0308 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

16:59:44.0696 0308 sermouse - ok

16:59:44.0716 0308 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll

16:59:44.0757 0308 SessionEnv - ok

16:59:44.0778 0308 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

16:59:44.0793 0308 sffdisk - ok

16:59:44.0828 0308 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

16:59:44.0843 0308 sffp_mmc - ok

16:59:44.0860 0308 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

16:59:44.0897 0308 sffp_sd - ok

16:59:44.0924 0308 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

16:59:44.0937 0308 sfloppy - ok

16:59:44.0991 0308 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

16:59:45.0063 0308 SharedAccess - ok

16:59:45.0097 0308 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll

16:59:45.0140 0308 ShellHWDetection - ok

16:59:45.0194 0308 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

16:59:45.0212 0308 SiSRaid2 - ok

16:59:45.0236 0308 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

16:59:45.0256 0308 SiSRaid4 - ok

16:59:45.0311 0308 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

16:59:45.0393 0308 Smb - ok

16:59:45.0458 0308 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

16:59:45.0504 0308 SNMPTRAP - ok

16:59:45.0544 0308 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

16:59:45.0561 0308 spldr - ok

16:59:45.0602 0308 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe

16:59:45.0663 0308 Spooler - ok

16:59:45.0782 0308 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe

16:59:45.0939 0308 sppsvc - ok

16:59:45.0971 0308 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

16:59:46.0031 0308 sppuinotify - ok

16:59:46.0099 0308 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

16:59:46.0179 0308 srv - ok

16:59:46.0208 0308 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

16:59:46.0253 0308 srv2 - ok

16:59:46.0287 0308 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

16:59:46.0331 0308 srvnet - ok

16:59:46.0391 0308 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

16:59:46.0474 0308 SSDPSRV - ok

16:59:46.0509 0308 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

16:59:46.0583 0308 SstpSvc - ok

16:59:46.0704 0308 STacSV (a400c503b256cd7c8289b2a943370415) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\STacSV64.exe

16:59:46.0750 0308 STacSV - ok

16:59:46.0827 0308 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

16:59:46.0845 0308 stexstor - ok

16:59:46.0898 0308 STHDA (0c2bf91cdc0575f5713a4d2d5118bc06) C:\Windows\system32\DRIVERS\stwrt64.sys

16:59:46.0916 0308 STHDA - ok

16:59:46.0987 0308 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll

16:59:47.0044 0308 stisvc - ok

16:59:47.0081 0308 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

16:59:47.0091 0308 swenum - ok

16:59:47.0147 0308 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

16:59:47.0194 0308 swprv - ok

16:59:47.0266 0308 SynTP (5bfcf934891022e15404befe0f5ece9f) C:\Windows\system32\DRIVERS\SynTP.sys

16:59:47.0279 0308 SynTP - ok

16:59:47.0349 0308 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll

16:59:47.0458 0308 SysMain - ok

16:59:47.0495 0308 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll

16:59:47.0534 0308 TabletInputService - ok

16:59:47.0575 0308 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll

16:59:47.0640 0308 TapiSrv - ok

16:59:47.0677 0308 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

16:59:47.0753 0308 TBS - ok

16:59:47.0849 0308 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys

16:59:47.0943 0308 Tcpip - ok

16:59:48.0025 0308 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys

16:59:48.0065 0308 TCPIP6 - ok

16:59:48.0116 0308 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

16:59:48.0172 0308 tcpipreg - ok

16:59:48.0219 0308 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

16:59:48.0253 0308 TDPIPE - ok

16:59:48.0285 0308 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys

16:59:48.0321 0308 TDTCP - ok

16:59:48.0357 0308 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

16:59:48.0427 0308 tdx - ok

16:59:48.0461 0308 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

16:59:48.0472 0308 TermDD - ok

16:59:48.0537 0308 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll

16:59:48.0627 0308 TermService - ok

16:59:48.0658 0308 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

16:59:48.0711 0308 Themes - ok

16:59:48.0760 0308 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

16:59:48.0798 0308 THREADORDER - ok

16:59:48.0820 0308 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

16:59:48.0885 0308 TrkWks - ok

16:59:48.0966 0308 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe

16:59:49.0013 0308 TrustedInstaller - ok

16:59:49.0086 0308 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

16:59:49.0169 0308 tssecsrv - ok

16:59:49.0223 0308 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

16:59:49.0262 0308 tunnel - ok

16:59:49.0479 0308 TVCapSvc (1c31169dddc70c1605f703da701eaeea) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe

16:59:49.0499 0308 TVCapSvc - ok

16:59:49.0508 0308 TVSched (290b8c381dbc15d3dbcbd2bdb6b0ba12) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe

16:59:49.0522 0308 TVSched - ok

16:59:49.0560 0308 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

16:59:49.0572 0308 uagp35 - ok

16:59:49.0600 0308 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

16:59:49.0663 0308 udfs - ok

16:59:49.0723 0308 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

16:59:49.0748 0308 UI0Detect - ok

16:59:49.0793 0308 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

16:59:49.0804 0308 uliagpkx - ok

16:59:49.0862 0308 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

16:59:49.0901 0308 umbus - ok

16:59:49.0937 0308 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

16:59:49.0977 0308 UmPass - ok

16:59:50.0017 0308 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

16:59:50.0060 0308 upnphost - ok

16:59:50.0125 0308 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

16:59:50.0156 0308 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning

16:59:50.0156 0308 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)

16:59:50.0202 0308 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys

16:59:50.0224 0308 usbccgp - ok

16:59:50.0245 0308 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

16:59:50.0292 0308 usbcir - ok

16:59:50.0335 0308 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys

16:59:50.0348 0308 usbehci - ok

16:59:50.0399 0308 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys

16:59:50.0447 0308 usbhub - ok

16:59:50.0481 0308 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys

16:59:50.0524 0308 usbohci - ok

16:59:50.0556 0308 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

16:59:50.0572 0308 usbprint - ok

16:59:50.0594 0308 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:59:50.0607 0308 USBSTOR - ok

16:59:50.0625 0308 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys

16:59:50.0657 0308 usbuhci - ok

16:59:50.0718 0308 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

16:59:50.0793 0308 usbvideo - ok

16:59:50.0828 0308 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

16:59:50.0866 0308 UxSms - ok

16:59:50.0888 0308 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

16:59:50.0901 0308 VaultSvc - ok

16:59:50.0983 0308 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

16:59:51.0000 0308 vdrvroot - ok

16:59:51.0031 0308 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe

16:59:51.0093 0308 vds - ok

16:59:51.0142 0308 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

16:59:51.0160 0308 vga - ok

16:59:51.0183 0308 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

16:59:51.0245 0308 VgaSave - ok

16:59:51.0280 0308 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

16:59:51.0295 0308 vhdmp - ok

16:59:51.0318 0308 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

16:59:51.0329 0308 viaide - ok

16:59:51.0350 0308 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

16:59:51.0362 0308 volmgr - ok

16:59:51.0392 0308 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

16:59:51.0409 0308 volmgrx - ok

16:59:51.0429 0308 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

16:59:51.0445 0308 volsnap - ok

16:59:51.0500 0308 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

16:59:51.0515 0308 vsmraid - ok

16:59:51.0613 0308 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe

16:59:51.0704 0308 VSS - ok

16:59:51.0740 0308 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

16:59:51.0777 0308 vwifibus - ok

16:59:51.0814 0308 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

16:59:51.0858 0308 W32Time - ok

16:59:51.0884 0308 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

16:59:51.0897 0308 WacomPen - ok

16:59:51.0965 0308 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

16:59:52.0047 0308 WANARP - ok

16:59:52.0063 0308 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

16:59:52.0101 0308 Wanarpv6 - ok

16:59:52.0201 0308 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

16:59:52.0264 0308 WatAdminSvc - ok

16:59:52.0344 0308 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe

16:59:52.0421 0308 wbengine - ok

16:59:52.0441 0308 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

16:59:52.0481 0308 WbioSrvc - ok

16:59:52.0532 0308 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll

16:59:52.0551 0308 wcncsvc - ok

16:59:52.0575 0308 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

16:59:52.0637 0308 WcsPlugInService - ok

16:59:52.0693 0308 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

16:59:52.0711 0308 Wd - ok

16:59:52.0749 0308 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

16:59:52.0781 0308 Wdf01000 - ok

16:59:52.0810 0308 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

16:59:52.0847 0308 WdiServiceHost - ok

16:59:52.0852 0308 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

16:59:52.0872 0308 WdiSystemHost - ok

16:59:52.0923 0308 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll

16:59:52.0981 0308 WebClient - ok

16:59:53.0018 0308 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

16:59:53.0086 0308 Wecsvc - ok

16:59:53.0136 0308 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

16:59:53.0199 0308 wercplsupport - ok

16:59:53.0255 0308 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

16:59:53.0321 0308 WerSvc - ok

16:59:53.0403 0308 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

16:59:53.0447 0308 WfpLwf - ok

16:59:53.0463 0308 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

16:59:53.0473 0308 WIMMount - ok

16:59:53.0480 0308 WinHttpAutoProxySvc - ok

16:59:53.0564 0308 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

16:59:53.0618 0308 Winmgmt - ok

16:59:53.0711 0308 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll

16:59:53.0839 0308 WinRM - ok

16:59:53.0924 0308 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys

16:59:53.0946 0308 WinUsb - ok

16:59:54.0011 0308 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

16:59:54.0080 0308 Wlansvc - ok

16:59:54.0133 0308 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

16:59:54.0175 0308 WmiAcpi - ok

16:59:54.0259 0308 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

16:59:54.0287 0308 wmiApSrv - ok

16:59:54.0370 0308 WMPNetworkSvc - ok

16:59:54.0412 0308 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

16:59:54.0435 0308 WPCSvc - ok

16:59:54.0454 0308 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll

16:59:54.0494 0308 WPDBusEnum - ok

16:59:54.0635 0308 WPFFontCache_v0400 - ok

16:59:54.0695 0308 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

16:59:54.0761 0308 ws2ifsl - ok

16:59:54.0772 0308 WSearch - ok

16:59:54.0869 0308 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll

16:59:54.0992 0308 wuauserv - ok

16:59:55.0015 0308 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

16:59:55.0081 0308 WudfPf - ok

16:59:55.0168 0308 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

16:59:55.0216 0308 WUDFRd - ok

16:59:55.0244 0308 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll

16:59:55.0306 0308 wudfsvc - ok

16:59:55.0336 0308 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

16:59:55.0376 0308 WwanSvc - ok

16:59:55.0545 0308 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

16:59:55.0565 0308 YahooAUService - ok

16:59:55.0673 0308 {55662437-DA8C-40c0-AADA-2C816A897A49} (1cacfef9e5dd866c5b79a135ee729e18) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl

16:59:55.0688 0308 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok

16:59:55.0727 0308 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

16:59:55.0882 0308 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

16:59:55.0882 0308 \Device\Harddisk0\DR0 - detected TDSS File System (1)

16:59:55.0887 0308 Boot (0x1200) (d15ccac574f71726c34a3b3151b9ca5e) \Device\Harddisk0\DR0\Partition0

16:59:55.0889 0308 \Device\Harddisk0\DR0\Partition0 - ok

16:59:55.0910 0308 Boot (0x1200) (3b6cb7abd56f4842f192eb2e335ade78) \Device\Harddisk0\DR0\Partition1

16:59:55.0911 0308 \Device\Harddisk0\DR0\Partition1 - ok

16:59:55.0912 0308 ============================================================

16:59:55.0912 0308 Scan finished

16:59:55.0912 0308 ============================================================

16:59:55.0934 3720 Detected object count: 7

16:59:55.0934 3720 Actual detected object count: 7

17:01:50.0808 3720 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user

17:01:50.0808 3720 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:01:50.0810 3720 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user

17:01:50.0810 3720 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:01:50.0813 3720 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

17:01:50.0813 3720 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:01:50.0816 3720 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

17:01:50.0816 3720 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:01:50.0818 3720 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user

17:01:50.0818 3720 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:01:50.0823 3720 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user

17:01:50.0823 3720 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:01:50.0939 3720 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

17:01:50.0941 3720 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine

17:01:50.0944 3720 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine

17:01:50.0948 3720 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine

17:01:50.0960 3720 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine

17:01:51.0031 3720 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine

17:01:51.0032 3720 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine

17:01:51.0035 3720 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine

17:01:51.0036 3720 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine

17:01:51.0038 3720 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine

17:01:51.0040 3720 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine

17:01:51.0041 3720 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine

17:01:51.0041 3720 \Device\Harddisk0\DR0\TDLFS - deleted

17:01:51.0041 3720 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

17:01:58.0025 3260 Deinitialize success

[nicolep218]

So far it's running good but in an hour or so I'll know more since that's when it acts up.

Should I have had my external drive connected?

[LDTate]

Reboot and run TDSKiller again.

We need to be sure that last one is gone.

You can hook up the external if you like.

[nicolep218]

18:09:17.0021 4728 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32

18:09:17.0508 4728 ============================================================

18:09:17.0508 4728 Current date / time: 2012/04/03 18:09:17.0508

18:09:17.0509 4728 SystemInfo:

18:09:17.0509 4728

18:09:17.0509 4728 OS Version: 6.1.7600 ServicePack: 0.0

18:09:17.0509 4728 Product type: Workstation

18:09:17.0509 4728 ComputerName: NICOLE-PC

18:09:17.0509 4728 UserName: Nicole

18:09:17.0509 4728 Windows directory: C:\Windows

18:09:17.0509 4728 System windows directory: C:\Windows

18:09:17.0509 4728 Running under WOW64

18:09:17.0509 4728 Processor architecture: Intel x64

18:09:17.0509 4728 Number of processors: 2

18:09:17.0509 4728 Page size: 0x1000

18:09:17.0509 4728 Boot type: Normal boot

18:09:17.0509 4728 ============================================================

18:09:20.0089 4728 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

18:09:20.0093 4728 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

18:09:20.0096 4728 \Device\Harddisk0\DR0:

18:09:20.0096 4728 MBR used

18:09:20.0096 4728 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23A1A800

18:09:20.0096 4728 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23A1B000, BlocksNum 0x1A12000

18:09:20.0096 4728 \Device\Harddisk1\DR1:

18:09:20.0097 4728 MBR used

18:09:20.0097 4728 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02

18:09:20.0185 4728 Initialize success

18:09:20.0185 4728 ============================================================

18:09:38.0466 5040 ============================================================

18:09:38.0466 5040 Scan started

18:09:38.0466 5040 Mode: Manual; SigCheck; TDLFS;

18:09:38.0466 5040 ============================================================

18:09:40.0085 5040 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

18:09:40.0224 5040 1394ohci - ok

18:09:40.0302 5040 Accelerometer (60fbb29ccce48b4c3a6517caf42c3496) C:\Windows\system32\DRIVERS\Accelerometer.sys

18:09:40.0312 5040 Accelerometer - ok

18:09:40.0370 5040 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

18:09:40.0389 5040 ACPI - ok

18:09:40.0442 5040 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

18:09:40.0530 5040 AcpiPmi - ok

18:09:40.0618 5040 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

18:09:40.0640 5040 adp94xx - ok

18:09:40.0675 5040 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

18:09:40.0693 5040 adpahci - ok

18:09:40.0725 5040 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

18:09:40.0742 5040 adpu320 - ok

18:09:40.0797 5040 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

18:09:40.0965 5040 AeLookupSvc - ok

18:09:41.0094 5040 AESTFilters (7f66523a27754afcfecae2f5eb643a4a) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\AESTSr64.exe

18:09:41.0177 5040 AESTFilters - ok

18:09:41.0290 5040 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys

18:09:41.0367 5040 AFD - ok

18:09:41.0463 5040 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys

18:09:41.0579 5040 AgereSoftModem - ok

18:09:41.0642 5040 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

18:09:41.0656 5040 agp440 - ok

18:09:41.0732 5040 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

18:09:41.0789 5040 ALG - ok

18:09:41.0845 5040 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

18:09:41.0858 5040 aliide - ok

18:09:41.0881 5040 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

18:09:41.0894 5040 amdide - ok

18:09:41.0953 5040 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

18:09:41.0992 5040 AmdK8 - ok

18:09:42.0032 5040 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

18:09:42.0078 5040 AmdPPM - ok

18:09:42.0134 5040 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

18:09:42.0149 5040 amdsata - ok

18:09:42.0210 5040 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

18:09:42.0233 5040 amdsbs - ok

18:09:42.0256 5040 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

18:09:42.0269 5040 amdxata - ok

18:09:42.0308 5040 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

18:09:42.0409 5040 AppID - ok

18:09:42.0456 5040 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

18:09:42.0537 5040 AppIDSvc - ok

18:09:42.0592 5040 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll

18:09:42.0677 5040 Appinfo - ok

18:09:42.0881 5040 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

18:09:42.0893 5040 Apple Mobile Device - ok

18:09:43.0089 5040 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

18:09:43.0104 5040 arc - ok

18:09:43.0142 5040 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

18:09:43.0157 5040 arcsas - ok

18:09:43.0223 5040 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

18:09:43.0303 5040 AsyncMac - ok

18:09:43.0346 5040 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

18:09:43.0356 5040 atapi - ok

18:09:43.0434 5040 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

18:09:43.0513 5040 AudioEndpointBuilder - ok

18:09:43.0529 5040 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

18:09:43.0575 5040 AudioSrv - ok

18:09:43.0647 5040 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll

18:09:43.0745 5040 AxInstSV - ok

18:09:43.0847 5040 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

18:09:43.0891 5040 b06bdrv - ok

18:09:43.0978 5040 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

18:09:44.0019 5040 b57nd60a - ok

18:09:44.0121 5040 BCM43XX (f509c4fd2eba6af4fd8794aeb6f3efb7) C:\Windows\system32\DRIVERS\bcmwl664.sys

18:09:44.0199 5040 BCM43XX - ok

18:09:44.0252 5040 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

18:09:44.0293 5040 BDESVC - ok

18:09:44.0337 5040 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

18:09:44.0397 5040 Beep - ok

18:09:44.0457 5040 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll

18:09:44.0545 5040 BITS - ok

18:09:44.0606 5040 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

18:09:44.0649 5040 blbdrive - ok

18:09:44.0772 5040 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

18:09:44.0789 5040 Bonjour Service - ok

18:09:44.0843 5040 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

18:09:44.0907 5040 bowser - ok

18:09:44.0934 5040 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

18:09:44.0980 5040 BrFiltLo - ok

18:09:45.0016 5040 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

18:09:45.0054 5040 BrFiltUp - ok

18:09:45.0129 5040 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll

18:09:45.0190 5040 Browser - ok

18:09:45.0230 5040 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

18:09:45.0275 5040 Brserid - ok

18:09:45.0317 5040 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

18:09:45.0364 5040 BrSerWdm - ok

18:09:45.0393 5040 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

18:09:45.0518 5040 BrUsbMdm - ok

18:09:45.0561 5040 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

18:09:45.0799 5040 BrUsbSer - ok

18:09:46.0107 5040 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

18:09:46.0298 5040 BTHMODEM - ok

18:09:46.0600 5040 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

18:09:46.0699 5040 bthserv - ok

18:09:46.0797 5040 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

18:09:46.0873 5040 cdfs - ok

18:09:46.0955 5040 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

18:09:46.0978 5040 cdrom - ok

18:09:47.0197 5040 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

18:09:47.0392 5040 CertPropSvc - ok

18:09:47.0689 5040 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

18:09:47.0809 5040 circlass - ok

18:09:47.0892 5040 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

18:09:47.0910 5040 CLFS - ok

18:09:48.0080 5040 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:09:48.0092 5040 clr_optimization_v2.0.50727_32 - ok

18:09:48.0231 5040 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

18:09:48.0242 5040 clr_optimization_v2.0.50727_64 - ok

18:09:48.0391 5040 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:09:48.0427 5040 clr_optimization_v4.0.30319_32 - ok

18:09:48.0577 5040 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

18:09:48.0633 5040 clr_optimization_v4.0.30319_64 - ok

18:09:48.0902 5040 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

18:09:48.0935 5040 CmBatt - ok

18:09:49.0000 5040 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

18:09:49.0012 5040 cmdide - ok

18:09:49.0079 5040 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys

18:09:49.0147 5040 CNG - ok

18:09:49.0536 5040 Com4QLBEx (12e94e225bd7b05a2bccd5c0b841e921) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

18:09:49.0549 5040 Com4QLBEx - ok

18:09:49.0918 5040 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

18:09:49.0930 5040 Compbatt - ok

18:09:50.0386 5040 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

18:09:50.0619 5040 CompositeBus - ok

18:09:50.0796 5040 COMSysApp - ok

18:09:50.0903 5040 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

18:09:50.0917 5040 crcdisk - ok

18:09:51.0014 5040 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll

18:09:51.0091 5040 CryptSvc - ok

18:09:51.0198 5040 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

18:09:51.0302 5040 DcomLaunch - ok

18:09:51.0458 5040 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

18:09:51.0527 5040 defragsvc - ok

18:09:51.0811 5040 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

18:09:51.0887 5040 DfsC - ok

18:09:52.0228 5040 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll

18:09:52.0390 5040 Dhcp - ok

18:09:52.0691 5040 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

18:09:52.0810 5040 discache - ok

18:09:53.0462 5040 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

18:09:53.0477 5040 Disk - ok

18:09:53.0687 5040 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll

18:09:53.0730 5040 Dnscache - ok

18:09:54.0231 5040 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll

18:09:54.0342 5040 dot3svc - ok

18:09:54.0483 5040 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll

18:09:54.0603 5040 DPS - ok

18:09:54.0742 5040 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

18:09:54.0767 5040 drmkaud - ok

18:09:54.0834 5040 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

18:09:54.0865 5040 DXGKrnl - ok

18:09:54.0913 5040 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

18:09:54.0992 5040 EapHost - ok

18:09:55.0128 5040 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

18:09:55.0267 5040 ebdrv - ok

18:09:55.0312 5040 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe

18:09:55.0352 5040 EFS - ok

18:09:55.0433 5040 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe

18:09:55.0483 5040 ehRecvr - ok

18:09:55.0535 5040 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

18:09:55.0580 5040 ehSched - ok

18:09:55.0774 5040 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

18:09:55.0813 5040 elxstor - ok

18:09:55.0881 5040 enecir (f218a3a27ed6592c0e22ec3595554447) C:\Windows\system32\DRIVERS\enecir.sys

18:09:55.0951 5040 enecir - ok

18:09:55.0976 5040 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

18:09:56.0022 5040 ErrDev - ok

18:09:56.0092 5040 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

18:09:56.0259 5040 EventSystem - ok

18:09:56.0306 5040 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

18:09:56.0373 5040 exfat - ok

18:09:56.0417 5040 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

18:09:56.0486 5040 fastfat - ok

18:09:56.0565 5040 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe

18:09:56.0626 5040 Fax - ok

18:09:56.0669 5040 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

18:09:56.0706 5040 fdc - ok

18:09:56.0771 5040 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

18:09:56.0818 5040 fdPHost - ok

18:09:56.0845 5040 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

18:09:56.0908 5040 FDResPub - ok

18:09:56.0949 5040 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

18:09:56.0961 5040 FileInfo - ok

18:09:56.0985 5040 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

18:09:57.0057 5040 Filetrace - ok

18:09:57.0125 5040 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

18:09:57.0167 5040 flpydisk - ok

18:09:57.0208 5040 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

18:09:57.0226 5040 FltMgr - ok

18:09:57.0290 5040 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll

18:09:57.0374 5040 FontCache - ok

18:09:57.0593 5040 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

18:09:57.0604 5040 FontCache3.0.0.0 - ok

18:09:57.0664 5040 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

18:09:57.0679 5040 FsDepends - ok

18:09:57.0696 5040 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

18:09:57.0710 5040 Fs_Rec - ok

18:09:57.0788 5040 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

18:09:57.0810 5040 fvevol - ok

18:09:57.0868 5040 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

18:09:57.0883 5040 gagp30kx - ok

18:09:58.0017 5040 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

18:09:58.0030 5040 GamesAppService - ok

18:09:58.0081 5040 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

18:09:58.0091 5040 GEARAspiWDM - ok

18:09:58.0161 5040 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll

18:09:58.0227 5040 gpsvc - ok

18:09:58.0311 5040 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

18:09:58.0324 5040 gupdate - ok

18:09:58.0367 5040 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

18:09:58.0378 5040 gupdatem - ok

18:09:58.0455 5040 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

18:09:58.0498 5040 hcw85cir - ok

18:09:58.0552 5040 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

18:09:58.0594 5040 HDAudBus - ok

18:09:58.0631 5040 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

18:09:58.0652 5040 HidBatt - ok

18:09:58.0676 5040 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

18:09:58.0721 5040 HidBth - ok

18:09:58.0765 5040 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

18:09:58.0813 5040 HidIr - ok

18:09:58.0873 5040 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

18:09:58.0952 5040 hidserv - ok

18:09:59.0016 5040 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

18:09:59.0060 5040 HidUsb - ok

18:09:59.0114 5040 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll

18:09:59.0183 5040 hkmsvc - ok

18:09:59.0251 5040 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll

18:09:59.0304 5040 HomeGroupListener - ok

18:09:59.0359 5040 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll

18:09:59.0390 5040 HomeGroupProvider - ok

18:09:59.0549 5040 HP Health Check Service (a19b0bb5a7eb6df2dd4a0711d36955ee) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

18:09:59.0557 5040 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning

18:09:59.0557 5040 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)

18:09:59.0634 5040 hpdskflt (4a435ca815a54639ca09ddf75d751ebc) C:\Windows\system32\DRIVERS\hpdskflt.sys

18:09:59.0642 5040 hpdskflt - ok

18:09:59.0703 5040 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

18:09:59.0759 5040 HpqKbFiltr - ok

18:09:59.0861 5040 hpqwmiex (188ff0adf66768d53ad94f43972e1e9a) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

18:09:59.0880 5040 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning

18:09:59.0880 5040 hpqwmiex - detected UnsignedFile.Multi.Generic (1)

18:09:59.0946 5040 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

18:09:59.0959 5040 HpSAMD - ok

18:10:00.0018 5040 hpsrv (6bf024ea61d7894bf4af0b10a90b546e) C:\Windows\system32\Hpservice.exe

18:10:00.0050 5040 hpsrv - ok

18:10:00.0096 5040 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

18:10:00.0184 5040 HTTP - ok

18:10:00.0227 5040 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

18:10:00.0239 5040 hwpolicy - ok

18:10:00.0264 5040 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

18:10:00.0281 5040 i8042prt - ok

18:10:00.0345 5040 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

18:10:00.0366 5040 iaStorV - ok

18:10:00.0496 5040 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

18:10:00.0513 5040 IDriverT ( UnsignedFile.Multi.Generic ) - warning

18:10:00.0513 5040 IDriverT - detected UnsignedFile.Multi.Generic (1)

18:10:00.0686 5040 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

18:10:00.0723 5040 idsvc - ok

18:10:00.0990 5040 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys

18:10:01.0210 5040 igfx - ok

18:10:01.0300 5040 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

18:10:01.0312 5040 iirsp - ok

18:10:01.0406 5040 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll

18:10:01.0513 5040 IKEEXT - ok

18:10:01.0587 5040 IntcHdmiAddService (be1cb000c655396c9def09aee3ea2d67) C:\Windows\system32\drivers\IntcHdmi.sys

18:10:01.0649 5040 IntcHdmiAddService - ok

18:10:01.0704 5040 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

18:10:01.0719 5040 intelide - ok

18:10:01.0780 5040 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

18:10:01.0824 5040 intelppm - ok

18:10:01.0877 5040 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

18:10:01.0956 5040 IPBusEnum - ok

18:10:01.0999 5040 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:10:02.0049 5040 IpFilterDriver - ok

18:10:02.0083 5040 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

18:10:02.0126 5040 IPMIDRV - ok

18:10:02.0200 5040 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

18:10:02.0279 5040 IPNAT - ok

18:10:02.0424 5040 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

18:10:02.0475 5040 iPod Service - ok

18:10:02.0594 5040 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

18:10:02.0616 5040 IRENUM - ok

18:10:02.0658 5040 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

18:10:02.0675 5040 isapnp - ok

18:10:02.0711 5040 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

18:10:02.0730 5040 iScsiPrt - ok

18:10:02.0794 5040 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

18:10:02.0807 5040 kbdclass - ok

18:10:02.0870 5040 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

18:10:02.0908 5040 kbdhid - ok

18:10:02.0952 5040 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

18:10:02.0968 5040 KeyIso - ok

18:10:02.0991 5040 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys

18:10:03.0006 5040 KSecDD - ok

18:10:03.0038 5040 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys

18:10:03.0054 5040 KSecPkg - ok

18:10:03.0084 5040 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

18:10:03.0153 5040 ksthunk - ok

18:10:03.0218 5040 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

18:10:03.0311 5040 KtmRm - ok

18:10:03.0375 5040 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll

18:10:03.0414 5040 LanmanServer - ok

18:10:03.0484 5040 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll

18:10:03.0557 5040 LanmanWorkstation - ok

18:10:03.0967 5040 LightScribeService (abf90fc5a127f481219b873c1b8dfc1c) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

18:10:03.0984 5040 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

18:10:03.0984 5040 LightScribeService - detected UnsignedFile.Multi.Generic (1)

18:10:04.0576 5040 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

18:10:04.0675 5040 lltdio - ok

18:10:04.0790 5040 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

18:10:04.0885 5040 lltdsvc - ok

18:10:05.0043 5040 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

18:10:05.0098 5040 lmhosts - ok

18:10:05.0713 5040 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

18:10:05.0763 5040 LSI_FC - ok

18:10:06.0689 5040 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

18:10:06.0701 5040 LSI_SAS - ok

18:10:07.0290 5040 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

18:10:07.0336 5040 LSI_SAS2 - ok

18:10:07.0762 5040 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

18:10:07.0777 5040 LSI_SCSI - ok

18:10:08.0034 5040 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

18:10:08.0168 5040 luafv - ok

18:10:08.0487 5040 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll

18:10:08.0600 5040 Mcx2Svc - ok

18:10:09.0027 5040 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

18:10:09.0041 5040 megasas - ok

18:10:09.0689 5040 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

18:10:09.0750 5040 MegaSR - ok

18:10:10.0052 5040 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

18:10:10.0182 5040 MMCSS - ok

18:10:10.0383 5040 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

18:10:10.0529 5040 Modem - ok

18:10:10.0816 5040 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

18:10:10.0841 5040 monitor - ok

18:10:11.0214 5040 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

18:10:11.0230 5040 mouclass - ok

18:10:11.0742 5040 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

18:10:11.0757 5040 mouhid - ok

18:10:11.0827 5040 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

18:10:11.0869 5040 mountmgr - ok

18:10:11.0949 5040 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

18:10:11.0965 5040 mpio - ok

18:10:12.0014 5040 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

18:10:12.0061 5040 mpsdrv - ok

18:10:12.0120 5040 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

18:10:12.0190 5040 MRxDAV - ok

18:10:12.0247 5040 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

18:10:12.0275 5040 mrxsmb - ok

18:10:12.0347 5040 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:10:12.0446 5040 mrxsmb10 - ok

18:10:12.0506 5040 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:10:12.0596 5040 mrxsmb20 - ok

18:10:12.0719 5040 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

18:10:12.0732 5040 msahci - ok

18:10:12.0802 5040 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

18:10:12.0817 5040 msdsm - ok

18:10:12.0987 5040 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

18:10:13.0127 5040 MSDTC - ok

18:10:13.0723 5040 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

18:10:13.0825 5040 Msfs - ok

18:10:14.0540 5040 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

18:10:14.0597 5040 mshidkmdf - ok

18:10:15.0346 5040 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

18:10:15.0360 5040 msisadrv - ok

18:10:15.0590 5040 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

18:10:15.0677 5040 MSiSCSI - ok

18:10:15.0709 5040 msiserver - ok

18:10:16.0023 5040 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

18:10:16.0177 5040 MSKSSRV - ok

18:10:17.0434 5040 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

18:10:17.0598 5040 MSPCLOCK - ok

18:10:18.0017 5040 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

18:10:18.0152 5040 MSPQM - ok

18:10:18.0726 5040 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

18:10:18.0745 5040 MsRPC - ok

18:10:19.0212 5040 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

18:10:19.0223 5040 mssmbios - ok

18:10:19.0765 5040 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

18:10:20.0263 5040 MSTEE - ok

18:10:20.0820 5040 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

18:10:20.0927 5040 MTConfig - ok

18:10:21.0606 5040 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

18:10:21.0618 5040 Mup - ok

18:10:22.0391 5040 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll

18:10:22.0571 5040 napagent - ok

18:10:23.0085 5040 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

18:10:23.0160 5040 NativeWifiP - ok

18:10:23.0716 5040 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

18:10:23.0773 5040 NDIS - ok

18:10:24.0094 5040 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

18:10:24.0191 5040 NdisCap - ok

18:10:24.0701 5040 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

18:10:24.0879 5040 NdisTapi - ok

18:10:25.0557 5040 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

18:10:25.0700 5040 Ndisuio - ok

18:10:26.0023 5040 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

18:10:26.0082 5040 NdisWan - ok

18:10:26.0153 5040 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

18:10:26.0249 5040 NDProxy - ok

18:10:26.0301 5040 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

18:10:26.0433 5040 NetBIOS - ok

18:10:26.0494 5040 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

18:10:26.0632 5040 NetBT - ok

18:10:26.0801 5040 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

18:10:26.0816 5040 Netlogon - ok

18:10:26.0924 5040 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

18:10:26.0976 5040 Netman - ok

18:10:27.0098 5040 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

18:10:27.0171 5040 netprofm - ok

18:10:27.0448 5040 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

18:10:27.0461 5040 NetTcpPortSharing - ok

18:10:27.0723 5040 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

18:10:27.0738 5040 nfrd960 - ok

18:10:27.0825 5040 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll

18:10:27.0918 5040 NlaSvc - ok

18:10:28.0004 5040 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

18:10:28.0125 5040 Npfs - ok

18:10:28.0178 5040 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

18:10:28.0233 5040 nsi - ok

18:10:28.0303 5040 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

18:10:28.0374 5040 nsiproxy - ok

18:10:28.0487 5040 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

18:10:28.0566 5040 Ntfs - ok

18:10:28.0698 5040 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

18:10:28.0788 5040 Null - ok

18:10:28.0949 5040 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

18:10:28.0967 5040 nvraid - ok

18:10:29.0132 5040 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

18:10:29.0154 5040 nvstor - ok

18:10:29.0274 5040 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

18:10:29.0291 5040 nv_agp - ok

18:10:29.0580 5040 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

18:10:29.0604 5040 odserv - ok

18:10:29.0927 5040 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

18:10:30.0010 5040 ohci1394 - ok

18:10:30.0325 5040 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

18:10:30.0340 5040 ose - ok

18:10:30.0725 5040 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

18:10:30.0748 5040 p2pimsvc - ok

18:10:30.0799 5040 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

18:10:30.0894 5040 p2psvc - ok

18:10:31.0076 5040 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

18:10:31.0095 5040 Parport - ok

18:10:31.0150 5040 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

18:10:31.0165 5040 partmgr - ok

18:10:31.0314 5040 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

18:10:31.0416 5040 PcaSvc - ok

18:10:31.0800 5040 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

18:10:31.0817 5040 pci - ok

18:10:32.0405 5040 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

18:10:32.0418 5040 pciide - ok

18:10:32.0459 5040 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

18:10:32.0478 5040 pcmcia - ok

18:10:32.0626 5040 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

18:10:32.0639 5040 pcw - ok

18:10:33.0201 5040 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

18:10:33.0268 5040 PEAUTH - ok

18:10:33.0521 5040 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

18:10:33.0558 5040 PerfHost - ok

18:10:33.0729 5040 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll

18:10:33.0832 5040 pla - ok

18:10:33.0877 5040 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll

18:10:33.0929 5040 PlugPlay - ok

18:10:33.0965 5040 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

18:10:34.0025 5040 PNRPAutoReg - ok

18:10:34.0072 5040 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

18:10:34.0090 5040 PNRPsvc - ok

18:10:34.0156 5040 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll

18:10:34.0217 5040 PolicyAgent - ok

18:10:34.0275 5040 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

18:10:34.0347 5040 Power - ok

18:10:34.0439 5040 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

18:10:34.0508 5040 PptpMiniport - ok

18:10:34.0561 5040 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

18:10:34.0596 5040 Processor - ok

18:10:34.0651 5040 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll

18:10:34.0730 5040 ProfSvc - ok

18:10:34.0773 5040 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

18:10:34.0791 5040 ProtectedStorage - ok

18:10:34.0866 5040 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

18:10:34.0949 5040 Psched - ok

18:10:35.0034 5040 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

18:10:35.0115 5040 ql2300 - ok

18:10:35.0672 5040 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

18:10:35.0691 5040 ql40xx - ok

18:10:35.0835 5040 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

18:10:35.0894 5040 QWAVE - ok

18:10:35.0955 5040 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

18:10:35.0998 5040 QWAVEdrv - ok

18:10:36.0036 5040 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

18:10:36.0114 5040 RasAcd - ok

18:10:36.0183 5040 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

18:10:36.0346 5040 RasAgileVpn - ok

18:10:36.0446 5040 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

18:10:36.0571 5040 RasAuto - ok

18:10:37.0059 5040 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

18:10:37.0187 5040 Rasl2tp - ok

18:10:37.0579 5040 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll

18:10:37.0641 5040 RasMan - ok

18:10:38.0558 5040 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

18:10:38.0695 5040 RasPppoe - ok

18:10:38.0942 5040 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

18:10:39.0037 5040 RasSstp - ok

18:10:39.0113 5040 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

18:10:39.0300 5040 rdbss - ok

18:10:40.0435 5040 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

18:10:40.0634 5040 rdpbus - ok

18:10:41.0523 5040 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

18:10:41.0761 5040 RDPCDD - ok

18:10:42.0668 5040 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

18:10:42.0754 5040 RDPENCDD - ok

18:10:43.0108 5040 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

18:10:43.0181 5040 RDPREFMP - ok

18:10:43.0300 5040 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys

18:10:43.0365 5040 RDPWD - ok

18:10:43.0469 5040 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

18:10:43.0505 5040 rdyboost - ok

18:10:43.0643 5040 Recovery Service for Windows (bc0a4d47472b042537f4e57b950415fa) C:\Program Files (x86)\SMINST\BLService.exe

18:10:43.0663 5040 Recovery Service for Windows - ok

18:10:43.0742 5040 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

18:10:43.0794 5040 RemoteAccess - ok

18:10:43.0900 5040 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

18:10:43.0958 5040 RemoteRegistry - ok

18:10:44.0300 5040 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

18:10:44.0311 5040 RichVideo ( UnsignedFile.Multi.Generic ) - warning

18:10:44.0311 5040 RichVideo - detected UnsignedFile.Multi.Generic (1)

18:10:44.0897 5040 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

18:10:45.0009 5040 RpcEptMapper - ok

18:10:45.0475 5040 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

18:10:45.0560 5040 RpcLocator - ok

18:10:45.0802 5040 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

18:10:45.0859 5040 RpcSs - ok

18:10:47.0007 5040 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

18:10:47.0177 5040 rspndr - ok

18:10:47.0351 5040 RTL8169 (8b91737da75add21cb1554b38089196a) C:\Windows\system32\DRIVERS\Rtlh64.sys

18:10:47.0430 5040 RTL8169 - ok

18:10:47.0521 5040 RTSTOR (aa3987386cf7d9005c42bc974634bd56) C:\Windows\system32\drivers\RTSTOR64.SYS

18:10:47.0551 5040 RTSTOR - ok

18:10:47.0583 5040 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

18:10:47.0603 5040 SamSs - ok

18:10:47.0658 5040 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

18:10:47.0678 5040 sbp2port - ok

18:10:47.0727 5040 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

18:10:47.0813 5040 SCardSvr - ok

18:10:47.0852 5040 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

18:10:47.0930 5040 scfilter - ok

18:10:48.0028 5040 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll

18:10:48.0117 5040 Schedule - ok

18:10:48.0196 5040 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

18:10:48.0250 5040 SCPolicySvc - ok

18:10:48.0297 5040 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll

18:10:48.0347 5040 SDRSVC - ok

18:10:48.0492 5040 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

18:10:48.0586 5040 secdrv - ok

18:10:48.0626 5040 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll

18:10:48.0687 5040 seclogon - ok

18:10:48.0725 5040 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

18:10:48.0803 5040 SENS - ok

18:10:48.0839 5040 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

18:10:48.0886 5040 SensrSvc - ok

18:10:48.0965 5040 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

18:10:48.0984 5040 Serenum - ok

18:10:49.0044 5040 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

18:10:49.0065 5040 Serial - ok

18:10:49.0105 5040 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

18:10:49.0149 5040 sermouse - ok

18:10:49.0218 5040 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll

18:10:49.0276 5040 SessionEnv - ok

18:10:49.0312 5040 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

18:10:49.0337 5040 sffdisk - ok

18:10:49.0373 5040 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

18:10:49.0396 5040 sffp_mmc - ok

18:10:49.0449 5040 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

18:10:49.0490 5040 sffp_sd - ok

18:10:49.0535 5040 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

18:10:49.0554 5040 sfloppy - ok

18:10:49.0614 5040 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

18:10:49.0698 5040 SharedAccess - ok

18:10:49.0753 5040 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll

18:10:49.0811 5040 ShellHWDetection - ok

18:10:49.0861 5040 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

18:10:49.0878 5040 SiSRaid2 - ok

18:10:49.0903 5040 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

18:10:49.0921 5040 SiSRaid4 - ok

18:10:49.0978 5040 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

18:10:50.0058 5040 Smb - ok

18:10:50.0136 5040 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

18:10:50.0178 5040 SNMPTRAP - ok

18:10:50.0222 5040 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

18:10:50.0239 5040 spldr - ok

18:10:50.0281 5040 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe

18:10:50.0337 5040 Spooler - ok

18:10:50.0468 5040 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe

18:10:50.0620 5040 sppsvc - ok

18:10:50.0660 5040 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

18:10:50.0732 5040 sppuinotify - ok

18:10:50.0810 5040 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

18:10:50.0876 5040 srv - ok

18:10:50.0921 5040 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

18:10:50.0966 5040 srv2 - ok

18:10:51.0010 5040 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

18:10:51.0051 5040 srvnet - ok

18:10:51.0147 5040 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

18:10:51.0225 5040 SSDPSRV - ok

18:10:51.0287 5040 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

18:10:51.0362 5040 SstpSvc - ok

18:10:51.0515 5040 STacSV (a400c503b256cd7c8289b2a943370415) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\STacSV64.exe

18:10:51.0561 5040 STacSV - ok

18:10:51.0649 5040 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

18:10:51.0666 5040 stexstor - ok

18:10:51.0732 5040 STHDA (0c2bf91cdc0575f5713a4d2d5118bc06) C:\Windows\system32\DRIVERS\stwrt64.sys

18:10:51.0762 5040 STHDA - ok

18:10:51.0832 5040 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll

18:10:51.0917 5040 stisvc - ok

18:10:51.0958 5040 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

18:10:51.0973 5040 swenum - ok

18:10:52.0037 5040 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

18:10:52.0124 5040 swprv - ok

18:10:52.0199 5040 SynTP (5bfcf934891022e15404befe0f5ece9f) C:\Windows\system32\DRIVERS\SynTP.sys

18:10:52.0223 5040 SynTP - ok

18:10:52.0290 5040 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll

18:10:52.0408 5040 SysMain - ok

18:10:52.0450 5040 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll

18:10:52.0511 5040 TabletInputService - ok

18:10:52.0553 5040 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll

18:10:52.0641 5040 TapiSrv - ok

18:10:52.0677 5040 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

18:10:52.0732 5040 TBS - ok

18:10:52.0856 5040 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys

18:10:52.0940 5040 Tcpip - ok

18:10:53.0038 5040 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys

18:10:53.0093 5040 TCPIP6 - ok

18:10:53.0150 5040 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

18:10:53.0230 5040 tcpipreg - ok

18:10:53.0308 5040 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

18:10:53.0346 5040 TDPIPE - ok

18:10:53.0407 5040 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys

18:10:53.0448 5040 TDTCP - ok

18:10:53.0501 5040 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

18:10:53.0594 5040 tdx - ok

18:10:53.0627 5040 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

18:10:53.0644 5040 TermDD - ok

18:10:53.0713 5040 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll

18:10:53.0811 5040 TermService - ok

18:10:53.0847 5040 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

18:10:53.0898 5040 Themes - ok

18:10:53.0950 5040 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

18:10:54.0004 5040 THREADORDER - ok

18:10:54.0032 5040 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

18:10:54.0110 5040 TrkWks - ok

18:10:54.0189 5040 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe

18:10:54.0234 5040 TrustedInstaller - ok

18:10:54.0333 5040 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

18:10:54.0427 5040 tssecsrv - ok

18:10:54.0514 5040 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

18:10:54.0568 5040 tunnel - ok

18:10:54.0791 5040 TVCapSvc (1c31169dddc70c1605f703da701eaeea) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe

18:10:54.0810 5040 TVCapSvc - ok

18:10:54.0821 5040 TVSched (290b8c381dbc15d3dbcbd2bdb6b0ba12) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe

18:10:54.0834 5040 TVSched - ok

18:10:54.0872 5040 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

18:10:54.0889 5040 uagp35 - ok

18:10:54.0923 5040 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

18:10:54.0999 5040 udfs - ok

18:10:55.0068 5040 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

18:10:55.0093 5040 UI0Detect - ok

18:10:55.0149 5040 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

18:10:55.0166 5040 uliagpkx - ok

18:10:55.0240 5040 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

18:10:55.0290 5040 umbus - ok

18:10:55.0327 5040 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

18:10:55.0366 5040 UmPass - ok

18:10:55.0408 5040 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

18:10:55.0471 5040 upnphost - ok

18:10:55.0570 5040 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

18:10:55.0604 5040 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning

18:10:55.0604 5040 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)

18:10:55.0658 5040 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys

18:10:55.0684 5040 usbccgp - ok

18:10:55.0735 5040 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

18:10:55.0789 5040 usbcir - ok

18:10:55.0858 5040 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys

18:10:55.0879 5040 usbehci - ok

18:10:55.0968 5040 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys

18:10:55.0995 5040 usbhub - ok

18:10:56.0026 5040 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys

18:10:56.0075 5040 usbohci - ok

18:10:56.0113 5040 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

18:10:56.0140 5040 usbprint - ok

18:10:56.0184 5040 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:10:56.0205 5040 USBSTOR - ok

18:10:56.0239 5040 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys

18:10:56.0285 5040 usbuhci - ok

18:10:56.0353 5040 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

18:10:56.0393 5040 usbvideo - ok

18:10:56.0441 5040 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

18:10:56.0495 5040 UxSms - ok

18:10:56.0534 5040 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

18:10:56.0556 5040 VaultSvc - ok

18:10:56.0639 5040 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

18:10:56.0656 5040 vdrvroot - ok

18:10:56.0700 5040 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe

18:10:56.0775 5040 vds - ok

18:10:56.0833 5040 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

18:10:56.0858 5040 vga - ok

18:10:56.0940 5040 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

18:10:57.0020 5040 VgaSave - ok

18:10:57.0080 5040 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

18:10:57.0101 5040 vhdmp - ok

18:10:57.0142 5040 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

18:10:57.0157 5040 viaide - ok

18:10:57.0206 5040 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

18:10:57.0223 5040 volmgr - ok

18:10:57.0260 5040 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

18:10:57.0289 5040 volmgrx - ok

18:10:57.0342 5040 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

18:10:57.0366 5040 volsnap - ok

18:10:57.0424 5040 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

18:10:57.0446 5040 vsmraid - ok

18:10:57.0556 5040 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe

18:10:57.0656 5040 VSS - ok

18:10:57.0697 5040 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

18:10:57.0740 5040 vwifibus - ok

18:10:57.0794 5040 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

18:10:57.0855 5040 W32Time - ok

18:10:57.0874 5040 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

18:10:57.0895 5040 WacomPen - ok

18:10:57.0977 5040 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

18:10:58.0075 5040 WANARP - ok

18:10:58.0099 5040 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

18:10:58.0188 5040 Wanarpv6 - ok

18:10:58.0288 5040 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

18:10:58.0390 5040 WatAdminSvc - ok

18:10:58.0481 5040 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe

18:10:58.0558 5040 wbengine - ok

18:10:58.0599 5040 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

18:10:58.0638 5040 WbioSrvc - ok

18:10:58.0689 5040 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll

18:10:58.0738 5040 wcncsvc - ok

18:10:58.0769 5040 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

18:10:58.0810 5040 WcsPlugInService - ok

18:10:58.0884 5040 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

18:10:58.0900 5040 Wd - ok

18:10:58.0940 5040 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

18:10:58.0979 5040 Wdf01000 - ok

18:10:59.0011 5040 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

18:10:59.0067 5040 WdiServiceHost - ok

18:10:59.0080 5040 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

18:10:59.0111 5040 WdiSystemHost - ok

18:10:59.0157 5040 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll

18:10:59.0224 5040 WebClient - ok

18:10:59.0272 5040 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

18:10:59.0396 5040 Wecsvc - ok

18:10:59.0460 5040 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

18:10:59.0551 5040 wercplsupport - ok

18:10:59.0635 5040 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

18:10:59.0714 5040 WerSvc - ok

18:10:59.0816 5040 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

18:10:59.0868 5040 WfpLwf - ok

18:10:59.0897 5040 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

18:10:59.0914 5040 WIMMount - ok

18:10:59.0924 5040 WinHttpAutoProxySvc - ok

18:11:00.0010 5040 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

18:11:00.0071 5040 Winmgmt - ok

18:11:00.0143 5040 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll

18:11:00.0293 5040 WinRM - ok

18:11:00.0425 5040 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys

18:11:00.0450 5040 WinUsb - ok

18:11:00.0514 5040 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

18:11:00.0599 5040 Wlansvc - ok

18:11:00.0701 5040 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

18:11:00.0742 5040 WmiAcpi - ok

18:11:00.0838 5040 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

18:11:00.0863 5040 wmiApSrv - ok

18:11:00.0999 5040 WMPNetworkSvc - ok

18:11:01.0058 5040 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

18:11:01.0083 5040 WPCSvc - ok

18:11:01.0112 5040 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll

18:11:01.0157 5040 WPDBusEnum - ok

18:11:01.0307 5040 WPFFontCache_v0400 - ok

18:11:01.0408 5040 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

18:11:01.0493 5040 ws2ifsl - ok

18:11:01.0509 5040 WSearch - ok

18:11:01.0614 5040 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll

18:11:01.0771 5040 wuauserv - ok

18:11:01.0817 5040 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

18:11:02.0343 5040 WudfPf - ok

18:11:02.0570 5040 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

18:11:02.0630 5040 WUDFRd - ok

18:11:02.0791 5040 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll

18:11:02.0878 5040 wudfsvc - ok

18:11:03.0050 5040 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

18:11:03.0108 5040 WwanSvc - ok

18:11:03.0396 5040 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

18:11:03.0430 5040 YahooAUService - ok

18:11:03.0678 5040 {55662437-DA8C-40c0-AADA-2C816A897A49} (1cacfef9e5dd866c5b79a135ee729e18) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl

18:11:03.0692 5040 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok

18:11:03.0774 5040 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

18:11:04.0343 5040 \Device\Harddisk0\DR0 - ok

18:11:04.0418 5040 MBR (0x1B8) (a4a15d6782e6fe1dce41a606cb3affe3) \Device\Harddisk1\DR1

18:11:04.0599 5040 \Device\Harddisk1\DR1 - ok

18:11:04.0672 5040 Boot (0x1200) (d15ccac574f71726c34a3b3151b9ca5e) \Device\Harddisk0\DR0\Partition0

18:11:04.0778 5040 \Device\Harddisk0\DR0\Partition0 - ok

18:11:04.0842 5040 Boot (0x1200) (3b6cb7abd56f4842f192eb2e335ade78) \Device\Harddisk0\DR0\Partition1

18:11:04.0913 5040 \Device\Harddisk0\DR0\Partition1 - ok

18:11:04.0922 5040 Boot (0x1200) (2727c5861400f09ddea8135a113a3b92) \Device\Harddisk1\DR1\Partition0

18:11:04.0928 5040 \Device\Harddisk1\DR1\Partition0 - ok

18:11:04.0932 5040 ============================================================

18:11:04.0932 5040 Scan finished

18:11:04.0932 5040 ============================================================

18:11:04.0949 5032 Detected object count: 6

18:11:04.0949 5032 Actual detected object count: 6

18:11:13.0324 5032 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user

18:11:13.0324 5032 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:11:13.0328 5032 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user

18:11:13.0328 5032 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:11:13.0332 5032 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

18:11:13.0332 5032 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:11:13.0336 5032 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

18:11:13.0336 5032 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:11:13.0340 5032 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user

18:11:13.0340 5032 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:11:13.0343 5032 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user

18:11:13.0343 5032 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:11:26.0713 4720 Deinitialize success

[LDTate]

Cool.

You can delete TDSSKiller

Here's my usual all clean post

To be on the safe side, I would also change all my passwords.

This infection appears to have been cleaned, but as the malware could be configured to run any program a remote attacker requires, it's impossible to be 100% sure that any machine is clean.

Log looks good

• Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week
  (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
  
• Use a Firewall - I can not stress how important it is that you use a Firewall on your computer.
  Without a firewall your computer is succeptible to being hacked and taken over.
  I am very serious about this and see it happen almost every day with my clients.
  Simply using a Firewall in its default configuration can lower your risk greatly.
  
• 
  
• Securing Your Web Browser
  This paper will help you configure your web browser for safer internet surfing.
  
• Using a secure browser plugin M86 SecureBrowsing makes it safe to search, surf and socialize online. This free browser plug-in displays security icons next to links on search engines and social networking sites like Facebook, Twitter and LinkedIn, so you'll know which pages are safe and which ones to avoid.
  •Free browser plug-in for Internet Explorer and Firefox
  •Real-time safety ratings
  •Ideal for Facebook, Twitter and LinkedIn
  
• JAVA Click this link and click on the Free JAVA Download
  
• Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly.
  This will ensure your computer has always the latest security updates available installed on your computer.
  If there are new updates to install, install them immediately, reboot your computer, and revisit the site
  until there are no more critical updates.
  

Only run one Anti-Virus and Firewall program.

I would suggest you read:

PC Safety and Security--What Do I Need?.

How to Prevent Malware:

The full version of Malwarebytes' Anti-Malware could have helped protect your computer against this threat.

We use different ways of protecting your computer(s):

• Dynamically Blocks Malware Sites & Servers
  
• Malware Execution Prevention
  

Save yourself the hassle and get protected.

[nicolep218]

Thank You so Much for all your time.

[LDTate]

You're more than welcome.

Glad we were able to help

Peace be with you

[LDTate]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!