Jump to content

2 rootkit.agents not going away (and more)


Recommended Posts

Hi there,

First, let it be known, I tried to download the dds.com and dd.scr files, and they wouldn't download. Kept getting an error no matter where I tried to save them.

As for the problem: I've got two Rootkit.Agent files that Malwarebytes picks up. However, when I try and delete them + restart system, they just come back on the next scan. I've attached the log

file.mbam-log-2012-07-06 (14-10-41).txt

The two persistent problem files are:

- c:\windows\system32\drivers\str.sys

- c:\windows\SysWOW64\drivers\str.sys

I found a similar thread, so I downloaded and ran the Kapersky TDSSKiller. I found a medium risk, Suspicious object, locked file. The service is called rexcavthds ( LockedFile.Multi.Generic ), and when I copied it to quarantne, I saw that it was the same file that Malwarebytes had recently started blocking: \AppData\Local\Temp\DAT2963.tmp.exe

The screenshot: post-114372-0-58473100-1341599055.jpg

I don't know if this is related to the str.sys files that MB can't seem to get rid of, but either way, I'd love some expert perspective/recommendations on all this. If you need anything else from me... reports, logs, etc... let me know.

Thank you thank you thank you!

Mitch

Link to post
Share on other sites

I just found a more detailed report TDSSKiller spit out. Here it is:

14:18:58.0282 8576 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08

14:18:58.0850 8576 ============================================================

14:18:58.0850 8576 Current date / time: 2012/07/06 14:18:58.0850

14:18:58.0850 8576 SystemInfo:

14:18:58.0850 8576

14:18:58.0850 8576 OS Version: 6.1.7601 ServicePack: 1.0

14:18:58.0850 8576 Product type: Workstation

14:18:58.0850 8576 ComputerName: BADASS

14:18:58.0850 8576 UserName: Mitch

14:18:58.0850 8576 Windows directory: C:\Windows

14:18:58.0850 8576 System windows directory: C:\Windows

14:18:58.0850 8576 Running under WOW64

14:18:58.0850 8576 Processor architecture: Intel x64

14:18:58.0850 8576 Number of processors: 8

14:18:58.0850 8576 Page size: 0x1000

14:18:58.0850 8576 Boot type: Normal boot

14:18:58.0850 8576 ============================================================

14:19:00.0312 8576 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0B00000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

14:19:00.0316 8576 Drive \Device\Harddisk1\DR6 - Size: 0x2BAA1475000 (2794.52 Gb), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

14:19:00.0328 8576 ============================================================

14:19:00.0328 8576 \Device\Harddisk0\DR0:

14:19:00.0328 8576 MBR partitions:

14:19:00.0328 8576 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

14:19:00.0328 8576 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D2800

14:19:00.0328 8576 \Device\Harddisk1\DR6:

14:19:00.0328 8576 MBR partitions:

14:19:00.0328 8576 \Device\Harddisk1\DR6\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2BAA0A20

14:19:00.0328 8576 ============================================================

14:19:00.0419 8576 C: <-> \Device\Harddisk0\DR0\Partition1

14:19:00.0474 8576 J: <-> \Device\Harddisk1\DR6\Partition0

14:19:00.0474 8576 ============================================================

14:19:00.0474 8576 Initialize success

14:19:00.0474 8576 ============================================================

14:19:01.0404 10140 ============================================================

14:19:01.0934 10140 Scan started

14:19:01.0934 10140 Mode: Manual;

14:19:01.0934 10140 ============================================================

14:19:04.0301 10140 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

14:19:04.0302 10140 1394ohci - ok

14:19:04.0330 10140 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

14:19:04.0332 10140 ACPI - ok

14:19:04.0380 10140 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

14:19:04.0380 10140 AcpiPmi - ok

14:19:04.0542 10140 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

14:19:04.0543 10140 AdobeFlashPlayerUpdateSvc - ok

14:19:04.0626 10140 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

14:19:04.0628 10140 adp94xx - ok

14:19:04.0676 10140 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

14:19:04.0678 10140 adpahci - ok

14:19:04.0704 10140 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

14:19:04.0705 10140 adpu320 - ok

14:19:04.0736 10140 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

14:19:04.0736 10140 AeLookupSvc - ok

14:19:04.0808 10140 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

14:19:04.0810 10140 AFD - ok

14:19:04.0860 10140 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

14:19:04.0860 10140 agp440 - ok

14:19:04.0880 10140 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

14:19:04.0880 10140 ALG - ok

14:19:04.0891 10140 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

14:19:04.0891 10140 aliide - ok

14:19:05.0017 10140 ALSysIO - ok

14:19:05.0045 10140 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

14:19:05.0046 10140 amdide - ok

14:19:05.0073 10140 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

14:19:05.0073 10140 AmdK8 - ok

14:19:05.0100 10140 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

14:19:05.0101 10140 AmdPPM - ok

14:19:05.0208 10140 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

14:19:05.0833 10140 amdsata - ok

14:19:05.0937 10140 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

14:19:05.0938 10140 amdsbs - ok

14:19:05.0953 10140 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

14:19:05.0953 10140 amdxata - ok

14:19:06.0018 10140 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

14:19:06.0018 10140 AppID - ok

14:19:06.0043 10140 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

14:19:06.0044 10140 AppIDSvc - ok

14:19:06.0118 10140 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

14:19:06.0134 10140 Appinfo - ok

14:19:06.0278 10140 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

14:19:06.0294 10140 Apple Mobile Device - ok

14:19:06.0339 10140 AppleCharger (a632d9ea15f37d2605a7fcaf3892ec96) C:\Windows\system32\DRIVERS\AppleCharger.sys

14:19:06.0339 10140 AppleCharger - ok

14:19:06.0364 10140 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe

14:19:06.0365 10140 AppleChargerSrv - ok

14:19:06.0385 10140 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll

14:19:06.0390 10140 AppMgmt - ok

14:19:06.0414 10140 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

14:19:06.0415 10140 arc - ok

14:19:06.0424 10140 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

14:19:06.0425 10140 arcsas - ok

14:19:06.0451 10140 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

14:19:06.0451 10140 AsyncMac - ok

14:19:06.0519 10140 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

14:19:06.0519 10140 atapi - ok

14:19:06.0597 10140 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

14:19:06.0600 10140 AudioEndpointBuilder - ok

14:19:06.0603 10140 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

14:19:06.0606 10140 AudioSrv - ok

14:19:07.0738 10140 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe

14:19:07.0799 10140 AVGIDSAgent - ok

14:19:07.0898 10140 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys

14:19:07.0899 10140 AVGIDSDriver - ok

14:19:07.0930 10140 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys

14:19:07.0930 10140 AVGIDSFilter - ok

14:19:08.0021 10140 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys

14:19:08.0036 10140 AVGIDSHA - ok

14:19:08.0094 10140 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys

14:19:08.0096 10140 Avgldx64 - ok

14:19:08.0111 10140 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys

14:19:08.0111 10140 Avgmfx64 - ok

14:19:08.0170 10140 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys

14:19:08.0186 10140 Avgrkx64 - ok

14:19:08.0267 10140 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys

14:19:08.0268 10140 Avgtdia - ok

14:19:08.0312 10140 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

14:19:08.0313 10140 avgwd - ok

14:19:08.0409 10140 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

14:19:08.0409 10140 AxInstSV - ok

14:19:08.0488 10140 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

14:19:08.0490 10140 b06bdrv - ok

14:19:08.0523 10140 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

14:19:08.0524 10140 b57nd60a - ok

14:19:08.0550 10140 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

14:19:08.0551 10140 BDESVC - ok

14:19:08.0576 10140 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

14:19:08.0576 10140 Beep - ok

14:19:08.0710 10140 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

14:19:08.0712 10140 BFE - ok

14:19:08.0787 10140 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

14:19:08.0791 10140 BITS - ok

14:19:08.0816 10140 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

14:19:08.0817 10140 blbdrive - ok

14:19:08.0911 10140 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

14:19:08.0913 10140 Bonjour Service - ok

14:19:08.0966 10140 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

14:19:08.0967 10140 bowser - ok

14:19:08.0980 10140 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

14:19:08.0980 10140 BrFiltLo - ok

14:19:09.0004 10140 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

14:19:09.0004 10140 BrFiltUp - ok

14:19:09.0025 10140 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

14:19:09.0026 10140 Browser - ok

14:19:09.0056 10140 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

14:19:09.0057 10140 Brserid - ok

14:19:09.0072 10140 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

14:19:09.0073 10140 BrSerWdm - ok

14:19:09.0090 10140 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

14:19:09.0091 10140 BrUsbMdm - ok

14:19:09.0112 10140 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

14:19:09.0112 10140 BrUsbSer - ok

14:19:09.0179 10140 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

14:19:09.0180 10140 BTHMODEM - ok

14:19:09.0217 10140 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

14:19:09.0218 10140 bthserv - ok

14:19:09.0312 10140 ccEvtMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

14:19:09.0312 10140 ccEvtMgr - ok

14:19:09.0312 10140 ccSetMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

14:19:09.0312 10140 ccSetMgr - ok

14:19:09.0359 10140 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

14:19:09.0359 10140 cdfs - ok

14:19:09.0524 10140 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

14:19:09.0525 10140 cdrom - ok

14:19:09.0580 10140 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

14:19:09.0587 10140 CertPropSvc - ok

14:19:09.0636 10140 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

14:19:09.0636 10140 circlass - ok

14:19:09.0657 10140 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

14:19:09.0659 10140 CLFS - ok

14:19:09.0724 10140 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:19:09.0724 10140 clr_optimization_v2.0.50727_32 - ok

14:19:09.0763 10140 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

14:19:09.0764 10140 clr_optimization_v2.0.50727_64 - ok

14:19:09.0887 10140 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

14:19:09.0892 10140 clr_optimization_v4.0.30319_32 - ok

14:19:09.0947 10140 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

14:19:09.0948 10140 clr_optimization_v4.0.30319_64 - ok

14:19:09.0978 10140 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

14:19:09.0979 10140 CmBatt - ok

14:19:10.0025 10140 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

14:19:10.0025 10140 cmdide - ok

14:19:10.0074 10140 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

14:19:10.0077 10140 CNG - ok

14:19:10.0095 10140 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

14:19:10.0096 10140 Compbatt - ok

14:19:10.0142 10140 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

14:19:10.0143 10140 CompositeBus - ok

14:19:10.0144 10140 COMSysApp - ok

14:19:10.0205 10140 cpuz134 (17719a7f571d4cd08223f0b30f71b8b8) C:\Windows\system32\drivers\cpuz134_x64.sys

14:19:10.0206 10140 cpuz134 - ok

14:19:10.0213 10140 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

14:19:10.0214 10140 crcdisk - ok

14:19:10.0267 10140 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll

14:19:10.0268 10140 CryptSvc - ok

14:19:10.0321 10140 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys

14:19:10.0323 10140 CSC - ok

14:19:10.0422 10140 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll

14:19:10.0424 10140 CscService - ok

14:19:10.0505 10140 DAUpdaterSvc (80861969541971176e005d2c09dae851) C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe

14:19:10.0506 10140 DAUpdaterSvc - ok

14:19:10.0561 10140 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

14:19:10.0564 10140 DcomLaunch - ok

14:19:10.0595 10140 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

14:19:10.0597 10140 defragsvc - ok

14:19:10.0657 10140 DES2 Service (fdc0c5adde1cde6edb0bef78f0699af3) C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe

14:19:10.0658 10140 DES2 Service - ok

14:19:10.0718 10140 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

14:19:10.0718 10140 DfsC - ok

14:19:10.0781 10140 dg_ssudbus (113212d25d0c9bb8901a9833774da97f) C:\Windows\system32\DRIVERS\ssudbus.sys

14:19:10.0781 10140 dg_ssudbus - ok

14:19:10.0817 10140 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

14:19:10.0818 10140 Dhcp - ok

14:19:10.0837 10140 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

14:19:10.0837 10140 discache - ok

14:19:10.0890 10140 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

14:19:10.0891 10140 Disk - ok

14:19:11.0129 10140 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

14:19:11.0130 10140 Dnscache - ok

14:19:11.0197 10140 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

14:19:11.0198 10140 dot3svc - ok

14:19:11.0229 10140 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

14:19:11.0230 10140 DPS - ok

14:19:11.0273 10140 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

14:19:11.0274 10140 drmkaud - ok

14:19:11.0352 10140 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

14:19:11.0368 10140 DXGKrnl - ok

14:19:11.0415 10140 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

14:19:11.0416 10140 EapHost - ok

14:19:12.0102 10140 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

14:19:12.0113 10140 ebdrv - ok

14:19:12.0263 10140 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

14:19:12.0264 10140 eeCtrl - ok

14:19:12.0426 10140 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

14:19:12.0427 10140 EFS - ok

14:19:12.0509 10140 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

14:19:12.0520 10140 ehRecvr - ok

14:19:12.0558 10140 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

14:19:12.0558 10140 ehSched - ok

14:19:12.0798 10140 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

14:19:12.0799 10140 elxstor - ok

14:19:12.0898 10140 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

14:19:12.0914 10140 EraserUtilRebootDrv - ok

14:19:12.0972 10140 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

14:19:12.0972 10140 ErrDev - ok

14:19:13.0057 10140 etdrv (84486624268e078255bc7aa47f0960bc) C:\Windows\etdrv.sys

14:19:13.0057 10140 etdrv - ok

14:19:13.0108 10140 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

14:19:13.0110 10140 EventSystem - ok

14:19:13.0289 10140 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

14:19:13.0290 10140 exfat - ok

14:19:13.0483 10140 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

14:19:13.0484 10140 fastfat - ok

14:19:13.0563 10140 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

14:19:13.0566 10140 Fax - ok

14:19:13.0600 10140 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

14:19:13.0601 10140 fdc - ok

14:19:13.0628 10140 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

14:19:13.0636 10140 fdPHost - ok

14:19:13.0666 10140 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

14:19:13.0667 10140 FDResPub - ok

14:19:13.0673 10140 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

14:19:13.0681 10140 FileInfo - ok

14:19:13.0692 10140 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

14:19:13.0693 10140 Filetrace - ok

14:19:13.0732 10140 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

14:19:13.0733 10140 flpydisk - ok

14:19:13.0802 10140 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

14:19:13.0804 10140 FltMgr - ok

14:19:13.0879 10140 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

14:19:13.0897 10140 FontCache - ok

14:19:13.0990 10140 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

14:19:13.0990 10140 FontCache3.0.0.0 - ok

14:19:14.0089 10140 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

14:19:14.0090 10140 FsDepends - ok

14:19:14.0150 10140 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

14:19:14.0150 10140 Fs_Rec - ok

14:19:14.0246 10140 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

14:19:14.0247 10140 fvevol - ok

14:19:14.0278 10140 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

14:19:14.0278 10140 gagp30kx - ok

14:19:14.0314 10140 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys

14:19:14.0315 10140 gdrv - ok

14:19:14.0367 10140 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

14:19:14.0367 10140 GEARAspiWDM - ok

14:19:14.0500 10140 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

14:19:14.0503 10140 gpsvc - ok

14:19:14.0674 10140 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

14:19:14.0675 10140 gusvc - ok

14:19:14.0716 10140 GVTDrv64 (8126331fbd4ed29eb3b356f9c905064d) C:\Windows\GVTDrv64.sys

14:19:14.0716 10140 GVTDrv64 - ok

14:19:14.0805 10140 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys

14:19:14.0805 10140 hamachi - ok

14:19:15.0341 10140 Hamachi2Svc (21d24138b736983f6e23823e092e9428) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

14:19:15.0364 10140 Hamachi2Svc - ok

14:19:15.0437 10140 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

14:19:15.0437 10140 hcw85cir - ok

14:19:15.0683 10140 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

14:19:15.0685 10140 HdAudAddService - ok

14:19:15.0772 10140 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

14:19:15.0772 10140 HDAudBus - ok

14:19:15.0791 10140 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

14:19:15.0791 10140 HidBatt - ok

14:19:15.0810 10140 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

14:19:15.0810 10140 HidBth - ok

14:19:15.0822 10140 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

14:19:15.0822 10140 HidIr - ok

14:19:15.0845 10140 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

14:19:15.0845 10140 hidserv - ok

14:19:15.0888 10140 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

14:19:15.0889 10140 HidUsb - ok

14:19:16.0024 10140 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

14:19:16.0025 10140 hkmsvc - ok

14:19:16.0104 10140 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

14:19:16.0106 10140 HomeGroupListener - ok

14:19:16.0252 10140 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

14:19:16.0253 10140 HomeGroupProvider - ok

14:19:16.0284 10140 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

14:19:16.0284 10140 HpSAMD - ok

14:19:16.0371 10140 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

14:19:16.0374 10140 HTTP - ok

14:19:16.0421 10140 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

14:19:16.0509 10140 hwpolicy - ok

14:19:16.0672 10140 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

14:19:16.0673 10140 i8042prt - ok

14:19:16.0707 10140 iaStor (631fa8935163b01fc0c02966cb3adb92) C:\Windows\system32\DRIVERS\iaStor.sys

14:19:16.0709 10140 iaStor - ok

14:19:16.0813 10140 IAStorDataMgrSvc (7493ea4de41348f7d3edbf9db298f56a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

14:19:16.0814 10140 IAStorDataMgrSvc - ok

14:19:17.0547 10140 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

14:19:17.0549 10140 iaStorV - ok

14:19:17.0603 10140 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

14:19:17.0604 10140 IDriverT - ok

14:19:17.0780 10140 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

14:19:17.0783 10140 idsvc - ok

14:19:17.0805 10140 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

14:19:17.0806 10140 iirsp - ok

14:19:17.0868 10140 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

14:19:17.0871 10140 IKEEXT - ok

14:19:18.0128 10140 IntcAzAudAddService (163f94ebf8f8a98616a6b804af08d736) C:\Windows\system32\drivers\RTKVHD64.sys

14:19:18.0136 10140 IntcAzAudAddService - ok

14:19:18.0187 10140 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

14:19:18.0187 10140 intelide - ok

14:19:18.0219 10140 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

14:19:18.0220 10140 intelppm - ok

14:19:18.0248 10140 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

14:19:18.0250 10140 IPBusEnum - ok

14:19:18.0282 10140 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:19:18.0283 10140 IpFilterDriver - ok

14:19:18.0335 10140 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

14:19:18.0337 10140 iphlpsvc - ok

14:19:18.0384 10140 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

14:19:18.0385 10140 IPMIDRV - ok

14:19:18.0397 10140 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

14:19:18.0398 10140 IPNAT - ok

14:19:18.0509 10140 iPod Service (e94503089df8976f5c4c9d5168e9765f) C:\Program Files\iPod\bin\iPodService.exe

14:19:18.0512 10140 iPod Service - ok

14:19:18.0528 10140 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

14:19:18.0529 10140 IRENUM - ok

14:19:18.0550 10140 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

14:19:18.0550 10140 isapnp - ok

14:19:18.0634 10140 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

14:19:18.0635 10140 iScsiPrt - ok

14:19:18.0673 10140 JMB36X (f3a41ec4c6506e76e07a219b3a1df8d2) C:\Windows\SysWOW64\XSrvSetup.exe

14:19:18.0675 10140 JMB36X - ok

14:19:18.0713 10140 JRAID (1c368c1a2733dcc5b8e15420aa2b0f6d) C:\Windows\system32\DRIVERS\jraid.sys

14:19:18.0713 10140 JRAID - ok

14:19:18.0745 10140 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

14:19:18.0746 10140 kbdclass - ok

14:19:18.0820 10140 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

14:19:18.0821 10140 kbdhid - ok

14:19:18.0845 10140 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:19:18.0846 10140 KeyIso - ok

14:19:18.0898 10140 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

14:19:18.0899 10140 KSecDD - ok

14:19:18.0931 10140 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

14:19:18.0932 10140 KSecPkg - ok

14:19:18.0937 10140 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

14:19:18.0946 10140 ksthunk - ok

14:19:18.0965 10140 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

14:19:18.0967 10140 KtmRm - ok

14:19:19.0033 10140 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

14:19:19.0035 10140 LanmanServer - ok

14:19:19.0108 10140 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

14:19:19.0110 10140 LanmanWorkstation - ok

14:19:19.0222 10140 LBTServ (88e52495b47c67126b510af53fdb0bc7) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

14:19:19.0223 10140 LBTServ - ok

14:19:19.0278 10140 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys

14:19:19.0279 10140 LHidFilt - ok

14:19:20.0656 10140 LiveUpdate (e34152d03caaaaa81dd66d803f392522) C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE

14:19:20.0666 10140 LiveUpdate - ok

14:19:20.0718 10140 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

14:19:20.0719 10140 lltdio - ok

14:19:20.0761 10140 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

14:19:20.0762 10140 lltdsvc - ok

14:19:20.0795 10140 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

14:19:20.0796 10140 lmhosts - ok

14:19:20.0916 10140 LMIGuardianSvc (d55a7d0553c7102f63872936c7a9d9db) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

14:19:20.0917 10140 LMIGuardianSvc - ok

14:19:20.0987 10140 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys

14:19:20.0988 10140 LMIInfo - ok

14:19:21.0010 10140 LMIMaint (a7d256c8847df6e88bddb55f87e54f46) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe

14:19:21.0011 10140 LMIMaint - ok

14:19:21.0043 10140 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys

14:19:21.0044 10140 lmimirr - ok

14:19:21.0054 10140 LMIRfsClientNP - ok

14:19:21.0061 10140 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys

14:19:21.0062 10140 LMIRfsDriver - ok

14:19:21.0159 10140 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys

14:19:21.0159 10140 LMouFilt - ok

14:19:21.0242 10140 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe

14:19:21.0244 10140 LogMeIn - ok

14:19:21.0276 10140 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

14:19:21.0276 10140 LSI_FC - ok

14:19:21.0299 10140 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

14:19:21.0300 10140 LSI_SAS - ok

14:19:21.0321 10140 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

14:19:21.0321 10140 LSI_SAS2 - ok

14:19:21.0335 10140 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

14:19:21.0335 10140 LSI_SCSI - ok

14:19:21.0375 10140 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

14:19:21.0376 10140 luafv - ok

14:19:21.0438 10140 LVcKap64 (3c7a54ae999841f30e4648e0de9e4b46) C:\Windows\system32\DRIVERS\LVcKap64.sys

14:19:21.0442 10140 LVcKap64 - ok

14:19:22.0157 10140 LVMVDrv (d621d1c9650a5add39c64047fcf860a5) C:\Windows\system32\DRIVERS\LVMVDrv.sys

14:19:22.0165 10140 LVMVDrv - ok

14:19:22.0211 10140 LVPr2Mon (e379cb87bf2dc0787d825d4cb91c27a8) C:\Windows\system32\DRIVERS\LVPr2Mon.sys

14:19:22.0227 10140 LVPr2Mon - ok

14:19:22.0315 10140 LVPrcS64 (df8b20bbec546d94cecf75c48a596aec) c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe

14:19:22.0315 10140 LVPrcS64 - ok

14:19:22.0363 10140 LVSrvLauncher (65e0ec0338c9ade32d044a8cc18c147b) C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

14:19:22.0364 10140 LVSrvLauncher - ok

14:19:22.0446 10140 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

14:19:22.0447 10140 MBAMProtector - ok

14:19:22.0618 10140 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

14:19:22.0620 10140 MBAMService - ok

14:19:22.0685 10140 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

14:19:22.0686 10140 Mcx2Svc - ok

14:19:22.0711 10140 MDPMGRNT - ok

14:19:22.0742 10140 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

14:19:22.0743 10140 megasas - ok

14:19:22.0788 10140 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

14:19:22.0789 10140 MegaSR - ok

14:19:22.0905 10140 MemeoBackgroundService (780d96f551833e0dcfe0a33b02b774e8) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe

14:19:22.0906 10140 MemeoBackgroundService - ok

14:19:23.0015 10140 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

14:19:23.0016 10140 Microsoft Office Groove Audit Service - ok

14:19:23.0055 10140 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

14:19:23.0055 10140 MMCSS - ok

14:19:23.0082 10140 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

14:19:23.0083 10140 Modem - ok

14:19:23.0107 10140 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

14:19:23.0108 10140 monitor - ok

14:19:23.0173 10140 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

14:19:23.0174 10140 mouclass - ok

14:19:23.0249 10140 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

14:19:23.0250 10140 mouhid - ok

14:19:23.0291 10140 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

14:19:23.0292 10140 mountmgr - ok

14:19:23.0429 10140 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

14:19:23.0429 10140 MozillaMaintenance - ok

14:19:23.0499 10140 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

14:19:23.0500 10140 mpio - ok

14:19:23.0549 10140 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

14:19:23.0550 10140 mpsdrv - ok

14:19:23.0615 10140 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

14:19:23.0618 10140 MpsSvc - ok

14:19:23.0668 10140 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

14:19:23.0669 10140 MRxDAV - ok

14:19:23.0791 10140 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

14:19:23.0792 10140 mrxsmb - ok

14:19:23.0845 10140 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:19:23.0849 10140 mrxsmb10 - ok

14:19:23.0946 10140 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:19:23.0947 10140 mrxsmb20 - ok

14:19:24.0001 10140 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

14:19:24.0002 10140 msahci - ok

14:19:24.0070 10140 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

14:19:24.0071 10140 msdsm - ok

14:19:24.0141 10140 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

14:19:24.0142 10140 MSDTC - ok

14:19:24.0174 10140 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

14:19:24.0181 10140 Msfs - ok

14:19:24.0223 10140 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

14:19:24.0224 10140 mshidkmdf - ok

14:19:24.0237 10140 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

14:19:24.0238 10140 msisadrv - ok

14:19:24.0283 10140 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

14:19:24.0285 10140 MSiSCSI - ok

14:19:24.0286 10140 msiserver - ok

14:19:24.0326 10140 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

14:19:24.0326 10140 MSKSSRV - ok

14:19:24.0374 10140 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

14:19:24.0374 10140 MSPCLOCK - ok

14:19:24.0395 10140 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

14:19:24.0395 10140 MSPQM - ok

14:19:24.0465 10140 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

14:19:24.0467 10140 MsRPC - ok

14:19:24.0480 10140 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

14:19:24.0480 10140 mssmbios - ok

14:19:24.0495 10140 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

14:19:24.0495 10140 MSTEE - ok

14:19:24.0549 10140 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

14:19:24.0549 10140 MTConfig - ok

14:19:24.0573 10140 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

14:19:24.0574 10140 Mup - ok

14:19:24.0633 10140 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

14:19:24.0644 10140 napagent - ok

14:19:24.0664 10140 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

14:19:24.0666 10140 NativeWifiP - ok

14:19:24.0822 10140 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120704.017\ENG64.SYS

14:19:24.0823 10140 NAVENG - ok

14:19:26.0045 10140 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120704.017\EX64.SYS

14:19:26.0052 10140 NAVEX15 - ok

14:19:26.0325 10140 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

14:19:26.0329 10140 NDIS - ok

14:19:26.0354 10140 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

14:19:26.0354 10140 NdisCap - ok

14:19:26.0379 10140 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

14:19:26.0380 10140 NdisTapi - ok

14:19:26.0437 10140 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

14:19:26.0437 10140 Ndisuio - ok

14:19:26.0487 10140 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

14:19:26.0492 10140 NdisWan - ok

14:19:26.0647 10140 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

14:19:26.0647 10140 NDProxy - ok

14:19:26.0683 10140 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

14:19:26.0690 10140 NetBIOS - ok

14:19:26.0744 10140 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

14:19:26.0745 10140 NetBT - ok

14:19:26.0772 10140 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:19:26.0773 10140 Netlogon - ok

14:19:26.0889 10140 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

14:19:26.0891 10140 Netman - ok

14:19:26.0946 10140 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

14:19:26.0948 10140 netprofm - ok

14:19:27.0050 10140 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

14:19:27.0051 10140 NetTcpPortSharing - ok

14:19:27.0058 10140 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

14:19:27.0059 10140 nfrd960 - ok

14:19:27.0119 10140 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

14:19:27.0120 10140 NlaSvc - ok

14:19:27.0202 10140 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys

14:19:27.0202 10140 NPF - ok

14:19:27.0251 10140 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

14:19:27.0252 10140 Npfs - ok

14:19:27.0265 10140 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

14:19:27.0266 10140 nsi - ok

14:19:27.0278 10140 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

14:19:27.0278 10140 nsiproxy - ok

14:19:27.0611 10140 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

14:19:27.0989 10140 Ntfs - ok

14:19:28.0393 10140 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

14:19:28.0413 10140 Null - ok

14:19:28.0559 10140 nusb3hub (785298579b5f9b4032152dfbb992fdb6) C:\Windows\system32\DRIVERS\nusb3hub.sys

14:19:28.0560 10140 nusb3hub - ok

14:19:28.0707 10140 nusb3xhc (df2750481b4964814467c974f2b0eef1) C:\Windows\system32\DRIVERS\nusb3xhc.sys

14:19:28.0708 10140 nusb3xhc - ok

14:19:28.0989 10140 NVHDA (ed9380f201c8126425c09bed96dbe1e5) C:\Windows\system32\drivers\nvhda64v.sys

14:19:28.0990 10140 NVHDA - ok

14:19:31.0261 10140 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys

14:19:31.0447 10140 nvlddmkm - ok

14:19:31.0740 10140 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

14:19:31.0741 10140 nvraid - ok

14:19:31.0856 10140 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

14:19:31.0857 10140 nvstor - ok

14:19:31.0919 10140 NVSvc (dfda089bb2cd0ff7e789e2ef6ba1e4ba) C:\Windows\system32\nvvsvc.exe

14:19:31.0923 10140 NVSvc - ok

14:19:32.0737 10140 nvUpdatusService (e7818cd4fb51284c948d68a7a85a69b8) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

14:19:32.0744 10140 nvUpdatusService - ok

14:19:32.0850 10140 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

14:19:32.0851 10140 nv_agp - ok

14:19:32.0944 10140 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

14:19:32.0946 10140 odserv - ok

14:19:32.0986 10140 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

14:19:32.0987 10140 ohci1394 - ok

14:19:33.0017 10140 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

14:19:33.0018 10140 ose - ok

14:19:33.0062 10140 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

14:19:33.0063 10140 p2pimsvc - ok

14:19:33.0091 10140 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

14:19:33.0093 10140 p2psvc - ok

14:19:33.0181 10140 PaeFireStudio (8692e2c78408fa25c8ab2bfff4ded0e0) C:\Windows\system32\Drivers\PaeFireStudio.sys

14:19:33.0182 10140 PaeFireStudio - ok

14:19:33.0239 10140 PaeFireStudioAudio (22e549e6193f746c7f63a1db30ba0a65) C:\Windows\system32\drivers\PaeFireStudioAudio.sys

14:19:33.0239 10140 PaeFireStudioAudio - ok

14:19:33.0265 10140 PaeFireStudioMidi (fd229adc885219dedbe89359fd4e00ed) C:\Windows\system32\drivers\PaeFireStudioMidi.sys

14:19:33.0266 10140 PaeFireStudioMidi - ok

14:19:33.0302 10140 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

14:19:33.0303 10140 Parport - ok

14:19:33.0348 10140 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

14:19:33.0349 10140 partmgr - ok

14:19:33.0399 10140 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

14:19:33.0400 10140 PcaSvc - ok

14:19:33.0442 10140 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

14:19:33.0443 10140 pci - ok

14:19:33.0457 10140 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

14:19:33.0458 10140 pciide - ok

14:19:33.0480 10140 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

14:19:33.0481 10140 pcmcia - ok

14:19:33.0502 10140 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

14:19:33.0503 10140 pcw - ok

14:19:33.0553 10140 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

14:19:33.0556 10140 PEAUTH - ok

14:19:33.0613 10140 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll

14:19:33.0618 10140 PeerDistSvc - ok

14:19:33.0738 10140 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

14:19:33.0739 10140 PerfHost - ok

14:19:33.0860 10140 PhoneMyPC_Helper (09ca0e8c9ae1470dd8fc0440773a9238) C:\Program Files\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe

14:19:33.0861 10140 PhoneMyPC_Helper - ok

14:19:34.0311 10140 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

14:19:34.0316 10140 pla - ok

14:19:34.0580 10140 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

14:19:34.0582 10140 PlugPlay - ok

14:19:34.0594 10140 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

14:19:34.0595 10140 PNRPAutoReg - ok

14:19:34.0606 10140 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

14:19:34.0608 10140 PNRPsvc - ok

14:19:34.0678 10140 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

14:19:34.0680 10140 PolicyAgent - ok

14:19:34.0730 10140 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

14:19:34.0731 10140 Power - ok

14:19:34.0791 10140 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

14:19:34.0798 10140 PptpMiniport - ok

14:19:34.0825 10140 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

14:19:34.0825 10140 Processor - ok

14:19:34.0891 10140 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll

14:19:34.0893 10140 ProfSvc - ok

14:19:34.0922 10140 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:19:34.0923 10140 ProtectedStorage - ok

14:19:35.0010 10140 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

14:19:35.0011 10140 Psched - ok

14:19:35.0041 10140 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys

14:19:35.0042 10140 PxHlpa64 - ok

14:19:35.0150 10140 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

14:19:35.0155 10140 ql2300 - ok

14:19:35.0186 10140 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

14:19:35.0186 10140 ql40xx - ok

14:19:35.0206 10140 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

14:19:35.0208 10140 QWAVE - ok

14:19:35.0222 10140 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

14:19:35.0223 10140 QWAVEdrv - ok

14:19:35.0279 10140 radpms (58435613c2537715a9423597ec6635cc) C:\Windows\system32\DRIVERS\radpms.sys

14:19:35.0279 10140 radpms - ok

14:19:35.0303 10140 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

14:19:35.0304 10140 RasAcd - ok

14:19:35.0340 10140 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

14:19:35.0347 10140 RasAgileVpn - ok

14:19:35.0388 10140 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

14:19:35.0389 10140 RasAuto - ok

14:19:35.0514 10140 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

14:19:35.0515 10140 Rasl2tp - ok

14:19:35.0574 10140 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

14:19:35.0576 10140 RasMan - ok

14:19:35.0594 10140 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

14:19:35.0595 10140 RasPppoe - ok

14:19:35.0693 10140 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

14:19:35.0694 10140 RasSstp - ok

14:19:35.0767 10140 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

14:19:35.0768 10140 rdbss - ok

14:19:35.0786 10140 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

14:19:35.0786 10140 rdpbus - ok

14:19:35.0792 10140 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

14:19:35.0793 10140 RDPCDD - ok

14:19:35.0858 10140 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys

14:19:35.0859 10140 RDPDR - ok

14:19:35.0900 10140 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

14:19:35.0900 10140 RDPENCDD - ok

14:19:35.0915 10140 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

14:19:35.0915 10140 RDPREFMP - ok

14:19:35.0991 10140 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys

14:19:35.0991 10140 RdpVideoMiniport - ok

14:19:36.0044 10140 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys

14:19:36.0045 10140 RDPWD - ok

14:19:36.0094 10140 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

14:19:36.0095 10140 rdyboost - ok

14:19:36.0131 10140 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

14:19:36.0132 10140 RemoteAccess - ok

14:19:36.0157 10140 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

14:19:36.0179 10140 RemoteRegistry - ok

14:19:36.0366 10140 rexcavthds (2213f88cdd94cc9cc0e34ca5e4fdaafc) C:\Users\Mitch\AppData\Local\Temp\DAT2963.tmp.exe

14:19:36.0367 10140 Suspicious file (NoAccess): C:\Users\Mitch\AppData\Local\Temp\DAT2963.tmp.exe. md5: 2213f88cdd94cc9cc0e34ca5e4fdaafc

14:19:36.0367 10140 rexcavthds ( LockedFile.Multi.Generic ) - warning

14:19:36.0367 10140 rexcavthds - detected LockedFile.Multi.Generic (1)

14:19:36.0472 10140 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files (x86)\WinPcap\rpcapd.exe

14:19:36.0472 10140 rpcapd - ok

14:19:36.0527 10140 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

14:19:36.0528 10140 RpcEptMapper - ok

14:19:36.0544 10140 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

14:19:36.0544 10140 RpcLocator - ok

14:19:36.0643 10140 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

14:19:36.0646 10140 RpcSs - ok

14:19:36.0679 10140 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

14:19:36.0680 10140 rspndr - ok

14:19:36.0725 10140 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys

14:19:36.0726 10140 RTL8167 - ok

14:19:36.0769 10140 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys

14:19:36.0770 10140 s3cap - ok

14:19:36.0786 10140 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:19:36.0786 10140 SamSs - ok

14:19:36.0852 10140 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

14:19:36.0852 10140 sbp2port - ok

14:19:36.0900 10140 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

14:19:36.0902 10140 SCardSvr - ok

14:19:36.0945 10140 SCDEmu (46942b6980b35ffda6afa40a8328938c) C:\Windows\system32\drivers\SCDEmu.sys

14:19:36.0945 10140 SCDEmu - ok

14:19:36.0991 10140 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

14:19:36.0992 10140 scfilter - ok

14:19:37.0128 10140 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

14:19:37.0133 10140 Schedule - ok

14:19:37.0174 10140 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

14:19:37.0175 10140 SCPolicySvc - ok

14:19:37.0236 10140 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

14:19:37.0238 10140 SDRSVC - ok

14:19:37.0334 10140 SeagateDashboardService (16b44d246835eac156f8daf0aa4f530c) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe

14:19:37.0335 10140 SeagateDashboardService - ok

14:19:37.0350 10140 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

14:19:37.0350 10140 secdrv - ok

14:19:37.0400 10140 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

14:19:37.0401 10140 seclogon - ok

14:19:37.0458 10140 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

14:19:37.0514 10140 SENS - ok

14:19:37.0549 10140 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

14:19:37.0550 10140 SensrSvc - ok

14:19:37.0622 10140 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

14:19:37.0623 10140 Serenum - ok

14:19:37.0648 10140 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

14:19:37.0649 10140 Serial - ok

14:19:37.0672 10140 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

14:19:37.0673 10140 sermouse - ok

14:19:37.0760 10140 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

14:19:37.0761 10140 SessionEnv - ok

14:19:37.0846 10140 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

14:19:37.0846 10140 sffdisk - ok

14:19:37.0901 10140 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

14:19:37.0901 10140 sffp_mmc - ok

14:19:37.0916 10140 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

14:19:37.0917 10140 sffp_sd - ok

14:19:37.0929 10140 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

14:19:37.0930 10140 sfloppy - ok

14:19:37.0974 10140 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

14:19:37.0976 10140 SharedAccess - ok

14:19:38.0142 10140 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

14:19:38.0144 10140 ShellHWDetection - ok

14:19:38.0171 10140 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

14:19:38.0172 10140 SiSRaid2 - ok

14:19:38.0180 10140 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

14:19:38.0181 10140 SiSRaid4 - ok

14:19:38.0260 10140 Smart TimeLock (101556f6216e97f1258d87c38203695f) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe

14:19:38.0261 10140 Smart TimeLock - ok

14:19:38.0293 10140 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

14:19:38.0294 10140 Smb - ok

14:19:38.0697 10140 SmcService (ad97b711074cf27da0c00f2c26e1a62c) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe

14:19:38.0807 10140 SmcService - ok

14:19:39.0001 10140 SNAC (91bd8e268d93aaf5f59aac9de84a25bb) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE

14:19:39.0010 10140 SNAC - ok

14:19:39.0241 10140 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

14:19:39.0242 10140 SNMPTRAP - ok

14:19:39.0253 10140 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

14:19:39.0260 10140 spldr - ok

14:19:39.0361 10140 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

14:19:39.0363 10140 Spooler - ok

14:19:41.0322 10140 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

14:19:41.0353 10140 sppsvc - ok

14:19:41.0458 10140 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

14:19:41.0460 10140 sppuinotify - ok

14:19:41.0587 10140 SRTSP (32900ac9cfdc578531279886ca16a4df) C:\Windows\system32\Drivers\SRTSP64.SYS

14:19:41.0589 10140 SRTSP - ok

14:19:41.0681 10140 SRTSPL (8929566d1f14685fd78eaf25bee3ecc7) C:\Windows\system32\Drivers\SRTSPL64.SYS

14:19:41.0683 10140 SRTSPL - ok

14:19:41.0700 10140 SRTSPX (cb2fdf47ee67f8cca5362ed9b94fe955) C:\Windows\system32\Drivers\SRTSPX64.SYS

14:19:41.0701 10140 SRTSPX - ok

14:19:41.0793 10140 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

14:19:41.0795 10140 srv - ok

14:19:41.0853 10140 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

14:19:41.0855 10140 srv2 - ok

14:19:41.0909 10140 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

14:19:41.0910 10140 srvnet - ok

14:19:41.0968 10140 ssadbus (866f8212ef7e75bac8bca03331e30cb4) C:\Windows\system32\DRIVERS\ssadbus.sys

14:19:41.0968 10140 ssadbus - ok

14:19:41.0993 10140 ssadmdfl (73e2ba39e7eb024dc686412e2e924a74) C:\Windows\system32\DRIVERS\ssadmdfl.sys

14:19:41.0993 10140 ssadmdfl - ok

14:19:42.0009 10140 ssadmdm (74b032d6c1e36ae2f790752fde8ce055) C:\Windows\system32\DRIVERS\ssadmdm.sys

14:19:42.0010 10140 ssadmdm - ok

14:19:42.0076 10140 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

14:19:42.0078 10140 SSDPSRV - ok

14:19:42.0102 10140 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

14:19:42.0103 10140 SstpSvc - ok

14:19:42.0211 10140 ssudmdm (855335bf5792e56164f98c012e3d92dd) C:\Windows\system32\DRIVERS\ssudmdm.sys

14:19:42.0212 10140 ssudmdm - ok

14:19:42.0260 10140 Stereo Service (8d01686ae82b466f4cd074f31f2942ca) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

14:19:42.0262 10140 Stereo Service - ok

14:19:42.0288 10140 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

14:19:42.0288 10140 stexstor - ok

14:19:42.0349 10140 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

14:19:42.0352 10140 stisvc - ok

14:19:42.0396 10140 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys

14:19:42.0397 10140 storflt - ok

14:19:42.0415 10140 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys

14:19:42.0415 10140 storvsc - ok

14:19:42.0424 10140 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

14:19:42.0432 10140 swenum - ok

14:19:42.0556 10140 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

14:19:42.0558 10140 SwitchBoard - ok

14:19:42.0588 10140 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

14:19:42.0590 10140 swprv - ok

14:19:43.0787 10140 Symantec AntiVirus (ba2fb8f8ab24d0279caa98a4c118150e) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe

14:19:43.0795 10140 Symantec AntiVirus - ok

14:19:43.0855 10140 SymEvent (7e4d281982e19abd06728c7ee9ac40a8) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

14:19:43.0856 10140 SymEvent - ok

14:19:43.0875 10140 Synth3dVsc - ok

14:19:44.0382 10140 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

14:19:44.0389 10140 SysMain - ok

14:19:44.0434 10140 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

14:19:44.0436 10140 TabletInputService - ok

14:19:44.0705 10140 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

14:19:44.0707 10140 TapiSrv - ok

14:19:44.0860 10140 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

14:19:44.0861 10140 TBS - ok

14:19:45.0075 10140 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

14:19:45.0105 10140 Tcpip - ok

14:19:45.0158 10140 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

14:19:45.0164 10140 TCPIP6 - ok

14:19:45.0224 10140 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

14:19:45.0225 10140 tcpipreg - ok

14:19:45.0273 10140 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

14:19:45.0274 10140 TDPIPE - ok

14:19:45.0319 10140 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

14:19:45.0319 10140 TDTCP - ok

14:19:45.0431 10140 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

14:19:45.0431 10140 tdx - ok

14:19:45.0580 10140 Teefer2 (13657dc475de564247745bf4da23207c) C:\Windows\system32\DRIVERS\teefer2.sys

14:19:45.0580 10140 Teefer2 - ok

14:19:45.0635 10140 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

14:19:45.0636 10140 TermDD - ok

14:19:45.0703 10140 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

14:19:45.0706 10140 TermService - ok

14:19:45.0746 10140 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

14:19:45.0747 10140 Themes - ok

14:19:45.0805 10140 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

14:19:45.0805 10140 THREADORDER - ok

14:19:45.0847 10140 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

14:19:45.0848 10140 TrkWks - ok

14:19:45.0916 10140 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

14:19:45.0917 10140 TrustedInstaller - ok

14:19:45.0962 10140 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

14:19:45.0963 10140 tssecsrv - ok

14:19:46.0045 10140 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

14:19:46.0045 10140 TsUsbFlt - ok

14:19:46.0047 10140 tsusbhub - ok

14:19:46.0161 10140 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

14:19:46.0162 10140 tunnel - ok

14:19:46.0260 10140 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

14:19:46.0261 10140 uagp35 - ok

14:19:46.0315 10140 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

14:19:46.0317 10140 udfs - ok

14:19:46.0370 10140 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

14:19:46.0449 10140 UI0Detect - ok

14:19:46.0458 10140 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

14:19:46.0458 10140 uliagpkx - ok

14:19:46.0522 10140 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

14:19:46.0523 10140 umbus - ok

14:19:46.0537 10140 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

14:19:46.0537 10140 UmPass - ok

14:19:46.0560 10140 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll

14:19:46.0561 10140 UmRdpService - ok

14:19:46.0586 10140 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

14:19:46.0589 10140 upnphost - ok

14:19:46.0652 10140 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys

14:19:46.0653 10140 USBAAPL64 - ok

14:19:46.0690 10140 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

14:19:46.0691 10140 usbaudio - ok

14:19:46.0749 10140 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

14:19:46.0750 10140 usbccgp - ok

14:19:46.0801 10140 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

14:19:46.0802 10140 usbcir - ok

14:19:46.0830 10140 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

14:19:46.0831 10140 usbehci - ok

14:19:46.0928 10140 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

14:19:46.0930 10140 usbhub - ok

14:19:46.0955 10140 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys

14:19:46.0956 10140 usbohci - ok

14:19:47.0002 10140 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

14:19:47.0002 10140 usbprint - ok

14:19:47.0095 10140 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

14:19:47.0096 10140 usbscan - ok

14:19:47.0140 10140 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:19:47.0141 10140 USBSTOR - ok

14:19:47.0174 10140 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys

14:19:47.0174 10140 usbuhci - ok

14:19:47.0195 10140 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

14:19:47.0196 10140 UxSms - ok

14:19:47.0241 10140 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:19:47.0242 10140 VaultSvc - ok

14:19:47.0260 10140 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

14:19:47.0261 10140 vdrvroot - ok

14:19:47.0312 10140 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

14:19:47.0315 10140 vds - ok

14:19:47.0347 10140 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

14:19:47.0347 10140 vga - ok

14:19:47.0363 10140 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

14:19:47.0364 10140 VgaSave - ok

14:19:47.0366 10140 VGPU - ok

14:19:47.0422 10140 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

14:19:47.0423 10140 vhdmp - ok

14:19:47.0534 10140 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

14:19:47.0535 10140 viaide - ok

14:19:47.0646 10140 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys

14:19:47.0647 10140 vmbus - ok

14:19:47.0668 10140 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys

14:19:47.0668 10140 VMBusHID - ok

14:19:47.0679 10140 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

14:19:47.0680 10140 volmgr - ok

14:19:47.0737 10140 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

14:19:47.0738 10140 volmgrx - ok

14:19:47.0779 10140 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

14:19:47.0783 10140 volsnap - ok

14:19:47.0808 10140 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

14:19:47.0809 10140 vsmraid - ok

14:19:48.0017 10140 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

14:19:48.0024 10140 VSS - ok

14:19:48.0048 10140 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

14:19:48.0048 10140 vwifibus - ok

14:19:48.0114 10140 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

14:19:48.0116 10140 W32Time - ok

14:19:48.0134 10140 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

14:19:48.0135 10140 WacomPen - ok

14:19:48.0170 10140 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

14:19:48.0171 10140 WANARP - ok

14:19:48.0173 10140 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

14:19:48.0174 10140 Wanarpv6 - ok

14:19:48.0276 10140 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

14:19:48.0282 10140 wbengine - ok

14:19:48.0308 10140 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

14:19:48.0329 10140 WbioSrvc - ok

14:19:48.0374 10140 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

14:19:48.0376 10140 wcncsvc - ok

14:19:48.0405 10140 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

14:19:48.0406 10140 WcsPlugInService - ok

14:19:48.0444 10140 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

14:19:48.0444 10140 Wd - ok

14:19:48.0479 10140 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

14:19:48.0482 10140 Wdf01000 - ok

14:19:48.0530 10140 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

14:19:48.0531 10140 WdiServiceHost - ok

14:19:48.0533 10140 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

14:19:48.0534 10140 WdiSystemHost - ok

14:19:48.0586 10140 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

14:19:48.0588 10140 WebClient - ok

14:19:48.0618 10140 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

14:19:48.0619 10140 Wecsvc - ok

14:19:48.0640 10140 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

14:19:48.0642 10140 wercplsupport - ok

14:19:48.0670 10140 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

14:19:48.0672 10140 WerSvc - ok

14:19:48.0701 10140 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

14:19:48.0710 10140 WfpLwf - ok

14:19:48.0727 10140 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

14:19:48.0728 10140 WIMMount - ok

14:19:48.0748 10140 WinDefend - ok

14:19:48.0751 10140 WinHttpAutoProxySvc - ok

14:19:48.0840 10140 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

14:19:48.0842 10140 Winmgmt - ok

14:19:49.0015 10140 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

14:19:49.0023 10140 WinRM - ok

14:19:49.0081 10140 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

14:19:49.0082 10140 WinUsb - ok

14:19:49.0147 10140 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

14:19:49.0151 10140 Wlansvc - ok

14:19:49.0568 10140 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

14:19:49.0576 10140 wlidsvc - ok

14:19:49.0643 10140 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

14:19:49.0645 10140 WmiAcpi - ok

14:19:49.0681 10140 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

14:19:49.0682 10140 wmiApSrv - ok

14:19:49.0709 10140 WMPNetworkSvc - ok

14:19:49.0744 10140 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

14:19:49.0746 10140 WPCSvc - ok

14:19:49.0791 10140 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

14:19:49.0792 10140 WPDBusEnum - ok

14:19:49.0852 10140 WPS (6cab753b203f39b4ce05ff10013de2ef) C:\Windows\system32\drivers\wpsdrvnt.sys

14:19:49.0867 10140 WPS - ok

14:19:49.0907 10140 WpsHelper (d9b5a13804b7d97770c42da484a9d86e) C:\Windows\system32\drivers\WpsHelper.sys

14:19:49.0908 10140 WpsHelper - ok

14:19:49.0936 10140 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

14:19:49.0937 10140 ws2ifsl - ok

14:19:49.0970 10140 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

14:19:49.0971 10140 wscsvc - ok

14:19:49.0973 10140 WSearch - ok

14:19:50.0912 10140 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll

14:19:50.0922 10140 wuauserv - ok

14:19:50.0997 10140 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

14:19:50.0998 10140 WudfPf - ok

14:19:51.0078 10140 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

14:19:51.0079 10140 WUDFRd - ok

14:19:51.0125 10140 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

14:19:51.0127 10140 wudfsvc - ok

14:19:51.0140 10140 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

14:19:51.0150 10140 WwanSvc - ok

14:19:51.0176 10140 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

14:19:51.0353 10140 \Device\Harddisk0\DR0 - ok

14:19:51.0356 10140 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR6

14:19:51.0358 10140 \Device\Harddisk1\DR6 - ok

14:19:51.0359 10140 Boot (0x1200) (6ab59b1549ac591e372255301d137528) \Device\Harddisk0\DR0\Partition0

14:19:51.0360 10140 \Device\Harddisk0\DR0\Partition0 - ok

14:19:51.0381 10140 Boot (0x1200) (f8791878b0be165004943df07a874fa5) \Device\Harddisk0\DR0\Partition1

14:19:51.0390 10140 \Device\Harddisk0\DR0\Partition1 - ok

14:19:51.0392 10140 Boot (0x1200) (013df14b7dfca3bbdc99f53af970498a) \Device\Harddisk1\DR6\Partition0

14:19:51.0393 10140 \Device\Harddisk1\DR6\Partition0 - ok

14:19:51.0393 10140 ============================================================

14:19:51.0393 10140 Scan finished

14:19:51.0393 10140 ============================================================

14:19:51.0399 8632 Detected object count: 1

14:19:51.0399 8632 Actual detected object count: 1

14:20:56.0351 8632 C:\Users\Mitch\AppData\Local\Temp\DAT2963.tmp.exe - copied to quarantine

14:20:56.0363 8632 rexcavthds ( LockedFile.Multi.Generic ) - User select action: Quarantine

Link to post
Share on other sites

Hello and welcome to Malwarebytes

If you think you are infected, here are the steps needed to get your computer cleaned....

Please read the following so that you can begin the cleaning process:

IMPORTANT: Don't use any temporary file cleaners unless requested - this can cause data loss and make recovery difficult

You have 3 Options that you can choose from as listed below:

  • Option 1 —— Free Expert advice in the Malware Removal Forum
  • Option 2 —— Paying customer -- Contact Support via email
  • Option 3 —— Premium, Fee-Based Support

OPTION 1

As we don't deal with malware removal in the General Malwarebytes' Anti-Malware Forum, you need to start a topic in the

Malware Removal forum so a qualified helper can help you fix any malware related problems/infections you may have.

  • Please read and follow the directions >>Right HERE<<, skipping any steps you are unable to complete.
  • After posting your new post, make sure under options, you select Track this topic and choose Immediate Email Notification,
    so that you're alerted when someone has replied to your post.

NOTE: Please do not post back to (bump) your topic within the first 48 hours.

Replying to your own posts changes the post count and helpers are looking for topics with zero replies.

If you reply to your own post helpers may think that you're already being helped and thus overlook your post.

  • If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.
    Or
  • You may send a Private Message to a Moderator asking for assistance.

OPTION 2

Alternatively, as a paying customer, you can contact the help desk by filling out the form located >>Right HERE<<

OPTION 3

If you would like to use our Malwarebytes Premium Services, Comprehensive solutions to all your computer support needs—from installation and set-up to troubleshooting and tune-ups go to our Malwarebytes Premium Services support site >>Right HERE<<

Please be patient, someone will assist you as soon as possible.

PS: Please use the "Reply to this Topic" or "More Reply Options" buttons (instead of the “Quote” and “MultiQuote” buttons) when replying here & at the other forums. That will make your topic easier to follow. :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.