Malwarbytes removes but it keeps returning.

wilkinsonsw · June 14, 2012

I keep scanning and malwarbytes finds it and removes it but as soon as i reboot and scan again the same virus is still there. Please help.

www.malwarebytes.org

Database version: v2012.06.14.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Uaer :: UAER-HP [administrator]

Protection: Enabled

6/14/2012 6:23:14 AM

mbam-log-2012-06-14 (06-23-14).txt

Scan type: Quick scan

Scan options disabled: P2P

Objects scanned: 205465

Time elapsed: 5 minute(s), 56 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Windows\Installer\{ea862fa9-f025-6ac5-ef9f-2a8a40c50e2a}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.

(end)

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Uaer at 7:21:45 on 2012-06-14

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.1978 [GMT -5:00]

.

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\vcsFPService.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\DigitalPersona\Bin\DpHostW.exe

C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\DigitalPersona\Bin\DPAgent.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\ping.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\ping.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie9

uWindow Title = Windows Internet Explorer provided by Yahoo!

uInternet Settings,ProxyOverride = *.local

mURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll

mWinlogon: Userinit=userinit.exe,

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

LSP: mswsock.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{B2A6045F-9471-454E-88AD-DB6FE49515C3} : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{B2A6045F-9471-454E-88AD-DB6FE49515C3}\2375942554335343 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{B2A6045F-9471-454E-88AD-DB6FE49515C3}\7796C6B696E637F6E6775626 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{B2A6045F-9471-454E-88AD-DB6FE49515C3}\C496D65644565627D27657563747 : DhcpNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{B2A6045F-9471-454E-88AD-DB6FE49515C3}\C696E6B6379737 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{B2A6045F-9471-454E-88AD-DB6FE49515C3}\E4544574541425 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{B2A6045F-9471-454E-88AD-DB6FE49515C3}\F4E697874596765627D27657563747 : DhcpNameServer = 192.168.33.1 68.87.69.150 68.87.85.102

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

LSA: Notification Packages = DPPassFilter scecli

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-18 169312]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-12-8 89600]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-6-7 408576]

R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-9-17 92216]

R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]

R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-9-28 26680]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-11 654408]

R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-8 2533400]

R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-2-23 1799472]

R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2010-6-7 911872]

R3 bpenum;bpenum;C:\Windows\system32\DRIVERS\bpenum.sys --> C:\Windows\system32\DRIVERS\bpenum.sys [?]

R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\system32\DRIVERS\bpmp.sys --> C:\Windows\system32\DRIVERS\bpmp.sys [?]

R3 bpusb;bpusb;C:\Windows\system32\Drivers\bpusb.sys --> C:\Windows\system32\Drivers\bpusb.sys [?]

R3 clwvd;HP Webcam Splitter;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]

R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-7-19 340240]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-10 4925184]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

.

=============== Created Last 30 ================

.

2012-06-13 21:41:14 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-06-13 21:41:14 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-06-13 21:41:14 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-06-13 21:41:07 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-06-13 21:41:06 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-06-13 21:41:03 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-06-13 21:41:03 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-06-13 21:41:02 3146752 ----a-w- C:\Windows\System32\win32k.sys

2012-06-13 21:41:01 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-06-13 21:41:00 3216384 ----a-w- C:\Windows\System32\msi.dll

2012-06-13 21:40:58 2342400 ----a-w- C:\Windows\SysWow64\msi.dll

2012-06-13 21:40:49 1462272 ----a-w- C:\Windows\System32\crypt32.dll

2012-06-13 21:40:46 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-06-13 21:40:46 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-06-13 21:40:45 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-06-13 21:40:43 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-06-13 21:40:43 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-06-04 20:10:38 -------- d-----w- C:\Users\Uaer\AppData\Roaming\Malwarebytes

2012-06-04 20:10:30 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-06-04 20:10:30 -------- d-----w- C:\ProgramData\Malwarebytes

2012-06-04 20:10:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-06-04 19:29:28 -------- d-----w- C:\Program Files (x86)\PC Tools

2012-06-04 19:26:25 251528 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys

2012-06-04 19:26:25 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools

2012-06-04 19:26:11 -------- d-----w- C:\Users\Uaer\AppData\Roaming\TestApp

2012-06-04 19:26:11 -------- d-----w- C:\ProgramData\PC Tools

2012-06-03 08:37:11 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

2012-06-01 18:41:14 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3FD9D818-A7BF-46A2-BF5F-E6B35DCB3A2C}\mpengine.dll

2012-05-22 22:24:59 -------- d-----w- C:\Users\Uaer\AppData\Local\{653DCA55-3742-455F-9043-5977A17CD3AF}

2012-05-22 22:24:38 -------- d-----w- C:\Users\Uaer\AppData\Local\{F7030DBA-54B8-436B-B43C-12294AC855C6}

2012-05-21 06:22:52 -------- d-----w- C:\Users\Uaer\AppData\Roaming\ooVoo Details

2012-05-21 06:22:38 -------- d-----w- C:\Users\Uaer\AppData\Local\APN

2012-05-19 07:03:26 -------- d-----w- C:\Users\Uaer\AppData\Local\{717EA981-04F1-4667-B71B-5B706D94E967}

2012-05-15 20:21:15 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2012-05-15 20:21:15 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2012-05-15 20:21:15 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2012-05-15 20:21:15 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2012-05-15 20:21:15 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2012-05-15 20:21:15 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2012-05-15 20:21:15 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll

.

==================== Find3M ====================

.

2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-04-19 01:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2012-04-19 01:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-03-17 07:58:57 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys

.

============= FINISH: 7:23:16.00 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 3/2/2011 10:03:27 PM

System Uptime: 6/14/2012 6:31:20 AM (1 hours ago)

.

Motherboard: Hewlett-Packard | | 144C

Processor: Intel® Core i3 CPU M 350 @ 2.27GHz | CPU | 2266/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 437 GiB total, 358.892 GiB free.

D: is FIXED (NTFS) - 28 GiB total, 4.131 GiB free.

E: is CDROM (UDF)

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP164: 6/11/2012 8:40:06 PM - Removed Blio

RP165: 6/11/2012 8:45:30 PM - Removed ooVoo

RP166: 6/12/2012 4:03:21 AM - Removed Adobe Shockwave Player 11.5.

RP167: 6/12/2012 4:07:41 AM - Removed InstallIQ Updater

RP168: 6/12/2012 4:08:29 AM - Removed Adobe Reader X (10.1.3).

RP169: 6/12/2012 4:08:50 AM - Removed Adobe Reader X (10.1.3).

RP170: 6/14/2012 6:12:58 AM - Windows Update

.

==== Installed Programs ======================

.

ActiveCheck component for HP Active Support Library

Adobe Community Help

Adobe Photoshop Elements 8.0

Adobe Photoshop.com Inspiration Browser

Adobe Reader X (10.1.3)

Agatha Christie - Peril at End House

Apple Application Support

Apple Software Update

Bejeweled 2 Deluxe

Bejeweled 3

Bing Rewards Client Installer

Blackhawk Striker 2

Blasterball 3

Bounce Symphony

Build-a-lot 2

Cake Mania

Chuzzle Deluxe

CyberLink DVD Suite

D3DX10

Diner Dash 2 Restaurant Rescue

Dora's World Adventure

DVD Menu Pack for HP MediaSmart Video

Energy Star Digital Logo

Escape Rosecliff Island

ESU for Microsoft Windows 7

Farm Frenzy

FATE

Fences Pro

Final Drive Nitro

Heroes of Hellas 2 - Olympia

HP CloudDrive

HP Customer Experience Enhancements

HP Documentation

HP DVB-T TV Tuner 8.0.64.43

HP Game Console

HP Games

HP MediaSmart DVD

HP MediaSmart Music

HP MediaSmart Photo

HP MediaSmart Video

HP MediaSmart Webcam

HP MediaSmart/TouchSmart Netflix

HP MovieStore

HP Photo Creations

HP Power Manager

HP Quick Launch

HP Setup

HP Setup Manager

HP Software Framework

HP Support Assistant

HPAsset component for HP Active Support Library

IDT Audio

Intel® Graphics Media Accelerator Driver

Intel® Management Engine Components

Intel® Rapid Storage Technology

Java Auto Updater

Java 6 Update 21

Jewel Quest Solitaire 2

Junk Mail filter update

LabelPrint

LightScribe System Software

Malwarebytes Anti-Malware version 1.61.0.1400

Microsoft Default Manager

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft WSE 3.0 Runtime

Movie Theme Pack for HP MediaSmart Video

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Mystery P.I. - The London Caper

Penguins!

PhotoNow!

PictureMover

Plants vs. Zombies

PlayReady PC Runtime x86

Poker Superstars III

Polar Bowler

Polar Golfer

Power2Go

PowerDirector

QuickTime

Realtek Ethernet Controller Driver For Windows 7

Realtek USB 2.0 Card Reader

Recovery Manager

RoxioNow Player

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Virtual Families

Virtual Villagers 4 - The Tree of Life

Wheel of Fortune 2

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Yahoo! Software Update

Yahoo! Toolbar

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

6/9/2012 4:12:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

6/9/2012 4:12:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

6/9/2012 4:12:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

6/9/2012 4:12:20 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21

6/9/2012 4:12:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

6/9/2012 4:12:06 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr Wanarpv6

6/9/2012 4:12:03 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.

6/9/2012 4:12:01 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

6/8/2012 1:12:43 AM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.

6/7/2012 2:00:10 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

6/14/2012 6:32:52 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

6/14/2012 6:32:52 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

6/14/2012 6:32:48 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

6/12/2012 2:22:21 AM, Error: Microsoft-Windows-Bits-Client [16398] - A new BITS job could not be created. The current job count for the user Uaer-HP\Uaer (60) is equal to or greater than the job limit (60) specified through group policy. To correct the problem, complete or cancel the BITS jobs that haven't made progress by looking at the error, and restart the BITS service. If this error recurs, contact your system administrator and increate the per-user and per-computer Group Policy job limits.

6/11/2012 10:10:35 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

.

==== End Of File ===========================

MrCharlie · June 14, 2012

LSP: mswsock.dll <--------This entry in your log indicates.......

Your computer is infected with a nasty rootkit. Please read the following information first.

You're infected with Rootkit.ZeroAccess, a BackDoor Trojan.

BACKDOOR WARNING

------------------------------

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

http://www.dslreports.com/faq/10451

When Should I Format, How Should I Reinstall

http://www.dslreports.com/faq/10063

I will try my best to clean this machine but I can't guarantee that it will be 100% secure afterwards and......

There's a possibility that you'll lose your internet connections which I may not be able to correct and will require a repair install.
There's also a possibility that during the cleaning procedure the computer will become unusable (won't boot) which will result in a repair install or complete format and install.
I strongly suggest you back up all of the important items on the system before we continue.
Sometimes these infections can only be removed by a format and reinstall of the OS.

Please let me know you have read this and agree to it.

Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

---------------------------------------

Please make sure system restore is running and create a new restore point before continuing.

XP <===> Vista & W7

XP users > please back up the registry using ERUNT.

-----------------------------------------

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

wilkinsonsw · June 14, 2012

I understand and agree to your warnings.

09:30:51.0874 1764 TDSS rootkit removing tool 2.7.39.0 Jun 14 2012 08:11:46

09:30:52.0295 1764 ============================================================

09:30:52.0295 1764 Current date / time: 2012/06/14 09:30:52.0295

09:30:52.0295 1764 SystemInfo:

09:30:52.0295 1764

09:30:52.0295 1764 OS Version: 6.1.7601 ServicePack: 1.0

09:30:52.0295 1764 Product type: Workstation

09:30:52.0295 1764 ComputerName: UAER-HP

09:30:52.0295 1764 UserName: Uaer

09:30:52.0295 1764 Windows directory: C:\Windows

09:30:52.0295 1764 System windows directory: C:\Windows

09:30:52.0295 1764 Running under WOW64

09:30:52.0295 1764 Processor architecture: Intel x64

09:30:52.0295 1764 Number of processors: 4

09:30:52.0295 1764 Page size: 0x1000

09:30:52.0295 1764 Boot type: Normal boot

09:30:52.0295 1764 ============================================================

09:30:53.0060 1764 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

09:30:53.0060 1764 ============================================================

09:30:53.0060 1764 \Device\Harddisk0\DR0:

09:30:53.0060 1764 MBR partitions:

09:30:53.0060 1764 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800

09:30:53.0060 1764 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x36A9D800

09:30:53.0060 1764 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x36B01800, BlocksNum 0x3850800

09:30:53.0060 1764 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830

09:30:53.0060 1764 ============================================================

09:30:53.0107 1764 C: <-> \Device\Harddisk0\DR0\Partition1

09:30:53.0762 1764 D: <-> \Device\Harddisk0\DR0\Partition2

09:30:53.0762 1764 ============================================================

09:30:53.0762 1764 Initialize success

09:30:53.0762 1764 ============================================================

09:31:40.0408 1860 ============================================================

09:31:40.0408 1860 Scan started

09:31:40.0408 1860 Mode: Manual; SigCheck; TDLFS;

09:31:40.0408 1860 ============================================================

09:31:49.0737 1860 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

09:31:49.0924 1860 1394ohci - ok

09:31:50.0080 1860 Accelerometer (5aa055fe5ae506e19e9a8f537756ee10) C:\Windows\system32\DRIVERS\Accelerometer.sys

09:31:50.0095 1860 Accelerometer - ok

09:31:50.0314 1860 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

09:31:50.0345 1860 ACPI - ok

09:31:50.0376 1860 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

09:31:50.0439 1860 AcpiPmi - ok

09:31:50.0907 1860 AdobeActiveFileMonitor8.0 (765fe0463e711e5a68ac7b69538ed922) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

09:31:50.0922 1860 AdobeActiveFileMonitor8.0 - ok

09:31:51.0203 1860 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

09:31:51.0219 1860 AdobeARMservice - ok

09:31:51.0515 1860 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

09:31:51.0546 1860 adp94xx - ok

09:31:51.0624 1860 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

09:31:51.0655 1860 adpahci - ok

09:31:51.0967 1860 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

09:31:52.0014 1860 adpu320 - ok

09:31:52.0170 1860 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

09:31:52.0389 1860 AeLookupSvc - ok

09:31:52.0950 1860 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe

09:31:53.0028 1860 AESTFilters - ok

09:31:53.0559 1860 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

09:31:53.0637 1860 AFD - ok

09:31:53.0683 1860 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

09:31:53.0699 1860 agp440 - ok

09:31:53.0871 1860 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

09:31:53.0964 1860 ALG - ok

09:31:54.0042 1860 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

09:31:54.0042 1860 aliide - ok

09:31:54.0183 1860 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

09:31:54.0183 1860 amdide - ok

09:31:54.0432 1860 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

09:31:54.0526 1860 AmdK8 - ok

09:31:54.0619 1860 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

09:31:54.0760 1860 AmdPPM - ok

09:31:54.0822 1860 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

09:31:54.0853 1860 amdsata - ok

09:31:54.0916 1860 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

09:31:54.0931 1860 amdsbs - ok

09:31:55.0025 1860 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

09:31:55.0041 1860 amdxata - ok

09:31:55.0228 1860 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

09:31:55.0945 1860 AppID - ok

09:31:55.0977 1860 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

09:31:56.0070 1860 AppIDSvc - ok

09:31:56.0336 1860 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

09:31:56.0445 1860 Appinfo - ok

09:31:56.0960 1860 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

09:31:56.0991 1860 Apple Mobile Device - ok

09:31:57.0069 1860 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

09:31:57.0084 1860 arc - ok

09:31:57.0116 1860 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

09:31:57.0131 1860 arcsas - ok

09:31:57.0240 1860 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

09:31:57.0350 1860 AsyncMac - ok

09:31:57.0490 1860 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

09:31:57.0521 1860 atapi - ok

09:31:58.0036 1860 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

09:31:58.0130 1860 AudioEndpointBuilder - ok

09:31:58.0130 1860 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

09:31:58.0192 1860 AudioSrv - ok

09:31:58.0473 1860 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

09:31:58.0598 1860 AxInstSV - ok

09:31:59.0034 1860 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

09:31:59.0128 1860 b06bdrv - ok

09:31:59.0471 1860 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

09:31:59.0534 1860 b57nd60a - ok

09:31:59.0580 1860 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

09:31:59.0627 1860 BDESVC - ok

09:31:59.0658 1860 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

09:31:59.0736 1860 Beep - ok

09:32:00.0173 1860 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

09:32:00.0267 1860 BITS - ok

09:32:00.0407 1860 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

09:32:00.0438 1860 blbdrive - ok

09:32:00.0641 1860 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

09:32:00.0657 1860 Bonjour Service - ok

09:32:00.0735 1860 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

09:32:00.0984 1860 bowser - ok

09:32:01.0125 1860 bpenum (f46dd257fad7d2d097ef32e72220a06c) C:\Windows\system32\DRIVERS\bpenum.sys

09:32:01.0203 1860 bpenum - ok

09:32:01.0296 1860 bpmp (e82060aed0f28ed8909f2b07fa276185) C:\Windows\system32\DRIVERS\bpmp.sys

09:32:01.0328 1860 bpmp - ok

09:32:01.0359 1860 bpusb (fc6313a5a45c1ae53d0491f0057d5a4d) C:\Windows\system32\Drivers\bpusb.sys

09:32:01.0421 1860 bpusb - ok

09:32:01.0577 1860 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

09:32:01.0655 1860 BrFiltLo - ok

09:32:01.0686 1860 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

09:32:01.0718 1860 BrFiltUp - ok

09:32:01.0936 1860 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

09:32:01.0998 1860 Browser - ok

09:32:02.0045 1860 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

09:32:02.0201 1860 Brserid - ok

09:32:02.0357 1860 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

09:32:02.0388 1860 BrSerWdm - ok

09:32:02.0466 1860 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

09:32:02.0513 1860 BrUsbMdm - ok

09:32:02.0529 1860 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

09:32:02.0607 1860 BrUsbSer - ok

09:32:02.0794 1860 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

09:32:02.0872 1860 BTHMODEM - ok

09:32:03.0059 1860 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

09:32:03.0184 1860 bthserv - ok

09:32:03.0324 1860 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

09:32:03.0387 1860 cdfs - ok

09:32:03.0761 1860 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

09:32:03.0902 1860 cdrom - ok

09:32:04.0089 1860 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

09:32:04.0214 1860 CertPropSvc - ok

09:32:04.0370 1860 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

09:32:04.0401 1860 circlass - ok

09:32:04.0978 1860 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

09:32:05.0009 1860 CLFS - ok

09:32:05.0165 1860 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:32:05.0212 1860 clr_optimization_v2.0.50727_32 - ok

09:32:05.0555 1860 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

09:32:05.0602 1860 clr_optimization_v2.0.50727_64 - ok

09:32:06.0054 1860 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

09:32:06.0101 1860 clr_optimization_v4.0.30319_32 - ok

09:32:06.0257 1860 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

09:32:06.0273 1860 clr_optimization_v4.0.30319_64 - ok

09:32:06.0335 1860 clwvd (d68d9f4d53010b7e84d4e80a2e485554) C:\Windows\system32\DRIVERS\clwvd.sys

09:32:06.0351 1860 clwvd - ok

09:32:06.0538 1860 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

09:32:06.0600 1860 CmBatt - ok

09:32:06.0678 1860 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

09:32:06.0710 1860 cmdide - ok

09:32:06.0881 1860 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

09:32:06.0959 1860 CNG - ok

09:32:07.0115 1860 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

09:32:07.0178 1860 Compbatt - ok

09:32:07.0380 1860 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

09:32:07.0427 1860 CompositeBus - ok

09:32:07.0474 1860 COMSysApp - ok

09:32:07.0568 1860 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

09:32:07.0599 1860 crcdisk - ok

09:32:08.0160 1860 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll

09:32:08.0285 1860 CryptSvc - ok

09:32:08.0816 1860 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

09:32:08.0878 1860 cvhsvc - ok

09:32:09.0440 1860 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

09:32:09.0518 1860 DcomLaunch - ok

09:32:10.0079 1860 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

09:32:10.0188 1860 defragsvc - ok

09:32:10.0578 1860 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

09:32:10.0703 1860 DfsC - ok

09:32:11.0140 1860 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

09:32:11.0218 1860 Dhcp - ok

09:32:11.0343 1860 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

09:32:11.0421 1860 discache - ok

09:32:11.0561 1860 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

09:32:11.0592 1860 Disk - ok

09:32:12.0076 1860 DMAgent (61458c120cddfe7514e2db125568ca59) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

09:32:12.0123 1860 DMAgent ( UnsignedFile.Multi.Generic ) - warning

09:32:12.0123 1860 DMAgent - detected UnsignedFile.Multi.Generic (1)

09:32:12.0513 1860 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

09:32:12.0669 1860 Dnscache - ok

09:32:12.0918 1860 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

09:32:13.0059 1860 dot3svc - ok

09:32:13.0215 1860 DpHost (eac9d9868d37c8785d12475a9bb65a11) C:\Program Files\DigitalPersona\Bin\DpHostW.exe

09:32:13.0230 1860 DpHost - ok

09:32:13.0652 1860 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

09:32:13.0776 1860 DPS - ok

09:32:13.0854 1860 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

09:32:13.0886 1860 drmkaud - ok

09:32:14.0307 1860 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

09:32:14.0369 1860 DXGKrnl - ok

09:32:14.0634 1860 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

09:32:14.0806 1860 EapHost - ok

09:32:16.0101 1860 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

09:32:16.0226 1860 ebdrv - ok

09:32:16.0678 1860 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

09:32:16.0740 1860 EFS - ok

09:32:17.0224 1860 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

09:32:17.0318 1860 ehRecvr - ok

09:32:17.0520 1860 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

09:32:17.0552 1860 ehSched - ok

09:32:17.0770 1860 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

09:32:17.0817 1860 elxstor - ok

09:32:17.0864 1860 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

09:32:17.0895 1860 ErrDev - ok

09:32:18.0066 1860 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

09:32:18.0144 1860 EventSystem - ok

09:32:18.0472 1860 EvtEng (bdfcb7e8c108d042b213957d2b044e7e) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

09:32:18.0503 1860 EvtEng - ok

09:32:19.0174 1860 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

09:32:19.0236 1860 exfat - ok

09:32:19.0611 1860 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

09:32:19.0673 1860 fastfat - ok

09:32:19.0970 1860 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

09:32:20.0079 1860 Fax - ok

09:32:20.0141 1860 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

09:32:20.0188 1860 fdc - ok

09:32:20.0297 1860 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

09:32:20.0360 1860 fdPHost - ok

09:32:20.0406 1860 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

09:32:20.0484 1860 FDResPub - ok

09:32:20.0687 1860 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

09:32:20.0718 1860 FileInfo - ok

09:32:20.0781 1860 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

09:32:20.0859 1860 Filetrace - ok

09:32:21.0405 1860 FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

09:32:21.0467 1860 FLEXnet Licensing Service - ok

09:32:21.0514 1860 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

09:32:21.0530 1860 flpydisk - ok

09:32:21.0904 1860 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

09:32:21.0935 1860 FltMgr - ok

09:32:22.0341 1860 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

09:32:22.0403 1860 FontCache - ok

09:32:22.0668 1860 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

09:32:22.0668 1860 FontCache3.0.0.0 - ok

09:32:22.0918 1860 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

09:32:22.0934 1860 FsDepends - ok

09:32:22.0980 1860 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

09:32:22.0996 1860 Fs_Rec - ok

09:32:23.0043 1860 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

09:32:23.0074 1860 fvevol - ok

09:32:23.0230 1860 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

09:32:23.0261 1860 gagp30kx - ok

09:32:23.0838 1860 GameConsoleService (d154305de6090e6e84e525f84bb08a06) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

09:32:23.0870 1860 GameConsoleService - ok

09:32:23.0916 1860 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

09:32:23.0932 1860 GEARAspiWDM - ok

09:32:24.0681 1860 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

09:32:24.0790 1860 gpsvc - ok

09:32:24.0962 1860 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

09:32:25.0040 1860 hcw85cir - ok

09:32:25.0336 1860 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

09:32:25.0367 1860 HdAudAddService - ok

09:32:25.0617 1860 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

09:32:25.0866 1860 HDAudBus - ok

09:32:25.0944 1860 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

09:32:25.0960 1860 HECIx64 - ok

09:32:26.0007 1860 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

09:32:26.0022 1860 HidBatt - ok

09:32:26.0147 1860 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

09:32:26.0210 1860 HidBth - ok

09:32:26.0288 1860 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

09:32:26.0319 1860 HidIr - ok

09:32:26.0381 1860 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

09:32:26.0444 1860 hidserv - ok

09:32:26.0600 1860 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys

09:32:26.0631 1860 HidUsb - ok

09:32:26.0678 1860 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

09:32:26.0740 1860 hkmsvc - ok

09:32:26.0958 1860 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

09:32:27.0005 1860 HomeGroupListener - ok

09:32:27.0068 1860 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

09:32:27.0114 1860 HomeGroupProvider - ok

09:32:27.0473 1860 HP Health Check Service (37965381364b2e106e1dd7d74cdcaa43) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

09:32:27.0489 1860 HP Health Check Service - ok

09:32:27.0723 1860 HP Wireless Assistant Service (c930128c8f8ff03d8f8c42b570920d56) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

09:32:27.0754 1860 HP Wireless Assistant Service - ok

09:32:28.0050 1860 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

09:32:28.0082 1860 HPClientSvc - ok

09:32:28.0144 1860 HPDrvMntSvc.exe (f323230c391771611bbe9363b88c3e3e) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

09:32:28.0160 1860 HPDrvMntSvc.exe - ok

09:32:28.0253 1860 hpdskflt (0ac88fbe4bf315f5f8fd862426c11540) C:\Windows\system32\DRIVERS\hpdskflt.sys

09:32:28.0253 1860 hpdskflt - ok

09:32:28.0862 1860 hpqwmiex (5311386f0ec157d155bb07a1d420fb4d) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

09:32:28.0908 1860 hpqwmiex - ok

09:32:28.0986 1860 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

09:32:29.0002 1860 HpSAMD - ok

09:32:29.0049 1860 hpsrv (778ce2c015dec896c5c9323342bd71d4) C:\Windows\system32\Hpservice.exe

09:32:29.0096 1860 hpsrv - ok

09:32:29.0267 1860 HPWMISVC (854197d1270d20193fe2d4b14784aade) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

09:32:29.0345 1860 HPWMISVC - ok

09:32:29.0470 1860 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

09:32:29.0564 1860 HTTP - ok

09:32:29.0610 1860 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

09:32:29.0610 1860 hwpolicy - ok

09:32:29.0813 1860 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

09:32:29.0860 1860 i8042prt - ok

09:32:30.0344 1860 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys

09:32:30.0359 1860 iaStor - ok

09:32:30.0437 1860 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

09:32:30.0484 1860 iaStorV - ok

09:32:31.0046 1860 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

09:32:31.0092 1860 idsvc - ok

09:32:35.0773 1860 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys

09:32:36.0117 1860 igfx - ok

09:32:36.0507 1860 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

09:32:36.0522 1860 iirsp - ok

09:32:36.0943 1860 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

09:32:37.0037 1860 IKEEXT - ok

09:32:37.0302 1860 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys

09:32:37.0443 1860 Impcd - ok

09:32:37.0567 1860 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys

09:32:37.0692 1860 IntcDAud - ok

09:32:37.0755 1860 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

09:32:37.0770 1860 intelide - ok

09:32:37.0864 1860 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

09:32:37.0942 1860 intelppm - ok

09:32:37.0989 1860 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

09:32:38.0067 1860 IPBusEnum - ok

09:32:38.0254 1860 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

09:32:38.0394 1860 IpFilterDriver - ok

09:32:38.0441 1860 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

09:32:38.0472 1860 IPMIDRV - ok

09:32:38.0706 1860 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

09:32:38.0831 1860 IPNAT - ok

09:32:39.0330 1860 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

09:32:39.0361 1860 iPod Service - ok

09:32:39.0377 1860 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

09:32:39.0642 1860 IRENUM - ok

09:32:39.0689 1860 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

09:32:39.0705 1860 isapnp - ok

09:32:39.0751 1860 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

09:32:39.0798 1860 iScsiPrt - ok

09:32:39.0954 1860 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

09:32:39.0985 1860 kbdclass - ok

09:32:40.0095 1860 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

09:32:40.0126 1860 kbdhid - ok

09:32:40.0313 1860 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:32:40.0329 1860 KeyIso - ok

09:32:40.0360 1860 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

09:32:40.0375 1860 KSecDD - ok

09:32:40.0407 1860 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

09:32:40.0438 1860 KSecPkg - ok

09:32:40.0469 1860 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

09:32:40.0547 1860 ksthunk - ok

09:32:41.0015 1860 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

09:32:41.0077 1860 KtmRm - ok

09:32:41.0155 1860 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

09:32:41.0218 1860 LanmanServer - ok

09:32:41.0421 1860 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

09:32:41.0530 1860 LanmanWorkstation - ok

09:32:41.0639 1860 LightScribeService (fcbdcc6f1801e32244235608e1277752) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

09:32:41.0748 1860 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

09:32:41.0748 1860 LightScribeService - detected UnsignedFile.Multi.Generic (1)

09:32:41.0982 1860 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

09:32:42.0045 1860 lltdio - ok

09:32:42.0247 1860 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

09:32:42.0310 1860 lltdsvc - ok

09:32:42.0372 1860 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

09:32:42.0419 1860 lmhosts - ok

09:32:42.0918 1860 LMS (6d515466ab8bfe61184092b635ae6eb4) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

09:32:42.0949 1860 LMS - ok

09:32:42.0981 1860 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

09:32:42.0996 1860 LSI_FC - ok

09:32:43.0027 1860 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

09:32:43.0043 1860 LSI_SAS - ok

09:32:43.0215 1860 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

09:32:43.0261 1860 LSI_SAS2 - ok

09:32:43.0511 1860 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

09:32:43.0651 1860 LSI_SCSI - ok

09:32:43.0839 1860 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

09:32:43.0901 1860 luafv - ok

09:32:44.0135 1860 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

09:32:44.0151 1860 MBAMProtector - ok

09:32:44.0400 1860 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

09:32:44.0447 1860 MBAMService - ok

09:32:44.0509 1860 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

09:32:44.0541 1860 Mcx2Svc - ok

09:32:44.0587 1860 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

09:32:44.0603 1860 megasas - ok

09:32:44.0853 1860 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

09:32:44.0884 1860 MegaSR - ok

09:32:44.0993 1860 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

09:32:45.0180 1860 MMCSS - ok

09:32:45.0305 1860 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

09:32:45.0383 1860 Modem - ok

09:32:45.0477 1860 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

09:32:45.0601 1860 monitor - ok

09:32:45.0711 1860 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

09:32:45.0726 1860 mouclass - ok

09:32:45.0789 1860 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

09:32:45.0820 1860 mouhid - ok

09:32:46.0054 1860 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

09:32:46.0085 1860 mountmgr - ok

09:32:46.0147 1860 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

09:32:46.0163 1860 mpio - ok

09:32:46.0257 1860 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

09:32:46.0319 1860 mpsdrv - ok

09:32:46.0553 1860 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

09:32:46.0615 1860 MRxDAV - ok

09:32:46.0678 1860 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

09:32:46.0725 1860 mrxsmb - ok

09:32:47.0224 1860 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

09:32:47.0271 1860 mrxsmb10 - ok

09:32:47.0473 1860 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

09:32:47.0551 1860 mrxsmb20 - ok

09:32:47.0692 1860 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

09:32:47.0707 1860 msahci - ok

09:32:47.0926 1860 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

09:32:47.0941 1860 msdsm - ok

09:32:47.0973 1860 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

09:32:48.0019 1860 MSDTC - ok

09:32:48.0066 1860 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

09:32:48.0113 1860 Msfs - ok

09:32:48.0253 1860 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

09:32:48.0316 1860 mshidkmdf - ok

09:32:48.0363 1860 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

09:32:48.0394 1860 msisadrv - ok

09:32:48.0456 1860 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

09:32:48.0519 1860 MSiSCSI - ok

09:32:48.0519 1860 msiserver - ok

09:32:48.0597 1860 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

09:32:48.0675 1860 MSKSSRV - ok

09:32:48.0706 1860 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

09:32:48.0831 1860 MSPCLOCK - ok

09:32:48.0877 1860 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

09:32:48.0924 1860 MSPQM - ok

09:32:48.0987 1860 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

09:32:49.0018 1860 MsRPC - ok

09:32:49.0049 1860 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

09:32:49.0065 1860 mssmbios - ok

09:32:49.0111 1860 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

09:32:49.0174 1860 MSTEE - ok

09:32:49.0221 1860 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

09:32:49.0236 1860 MTConfig - ok

09:32:49.0361 1860 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

09:32:49.0455 1860 Mup - ok

09:32:50.0125 1860 MyWiFiDHCPDNS (93cd1c4ecb8658a35e5e6eba02d43e4f) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

09:32:50.0157 1860 MyWiFiDHCPDNS - ok

09:32:50.0219 1860 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

09:32:50.0297 1860 napagent - ok

09:32:50.0749 1860 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

09:32:50.0796 1860 NativeWifiP - ok

09:32:51.0093 1860 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

09:32:51.0186 1860 NDIS - ok

09:32:51.0405 1860 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

09:32:51.0483 1860 NdisCap - ok

09:32:51.0592 1860 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

09:32:51.0654 1860 NdisTapi - ok

09:32:51.0826 1860 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

09:32:51.0919 1860 Ndisuio - ok

09:32:52.0341 1860 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

09:32:52.0434 1860 NdisWan - ok

09:32:52.0465 1860 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

09:32:52.0512 1860 NDProxy - ok

09:32:52.0575 1860 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

09:32:52.0621 1860 NetBIOS - ok

09:32:52.0809 1860 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

09:32:52.0871 1860 NetBT - ok

09:32:52.0918 1860 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:32:52.0933 1860 Netlogon - ok

09:32:53.0199 1860 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

09:32:53.0277 1860 Netman - ok

09:32:53.0745 1860 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

09:32:53.0838 1860 netprofm - ok

09:32:54.0150 1860 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

09:32:54.0181 1860 NetTcpPortSharing - ok

09:32:56.0599 1860 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys

09:32:56.0802 1860 netw5v64 - ok

09:32:58.0518 1860 NETwNs64 (eb43840babf5589e33186d094de7381d) C:\Windows\system32\DRIVERS\NETwNs64.sys

09:32:58.0799 1860 NETwNs64 - ok

09:32:59.0236 1860 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

09:32:59.0251 1860 nfrd960 - ok

09:32:59.0751 1860 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

09:32:59.0813 1860 NlaSvc - ok

09:32:59.0938 1860 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

09:32:59.0985 1860 Npfs - ok

09:33:00.0125 1860 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

09:33:00.0265 1860 nsi - ok

09:33:00.0375 1860 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

09:33:00.0437 1860 nsiproxy - ok

09:33:00.0999 1860 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

09:33:01.0092 1860 Ntfs - ok

09:33:01.0591 1860 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

09:33:01.0623 1860 Null - ok

09:33:01.0966 1860 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

09:33:02.0013 1860 nvraid - ok

09:33:02.0403 1860 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

09:33:02.0481 1860 nvstor - ok

09:33:02.0699 1860 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

09:33:02.0715 1860 nv_agp - ok

09:33:02.0761 1860 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

09:33:02.0777 1860 ohci1394 - ok

09:33:03.0120 1860 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:33:03.0183 1860 ose - ok

09:33:05.0569 1860 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

09:33:05.0757 1860 osppsvc - ok

09:33:06.0396 1860 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

09:33:06.0459 1860 p2pimsvc - ok

09:33:06.0505 1860 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

09:33:06.0537 1860 p2psvc - ok

09:33:06.0927 1860 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

09:33:06.0973 1860 Parport - ok

09:33:07.0098 1860 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

09:33:07.0145 1860 partmgr - ok

09:33:07.0426 1860 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

09:33:07.0566 1860 PcaSvc - ok

09:33:07.0753 1860 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

09:33:07.0785 1860 pci - ok

09:33:07.0800 1860 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

09:33:07.0816 1860 pciide - ok

09:33:07.0878 1860 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

09:33:07.0909 1860 pcmcia - ok

09:33:08.0003 1860 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

09:33:08.0034 1860 pcw - ok

09:33:08.0362 1860 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

09:33:08.0455 1860 PEAUTH - ok

09:33:09.0423 1860 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

09:33:09.0454 1860 PerfHost - ok

09:33:12.0605 1860 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

09:33:12.0745 1860 pla - ok

09:33:13.0837 1860 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

09:33:13.0962 1860 PlugPlay - ok

09:33:14.0056 1860 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

09:33:14.0118 1860 PNRPAutoReg - ok

09:33:15.0304 1860 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

09:33:15.0335 1860 PNRPsvc - ok

09:33:16.0521 1860 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

09:33:16.0692 1860 PolicyAgent - ok

09:33:17.0067 1860 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

09:33:17.0285 1860 Power - ok

09:33:17.0753 1860 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

09:33:17.0909 1860 PptpMiniport - ok

09:33:18.0081 1860 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

09:33:18.0222 1860 Processor - ok

09:33:20.0032 1860 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll

09:33:20.0437 1860 ProfSvc - ok

09:33:20.0515 1860 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:33:20.0531 1860 ProtectedStorage - ok

09:33:20.0843 1860 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

09:33:20.0936 1860 Psched - ok

09:33:21.0217 1860 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys

09:33:21.0280 1860 PxHlpa64 - ok

09:33:23.0230 1860 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

09:33:23.0339 1860 ql2300 - ok

09:33:25.0351 1860 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

09:33:25.0398 1860 ql40xx - ok

09:33:25.0648 1860 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

09:33:25.0694 1860 QWAVE - ok

09:33:25.0772 1860 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

09:33:25.0788 1860 QWAVEdrv - ok

09:33:25.0850 1860 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

09:33:25.0960 1860 RasAcd - ok

09:33:26.0084 1860 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

09:33:26.0131 1860 RasAgileVpn - ok

09:33:26.0303 1860 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

09:33:26.0428 1860 RasAuto - ok

09:33:26.0786 1860 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

09:33:26.0974 1860 Rasl2tp - ok

09:33:27.0488 1860 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

09:33:27.0644 1860 RasMan - ok

09:33:27.0722 1860 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

09:33:27.0800 1860 RasPppoe - ok

09:33:27.0910 1860 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

09:33:28.0097 1860 RasSstp - ok

09:33:28.0440 1860 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

09:33:28.0549 1860 rdbss - ok

09:33:28.0721 1860 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

09:33:28.0752 1860 rdpbus - ok

09:33:28.0783 1860 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

09:33:28.0846 1860 RDPCDD - ok

09:33:28.0892 1860 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

09:33:29.0064 1860 RDPENCDD - ok

09:33:29.0095 1860 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

09:33:29.0126 1860 RDPREFMP - ok

09:33:29.0470 1860 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys

09:33:29.0563 1860 RDPWD - ok

09:33:29.0891 1860 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

09:33:29.0938 1860 rdyboost - ok

09:33:31.0201 1860 RegSrvc (a6baea839cc888d4961ab5fe16bb8c4a) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

09:33:31.0248 1860 RegSrvc - ok

09:33:31.0622 1860 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

09:33:31.0716 1860 RemoteAccess - ok

09:33:31.0903 1860 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

09:33:31.0950 1860 RemoteRegistry - ok

09:33:32.0512 1860 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

09:33:32.0621 1860 RimUsb - ok

09:33:34.0368 1860 RoxioNow Service (c1568e17039b2ec2b73a4f880ddd51e5) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

09:33:34.0430 1860 RoxioNow Service - ok

09:33:34.0540 1860 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

09:33:34.0664 1860 RpcEptMapper - ok

09:33:34.0820 1860 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

09:33:34.0883 1860 RpcLocator - ok

09:33:36.0365 1860 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

09:33:36.0412 1860 RpcSs - ok

09:33:36.0880 1860 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

09:33:36.0958 1860 rspndr - ok

09:33:37.0426 1860 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\Windows\system32\Drivers\RtsUStor.sys

09:33:37.0472 1860 RSUSBSTOR - ok

09:33:38.0596 1860 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys

09:33:38.0658 1860 RTL8167 - ok

09:33:38.0720 1860 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:33:38.0720 1860 SamSs - ok

09:33:39.0344 1860 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

09:33:39.0391 1860 sbp2port - ok

09:33:40.0015 1860 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

09:33:40.0109 1860 SCardSvr - ok

09:33:40.0296 1860 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

09:33:40.0374 1860 scfilter - ok

09:33:42.0792 1860 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

09:33:43.0010 1860 Schedule - ok

09:33:43.0260 1860 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

09:33:43.0307 1860 SCPolicySvc - ok

09:33:44.0087 1860 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

09:33:44.0134 1860 sdbus - ok

09:33:44.0664 1860 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

09:33:44.0914 1860 SDRSVC - ok

09:33:45.0116 1860 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

09:33:45.0257 1860 secdrv - ok

09:33:45.0428 1860 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

09:33:45.0569 1860 seclogon - ok

09:33:45.0818 1860 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

09:33:45.0928 1860 SENS - ok

09:33:46.0021 1860 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

09:33:46.0240 1860 SensrSvc - ok

09:33:46.0489 1860 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

09:33:46.0614 1860 Serenum - ok

09:33:46.0817 1860 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

09:33:46.0864 1860 Serial - ok

09:33:47.0113 1860 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

09:33:47.0144 1860 sermouse - ok

09:33:47.0363 1860 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

09:33:47.0472 1860 SessionEnv - ok

09:33:47.0550 1860 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

09:33:47.0644 1860 sffdisk - ok

09:33:47.0690 1860 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

09:33:47.0722 1860 sffp_mmc - ok

09:33:47.0753 1860 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

09:33:47.0800 1860 sffp_sd - ok

09:33:47.0893 1860 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

09:33:47.0956 1860 sfloppy - ok

09:33:48.0034 1860 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys

09:33:48.0080 1860 Sftfs - ok

09:33:48.0517 1860 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

09:33:48.0564 1860 sftlist - ok

09:33:48.0611 1860 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys

09:33:48.0642 1860 Sftplay - ok

09:33:48.0658 1860 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys

09:33:48.0673 1860 Sftredir - ok

09:33:48.0860 1860 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys

09:33:48.0876 1860 Sftvol - ok

09:33:49.0172 1860 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

09:33:49.0204 1860 sftvsa - ok

09:33:49.0266 1860 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

09:33:49.0328 1860 ShellHWDetection - ok

09:33:49.0453 1860 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

09:33:49.0500 1860 SiSRaid2 - ok

09:33:49.0640 1860 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

09:33:49.0672 1860 SiSRaid4 - ok

09:33:49.0734 1860 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

09:33:49.0812 1860 Smb - ok

09:33:49.0937 1860 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

09:33:49.0984 1860 SNMPTRAP - ok

09:33:50.0046 1860 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

09:33:50.0062 1860 spldr - ok

09:33:50.0233 1860 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

09:33:50.0311 1860 Spooler - ok

09:33:52.0059 1860 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

09:33:52.0215 1860 sppsvc - ok

09:33:53.0104 1860 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

09:33:53.0213 1860 sppuinotify - ok

09:33:53.0385 1860 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

09:33:53.0463 1860 srv - ok

09:33:53.0868 1860 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

09:33:53.0931 1860 srv2 - ok

09:33:54.0087 1860 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS

09:33:54.0133 1860 SrvHsfHDA - ok

09:33:54.0367 1860 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS

09:33:54.0445 1860 SrvHsfV92 - ok

09:33:55.0272 1860 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

09:33:55.0303 1860 SrvHsfWinac - ok

09:33:55.0350 1860 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

09:33:55.0397 1860 srvnet - ok

09:33:55.0740 1860 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

09:33:55.0818 1860 SSDPSRV - ok

09:33:56.0005 1860 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

09:33:56.0161 1860 SstpSvc - ok

09:33:56.0255 1860 STacSV (b00068ba94f5f306911b14b425aaeb56) C:\Program Files\IDT\WDM\STacSV64.exe

09:33:56.0286 1860 STacSV - ok

09:33:56.0317 1860 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

09:33:56.0333 1860 stexstor - ok

09:33:56.0879 1860 STHDA (da40d9c9ccb9836d6abd1706935a2277) C:\Windows\system32\DRIVERS\stwrt64.sys

09:33:56.0926 1860 STHDA - ok

09:33:57.0004 1860 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

09:33:57.0066 1860 stisvc - ok

09:33:57.0144 1860 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

09:33:57.0160 1860 swenum - ok

09:33:57.0425 1860 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

09:33:57.0503 1860 swprv - ok

09:33:58.0501 1860 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys

09:33:58.0579 1860 SynTP - ok

09:33:59.0484 1860 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

09:33:59.0578 1860 SysMain - ok

09:33:59.0983 1860 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

09:33:59.0999 1860 TabletInputService - ok

09:34:00.0030 1860 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

09:34:00.0108 1860 TapiSrv - ok

09:34:00.0202 1860 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

09:34:00.0295 1860 TBS - ok

09:34:01.0387 1860 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

09:34:01.0497 1860 Tcpip - ok

09:34:02.0901 1860 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

09:34:02.0963 1860 TCPIP6 - ok

09:34:03.0259 1860 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

09:34:03.0384 1860 tcpipreg - ok

09:34:03.0400 1860 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

09:34:03.0478 1860 TDPIPE - ok

09:34:03.0509 1860 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

09:34:03.0540 1860 TDTCP - ok

09:34:03.0571 1860 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

09:34:03.0634 1860 tdx - ok

09:34:03.0774 1860 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

09:34:03.0805 1860 TermDD - ok

09:34:03.0946 1860 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

09:34:04.0008 1860 TermService - ok

09:34:04.0117 1860 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

09:34:04.0180 1860 Themes - ok

09:34:04.0320 1860 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

09:34:04.0383 1860 THREADORDER - ok

09:34:04.0476 1860 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

09:34:04.0554 1860 TrkWks - ok

09:34:04.0851 1860 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

09:34:04.0929 1860 TrustedInstaller - ok

09:34:05.0022 1860 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

09:34:05.0241 1860 tssecsrv - ok

09:34:05.0319 1860 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

09:34:05.0365 1860 TsUsbFlt - ok

09:34:05.0755 1860 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

09:34:05.0833 1860 tunnel - ok

09:34:05.0880 1860 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

09:34:05.0896 1860 uagp35 - ok

09:34:06.0364 1860 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

09:34:06.0426 1860 udfs - ok

09:34:06.0520 1860 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

09:34:06.0645 1860 UI0Detect - ok

09:34:06.0738 1860 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

09:34:06.0754 1860 uliagpkx - ok

09:34:06.0816 1860 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

09:34:06.0832 1860 umbus - ok

09:34:06.0863 1860 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

09:34:06.0894 1860 UmPass - ok

09:34:07.0752 1860 UNS (0fadd949576a164b4e51e716f46b6c33) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

09:34:07.0861 1860 UNS - ok

09:34:08.0938 1860 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

09:34:09.0031 1860 upnphost - ok

09:34:09.0172 1860 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

09:34:09.0250 1860 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning

09:34:09.0250 1860 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)

09:34:09.0453 1860 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

09:34:09.0562 1860 usbccgp - ok

09:34:09.0624 1860 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

09:34:09.0640 1860 usbcir - ok

09:34:09.0671 1860 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

09:34:09.0702 1860 usbehci - ok

09:34:10.0170 1860 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

09:34:10.0233 1860 usbhub - ok

09:34:10.0264 1860 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

09:34:10.0295 1860 usbohci - ok

09:34:10.0404 1860 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

09:34:10.0545 1860 usbprint - ok

09:34:10.0591 1860 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

09:34:10.0623 1860 usbscan - ok

09:34:10.0810 1860 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

09:34:10.0872 1860 USBSTOR - ok

09:34:10.0919 1860 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

09:34:10.0981 1860 usbuhci - ok

09:34:11.0028 1860 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

09:34:11.0059 1860 usbvideo - ok

09:34:11.0075 1860 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

09:34:11.0153 1860 UxSms - ok

09:34:11.0325 1860 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:34:11.0340 1860 VaultSvc - ok

09:34:11.0855 1860 vcsFPService (2662f24c7aee2a32cebdec907a5366f1) C:\Windows\system32\vcsFPService.exe

09:34:11.0964 1860 vcsFPService - ok

09:34:12.0136 1860 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

09:34:12.0151 1860 vdrvroot - ok

09:34:12.0448 1860 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

09:34:12.0526 1860 vds - ok

09:34:12.0604 1860 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

09:34:12.0713 1860 vga - ok

09:34:12.0853 1860 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

09:34:12.0931 1860 VgaSave - ok

09:34:12.0994 1860 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

09:34:13.0009 1860 vhdmp - ok

09:34:13.0041 1860 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

09:34:13.0056 1860 viaide - ok

09:34:13.0165 1860 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

09:34:13.0228 1860 volmgr - ok

09:34:13.0306 1860 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

09:34:13.0337 1860 volmgrx - ok

09:34:13.0384 1860 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

09:34:13.0415 1860 volsnap - ok

09:34:13.0743 1860 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

09:34:13.0774 1860 vsmraid - ok

09:34:14.0741 1860 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

09:34:14.0850 1860 VSS - ok

09:34:15.0318 1860 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

09:34:15.0349 1860 vwifibus - ok

09:34:15.0396 1860 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

09:34:15.0490 1860 vwififlt - ok

09:34:15.0630 1860 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

09:34:15.0661 1860 vwifimp - ok

09:34:16.0239 1860 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

09:34:16.0301 1860 W32Time - ok

09:34:16.0410 1860 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

09:34:16.0441 1860 WacomPen - ok

09:34:16.0613 1860 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

09:34:16.0675 1860 WANARP - ok

09:34:16.0707 1860 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

09:34:16.0753 1860 Wanarpv6 - ok

09:34:17.0221 1860 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

09:34:17.0284 1860 WatAdminSvc - ok

09:34:17.0721 1860 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

09:34:17.0861 1860 wbengine - ok

09:34:18.0189 1860 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

09:34:18.0220 1860 WbioSrvc - ok

09:34:18.0641 1860 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

09:34:18.0688 1860 wcncsvc - ok

09:34:18.0735 1860 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

09:34:18.0781 1860 WcsPlugInService - ok

09:34:18.0813 1860 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

09:34:18.0828 1860 Wd - ok

09:34:19.0203 1860 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

09:34:19.0374 1860 Wdf01000 - ok

09:34:19.0530 1860 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

09:34:19.0639 1860 WdiServiceHost - ok

09:34:19.0655 1860 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

09:34:19.0686 1860 WdiSystemHost - ok

09:34:19.0967 1860 wdkmd (fe31110e39a0b11abae1ba43a2dc94f9) C:\Windows\system32\DRIVERS\WDKMD.sys

09:34:19.0983 1860 wdkmd - ok

09:34:20.0029 1860 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

09:34:20.0076 1860 WebClient - ok

09:34:20.0123 1860 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

09:34:20.0201 1860 Wecsvc - ok

09:34:20.0341 1860 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

09:34:20.0435 1860 wercplsupport - ok

09:34:20.0497 1860 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

09:34:20.0591 1860 WerSvc - ok

09:34:20.0716 1860 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

09:34:20.0778 1860 WfpLwf - ok

09:34:21.0277 1860 WiMAXAppSrv (8686e96e13f41ac9806a79ca8004feee) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

09:34:21.0293 1860 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - warning

09:34:21.0293 1860 WiMAXAppSrv - detected UnsignedFile.Multi.Generic (1)

09:34:21.0324 1860 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

09:34:21.0340 1860 WIMMount - ok

09:34:21.0355 1860 WinHttpAutoProxySvc - ok

09:34:21.0418 1860 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

09:34:21.0496 1860 Winmgmt - ok

09:34:21.0823 1860 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

09:34:22.0042 1860 WinRM - ok

09:34:22.0416 1860 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys

09:34:22.0572 1860 WinUSB - ok

09:34:23.0103 1860 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

09:34:23.0181 1860 Wlansvc - ok

09:34:23.0399 1860 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

09:34:23.0508 1860 wlidsvc - ok

09:34:23.0992 1860 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

09:34:24.0070 1860 WmiAcpi - ok

09:34:24.0366 1860 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

09:34:24.0397 1860 wmiApSrv - ok

09:34:24.0444 1860 WMPNetworkSvc - ok

09:34:24.0491 1860 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

09:34:24.0522 1860 WPCSvc - ok

09:34:24.0756 1860 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

cont on next post

wilkinsonsw · June 14, 2012

09:34:24.0912 1860 WPDBusEnum - ok

09:34:24.0943 1860 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

09:34:25.0006 1860 ws2ifsl - ok

09:34:25.0021 1860 WSearch - ok

09:34:26.0472 1860 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

09:34:26.0597 1860 wuauserv - ok

09:34:26.0971 1860 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

09:34:27.0034 1860 WudfPf - ok

09:34:27.0424 1860 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

09:34:27.0517 1860 WUDFRd - ok

09:34:27.0580 1860 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

09:34:27.0627 1860 wudfsvc - ok

09:34:27.0861 1860 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

09:34:27.0907 1860 WwanSvc - ok

09:34:28.0344 1860 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

09:34:28.0391 1860 YahooAUService - ok

09:34:28.0453 1860 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys

09:34:28.0516 1860 yukonw7 - ok

09:34:28.0641 1860 MBR (0x1B8) (7010c8f7ada1523924213c9281241520) \Device\Harddisk0\DR0

09:34:29.0811 1860 \Device\Harddisk0\DR0 - ok

09:34:29.0842 1860 Boot (0x1200) (6fab06b67d0dad5399bc88330e8b9291) \Device\Harddisk0\DR0\Partition0

09:34:29.0842 1860 \Device\Harddisk0\DR0\Partition0 - ok

09:34:29.0889 1860 Boot (0x1200) (4fd0ed3600c702f51638b0c9f7330619) \Device\Harddisk0\DR0\Partition1

09:34:29.0889 1860 \Device\Harddisk0\DR0\Partition1 - ok

09:34:29.0920 1860 Boot (0x1200) (fc806f0a8799f3c04377c1090547471d) \Device\Harddisk0\DR0\Partition2

09:34:29.0935 1860 \Device\Harddisk0\DR0\Partition2 - ok

09:34:29.0998 1860 Boot (0x1200) (8f88a2b073c9f000e4680358ad2af03e) \Device\Harddisk0\DR0\Partition3

09:34:30.0013 1860 \Device\Harddisk0\DR0\Partition3 - ok

09:34:30.0013 1860 ============================================================

09:34:30.0013 1860 Scan finished

09:34:30.0013 1860 ============================================================

09:34:30.0029 0764 Detected object count: 4

09:34:30.0029 0764 Actual detected object count: 4

09:35:38.0123 0764 DMAgent ( UnsignedFile.Multi.Generic ) - skipped by user

09:35:38.0123 0764 DMAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:35:38.0123 0764 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

09:35:38.0123 0764 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:35:38.0123 0764 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user

09:35:38.0123 0764 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:35:38.0123 0764 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - skipped by user

09:35:38.0123 0764 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:35:55.0502 5572 ============================================================

09:35:55.0502 5572 Scan started

09:35:55.0502 5572 Mode: Manual; SigCheck; TDLFS;

09:35:55.0502 5572 ============================================================

09:35:57.0264 5572 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

09:35:57.0311 5572 1394ohci - ok

09:35:57.0358 5572 Accelerometer (5aa055fe5ae506e19e9a8f537756ee10) C:\Windows\system32\DRIVERS\Accelerometer.sys

09:35:57.0374 5572 Accelerometer - ok

09:35:57.0420 5572 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

09:35:57.0436 5572 ACPI - ok

09:35:57.0467 5572 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

09:35:57.0498 5572 AcpiPmi - ok

09:35:58.0107 5572 AdobeActiveFileMonitor8.0 (765fe0463e711e5a68ac7b69538ed922) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

09:35:58.0122 5572 AdobeActiveFileMonitor8.0 - ok

09:35:58.0216 5572 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

09:35:58.0216 5572 AdobeARMservice - ok

09:35:58.0325 5572 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

09:35:58.0341 5572 adp94xx - ok

09:35:58.0746 5572 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

09:35:58.0778 5572 adpahci - ok

09:35:58.0809 5572 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

09:35:58.0824 5572 adpu320 - ok

09:35:58.0856 5572 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

09:35:58.0902 5572 AeLookupSvc - ok

09:35:59.0214 5572 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe

09:35:59.0230 5572 AESTFilters - ok

09:35:59.0589 5572 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

09:35:59.0620 5572 AFD - ok

09:35:59.0667 5572 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

09:35:59.0682 5572 agp440 - ok

09:35:59.0714 5572 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

09:35:59.0729 5572 ALG - ok

09:35:59.0745 5572 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

09:35:59.0760 5572 aliide - ok

09:35:59.0776 5572 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

09:35:59.0776 5572 amdide - ok

09:35:59.0901 5572 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

09:35:59.0932 5572 AmdK8 - ok

09:36:00.0057 5572 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

09:36:00.0072 5572 AmdPPM - ok

09:36:00.0338 5572 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

09:36:00.0353 5572 amdsata - ok

09:36:00.0416 5572 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

09:36:00.0447 5572 amdsbs - ok

09:36:00.0478 5572 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

09:36:00.0494 5572 amdxata - ok

09:36:00.0525 5572 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

09:36:00.0572 5572 AppID - ok

09:36:00.0712 5572 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

09:36:00.0774 5572 AppIDSvc - ok

09:36:00.0806 5572 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

09:36:00.0868 5572 Appinfo - ok

09:36:01.0180 5572 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

09:36:01.0196 5572 Apple Mobile Device - ok

09:36:01.0320 5572 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

09:36:01.0336 5572 arc - ok

09:36:01.0383 5572 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

09:36:01.0398 5572 arcsas - ok

09:36:01.0414 5572 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

09:36:01.0461 5572 AsyncMac - ok

09:36:01.0586 5572 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

09:36:01.0617 5572 atapi - ok

09:36:01.0835 5572 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

09:36:01.0913 5572 AudioEndpointBuilder - ok

09:36:01.0929 5572 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

09:36:01.0976 5572 AudioSrv - ok

09:36:02.0225 5572 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

09:36:02.0272 5572 AxInstSV - ok

09:36:02.0444 5572 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

09:36:02.0459 5572 b06bdrv - ok

09:36:02.0506 5572 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

09:36:02.0522 5572 b57nd60a - ok

09:36:02.0584 5572 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

09:36:02.0600 5572 BDESVC - ok

09:36:02.0615 5572 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

09:36:02.0646 5572 Beep - ok

09:36:03.0099 5572 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

09:36:03.0161 5572 BITS - ok

09:36:03.0208 5572 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

09:36:03.0224 5572 blbdrive - ok

09:36:03.0676 5572 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

09:36:03.0692 5572 Bonjour Service - ok

09:36:03.0723 5572 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

09:36:03.0738 5572 bowser - ok

09:36:03.0770 5572 bpenum (f46dd257fad7d2d097ef32e72220a06c) C:\Windows\system32\DRIVERS\bpenum.sys

09:36:03.0785 5572 bpenum - ok

09:36:03.0801 5572 bpmp (e82060aed0f28ed8909f2b07fa276185) C:\Windows\system32\DRIVERS\bpmp.sys

09:36:03.0816 5572 bpmp - ok

09:36:03.0832 5572 bpusb (fc6313a5a45c1ae53d0491f0057d5a4d) C:\Windows\system32\Drivers\bpusb.sys

09:36:03.0848 5572 bpusb - ok

09:36:03.0894 5572 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

09:36:03.0910 5572 BrFiltLo - ok

09:36:03.0926 5572 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

09:36:03.0941 5572 BrFiltUp - ok

09:36:04.0316 5572 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

09:36:04.0378 5572 Browser - ok

09:36:04.0409 5572 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

09:36:04.0425 5572 Brserid - ok

09:36:04.0456 5572 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

09:36:04.0487 5572 BrSerWdm - ok

09:36:04.0503 5572 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

09:36:04.0534 5572 BrUsbMdm - ok

09:36:04.0581 5572 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

09:36:04.0596 5572 BrUsbSer - ok

09:36:04.0721 5572 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

09:36:04.0752 5572 BTHMODEM - ok

09:36:04.0893 5572 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

09:36:04.0955 5572 bthserv - ok

09:36:04.0971 5572 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

09:36:05.0018 5572 cdfs - ok

09:36:05.0314 5572 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

09:36:05.0345 5572 cdrom - ok

09:36:05.0392 5572 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

09:36:05.0454 5572 CertPropSvc - ok

09:36:05.0486 5572 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

09:36:05.0501 5572 circlass - ok

09:36:05.0860 5572 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

09:36:05.0876 5572 CLFS - ok

09:36:05.0938 5572 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:36:05.0954 5572 clr_optimization_v2.0.50727_32 - ok

09:36:06.0000 5572 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

09:36:06.0016 5572 clr_optimization_v2.0.50727_64 - ok

09:36:06.0234 5572 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

09:36:06.0250 5572 clr_optimization_v4.0.30319_32 - ok

09:36:06.0281 5572 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

09:36:06.0297 5572 clr_optimization_v4.0.30319_64 - ok

09:36:06.0328 5572 clwvd (d68d9f4d53010b7e84d4e80a2e485554) C:\Windows\system32\DRIVERS\clwvd.sys

09:36:06.0344 5572 clwvd - ok

09:36:06.0375 5572 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

09:36:06.0390 5572 CmBatt - ok

09:36:06.0453 5572 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

09:36:06.0468 5572 cmdide - ok

09:36:06.0749 5572 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

09:36:06.0780 5572 CNG - ok

09:36:06.0812 5572 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

09:36:06.0827 5572 Compbatt - ok

09:36:06.0858 5572 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

09:36:06.0890 5572 CompositeBus - ok

09:36:06.0890 5572 COMSysApp - ok

09:36:06.0968 5572 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

09:36:06.0983 5572 crcdisk - ok

09:36:07.0451 5572 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll

09:36:07.0482 5572 CryptSvc - ok

09:36:07.0623 5572 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

09:36:07.0654 5572 cvhsvc - ok

09:36:08.0184 5572 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

09:36:08.0231 5572 DcomLaunch - ok

09:36:08.0278 5572 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

09:36:08.0325 5572 defragsvc - ok

09:36:08.0637 5572 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

09:36:08.0668 5572 DfsC - ok

09:36:08.0902 5572 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

09:36:08.0964 5572 Dhcp - ok

09:36:08.0996 5572 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

09:36:09.0058 5572 discache - ok

09:36:09.0214 5572 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

09:36:09.0245 5572 Disk - ok

09:36:09.0557 5572 DMAgent (61458c120cddfe7514e2db125568ca59) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

09:36:09.0573 5572 DMAgent ( UnsignedFile.Multi.Generic ) - warning

09:36:09.0573 5572 DMAgent - detected UnsignedFile.Multi.Generic (1)

09:36:09.0620 5572 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

09:36:09.0635 5572 Dnscache - ok

09:36:09.0666 5572 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

09:36:09.0713 5572 dot3svc - ok

09:36:10.0197 5572 DpHost (eac9d9868d37c8785d12475a9bb65a11) C:\Program Files\DigitalPersona\Bin\DpHostW.exe

09:36:10.0212 5572 DpHost - ok

09:36:10.0259 5572 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

09:36:10.0306 5572 DPS - ok

09:36:10.0353 5572 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

09:36:10.0368 5572 drmkaud - ok

09:36:12.0084 5572 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

09:36:12.0116 5572 DXGKrnl - ok

09:36:12.0412 5572 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

09:36:12.0459 5572 EapHost - ok

09:36:15.0953 5572 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

09:36:16.0000 5572 ebdrv - ok

09:36:16.0577 5572 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

09:36:16.0593 5572 EFS - ok

09:36:16.0671 5572 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

09:36:16.0686 5572 ehRecvr - ok

09:36:16.0905 5572 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

09:36:16.0936 5572 ehSched - ok

09:36:17.0108 5572 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

09:36:17.0139 5572 elxstor - ok

09:36:17.0170 5572 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

09:36:17.0186 5572 ErrDev - ok

09:36:17.0482 5572 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

09:36:17.0529 5572 EventSystem - ok

09:36:17.0966 5572 EvtEng (bdfcb7e8c108d042b213957d2b044e7e) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

09:36:17.0997 5572 EvtEng - ok

09:36:18.0106 5572 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

09:36:18.0153 5572 exfat - ok

09:36:18.0371 5572 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

09:36:18.0434 5572 fastfat - ok

09:36:18.0527 5572 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

09:36:18.0558 5572 Fax - ok

09:36:18.0605 5572 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

09:36:18.0621 5572 fdc - ok

09:36:18.0652 5572 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

09:36:18.0714 5572 fdPHost - ok

09:36:18.0792 5572 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

09:36:18.0839 5572 FDResPub - ok

09:36:18.0870 5572 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

09:36:18.0886 5572 FileInfo - ok

09:36:18.0902 5572 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

09:36:18.0948 5572 Filetrace - ok

09:36:19.0245 5572 FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

09:36:19.0276 5572 FLEXnet Licensing Service - ok

09:36:19.0338 5572 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

09:36:19.0354 5572 flpydisk - ok

09:36:19.0838 5572 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

09:36:19.0869 5572 FltMgr - ok

09:36:20.0290 5572 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

09:36:20.0321 5572 FontCache - ok

09:36:20.0493 5572 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

09:36:20.0524 5572 FontCache3.0.0.0 - ok

09:36:20.0805 5572 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

09:36:20.0836 5572 FsDepends - ok

09:36:20.0898 5572 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

09:36:20.0914 5572 Fs_Rec - ok

09:36:21.0320 5572 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

09:36:21.0366 5572 fvevol - ok

09:36:21.0413 5572 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

09:36:21.0429 5572 gagp30kx - ok

09:36:21.0507 5572 GameConsoleService (d154305de6090e6e84e525f84bb08a06) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

09:36:21.0522 5572 GameConsoleService - ok

09:36:21.0554 5572 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

09:36:21.0554 5572 GEARAspiWDM - ok

09:36:22.0287 5572 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

09:36:22.0349 5572 gpsvc - ok

09:36:22.0380 5572 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

09:36:22.0396 5572 hcw85cir - ok

09:36:22.0848 5572 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

09:36:22.0880 5572 HdAudAddService - ok

09:36:23.0114 5572 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

09:36:23.0145 5572 HDAudBus - ok

09:36:23.0254 5572 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

09:36:23.0270 5572 HECIx64 - ok

09:36:23.0301 5572 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

09:36:23.0316 5572 HidBatt - ok

09:36:23.0332 5572 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

09:36:23.0363 5572 HidBth - ok

09:36:23.0394 5572 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

09:36:23.0410 5572 HidIr - ok

09:36:23.0488 5572 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

09:36:23.0519 5572 hidserv - ok

09:36:23.0566 5572 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys

09:36:23.0597 5572 HidUsb - ok

09:36:23.0753 5572 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

09:36:23.0816 5572 hkmsvc - ok

09:36:24.0206 5572 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

09:36:24.0221 5572 HomeGroupListener - ok

09:36:24.0268 5572 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

09:36:24.0299 5572 HomeGroupProvider - ok

09:36:24.0627 5572 HP Health Check Service (37965381364b2e106e1dd7d74cdcaa43) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

09:36:24.0642 5572 HP Health Check Service - ok

09:36:25.0048 5572 HP Wireless Assistant Service (c930128c8f8ff03d8f8c42b570920d56) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

09:36:25.0064 5572 HP Wireless Assistant Service - ok

09:36:25.0188 5572 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

09:36:25.0204 5572 HPClientSvc - ok

09:36:25.0266 5572 HPDrvMntSvc.exe (f323230c391771611bbe9363b88c3e3e) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

09:36:25.0266 5572 HPDrvMntSvc.exe - ok

09:36:25.0298 5572 hpdskflt (0ac88fbe4bf315f5f8fd862426c11540) C:\Windows\system32\DRIVERS\hpdskflt.sys

09:36:25.0313 5572 hpdskflt - ok

09:36:26.0078 5572 hpqwmiex (5311386f0ec157d155bb07a1d420fb4d) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

09:36:26.0109 5572 hpqwmiex - ok

09:36:26.0202 5572 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

09:36:26.0218 5572 HpSAMD - ok

09:36:26.0327 5572 hpsrv (778ce2c015dec896c5c9323342bd71d4) C:\Windows\system32\Hpservice.exe

09:36:26.0343 5572 hpsrv - ok

09:36:26.0421 5572 HPWMISVC (854197d1270d20193fe2d4b14784aade) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

09:36:26.0421 5572 HPWMISVC - ok

09:36:26.0780 5572 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

09:36:26.0842 5572 HTTP - ok

09:36:26.0858 5572 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

09:36:26.0873 5572 hwpolicy - ok

09:36:26.0904 5572 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

09:36:26.0920 5572 i8042prt - ok

09:36:27.0560 5572 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys

09:36:27.0591 5572 iaStor - ok

09:36:27.0669 5572 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

09:36:27.0684 5572 iaStorV - ok

09:36:28.0200 5572 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

09:36:28.0231 5572 idsvc - ok

09:36:29.0823 5572 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys

09:36:29.0947 5572 igfx - ok

09:36:30.0540 5572 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

09:36:30.0556 5572 iirsp - ok

09:36:30.0618 5572 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

09:36:30.0665 5572 IKEEXT - ok

09:36:31.0024 5572 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys

09:36:31.0039 5572 Impcd - ok

09:36:31.0227 5572 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys

09:36:31.0242 5572 IntcDAud - ok

09:36:31.0289 5572 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

09:36:31.0289 5572 intelide - ok

09:36:31.0320 5572 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

09:36:31.0351 5572 intelppm - ok

09:36:31.0367 5572 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

09:36:31.0429 5572 IPBusEnum - ok

09:36:31.0617 5572 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

09:36:31.0679 5572 IpFilterDriver - ok

09:36:31.0819 5572 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

09:36:31.0835 5572 IPMIDRV - ok

09:36:32.0022 5572 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

09:36:32.0085 5572 IPNAT - ok

09:36:32.0178 5572 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

09:36:32.0209 5572 iPod Service - ok

09:36:32.0303 5572 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

09:36:32.0334 5572 IRENUM - ok

09:36:32.0459 5572 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

09:36:32.0475 5572 isapnp - ok

09:36:32.0865 5572 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

09:36:32.0880 5572 iScsiPrt - ok

09:36:32.0911 5572 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

09:36:32.0927 5572 kbdclass - ok

09:36:32.0958 5572 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

09:36:32.0989 5572 kbdhid - ok

09:36:33.0021 5572 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:36:33.0036 5572 KeyIso - ok

09:36:33.0067 5572 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

09:36:33.0083 5572 KSecDD - ok

09:36:33.0379 5572 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

09:36:33.0395 5572 KSecPkg - ok

09:36:33.0457 5572 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

09:36:33.0520 5572 ksthunk - ok

09:36:33.0582 5572 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

09:36:33.0645 5572 KtmRm - ok

09:36:34.0097 5572 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

09:36:34.0159 5572 LanmanServer - ok

09:36:34.0191 5572 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

09:36:34.0253 5572 LanmanWorkstation - ok

09:36:34.0612 5572 LightScribeService (fcbdcc6f1801e32244235608e1277752) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

09:36:34.0612 5572 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

09:36:34.0612 5572 LightScribeService - detected UnsignedFile.Multi.Generic (1)

09:36:34.0690 5572 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

09:36:34.0737 5572 lltdio - ok

09:36:34.0783 5572 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

09:36:34.0830 5572 lltdsvc - ok

09:36:34.0939 5572 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

09:36:35.0002 5572 lmhosts - ok

09:36:35.0283 5572 LMS (6d515466ab8bfe61184092b635ae6eb4) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

09:36:35.0298 5572 LMS - ok

09:36:35.0345 5572 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

09:36:35.0361 5572 LSI_FC - ok

09:36:35.0392 5572 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

09:36:35.0407 5572 LSI_SAS - ok

09:36:35.0423 5572 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

09:36:35.0439 5572 LSI_SAS2 - ok

09:36:35.0595 5572 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

09:36:35.0626 5572 LSI_SCSI - ok

09:36:35.0860 5572 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

09:36:35.0907 5572 luafv - ok

09:36:35.0953 5572 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

09:36:35.0969 5572 MBAMProtector - ok

09:36:36.0375 5572 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

09:36:36.0390 5572 MBAMService - ok

09:36:36.0421 5572 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

09:36:36.0453 5572 Mcx2Svc - ok

09:36:36.0468 5572 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

09:36:36.0484 5572 megasas - ok

09:36:36.0546 5572 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

09:36:36.0562 5572 MegaSR - ok

09:36:36.0811 5572 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

09:36:36.0874 5572 MMCSS - ok

09:36:36.0921 5572 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

09:36:36.0952 5572 Modem - ok

09:36:36.0999 5572 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

09:36:37.0014 5572 monitor - ok

09:36:37.0123 5572 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

09:36:37.0155 5572 mouclass - ok

09:36:37.0264 5572 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

09:36:37.0295 5572 mouhid - ok

09:36:37.0467 5572 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

09:36:37.0498 5572 mountmgr - ok

09:36:37.0529 5572 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

09:36:37.0545 5572 mpio - ok

09:36:37.0560 5572 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

09:36:37.0623 5572 mpsdrv - ok

09:36:37.0919 5572 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

09:36:37.0950 5572 MRxDAV - ok

09:36:37.0981 5572 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

09:36:37.0997 5572 mrxsmb - ok

09:36:38.0044 5572 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

09:36:38.0059 5572 mrxsmb10 - ok

09:36:38.0293 5572 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

09:36:38.0325 5572 mrxsmb20 - ok

09:36:38.0387 5572 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

09:36:38.0418 5572 msahci - ok

09:36:38.0574 5572 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

09:36:38.0590 5572 msdsm - ok

09:36:38.0621 5572 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

09:36:38.0637 5572 MSDTC - ok

09:36:38.0668 5572 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

09:36:38.0715 5572 Msfs - ok

09:36:38.0746 5572 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

09:36:38.0793 5572 mshidkmdf - ok

09:36:38.0902 5572 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

09:36:38.0917 5572 msisadrv - ok

09:36:39.0073 5572 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

09:36:39.0136 5572 MSiSCSI - ok

09:36:39.0136 5572 msiserver - ok

09:36:39.0167 5572 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

09:36:39.0214 5572 MSKSSRV - ok

09:36:39.0229 5572 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

09:36:39.0276 5572 MSPCLOCK - ok

09:36:39.0276 5572 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

09:36:39.0307 5572 MSPQM - ok

09:36:39.0573 5572 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

09:36:39.0604 5572 MsRPC - ok

09:36:39.0635 5572 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

09:36:39.0651 5572 mssmbios - ok

09:36:39.0682 5572 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

09:36:39.0729 5572 MSTEE - ok

09:36:39.0760 5572 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

09:36:39.0775 5572 MTConfig - ok

09:36:39.0885 5572 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

09:36:39.0900 5572 Mup - ok

09:36:40.0056 5572 MyWiFiDHCPDNS (93cd1c4ecb8658a35e5e6eba02d43e4f) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

09:36:40.0072 5572 MyWiFiDHCPDNS - ok

09:36:40.0134 5572 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

09:36:40.0197 5572 napagent - ok

09:36:40.0571 5572 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

09:36:40.0587 5572 NativeWifiP - ok

09:36:40.0649 5572 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

09:36:40.0680 5572 NDIS - ok

09:36:40.0727 5572 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

09:36:40.0774 5572 NdisCap - ok

09:36:40.0836 5572 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

09:36:40.0883 5572 NdisTapi - ok

09:36:40.0945 5572 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

09:36:40.0992 5572 Ndisuio - ok

09:36:41.0055 5572 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

09:36:41.0101 5572 NdisWan - ok

09:36:41.0226 5572 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

09:36:41.0289 5572 NDProxy - ok

09:36:41.0429 5572 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

09:36:41.0491 5572 NetBIOS - ok

09:36:41.0554 5572 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

09:36:41.0601 5572 NetBT - ok

09:36:41.0803 5572 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:36:41.0819 5572 Netlogon - ok

09:36:41.0881 5572 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

09:36:41.0928 5572 Netman - ok

09:36:41.0991 5572 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

09:36:42.0037 5572 netprofm - ok

09:36:42.0349 5572 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

wilkinsonsw · June 14, 2012

09:36:42.0365 5572 NetTcpPortSharing - ok

09:36:42.0973 5572 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys

09:36:43.0067 5572 netw5v64 - ok

09:36:44.0128 5572 NETwNs64 (eb43840babf5589e33186d094de7381d) C:\Windows\system32\DRIVERS\NETwNs64.sys

09:36:44.0237 5572 NETwNs64 - ok

09:36:44.0736 5572 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

09:36:44.0752 5572 nfrd960 - ok

09:36:44.0783 5572 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

09:36:44.0845 5572 NlaSvc - ok

09:36:44.0970 5572 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

09:36:45.0017 5572 Npfs - ok

09:36:45.0064 5572 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

09:36:45.0111 5572 nsi - ok

09:36:45.0157 5572 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

09:36:45.0204 5572 nsiproxy - ok

09:36:45.0672 5572 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

09:36:45.0703 5572 Ntfs - ok

09:36:46.0062 5572 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

09:36:46.0125 5572 Null - ok

09:36:46.0171 5572 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

09:36:46.0187 5572 nvraid - ok

09:36:46.0218 5572 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

09:36:46.0234 5572 nvstor - ok

09:36:46.0421 5572 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

09:36:46.0437 5572 nv_agp - ok

09:36:46.0468 5572 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

09:36:46.0468 5572 ohci1394 - ok

09:36:46.0546 5572 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:36:46.0561 5572 ose - ok

09:36:47.0014 5572 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

09:36:47.0107 5572 osppsvc - ok

09:36:47.0263 5572 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

09:36:47.0279 5572 p2pimsvc - ok

09:36:47.0591 5572 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

09:36:47.0607 5572 p2psvc - ok

09:36:47.0653 5572 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

09:36:47.0669 5572 Parport - ok

09:36:47.0700 5572 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

09:36:47.0716 5572 partmgr - ok

09:36:47.0934 5572 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

09:36:47.0981 5572 PcaSvc - ok

09:36:48.0028 5572 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

09:36:48.0059 5572 pci - ok

09:36:48.0090 5572 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

09:36:48.0106 5572 pciide - ok

09:36:48.0418 5572 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

09:36:48.0433 5572 pcmcia - ok

09:36:48.0465 5572 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

09:36:48.0480 5572 pcw - ok

09:36:48.0527 5572 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

09:36:48.0574 5572 PEAUTH - ok

09:36:48.0839 5572 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

09:36:48.0855 5572 PerfHost - ok

09:36:48.0948 5572 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

09:36:48.0995 5572 pla - ok

09:36:49.0073 5572 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

09:36:49.0089 5572 PlugPlay - ok

09:36:49.0120 5572 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

09:36:49.0151 5572 PNRPAutoReg - ok

09:36:49.0167 5572 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

09:36:49.0198 5572 PNRPsvc - ok

09:36:49.0479 5572 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

09:36:49.0541 5572 PolicyAgent - ok

09:36:49.0572 5572 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

09:36:49.0635 5572 Power - ok

09:36:49.0853 5572 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

09:36:49.0900 5572 PptpMiniport - ok

09:36:49.0931 5572 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

09:36:49.0947 5572 Processor - ok

09:36:49.0993 5572 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll

09:36:50.0009 5572 ProfSvc - ok

09:36:50.0071 5572 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:36:50.0087 5572 ProtectedStorage - ok

09:36:50.0352 5572 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

09:36:50.0415 5572 Psched - ok

09:36:50.0430 5572 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys

09:36:50.0446 5572 PxHlpa64 - ok

09:36:50.0539 5572 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

09:36:50.0586 5572 ql2300 - ok

09:36:50.0929 5572 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

09:36:50.0961 5572 ql40xx - ok

09:36:50.0992 5572 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

09:36:51.0023 5572 QWAVE - ok

09:36:51.0101 5572 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

09:36:51.0117 5572 QWAVEdrv - ok

09:36:51.0148 5572 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

09:36:51.0210 5572 RasAcd - ok

09:36:51.0241 5572 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

09:36:51.0288 5572 RasAgileVpn - ok

09:36:51.0319 5572 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

09:36:51.0382 5572 RasAuto - ok

09:36:51.0616 5572 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

09:36:51.0663 5572 Rasl2tp - ok

09:36:51.0709 5572 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

09:36:51.0772 5572 RasMan - ok

09:36:51.0881 5572 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

09:36:51.0943 5572 RasPppoe - ok

09:36:52.0006 5572 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

09:36:52.0053 5572 RasSstp - ok

09:36:52.0099 5572 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

09:36:52.0146 5572 rdbss - ok

09:36:52.0193 5572 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

09:36:52.0209 5572 rdpbus - ok

09:36:52.0224 5572 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

09:36:52.0271 5572 RDPCDD - ok

09:36:52.0287 5572 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

09:36:52.0318 5572 RDPENCDD - ok

09:36:52.0365 5572 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

09:36:52.0411 5572 RDPREFMP - ok

09:36:52.0489 5572 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys

09:36:52.0505 5572 RDPWD - ok

09:36:52.0567 5572 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

09:36:52.0583 5572 rdyboost - ok

09:36:52.0895 5572 RegSrvc (a6baea839cc888d4961ab5fe16bb8c4a) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

09:36:52.0911 5572 RegSrvc - ok

09:36:53.0129 5572 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

09:36:53.0191 5572 RemoteAccess - ok

09:36:53.0753 5572 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

09:36:53.0800 5572 RemoteRegistry - ok

09:36:54.0127 5572 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

09:36:54.0143 5572 RimUsb - ok

09:36:54.0517 5572 RoxioNow Service (c1568e17039b2ec2b73a4f880ddd51e5) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

09:36:54.0533 5572 RoxioNow Service - ok

09:36:54.0611 5572 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

09:36:54.0673 5572 RpcEptMapper - ok

09:36:54.0751 5572 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

09:36:54.0767 5572 RpcLocator - ok

09:36:55.0344 5572 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

09:36:55.0407 5572 RpcSs - ok

09:36:55.0547 5572 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

09:36:55.0594 5572 rspndr - ok

09:36:55.0828 5572 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\Windows\system32\Drivers\RtsUStor.sys

09:36:55.0843 5572 RSUSBSTOR - ok

09:36:56.0530 5572 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys

09:36:56.0545 5572 RTL8167 - ok

09:36:56.0623 5572 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:36:56.0655 5572 SamSs - ok

09:36:56.0873 5572 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

09:36:56.0889 5572 sbp2port - ok

09:36:57.0450 5572 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

09:36:57.0497 5572 SCardSvr - ok

09:36:57.0669 5572 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

09:36:57.0715 5572 scfilter - ok

09:36:58.0137 5572 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

09:36:58.0199 5572 Schedule - ok

09:36:58.0495 5572 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

09:36:58.0542 5572 SCPolicySvc - ok

09:36:58.0636 5572 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

09:36:58.0651 5572 sdbus - ok

09:36:58.0698 5572 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

09:36:58.0714 5572 SDRSVC - ok

09:36:58.0745 5572 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

09:36:58.0792 5572 secdrv - ok

09:36:58.0948 5572 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

09:36:59.0010 5572 seclogon - ok

09:36:59.0119 5572 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

09:36:59.0166 5572 SENS - ok

09:36:59.0197 5572 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

09:36:59.0213 5572 SensrSvc - ok

09:36:59.0244 5572 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

09:36:59.0260 5572 Serenum - ok

09:36:59.0291 5572 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

09:36:59.0307 5572 Serial - ok

09:36:59.0400 5572 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

09:36:59.0431 5572 sermouse - ok

09:36:59.0650 5572 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

09:36:59.0712 5572 SessionEnv - ok

09:36:59.0775 5572 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

09:36:59.0790 5572 sffdisk - ok

09:36:59.0806 5572 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

09:36:59.0821 5572 sffp_mmc - ok

09:36:59.0837 5572 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

09:36:59.0868 5572 sffp_sd - ok

09:36:59.0931 5572 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

09:36:59.0931 5572 sfloppy - ok

09:37:00.0555 5572 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys

09:37:00.0586 5572 Sftfs - ok

09:37:00.0679 5572 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

09:37:00.0695 5572 sftlist - ok

09:37:01.0038 5572 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys

09:37:01.0054 5572 Sftplay - ok

09:37:01.0069 5572 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys

09:37:01.0085 5572 Sftredir - ok

09:37:01.0116 5572 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys

09:37:01.0132 5572 Sftvol - ok

09:37:01.0163 5572 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

09:37:01.0179 5572 sftvsa - ok

09:37:01.0569 5572 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

09:37:01.0631 5572 ShellHWDetection - ok

09:37:01.0662 5572 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

09:37:01.0678 5572 SiSRaid2 - ok

09:37:01.0725 5572 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

09:37:01.0725 5572 SiSRaid4 - ok

09:37:01.0974 5572 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

09:37:02.0037 5572 Smb - ok

09:37:02.0099 5572 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

09:37:02.0115 5572 SNMPTRAP - ok

09:37:02.0130 5572 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

09:37:02.0146 5572 spldr - ok

09:37:02.0208 5572 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

09:37:02.0255 5572 Spooler - ok

09:37:02.0832 5572 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

09:37:02.0926 5572 sppsvc - ok

09:37:03.0300 5572 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

09:37:03.0347 5572 sppuinotify - ok

09:37:03.0877 5572 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

09:37:03.0909 5572 srv - ok

09:37:03.0955 5572 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

09:37:03.0987 5572 srv2 - ok

09:37:04.0018 5572 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS

09:37:04.0033 5572 SrvHsfHDA - ok

09:37:04.0673 5572 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS

09:37:04.0704 5572 SrvHsfV92 - ok

09:37:05.0063 5572 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

09:37:05.0079 5572 SrvHsfWinac - ok

09:37:05.0141 5572 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

09:37:05.0157 5572 srvnet - ok

09:37:05.0188 5572 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

09:37:05.0235 5572 SSDPSRV - ok

09:37:05.0531 5572 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

09:37:05.0593 5572 SstpSvc - ok

09:37:05.0781 5572 STacSV (b00068ba94f5f306911b14b425aaeb56) C:\Program Files\IDT\WDM\STacSV64.exe

09:37:05.0812 5572 STacSV - ok

09:37:05.0827 5572 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

09:37:05.0843 5572 stexstor - ok

09:37:05.0890 5572 STHDA (da40d9c9ccb9836d6abd1706935a2277) C:\Windows\system32\DRIVERS\stwrt64.sys

09:37:05.0905 5572 STHDA - ok

09:37:06.0249 5572 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

09:37:06.0280 5572 stisvc - ok

09:37:06.0327 5572 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

09:37:06.0342 5572 swenum - ok

09:37:06.0389 5572 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

09:37:06.0436 5572 swprv - ok

09:37:06.0763 5572 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys

09:37:06.0795 5572 SynTP - ok

09:37:07.0465 5572 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

09:37:07.0512 5572 SysMain - ok

09:37:07.0855 5572 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

09:37:07.0887 5572 TabletInputService - ok

09:37:08.0011 5572 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

09:37:08.0058 5572 TapiSrv - ok

09:37:08.0089 5572 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

09:37:08.0136 5572 TBS - ok

09:37:08.0667 5572 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

09:37:08.0729 5572 Tcpip - ok

09:37:09.0259 5572 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

09:37:09.0322 5572 TCPIP6 - ok

09:37:09.0727 5572 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

09:37:09.0774 5572 tcpipreg - ok

09:37:09.0805 5572 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

09:37:09.0821 5572 TDPIPE - ok

09:37:09.0899 5572 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

09:37:09.0899 5572 TDTCP - ok

09:37:10.0211 5572 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

09:37:10.0258 5572 tdx - ok

09:37:10.0305 5572 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

09:37:10.0320 5572 TermDD - ok

09:37:10.0383 5572 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

09:37:10.0429 5572 TermService - ok

09:37:10.0601 5572 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

09:37:10.0648 5572 Themes - ok

09:37:10.0804 5572 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

09:37:10.0866 5572 THREADORDER - ok

09:37:10.0882 5572 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

09:37:10.0944 5572 TrkWks - ok

09:37:11.0381 5572 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

09:37:11.0428 5572 TrustedInstaller - ok

09:37:11.0475 5572 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

09:37:11.0521 5572 tssecsrv - ok

09:37:11.0787 5572 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

09:37:11.0818 5572 TsUsbFlt - ok

09:37:11.0880 5572 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

09:37:11.0927 5572 tunnel - ok

09:37:11.0958 5572 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

09:37:11.0974 5572 uagp35 - ok

09:37:12.0021 5572 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

09:37:12.0067 5572 udfs - ok

09:37:12.0177 5572 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

09:37:12.0208 5572 UI0Detect - ok

09:37:12.0379 5572 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

09:37:12.0395 5572 uliagpkx - ok

09:37:12.0442 5572 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

09:37:12.0457 5572 umbus - ok

09:37:12.0489 5572 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

09:37:12.0504 5572 UmPass - ok

09:37:13.0113 5572 UNS (0fadd949576a164b4e51e716f46b6c33) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

09:37:13.0159 5572 UNS - ok

09:37:13.0643 5572 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

09:37:13.0690 5572 upnphost - ok

09:37:13.0752 5572 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

09:37:13.0752 5572 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning

09:37:13.0752 5572 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)

09:37:13.0939 5572 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

09:37:13.0971 5572 usbccgp - ok

09:37:14.0095 5572 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

09:37:14.0127 5572 usbcir - ok

09:37:14.0189 5572 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

09:37:14.0205 5572 usbehci - ok

09:37:14.0236 5572 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

09:37:14.0251 5572 usbhub - ok

09:37:14.0361 5572 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

09:37:14.0361 5572 usbohci - ok

09:37:14.0595 5572 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

09:37:14.0626 5572 usbprint - ok

09:37:14.0641 5572 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

09:37:14.0657 5572 usbscan - ok

09:37:14.0688 5572 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

09:37:14.0704 5572 USBSTOR - ok

09:37:14.0735 5572 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

09:37:14.0751 5572 usbuhci - ok

09:37:15.0063 5572 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

09:37:15.0094 5572 usbvideo - ok

09:37:15.0141 5572 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

09:37:15.0203 5572 UxSms - ok

09:37:15.0234 5572 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:37:15.0250 5572 VaultSvc - ok

09:37:15.0515 5572 vcsFPService (2662f24c7aee2a32cebdec907a5366f1) C:\Windows\system32\vcsFPService.exe

09:37:15.0577 5572 vcsFPService - ok

09:37:16.0045 5572 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

09:37:16.0061 5572 vdrvroot - ok

09:37:16.0108 5572 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

09:37:16.0170 5572 vds - ok

09:37:16.0248 5572 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

09:37:16.0279 5572 vga - ok

09:37:16.0311 5572 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

09:37:16.0357 5572 VgaSave - ok

09:37:16.0404 5572 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

09:37:16.0420 5572 vhdmp - ok

09:37:16.0451 5572 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

09:37:16.0467 5572 viaide - ok

09:37:16.0482 5572 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

09:37:16.0498 5572 volmgr - ok

09:37:16.0545 5572 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

09:37:16.0560 5572 volmgrx - ok

09:37:16.0919 5572 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

09:37:16.0935 5572 volsnap - ok

09:37:16.0966 5572 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

09:37:16.0981 5572 vsmraid - ok

09:37:17.0091 5572 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

09:37:17.0153 5572 VSS - ok

09:37:17.0512 5572 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

09:37:17.0527 5572 vwifibus - ok

09:37:17.0543 5572 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

09:37:17.0574 5572 vwififlt - ok

09:37:17.0605 5572 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

09:37:17.0637 5572 vwifimp - ok

09:37:18.0011 5572 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

09:37:18.0058 5572 W32Time - ok

09:37:18.0089 5572 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

09:37:18.0105 5572 WacomPen - ok

09:37:18.0136 5572 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

09:37:18.0183 5572 WANARP - ok

09:37:18.0198 5572 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

09:37:18.0229 5572 Wanarpv6 - ok

09:37:18.0432 5572 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

09:37:18.0463 5572 WatAdminSvc - ok

09:37:18.0557 5572 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

09:37:18.0588 5572 wbengine - ok

09:37:19.0259 5572 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

09:37:19.0290 5572 WbioSrvc - ok

09:37:19.0337 5572 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

09:37:19.0368 5572 wcncsvc - ok

09:37:19.0477 5572 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

09:37:19.0509 5572 WcsPlugInService - ok

09:37:19.0789 5572 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

09:37:19.0805 5572 Wd - ok

09:37:19.0852 5572 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

09:37:19.0883 5572 Wdf01000 - ok

09:37:19.0899 5572 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

09:37:19.0930 5572 WdiServiceHost - ok

09:37:19.0930 5572 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

09:37:19.0961 5572 WdiSystemHost - ok

09:37:20.0023 5572 wdkmd (fe31110e39a0b11abae1ba43a2dc94f9) C:\Windows\system32\DRIVERS\WDKMD.sys

09:37:20.0055 5572 wdkmd - ok

09:37:20.0211 5572 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

09:37:20.0242 5572 WebClient - ok

09:37:20.0289 5572 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

09:37:20.0335 5572 Wecsvc - ok

09:37:20.0569 5572 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

09:37:20.0616 5572 wercplsupport - ok

09:37:20.0632 5572 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

09:37:20.0694 5572 WerSvc - ok

09:37:20.0725 5572 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

09:37:20.0757 5572 WfpLwf - ok

09:37:21.0037 5572 WiMAXAppSrv (8686e96e13f41ac9806a79ca8004feee) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

09:37:21.0053 5572 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - warning

09:37:21.0053 5572 WiMAXAppSrv - detected UnsignedFile.Multi.Generic (1)

09:37:21.0069 5572 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

09:37:21.0069 5572 WIMMount - ok

09:37:21.0084 5572 WinHttpAutoProxySvc - ok

09:37:21.0147 5572 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

09:37:21.0209 5572 Winmgmt - ok

09:37:21.0349 5572 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

09:37:21.0443 5572 WinRM - ok

09:37:22.0020 5572 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys

09:37:22.0051 5572 WinUSB - ok

09:37:22.0114 5572 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

09:37:22.0129 5572 Wlansvc - ok

09:37:22.0519 5572 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

09:37:22.0582 5572 wlidsvc - ok

09:37:22.0987 5572 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

09:37:23.0003 5572 WmiAcpi - ok

09:37:23.0065 5572 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

09:37:23.0081 5572 wmiApSrv - ok

09:37:23.0206 5572 WMPNetworkSvc - ok

09:37:23.0237 5572 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

09:37:23.0253 5572 WPCSvc - ok

09:37:23.0409 5572 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

09:37:23.0440 5572 WPDBusEnum - ok

09:37:23.0471 5572 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

09:37:23.0502 5572 ws2ifsl - ok

09:37:23.0518 5572 WSearch - ok

09:37:23.0908 5572 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

09:37:23.0986 5572 wuauserv - ok

09:37:24.0423 5572 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

09:37:24.0485 5572 WudfPf - ok

09:37:24.0532 5572 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

09:37:24.0594 5572 WUDFRd - ok

09:37:24.0688 5572 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

09:37:24.0735 5572 wudfsvc - ok

09:37:24.0781 5572 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

09:37:24.0813 5572 WwanSvc - ok

09:37:25.0078 5572 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

09:37:25.0093 5572 YahooAUService - ok

09:37:25.0140 5572 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys

09:37:25.0156 5572 yukonw7 - ok

09:37:25.0203 5572 MBR (0x1B8) (7010c8f7ada1523924213c9281241520) \Device\Harddisk0\DR0

09:37:26.0092 5572 \Device\Harddisk0\DR0 - ok

09:37:26.0154 5572 Boot (0x1200) (6fab06b67d0dad5399bc88330e8b9291) \Device\Harddisk0\DR0\Partition0

09:37:26.0154 5572 \Device\Harddisk0\DR0\Partition0 - ok

09:37:26.0201 5572 Boot (0x1200) (4fd0ed3600c702f51638b0c9f7330619) \Device\Harddisk0\DR0\Partition1

09:37:26.0201 5572 \Device\Harddisk0\DR0\Partition1 - ok

09:37:26.0263 5572 Boot (0x1200) (fc806f0a8799f3c04377c1090547471d) \Device\Harddisk0\DR0\Partition2

09:37:26.0279 5572 \Device\Harddisk0\DR0\Partition2 - ok

09:37:26.0357 5572 Boot (0x1200) (8f88a2b073c9f000e4680358ad2af03e) \Device\Harddisk0\DR0\Partition3

09:37:26.0373 5572 \Device\Harddisk0\DR0\Partition3 - ok

09:37:26.0373 5572 ============================================================

09:37:26.0373 5572 Scan finished

09:37:26.0373 5572 ============================================================

09:37:26.0388 4900 Detected object count: 4

09:37:26.0388 4900 Actual detected object count: 4

09:39:07.0602 4900 DMAgent ( UnsignedFile.Multi.Generic ) - skipped by user

09:39:07.0602 4900 DMAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:39:07.0602 4900 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

09:39:07.0602 4900 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:39:07.0602 4900 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user

09:39:07.0602 4900 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:39:07.0602 4900 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - skipped by user

09:39:07.0602 4900 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

MrCharlie · June 14, 2012

That scan came up clean, please do this......

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

wilkinsonsw · June 14, 2012

ComboFix 12-06-14.01 - Uaer 06/14/2012 10:19:38.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2486 [GMT -5:00]

Running from: c:\users\Uaer\Desktop\ComboFix.exe

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\Uaer\AppData\Local\{ea862fa9-f025-6ac5-ef9f-2a8a40c50e2a}

c:\users\Uaer\AppData\Local\{ea862fa9-f025-6ac5-ef9f-2a8a40c50e2a}\@

c:\users\Uaer\AppData\Local\{ea862fa9-f025-6ac5-ef9f-2a8a40c50e2a}\n

c:\users\Uaer\Documents\~WRL0003.tmp

c:\users\Uaer\Documents\~WRL0004.tmp

c:\users\Uaer\Documents\~WRL0005.tmp

c:\users\Uaer\Documents\~WRL0006.tmp

c:\users\Uaer\Documents\~WRL0007.tmp

c:\users\Uaer\Documents\~WRL0037.tmp

c:\users\Uaer\Documents\~WRL2640.tmp

c:\users\Uaer\Documents\~WRL2933.tmp

c:\users\Uaer\Documents\~WRL3053.tmp

c:\users\Uaer\Documents\~WRL3198.tmp

c:\users\Uaer\Documents\~WRL3358.tmp

c:\users\Uaer\Documents\~WRL4056.tmp

c:\windows\assembly\GAC_32\Desktop.ini

c:\windows\assembly\GAC_64\Desktop.ini

c:\windows\Installer\{ea862fa9-f025-6ac5-ef9f-2a8a40c50e2a}

c:\windows\Installer\{ea862fa9-f025-6ac5-ef9f-2a8a40c50e2a}\@

c:\windows\Installer\{ea862fa9-f025-6ac5-ef9f-2a8a40c50e2a}\L\00000004.@

c:\windows\Installer\{ea862fa9-f025-6ac5-ef9f-2a8a40c50e2a}\L\1afb2d56

c:\windows\Installer\{ea862fa9-f025-6ac5-ef9f-2a8a40c50e2a}\L\201d3dde

c:\windows\Installer\{ea862fa9-f025-6ac5-ef9f-2a8a40c50e2a}\n

c:\windows\Installer\{ea862fa9-f025-6ac5-ef9f-2a8a40c50e2a}\U\00000004.@

c:\windows\Installer\{ea862fa9-f025-6ac5-ef9f-2a8a40c50e2a}\U\00000008.@

c:\windows\Installer\{ea862fa9-f025-6ac5-ef9f-2a8a40c50e2a}\U\000000cb.@

c:\windows\Installer\{ea862fa9-f025-6ac5-ef9f-2a8a40c50e2a}\U\80000000.@

c:\windows\Installer\{ea862fa9-f025-6ac5-ef9f-2a8a40c50e2a}\U\80000032.@

c:\windows\Installer\{ea862fa9-f025-6ac5-ef9f-2a8a40c50e2a}\U\80000064.@

.

((((((((((((((((((((((((( Files Created from 2012-05-14 to 2012-06-14 )))))))))))))))))))))))))))))))

.

2012-06-14 15:54 . 2012-06-14 15:54 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-06-13 21:41 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll

2012-06-13 21:41 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-06-13 21:41 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-06-13 21:41 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll

2012-06-13 21:41 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-06-13 21:41 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-06-13 21:41 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-06-13 21:41 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys

2012-06-13 21:41 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-06-13 21:41 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll

2012-06-13 21:40 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll

2012-06-13 21:40 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll

2012-06-13 21:40 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll

2012-06-13 21:40 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll

2012-06-13 21:40 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll

2012-06-13 21:40 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll

2012-06-13 21:40 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll

2012-06-04 20:10 . 2012-06-04 20:10 -------- d-----w- c:\users\Uaer\AppData\Roaming\Malwarebytes

2012-06-04 20:10 . 2012-06-12 02:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-06-04 20:10 . 2012-06-04 20:10 -------- d-----w- c:\programdata\Malwarebytes

2012-06-04 20:10 . 2012-04-04 20:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-04 19:29 . 2012-06-04 20:52 -------- d-----w- c:\program files (x86)\PC Tools

2012-06-04 19:26 . 2012-06-04 20:52 -------- d-----w- c:\program files (x86)\Common Files\PC Tools

2012-06-04 19:26 . 2012-05-11 16:14 251528 ----a-w- c:\windows\system32\drivers\PCTSD64.sys

2012-06-04 19:26 . 2012-06-04 20:06 -------- d-----w- c:\programdata\PC Tools

2012-06-04 19:26 . 2012-06-04 19:26 -------- d-----w- c:\users\Uaer\AppData\Roaming\TestApp

2012-06-03 08:37 . 2012-06-03 08:37 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%

2012-06-01 18:41 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3FD9D818-A7BF-46A2-BF5F-E6B35DCB3A2C}\mpengine.dll

2012-05-21 06:22 . 2012-05-21 06:24 -------- d-----w- c:\users\Uaer\AppData\Roaming\ooVoo Details

2012-05-21 06:22 . 2012-05-21 06:22 -------- d-----w- c:\users\Uaer\AppData\Local\APN

2012-05-15 20:21 . 2012-05-15 20:21 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2012-05-15 20:21 . 2012-05-15 20:21 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2012-05-15 20:21 . 2012-05-15 20:21 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2012-05-15 20:21 . 2012-05-15 20:21 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2012-05-15 20:21 . 2012-05-15 20:21 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2012-05-15 20:21 . 2012-05-15 20:21 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2012-05-15 20:21 . 2012-05-15 20:21 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2012-05-15 20:21 . 2012-05-15 20:21 -------- d-----w- c:\program files (x86)\QuickTime

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-19 01:56 . 2012-04-19 01:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx

2012-04-19 01:56 . 2012-04-19 01:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts

2012-03-30 11:35 . 2012-05-09 00:22 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-03-17 07:58 . 2012-05-09 00:22 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]

"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-09-29 584760]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-9-28 1040952]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Notification Packages REG_MULTI_SZ DPPassFilter scecli

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-07-20 340240]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-09-18 169312]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-04 89600]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [2010-06-07 408576]

S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-09-17 92216]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]

S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-09-29 26680]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-09-11 399344]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-05-01 2533400]

S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-02-23 2192176]

S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [2010-06-07 911872]

S3 bpenum;bpenum;c:\windows\system32\DRIVERS\bpenum.sys [x]

S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:\windows\system32\DRIVERS\bpmp.sys [x]

S3 bpusb;bpusb;c:\windows\system32\Drivers\bpusb.sys [x]

S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2010-08-16 21:43 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Contents of the 'Scheduled Tasks' folder

.

2012-05-30 c:\windows\Tasks\HPCeeScheduleForUAER-HP$.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]

@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"

[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]

2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]

@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"

[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]

2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]

@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"

[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]

2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]

@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"

[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]

2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]

@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"

[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]

2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-07-23 487424]

"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-07-20 1931024]

"IntelWirelessWiMAX"="c:\program files\Intel\WiMAX\Bin\WiMAXCU.exe" [2010-06-08 1441792]

"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-01 611896]

"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 161304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]

"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences Pro\FencesMenu64.dll" [2010-09-16 464744]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 192.168.1.254

.

- - - - ORPHANS REMOVED - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}\bm_installer.exe

AddRemove-{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8} - c:\program files (x86)\InstallShield Installation Information\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}\setup.exe

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,

89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,

eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c

"{5806FA2D-E338-4A24-A20C-5DA56BA3B2AD}"=hex:51,66,7a,6c,4c,1d,38,12,43,f9,15,

5c,0a,ad,4a,0f,dd,1a,1e,e5,6e,fd,f6,b9

"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,

06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,

d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,

f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:45,ae,df,20,3d,48,cd,01

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

c:\program files (x86)\DigitalPersona\Bin\DPAgent.exe

c:\program files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

.

**************************************************************************

.

Completion time: 2012-06-14 11:02:26 - machine was rebooted

ComboFix-quarantined-files.txt 2012-06-14 16:02

.

Pre-Run: 384,823,386,112 bytes free

Post-Run: 385,545,555,968 bytes free

.

- - End Of File - - 06D9DE90FD4D9D52E7DBD8C06B99753D

MrCharlie · June 14, 2012

Please Update and run a Quick Scan with MBAM, post the report.

Make sure that everything is checked, and click Remove Selected.

Reboot and run another DDS scan and post it, MrC

wilkinsonsw · June 14, 2012

Malwarebytes Anti-Malware (Trial) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.06.14.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Uaer :: UAER-HP [administrator]

Protection: Enabled

6/14/2012 12:08:44 PM

mbam-log-2012-06-14 (12-08-44).txt

Scan type: Quick scan

Scan options disabled: P2P

Objects scanned: 206100

Time elapsed: 46 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Uaer at 12:11:06 on 2012-06-14

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2086 [GMT -5:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\vcsFPService.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\DigitalPersona\Bin\DpHostW.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\System32\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\notepad.exe