Inactive Google searches redirected me to other sites - logs below

W

wysprock

Posts: 8   +0
Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.06.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Bob :: BOB-PC [administrator]

Protection: Enabled

8/6/2012 12:46:43 AM
mbam-log-2012-08-06 (00-46-43).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 381446
Time elapsed: 53 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Users\Bob\AppData\Local\Diagnostics\Deployment\mibhoh.dll (Trojan.RedirRdll3.Gen) -> Delete on reboot.

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Deployment (Trojan.RedirRdll3.Gen) -> Data: rundll32.exe "C:\Users\Bob\AppData\Local\Diagnostics\Deployment\mibhoh.dll",CreateInstance -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Bob\AppData\Local\Temp\0.6937230407745049 (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Users\Bob\AppData\Local\Diagnostics\Deployment\mibhoh.dll (Trojan.RedirRdll3.Gen) -> Delete on reboot.

(end)
 
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-08-06 02:13:15
Windows 6.1.7601 Service Pack 1
Running: ldnodw1v.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc77374fe691
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc77374fe691 (not active ControlSet)

---- Files - GMER 1.0.15 ----

File C:\System Volume Information\12{3808876b-c176-4e48-b7ae-04046e6cc752} -1149239296 bytes

---- EOF - GMER 1.0.15 ----
 
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Bob at 10:54:00 on 2012-08-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8106.6099 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Bob\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Users\Bob\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bob\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bob\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bob\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://sports.yahoo.com/mlb
uDefault_Page_URL = hxxp://www.dell.com
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PlusIEEventHelper Class: {551a852f-39a6-44a7-9c13-afbec9185a9d} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [Google Update] "C:\Users\Bob\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
mRun: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
Trusted Zone: uscourts.gov
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 192.168.10.1
TCP: Interfaces\{7B4B9E12-EECC-41DF-ACC6-7C5081B39D0B} : DhcpNameServer = 192.168.10.1
TCP: Interfaces\{7B4B9E12-EECC-41DF-ACC6-7C5081B39D0B}\24755434D2E6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7B4B9E12-EECC-41DF-ACC6-7C5081B39D0B}\452554E444E65647635323 : DhcpNameServer = 192.168.10.1
TCP: Interfaces\{7B4B9E12-EECC-41DF-ACC6-7C5081B39D0B}\9335942433 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7B4B9E12-EECC-41DF-ACC6-7C5081B39D0B}\E44575F57457563747 : DhcpNameServer = 4.2.2.1 4.2.2.2
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\System32\mscoree.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
mRun-x64: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
mRun-x64: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
mRun-x64: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun-x64: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-11-3 983104]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2010-12-2 1251840]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-4-24 1692480]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-2-18 378472]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD Smartware\WDBackupEngine.exe [2012-4-24 1150368]
R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-4-11 247704]
R2 WDRulesService;WD Rules;C:\Program Files (x86)\Western Digital\WD Smartware\WDRulesEngine.exe [2012-4-11 1177496]
R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-2-10 245760]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]
R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/04/24 02:47:26;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-29 236016]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-6 655944]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-4-24 2009704]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-4-24 2656280]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-3 1298496]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\DRIVERS\nvstusb.sys --> C:\Windows\system32\DRIVERS\nvstusb.sys [?]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-08-06 06:13:379133488----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{15339E35-048B-4AF3-B310-0C2755A7F021}\mpengine.dll
2012-08-06 04:46:06--------d-----w-C:\Users\Bob\AppData\Roaming\Malwarebytes
2012-08-06 04:45:52--------d-----w-C:\ProgramData\Malwarebytes
2012-08-06 04:45:5124904----a-w-C:\Windows\System32\drivers\mbam.sys
2012-08-06 04:45:50--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-04 17:55:129133488----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-12 01:31:333148800----a-w-C:\Windows\System32\win32k.sys
2012-07-11 20:43:43--------d-----w-C:\Program Files\Western Digital
.
==================== Find3M ====================
.
2012-07-17 01:49:4570344----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-17 01:49:45426184----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-25 20:04:241394248----a-w-C:\Windows\SysWow64\msxml4.dll
2012-06-06 06:06:162004480----a-w-C:\Windows\System32\msxml6.dll
2012-06-06 06:06:161881600----a-w-C:\Windows\System32\msxml3.dll
2012-06-06 06:02:541133568----a-w-C:\Windows\System32\cdosys.dll
2012-06-06 05:05:521390080----a-w-C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:521236992----a-w-C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06805376----a-w-C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:15:312622464----a-w-C:\Windows\System32\wucltux.dll
2012-06-02 22:15:0899840----a-w-C:\Windows\System32\wudriver.dll
2012-06-02 19:19:42186752----a-w-C:\Windows\System32\wuwebv.dll
2012-06-02 19:15:1236864----a-w-C:\Windows\System32\wuapp.exe
2012-06-02 12:12:172311680----a-w-C:\Windows\System32\jscript9.dll
2012-06-02 12:05:281392128----a-w-C:\Windows\System32\wininet.dll
2012-06-02 12:04:501494528----a-w-C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40173056----a-w-C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:082382848----a-w-C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:251800192----a-w-C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:081129472----a-w-C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:031427968----a-w-C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33142848----a-w-C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:522382848----a-w-C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10458704----a-w-C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:1695600----a-w-C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16151920----a-w-C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31340992----a-w-C:\Windows\System32\schannel.dll
2012-06-02 05:44:21307200----a-w-C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:4222016----a-w-C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39225280----a-w-C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10219136----a-w-C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:0996768----a-w-C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 10:54:49.54 ===============
 
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/8/2011 8:56:59 PM
System Uptime: 8/6/2012 10:51:13 AM (0 hours ago)
.
Motherboard: Dell Inc. | | 0XN71K
Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz | CPU | 2001/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 339.532 GiB free.
D: is FIXED (NTFS) - 466 GiB total, 465.058 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
AccelerometerP11
Accidental Damage Services Agreement
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.3)
Advanced Audio FX Engine
Apple Application Support
Apple Software Update
Best Case Bankruptcy
Bing Bar
Bing Bar Platform
Bing Rewards Client Installer
Brother MFL-Pro Suite MFC-665CW
Brother MFL-Pro Suite MFC-7360N
Consumer In-Home Service Agreement
Cozi
CyberLink PowerDVD 9.6
D3DX10
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Getting Started Guide
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell VideoStage
Dell Webcam Central
DirectX 9 Runtime
eBay
Google Chrome
Google Talk Plugin
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Wireless Display
Internet Explorer
Java Auto Updater
Java(TM) 6 Update 29
Junk Mail filter update
Malwarebytes Anti-Malware version 1.62.0.1300
Mesh Runtime
Messenger Companion
Microsoft Default Manager
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB973685)
Nuance PDF Viewer Plus
NVIDIA Stereoscopic 3D Driver
PhotoShowExpress
QuickBooks
QuickBooks Pro 2011
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Scansoft PDF Professional
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Skype Toolbars
Skype™ 4.2
Sonic CinePlayer Decoder Pack
Spelling Dictionaries Support For Adobe Reader 9
Trillian
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
8/6/2012 12:31:22 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Bob-PC\Bob SID (S-1-5-21-3712821319-410340708-3111054663-1002) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
8/5/2012 7:24:33 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
8/5/2012 12:10:22 AM, Error: Service Control Manager [7034] - The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s).
8/5/2012 1:41:12 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
8/2/2012 11:41:43 PM, Error: Service Control Manager [7031] - The WD Backup service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
.
==== End Of File ===========================
 
Hello, and welcome to TechSpot.


rulesx.png
Please see here for the board rules and other FAQ.

Please feel free to introduce yourself, after you follow the steps below to get started.

Information
  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • If you have already asked for help somewhere, please post the link to the topic you were helped.
  • We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

tdss_1.jpg


-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

tdss_2.jpg


------------------------

Click the Start Scan button.

tdss_3.jpg


-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue


tdss_4.jpg


----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


tdss_5.jpg



--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
 
10:28:31.0876 5484TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
10:28:32.0206 5484============================================================
10:28:32.0206 5484Current date / time: 2012/08/07 10:28:32.0206
10:28:32.0206 5484SystemInfo:
10:28:32.0206 5484
10:28:32.0206 5484OS Version: 6.1.7601 ServicePack: 1.0
10:28:32.0206 5484Product type: Workstation
10:28:32.0206 5484ComputerName: BOB-PC
10:28:32.0207 5484UserName: Bob
10:28:32.0207 5484Windows directory: C:\Windows
10:28:32.0207 5484System windows directory: C:\Windows
10:28:32.0207 5484Running under WOW64
10:28:32.0207 5484Processor architecture: Intel x64
10:28:32.0207 5484Number of processors: 8
10:28:32.0207 5484Page size: 0x1000
10:28:32.0207 5484Boot type: Normal boot
10:28:32.0207 5484============================================================
10:28:34.0616 5484Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:28:34.0855 5484Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:28:34.0928 5484============================================================
10:28:34.0928 5484\Device\Harddisk0\DR0:
10:28:34.0929 5484MBR partitions:
10:28:34.0929 5484\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0x1D4C000
10:28:34.0929 5484\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7F000, BlocksNum 0x38606800
10:28:34.0929 5484\Device\Harddisk1\DR1:
10:28:34.0930 5484MBR partitions:
10:28:34.0930 5484\Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
10:28:34.0930 5484============================================================
10:28:35.0022 5484C: <-> \Device\Harddisk0\DR0\Partition1
10:28:35.0048 5484D: <-> \Device\Harddisk1\DR1\Partition0
10:28:35.0048 5484============================================================
10:28:35.0048 5484Initialize success
10:28:35.0048 5484============================================================
10:28:56.0238 4604============================================================
10:28:56.0239 4604Scan started
10:28:56.0239 4604Mode: Manual; SigCheck; TDLFS;
10:28:56.0239 4604============================================================
10:28:58.0468 46041394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:28:58.0636 46041394ohci - ok
10:28:58.0713 4604Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
10:28:58.0750 4604Acceler - ok
10:28:58.0881 4604ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:28:58.0946 4604ACPI - ok
10:28:59.0019 4604AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:28:59.0195 4604AcpiPmi - ok
10:28:59.0440 4604AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:28:59.0461 4604AdobeARMservice - ok
10:28:59.0738 4604adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:28:59.0796 4604adp94xx - ok
10:28:59.0962 4604adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:29:00.0004 4604adpahci - ok
10:29:00.0159 4604adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:29:00.0200 4604adpu320 - ok
10:29:00.0260 4604AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:29:01.0029 4604AeLookupSvc - ok
10:29:01.0315 4604AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
10:29:01.0471 4604AFD - ok
10:29:01.0554 4604agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:29:01.0622 4604agp440 - ok
10:29:01.0758 4604ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:29:01.0907 4604ALG - ok
10:29:01.0994 4604aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:29:02.0018 4604aliide - ok
10:29:02.0036 4604amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:29:02.0059 4604amdide - ok
10:29:02.0190 4604AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:29:02.0297 4604AmdK8 - ok
10:29:02.0407 4604AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:29:02.0490 4604AmdPPM - ok
10:29:03.0169 4604amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:29:03.0288 4604amdsata - ok
10:29:03.0537 4604amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:29:03.0574 4604amdsbs - ok
10:29:03.0642 4604amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:29:03.0662 4604amdxata - ok
10:29:03.0823 4604AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:29:04.0710 4604AppID - ok
10:29:04.0802 4604AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:29:04.0868 4604AppIDSvc - ok
10:29:05.0152 4604Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
10:29:05.0263 4604Appinfo - ok
10:29:05.0747 4604Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:29:05.0773 4604Apple Mobile Device - ok
10:29:06.0091 4604arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:29:06.0123 4604arc - ok
10:29:06.0206 4604arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:29:06.0245 4604arcsas - ok
10:29:06.0324 4604AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:29:06.0401 4604AsyncMac - ok
10:29:06.0449 4604atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:29:06.0472 4604atapi - ok
10:29:07.0424 4604AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:29:07.0603 4604AudioEndpointBuilder - ok
10:29:07.0608 4604AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:29:07.0640 4604AudioSrv - ok
10:29:07.0826 4604AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
10:29:08.0123 4604AxInstSV - ok
10:29:08.0567 4604b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:29:08.0690 4604b06bdrv - ok
10:29:08.0937 4604b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:29:09.0061 4604b57nd60a - ok
10:29:09.0200 4604BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:29:09.0325 4604BDESVC - ok
10:29:09.0395 4604Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:29:09.0494 4604Beep - ok
10:29:10.0401 4604BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
10:29:10.0518 4604BFE - ok
10:29:12.0060 4604BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
10:29:12.0220 4604BITS - ok
10:29:12.0440 4604blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:29:12.0485 4604blbdrive - ok
10:29:14.0037 4604Bluetooth Device Monitor (093b1b419ef25b15d3a1ca6953f41afb) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
10:29:14.0186 4604Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning
10:29:14.0186 4604Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1)
10:29:15.0539 4604Bluetooth Media Service (03a7341e94acd92e0831336d4f3ace92) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
10:29:16.0202 4604Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning
10:29:16.0202 4604Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1)
10:29:17.0598 4604Bluetooth OBEX Service (a2ebf384ed105fed7d05c5465500ef2e) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
10:29:17.0651 4604Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - warning
10:29:17.0651 4604Bluetooth OBEX Service - detected UnsignedFile.Multi.Generic (1)
10:29:18.0369 4604Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
10:29:18.0449 4604Bonjour Service - ok
10:29:19.0717 4604bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:29:19.0820 4604bowser - ok
10:29:19.0870 4604BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:29:20.0030 4604BrFiltLo - ok
10:29:20.0049 4604BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:29:20.0063 4604BrFiltUp - ok
10:29:20.0235 4604Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
10:29:20.0391 4604Browser - ok
10:29:20.0763 4604Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:29:20.0899 4604Brserid - ok
10:29:21.0011 4604BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:29:21.0062 4604BrSerWdm - ok
10:29:21.0101 4604BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:29:21.0160 4604BrUsbMdm - ok
10:29:21.0170 4604BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:29:21.0227 4604BrUsbSer - ok
10:29:21.0930 4604BrYNSvc (ea7e57f87d6fee5fd6c5f813c04e8cd2) C:\Program Files (x86)\Browny02\BrYNSvc.exe
10:29:21.0948 4604BrYNSvc ( UnsignedFile.Multi.Generic ) - warning
10:29:21.0948 4604BrYNSvc - detected UnsignedFile.Multi.Generic (1)
10:29:22.0170 4604BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
10:29:22.0268 4604BthEnum - ok
10:29:22.0356 4604BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:29:22.0439 4604BTHMODEM - ok
10:29:22.0594 4604BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
10:29:22.0650 4604BthPan - ok
10:29:23.0269 4604BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
10:29:23.0369 4604BTHPORT - ok
10:29:23.0478 4604bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:29:23.0568 4604bthserv - ok
10:29:23.0653 4604BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
10:29:23.0702 4604BTHUSB - ok
10:29:23.0848 4604btmaux (16c1bac9760c9fa85a30f3fa0fbb1b7a) C:\Windows\system32\DRIVERS\btmaux.sys
10:29:23.0867 4604btmaux - ok
10:29:24.0231 4604btmhsf (0c468d8da95be16bfdd380bb9de88259) C:\Windows\system32\DRIVERS\btmhsf.sys
10:29:24.0305 4604btmhsf - ok
10:29:24.0399 4604cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:29:24.0469 4604cdfs - ok
10:29:24.0844 4604cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
10:29:24.0925 4604cdrom - ok
10:29:25.0092 4604CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:29:25.0156 4604CertPropSvc - ok
10:29:25.0458 4604circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:29:25.0509 4604circlass - ok
10:29:25.0760 4604CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:29:25.0805 4604CLFS - ok
10:29:26.0389 4604CLKMSVC10_9EC60124 (730bf325e4cc1e3935b81943ac6da216) c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
10:29:26.0441 4604CLKMSVC10_9EC60124 - ok
10:29:26.0730 4604clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:29:26.0756 4604clr_optimization_v2.0.50727_32 - ok
10:29:26.0955 4604clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:29:26.0968 4604clr_optimization_v2.0.50727_64 - ok
10:29:27.0312 4604clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:29:27.0349 4604clr_optimization_v4.0.30319_32 - ok
10:29:27.0672 4604clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:29:27.0692 4604clr_optimization_v4.0.30319_64 - ok
10:29:27.0926 4604CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:29:27.0951 4604CmBatt - ok
10:29:28.0035 4604cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:29:28.0071 4604cmdide - ok
10:29:28.0396 4604CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
10:29:28.0452 4604CNG - ok
10:29:28.0510 4604Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:29:28.0532 4604Compbatt - ok
10:29:28.0597 4604CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:29:28.0652 4604CompositeBus - ok
10:29:28.0678 4604COMSysApp - ok
10:29:28.0732 4604crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:29:28.0760 4604crcdisk - ok
10:29:29.0058 4604CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
10:29:29.0130 4604CryptSvc - ok
10:29:29.0331 4604CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\Windows\system32\DRIVERS\CtClsFlt.sys
10:29:29.0404 4604CtClsFlt - ok
10:29:30.0007 4604DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:29:30.0166 4604DcomLaunch - ok
10:29:30.0717 4604defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:29:30.0847 4604defragsvc - ok
10:29:30.0984 4604DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:29:31.0040 4604DfsC - ok
10:29:31.0352 4604Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
10:29:31.0480 4604Dhcp - ok
10:29:31.0688 4604discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:29:31.0764 4604discache - ok
10:29:31.0943 4604Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:29:31.0961 4604Disk - ok
10:29:32.0247 4604Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
10:29:32.0345 4604Dnscache - ok
10:29:32.0806 4604dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
10:29:32.0878 4604dot3svc - ok
10:29:33.0104 4604DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
10:29:33.0145 4604DPS - ok
10:29:33.0187 4604drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:29:33.0255 4604drmkaud - ok
10:29:34.0282 4604DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:29:34.0301 4604DXGKrnl - ok
10:29:34.0439 4604EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:29:34.0541 4604EapHost - ok
10:29:36.0359 4604ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:29:36.0450 4604ebdrv - ok
10:29:37.0163 4604EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
10:29:37.0249 4604EFS - ok
10:29:37.0660 4604ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
10:29:37.0788 4604ehRecvr - ok
10:29:37.0997 4604ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:29:38.0054 4604ehSched - ok
10:29:38.0678 4604elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:29:38.0748 4604elxstor - ok
10:29:38.0781 4604ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:29:38.0819 4604ErrDev - ok
10:29:39.0214 4604EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:29:39.0319 4604EventSystem - ok
10:29:40.0819 4604EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:29:40.0872 4604EvtEng - ok
10:29:41.0472 4604exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:29:41.0527 4604exfat - ok
10:29:41.0629 4604fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:29:41.0716 4604fastfat - ok
10:29:42.0222 4604Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
10:29:42.0340 4604Fax - ok
10:29:42.0441 4604fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:29:42.0490 4604fdc - ok
10:29:42.0547 4604fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:29:42.0642 4604fdPHost - ok
10:29:42.0682 4604FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:29:42.0770 4604FDResPub - ok
10:29:42.0850 4604FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:29:42.0873 4604FileInfo - ok
10:29:42.0928 4604Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:29:42.0978 4604Filetrace - ok
10:29:43.0047 4604flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:29:43.0078 4604flpydisk - ok
10:29:43.0349 4604FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:29:43.0412 4604FltMgr - ok
10:29:44.0231 4604FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
10:29:44.0333 4604FontCache - ok
10:29:44.0407 4604FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:29:44.0431 4604FontCache3.0.0.0 - ok
10:29:44.0579 4604FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:29:44.0631 4604FsDepends - ok
10:29:44.0704 4604Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
10:29:44.0729 4604Fs_Rec - ok
10:29:44.0874 4604fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:29:44.0913 4604fvevol - ok
10:29:44.0982 4604gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:29:45.0028 4604gagp30kx - ok
10:29:45.0083 4604GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:29:45.0103 4604GEARAspiWDM - ok
10:29:45.0554 4604gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
10:29:45.0623 4604gpsvc - ok
10:29:45.0710 4604hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:29:45.0782 4604hcw85cir - ok
10:29:46.0061 4604HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:29:46.0139 4604HdAudAddService - ok
10:29:46.0302 4604HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:29:46.0381 4604HDAudBus - ok
10:29:46.0437 4604HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:29:46.0468 4604HidBatt - ok
10:29:46.0545 4604HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:29:46.0620 4604HidBth - ok
10:29:46.0753 4604HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:29:46.0832 4604HidIr - ok
10:29:46.0926 4604hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
10:29:47.0023 4604hidserv - ok
10:29:47.0110 4604HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
10:29:47.0163 4604HidUsb - ok
10:29:47.0330 4604hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
10:29:47.0410 4604hkmsvc - ok
10:29:47.0605 4604HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
10:29:47.0673 4604HomeGroupListener - ok
10:29:47.0894 4604HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
10:29:47.0945 4604HomeGroupProvider - ok
10:29:48.0025 4604HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:29:48.0053 4604HpSAMD - ok
10:29:48.0356 4604HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:29:48.0462 4604HTTP - ok
10:29:48.0488 4604hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:29:48.0496 4604hwpolicy - ok
10:29:48.0596 4604i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
10:29:48.0651 4604i8042prt - ok
10:29:49.0022 4604iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:29:49.0059 4604iaStorV - ok
10:29:49.0126 4604iBtFltCoex (fc85972037815fa7b413e790b426acb2) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
10:29:49.0175 4604iBtFltCoex - ok
10:29:49.0850 4604idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:29:49.0927 4604idsvc - ok
10:29:55.0059 4604igfx (66dc0ce2d1867b8178eaa0e11930dbd7) C:\Windows\system32\DRIVERS\igdkmd64.sys
10:29:55.0460 4604igfx - ok
10:29:55.0983 4604iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:29:56.0010 4604iirsp - ok
10:29:56.0523 4604IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
10:29:56.0601 4604IKEEXT - ok
10:29:56.0683 4604Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
10:29:56.0754 4604Impcd - ok
10:29:56.0763 4604IntcAzAudAddService - ok
10:29:56.0928 4604IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
10:29:56.0990 4604IntcDAud - ok
10:29:57.0057 4604intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:29:57.0085 4604intelide - ok
10:29:57.0175 4604intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:29:57.0232 4604intelppm - ok
10:29:57.0308 4604IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
10:29:57.0379 4604IPBusEnum - ok
10:29:57.0477 4604IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:29:57.0547 4604IpFilterDriver - ok
10:29:57.0974 4604iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
10:29:58.0153 4604iphlpsvc - ok
10:29:58.0232 4604IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:29:58.0276 4604IPMIDRV - ok
10:29:58.0416 4604IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:29:58.0489 4604IPNAT - ok
10:29:59.0531 4604iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
10:29:59.0574 4604iPod Service - ok
10:29:59.0637 4604IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:29:59.0787 4604IRENUM - ok
10:29:59.0873 4604isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:29:59.0882 4604isapnp - ok
10:30:00.0142 4604iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:30:00.0183 4604iScsiPrt - ok
10:30:00.0291 4604JMCR (43f319de026e04b9cf9219a14bf24fe8) C:\Windows\system32\DRIVERS\jmcr.sys
10:30:00.0344 4604JMCR - ok
10:30:00.0423 4604kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
10:30:00.0450 4604kbdclass - ok
10:30:00.0516 4604kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
10:30:00.0543 4604kbdhid - ok
10:30:00.0614 4604KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:30:00.0638 4604KeyIso - ok
10:30:00.0672 4604KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
10:30:00.0706 4604KSecDD - ok
10:30:00.0775 4604KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
10:30:00.0802 4604KSecPkg - ok
10:30:00.0843 4604ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:30:00.0922 4604ksthunk - ok
10:30:01.0193 4604KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
10:30:01.0304 4604KtmRm - ok
10:30:01.0516 4604LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
10:30:01.0589 4604LanmanServer - ok
10:30:01.0645 4604LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
10:30:01.0787 4604LanmanWorkstation - ok
10:30:01.0912 4604lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:30:01.0957 4604lltdio - ok
10:30:02.0238 4604lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
10:30:02.0319 4604lltdsvc - ok
10:30:02.0382 4604lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
10:30:02.0412 4604lmhosts - ok
10:30:02.0683 4604LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:30:02.0731 4604LMS - ok
10:30:02.0832 4604LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:30:02.0888 4604LSI_FC - ok
10:30:03.0017 4604LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:30:03.0047 4604LSI_SAS - ok
10:30:03.0068 4604LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:30:03.0078 4604LSI_SAS2 - ok
10:30:03.0129 4604LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:30:03.0153 4604LSI_SCSI - ok
10:30:03.0230 4604luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:30:03.0290 4604luafv - ok
10:30:03.0391 4604MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
10:30:03.0407 4604MBAMProtector - ok
10:30:03.0803 4604MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:30:03.0849 4604MBAMService - ok
10:30:03.0960 4604Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
10:30:04.0021 4604Mcx2Svc - ok
10:30:04.0074 4604megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:30:04.0100 4604megasas - ok
10:30:04.0215 4604MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:30:04.0266 4604MegaSR - ok
10:30:04.0339 4604MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
10:30:04.0359 4604MEIx64 - ok
10:30:04.0483 4604Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:30:04.0503 4604Microsoft Office Groove Audit Service - ok
10:30:04.0601 4604MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:30:04.0668 4604MMCSS - ok
10:30:04.0738 4604Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:30:04.0808 4604Modem - ok
10:30:04.0877 4604monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:30:04.0903 4604monitor - ok
10:30:05.0002 4604mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
10:30:05.0029 4604mouclass - ok
10:30:05.0105 4604mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:30:05.0151 4604mouhid - ok
10:30:05.0267 4604mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:30:05.0296 4604mountmgr - ok
10:30:05.0429 4604MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
10:30:05.0461 4604MpFilter - ok
10:30:05.0549 4604mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:30:05.0607 4604mpio - ok
10:30:05.0659 4604mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:30:05.0715 4604mpsdrv - ok
10:30:06.0233 4604MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
10:30:06.0342 4604MpsSvc - ok
10:30:06.0431 4604MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:30:06.0461 4604MRxDAV - ok
10:30:06.0587 4604mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:30:06.0654 4604mrxsmb - ok
10:30:06.0759 4604mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:30:06.0832 4604mrxsmb10 - ok
10:30:06.0947 4604mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:30:07.0007 4604mrxsmb20 - ok
10:30:07.0078 4604msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:30:07.0104 4604msahci - ok
10:30:07.0157 4604msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:30:07.0192 4604msdsm - ok
10:30:07.0314 4604MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
10:30:07.0383 4604MSDTC - ok
10:30:07.0478 4604Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:30:07.0522 4604Msfs - ok
10:30:07.0534 4604mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:30:07.0573 4604mshidkmdf - ok
10:30:07.0594 4604msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:30:07.0602 4604msisadrv - ok
10:30:07.0677 4604MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
10:30:07.0775 4604MSiSCSI - ok
10:30:07.0777 4604msiserver - ok
10:30:07.0825 4604MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:30:07.0896 4604MSKSSRV - ok
10:30:08.0039 4604MsMpSvc (59faaf2c83c8169ea20f9e335e418907) C:\Program Files\Microsoft Security Client\MsMpEng.exe
10:30:08.0057 4604MsMpSvc - ok
10:30:08.0092 4604MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:30:08.0168 4604MSPCLOCK - ok
10:30:08.0181 4604MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:30:08.0222 4604MSPQM - ok
10:30:08.0455 4604MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:30:08.0490 4604MsRPC - ok
10:30:08.0566 4604mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:30:08.0592 4604mssmbios - ok
10:30:08.0606 4604MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:30:08.0675 4604MSTEE - ok
10:30:08.0696 4604MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:30:08.0720 4604MTConfig - ok
10:30:08.0805 4604Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:30:08.0828 4604Mup - ok
10:30:09.0245 4604MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
 
10:30:09.0301 4604MyWiFiDHCPDNS - ok
10:30:09.0609 4604napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
10:30:09.0703 4604napagent - ok
10:30:10.0013 4604NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:30:10.0094 4604NativeWifiP - ok
10:30:10.0768 4604NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
10:30:10.0806 4604NDIS - ok
10:30:10.0881 4604NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:30:10.0962 4604NdisCap - ok
10:30:11.0003 4604NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:30:11.0089 4604NdisTapi - ok
10:30:11.0240 4604Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:30:11.0331 4604Ndisuio - ok
10:30:11.0516 4604NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:30:11.0587 4604NdisWan - ok
10:30:11.0778 4604NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:30:11.0816 4604NDProxy - ok
10:30:11.0881 4604NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:30:11.0950 4604NetBIOS - ok
10:30:12.0085 4604NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:30:12.0169 4604NetBT - ok
10:30:12.0244 4604Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:30:12.0271 4604Netlogon - ok
10:30:12.0473 4604Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
10:30:12.0559 4604Netman - ok
10:30:12.0750 4604netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
10:30:12.0854 4604netprofm - ok
10:30:13.0025 4604NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:30:13.0050 4604NetTcpPortSharing - ok
10:30:15.0979 4604NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
10:30:16.0216 4604NETwNs64 - ok
10:30:17.0164 4604nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:30:17.0192 4604nfrd960 - ok
10:30:17.0335 4604NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:30:17.0396 4604NisDrv - ok
10:30:17.0743 4604NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
10:30:17.0768 4604NisSrv - ok
10:30:18.0081 4604NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
10:30:18.0169 4604NlaSvc - ok
10:30:20.0312 4604NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
10:30:20.0421 4604NOBU - ok
10:30:20.0910 4604Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:30:20.0957 4604Npfs - ok
10:30:21.0049 4604nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
10:30:21.0099 4604nsi - ok
10:30:21.0147 4604nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:30:21.0225 4604nsiproxy - ok
10:30:22.0306 4604Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:30:22.0455 4604Ntfs - ok
10:30:23.0300 4604Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:30:23.0354 4604Null - ok
10:30:23.0508 4604nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys
10:30:23.0573 4604nusb3hub - ok
10:30:23.0740 4604nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:30:23.0824 4604nusb3xhc - ok
10:30:33.0523 4604nvlddmkm (d5dea2c1865cab9ee6aa29cf9e79a2ce) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:30:33.0685 4604nvlddmkm - ok
10:30:34.0122 4604nvpciflt (5ef70f7714c664bcf50edfc141dea9b8) C:\Windows\system32\DRIVERS\nvpciflt.sys
10:30:34.0141 4604nvpciflt - ok
10:30:34.0263 4604nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:30:34.0292 4604nvraid - ok
10:30:34.0432 4604nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:30:34.0472 4604nvstor - ok
10:30:34.0582 4604NvStUSB (92d06926c5da2a2e62e8fb5104f44d92) C:\Windows\system32\DRIVERS\nvstusb.sys
10:30:34.0634 4604NvStUSB - ok
10:30:35.0471 4604NVSvc (5a4af8ea634b4feeaf6f16bb1845715a) C:\Windows\system32\nvvsvc.exe
10:30:35.0531 4604NVSvc - ok
10:30:37.0186 4604nvUpdatusService (4b7636c52a359ab0783b350a5fbdbb49) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
10:30:37.0279 4604nvUpdatusService - ok
10:30:38.0184 4604nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:30:38.0220 4604nv_agp - ok
10:30:38.0602 4604odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:30:38.0669 4604odserv - ok
10:30:38.0805 4604ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:30:38.0850 4604ohci1394 - ok
10:30:39.0032 4604ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:30:39.0093 4604ose - ok
10:30:39.0377 4604p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:30:39.0478 4604p2pimsvc - ok
10:30:39.0898 4604p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
10:30:39.0964 4604p2psvc - ok
10:30:40.0072 4604Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:30:40.0105 4604Parport - ok
10:30:40.0207 4604partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
10:30:40.0234 4604partmgr - ok
10:30:40.0340 4604PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
10:30:40.0420 4604PcaSvc - ok
10:30:40.0654 4604pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:30:40.0686 4604pci - ok
10:30:40.0722 4604pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:30:40.0743 4604pciide - ok
10:30:40.0917 4604pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:30:40.0982 4604pcmcia - ok
10:30:41.0086 4604pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:30:41.0109 4604pcw - ok
10:30:41.0863 4604PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:30:41.0974 4604PEAUTH - ok
10:30:42.0478 4604PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
10:30:42.0529 4604PerfHost - ok
10:30:43.0085 4604pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
10:30:43.0216 4604pla - ok
10:30:43.0977 4604PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
10:30:44.0097 4604PlugPlay - ok
10:30:44.0164 4604PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
10:30:44.0221 4604PNRPAutoReg - ok
10:30:44.0502 4604PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:30:44.0526 4604PNRPsvc - ok
10:30:44.0987 4604PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
10:30:45.0078 4604PolicyAgent - ok
10:30:45.0260 4604Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
10:30:45.0304 4604Power - ok
10:30:45.0591 4604PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:30:45.0673 4604PptpMiniport - ok
10:30:45.0757 4604Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:30:45.0799 4604Processor - ok
10:30:46.0038 4604ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
10:30:46.0084 4604ProfSvc - ok
10:30:46.0132 4604ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:30:46.0161 4604ProtectedStorage - ok
10:30:46.0370 4604Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:30:46.0480 4604Psched - ok
10:30:46.0565 4604PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
10:30:46.0588 4604PxHlpa64 - ok
10:30:46.0766 4604QBCFMonitorService (91195091f449699b176fe1305dad40da) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
10:30:46.0801 4604QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning
10:30:46.0802 4604QBCFMonitorService - detected UnsignedFile.Multi.Generic (1)
10:30:46.0974 4604QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
10:30:46.0988 4604QBFCService ( UnsignedFile.Multi.Generic ) - warning
10:30:46.0988 4604QBFCService - detected UnsignedFile.Multi.Generic (1)
10:30:47.0855 4604QBVSS (ab5c6d3d1925166ac28b079c971f4a92) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
10:30:47.0919 4604QBVSS ( UnsignedFile.Multi.Generic ) - warning
10:30:47.0920 4604QBVSS - detected UnsignedFile.Multi.Generic (1)
10:30:48.0751 4604qicflt (0928bd20273625622722fe1de5bbde57) C:\Windows\system32\DRIVERS\qicflt.sys
10:30:48.0759 4604qicflt - ok
10:30:49.0784 4604ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:30:49.0843 4604ql2300 - ok
10:30:50.0601 4604ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:30:50.0632 4604ql40xx - ok
10:30:50.0885 4604QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
10:30:50.0974 4604QWAVE - ok
10:30:51.0028 4604QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:30:51.0063 4604QWAVEdrv - ok
10:30:51.0137 4604RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:30:51.0220 4604RasAcd - ok
10:30:51.0286 4604RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:30:51.0323 4604RasAgileVpn - ok
10:30:51.0402 4604RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
10:30:51.0520 4604RasAuto - ok
10:30:51.0750 4604Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:30:51.0827 4604Rasl2tp - ok
10:30:52.0196 4604RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
10:30:52.0360 4604RasMan - ok
10:30:52.0480 4604RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:30:52.0549 4604RasPppoe - ok
10:30:52.0654 4604RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:30:52.0724 4604RasSstp - ok
10:30:52.0852 4604rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:30:52.0935 4604rdbss - ok
10:30:52.0967 4604rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:30:53.0028 4604rdpbus - ok
10:30:53.0057 4604RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:30:53.0144 4604RDPCDD - ok
10:30:53.0175 4604RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:30:53.0257 4604RDPENCDD - ok
10:30:53.0267 4604RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:30:53.0293 4604RDPREFMP - ok
10:30:53.0417 4604RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
10:30:53.0516 4604RDPWD - ok
10:30:53.0708 4604rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:30:53.0758 4604rdyboost - ok
10:30:54.0442 4604RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:30:54.0506 4604RegSrvc - ok
10:30:54.0631 4604RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
10:30:54.0713 4604RemoteAccess - ok
10:30:54.0847 4604RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
10:30:54.0944 4604RemoteRegistry - ok
10:30:55.0210 4604RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
10:30:55.0296 4604RFCOMM - ok
10:30:55.0396 4604RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
10:30:55.0439 4604RimUsb - ok
10:30:57.0092 4604RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
10:30:57.0151 4604RoxMediaDB12OEM - ok
10:30:57.0594 4604RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
10:30:57.0609 4604RoxWatch12 - ok
10:30:58.0320 4604RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
10:30:58.0426 4604RpcEptMapper - ok
10:30:58.0479 4604RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
10:30:58.0504 4604RpcLocator - ok
10:30:58.0731 4604RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:30:58.0769 4604RpcSs - ok
10:30:58.0868 4604rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:30:58.0931 4604rspndr - ok
10:30:59.0274 4604RTL8167 (a73ed14670220307874ad6bc2f279349) C:\Windows\system32\DRIVERS\Rt64win7.sys
10:30:59.0309 4604RTL8167 - ok
10:30:59.0382 4604SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:30:59.0408 4604SamSs - ok
10:30:59.0560 4604sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:30:59.0584 4604sbp2port - ok
10:30:59.0784 4604SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
10:30:59.0870 4604SCardSvr - ok
10:30:59.0943 4604scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:31:00.0017 4604scfilter - ok
10:31:00.0605 4604Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
10:31:00.0736 4604Schedule - ok
10:31:00.0842 4604SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:31:00.0887 4604SCPolicySvc - ok
10:31:01.0054 4604sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
10:31:01.0086 4604sdbus - ok
10:31:01.0336 4604SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
10:31:01.0374 4604SDRSVC - ok
10:31:01.0654 4604SeaPort (331e7bde228914574fc9ae6cd520dafa) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
10:31:01.0699 4604SeaPort - ok
10:31:01.0762 4604secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:31:01.0817 4604secdrv - ok
10:31:01.0858 4604seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
10:31:01.0906 4604seclogon - ok
10:31:02.0079 4604SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
10:31:02.0151 4604SENS - ok
10:31:02.0213 4604SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
10:31:02.0302 4604SensrSvc - ok
10:31:02.0359 4604Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:31:02.0429 4604Serenum - ok
10:31:02.0568 4604Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:31:02.0645 4604Serial - ok
10:31:02.0702 4604sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:31:02.0737 4604sermouse - ok
10:31:02.0855 4604SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
10:31:02.0952 4604SessionEnv - ok
10:31:03.0001 4604sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:31:03.0051 4604sffdisk - ok
10:31:03.0078 4604sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:31:03.0113 4604sffp_mmc - ok
10:31:03.0138 4604sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:31:03.0186 4604sffp_sd - ok
10:31:03.0238 4604sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:31:03.0274 4604sfloppy - ok
10:31:04.0312 4604SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
10:31:04.0393 4604SftService - ok
10:31:05.0220 4604SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
10:31:05.0293 4604SharedAccess - ok
10:31:05.0518 4604ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
10:31:05.0627 4604ShellHWDetection - ok
10:31:05.0864 4604SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:31:05.0910 4604SiSRaid2 - ok
10:31:05.0995 4604SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:31:06.0025 4604SiSRaid4 - ok
10:31:06.0090 4604Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:31:06.0163 4604Smb - ok
10:31:06.0259 4604SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
10:31:06.0302 4604SNMPTRAP - ok
10:31:06.0323 4604spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:31:06.0341 4604spldr - ok
10:31:06.0567 4604Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
10:31:06.0647 4604Spooler - ok
10:31:09.0036 4604sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
10:31:09.0185 4604sppsvc - ok
10:31:09.0974 4604sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
10:31:10.0068 4604sppuinotify - ok
10:31:10.0432 4604srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:31:10.0516 4604srv - ok
10:31:10.0731 4604srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:31:10.0842 4604srv2 - ok
10:31:10.0875 4604srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:31:10.0953 4604srvnet - ok
10:31:11.0218 4604SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
10:31:11.0328 4604SSDPSRV - ok
10:31:11.0438 4604SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
10:31:11.0532 4604SstpSvc - ok
10:31:11.0608 4604stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
10:31:11.0628 4604stdcfltn - ok
10:31:11.0977 4604Stereo Service (79969acaeebeda7dc3673656ab9918fd) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:31:12.0032 4604Stereo Service - ok
10:31:12.0091 4604stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:31:12.0120 4604stexstor - ok
10:31:12.0178 4604StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
10:31:12.0229 4604StillCam - ok
10:31:12.0890 4604stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
10:31:13.0004 4604stisvc - ok
10:31:13.0136 4604stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
10:31:13.0211 4604stllssvr - ok
10:31:13.0289 4604swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:31:13.0298 4604swenum - ok
10:31:13.0622 4604swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
10:31:13.0741 4604swprv - ok
10:31:14.0919 4604SynTP (5e3b232a614339399acc71fa3aaaaa6b) C:\Windows\system32\DRIVERS\SynTP.sys
10:31:14.0956 4604SynTP - ok
10:31:17.0164 4604SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
10:31:17.0251 4604SysMain - ok
10:31:18.0058 4604TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
10:31:18.0154 4604TabletInputService - ok
10:31:18.0278 4604TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
10:31:18.0374 4604TapiSrv - ok
10:31:18.0470 4604TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
10:31:18.0549 4604TBS - ok
10:31:19.0291 4604Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
10:31:19.0403 4604Tcpip - ok
10:31:21.0063 4604TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
10:31:21.0094 4604TCPIP6 - ok
10:31:21.0904 4604tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:31:22.0000 4604tcpipreg - ok
10:31:22.0052 4604TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:31:22.0108 4604TDPIPE - ok
10:31:22.0174 4604TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
10:31:22.0215 4604TDTCP - ok
10:31:22.0318 4604tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:31:22.0399 4604tdx - ok
10:31:22.0498 4604TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:31:22.0508 4604TermDD - ok
10:31:22.0776 4604TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
10:31:22.0854 4604TermService - ok
10:31:23.0011 4604Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
10:31:23.0078 4604Themes - ok
10:31:23.0194 4604THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:31:23.0239 4604THREADORDER - ok
10:31:23.0378 4604TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
10:31:23.0482 4604TrkWks - ok
10:31:23.0663 4604TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
10:31:23.0739 4604TrustedInstaller - ok
10:31:23.0810 4604tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:31:23.0892 4604tssecsrv - ok
10:31:23.0986 4604TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:31:24.0046 4604TsUsbFlt - ok
10:31:24.0169 4604tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:31:24.0250 4604tunnel - ok
10:31:24.0328 4604TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
10:31:24.0365 4604TurboB - ok
10:31:24.0497 4604TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
10:31:24.0555 4604TurboBoost - ok
10:31:24.0643 4604uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:31:24.0691 4604uagp35 - ok
10:31:25.0020 4604udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:31:25.0098 4604udfs - ok
10:31:25.0376 4604UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
10:31:25.0442 4604UI0Detect - ok
10:31:25.0554 4604uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:31:25.0608 4604uliagpkx - ok
10:31:25.0709 4604umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
10:31:25.0773 4604umbus - ok
10:31:25.0823 4604UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:31:25.0865 4604UmPass - ok
10:31:27.0359 4604UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:31:27.0397 4604UNS - ok
10:31:28.0445 4604upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
10:31:28.0559 4604upnphost - ok
10:31:28.0726 4604USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
10:31:28.0808 4604USBAAPL64 - ok
10:31:29.0062 4604usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
10:31:29.0119 4604usbccgp - ok
10:31:29.0329 4604usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:31:29.0367 4604usbcir - ok
10:31:29.0428 4604usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
10:31:29.0472 4604usbehci - ok
10:31:29.0914 4604usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
10:31:29.0966 4604usbhub - ok
10:31:30.0032 4604usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
10:31:30.0133 4604usbohci - ok
10:31:30.0190 4604usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:31:30.0238 4604usbprint - ok
10:31:30.0354 4604USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:31:30.0438 4604USBSTOR - ok
10:31:30.0516 4604usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
10:31:30.0544 4604usbuhci - ok
10:31:30.0691 4604usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
10:31:30.0750 4604usbvideo - ok
10:31:30.0801 4604UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
10:31:30.0885 4604UxSms - ok
10:31:30.0943 4604VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:31:30.0964 4604VaultSvc - ok
10:31:31.0025 4604vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:31:31.0051 4604vdrvroot - ok
10:31:31.0237 4604vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
10:31:31.0334 4604vds - ok
10:31:31.0426 4604vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:31:31.0473 4604vga - ok
10:31:31.0515 4604VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:31:31.0604 4604VgaSave - ok
10:31:31.0741 4604vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:31:31.0803 4604vhdmp - ok
10:31:31.0847 4604viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:31:31.0870 4604viaide - ok
10:31:31.0983 4604volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:31:32.0010 4604volmgr - ok
10:31:32.0253 4604volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:31:32.0287 4604volmgrx - ok
10:31:32.0544 4604volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:31:32.0612 4604volsnap - ok
10:31:32.0800 4604vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:31:32.0840 4604vsmraid - ok
10:31:34.0319 4604VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
10:31:34.0411 4604VSS - ok
10:31:34.0792 4604vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:31:34.0850 4604vwifibus - ok
10:31:34.0923 4604vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:31:34.0956 4604vwififlt - ok
10:31:35.0004 4604vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
10:31:35.0059 4604vwifimp - ok
10:31:35.0246 4604W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
10:31:35.0331 4604W32Time - ok
10:31:35.0377 4604WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:31:35.0426 4604WacomPen - ok
10:31:35.0504 4604WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:31:35.0589 4604WANARP - ok
10:31:35.0624 4604Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:31:35.0662 4604Wanarpv6 - ok
10:31:36.0409 4604WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
10:31:36.0455 4604WatAdminSvc - ok
10:31:37.0095 4604wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
10:31:37.0201 4604wbengine - ok
10:31:38.0774 4604WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
10:31:38.0826 4604WbioSrvc - ok
10:31:39.0088 4604wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
10:31:39.0158 4604wcncsvc - ok
10:31:39.0228 4604WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
10:31:39.0287 4604WcsPlugInService - ok
10:31:39.0487 4604Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:31:39.0498 4604Wd - ok
10:31:40.0254 4604WDBackup (6a1aef46ac445ef4013e494bac9d66c2) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
10:31:40.0306 4604WDBackup - ok
10:31:40.0355 4604WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
10:31:40.0389 4604WDC_SAM - ok
10:31:40.0647 4604WDDriveService (46da6f2c6b084069ec9c4a1c79bfe8c7) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
10:31:40.0702 4604WDDriveService - ok
10:31:41.0031 4604Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:31:41.0079 4604Wdf01000 - ok
10:31:41.0582 4604WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:31:41.0824 4604WdiServiceHost - ok
10:31:41.0826 4604WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:31:41.0840 4604WdiSystemHost - ok
10:31:41.0942 4604wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\Windows\system32\DRIVERS\WDKMD.sys
10:31:41.0965 4604wdkmd - ok
10:31:42.0688 4604WDRulesService (b1c9682b3ac27567bdba4dedafb6fa79) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
10:31:42.0753 4604WDRulesService - ok
10:31:42.0834 4604WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
10:31:42.0934 4604WebClient - ok
10:31:43.0063 4604Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
10:31:43.0131 4604Wecsvc - ok
10:31:43.0211 4604wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
10:31:43.0279 4604wercplsupport - ok
10:31:43.0392 4604WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
10:31:43.0487 4604WerSvc - ok
10:31:43.0726 4604WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:31:43.0782 4604WfpLwf - ok
10:31:43.0918 4604WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
10:31:43.0963 4604WimFltr - ok
10:31:44.0014 4604WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:31:44.0042 4604WIMMount - ok
10:31:44.0097 4604WinDefend - ok
10:31:44.0108 4604WinHttpAutoProxySvc - ok
10:31:44.0310 4604Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
10:31:44.0420 4604Winmgmt - ok
10:31:45.0594 4604WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
10:31:45.0697 4604WinRM - ok
10:31:46.0352 4604WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
10:31:46.0412 4604WinUsb - ok
10:31:47.0182 4604Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
10:31:47.0291 4604Wlansvc - ok
10:31:47.0395 4604wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:31:47.0420 4604wlcrasvc - ok
10:31:48.0826 4604wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:31:48.0926 4604wlidsvc - ok
10:31:49.0558 4604WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:31:49.0594 4604WmiAcpi - ok
10:31:49.0797 4604wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
10:31:49.0837 4604wmiApSrv - ok
10:31:49.0939 4604WMPNetworkSvc - ok
10:31:49.0983 4604WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
10:31:50.0024 4604WPCSvc - ok
10:31:50.0207 4604WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
10:31:50.0276 4604WPDBusEnum - ok
10:31:50.0329 4604ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:31:50.0441 4604ws2ifsl - ok
10:31:50.0506 4604wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
10:31:50.0554 4604wscsvc - ok
10:31:50.0617 4604WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
10:31:50.0652 4604WSDPrintDevice - ok
10:31:50.0657 4604WSearch - ok
10:31:53.0334 4604wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
10:31:53.0448 4604wuauserv - ok
10:31:54.0180 4604WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:31:54.0258 4604WudfPf - ok
10:31:54.0439 4604WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:31:54.0527 4604WUDFRd - ok
10:31:54.0625 4604wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
10:31:54.0685 4604wudfsvc - ok
10:31:54.0789 4604WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
10:31:54.0867 4604WwanSvc - ok
10:31:54.0917 4604MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:31:57.0356 4604\Device\Harddisk0\DR0 - ok
10:31:57.0604 4604MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
10:31:57.0890 4604\Device\Harddisk1\DR1 - ok
10:31:57.0925 4604Boot (0x1200) (a314c3b46fc183f8c4c57b8dad4631bd) \Device\Harddisk0\DR0\Partition0
10:31:57.0932 4604\Device\Harddisk0\DR0\Partition0 - ok
10:31:57.0951 4604Boot (0x1200) (3e3d8f84127ff4c385b4543d57cb8234) \Device\Harddisk0\DR0\Partition1
10:31:57.0957 4604\Device\Harddisk0\DR0\Partition1 - ok
10:31:57.0993 4604Boot (0x1200) (863b79b1697e18c076464fb1a9c84ed8) \Device\Harddisk1\DR1\Partition0
10:31:57.0997 4604\Device\Harddisk1\DR1\Partition0 - ok
10:31:57.0998 4604============================================================
10:31:57.0998 4604Scan finished
10:31:57.0998 4604============================================================
10:31:58.0018 1980Detected object count: 7
10:31:58.0018 1980Actual detected object count: 7
10:34:26.0481 1980Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
10:34:26.0481 1980Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:34:26.0483 1980Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:34:26.0483 1980Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:34:26.0485 1980Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:34:26.0485 1980Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:34:26.0487 1980BrYNSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:34:26.0488 1980BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:34:26.0490 1980QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user
10:34:26.0490 1980QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:34:26.0494 1980QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user
10:34:26.0494 1980QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:34:26.0494 1980QBVSS ( UnsignedFile.Multi.Generic ) - skipped by user
10:34:26.0494 1980QBVSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
 
ComboFix

Please download ComboFix
combofix.gif
by sUBs
From BleepingComputer.com

Please save the file to your Desktop, but rename it first to svchost.exe

Important information about ComboFix

Before the download:
  • Please copy and paste these instructions to Notepad and save to your Desktop, or print them - for easier access.
  • It is important to rename ComboFix before the download.
  • Please do not rename ComboFix to other names, but only the one indicated.
After the download:
  • Close any open browsers.
  • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.
Running ComboFix:
  • Double click on svchost.exe & follow the prompts.
  • It will attempt to install the Recovery Console:
  • When ComboFix finishes, it will produce a report for you.
  • Please post the "C:\Combo-Fix.txt" in your next reply.
Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.
 
I followed all of the instructions for combo fix above and it deleted all my registry keys. I can't open a browser, word processor ,anything. What do I do?!
 
Disregard last post, restarting the computer solved the problem.

below is my log attached as a pdf.
 

Attachments

  • CCF08072012_0002.pdf
    853.3 KB · Views: 1
Good work.

ESET Online Scan

Please run a free online scan with the ESET Online Scanner
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic
 
Hello. Are you still with us?

Your thread has been marked as "Inactive" because of your lack of reply. Please let us know how your computer is running, or if you want to continue in this topic.

Thanks.
 
You must log in or register to reply here.

Similar threads

E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
NonTechyDad
Solved Malware removal for my son's pc
2
Replies
33
Views
5K
Broni
Broni
Nicki
Solved Must have picked up something... some COVID computer variant???
Replies
9
Views
3K
Broni
Broni

Latest posts

Back