[leechtime]

Hello there!

My problem sounds very much the same as the one I discovered here on the forum (solved):
http://forums.techguy.org/virus-othe...-iexplore.html

Clicking links in Google on any web browser I try will sometimes redirrect to something random.

I also experience random sound files playing (rare occurance I think it's linked with web browsing), these will stack up layer upon layer and it's just weird and annoying. When I click on the sound mixer I see TCP/IP Ping is producing the sound and by killing PING.EXE with Process Hacker 2 I stop it but that's not fixing the overall problem.

Here is my HiJackThis Log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:51:07 AM, on 20/06/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Steam\steam.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Leech\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Leech\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Process Hacker 2] "C:\Program Files\Process Hacker 2\ProcessHacker.exe" -hide
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab...i_4.4.26.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6AEE9792-8B78-41E6-B58C-923D5A9EA40E}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6AEE9792-8B78-41E6-B58C-923D5A9EA40E}: NameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6AEE9792-8B78-41E6-B58C-923D5A9EA40E}: NameServer = 192.168.0.1
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - c:\program files\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10497 bytes


And here is my DDS:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Leech at 11:55:36 on 2012-06-20
Microsoft Windows 7 Professional 6.1.7601.1.1252.61.1033.18.4095.2482 [GMT 10:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Steam\steam.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\msiexec.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://www.google.com.au/
uSearch Bar = Preserve
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Google Update] "C:\Users\Leech\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Process Hacker 2] "C:\Program Files\Process Hacker 2\ProcessHacker.exe" -hide
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab
TCP: Interfaces\{6AEE9792-8B78-41E6-B58C-923D5A9EA40E} : NameServer = 192.168.0.1
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun-x64: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
mRun-x64: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
.
============= SERVICES / DRIVERS ===============
.
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-23 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-13 12368]
R1 SbFw;SbFw;C:\Windows\system32\drivers\SbFw.sys --> C:\Windows\system32\drivers\SbFw.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-12 140672]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2011-12-18 8704]
R2 sbapifs;sbapifs;C:\Windows\system32\DRIVERS\sbapifs.sys --> C:\Windows\system32\DRIVERS\sbapifs.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;C:\Windows\system32\DRIVERS\SBFWIM.sys --> C:\Windows\system32\DRIVERS\SBFWIM.sys [?]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\system32\DRIVERS\tap0901t.sys --> C:\Windows\system32\DRIVERS\tap0901t.sys [?]
R4 KProcessHacker2;KProcessHacker2;C:\Program Files\Process Hacker 2\kprocesshacker.sys [2012-6-7 36424]
S1 SBRE;SBRE;C:\Windows\System32\drivers\SBREDrv.sys [2011-10-26 101112]
S2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-5-3 1226096]
S2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-7 257224]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files\Steam\steamapps\common\dragon age origins\bin_ship\daupdatersvc.service.exe [2011-7-5 25832]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver;\??\C:\Windows\system32\drivers\hitmanpro36.sys --> C:\Windows\system32\drivers\hitmanpro36.sys [?]
S3 MEMSWEEP2;MEMSWEEP2;\??\C:\Windows\system32\F6BC.tmp --> C:\Windows\system32\F6BC.tmp [?]
S3 netr28x;D-Link 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\Dnetr28x.sys --> C:\Windows\system32\DRIVERS\Dnetr28x.sys [?]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;C:\Windows\system32\DRIVERS\sbfwim.sys --> C:\Windows\system32\DRIVERS\sbfwim.sys [?]
S3 sbhips;sbhips;C:\Windows\system32\drivers\sbhips.sys --> C:\Windows\system32\drivers\sbhips.sys [?]
S3 sbwtis;sbwtis;C:\Windows\system32\DRIVERS\sbwtis.sys --> C:\Windows\system32\DRIVERS\sbwtis.sys [?]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2011-7-10 736104]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
.
=============== Created Last 30 ================
.
2012-06-20 01:20:16 -------- d-----w- C:\Users\Leech\AppData\Local\SKIDROW
2012-06-19 23:01:02 -------- d-----w- C:\Program Files (x86)\SEGA
2012-06-18 23:38:59 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-18 23:38:29 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-18 23:38:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-18 23:38:12 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-13 05:33:52 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-13 05:33:52 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-13 05:33:52 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-13 05:33:18 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-06-13 05:33:11 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-06-13 05:33:10 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-06-13 05:33:10 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-06-13 05:32:39 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-06-13 05:32:27 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-13 05:32:21 3216384 ----a-w- C:\Windows\System32\msi.dll
2012-06-13 05:32:21 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-06-13 05:32:08 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-06-13 05:32:08 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-06-13 05:32:07 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-06-13 05:32:07 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-06-13 05:32:07 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-06-13 05:32:07 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-06-12 06:36:35 -------- d-----w- C:\Users\Leech\AppData\Local\The Lord of the Rings Online
2012-06-12 06:17:36 -------- d-----w- C:\Users\Leech\AppData\Local\Turbine
2012-06-12 06:17:31 -------- d-----w- C:\Users\Leech\AppData\Local\ApplicationHistory
2012-06-12 06:14:45 -------- d-----w- C:\Windows\SysWow64\URTTEMP
2012-06-12 06:08:56 30496 ----a-w- C:\Windows\System32\drivers\hitmanpro36.sys
2012-06-12 06:02:22 -------- d-----w- C:\ProgramData\HitmanPro
2012-06-12 06:00:26 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-06-12 05:15:51 18816 ------w- C:\Windows\SysWow64\SAVRKBootTasks.sys
2012-06-12 05:03:10 6144 ------w- C:\Windows\System32\F6BC.tmp
2012-06-12 05:02:18 6144 ------w- C:\Windows\System32\2A72.tmp
2012-06-12 03:40:01 -------- d-----w- C:\ProgramData\Sophos
2012-06-12 03:36:46 73728 ----a-r- C:\Users\Leech\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2012-06-12 03:36:45 73728 ----a-r- C:\Users\Leech\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2012-06-12 03:36:45 73728 ----a-r- C:\Users\Leech\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2012-06-12 03:33:05 -------- d-----w- C:\Users\Leech\AppData\Roaming\SUPERAntiSpyware.com
2012-06-12 03:32:40 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-06-12 03:32:28 -------- d-----w- C:\Program Files (x86)\Sophos
2012-06-07 12:00:15 -------- d-----w- C:\Users\Leech\AppData\Roaming\Process Hacker 2
2012-06-07 09:21:41 -------- d-----w- C:\Program Files\Process Hacker 2
2012-05-26 09:13:11 -------- d-----r- C:\Backup
2012-05-26 09:09:47 85048 ----a-w- C:\Windows\System32\drivers\CSCrySec.sys
2012-05-26 09:09:47 66104 ----a-w- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
2012-05-26 07:27:47 -------- d-----w- C:\Users\Leech\AppData\Local\adaware
2012-05-26 07:27:47 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
2012-05-26 07:27:29 60536 ----a-w- C:\Windows\System32\drivers\sbhips.sys
2012-05-26 07:27:19 119416 ----a-w- C:\Windows\System32\drivers\SbFwIm.sys
2012-05-26 07:27:18 256632 ----a-w- C:\Windows\System32\drivers\SbFw.sys
2012-05-26 07:27:17 57976 ----a-w- C:\Windows\System32\drivers\sbredrv.sys
2012-05-26 07:27:17 45936 ----a-w- C:\Windows\System32\sbbd.exe
2012-05-26 07:27:16 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus
2012-05-26 07:26:23 -------- d-----w- C:\Users\Leech\AppData\Roaming\Ad-Aware Antivirus
2012-05-22 06:25:44 -------- d-----w- C:\Users\Leech\AppData\Local\WB Games
2012-05-21 09:13:11 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2012-05-21 09:10:28 -------- d-----w- C:\ProgramData\Battle.net
2012-05-21 08:26:14 -------- d-----w- C:\Program Files (x86)\Games
.
==================== Find3M ====================
.
2012-06-20 01:50:37 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2012-06-20 01:50:37 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2012-06-20 01:50:37 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2012-06-20 01:50:37 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2012-06-20 01:24:23 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-20 01:24:23 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-27 05:15:19 280856 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-05-27 05:15:19 280856 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-05-05 02:57:07 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-04-28 14:33:59 4731904 ----a-w- C:\Windows\System32\atiumd6a.dll
2012-04-23 15:28:40 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-04-05 12:34:26 187392 ----a-w- C:\Windows\System32\clinfo.exe
2012-04-05 12:34:10 74752 ----a-w- C:\Windows\System32\OpenVideo64.dll
2012-04-05 12:34:04 64512 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2012-04-05 12:33:56 63488 ----a-w- C:\Windows\System32\OVDecode64.dll
2012-04-05 12:33:52 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2012-04-05 12:33:44 16457216 ----a-w- C:\Windows\System32\amdocl64.dll
2012-04-05 12:32:56 13007872 ----a-w- C:\Windows\SysWow64\amdocl.dll
2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 11:55:47.34 ===============


I believe this is running 64 Bit so I didn't make an ARK file please let me know if I need to.

I really appreciate the opportunity to get some smart people to help.

[leechtime]

Also worth noting that since posting this the audio looping has gone from raw to constant. It seems once I launch a browser from booting the computer that it starts, and doesn't stop. Very annoying as you can imagine.

[dvk01]

Run tdss killer from http://support.kaspersky.com/viruses...?qid=208280684

let it cure anything it fnds ( except SPTD.SYS or anything detected as UnsignedFile.Multi.Generic, which should be ignored) & then reboot

post back with its log

By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder.
Logs have names like: UtilityName.Version_Date_Time_log.txt.
E.g. C:\TDSSKiller.2.4.7_23.07.2010_15.31.43_log.txt

[leechtime]

Thankyou for getting back to me!

I ran the scan here's the log:

13:30:16.0632 5004 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
13:30:18.0632 5004 ============================================================
13:30:18.0632 5004 Current date / time: 2012/06/22 13:30:18.0632
13:30:18.0632 5004 SystemInfo:
13:30:18.0632 5004
13:30:18.0632 5004 OS Version: 6.1.7601 ServicePack: 1.0
13:30:18.0632 5004 Product type: Workstation
13:30:18.0632 5004 ComputerName: LEECH-PC
13:30:18.0632 5004 UserName: Leech
13:30:18.0632 5004 Windows directory: C:\Windows
13:30:18.0632 5004 System windows directory: C:\Windows
13:30:18.0632 5004 Running under WOW64
13:30:18.0632 5004 Processor architecture: Intel x64
13:30:18.0632 5004 Number of processors: 2
13:30:18.0632 5004 Page size: 0x1000
13:30:18.0632 5004 Boot type: Normal boot
13:30:18.0632 5004 ============================================================
13:30:20.0131 5004 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:30:20.0131 5004 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:30:20.0139 5004 ============================================================
13:30:20.0139 5004 \Device\Harddisk0\DR0:
13:30:20.0139 5004 MBR partitions:
13:30:20.0139 5004 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:30:20.0139 5004 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800
13:30:20.0139 5004 \Device\Harddisk1\DR1:
13:30:20.0139 5004 MBR partitions:
13:30:20.0139 5004 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
13:30:20.0139 5004 ============================================================
13:30:20.0163 5004 C: <-> \Device\Harddisk0\DR0\Partition1
13:30:20.0163 5004 E: <-> \Device\Harddisk1\DR1\Partition0
13:30:20.0163 5004 ============================================================
13:30:20.0163 5004 Initialize success
13:30:20.0163 5004 ============================================================
13:30:26.0329 4788 ============================================================
13:30:26.0329 4788 Scan started
13:30:26.0329 4788 Mode: Manual; SigCheck; TDLFS;
13:30:26.0329 4788 ============================================================
13:30:29.0288 4788 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
13:30:29.0311 4788 !SASCORE - ok
13:30:29.0467 4788 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:30:29.0514 4788 1394ohci - ok
13:30:29.0553 4788 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:30:29.0561 4788 ACPI - ok
13:30:29.0608 4788 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:30:29.0663 4788 AcpiPmi - ok
13:30:29.0788 4788 Ad-Aware Service (09e61047b0cef21559cfcedf4f14d216) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
13:30:29.0803 4788 Ad-Aware Service - ok
13:30:29.0931 4788 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:30:29.0939 4788 AdobeARMservice - ok
13:30:30.0056 4788 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:30:30.0064 4788 AdobeFlashPlayerUpdateSvc - ok
13:30:30.0158 4788 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:30:30.0166 4788 adp94xx - ok
13:30:30.0189 4788 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:30:30.0205 4788 adpahci - ok
13:30:30.0228 4788 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:30:30.0244 4788 adpu320 - ok
13:30:30.0275 4788 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:30:30.0353 4788 AeLookupSvc - ok
13:30:30.0423 4788 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:30:30.0462 4788 AFD - ok
13:30:30.0486 4788 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:30:30.0494 4788 agp440 - ok
13:30:30.0501 4788 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:30:30.0548 4788 ALG - ok
13:30:30.0564 4788 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:30:30.0572 4788 aliide - ok
13:30:30.0611 4788 AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe
13:30:30.0666 4788 AMD External Events Utility - ok
13:30:30.0673 4788 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:30:30.0681 4788 amdide - ok
13:30:30.0689 4788 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:30:30.0751 4788 AmdK8 - ok
13:30:31.0059 4788 amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
13:30:31.0184 4788 amdkmdag - ok
13:30:31.0254 4788 amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys
13:30:31.0278 4788 amdkmdap - ok
13:30:31.0286 4788 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:30:31.0309 4788 AmdPPM - ok
13:30:31.0340 4788 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:30:31.0348 4788 amdsata - ok
13:30:31.0372 4788 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:30:31.0379 4788 amdsbs - ok
13:30:31.0387 4788 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:30:31.0395 4788 amdxata - ok
13:30:31.0434 4788 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:30:31.0543 4788 AppID - ok
13:30:31.0567 4788 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:30:31.0606 4788 AppIDSvc - ok
13:30:31.0637 4788 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:30:31.0668 4788 Appinfo - ok
13:30:31.0754 4788 Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:30:31.0762 4788 Apple Mobile Device - ok
13:30:31.0801 4788 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
13:30:31.0825 4788 AppMgmt - ok
13:30:31.0840 4788 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:30:31.0848 4788 arc - ok
13:30:31.0864 4788 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:30:31.0872 4788 arcsas - ok
13:30:32.0015 4788 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:30:32.0023 4788 aspnet_state - ok
13:30:32.0039 4788 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:30:32.0078 4788 AsyncMac - ok
13:30:32.0109 4788 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:30:32.0117 4788 atapi - ok
13:30:32.0179 4788 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
13:30:32.0195 4788 AtiHDAudioService - ok
13:30:32.0468 4788 atikmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
13:30:32.0570 4788 atikmdag - ok
13:30:32.0632 4788 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:30:32.0687 4788 AudioEndpointBuilder - ok
13:30:32.0695 4788 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:30:32.0718 4788 AudioSrv - ok
13:30:32.0757 4788 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:30:32.0812 4788 AxInstSV - ok
13:30:32.0851 4788 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:30:32.0904 4788 b06bdrv - ok
13:30:32.0935 4788 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:30:32.0982 4788 b57nd60a - ok
13:30:32.0998 4788 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:30:33.0037 4788 BDESVC - ok
13:30:33.0044 4788 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:30:33.0083 4788 Beep - ok
13:30:33.0154 4788 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
13:30:33.0201 4788 BITS - ok
13:30:33.0208 4788 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:30:33.0224 4788 blbdrive - ok
13:30:33.0287 4788 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
13:30:33.0294 4788 Bonjour Service - ok
13:30:33.0318 4788 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:30:33.0333 4788 bowser - ok
13:30:33.0341 4788 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:30:33.0380 4788 BrFiltLo - ok
13:30:33.0388 4788 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:30:33.0396 4788 BrFiltUp - ok
13:30:33.0412 4788 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:30:33.0451 4788 Browser - ok
13:30:33.0466 4788 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:30:33.0505 4788 Brserid - ok
13:30:33.0513 4788 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:30:33.0537 4788 BrSerWdm - ok
13:30:33.0544 4788 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:30:33.0591 4788 BrUsbMdm - ok
13:30:33.0615 4788 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:30:33.0623 4788 BrUsbSer - ok
13:30:33.0638 4788 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:30:33.0654 4788 BTHMODEM - ok
13:30:33.0669 4788 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:30:33.0708 4788 bthserv - ok
13:30:33.0740 4788 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:30:33.0779 4788 cdfs - ok
13:30:33.0826 4788 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:30:33.0849 4788 cdrom - ok
13:30:33.0880 4788 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:30:33.0919 4788 CertPropSvc - ok
13:30:33.0951 4788 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:30:33.0958 4788 circlass - ok
13:30:33.0982 4788 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:30:33.0998 4788 CLFS - ok
13:30:34.0052 4788 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:30:34.0060 4788 clr_optimization_v2.0.50727_32 - ok
13:30:34.0107 4788 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:30:34.0115 4788 clr_optimization_v2.0.50727_64 - ok
13:30:34.0208 4788 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:30:34.0216 4788 clr_optimization_v4.0.30319_32 - ok
13:30:34.0318 4788 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:30:34.0326 4788 clr_optimization_v4.0.30319_64 - ok
13:30:34.0365 4788 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:30:34.0373 4788 CmBatt - ok
13:30:34.0404 4788 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:30:34.0412 4788 cmdide - ok
13:30:34.0451 4788 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
13:30:34.0466 4788 CNG - ok
13:30:34.0498 4788 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:30:34.0505 4788 Compbatt - ok
13:30:34.0544 4788 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:30:34.0568 4788 CompositeBus - ok
13:30:34.0568 4788 COMSysApp - ok
13:30:34.0599 4788 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:30:34.0607 4788 crcdisk - ok
13:30:34.0654 4788 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
13:30:34.0685 4788 CryptSvc - ok
13:30:34.0732 4788 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
13:30:34.0794 4788 CSC - ok
13:30:34.0849 4788 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
13:30:34.0896 4788 CscService - ok
13:30:35.0130 4788 DAUpdaterSvc (914a7156b0c0f10be645a02e13f576b2) c:\program files\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe
13:30:35.0138 4788 DAUpdaterSvc - ok
13:30:35.0169 4788 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:30:35.0248 4788 DcomLaunch - ok
13:30:35.0318 4788 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:30:35.0341 4788 defragsvc - ok
13:30:35.0427 4788 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:30:35.0466 4788 DfsC - ok
13:30:35.0498 4788 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:30:35.0544 4788 Dhcp - ok
13:30:35.0560 4788 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:30:35.0591 4788 discache - ok
13:30:35.0638 4788 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:30:35.0646 4788 Disk - ok
13:30:35.0693 4788 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:30:35.0724 4788 Dnscache - ok
13:30:35.0763 4788 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:30:35.0794 4788 dot3svc - ok
13:30:35.0865 4788 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
13:30:35.0880 4788 Dot4 - ok
13:30:35.0912 4788 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:30:35.0919 4788 Dot4Print - ok
13:30:35.0951 4788 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
13:30:35.0966 4788 dot4usb - ok
13:30:36.0013 4788 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:30:36.0044 4788 DPS - ok
13:30:36.0099 4788 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:30:36.0123 4788 drmkaud - ok
13:30:36.0185 4788 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:30:36.0201 4788 DXGKrnl - ok
13:30:36.0224 4788 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:30:36.0248 4788 EapHost - ok
13:30:36.0365 4788 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:30:36.0412 4788 ebdrv - ok
13:30:36.0498 4788 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:30:36.0529 4788 EFS - ok
13:30:36.0607 4788 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:30:36.0654 4788 ehRecvr - ok
13:30:36.0685 4788 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:30:36.0724 4788 ehSched - ok
13:30:36.0763 4788 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:30:36.0779 4788 elxstor - ok
13:30:36.0818 4788 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:30:36.0826 4788 ErrDev - ok
13:30:36.0896 4788 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:30:36.0936 4788 EventSystem - ok
13:30:36.0975 4788 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:30:37.0006 4788 exfat - ok
13:30:37.0014 4788 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:30:37.0061 4788 fastfat - ok
13:30:37.0155 4788 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:30:37.0202 4788 Fax - ok
13:30:37.0209 4788 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:30:37.0225 4788 fdc - ok
13:30:37.0249 4788 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:30:37.0272 4788 fdPHost - ok
13:30:37.0319 4788 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:30:37.0358 4788 FDResPub - ok
13:30:37.0374 4788 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:30:37.0381 4788 FileInfo - ok
13:30:37.0397 4788 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:30:37.0428 4788 Filetrace - ok
13:30:37.0436 4788 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:30:37.0444 4788 flpydisk - ok
13:30:37.0491 4788 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:30:37.0499 4788 FltMgr - ok
13:30:37.0561 4788 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
13:30:37.0592 4788 FontCache - ok
13:30:37.0639 4788 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:30:37.0647 4788 FontCache3.0.0.0 - ok
13:30:37.0655 4788 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:30:37.0663 4788 FsDepends - ok
13:30:37.0702 4788 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
13:30:37.0709 4788 Fs_Rec - ok
13:30:37.0773 4788 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:30:37.0792 4788 fvevol - ok
13:30:37.0796 4788 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:30:37.0804 4788 gagp30kx - ok
13:30:37.0837 4788 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:30:37.0841 4788 GEARAspiWDM - ok
13:30:37.0904 4788 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:30:37.0951 4788 gpsvc - ok
13:30:37.0991 4788 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
13:30:37.0997 4788 hamachi - ok
13:30:38.0000 4788 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:30:38.0016 4788 hcw85cir - ok
13:30:38.0063 4788 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:30:38.0079 4788 HdAudAddService - ok
13:30:38.0112 4788 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:30:38.0127 4788 HDAudBus - ok
13:30:38.0146 4788 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:30:38.0156 4788 HidBatt - ok
13:30:38.0169 4788 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:30:38.0191 4788 HidBth - ok
13:30:38.0203 4788 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:30:38.0215 4788 HidIr - ok
13:30:38.0218 4788 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
13:30:38.0247 4788 hidserv - ok
13:30:38.0260 4788 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:30:38.0268 4788 HidUsb - ok
13:30:38.0338 4788 HiPatchService (5a457c3d00c1c701230a12aa1580114d) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
13:30:38.0342 4788 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
13:30:38.0342 4788 HiPatchService - detected UnsignedFile.Multi.Generic (1)
13:30:38.0368 4788 hitmanpro35 (44f92c1f913e582bef9cac66443c6230) C:\Windows\system32\drivers\hitmanpro36.sys
13:30:38.0375 4788 hitmanpro35 - ok
13:30:38.0418 4788 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:30:38.0456 4788 hkmsvc - ok
13:30:38.0495 4788 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:30:38.0522 4788 HomeGroupListener - ok
13:30:38.0540 4788 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:30:38.0553 4788 HomeGroupProvider - ok
13:30:38.0653 4788 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:30:38.0663 4788 hpqcxs08 - ok
13:30:38.0676 4788 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
13:30:38.0682 4788 hpqddsvc - ok
13:30:38.0694 4788 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:30:38.0702 4788 HpSAMD - ok
13:30:38.0776 4788 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
13:30:38.0797 4788 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
13:30:38.0797 4788 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
13:30:38.0858 4788 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:30:38.0899 4788 HTTP - ok
13:30:38.0924 4788 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:30:38.0934 4788 hwpolicy - ok
13:30:39.0168 4788 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:30:39.0178 4788 i8042prt - ok
13:30:39.0231 4788 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:30:39.0243 4788 iaStorV - ok
13:30:39.0329 4788 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:30:39.0342 4788 idsvc - ok
13:30:39.0375 4788 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:30:39.0383 4788 iirsp - ok
13:30:39.0454 4788 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:30:39.0498 4788 IKEEXT - ok
13:30:39.0515 4788 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:30:39.0523 4788 intelide - ok
13:30:39.0553 4788 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:30:39.0568 4788 intelppm - ok
13:30:39.0638 4788 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:30:39.0666 4788 IPBusEnum - ok
13:30:39.0700 4788 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:30:39.0741 4788 IpFilterDriver - ok
13:30:39.0771 4788 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:30:39.0780 4788 IPMIDRV - ok
13:30:39.0803 4788 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:30:39.0838 4788 IPNAT - ok
13:30:39.0936 4788 iPod Service (3c0d4b3e80fc4854ca325dd123cc4ded) C:\Program Files\iPod\bin\iPodService.exe
13:30:39.0951 4788 iPod Service - ok
13:30:39.0988 4788 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:30:40.0036 4788 IRENUM - ok
13:30:40.0083 4788 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:30:40.0091 4788 isapnp - ok
13:30:40.0115 4788 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:30:40.0125 4788 iScsiPrt - ok
13:30:40.0151 4788 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
13:30:40.0159 4788 kbdclass - ok
13:30:40.0183 4788 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
13:30:40.0204 4788 kbdhid - ok
13:30:40.0256 4788 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:30:40.0267 4788 KeyIso - ok
13:30:40.0325 4788 KProcessHacker2 (bd70833ae5b0a9190d9a9618609034e2) C:\Program Files\Process Hacker 2\kprocesshacker.sys
13:30:40.0331 4788 KProcessHacker2 - ok
13:30:40.0340 4788 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
13:30:40.0349 4788 KSecDD - ok
13:30:40.0370 4788 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
13:30:40.0379 4788 KSecPkg - ok
13:30:40.0382 4788 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:30:40.0422 4788 ksthunk - ok
13:30:40.0450 4788 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:30:40.0498 4788 KtmRm - ok
13:30:40.0538 4788 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
13:30:40.0574 4788 LanmanServer - ok
13:30:40.0613 4788 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:30:40.0638 4788 LanmanWorkstation - ok
13:30:40.0644 4788 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:30:40.0669 4788 lltdio - ok
13:30:40.0712 4788 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:30:40.0739 4788 lltdsvc - ok
13:30:40.0758 4788 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:30:40.0784 4788 lmhosts - ok
13:30:40.0804 4788 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:30:40.0812 4788 LSI_FC - ok
13:30:40.0825 4788 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:30:40.0833 4788 LSI_SAS - ok
13:30:40.0847 4788 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:30:40.0856 4788 LSI_SAS2 - ok
13:30:40.0875 4788 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:30:40.0883 4788 LSI_SCSI - ok
13:30:40.0904 4788 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:30:40.0944 4788 luafv - ok
13:30:40.0977 4788 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
13:30:40.0987 4788 mcdbus - ok
13:30:41.0017 4788 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:30:41.0034 4788 Mcx2Svc - ok
13:30:41.0049 4788 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:30:41.0057 4788 megasas - ok
13:30:41.0073 4788 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:30:41.0083 4788 MegaSR - ok
13:30:41.0119 4788 MEMSWEEP2 (f9ce67e9e0226079b59107b649851f96) C:\Windows\system32\F6BC.tmp
13:30:41.0121 4788 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - warning
13:30:41.0121 4788 MEMSWEEP2 - detected UnsignedFile.Multi.Generic (1)
13:30:41.0139 4788 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:30:41.0186 4788 MMCSS - ok
13:30:41.0218 4788 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:30:41.0256 4788 Modem - ok
13:30:41.0286 4788 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:30:41.0302 4788 monitor - ok
13:30:41.0337 4788 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
13:30:41.0345 4788 mouclass - ok
13:30:41.0352 4788 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:30:41.0373 4788 mouhid - ok
13:30:41.0406 4788 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:30:41.0415 4788 mountmgr - ok
13:30:41.0461 4788 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:30:41.0470 4788 mpio - ok
13:30:41.0487 4788 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:30:41.0512 4788 mpsdrv - ok
13:30:41.0553 4788 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:30:41.0580 4788 MRxDAV - ok
13:30:41.0805 4788 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:30:41.0876 4788 mrxsmb - ok
13:30:41.0932 4788 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:30:41.0959 4788 mrxsmb10 - ok
13:30:41.0991 4788 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:30:42.0013 4788 mrxsmb20 - ok
13:30:42.0042 4788 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:30:42.0050 4788 msahci - ok
13:30:42.0093 4788 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:30:42.0102 4788 msdsm - ok
13:30:42.0125 4788 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:30:42.0146 4788 MSDTC - ok
13:30:42.0182 4788 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:30:42.0208 4788 Msfs - ok
13:30:42.0233 4788 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:30:42.0259 4788 mshidkmdf - ok
13:30:42.0300 4788 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:30:42.0308 4788 msisadrv - ok
13:30:42.0335 4788 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:30:42.0372 4788 MSiSCSI - ok
13:30:42.0374 4788 msiserver - ok
13:30:42.0407 4788 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:30:42.0445 4788 MSKSSRV - ok
13:30:42.0477 4788 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:30:42.0508 4788 MSPCLOCK - ok
13:30:42.0541 4788 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:30:42.0568 4788 MSPQM - ok
13:30:42.0634 4788 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:30:42.0645 4788 MsRPC - ok
13:30:42.0674 4788 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:30:42.0682 4788 mssmbios - ok
13:30:42.0693 4788 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:30:42.0733 4788 MSTEE - ok
13:30:42.0774 4788 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:30:42.0782 4788 MTConfig - ok
13:30:42.0807 4788 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:30:42.0816 4788 Mup - ok
13:30:42.0858 4788 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:30:42.0884 4788 napagent - ok
13:30:42.0923 4788 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:30:42.0943 4788 NativeWifiP - ok
13:30:42.0991 4788 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:30:43.0010 4788 NDIS - ok
13:30:43.0045 4788 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:30:43.0081 4788 NdisCap - ok
13:30:43.0124 4788 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:30:43.0147 4788 NdisTapi - ok
13:30:43.0190 4788 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:30:43.0213 4788 Ndisuio - ok
13:30:43.0260 4788 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:30:43.0291 4788 NdisWan - ok
13:30:43.0323 4788 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:30:43.0346 4788 NDProxy - ok
13:30:43.0377 4788 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
13:30:43.0385 4788 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:30:43.0385 4788 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:30:43.0401 4788 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:30:43.0436 4788 NetBIOS - ok
13:30:43.0483 4788 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:30:43.0541 4788 NetBT - ok
13:30:43.0573 4788 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:30:43.0581 4788 Netlogon - ok
13:30:45.0412 4788 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:30:45.0450 4788 Netman - ok
13:30:45.0565 4788 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:30:45.0572 4788 NetMsmqActivator - ok
13:30:45.0576 4788 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:30:45.0583 4788 NetPipeActivator - ok
13:30:45.0638 4788 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:30:45.0673 4788 netprofm - ok
13:30:45.0745 4788 netr28x (68cdb276a3009f0cf000c6352c1f72e7) C:\Windows\system32\DRIVERS\Dnetr28x.sys
13:30:45.0803 4788 netr28x - ok
13:30:45.0813 4788 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:30:45.0820 4788 NetTcpActivator - ok
13:30:45.0825 4788 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:30:45.0833 4788 NetTcpPortSharing - ok
13:30:45.0871 4788 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:30:45.0879 4788 nfrd960 - ok
13:30:45.0939 4788 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:30:45.0982 4788 NlaSvc - ok
13:30:46.0012 4788 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:30:46.0038 4788 Npfs - ok
13:30:46.0077 4788 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:30:46.0109 4788 nsi - ok
13:30:46.0141 4788 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:30:46.0168 4788 nsiproxy - ok
13:30:46.0255 4788 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:30:46.0282 4788 Ntfs - ok
13:30:46.0341 4788 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:30:46.0376 4788 Null - ok
13:30:46.0414 4788 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:30:46.0422 4788 nvraid - ok
13:30:46.0443 4788 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:30:46.0452 4788 nvstor - ok
13:30:46.0492 4788 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:30:46.0500 4788 nv_agp - ok
13:30:46.0624 4788 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:30:46.0634 4788 odserv - ok
13:30:46.0666 4788 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:30:46.0683 4788 ohci1394 - ok
13:30:46.0736 4788 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:30:46.0744 4788 ose - ok
13:30:46.0766 4788 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:30:46.0787 4788 p2pimsvc - ok
13:30:46.0809 4788 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:30:46.0820 4788 p2psvc - ok
13:30:46.0877 4788 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:30:46.0886 4788 Parport - ok
13:30:46.0924 4788 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
13:30:46.0933 4788 partmgr - ok
13:30:46.0946 4788 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:30:46.0974 4788 PcaSvc - ok
13:30:47.0003 4788 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:30:47.0013 4788 pci - ok
13:30:47.0030 4788 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:30:47.0038 4788 pciide - ok
13:30:47.0061 4788 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:30:47.0071 4788 pcmcia - ok
13:30:47.0087 4788 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:30:47.0095 4788 pcw - ok
13:30:47.0128 4788 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:30:47.0192 4788 PEAUTH - ok
13:30:47.0276 4788 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
13:30:47.0338 4788 PeerDistSvc - ok
13:30:47.0394 4788 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:30:47.0403 4788 PerfHost - ok
13:30:47.0513 4788 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:30:47.0576 4788 pla - ok
13:30:47.0697 4788 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:30:47.0807 4788 PlugPlay - ok
13:30:47.0846 4788 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
13:30:47.0849 4788 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:30:47.0849 4788 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:30:47.0885 4788 PnkBstrA - ok
13:30:47.0905 4788 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:30:47.0926 4788 PNRPAutoReg - ok
13:30:47.0955 4788 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:30:47.0965 4788 PNRPsvc - ok
13:30:48.0027 4788 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:30:48.0076 4788 PolicyAgent - ok
13:30:48.0118 4788 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:30:48.0163 4788 Power - ok
13:30:48.0225 4788 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:30:48.0263 4788 PptpMiniport - ok
13:30:48.0321 4788 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:30:48.0336 4788 Processor - ok
13:30:48.0381 4788 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
13:30:48.0418 4788 ProfSvc - ok
13:30:48.0458 4788 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:30:48.0466 4788 ProtectedStorage - ok
13:30:48.0501 4788 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:30:48.0526 4788 Psched - ok
13:30:48.0606 4788 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:30:48.0629 4788 ql2300 - ok
13:30:48.0730 4788 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:30:48.0739 4788 ql40xx - ok
13:30:48.0753 4788 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:30:48.0766 4788 QWAVE - ok
13:30:48.0840 4788 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:30:48.0861 4788 QWAVEdrv - ok
13:30:48.0878 4788 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:30:48.0903 4788 RasAcd - ok
13:30:48.0926 4788 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:30:48.0950 4788 RasAgileVpn - ok
13:30:48.0968 4788 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:30:49.0002 4788 RasAuto - ok
13:30:49.0058 4788 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:30:49.0093 4788 Rasl2tp - ok
13:30:49.0151 4788 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:30:49.0178 4788 RasMan - ok
13:30:49.0193 4788 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:30:49.0218 4788 RasPppoe - ok
13:30:49.0223 4788 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:30:49.0260 4788 RasSstp - ok
13:30:49.0288 4788 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:30:49.0331 4788 rdbss - ok
13:30:49.0343 4788 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:30:49.0357 4788 rdpbus - ok
13:30:49.0366 4788 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:30:49.0395 4788 RDPCDD - ok
13:30:49.0431 4788 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
13:30:49.0449 4788 RDPDR - ok
13:30:49.0466 4788 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:30:49.0509 4788 RDPENCDD - ok
13:30:49.0513 4788 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:30:49.0538 4788 RDPREFMP - ok
13:30:49.0681 4788 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
13:30:49.0747 4788 RDPWD - ok
13:30:49.0872 4788 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:30:49.0881 4788 rdyboost - ok
13:30:49.0928 4788 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:30:49.0963 4788 RemoteAccess - ok
13:30:50.0000 4788 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:30:50.0033 4788 RemoteRegistry - ok
13:30:50.0052 4788 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:30:50.0079 4788 RpcEptMapper - ok
13:30:50.0120 4788 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:30:50.0143 4788 RpcLocator - ok
13:30:50.0195 4788 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:30:50.0226 4788 RpcSs - ok
13:30:50.0232 4788 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:30:50.0274 4788 rspndr - ok
13:30:50.0855 4788 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:30:50.0881 4788 RTL8167 - ok
13:30:50.0911 4788 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
13:30:50.0944 4788 s3cap - ok
13:30:50.0977 4788 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:30:50.0985 4788 SamSs - ok
13:30:51.0082 4788 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
13:30:51.0099 4788 SASDIFSV - ok
13:30:51.0140 4788 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
13:30:51.0146 4788 SASKUTIL - ok
13:30:51.0155 4788 SAVRKBootTasks - ok
13:30:51.0296 4788 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
13:30:51.0341 4788 SBAMSvc - ok
13:30:51.0431 4788 sbapifs (6e342316e72f4b6fa39c99e06373a1a3) C:\Windows\system32\DRIVERS\sbapifs.sys
13:30:51.0438 4788 sbapifs - ok
13:30:51.0482 4788 SbFw (19954328dda3d656f8a879b3a46ffed6) C:\Windows\system32\drivers\SbFw.sys
13:30:51.0491 4788 SbFw - ok
13:30:51.0523 4788 SBFWIMCL (513b3bfcd3c465b9820c2d05fa94e630) C:\Windows\system32\DRIVERS\sbfwim.sys
13:30:51.0530 4788 SBFWIMCL - ok
13:30:51.0533 4788 SBFWIMCLMP (513b3bfcd3c465b9820c2d05fa94e630) C:\Windows\system32\DRIVERS\SBFWIM.sys
13:30:51.0540 4788 SBFWIMCLMP - ok
13:30:51.0627 4788 sbhips (b671eef468d13016b9286f5835a06ae1) C:\Windows\system32\drivers\sbhips.sys
13:30:51.0633 4788 sbhips - ok
13:30:51.0776 4788 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:30:51.0785 4788 sbp2port - ok
13:30:51.0824 4788 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\Windows\system32\drivers\SBREdrv.sys
13:30:51.0830 4788 SBRE - ok
13:30:51.0847 4788 sbwtis (eab54adcceca64b2f38cd859fb494895) C:\Windows\system32\DRIVERS\sbwtis.sys
13:30:51.0854 4788 sbwtis - ok
13:30:51.0867 4788 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:30:51.0906 4788 SCardSvr - ok
13:30:51.0958 4788 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:30:51.0988 4788 scfilter - ok
13:30:52.0070 4788 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:30:52.0103 4788 Schedule - ok
13:30:52.0138 4788 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:30:52.0163 4788 SCPolicySvc - ok
13:30:52.0214 4788 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:30:52.0232 4788 SDRSVC - ok
13:30:52.0250 4788 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:30:52.0275 4788 secdrv - ok
13:30:52.0323 4788 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:30:52.0362 4788 seclogon - ok
13:30:52.0381 4788 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
13:30:52.0419 4788 SENS - ok
13:30:52.0467 4788 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:30:52.0484 4788 SensrSvc - ok
13:30:52.0487 4788 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:30:52.0505 4788 Serenum - ok
13:30:52.0538 4788 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:30:52.0546 4788 Serial - ok
13:30:52.0575 4788 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:30:52.0599 4788 sermouse - ok
13:30:52.0682 4788 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:30:52.0707 4788 SessionEnv - ok
13:30:52.0731 4788 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:30:52.0754 4788 sffdisk - ok
13:30:52.0765 4788 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:30:52.0780 4788 sffp_mmc - ok
13:30:52.0797 4788 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:30:52.0811 4788 sffp_sd - ok
13:30:52.0823 4788 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:30:52.0831 4788 sfloppy - ok
13:30:52.0879 4788 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:30:52.0916 4788 ShellHWDetection - ok
13:30:52.0947 4788 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:30:52.0956 4788 SiSRaid2 - ok
13:30:52.0980 4788 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:30:52.0992 4788 SiSRaid4 - ok
13:30:53.0041 4788 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:30:53.0075 4788 Smb - ok
13:30:53.0111 4788 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:30:53.0144 4788 SNMPTRAP - ok
13:30:53.0169 4788 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:30:53.0179 4788 spldr - ok
13:30:53.0209 4788 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:30:53.0242 4788 Spooler - ok
13:30:53.0433 4788 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
13:30:53.0542 4788 sppsvc - ok
13:30:53.0686 4788 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:30:53.0720 4788 sppuinotify - ok
13:30:53.0763 4788 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:30:53.0803 4788 srv - ok
13:30:53.0838 4788 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:30:53.0864 4788 srv2 - ok
13:30:53.0884 4788 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:30:53.0903 4788 srvnet - ok
13:30:53.0940 4788 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:30:53.0980 4788 SSDPSRV - ok
13:30:54.0017 4788 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:30:54.0075 4788 SstpSvc - ok
13:30:54.0129 4788 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:30:54.0138 4788 stexstor - ok
13:30:54.0198 4788 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:30:54.0216 4788 stisvc - ok
13:30:54.0253 4788 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
13:30:54.0261 4788 storflt - ok
13:30:54.0288 4788 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
13:30:54.0302 4788 StorSvc - ok
13:30:54.0315 4788 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
13:30:54.0324 4788 storvsc - ok
13:30:54.0326 4788 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:30:54.0334 4788 swenum - ok
13:30:54.0403 4788 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:30:54.0433 4788 swprv - ok
13:30:54.0528 4788 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:30:54.0576 4788 SysMain - ok
13:30:54.0712 4788 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:30:54.0725 4788 TabletInputService - ok
13:30:54.0780 4788 tap0901 (595cb8da5b522ad8cc28193dc21fd496) C:\Windows\system32\DRIVERS\tap0901.sys
13:30:54.0812 4788 tap0901 - ok
13:30:54.0847 4788 tap0901t (b08740047145b9bce15bf75ca0f9718a) C:\Windows\system32\DRIVERS\tap0901t.sys
13:30:54.0873 4788 tap0901t - ok
13:30:54.0902 4788 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:30:54.0946 4788 TapiSrv - ok
13:30:54.0964 4788 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:30:54.0998 4788 TBS - ok
13:30:55.0101 4788 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
13:30:55.0128 4788 Tcpip - ok
13:30:55.0241 4788 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
13:30:55.0268 4788 TCPIP6 - ok
13:30:55.0354 4788 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:30:55.0377 4788 tcpipreg - ok
13:30:55.0415 4788 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:30:55.0434 4788 TDPIPE - ok
13:30:55.0466 4788 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:30:55.0475 4788 TDTCP - ok
13:30:55.0512 4788 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:30:55.0536 4788 tdx - ok
13:30:55.0570 4788 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:30:55.0581 4788 TermDD - ok
13:30:55.0646 4788 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:30:55.0737 4788 TermService - ok
13:30:55.0782 4788 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:30:55.0793 4788 Themes - ok
13:30:55.0820 4788 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:30:55.0844 4788 THREADORDER - ok
13:30:55.0980 4788 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:30:56.0034 4788 TrkWks - ok
13:30:56.0059 4788 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:30:56.0083 4788 TrustedInstaller - ok
13:30:56.0121 4788 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:30:56.0144 4788 tssecsrv - ok
13:30:56.0186 4788 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:30:56.0216 4788 TsUsbFlt - ok
13:30:56.0253 4788 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:30:56.0278 4788 tunnel - ok
13:30:56.0383 4788 TunngleService (7a34128510eeb13cf8583531c8fb081c) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
13:30:56.0395 4788 TunngleService - ok
13:30:56.0442 4788 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:30:56.0450 4788 uagp35 - ok
13:30:56.0495 4788 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:30:56.0529 4788 udfs - ok
13:30:56.0564 4788 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:30:56.0574 4788 UI0Detect - ok
13:30:56.0657 4788 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:30:56.0666 4788 uliagpkx - ok
13:30:56.0746 4788 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
13:30:56.0767 4788 umbus - ok
13:30:56.0786 4788 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:30:56.0793 4788 UmPass - ok
13:30:56.0820 4788 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
13:30:56.0836 4788 UmRdpService - ok
13:30:56.0864 4788 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:30:56.0903 4788 upnphost - ok
13:30:56.0975 4788 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
13:30:57.0003 4788 USBAAPL64 - ok
13:30:57.0048 4788 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
13:30:57.0059 4788 usbaudio - ok
13:30:57.0092 4788 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:30:57.0108 4788 usbccgp - ok
13:30:57.0151 4788 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:30:57.0170 4788 usbcir - ok
13:30:57.0204 4788 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
13:30:57.0213 4788 usbehci - ok
13:30:57.0230 4788 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:30:57.0253 4788 usbhub - ok
13:30:57.0269 4788 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
13:30:57.0277 4788 usbohci - ok
13:30:57.0292 4788 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:30:57.0300 4788 usbprint - ok
13:30:57.0339 4788 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:30:57.0363 4788 usbscan - ok
13:30:57.0402 4788 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:30:57.0421 4788 USBSTOR - ok
13:30:57.0429 4788 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
13:30:57.0441 4788 usbuhci - ok
13:30:57.0453 4788 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:30:57.0480 4788 UxSms - ok
13:30:57.0539 4788 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:30:57.0550 4788 VaultSvc - ok
13:30:57.0570 4788 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:30:57.0578 4788 vdrvroot - ok
13:30:57.0625 4788 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:30:57.0652 4788 vds - ok
13:30:57.0675 4788 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:30:57.0683 4788 vga - ok
13:30:57.0687 4788 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:30:57.0722 4788 VgaSave - ok
13:30:57.0757 4788 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:30:57.0769 4788 vhdmp - ok
13:30:57.0781 4788 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:30:57.0789 4788 viaide - ok
13:30:57.0812 4788 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
13:30:57.0824 4788 vmbus - ok
13:30:57.0839 4788 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
13:30:57.0847 4788 VMBusHID - ok
13:30:57.0863 4788 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:30:57.0871 4788 volmgr - ok
13:30:57.0925 4788 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:30:57.0937 4788 volmgrx - ok
13:30:57.0960 4788 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:30:57.0968 4788 volsnap - ok
13:30:57.0984 4788 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:30:57.0992 4788 vsmraid - ok
13:30:58.0085 4788 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:30:58.0125 4788 VSS - ok
13:30:58.0203 4788 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:30:58.0224 4788 vwifibus - ok
13:30:58.0229 4788 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:30:58.0261 4788 vwififlt - ok
13:30:58.0293 4788 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:30:58.0323 4788 W32Time - ok
13:30:58.0340 4788 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:30:58.0349 4788 WacomPen - ok
13:30:58.0371 4788 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:30:58.0409 4788 WANARP - ok
13:30:58.0412 4788 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:30:58.0437 4788 Wanarpv6 - ok
13:30:58.0503 4788 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:30:58.0524 4788 WatAdminSvc - ok
13:30:58.0730 4788 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:30:58.0784 4788 wbengine - ok
13:30:58.0818 4788 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:30:58.0831 4788 WbioSrvc - ok
13:30:58.0880 4788 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:30:58.0910 4788 wcncsvc - ok
13:30:58.0916 4788 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:30:58.0938 4788 WcsPlugInService - ok
13:30:58.0947 4788 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:30:58.0955 4788 Wd - ok
13:30:58.0998 4788 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
13:30:59.0014 4788 WDC_SAM - ok
13:30:59.0049 4788 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:30:59.0064 4788 Wdf01000 - ok
13:30:59.0099 4788 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:30:59.0146 4788 WdiServiceHost - ok
13:30:59.0148 4788 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:30:59.0161 4788 WdiSystemHost - ok
13:30:59.0304 4788 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:30:59.0333 4788 WebClient - ok
13:30:59.0452 4788 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:30:59.0506 4788 Wecsvc - ok
13:30:59.0626 4788 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:30:59.0698 4788 wercplsupport - ok
13:30:59.0840 4788 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:30:59.0872 4788 WerSvc - ok
13:30:59.0996 4788 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:31:00.0021 4788 WfpLwf - ok
13:31:00.0089 4788 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:31:00.0097 4788 WIMMount - ok
13:31:00.0110 4788 WinHttpAutoProxySvc - ok
13:31:00.0151 4788 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:31:00.0188 4788 Winmgmt - ok
13:31:00.0292 4788 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:31:00.0358 4788 WinRM - ok
13:31:00.0485 4788 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
13:31:00.0495 4788 WinUsb - ok
13:31:00.0539 4788 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:31:00.0576 4788 Wlansvc - ok
13:31:00.0965 4788 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:31:00.0997 4788 wlidsvc - ok
13:31:01.0865 4788 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:31:01.0880 4788 WmiAcpi - ok
13:31:01.0929 4788 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:31:01.0945 4788 wmiApSrv - ok
13:31:01.0976 4788 WMPNetworkSvc - ok
13:31:01.0984 4788 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:31:02.0001 4788 WPCSvc - ok
13:31:02.0035 4788 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:31:02.0046 4788 WPDBusEnum - ok
13:31:02.0072 4788 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:31:02.0097 4788 ws2ifsl - ok
13:31:02.0099 4788 WSearch - ok
13:31:02.0216 4788 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
13:31:02.0250 4788 wuauserv - ok
13:31:02.0306 4788 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:31:02.0339 4788 WudfPf - ok
13:31:02.0369 4788 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:31:02.0404 4788 WUDFRd - ok
13:31:02.0439 4788 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:31:02.0464 4788 wudfsvc - ok
13:31:02.0490 4788 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:31:02.0511 4788 WwanSvc - ok
13:31:02.0550 4788 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:31:02.0789 4788 \Device\Harddisk0\DR0 - ok
13:31:02.0791 4788 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
13:31:02.0916 4788 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
13:31:02.0917 4788 \Device\Harddisk1\DR1 - detected TDSS File System (1)
13:31:02.0919 4788 Boot (0x1200) (d42eb5b6f4ec3d63630293a0b847abcb) \Device\Harddisk0\DR0\Partition0
13:31:02.0919 4788 \Device\Harddisk0\DR0\Partition0 - ok
13:31:02.0941 4788 Boot (0x1200) (ef7b51b83b217dd470bd2bad211d5ec8) \Device\Harddisk0\DR0\Partition1
13:31:02.0943 4788 \Device\Harddisk0\DR0\Partition1 - ok
13:31:02.0945 4788 Boot (0x1200) (2e94c917a1b6673a28376dce2cc8688c) \Device\Harddisk1\DR1\Partition0
13:31:02.0947 4788 \Device\Harddisk1\DR1\Partition0 - ok
13:31:02.0947 4788 ============================================================
13:31:02.0947 4788 Scan finished
13:31:02.0947 4788 ============================================================
13:31:02.0955 4564 Detected object count: 6
13:31:02.0955 4564 Actual detected object count: 6
13:32:21.0371 4564 HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
13:32:21.0371 4564 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:32:21.0371 4564 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
13:32:21.0371 4564 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:32:21.0371 4564 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - skipped by user
13:32:21.0371 4564 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:32:21.0378 4564 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:32:21.0378 4564 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:32:21.0378 4564 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:32:21.0378 4564 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:32:21.0378 4564 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
13:32:21.0378 4564 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip

And here's a link to a pic of the threats that came up:
http://gyazo.com/0d2e4a59d009af3214e317e0dd3cb004

There was skip by default and quaratine but I just skipped.

Thanks again dvk01

[dvk01]

now run it again and read my last post carefully

particuarly
let it cure anything it fnds ( except SPTD.SYS or anything detected as UnsignedFile.Multi.Generic, which should be ignored) & then reboot


you ignored the infection

Quote:

13:32:21.0378 4564 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
13:32:21.0378 4564 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip

[leechtime]

My mistake. Here's the new log:

21:43:23.0915 2384 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
21:43:25.0009 2384 ============================================================
21:43:25.0009 2384 Current date / time: 2012/06/22 21:43:25.0009
21:43:25.0009 2384 SystemInfo:
21:43:25.0009 2384
21:43:25.0009 2384 OS Version: 6.1.7601 ServicePack: 1.0
21:43:25.0009 2384 Product type: Workstation
21:43:25.0009 2384 ComputerName: LEECH-PC
21:43:25.0009 2384 UserName: Leech
21:43:25.0009 2384 Windows directory: C:\Windows
21:43:25.0009 2384 System windows directory: C:\Windows
21:43:25.0009 2384 Running under WOW64
21:43:25.0009 2384 Processor architecture: Intel x64
21:43:25.0009 2384 Number of processors: 2
21:43:25.0009 2384 Page size: 0x1000
21:43:25.0009 2384 Boot type: Normal boot
21:43:25.0009 2384 ============================================================
21:43:31.0705 2384 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:43:31.0736 2384 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:43:31.0769 2384 ============================================================
21:43:31.0769 2384 \Device\Harddisk0\DR0:
21:43:31.0785 2384 MBR partitions:
21:43:31.0785 2384 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:43:31.0785 2384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800
21:43:31.0785 2384 \Device\Harddisk1\DR1:
21:43:31.0785 2384 MBR partitions:
21:43:31.0785 2384 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
21:43:31.0785 2384 ============================================================
21:43:31.0863 2384 C: <-> \Device\Harddisk0\DR0\Partition1
21:43:31.0863 2384 E: <-> \Device\Harddisk1\DR1\Partition0
21:43:31.0863 2384 ============================================================
21:43:31.0863 2384 Initialize success
21:43:31.0863 2384 ============================================================
21:43:35.0759 3540 ============================================================
21:43:35.0759 3540 Scan started
21:43:35.0759 3540 Mode: Manual; SigCheck; TDLFS;
21:43:35.0759 3540 ============================================================
21:43:39.0673 3540 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
21:43:40.0613 3540 !SASCORE - ok
21:43:41.0271 3540 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:43:41.0880 3540 1394ohci - ok
21:43:42.0023 3540 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:43:42.0039 3540 ACPI - ok
21:43:42.0132 3540 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:43:42.0195 3540 AcpiPmi - ok
21:43:42.0398 3540 Ad-Aware Service (09e61047b0cef21559cfcedf4f14d216) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
21:43:42.0446 3540 Ad-Aware Service - ok
21:43:42.0586 3540 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:43:42.0602 3540 AdobeARMservice - ok
21:43:42.0931 3540 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:43:42.0947 3540 AdobeFlashPlayerUpdateSvc - ok
21:43:43.0603 3540 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:43:43.0634 3540 adp94xx - ok
21:43:43.0712 3540 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:43:43.0728 3540 adpahci - ok
21:43:43.0759 3540 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:43:43.0759 3540 adpu320 - ok
21:43:43.0900 3540 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:43:44.0292 3540 AeLookupSvc - ok
21:43:44.0480 3540 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:43:44.0589 3540 AFD - ok
21:43:44.0652 3540 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:43:44.0667 3540 agp440 - ok
21:43:44.0699 3540 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:43:44.0846 3540 ALG - ok
21:43:44.0875 3540 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:43:44.0884 3540 aliide - ok
21:43:44.0987 3540 AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe
21:43:45.0078 3540 AMD External Events Utility - ok
21:43:45.0106 3540 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:43:45.0115 3540 amdide - ok
21:43:45.0146 3540 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:43:45.0203 3540 AmdK8 - ok
21:43:48.0424 3540 amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
21:43:48.0733 3540 amdkmdag - ok
21:43:54.0592 3540 amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys
21:43:54.0610 3540 amdkmdap - ok
21:43:54.0631 3540 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:43:54.0656 3540 AmdPPM - ok
21:43:54.0708 3540 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:43:54.0718 3540 amdsata - ok
21:43:54.0754 3540 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:43:54.0765 3540 amdsbs - ok
21:43:54.0783 3540 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:43:54.0791 3540 amdxata - ok
21:43:55.0394 3540 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:43:55.0560 3540 AppID - ok
21:43:56.0189 3540 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:43:56.0311 3540 AppIDSvc - ok
21:43:57.0644 3540 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
21:43:57.0748 3540 Appinfo - ok
21:43:58.0534 3540 Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:43:58.0541 3540 Apple Mobile Device - ok
21:43:59.0413 3540 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
21:43:59.0479 3540 AppMgmt - ok
21:43:59.0509 3540 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:43:59.0520 3540 arc - ok
21:43:59.0541 3540 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:43:59.0551 3540 arcsas - ok
21:43:59.0889 3540 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:43:59.0998 3540 aspnet_state - ok
21:44:00.0022 3540 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:44:00.0067 3540 AsyncMac - ok
21:44:00.0099 3540 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:44:00.0108 3540 atapi - ok
21:44:00.0160 3540 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
21:44:00.0211 3540 AtiHDAudioService - ok
21:44:01.0253 3540 atikmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
21:44:01.0348 3540 atikmdag - ok
21:44:03.0490 3540 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:44:03.0887 3540 AudioEndpointBuilder - ok
21:44:03.0892 3540 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:44:03.0919 3540 AudioSrv - ok
21:44:04.0227 3540 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
21:44:04.0344 3540 AxInstSV - ok
21:44:04.0458 3540 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:44:04.0515 3540 b06bdrv - ok
21:44:04.0554 3540 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:44:04.0601 3540 b57nd60a - ok
21:44:04.0905 3540 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:44:04.0956 3540 BDESVC - ok
21:44:04.0992 3540 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:44:05.0057 3540 Beep - ok
21:44:05.0183 3540 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
21:44:05.0252 3540 BITS - ok
21:44:05.0311 3540 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:44:05.0349 3540 blbdrive - ok
21:44:06.0213 3540 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
21:44:06.0223 3540 Bonjour Service - ok
21:44:06.0600 3540 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:44:06.0685 3540 bowser - ok
21:44:06.0794 3540 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:44:07.0182 3540 BrFiltLo - ok
21:44:07.0230 3540 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:44:07.0240 3540 BrFiltUp - ok
21:44:07.0268 3540 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
21:44:07.0356 3540 Browser - ok
21:44:07.0613 3540 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:44:07.0800 3540 Brserid - ok
21:44:07.0932 3540 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:44:07.0953 3540 BrSerWdm - ok
21:44:07.0998 3540 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:44:08.0029 3540 BrUsbMdm - ok
21:44:08.0073 3540 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:44:08.0166 3540 BrUsbSer - ok
21:44:08.0250 3540 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:44:08.0296 3540 BTHMODEM - ok
21:44:08.0427 3540 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:44:08.0488 3540 bthserv - ok
21:44:08.0561 3540 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:44:08.0619 3540 cdfs - ok
21:44:08.0961 3540 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:44:09.0009 3540 cdrom - ok
21:44:09.0343 3540 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:44:09.0446 3540 CertPropSvc - ok
21:44:09.0563 3540 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:44:09.0629 3540 circlass - ok
21:44:09.0817 3540 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:44:09.0843 3540 CLFS - ok
21:44:10.0136 3540 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:44:10.0234 3540 clr_optimization_v2.0.50727_32 - ok
21:44:10.0453 3540 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:44:10.0487 3540 clr_optimization_v2.0.50727_64 - ok
21:44:10.0871 3540 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:44:11.0173 3540 clr_optimization_v4.0.30319_32 - ok
21:44:11.0481 3540 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:44:11.0635 3540 clr_optimization_v4.0.30319_64 - ok
21:44:11.0717 3540 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:44:11.0793 3540 CmBatt - ok
21:44:11.0874 3540 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:44:11.0882 3540 cmdide - ok
21:44:12.0097 3540 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:44:12.0202 3540 CNG - ok
21:44:12.0269 3540 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:44:12.0278 3540 Compbatt - ok
21:44:12.0394 3540 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:44:12.0418 3540 CompositeBus - ok
21:44:12.0467 3540 COMSysApp - ok
21:44:12.0536 3540 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:44:12.0544 3540 crcdisk - ok
21:44:12.0766 3540 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
21:44:12.0855 3540 CryptSvc - ok
21:44:12.0981 3540 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
21:44:13.0078 3540 CSC - ok
21:44:13.0145 3540 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
21:44:13.0203 3540 CscService - ok
21:44:13.0640 3540 DAUpdaterSvc (914a7156b0c0f10be645a02e13f576b2) c:\program files\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe
21:44:13.0647 3540 DAUpdaterSvc - ok
21:44:13.0682 3540 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:44:13.0771 3540 DcomLaunch - ok
21:44:13.0946 3540 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:44:13.0973 3540 defragsvc - ok
21:44:14.0144 3540 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:44:14.0178 3540 DfsC - ok
21:44:14.0262 3540 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
21:44:14.0327 3540 Dhcp - ok
21:44:14.0435 3540 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:44:14.0472 3540 discache - ok
21:44:14.0706 3540 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:44:14.0763 3540 Disk - ok
21:44:15.0353 3540 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
21:44:15.0413 3540 Dnscache - ok
21:44:15.0519 3540 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
21:44:15.0565 3540 dot3svc - ok
21:44:15.0855 3540 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
21:44:15.0891 3540 Dot4 - ok
21:44:15.0925 3540 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:44:15.0946 3540 Dot4Print - ok
21:44:16.0058 3540 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
21:44:16.0120 3540 dot4usb - ok
21:44:16.0200 3540 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
21:44:16.0258 3540 DPS - ok
21:44:16.0300 3540 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:44:16.0338 3540 drmkaud - ok
21:44:16.0434 3540 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:44:16.0452 3540 DXGKrnl - ok
21:44:16.0485 3540 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:44:16.0521 3540 EapHost - ok
21:44:17.0059 3540 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:44:17.0166 3540 ebdrv - ok
21:44:17.0421 3540 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
21:44:17.0478 3540 EFS - ok
21:44:17.0687 3540 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
21:44:17.0768 3540 ehRecvr - ok
21:44:17.0799 3540 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:44:17.0838 3540 ehSched - ok
21:44:17.0962 3540 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:44:17.0979 3540 elxstor - ok
21:44:18.0123 3540 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:44:18.0146 3540 ErrDev - ok
21:44:18.0188 3540 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:44:18.0235 3540 EventSystem - ok
21:44:18.0351 3540 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:44:18.0378 3540 exfat - ok
21:44:18.0395 3540 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:44:18.0441 3540 fastfat - ok
21:44:19.0061 3540 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
21:44:19.0173 3540 Fax - ok
21:44:19.0328 3540 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:44:19.0382 3540 fdc - ok
21:44:19.0458 3540 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:44:19.0495 3540 fdPHost - ok
21:44:19.0515 3540 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:44:19.0551 3540 FDResPub - ok
21:44:19.0577 3540 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:44:19.0585 3540 FileInfo - ok
21:44:19.0640 3540 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:44:19.0685 3540 Filetrace - ok
21:44:19.0708 3540 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:44:19.0716 3540 flpydisk - ok
21:44:19.0937 3540 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:44:19.0963 3540 FltMgr - ok
21:44:20.0344 3540 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
21:44:20.0396 3540 FontCache - ok
21:44:20.0472 3540 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:44:20.0482 3540 FontCache3.0.0.0 - ok
21:44:20.0882 3540 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:44:20.0891 3540 FsDepends - ok
21:44:20.0929 3540 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
21:44:20.0937 3540 Fs_Rec - ok
21:44:21.0329 3540 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:44:21.0355 3540 fvevol - ok
21:44:21.0436 3540 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:44:21.0461 3540 gagp30kx - ok
21:44:21.0543 3540 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:44:21.0550 3540 GEARAspiWDM - ok
21:44:21.0930 3540 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
21:44:22.0004 3540 gpsvc - ok
21:44:22.0112 3540 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
21:44:22.0119 3540 hamachi - ok
21:44:22.0222 3540 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:44:22.0287 3540 hcw85cir - ok
21:44:22.0487 3540 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:44:22.0504 3540 HdAudAddService - ok
21:44:22.0761 3540 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:44:22.0795 3540 HDAudBus - ok
21:44:22.0813 3540 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:44:22.0845 3540 HidBatt - ok
21:44:22.0860 3540 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:44:22.0881 3540 HidBth - ok
21:44:22.0893 3540 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:44:22.0915 3540 HidIr - ok
21:44:22.0985 3540 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
21:44:23.0040 3540 hidserv - ok
21:44:23.0208 3540 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:44:23.0216 3540 HidUsb - ok
21:44:23.0389 3540 HiPatchService (5a457c3d00c1c701230a12aa1580114d) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
21:44:23.0417 3540 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
21:44:23.0417 3540 HiPatchService - detected UnsignedFile.Multi.Generic (1)
21:44:23.0454 3540 hitmanpro35 (44f92c1f913e582bef9cac66443c6230) C:\Windows\system32\drivers\hitmanpro36.sys
21:44:23.0471 3540 hitmanpro35 - ok
21:44:23.0639 3540 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
21:44:23.0744 3540 hkmsvc - ok
21:44:25.0582 3540 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
21:44:25.0660 3540 HomeGroupListener - ok
21:44:25.0945 3540 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
21:44:25.0991 3540 HomeGroupProvider - ok
21:44:26.0426 3540 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:44:26.0474 3540 hpqcxs08 - ok
21:44:27.0439 3540 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:44:27.0446 3540 hpqddsvc - ok
21:44:27.0729 3540 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:44:27.0738 3540 HpSAMD - ok
21:44:28.0043 3540 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:44:28.0106 3540 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
21:44:28.0106 3540 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
21:44:28.0250 3540 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:44:28.0316 3540 HTTP - ok
21:44:28.0384 3540 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:44:28.0392 3540 hwpolicy - ok
21:44:28.0447 3540 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:44:28.0457 3540 i8042prt - ok
21:44:28.0551 3540 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:44:28.0578 3540 iaStorV - ok
21:44:28.0718 3540 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:44:28.0737 3540 idsvc - ok
21:44:28.0778 3540 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:44:28.0787 3540 iirsp - ok
21:44:28.0833 3540 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
21:44:28.0888 3540 IKEEXT - ok
21:44:28.0956 3540 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:44:28.0964 3540 intelide - ok
21:44:29.0229 3540 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:44:29.0244 3540 intelppm - ok
21:44:29.0326 3540 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:44:29.0384 3540 IPBusEnum - ok
21:44:29.0523 3540 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:44:29.0571 3540 IpFilterDriver - ok
21:44:29.0603 3540 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:44:29.0612 3540 IPMIDRV - ok
21:44:29.0635 3540 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:44:29.0668 3540 IPNAT - ok
21:44:29.0743 3540 iPod Service (3c0d4b3e80fc4854ca325dd123cc4ded) C:\Program Files\iPod\bin\iPodService.exe
21:44:29.0757 3540 iPod Service - ok
21:44:29.0808 3540 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:44:29.0847 3540 IRENUM - ok
21:44:29.0879 3540 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:44:29.0888 3540 isapnp - ok
21:44:29.0921 3540 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:44:29.0933 3540 iScsiPrt - ok
21:44:29.0958 3540 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
21:44:29.0967 3540 kbdclass - ok
21:44:30.0016 3540 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:44:30.0035 3540 kbdhid - ok
21:44:30.0052 3540 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:44:30.0061 3540 KeyIso - ok
21:44:30.0133 3540 KProcessHacker2 (bd70833ae5b0a9190d9a9618609034e2) C:\Program Files\Process Hacker 2\kprocesshacker.sys
21:44:30.0139 3540 KProcessHacker2 - ok
21:44:30.0149 3540 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:44:30.0158 3540 KSecDD - ok
21:44:30.0177 3540 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:44:30.0187 3540 KSecPkg - ok
21:44:30.0193 3540 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:44:30.0228 3540 ksthunk - ok
21:44:30.0257 3540 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:44:30.0298 3540 KtmRm - ok
21:44:30.0333 3540 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
21:44:30.0368 3540 LanmanServer - ok
21:44:30.0385 3540 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
21:44:30.0411 3540 LanmanWorkstation - ok
21:44:30.0416 3540 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:44:30.0440 3540 lltdio - ok
21:44:30.0473 3540 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:44:30.0500 3540 lltdsvc - ok
21:44:30.0530 3540 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:44:30.0553 3540 lmhosts - ok
21:44:30.0576 3540 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:44:30.0585 3540 LSI_FC - ok
21:44:30.0597 3540 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:44:30.0607 3540 LSI_SAS - ok
21:44:30.0620 3540 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:44:30.0628 3540 LSI_SAS2 - ok
21:44:30.0647 3540 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:44:30.0656 3540 LSI_SCSI - ok
21:44:30.0676 3540 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:44:30.0715 3540 luafv - ok
21:44:30.0737 3540 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
21:44:30.0747 3540 mcdbus - ok
21:44:30.0858 3540 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
21:44:30.0869 3540 Mcx2Svc - ok
21:44:30.0881 3540 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:44:30.0890 3540 megasas - ok
21:44:30.0905 3540 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:44:30.0916 3540 MegaSR - ok
21:44:30.0951 3540 MEMSWEEP2 (f9ce67e9e0226079b59107b649851f96) C:\Windows\system32\F6BC.tmp
21:44:30.0954 3540 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - warning
21:44:30.0954 3540 MEMSWEEP2 - detected UnsignedFile.Multi.Generic (1)
21:44:30.0971 3540 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:44:31.0031 3540 MMCSS - ok
21:44:31.0080 3540 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:44:31.0124 3540 Modem - ok
21:44:31.0126 3540 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:44:31.0146 3540 monitor - ok
21:44:31.0193 3540 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
21:44:31.0202 3540 mouclass - ok
21:44:31.0214 3540 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:44:31.0241 3540 mouhid - ok
21:44:31.0344 3540 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:44:31.0356 3540 mountmgr - ok
21:44:31.0391 3540 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:44:31.0401 3540 mpio - ok
21:44:31.0416 3540 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:44:31.0440 3540 mpsdrv - ok
21:44:31.0481 3540 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:44:31.0506 3540 MRxDAV - ok
21:44:31.0535 3540 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:44:31.0564 3540 mrxsmb - ok
21:44:31.0631 3540 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:44:31.0660 3540 mrxsmb10 - ok
21:44:31.0691 3540 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:44:31.0713 3540 mrxsmb20 - ok
21:44:31.0731 3540 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:44:31.0739 3540 msahci - ok
21:44:31.0886 3540 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:44:31.0919 3540 msdsm - ok
21:44:32.0048 3540 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:44:32.0084 3540 MSDTC - ok
21:44:32.0098 3540 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:44:32.0123 3540 Msfs - ok
21:44:32.0137 3540 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:44:32.0161 3540 mshidkmdf - ok
21:44:32.0193 3540 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:44:32.0201 3540 msisadrv - ok
21:44:32.0226 3540 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:44:32.0262 3540 MSiSCSI - ok
21:44:32.0264 3540 msiserver - ok
21:44:32.0287 3540 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:44:32.0311 3540 MSKSSRV - ok
21:44:32.0322 3540 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:44:32.0365 3540 MSPCLOCK - ok
21:44:32.0385 3540 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:44:32.0423 3540 MSPQM - ok
21:44:32.0604 3540 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:44:32.0624 3540 MsRPC - ok
21:44:32.0651 3540 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:44:32.0659 3540 mssmbios - ok
21:44:32.0668 3540 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:44:32.0708 3540 MSTEE - ok
21:44:32.0752 3540 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:44:32.0783 3540 MTConfig - ok
21:44:32.0795 3540 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:44:32.0804 3540 Mup - ok
21:44:32.0945 3540 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
21:44:32.0991 3540 napagent - ok
21:44:33.0065 3540 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:44:33.0084 3540 NativeWifiP - ok
21:44:33.0132 3540 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:44:33.0186 3540 NDIS - ok
21:44:33.0224 3540 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:44:33.0256 3540 NdisCap - ok
21:44:33.0291 3540 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:44:33.0314 3540 NdisTapi - ok
21:44:33.0380 3540 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:44:33.0404 3540 Ndisuio - ok
21:44:33.0438 3540 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:44:33.0466 3540 NdisWan - ok
21:44:33.0500 3540 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:44:33.0524 3540 NDProxy - ok
21:44:33.0555 3540 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
21:44:33.0561 3540 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:44:33.0561 3540 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:44:33.0580 3540 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:44:33.0614 3540 NetBIOS - ok
21:44:33.0650 3540 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:44:33.0708 3540 NetBT - ok
21:44:33.0737 3540 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:44:33.0746 3540 Netlogon - ok
21:44:33.0780 3540 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:44:33.0812 3540 Netman - ok
21:44:33.0949 3540 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:44:33.0961 3540 NetMsmqActivator - ok
21:44:33.0963 3540 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:44:33.0971 3540 NetPipeActivator - ok
21:44:33.0999 3540 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:44:34.0029 3540 netprofm - ok
21:44:34.0197 3540 netr28x (68cdb276a3009f0cf000c6352c1f72e7) C:\Windows\system32\DRIVERS\Dnetr28x.sys
21:44:34.0275 3540 netr28x - ok
21:44:34.0284 3540 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:44:34.0291 3540 NetTcpActivator - ok
21:44:34.0292 3540 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:44:34.0300 3540 NetTcpPortSharing - ok
21:44:34.0318 3540 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:44:34.0327 3540 nfrd960 - ok
21:44:34.0362 3540 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
21:44:34.0403 3540 NlaSvc - ok
21:44:34.0423 3540 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:44:34.0448 3540 Npfs - ok
21:44:34.0456 3540 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:44:34.0494 3540 nsi - ok
21:44:34.0497 3540 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:44:34.0522 3540 nsiproxy - ok
21:44:34.0917 3540 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:44:35.0041 3540 Ntfs - ok
21:44:35.0089 3540 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:44:35.0124 3540 Null - ok
21:44:35.0161 3540 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:44:35.0171 3540 nvraid - ok
21:44:35.0202 3540 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:44:35.0212 3540 nvstor - ok
21:44:35.0322 3540 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:44:35.0346 3540 nv_agp - ok
21:44:35.0655 3540 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:44:35.0693 3540 odserv - ok
21:44:35.0776 3540 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:44:35.0826 3540 ohci1394 - ok
21:44:35.0879 3540 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:44:35.0888 3540 ose - ok
21:44:35.0910 3540 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:44:35.0929 3540 p2pimsvc - ok
21:44:35.0964 3540 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:44:35.0978 3540 p2psvc - ok
21:44:35.0997 3540 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:44:36.0006 3540 Parport - ok
21:44:36.0043 3540 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
21:44:36.0052 3540 partmgr - ok
21:44:36.0065 3540 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:44:36.0093 3540 PcaSvc - ok
21:44:36.0123 3540 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:44:36.0133 3540 pci - ok
21:44:36.0148 3540 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:44:36.0156 3540 pciide - ok
21:44:36.0180 3540 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:44:36.0191 3540 pcmcia - ok
21:44:36.0207 3540 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:44:36.0214 3540 pcw - ok
21:44:36.0415 3540 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:44:36.0489 3540 PEAUTH - ok
21:44:36.0538 3540 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
21:44:36.0589 3540 PeerDistSvc - ok
21:44:36.0645 3540 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:44:36.0655 3540 PerfHost - ok
21:44:36.0948 3540 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
21:44:37.0042 3540 pla - ok
21:44:37.0099 3540 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
21:44:37.0142 3540 PlugPlay - ok
21:44:37.0322 3540 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
21:44:37.0363 3540 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:44:37.0363 3540 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:44:37.0401 3540 PnkBstrA - ok
21:44:37.0420 3540 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:44:37.0441 3540 PNRPAutoReg - ok
21:44:37.0469 3540 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:44:37.0480 3540 PNRPsvc - ok
21:44:37.0516 3540 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
21:44:37.0555 3540 PolicyAgent - ok
21:44:37.0704 3540 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:44:37.0750 3540 Power - ok
21:44:37.0800 3540 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:44:37.0835 3540 PptpMiniport - ok
21:44:37.0848 3540 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:44:37.0863 3540 Processor - ok
21:44:37.0909 3540 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
21:44:37.0946 3540 ProfSvc - ok
21:44:37.0972 3540 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:44:37.0981 3540 ProtectedStorage - ok
21:44:38.0017 3540 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:44:38.0051 3540 Psched - ok
21:44:38.0109 3540 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:44:38.0144 3540 ql2300 - ok
21:44:38.0583 3540 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:44:38.0613 3540 ql40xx - ok
21:44:38.0653 3540 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:44:38.0668 3540 QWAVE - ok
21:44:38.0704 3540 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:44:38.0724 3540 QWAVEdrv - ok
21:44:38.0754 3540 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:44:38.0793 3540 RasAcd - ok
21:44:38.0877 3540 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:44:38.0932 3540 RasAgileVpn - ok
21:44:38.0952 3540 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:44:38.0986 3540 RasAuto - ok
21:44:39.0138 3540 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:44:39.0183 3540 Rasl2tp - ok
21:44:39.0572 3540 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
21:44:39.0619 3540 RasMan - ok
21:44:39.0644 3540 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:44:39.0676 3540 RasPppoe - ok
21:44:39.0696 3540 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:44:39.0733 3540 RasSstp - ok
21:44:39.0916 3540 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:44:39.0963 3540 rdbss - ok
21:44:39.0974 3540 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:44:39.0985 3540 rdpbus - ok
21:44:39.0998 3540 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:44:40.0022 3540 RDPCDD - ok
21:44:40.0063 3540 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
21:44:40.0080 3540 RDPDR - ok
21:44:40.0084 3540 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:44:40.0126 3540 RDPENCDD - ok
21:44:40.0129 3540 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:44:40.0153 3540 RDPREFMP - ok
21:44:40.0344 3540 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
21:44:40.0412 3540 RDPWD - ok
21:44:40.0459 3540 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:44:40.0470 3540 rdyboost - ok
21:44:40.0500 3540 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:44:40.0533 3540 RemoteAccess - ok
21:44:40.0675 3540 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:44:40.0715 3540 RemoteRegistry - ok
21:44:40.0732 3540 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:44:40.0756 3540 RpcEptMapper - ok
21:44:40.0775 3540 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:44:40.0797 3540 RpcLocator - ok
21:44:41.0036 3540 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:44:41.0062 3540 RpcSs - ok
21:44:41.0194 3540 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:44:41.0233 3540 rspndr - ok
21:44:41.0293 3540 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:44:41.0321 3540 RTL8167 - ok
21:44:41.0365 3540 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
21:44:41.0406 3540 s3cap - ok
21:44:41.0441 3540 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:44:41.0449 3540 SamSs - ok
21:44:41.0564 3540 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:44:41.0570 3540 SASDIFSV - ok
21:44:41.0604 3540 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:44:41.0609 3540 SASKUTIL - ok
21:44:41.0619 3540 SAVRKBootTasks - ok
21:44:42.0596 3540 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
21:44:42.0638 3540 SBAMSvc - ok
21:44:43.0092 3540 sbapifs (6e342316e72f4b6fa39c99e06373a1a3) C:\Windows\system32\DRIVERS\sbapifs.sys
21:44:43.0099 3540 sbapifs - ok
21:44:43.0158 3540 SbFw (19954328dda3d656f8a879b3a46ffed6) C:\Windows\system32\drivers\SbFw.sys
21:44:43.0166 3540 SbFw - ok
21:44:43.0274 3540 SBFWIMCL (513b3bfcd3c465b9820c2d05fa94e630) C:\Windows\system32\DRIVERS\sbfwim.sys
21:44:43.0281 3540 SBFWIMCL - ok
21:44:43.0287 3540 SBFWIMCLMP (513b3bfcd3c465b9820c2d05fa94e630) C:\Windows\system32\DRIVERS\SBFWIM.sys
21:44:43.0292 3540 SBFWIMCLMP - ok
21:44:43.0326 3540 sbhips (b671eef468d13016b9286f5835a06ae1) C:\Windows\system32\drivers\sbhips.sys
21:44:43.0332 3540 sbhips - ok
21:44:43.0437 3540 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:44:43.0458 3540 sbp2port - ok
21:44:43.0487 3540 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\Windows\system32\drivers\SBREdrv.sys
21:44:43.0493 3540 SBRE - ok
21:44:43.0511 3540 sbwtis (eab54adcceca64b2f38cd859fb494895) C:\Windows\system32\DRIVERS\sbwtis.sys
21:44:43.0517 3540 sbwtis - ok
21:44:43.0542 3540 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:44:43.0605 3540 SCardSvr - ok
21:44:43.0645 3540 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:44:43.0673 3540 scfilter - ok
21:44:43.0786 3540 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
21:44:43.0838 3540 Schedule - ok
21:44:43.0898 3540 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:44:43.0922 3540 SCPolicySvc - ok
21:44:43.0962 3540 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
21:44:44.0002 3540 SDRSVC - ok
21:44:44.0021 3540 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:44:44.0045 3540 secdrv - ok
21:44:44.0081 3540 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
21:44:44.0121 3540 seclogon - ok
21:44:44.0154 3540 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
21:44:44.0190 3540 SENS - ok
21:44:44.0227 3540 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:44:44.0243 3540 SensrSvc - ok
21:44:44.0246 3540 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:44:44.0264 3540 Serenum - ok
21:44:44.0296 3540 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:44:44.0306 3540 Serial - ok
21:44:44.0323 3540 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:44:44.0346 3540 sermouse - ok
21:44:44.0378 3540 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
21:44:44.0403 3540 SessionEnv - ok
21:44:44.0430 3540 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:44:44.0454 3540 sffdisk - ok
21:44:44.0464 3540 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:44:44.0479 3540 sffp_mmc - ok
21:44:44.0485 3540 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:44:44.0510 3540 sffp_sd - ok
21:44:44.0522 3540 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:44:44.0531 3540 sfloppy - ok
21:44:44.0578 3540 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
21:44:44.0614 3540 ShellHWDetection - ok
21:44:44.0933 3540 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:44:44.0942 3540 SiSRaid2 - ok
21:44:44.0992 3540 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:44:45.0000 3540 SiSRaid4 - ok
21:44:45.0026 3540 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:44:45.0051 3540 Smb - ok
21:44:45.0084 3540 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:44:45.0100 3540 SNMPTRAP - ok
21:44:45.0157 3540 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:44:45.0165 3540 spldr - ok
21:44:45.0211 3540 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
21:44:45.0240 3540 Spooler - ok
21:44:45.0377 3540 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
21:44:45.0489 3540 sppsvc - ok
21:44:45.0588 3540 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:44:45.0616 3540 sppuinotify - ok
21:44:45.0666 3540 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:44:45.0716 3540 srv - ok
21:44:45.0741 3540 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:44:45.0766 3540 srv2 - ok
21:44:45.0787 3540 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:44:45.0806 3540 srvnet - ok
21:44:45.0843 3540 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:44:45.0880 3540 SSDPSRV - ok
21:44:45.0956 3540 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:44:45.0981 3540 SstpSvc - ok
21:44:46.0009 3540 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:44:46.0027 3540 stexstor - ok
21:44:46.0089 3540 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
21:44:46.0112 3540 stisvc - ok
21:44:46.0144 3540 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
21:44:46.0153 3540 storflt - ok
21:44:46.0178 3540 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
21:44:46.0206 3540 StorSvc - ok
21:44:46.0218 3540 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
21:44:46.0227 3540 storvsc - ok
21:44:46.0249 3540 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:44:46.0256 3540 swenum - ok
21:44:46.0294 3540 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:44:46.0332 3540 swprv - ok
21:44:46.0406 3540 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
21:44:46.0491 3540 SysMain - ok
21:44:46.0580 3540 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
21:44:46.0592 3540 TabletInputService - ok
21:44:46.0635 3540 tap0901 (595cb8da5b522ad8cc28193dc21fd496) C:\Windows\system32\DRIVERS\tap0901.sys
21:44:46.0667 3540 tap0901 - ok
21:44:46.0703 3540 tap0901t (b08740047145b9bce15bf75ca0f9718a) C:\Windows\system32\DRIVERS\tap0901t.sys
21:44:46.0727 3540 tap0901t - ok
21:44:46.0768 3540 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
21:44:46.0811 3540 TapiSrv - ok
21:44:46.0856 3540 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:44:46.0881 3540 TBS - ok
21:44:46.0992 3540 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
21:44:47.0071 3540 Tcpip - ok
21:44:47.0179 3540 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
21:44:47.0207 3540 TCPIP6 - ok
21:44:47.0257 3540 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:44:47.0281 3540 tcpipreg - ok
21:44:47.0293 3540 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:44:47.0313 3540 TDPIPE - ok
21:44:47.0346 3540 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
21:44:47.0354 3540 TDTCP - ok
21:44:47.0391 3540 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:44:47.0416 3540 tdx - ok
21:44:47.0425 3540 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:44:47.0434 3540 TermDD - ok
21:44:47.0488 3540 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
21:44:47.0543 3540 TermService - ok
21:44:47.0565 3540 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:44:47.0577 3540 Themes - ok
21:44:47.0603 3540 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:44:47.0627 3540 THREADORDER - ok
21:44:47.0639 3540 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:44:47.0694 3540 TrkWks - ok
21:44:47.0735 3540 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
21:44:47.0759 3540 TrustedInstaller - ok
21:44:47.0796 3540 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:44:47.0820 3540 tssecsrv - ok
21:44:47.0874 3540 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:44:47.0904 3540 TsUsbFlt - ok
21:44:47.0941 3540 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:44:47.0964 3540 tunnel - ok
21:44:48.0070 3540 TunngleService (7a34128510eeb13cf8583531c8fb081c) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
21:44:48.0097 3540 TunngleService - ok
21:44:48.0117 3540 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:44:48.0125 3540 uagp35 - ok
21:44:48.0146 3540 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:44:48.0192 3540 udfs - ok
21:44:48.0215 3540 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:44:48.0225 3540 UI0Detect - ok
21:44:48.0242 3540 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:44:48.0250 3540 uliagpkx - ok
21:44:48.0278 3540 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
21:44:48.0297 3540 umbus - ok
21:44:48.0317 3540 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:44:48.0326 3540 UmPass - ok
21:44:48.0352 3540 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
21:44:48.0368 3540 UmRdpService - ok
21:44:48.0434 3540 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:44:48.0506 3540 upnphost - ok
21:44:48.0958 3540 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
21:44:49.0015 3540 USBAAPL64 - ok
21:44:49.0116 3540 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
21:44:49.0156 3540 usbaudio - ok
21:44:49.0187 3540 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:44:49.0204 3540 usbccgp - ok
21:44:49.0247 3540 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:44:49.0266 3540 usbcir - ok
21:44:49.0299 3540 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:44:49.0308 3540 usbehci - ok
21:44:49.0328 3540 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:44:49.0362 3540 usbhub - ok
21:44:49.0378 3540 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:44:49.0386 3540 usbohci - ok
21:44:49.0400 3540 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:44:49.0411 3540 usbprint - ok
21:44:49.0458 3540 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
21:44:49.0482 3540 usbscan - ok
21:44:49.0521 3540 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:44:49.0541 3540 USBSTOR - ok
21:44:49.0549 3540 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
21:44:49.0562 3540 usbuhci - ok
21:44:49.0573 3540 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:44:49.0598 3540 UxSms - ok
21:44:49.0636 3540 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:44:49.0645 3540 VaultSvc - ok
21:44:49.0701 3540 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:44:49.0709 3540 vdrvroot - ok
21:44:49.0756 3540 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
21:44:49.0786 3540 vds - ok
21:44:49.0806 3540 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:44:49.0817 3540 vga - ok
21:44:49.0820 3540 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:44:49.0854 3540 VgaSave - ok
21:44:49.0902 3540 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:44:49.0914 3540 vhdmp - ok
21:44:49.0925 3540 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:44:49.0934 3540 viaide - ok
21:44:50.0085 3540 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
21:44:50.0096 3540 vmbus - ok
21:44:50.0309 3540 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
21:44:50.0366 3540 VMBusHID - ok
21:44:50.0582 3540 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:44:50.0590 3540 volmgr - ok
21:44:50.0635 3540 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:44:50.0648 3540 volmgrx - ok
21:44:50.0666 3540 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:44:50.0679 3540 volsnap - ok
21:44:50.0716 3540 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:44:50.0726 3540 vsmraid - ok
21:44:50.0824 3540 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
21:44:50.0876 3540 VSS - ok
21:44:50.0958 3540 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:44:50.0978 3540 vwifibus - ok
21:44:50.0984 3540 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:44:51.0013 3540 vwififlt - ok
21:44:51.0048 3540 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:44:51.0077 3540 W32Time - ok
21:44:51.0094 3540 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:44:51.0103 3540 WacomPen - ok
21:44:51.0125 3540 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:44:51.0162 3540 WANARP - ok
21:44:51.0164 3540 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:44:51.0187 3540 Wanarpv6 - ok
21:44:51.0362 3540 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
21:44:51.0387 3540 WatAdminSvc - ok
21:44:51.0641 3540 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
21:44:51.0718 3540 wbengine - ok
21:44:51.0764 3540 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:44:51.0778 3540 WbioSrvc - ok
21:44:52.0109 3540 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
21:44:52.0144 3540 wcncsvc - ok
21:44:52.0148 3540 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:44:52.0171 3540 WcsPlugInService - ok
21:44:52.0193 3540 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:44:52.0202 3540 Wd - ok
21:44:52.0355 3540 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
21:44:52.0380 3540 WDC_SAM - ok
21:44:52.0444 3540 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:44:52.0460 3540 Wdf01000 - ok
21:44:52.0487 3540 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:44:52.0564 3540 WdiServiceHost - ok
21:44:52.0566 3540 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:44:52.0579 3540 WdiSystemHost - ok
21:44:52.0615 3540 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
21:44:52.0639 3540 WebClient - ok
21:44:52.0655 3540 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:44:52.0692 3540 Wecsvc - ok
21:44:52.0708 3540 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:44:52.0751 3540 wercplsupport - ok
21:44:52.0782 3540 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:44:52.0817 3540 WerSvc - ok
21:44:52.0834 3540 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:44:52.0858 3540 WfpLwf - ok
21:44:52.0870 3540 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:44:52.0881 3540 WIMMount - ok
21:44:52.0888 3540 WinHttpAutoProxySvc - ok
21:44:52.0940 3540 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:44:53.0027 3540 Winmgmt - ok
21:44:53.0117 3540 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
21:44:53.0219 3540 WinRM - ok
21:44:53.0371 3540 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
21:44:53.0381 3540 WinUsb - ok
21:44:53.0424 3540 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:44:53.0473 3540 Wlansvc - ok
21:44:53.0647 3540 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:44:53.0689 3540 wlidsvc - ok
21:44:53.0899 3540 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:44:53.0939 3540 WmiAcpi - ok
21:44:53.0963 3540 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:44:53.0991 3540 wmiApSrv - ok
21:44:54.0004 3540 WMPNetworkSvc - ok
21:44:54.0057 3540 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:44:54.0084 3540 WPCSvc - ok
21:44:54.0124 3540 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
21:44:54.0134 3540 WPDBusEnum - ok
21:44:54.0178 3540 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:44:54.0202 3540 ws2ifsl - ok
21:44:54.0204 3540 WSearch - ok
21:44:54.0575 3540 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
21:44:54.0677 3540 wuauserv - ok
21:44:54.0894 3540 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:44:54.0985 3540 WudfPf - ok
21:44:55.0015 3540 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:44:55.0049 3540 WUDFRd - ok
21:44:55.0110 3540 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
21:44:55.0134 3540 wudfsvc - ok
21:44:55.0159 3540 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:44:55.0182 3540 WwanSvc - ok
21:44:55.0221 3540 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:44:55.0951 3540 \Device\Harddisk0\DR0 - ok
21:44:55.0953 3540 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
21:44:56.0073 3540 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
21:44:56.0073 3540 \Device\Harddisk1\DR1 - detected TDSS File System (1)
21:44:56.0075 3540 Boot (0x1200) (d42eb5b6f4ec3d63630293a0b847abcb) \Device\Harddisk0\DR0\Partition0
21:44:56.0076 3540 \Device\Harddisk0\DR0\Partition0 - ok
21:44:56.0092 3540 Boot (0x1200) (ef7b51b83b217dd470bd2bad211d5ec8) \Device\Harddisk0\DR0\Partition1
21:44:56.0092 3540 \Device\Harddisk0\DR0\Partition1 - ok
21:44:56.0095 3540 Boot (0x1200) (2e94c917a1b6673a28376dce2cc8688c) \Device\Harddisk1\DR1\Partition0
21:44:56.0096 3540 \Device\Harddisk1\DR1\Partition0 - ok
21:44:56.0096 3540 ============================================================
21:44:56.0096 3540 Scan finished
21:44:56.0096 3540 ============================================================
21:44:56.0101 3388 Detected object count: 6
21:44:56.0101 3388 Actual detected object count: 6
21:45:13.0190 3388 C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe - copied to quarantine
21:45:13.0196 3388 HKLM\SYSTEM\ControlSet001\services\HiPatchService - will be deleted on reboot
21:45:13.0243 3388 HKLM\SYSTEM\ControlSet002\services\HiPatchService - will be deleted on reboot
21:45:13.0436 3388 C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe - will be deleted on reboot
21:45:13.0436 3388 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Delete
21:45:13.0571 3388 C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL - copied to quarantine
21:45:13.0572 3388 HKLM\SYSTEM\ControlSet001\services\HPSLPSVC - will be deleted on reboot
21:45:13.0583 3388 HKLM\SYSTEM\ControlSet002\services\HPSLPSVC - will be deleted on reboot
21:45:13.0587 3388 C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL - will be deleted on reboot
21:45:13.0587 3388 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Delete
21:45:13.0629 3388 C:\Windows\system32\F6BC.tmp - copied to quarantine
21:45:13.0630 3388 HKLM\SYSTEM\ControlSet001\services\MEMSWEEP2 - will be deleted on reboot
21:45:13.0630 3388 HKLM\SYSTEM\ControlSet002\services\MEMSWEEP2 - will be deleted on reboot
21:45:13.0635 3388 C:\Windows\system32\F6BC.tmp - will be deleted on reboot
21:45:13.0635 3388 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - User select action: Delete
21:45:13.0672 3388 C:\Windows\system32\HPZinw12.dll - copied to quarantine
21:45:13.0673 3388 HKLM\SYSTEM\ControlSet001\services\Net Driver HPZ12 - will be deleted on reboot
21:45:13.0673 3388 HKLM\SYSTEM\ControlSet002\services\Net Driver HPZ12 - will be deleted on reboot
21:45:13.0677 3388 C:\Windows\system32\HPZinw12.dll - will be deleted on reboot
21:45:13.0677 3388 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Delete
21:45:13.0687 3388 C:\Windows\system32\HPZipm12.dll - copied to quarantine
21:45:13.0688 3388 HKLM\SYSTEM\ControlSet001\services\Pml Driver HPZ12 - will be deleted on reboot
21:45:13.0688 3388 HKLM\SYSTEM\ControlSet002\services\Pml Driver HPZ12 - will be deleted on reboot
21:45:13.0692 3388 C:\Windows\system32\HPZipm12.dll - will be deleted on reboot
21:45:13.0692 3388 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Delete
21:45:13.0713 3388 \Device\Harddisk1\DR1\TDLFS\config.ini - copied to quarantine
21:45:13.0717 3388 \Device\Harddisk1\DR1\TDLFS\tdl - copied to quarantine
21:45:13.0718 3388 \Device\Harddisk1\DR1\TDLFS\rsrc.dat - copied to quarantine
21:45:13.0719 3388 \Device\Harddisk1\DR1\TDLFS\bckfg.tmp - copied to quarantine
21:45:13.0724 3388 \Device\Harddisk1\DR1\TDLFS\tdlcmd.dll - copied to quarantine
21:45:13.0725 3388 \Device\Harddisk1\DR1\TDLFS\keywords - copied to quarantine
21:45:13.0725 3388 \Device\Harddisk1\DR1\TDLFS - deleted
21:45:13.0725 3388 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Delete
21:45:18.0969 4076 Deinitialize success


Thanks again for getting back so quickly!

[dvk01]

that looks a lot better
how is it now
are you still getting any redirects or strange sounds or has all that cleared up

[leechtime]

Hi again. Still getting errors.

Booted up today and left it for a few minutes and came back to lots of sounds (the same ones I've been hearing) playing over and over.

Tried google and I still get redirects.

Any other ideas would be very much appreciated.

[dvk01]

OK do you have your Vista/W7 install dvd as we need to replace the infected MBR from the PE recovery environment
If you don't then hopefully, you will have the recovery environment pre-installed by the computer manufacturer

this shows you how to boot to recovery environment
http://windows.microsoft.com/en-US/w...covery-Console
once in RE
select the command (CMD) option
when the black screen opens type bootrec /fixmbr < press enter>
once that has completed & you get a MBR replaced message, type exit <press enter> and that should reboot you into windows

[leechtime]

Hi, I'm not certain but I think I did what you recommended.

I got to a CMD prompt within the repair windows section.
I typed bootrec /fixmbr and it said instantly that the operation was completed successfuly.

I still have the same problems though. I think maybe it didn't replace the infected stuff, probably because I did something wrong

[dvk01]

do you have the windows DVD as this normally fixes better from outside windows rather than using teh inbuilt RE console
but you probably didn't follow instaructions properly
when you last ran TDSSkiller, you still didn't folow the correct instructions & fixed everythinmg, which menas that you will have to reinstall all your printer drivers & software as they have been removed by tdsskiller
I told you to fix the tdss infection only & skip the unsigned multi-file entries

if you don't follow the instructions fully, it makes it very hard to help you

[leechtime]

Thanks for the reply. You're right I probably did it wrong. As for the old drivers that's not a worry to me for now.

I am having trouble understanding the instructions for the latest step you gave me.

Quote:

Originally Posted by dvk01

replace the infected MBR from the PE recovery environment

Don't know what MBR or PE mean sorry.

Quote:

Originally Posted by dvk01

http://windows.microsoft.com/en-US/w...covery-Console

This info makes sense as to what I do when I boot with the install disk. But..

Quote:

Originally Posted by dvk01

once in RE select the command (CMD) option

I don't ever come across anything called a Recovery Environment.

There is a CMD promt I can get to and I use the cmd you instructed but apart from that I don't know if it's right or wrong. I'm sure it's quite simple but I don't know if it's done anything.

Really appreciate your patience in helping me out.

It is worth mentioning I have another HDD in the computer which has windows installed on it, it might be fixing the wrong version of windows but I don't know how or why it would do that one.

[dvk01]

did you follow this link
http://windows.microsoft.com/en-US/w...covery-Console
that tells you how to get into the the RE ( recovery environment) and either shows you how to boot to the inbuilt RE or how to use RE on your install DVD

I think you have been using the standard cmd prompt inside windows which cannot fix this as the infection is active

[leechtime]

Hello again! Thanks for getting back to me.

I've definately done it as the instructions say and not with standard cmd prompt, since I can't take screenshots I just wrote down all the possible things that happened when I went through, hopefully you can see what the problem is.

Using the Install Disk:
It loads the files (black screen with the grey progress bar) i click next when it comes up Install Windows and underneath the install button that comes up I click "repair your computer".
It says "Searching for Windows installations" and two come up.
Windows 7 Professional (recovered) (C:) and the other is Windows 7 (E:)
The (C:) drive is the new drive with the windows I am using installed. (E:) still has an older version of it installed.
If I pick (E:) and go on the command promt that says "X:\Sources>"and I type in as you say 'bootrec /fixmbr' without the 's, it works. For (C:) it comes up "This version of System Recovery Option is not compatible with your version of ... etc etc" So somehow the Windows 7 (x64) disk is the wrong one.

Inbuilt Recovery:
If I use the inbuilt recovery it says "Choose a recovery tool" and underneath "Operating System: Windows 7 on (E:) Local Disk" and there is no (C:) drive listed.

Normal Boot:
Normal boots asks me to choose an operating system (the one on C: or E:) which it didn't before (probably because it's repaired the old one). If I choose the new one (C:) it and try to boot up it crashes and restarts. And up where it will say for the (E:) drive to use the inbuilt repair it says instead "Windows failed to start. A recent hardware or software change might be the cause ie. use a disk yo!"

I think (and could be wrong) that if I disconnect this old (E:) drive it might help because it seems to be getting in the way. Any insight from you would be really awesome thanks again for all your help.

[dvk01]

it might be getting confused with 2 drives in, but shouldn't do

try it with just one disc in & see what happens & whether it will bott or not