Sirefef infection

[monkey10120]

I blocked the ports from 48000-51000. ill see how that works out

[LDTate]

My time is up for today but I'll check back tomorrow.

[monkey10120]

Even though the ports are block it is still popping up.

[LDTate]

Please don't attach the scans / logs from these scans, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

Download TDSSKiller from here and save it to your Desktop.

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
   
   
2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
   
   
3. Click the Start Scan button.
   
   
4. If a suspicious object is detected, the default action will be Skip, click on Continue.
   
   
5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
   
6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
   
   

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

[monkey10120]

The report came up with a couple threats. All but 2 are software that came with my laptop. I am not sure what switchboard or Starwindservice is?

12:30:10.0821 5132 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16

12:30:12.0834 5132 ============================================================

12:30:12.0834 5132 Current date / time: 2012/06/06 12:30:12.0834

12:30:12.0834 5132 SystemInfo:

12:30:12.0834 5132

12:30:12.0834 5132 OS Version: 6.1.7601 ServicePack: 1.0

12:30:12.0834 5132 Product type: Workstation

12:30:12.0834 5132 ComputerName: TERMINATOR

12:30:12.0834 5132 UserName: Ryan

12:30:12.0834 5132 Windows directory: C:\Windows

12:30:12.0834 5132 System windows directory: C:\Windows

12:30:12.0834 5132 Running under WOW64

12:30:12.0834 5132 Processor architecture: Intel x64

12:30:12.0834 5132 Number of processors: 8

12:30:12.0834 5132 Page size: 0x1000

12:30:12.0834 5132 Boot type: Normal boot

12:30:12.0834 5132 ============================================================

12:30:13.0208 5132 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

12:30:13.0224 5132 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

12:30:13.0224 5132 ============================================================

12:30:13.0224 5132 \Device\Harddisk0\DR0:

12:30:13.0224 5132 MBR partitions:

12:30:13.0224 5132 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000

12:30:13.0224 5132 \Device\Harddisk1\DR1:

12:30:13.0224 5132 MBR partitions:

12:30:13.0224 5132 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x2AFA800, BlocksNum 0x54A4A800

12:30:13.0224 5132 ============================================================

12:30:13.0255 5132 C: <-> \Device\Harddisk1\DR1\Partition0

12:30:13.0302 5132 E: <-> \Device\Harddisk0\DR0\Partition0

12:30:13.0302 5132 ============================================================

12:30:13.0302 5132 Initialize success

12:30:13.0302 5132 ============================================================

12:30:55.0029 5372 ============================================================

12:30:55.0029 5372 Scan started

12:30:55.0029 5372 Mode: Manual; SigCheck; TDLFS;

12:30:55.0029 5372 ============================================================

12:30:55.0434 5372 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

12:30:55.0543 5372 1394ohci - ok

12:30:55.0590 5372 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

12:30:55.0606 5372 ACPI - ok

12:30:55.0606 5372 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

12:30:55.0699 5372 AcpiPmi - ok

12:30:55.0746 5372 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

12:30:55.0762 5372 AdobeFlashPlayerUpdateSvc - ok

12:30:55.0840 5372 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

12:30:55.0855 5372 adp94xx - ok

12:30:55.0887 5372 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

12:30:55.0902 5372 adpahci - ok

12:30:55.0933 5372 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

12:30:55.0949 5372 adpu320 - ok

12:30:55.0949 5372 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

12:30:56.0058 5372 AeLookupSvc - ok

12:30:56.0121 5372 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

12:30:56.0199 5372 AFD - ok

12:30:56.0214 5372 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

12:30:56.0214 5372 agp440 - ok

12:30:56.0230 5372 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

12:30:56.0261 5372 ALG - ok

12:30:56.0292 5372 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

12:30:56.0308 5372 aliide - ok

12:30:56.0355 5372 ALSysIO - ok

12:30:56.0355 5372 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

12:30:56.0370 5372 amdide - ok

12:30:56.0370 5372 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

12:30:56.0401 5372 AmdK8 - ok

12:30:56.0433 5372 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

12:30:56.0464 5372 AmdPPM - ok

12:30:56.0495 5372 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

12:30:56.0511 5372 amdsata - ok

12:30:56.0526 5372 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

12:30:56.0542 5372 amdsbs - ok

12:30:56.0542 5372 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

12:30:56.0557 5372 amdxata - ok

12:30:56.0573 5372 androidusb (9c59bf508c5d408bb348254e0ba2ee30) C:\Windows\system32\Drivers\androidusb.sys

12:30:56.0604 5372 androidusb - ok

12:30:56.0635 5372 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

12:30:56.0776 5372 AppID - ok

12:30:56.0791 5372 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

12:30:56.0838 5372 AppIDSvc - ok

12:30:56.0838 5372 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

12:30:56.0916 5372 Appinfo - ok

12:30:56.0963 5372 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

12:30:56.0994 5372 arc - ok

12:30:56.0994 5372 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

12:30:57.0010 5372 arcsas - ok

12:30:57.0057 5372 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

12:31:01.0737 5372 ASLDRService - ok

12:31:01.0737 5372 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

12:31:01.0752 5372 ASMMAP64 - ok

12:31:01.0768 5372 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

12:31:01.0783 5372 aspnet_state - ok

12:31:01.0799 5372 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

12:31:01.0861 5372 AsyncMac - ok

12:31:01.0877 5372 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

12:31:01.0877 5372 atapi - ok

12:31:02.0017 5372 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys

12:31:02.0127 5372 athr - ok

12:31:02.0173 5372 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

12:31:02.0189 5372 ATKGFNEXSrv - ok

12:31:02.0220 5372 ATKWMIACPIIO (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

12:31:02.0236 5372 ATKWMIACPIIO - ok

12:31:02.0329 5372 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

12:31:02.0392 5372 AudioEndpointBuilder - ok

12:31:02.0392 5372 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

12:31:02.0423 5372 AudioSrv - ok

12:31:02.0454 5372 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

12:31:02.0532 5372 AxInstSV - ok

12:31:02.0579 5372 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

12:31:02.0641 5372 b06bdrv - ok

12:31:02.0673 5372 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

12:31:02.0751 5372 b57nd60a - ok

12:31:02.0782 5372 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

12:31:02.0829 5372 BDESVC - ok

12:31:02.0844 5372 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

12:31:02.0891 5372 Beep - ok

12:31:02.0953 5372 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

12:31:03.0047 5372 BFE - ok

12:31:03.0125 5372 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll

12:31:03.0187 5372 BITS - ok

12:31:03.0234 5372 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

12:31:03.0265 5372 blbdrive - ok

12:31:03.0297 5372 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

12:31:03.0343 5372 bowser - ok

12:31:03.0343 5372 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

12:31:03.0390 5372 BrFiltLo - ok

12:31:03.0406 5372 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

12:31:03.0453 5372 BrFiltUp - ok

12:31:03.0499 5372 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys

12:31:03.0546 5372 BridgeMP - ok

12:31:03.0562 5372 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

12:31:03.0609 5372 Browser - ok

12:31:03.0640 5372 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

12:31:03.0687 5372 Brserid - ok

12:31:03.0718 5372 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

12:31:03.0749 5372 BrSerWdm - ok

12:31:03.0749 5372 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

12:31:03.0796 5372 BrUsbMdm - ok

12:31:03.0827 5372 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

12:31:03.0874 5372 BrUsbSer - ok

12:31:03.0889 5372 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

12:31:03.0936 5372 BthEnum - ok

12:31:03.0967 5372 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

12:31:03.0999 5372 BTHMODEM - ok

12:31:04.0030 5372 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

12:31:04.0077 5372 BthPan - ok

12:31:04.0123 5372 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

12:31:04.0186 5372 BTHPORT - ok

12:31:04.0201 5372 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

12:31:04.0233 5372 bthserv - ok

12:31:04.0264 5372 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

12:31:04.0295 5372 BTHUSB - ok

12:31:04.0326 5372 btusbflt (d3466f77c2c49c6e393ba5fba963a33e) C:\Windows\system32\drivers\btusbflt.sys

12:31:04.0342 5372 btusbflt - ok

12:31:04.0357 5372 btwaudio (a72a9101f9730db7332714e566614e4d) C:\Windows\system32\drivers\btwaudio.sys

12:31:04.0373 5372 btwaudio - ok

12:31:04.0389 5372 btwavdt (5ceec634b617525f2b6ad29f871033f7) C:\Windows\system32\DRIVERS\btwavdt.sys

12:31:04.0404 5372 btwavdt - ok

12:31:04.0482 5372 btwdins (4e63c48e7328a11ed0e9075c18fce782) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

12:31:04.0498 5372 btwdins - ok

12:31:04.0498 5372 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys

12:31:04.0513 5372 btwl2cap - ok

12:31:04.0529 5372 btwrchid (2af5604d28bef77b7cf4b9d232fe7cd3) C:\Windows\system32\DRIVERS\btwrchid.sys

12:31:04.0545 5372 btwrchid - ok

12:31:04.0545 5372 catchme - ok

12:31:04.0560 5372 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

12:31:04.0607 5372 cdfs - ok

12:31:04.0623 5372 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

12:31:04.0638 5372 cdrom - ok

12:31:04.0669 5372 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

12:31:04.0732 5372 CertPropSvc - ok

12:31:04.0747 5372 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

12:31:04.0779 5372 circlass - ok

12:31:04.0825 5372 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

12:31:04.0825 5372 CLFS - ok

12:31:04.0841 5372 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

12:31:04.0857 5372 clr_optimization_v2.0.50727_32 - ok

12:31:04.0872 5372 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

12:31:04.0888 5372 clr_optimization_v2.0.50727_64 - ok

12:31:04.0903 5372 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

12:31:04.0981 5372 clr_optimization_v4.0.30319_32 - ok

12:31:04.0997 5372 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

12:31:05.0044 5372 clr_optimization_v4.0.30319_64 - ok

12:31:05.0059 5372 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

12:31:05.0091 5372 CmBatt - ok

12:31:05.0106 5372 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

12:31:05.0122 5372 cmdide - ok

12:31:05.0184 5372 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

12:31:05.0215 5372 CNG - ok

12:31:05.0231 5372 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

12:31:05.0231 5372 Compbatt - ok

12:31:05.0262 5372 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

12:31:05.0309 5372 CompositeBus - ok

12:31:05.0309 5372 COMSysApp - ok

12:31:05.0340 5372 cpuz135 (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys

12:31:05.0356 5372 cpuz135 - ok

12:31:05.0371 5372 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

12:31:05.0371 5372 crcdisk - ok

12:31:05.0403 5372 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe

12:31:05.0434 5372 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning

12:31:05.0434 5372 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)

12:31:05.0434 5372 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

12:31:05.0481 5372 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning

12:31:05.0481 5372 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)

12:31:05.0527 5372 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

12:31:05.0590 5372 CryptSvc - ok

12:31:05.0605 5372 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys

12:31:05.0652 5372 dc3d - ok

12:31:05.0699 5372 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

12:31:05.0761 5372 DcomLaunch - ok

12:31:05.0808 5372 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

12:31:05.0855 5372 defragsvc - ok

12:31:05.0871 5372 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

12:31:05.0933 5372 DfsC - ok

12:31:05.0964 5372 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

12:31:06.0011 5372 Dhcp - ok

12:31:06.0027 5372 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

12:31:06.0089 5372 discache - ok

12:31:06.0089 5372 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

12:31:06.0105 5372 Disk - ok

12:31:06.0120 5372 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

12:31:06.0151 5372 Dnscache - ok

12:31:06.0198 5372 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

12:31:06.0261 5372 dot3svc - ok

12:31:06.0276 5372 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

12:31:06.0323 5372 DPS - ok

12:31:06.0323 5372 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

12:31:06.0354 5372 drmkaud - ok

12:31:06.0432 5372 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

12:31:06.0448 5372 DXGKrnl - ok

12:31:06.0495 5372 DxkgFilter - ok

12:31:06.0510 5372 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

12:31:06.0557 5372 EapHost - ok

12:31:06.0557 5372 easytether - ok

12:31:06.0682 5372 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

12:31:06.0791 5372 ebdrv - ok

12:31:06.0838 5372 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

12:31:06.0885 5372 EFS - ok

12:31:06.0963 5372 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

12:31:07.0056 5372 ehRecvr - ok

12:31:07.0072 5372 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

12:31:07.0119 5372 ehSched - ok

12:31:07.0197 5372 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

12:31:07.0212 5372 elxstor - ok

12:31:07.0228 5372 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

12:31:07.0259 5372 ErrDev - ok

12:31:07.0306 5372 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

12:31:07.0353 5372 EventSystem - ok

12:31:07.0384 5372 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

12:31:07.0431 5372 exfat - ok

12:31:07.0462 5372 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

12:31:07.0509 5372 fastfat - ok

12:31:07.0540 5372 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

12:31:07.0587 5372 Fax - ok

12:31:07.0602 5372 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

12:31:07.0649 5372 fdc - ok

12:31:07.0649 5372 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

12:31:07.0711 5372 fdPHost - ok

12:31:07.0727 5372 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

12:31:07.0774 5372 FDResPub - ok

12:31:07.0774 5372 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

12:31:07.0789 5372 FileInfo - ok

12:31:07.0789 5372 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

12:31:07.0836 5372 Filetrace - ok

12:31:07.0945 5372 FLEXnet Licensing Service 64 (64ab6f28047744b9b19c97459c2ab31b) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

12:31:08.0070 5372 FLEXnet Licensing Service 64 - ok

12:31:08.0148 5372 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

12:31:08.0179 5372 flpydisk - ok

12:31:08.0211 5372 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

12:31:08.0226 5372 FltMgr - ok

12:31:08.0273 5372 fltsrv (e94e042bc24bb301767a8125d529b705) C:\Windows\system32\DRIVERS\fltsrv.sys

12:31:08.0289 5372 fltsrv - ok

12:31:08.0320 5372 FLxHCIc (d0adbcf2a5316d23ef67dfaa02d5d544) C:\Windows\system32\DRIVERS\FLxHCIc.sys

12:31:08.0382 5372 FLxHCIc - ok

12:31:08.0382 5372 FLxHCIh (f9b6db9727ad2f14ecf84e43eb5279f7) C:\Windows\system32\DRIVERS\FLxHCIh.sys

12:31:08.0413 5372 FLxHCIh - ok

12:31:08.0507 5372 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

12:31:08.0554 5372 FontCache - ok

12:31:08.0569 5372 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

12:31:08.0569 5372 FontCache3.0.0.0 - ok

12:31:08.0585 5372 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

12:31:08.0585 5372 FsDepends - ok

12:31:08.0616 5372 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

12:31:08.0616 5372 fssfltr - ok

12:31:08.0710 5372 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

12:31:08.0741 5372 fsssvc - ok

12:31:08.0819 5372 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

12:31:08.0819 5372 Fs_Rec - ok

12:31:08.0850 5372 Futuremark SystemInfo Service (79b4cde2b69ed8ba4011859780a66a4d) C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe

12:31:08.0881 5372 Futuremark SystemInfo Service - ok

12:31:08.0928 5372 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

12:31:08.0944 5372 fvevol - ok

12:31:08.0959 5372 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

12:31:08.0975 5372 gagp30kx - ok

12:31:09.0022 5372 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

12:31:09.0069 5372 gpsvc - ok

12:31:09.0069 5372 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:31:09.0084 5372 gupdate - ok

12:31:09.0147 5372 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

12:31:09.0147 5372 gusvc - ok

12:31:09.0178 5372 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys

12:31:09.0193 5372 hamachi - ok

12:31:09.0349 5372 Hamachi2Svc (d483dbaef409e8ab7477c28615fcd853) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

12:31:09.0396 5372 Hamachi2Svc - ok

12:31:09.0490 5372 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

12:31:09.0505 5372 hcw85cir - ok

12:31:09.0537 5372 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

12:31:09.0583 5372 HdAudAddService - ok

12:31:09.0599 5372 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

12:31:09.0630 5372 HDAudBus - ok

12:31:09.0630 5372 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

12:31:09.0677 5372 HidBatt - ok

12:31:09.0708 5372 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

12:31:09.0755 5372 HidBth - ok

12:31:09.0771 5372 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

12:31:09.0802 5372 HidIr - ok

12:31:09.0817 5372 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll

12:31:09.0880 5372 hidserv - ok

12:31:09.0911 5372 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

12:31:09.0927 5372 HidUsb - ok

12:31:09.0927 5372 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

12:31:09.0989 5372 hkmsvc - ok

12:31:10.0020 5372 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

12:31:10.0051 5372 HomeGroupListener - ok

12:31:10.0067 5372 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

12:31:10.0098 5372 HomeGroupProvider - ok

12:31:10.0114 5372 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

12:31:10.0114 5372 HpSAMD - ok

12:31:10.0176 5372 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

12:31:10.0254 5372 HTTP - ok

12:31:10.0254 5372 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

12:31:10.0270 5372 hwpolicy - ok

12:31:10.0317 5372 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

12:31:10.0317 5372 i8042prt - ok

12:31:10.0363 5372 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys

12:31:10.0395 5372 iaStor - ok

12:31:10.0473 5372 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

12:31:10.0488 5372 iaStorV - ok

12:31:10.0551 5372 iDispService (cc95fc792884986fb5655066ed259cdf) C:\Windows\system32\DRIVERS\idisplayminiport.sys

12:31:10.0582 5372 iDispService - ok

12:31:10.0675 5372 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

12:31:10.0738 5372 idsvc - ok

12:31:10.0738 5372 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

12:31:10.0753 5372 iirsp - ok

12:31:10.0816 5372 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

12:31:10.0894 5372 IKEEXT - ok

12:31:11.0050 5372 IntcAzAudAddService (bd9d02f706fcaf28d89f5435f18a4a04) C:\Windows\system32\drivers\RTKVHD64.sys

12:31:11.0097 5372 IntcAzAudAddService - ok

12:31:11.0175 5372 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

12:31:11.0190 5372 intelide - ok

12:31:11.0206 5372 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

12:31:11.0237 5372 intelppm - ok

12:31:11.0237 5372 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

12:31:11.0268 5372 IPBusEnum - ok

12:31:11.0331 5372 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

12:31:11.0393 5372 IpFilterDriver - ok

12:31:11.0455 5372 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

12:31:11.0502 5372 iphlpsvc - ok

12:31:11.0533 5372 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

12:31:11.0565 5372 IPMIDRV - ok

12:31:11.0596 5372 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

12:31:11.0627 5372 IPNAT - ok

12:31:11.0658 5372 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

12:31:11.0689 5372 IRENUM - ok

12:31:11.0705 5372 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

12:31:11.0721 5372 isapnp - ok

12:31:11.0814 5372 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

12:31:11.0830 5372 iScsiPrt - ok

12:31:11.0877 5372 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

12:31:11.0892 5372 kbdclass - ok

12:31:11.0908 5372 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

12:31:11.0939 5372 kbdhid - ok

12:31:11.0955 5372 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys

12:31:11.0970 5372 kbfiltr - ok

12:31:11.0970 5372 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

12:31:11.0986 5372 KeyIso - ok

12:31:12.0001 5372 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

12:31:12.0001 5372 KSecDD - ok

12:31:12.0017 5372 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

12:31:12.0033 5372 KSecPkg - ok

12:31:12.0064 5372 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

12:31:12.0111 5372 ksthunk - ok

12:31:12.0142 5372 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

12:31:12.0235 5372 KtmRm - ok

12:31:12.0267 5372 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll

12:31:12.0329 5372 LanmanServer - ok

12:31:12.0345 5372 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

12:31:12.0407 5372 LanmanWorkstation - ok

12:31:12.0438 5372 libusb0 (c7d21310ea0a644aa6394de1e46e3d31) C:\Windows\system32\DRIVERS\libusb0.sys

12:31:12.0469 5372 libusb0 - ok

12:31:12.0501 5372 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

12:31:12.0532 5372 lltdio - ok

12:31:12.0735 5372 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

12:31:12.0781 5372 lltdsvc - ok

12:31:12.0797 5372 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

12:31:12.0813 5372 lmhosts - ok

12:31:12.0875 5372 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

12:31:12.0906 5372 LMS - ok

12:31:12.0922 5372 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

12:31:12.0937 5372 LSI_FC - ok

12:31:12.0953 5372 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

12:31:12.0969 5372 LSI_SAS - ok

12:31:12.0969 5372 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

12:31:12.0984 5372 LSI_SAS2 - ok

12:31:13.0000 5372 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

12:31:13.0015 5372 LSI_SCSI - ok

12:31:13.0031 5372 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

12:31:13.0062 5372 luafv - ok

12:31:13.0109 5372 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

12:31:13.0109 5372 MBAMProtector - ok

12:31:13.0218 5372 MBAMService (ba400ed640bca1eae5c727ae17c10207) E:\Malwarebytes' Anti-Malware\mbamservice.exe

12:31:13.0249 5372 MBAMService - ok

12:31:13.0249 5372 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys

12:31:13.0265 5372 MBfilt - ok

12:31:13.0296 5372 Mcx2Svc - ok

12:31:13.0296 5372 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

12:31:13.0312 5372 megasas - ok

12:31:13.0327 5372 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

12:31:13.0343 5372 MegaSR - ok

12:31:13.0359 5372 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys

12:31:13.0374 5372 MEIx64 - ok

12:31:13.0483 5372 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

12:31:13.0546 5372 MMCSS - ok

12:31:13.0561 5372 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

12:31:13.0608 5372 Modem - ok

12:31:13.0608 5372 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

12:31:13.0639 5372 monitor - ok

12:31:13.0671 5372 MotioninJoyXFilter (eb03d4164e7f10b601d280413655ade4) C:\Windows\system32\DRIVERS\MijXfilt.sys

12:31:13.0702 5372 MotioninJoyXFilter - ok

12:31:13.0717 5372 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

12:31:13.0717 5372 mouclass - ok

12:31:13.0749 5372 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

12:31:13.0749 5372 mouhid - ok

12:31:13.0780 5372 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

12:31:13.0795 5372 mountmgr - ok

12:31:13.0811 5372 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys

12:31:13.0827 5372 MpFilter - ok

12:31:13.0842 5372 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

12:31:13.0858 5372 mpio - ok

12:31:13.0873 5372 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

12:31:13.0920 5372 mpsdrv - ok

12:31:13.0951 5372 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

12:31:14.0029 5372 MpsSvc - ok

12:31:14.0076 5372 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

12:31:14.0092 5372 MRxDAV - ok

12:31:14.0107 5372 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

12:31:14.0170 5372 mrxsmb - ok

12:31:14.0201 5372 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

12:31:14.0232 5372 mrxsmb10 - ok

12:31:14.0248 5372 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

12:31:14.0279 5372 mrxsmb20 - ok

12:31:14.0279 5372 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

12:31:14.0295 5372 msahci - ok

12:31:14.0326 5372 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

12:31:14.0341 5372 msdsm - ok

12:31:14.0357 5372 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

12:31:14.0388 5372 MSDTC - ok

12:31:14.0404 5372 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

12:31:14.0451 5372 Msfs - ok

12:31:14.0451 5372 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

12:31:14.0497 5372 mshidkmdf - ok

12:31:14.0513 5372 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

12:31:14.0513 5372 msisadrv - ok

12:31:14.0529 5372 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

12:31:14.0575 5372 MSiSCSI - ok

12:31:14.0575 5372 msiserver - ok

12:31:14.0591 5372 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

12:31:14.0638 5372 MSKSSRV - ok

12:31:14.0685 5372 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe

12:31:14.0700 5372 MsMpSvc - ok

12:31:14.0731 5372 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

12:31:14.0763 5372 MSPCLOCK - ok

12:31:14.0763 5372 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

12:31:14.0809 5372 MSPQM - ok

12:31:14.0856 5372 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

12:31:14.0872 5372 MsRPC - ok

12:31:14.0872 5372 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

12:31:14.0872 5372 mssmbios - ok

12:31:14.0887 5372 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

12:31:14.0903 5372 MSTEE - ok

12:31:14.0934 5372 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

12:31:14.0965 5372 MTConfig - ok

12:31:14.0981 5372 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

12:31:14.0981 5372 Mup - ok

12:31:15.0012 5372 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

12:31:15.0075 5372 napagent - ok

12:31:15.0121 5372 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

12:31:15.0153 5372 NativeWifiP - ok

12:31:15.0246 5372 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

12:31:15.0262 5372 NDIS - ok

12:31:15.0277 5372 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

12:31:15.0324 5372 NdisCap - ok

12:31:15.0371 5372 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

12:31:15.0418 5372 NdisTapi - ok

12:31:15.0433 5372 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

12:31:15.0480 5372 Ndisuio - ok

12:31:15.0511 5372 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

12:31:15.0543 5372 NdisWan - ok

12:31:15.0589 5372 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

12:31:15.0621 5372 NDProxy - ok

12:31:15.0621 5372 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

12:31:15.0667 5372 NetBIOS - ok

12:31:15.0699 5372 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

12:31:15.0745 5372 NetBT - ok

12:31:15.0761 5372 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

12:31:15.0777 5372 Netlogon - ok

12:31:15.0808 5372 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

12:31:15.0886 5372 Netman - ok

12:31:15.0917 5372 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:31:15.0948 5372 NetMsmqActivator - ok

12:31:15.0948 5372 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:31:15.0948 5372 NetPipeActivator - ok

12:31:15.0995 5372 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

12:31:16.0026 5372 netprofm - ok

12:31:16.0042 5372 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:31:16.0057 5372 NetTcpActivator - ok

12:31:16.0057 5372 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:31:16.0057 5372 NetTcpPortSharing - ok

12:31:16.0089 5372 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

12:31:16.0104 5372 nfrd960 - ok

12:31:16.0120 5372 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

12:31:16.0120 5372 NisDrv - ok

12:31:16.0151 5372 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe

12:31:16.0167 5372 NisSrv - ok

12:31:16.0198 5372 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

12:31:16.0229 5372 NlaSvc - ok

12:31:16.0245 5372 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

12:31:16.0291 5372 Npfs - ok

12:31:16.0291 5372 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

12:31:16.0338 5372 nsi - ok

12:31:16.0338 5372 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

12:31:16.0385 5372 nsiproxy - ok

12:31:16.0494 5372 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

12:31:16.0541 5372 Ntfs - ok

12:31:16.0650 5372 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

12:31:16.0666 5372 Null - ok

12:31:16.0697 5372 NVHDA (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys

12:31:16.0713 5372 NVHDA - ok

12:31:17.0727 5372 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys

12:31:26.0541 5372 nvlddmkm - ok

12:31:26.0650 5372 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

12:31:26.0665 5372 nvraid - ok

12:31:26.0681 5372 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

12:31:26.0697 5372 nvstor - ok

12:31:26.0759 5372 nvsvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe

12:31:26.0821 5372 nvsvc - ok

12:31:26.0915 5372 nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

12:31:26.0962 5372 nvUpdatusService - ok

12:31:27.0087 5372 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

12:31:27.0102 5372 nv_agp - ok

12:31:27.0118 5372 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

12:31:27.0149 5372 ohci1394 - ok

12:31:27.0180 5372 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

12:31:27.0196 5372 p2pimsvc - ok

12:31:27.0243 5372 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

12:31:27.0258 5372 p2psvc - ok

12:31:27.0274 5372 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

12:31:27.0321 5372 Parport - ok

12:31:27.0321 5372 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

12:31:27.0336 5372 partmgr - ok

12:31:27.0352 5372 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

12:31:27.0367 5372 PcaSvc - ok

12:31:27.0399 5372 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

12:31:27.0399 5372 pci - ok

12:31:27.0399 5372 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

12:31:27.0414 5372 pciide - ok

12:31:27.0445 5372 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

12:31:27.0461 5372 pcmcia - ok

12:31:27.0461 5372 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

12:31:27.0477 5372 pcw - ok

12:31:27.0508 5372 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

12:31:27.0570 5372 PEAUTH - ok

12:31:27.0617 5372 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

12:31:27.0664 5372 PerfHost - ok

12:31:27.0789 5372 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

12:31:27.0867 5372 pla - ok

12:31:27.0898 5372 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

12:31:27.0945 5372 PlugPlay - ok

12:31:27.0960 5372 PnkBstrA - ok

12:31:27.0960 5372 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

12:31:27.0991 5372 PNRPAutoReg - ok

12:31:28.0023 5372 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

12:31:28.0038 5372 PNRPsvc - ok

12:31:28.0054 5372 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys

12:31:28.0069 5372 Point64 - ok

12:31:28.0116 5372 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

12:31:28.0147 5372 PolicyAgent - ok

12:31:28.0179 5372 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

12:31:28.0225 5372 Power - ok

12:31:28.0257 5372 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

12:31:28.0272 5372 PptpMiniport - ok

12:31:28.0288 5372 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

12:31:28.0335 5372 Processor - ok

12:31:28.0350 5372 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

12:31:28.0397 5372 ProfSvc - ok

12:31:28.0413 5372 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

12:31:28.0413 5372 ProtectedStorage - ok

12:31:28.0444 5372 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

12:31:28.0491 5372 Psched - ok

12:31:28.0506 5372 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys

12:31:28.0522 5372 PxHlpa64 - ok

12:31:28.0600 5372 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

12:31:28.0662 5372 ql2300 - ok

12:31:28.0725 5372 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

12:31:28.0740 5372 ql40xx - ok

12:31:28.0787 5372 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

12:31:28.0803 5372 QWAVE - ok

12:31:28.0803 5372 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

12:31:28.0834 5372 QWAVEdrv - ok

12:31:28.0881 5372 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

12:31:28.0927 5372 RasAcd - ok

12:31:28.0943 5372 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

12:31:28.0974 5372 RasAgileVpn - ok

12:31:29.0005 5372 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

12:31:29.0052 5372 RasAuto - ok

12:31:29.0083 5372 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

12:31:29.0130 5372 Rasl2tp - ok

12:31:29.0177 5372 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

12:31:29.0224 5372 RasMan - ok

12:31:29.0286 5372 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

12:31:29.0302 5372 RasPppoe - ok

12:31:29.0317 5372 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

12:31:29.0364 5372 RasSstp - ok

12:31:29.0395 5372 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

12:31:29.0442 5372 rdbss - ok

12:31:29.0458 5372 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

12:31:29.0489 5372 rdpbus - ok

12:31:29.0489 5372 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

12:31:29.0520 5372 RDPCDD - ok

12:31:29.0520 5372 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

12:31:29.0583 5372 RDPENCDD - ok

12:31:29.0583 5372 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

12:31:29.0661 5372 RDPREFMP - ok

12:31:29.0707 5372 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

12:31:29.0723 5372 RDPWD - ok

12:31:29.0739 5372 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

12:31:29.0754 5372 rdyboost - ok

12:31:29.0785 5372 RemoteAccess - ok

12:31:29.0801 5372 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

12:31:29.0832 5372 RemoteRegistry - ok

12:31:29.0863 5372 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

12:31:29.0910 5372 RFCOMM - ok

12:31:29.0910 5372 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

12:31:29.0973 5372 RpcEptMapper - ok

12:31:29.0973 5372 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

12:31:30.0035 5372 RpcLocator - ok

12:31:30.0082 5372 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

12:31:30.0113 5372 RpcSs - ok

12:31:30.0113 5372 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

12:31:30.0160 5372 rspndr - ok

12:31:30.0222 5372 RSUSBVSTOR (e57fac2cdb73f06586ed2ed310b80932) C:\Windows\system32\Drivers\RtsUVStor.sys

12:31:30.0238 5372 RSUSBVSTOR - ok

12:31:30.0269 5372 RTCore64 (2e887e52e45bba3c47ccd0e75fc5266f) C:\Program Files (x86)\MSI Afterburner\RTCore64.sys

12:31:30.0285 5372 RTCore64 - ok

12:31:30.0331 5372 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\Windows\system32\DRIVERS\Rt64win7.sys

12:31:30.0347 5372 RTL8167 - ok

12:31:30.0378 5372 SaiK0CCB (37fe3f97ac8ecab53df56bf275f8d2d5) C:\Windows\system32\DRIVERS\SaiK0CCB.sys

12:31:30.0409 5372 SaiK0CCB - ok

12:31:30.0441 5372 SaiMini (356dc2b0f2b413c6ad2c191ecf2734be) C:\Windows\system32\DRIVERS\SaiMini.sys

12:31:30.0456 5372 SaiMini - ok

12:31:30.0472 5372 SaiNtBus (e47b4067f2c489fbe4c2ae29ef96054e) C:\Windows\system32\drivers\SaiBus.sys

12:31:30.0487 5372 SaiNtBus - ok

12:31:30.0534 5372 SaiU0CCB (950dca50af39563d96eec57ac614366c) C:\Windows\system32\DRIVERS\SaiU0CCB.sys

12:31:30.0565 5372 SaiU0CCB - ok

12:31:30.0565 5372 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

12:31:30.0565 5372 SamSs - ok

12:31:30.0597 5372 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

12:31:30.0612 5372 sbp2port - ok

12:31:30.0628 5372 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

12:31:30.0690 5372 SCardSvr - ok

12:31:30.0690 5372 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

12:31:30.0721 5372 scfilter - ok

12:31:30.0784 5372 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

12:31:30.0862 5372 Schedule - ok

12:31:30.0862 5372 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

12:31:30.0893 5372 SCPolicySvc - ok

12:31:30.0909 5372 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

12:31:30.0955 5372 SDRSVC - ok

12:31:30.0971 5372 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

12:31:31.0018 5372 secdrv - ok

12:31:31.0018 5372 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

12:31:31.0065 5372 seclogon - ok

12:31:31.0080 5372 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll

12:31:31.0127 5372 SENS - ok

12:31:31.0143 5372 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

12:31:31.0174 5372 SensrSvc - ok

12:31:31.0174 5372 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

12:31:31.0189 5372 Serenum - ok

12:31:31.0221 5372 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

12:31:31.0252 5372 Serial - ok

12:31:31.0283 5372 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

12:31:31.0314 5372 sermouse - ok

12:31:31.0330 5372 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

12:31:31.0377 5372 SessionEnv - ok

12:31:31.0408 5372 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

12:31:31.0423 5372 sffdisk - ok

12:31:31.0455 5372 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

12:31:31.0501 5372 sffp_mmc - ok

12:31:31.0517 5372 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

12:31:31.0548 5372 sffp_sd - ok

12:31:31.0579 5372 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

12:31:31.0611 5372 sfloppy - ok

12:31:31.0642 5372 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

12:31:31.0673 5372 SharedAccess - ok

12:31:31.0720 5372 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

12:31:31.0798 5372 ShellHWDetection - ok

12:31:31.0845 5372 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys

12:31:31.0876 5372 SiSGbeLH - ok

12:31:31.0923 5372 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

12:31:31.0938 5372 SiSRaid2 - ok

12:31:31.0985 5372 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

12:31:31.0985 5372 SiSRaid4 - ok

12:31:32.0032 5372 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

12:31:32.0063 5372 Smb - ok

12:31:32.0079 5372 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

12:31:32.0125 5372 SNMPTRAP - ok

12:31:32.0203 5372 SplashtopRemoteService (a23c5c4144605d6b726682a45e10b21b) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe

12:31:32.0219 5372 SplashtopRemoteService - ok

12:31:32.0235 5372 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

12:31:32.0235 5372 spldr - ok

12:31:32.0281 5372 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

12:31:32.0328 5372 Spooler - ok

12:31:32.0500 5372 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

12:31:32.0609 5372 sppsvc - ok

12:31:32.0703 5372 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

12:31:32.0734 5372 sppuinotify - ok

12:31:32.0796 5372 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

12:31:32.0843 5372 srv - ok

12:31:32.0921 5372 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

12:31:32.0983 5372 srv2 - ok

12:31:32.0999 5372 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

12:31:33.0030 5372 srvnet - ok

12:31:33.0046 5372 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

12:31:33.0093 5372 SSDPSRV - ok

12:31:33.0108 5372 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

12:31:33.0155 5372 SstpSvc - ok

12:31:33.0202 5372 SSUService (1cfa4a1f3c7bb4c8f299e00428eb8677) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe

12:31:33.0217 5372 SSUService - ok

12:31:33.0249 5372 StarWindServiceAE (b1691af4a072cb674d600db16dd7308e) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

12:31:33.0264 5372 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning

12:31:33.0264 5372 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)

12:31:33.0280 5372 Steam Client Service - ok

12:31:33.0311 5372 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

12:31:33.0373 5372 Stereo Service - ok

12:31:33.0405 5372 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

12:31:33.0405 5372 stexstor - ok

12:31:33.0467 5372 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

12:31:33.0498 5372 stisvc - ok

12:31:33.0514 5372 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

12:31:33.0529 5372 swenum - ok

12:31:33.0592 5372 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

12:31:33.0701 5372 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning

12:31:33.0701 5372 SwitchBoard - detected UnsignedFile.Multi.Generic (1)

12:31:33.0748 5372 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

12:31:33.0795 5372 swprv - ok

12:31:33.0888 5372 SynTP (bc642d540aedf9a253c74d10c848ebd2) C:\Windows\system32\DRIVERS\SynTP.sys

12:31:33.0919 5372 SynTP - ok

12:31:34.0075 5372 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

12:31:34.0153 5372 SysMain - ok

12:31:34.0231 5372 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

12:31:34.0247 5372 TabletInputService - ok

12:31:34.0263 5372 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

12:31:34.0341 5372 TapiSrv - ok

12:31:34.0356 5372 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

12:31:34.0419 5372 TBS - ok

12:31:34.0590 5372 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

12:31:34.0668 5372 Tcpip - ok

12:31:34.0855 5372 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

12:31:34.0887 5372 TCPIP6 - ok

12:31:34.0965 5372 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

12:31:35.0011 5372 tcpipreg - ok

12:31:35.0043 5372 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

12:31:35.0043 5372 TDPIPE - ok

12:31:35.0074 5372 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

12:31:35.0105 5372 TDTCP - ok

12:31:35.0121 5372 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

12:31:35.0152 5372 tdx - ok

12:31:35.0167 5372 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

12:31:35.0167 5372 TermDD - ok

12:31:35.0230 5372 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

12:31:35.0292 5372 TermService - ok

12:31:35.0308 5372 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

12:31:35.0339 5372 Themes - ok

12:31:35.0339 5372 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

12:31:35.0370 5372 THREADORDER - ok

12:31:35.0386 5372 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

12:31:35.0417 5372 TrkWks - ok

12:31:35.0448 5372 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

12:31:35.0479 5372 TrustedInstaller - ok

12:31:35.0495 5372 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

12:31:35.0542 5372 tssecsrv - ok

12:31:35.0557 5372 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

12:31:35.0589 5372 TsUsbFlt - ok

12:31:35.0620 5372 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

12:31:35.0682 5372 tunnel - ok

12:31:35.0682 5372 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys

12:31:35.0698 5372 TurboB - ok

12:31:35.0713 5372 TurboBoost (6564e84b1522c12ea1c3a181ed03276f) C:\Program Files\Intel\TurboBoost\TurboBoost.exe

12:31:35.0729 5372 TurboBoost - ok

12:31:35.0760 5372 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

12:31:35.0776 5372 uagp35 - ok

12:31:35.0791 5372 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

12:31:35.0854 5372 udfs - ok

12:31:35.0869 5372 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

12:31:35.0901 5372 UI0Detect - ok

12:31:35.0916 5372 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

12:31:35.0932 5372 uliagpkx - ok

12:31:35.0963 5372 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

12:31:35.0994 5372 umbus - ok

12:31:35.0994 5372 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

12:31:36.0025 5372 UmPass - ok

12:31:36.0197 5372 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

12:31:36.0228 5372 UNS - ok

12:31:36.0337 5372 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

12:31:36.0384 5372 upnphost - ok

12:31:36.0400 5372 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

12:31:36.0431 5372 usbccgp - ok

12:31:36.0462 5372 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

12:31:36.0493 5372 usbcir - ok

12:31:36.0525 5372 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

12:31:36.0556 5372 usbehci - ok

12:31:36.0587 5372 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

12:31:36.0649 5372 usbhub - ok

12:31:36.0665 5372 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

12:31:36.0696 5372 usbohci - ok

12:31:36.0727 5372 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

12:31:36.0759 5372 usbprint - ok

12:31:36.0774 5372 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

12:31:36.0805 5372 USBSTOR - ok

12:31:36.0837 5372 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

12:31:36.0868 5372 usbuhci - ok

12:31:36.0899 5372 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

12:31:36.0946 5372 usbvideo - ok

12:31:36.0946 5372 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

12:31:37.0008 5372 UxSms - ok

12:31:37.0008 5372 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

12:31:37.0024 5372 VaultSvc - ok

12:31:37.0055 5372 VBoxDrv (03837b80ad5d8a00996148ad57c09791) C:\Windows\system32\DRIVERS\VBoxDrv.sys

12:31:37.0071 5372 VBoxDrv - ok

12:31:37.0102 5372 VBoxNetAdp (51cee8e2b356fdc351db20c87f25f5a8) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys

12:31:37.0117 5372 VBoxNetAdp - ok

12:31:37.0133 5372 VBoxNetFlt (ce7e80c7367b2adaa023d9004c9f4691) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys

12:31:37.0149 5372 VBoxNetFlt - ok

12:31:37.0164 5372 VBoxUSBMon (27c9a9f2fa94140ddcf7b9131e13e1b4) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys

12:31:37.0180 5372 VBoxUSBMon - ok

12:31:37.0195 5372 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

12:31:37.0195 5372 vdrvroot - ok

12:31:37.0242 5372 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

12:31:37.0320 5372 vds - ok

12:31:37.0351 5372 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

12:31:37.0351 5372 vga - ok

12:31:37.0367 5372 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

12:31:37.0398 5372 VgaSave - ok

12:31:37.0429 5372 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

12:31:37.0476 5372 vhdmp - ok

12:31:37.0492 5372 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

12:31:37.0507 5372 viaide - ok

12:31:37.0523 5372 VideAceWindowsService (0adf410187b71c9b855721c8d59cec7a) C:\ExpressGateUtil\VAWinService.exe

12:31:37.0570 5372 VideAceWindowsService ( UnsignedFile.Multi.Generic ) - warning

12:31:37.0570 5372 VideAceWindowsService - detected UnsignedFile.Multi.Generic (1)

12:31:37.0585 5372 vidsflt61 (2dfd1eb9de564460003de1605a275e8d) C:\Windows\system32\DRIVERS\vsflt61.sys

12:31:37.0601 5372 vidsflt61 - ok

12:31:37.0617 5372 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

12:31:37.0617 5372 volmgr - ok

12:31:37.0663 5372 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

12:31:37.0679 5372 volmgrx - ok

12:31:37.0710 5372 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

12:31:37.0710 5372 volsnap - ok

12:31:37.0741 5372 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

12:31:37.0757 5372 vsmraid - ok

12:31:37.0835 5372 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

12:31:37.0929 5372 VSS - ok

12:31:38.0038 5372 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

12:31:38.0069 5372 vwifibus - ok

12:31:38.0069 5372 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

12:31:38.0085 5372 vwififlt - ok

12:31:38.0100 5372 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

12:31:38.0100 5372 vwifimp - ok

12:31:38.0147 5372 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

12:31:38.0178 5372 W32Time - ok

12:31:38.0209 5372 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

12:31:38.0256 5372 WacomPen - ok

12:31:38.0272 5372 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

12:31:38.0303 5372 WANARP - ok

12:31:38.0303 5372 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

12:31:38.0334 5372 Wanarpv6 - ok

12:31:38.0412 5372 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

12:31:38.0459 5372 WatAdminSvc - ok

12:31:38.0568 5372 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

12:31:38.0631 5372 wbengine - ok

12:31:38.0709 5372 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

12:31:38.0740 5372 WbioSrvc - ok

12:31:38.0787 5372 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

12:31:38.0818 5372 wcncsvc - ok

12:31:38.0833 5372 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

12:31:38.0865 5372 WcsPlugInService - ok

12:31:38.0896 5372 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

12:31:38.0896 5372 Wd - ok

12:31:38.0958 5372 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

12:31:38.0989 5372 Wdf01000 - ok

12:31:38.0989 5372 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

12:31:39.0083 5372 WdiServiceHost - ok

12:31:39.0083 5372 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

12:31:39.0099 5372 WdiSystemHost - ok

12:31:39.0130 5372 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

12:31:39.0161 5372 WebClient - ok

12:31:39.0208 5372 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

12:31:39.0255 5372 Wecsvc - ok

12:31:39.0270 5372 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

12:31:39.0317 5372 wercplsupport - ok

12:31:39.0333 5372 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

12:31:39.0364 5372 WerSvc - ok

12:31:39.0395 5372 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

12:31:39.0426 5372 WfpLwf - ok

12:31:39.0442 5372 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys

12:31:39.0457 5372 WimFltr - ok

12:31:39.0473 5372 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

12:31:39.0489 5372 WIMMount - ok

12:31:39.0489 5372 WinDefend - ok

12:31:39.0504 5372 WinHttpAutoProxySvc - ok

12:31:39.0535 5372 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

12:31:39.0567 5372 Winmgmt - ok

12:31:39.0738 5372 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

12:31:39.0801 5372 WinRM - ok

12:31:39.0894 5372 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys

12:31:39.0910 5372 WinUSB - ok

12:31:39.0988 5372 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

12:31:40.0050 5372 Wlansvc - ok

12:31:40.0081 5372 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

12:31:40.0081 5372 wlcrasvc - ok

12:31:40.0253 5372 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

12:31:40.0300 5372 wlidsvc - ok

12:31:40.0378 5372 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

12:31:40.0409 5372 WmiAcpi - ok

12:31:40.0440 5372 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

12:31:40.0487 5372 wmiApSrv - ok

12:31:40.0487 5372 WMPNetworkSvc - ok

12:31:40.0487 5372 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

12:31:40.0503 5372 WPCSvc - ok

12:31:40.0518 5372 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

12:31:40.0534 5372 WPDBusEnum - ok

12:31:40.0549 5372 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

12:31:40.0581 5372 ws2ifsl - ok

12:31:40.0596 5372 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll

12:31:40.0643 5372 wscsvc - ok

12:31:40.0643 5372 WSearch - ok

12:31:40.0799 5372 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

12:31:40.0908 5372 wuauserv - ok

12:31:40.0986 5372 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

12:31:41.0064 5372 WudfPf - ok

12:31:41.0095 5372 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

12:31:41.0142 5372 WUDFRd - ok

12:31:41.0142 5372 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

12:31:41.0173 5372 wudfsvc - ok

12:31:41.0205 5372 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

12:31:41.0251 5372 WwanSvc - ok

12:31:41.0283 5372 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys

12:31:41.0314 5372 xusb21 - ok

12:31:41.0641 5372 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

12:31:41.0797 5372 \Device\Harddisk0\DR0 - ok

12:31:41.0829 5372 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1

12:31:42.0156 5372 \Device\Harddisk1\DR1 - ok

12:31:42.0219 5372 Boot (0x1200) (2aa86d3d9eeb6cb2ff3007e85c3446b3) \Device\Harddisk0\DR0\Partition0

12:31:42.0219 5372 \Device\Harddisk0\DR0\Partition0 - ok

12:31:42.0219 5372 Boot (0x1200) (4aa19da1e3ccd839008e9e0642887ea7) \Device\Harddisk1\DR1\Partition0

12:31:42.0219 5372 \Device\Harddisk1\DR1\Partition0 - ok

12:31:42.0219 5372 ============================================================

12:31:42.0219 5372 Scan finished

12:31:42.0219 5372 ============================================================

12:31:42.0234 5392 Detected object count: 5

12:31:42.0234 5392 Actual detected object count: 5

12:32:41.0031 5392 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user

12:32:41.0031 5392 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:32:41.0031 5392 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user

12:32:41.0031 5392 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:32:41.0031 5392 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user

12:32:41.0031 5392 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:32:41.0031 5392 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user

12:32:41.0031 5392 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:32:41.0031 5392 VideAceWindowsService ( UnsignedFile.Multi.Generic ) - skipped by user

12:32:41.0031 5392 VideAceWindowsService ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:32:41.0031 5392 Deinitialize success

[LDTate]

Nothing bad there.

[LDTate]

It really has to be a program you have installed that's trying to call home.

Any ideas.

[monkey10120]

I wish I had MBAM installed a long time ago. it might have let me know what program might be pinging that ip. the only thing I installed in the past 2 months was Diablo 3. But I will look through my app and see what updates itself.

As long as its not a virus, which like you said, it doesnt seem like one.

I think you can close this thread now. Ill just try to find out what app would be causing it.

Thanks a lot for the help though!

[LDTate]

Well as long as it's being blocked you should be OK.

[monkey10120]

Does it help to know that the pop ups are not happening until about 30-60 min after I start my laptop up?

[LDTate]

Lets try this.

Go into msconfig

http://netsquirrel.com/msconfig/msconfig_win7.html

Uncheck everything except your security programs like MBAM, FireWall and anti-virus.

Restart

Lets see if it stops

[monkey10120]

Its been about an hour and it has not popped up. All i got is MBAM and MSE on start up.

[LDTate]

If it's still working good, go back into msconfig and enable one or two at a time, reboot and test until you findout which one is causing the problem.

[monkey10120]

I got no pop ups but in the log I see the ip's were blocked again. And that was everything but the 3 things not on startup.

[LDTate]

Are you using a router?

If so, Do you have other computers connected to it?

[monkey10120]

yep Im using and router.

And there is a pc connected to it by ethernet. The pc connected to it was actually hit with the sirefef virus about 3 weeks ago. It was taken in to get fixed and it was fixed but it is not getting the pop ups i get.

[LDTate]

Your router might have been infected.

If this doesn't work, we may need to reset it.

Go to Start->Run->Type CMD and click Ok. The MSDOS Window will be displayed. At the command prompt, type the following and press Enter after each line:

IPCONFIG /release

IPCONFIG /flushdns

IPCONFIG /renew

IPCONFIG /registerdns

netsh winsock reset

netsh int ip reset

regsvr32 netshell.dll

regsvr32 netcfgx.dll

regsvr32 netman.dll

Exit

[monkey10120]

Alright I reset it. I had to close out and run as admin when I got to the IPCONFIG /renew part.

Ill touch back in about an hour to let you know how its going.

[monkey10120]

No luck

it came back

[LDTate]

Let’s try to reset the router to its default configuration.

• This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router.
  
• Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds).
  
• You also need to reconfigure any security settings you had in place prior to the reset.
  
• You may also need to consult with your Internet service provider to find out which DNS servers your network should be using.
  

[LDTate]

Also do this

Internet Explorer (Windows)

1. Click "Tools", then click "Internet Options". This will bring up the Internet Options window.

2. Click the "Connections" tab, then click the "LAN Settings" button.

3. Uncheck the box labeled "Use a proxy server for your LAN". Click "OK", and click "OK" in the previous window. This will remove the proxy server settings in Internet Explorer.

Firefox (Windows)

1. Click "Tools", then click "Options" to bring up the Options window.

2. Click the "Advanced" button, then click the "Network" tab.

3. Click the "Settings" button, located next to "Configure how Firefox connects to the Internet".

4. Click the radio button labeled "No proxy". Click "OK" twice. This will remove the proxy server settings in Firefox.

[monkey10120]

Alright ill try those steps tonight.

Also good news, my fathers work laptop is also getting the same pop up as me from svchost, not as often though. He only brings it home every now and then but it could be the router!

[monkey10120]

I reset my router and followed your steps for the proxy, mine was already unchecked. Still no luck

[LDTate]

At this point I'd suggest contacting your ISP and see what they have to say.

[LDTate]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!