1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Programs starting slow

Discussion in 'Windows 7' started by 4gony, Dec 27, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. 4gony

    4gony Thread Starter

    Joined:
    Dec 27, 2012
    Messages:
    14
    Since yesterday it seems my laptop seems to have gotten a problem after around 20-30 minutes after start up. all programs start up very slow 5-10 minutes before they start. It is very noticable if you start a program that requires administrative authorization, where the black transparent screen and the authorization can take a long time to appear.

    the task manager does not show any processes that are using an extra ordinary amount of usage. it is when doing next to nothing 15-20% cpu usage and 40% physical memory use. but the Intel turbo boost bar shows that I am using almost all my memory.

    Does anyone know the cause of this?

    I have found a trojan a few minutes ago with superantispyware and have removed it.
     
  2. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,849
    Hi, start SuperAntiSpyware again.
    Click View Scan Logs.
    Highlight the scan log entry.
    Click - View Selected Log.
    The scan log will appear in Notepad.
    Copy and paste in your next post.
    ------
    Download MalwareBytes to your desktop.
    Download the Free version.
    MalwareBytes
    Once downloaded to your desktop.
    Close all open browser windows.

    MalwareBytes
    Click on the Install icon - allow it to update during the install process.
    Start Malwarebytes Anti-Malware.
    Click on Scanner > then quick scan > then Scan.
    Any infections or problems will be highlighted in red.
    After the scan is finished - Click - Show Results.
    Check that all entries are selected.
    Click - Remove Selected.
    You may be prompted to restart to finish the removal process.
    If Yes - restart your Pc.

    Start Malwarebytes again.
    Click on the Logs Tab.
    Highlight the scan log entry.
    Click - Open.
    The scan log will appear in Notepad.
    Copy and paste it in your next post.

    Depending on what shows up in your Malware logs - we may need a Malware expert to check the logs and run other scans
    ------
    Download Security Check by screen317
    http://screen317.spywareinfoforum.org/
    Save it to your Desktop.

    Right click and select "Run as Administrator"
    A command Prompt window will open.
    Let it scan the Pc - press any key when asked.
    It should now open in Notepad - and will save a log called checkup.txt.
    Post the result of the scan here.
     
  3. 4gony

    4gony Thread Starter

    Joined:
    Dec 27, 2012
    Messages:
    14
    Thanks for the fast reply
    I did a malware scan yesterday one thing popped up.

    Malwarebytes Anti-Malware 1.65.1.1000
    www.malwarebytes.org

    Database version: v2012.12.26.11

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Floris :: FLORIS-PC [administrator]

    12/26/2012 7:43:41 PM
    mbam-log-2012-12-26 (19-43-41).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 221514
    Time elapsed: 3 minute(s), 7 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 1
    C:\Users\Floris\AppData\Local\Temp\xxxyyyzzz.dat (Malware.Trace) -> Quarantined and deleted successfully.

    (end)

    Super antispyware log

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 12/27/2012 at 01:31 PM

    Application Version : 5.6.1014

    Core Rules Database Version : 9793
    Trace Rules Database Version: 7605

    Scan type : Quick Scan
    Total Scan Time : 00:19:45

    Operating System Information
    Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 661
    Memory threats detected : 0
    Registry items scanned : 65291
    Registry threats detected : 0
    File items scanned : 11767
    File threats detected : 54

    Adware.Tracking Cookie
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\YI1TWM2J.txt [ /serving-sys.com ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\OO0E7AEA.txt [ /beacons.hottraffic.nl ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\P41QA37E.txt [ /atdmt.com ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\8MLZD9OV.txt [ /invitemedia.com ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\YNM7P8K8.txt [ /nl.sitestat.com ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\71IJMGL0.txt [ /doubleclick.net ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\FRHN2HPX.txt [ /mmstat.com ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\GM2AU3SI.txt [ /2o7.net ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\Z7PKUHZN.txt [ /staatsloterij.solution.weborama.fr ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\IJQP4HFH.txt [ /weborama.fr ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\S7H35CKS.txt [ /microsoftwllivemkt.112.2o7.net ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\4X2VUTE4.txt [ /media6degrees.com ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\D817W1PS.txt [ /bs.serving-sys.com ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\HO8AHPH7.txt [ /ads.creative-serving.com ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\V2ELJNQF.txt [ /bluemango.solution.weborama.fr ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\AIMKQ9HZ.txt [ /c.atdmt.com ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\NB272K1Y.txt [ /tradedoubler.com ]
    C:\Users\Floris\AppData\Roaming\Microsoft\Windows\Cookies\0ERGQ1R7.txt [ /msnportal.112.2o7.net ]
    C:\USERS\FLORIS\AppData\Roaming\Microsoft\Windows\Cookies\JCTTVE8S.txt [ Cookie:[email protected]/adServe/banners ]
    C:\USERS\FLORIS\AppData\Roaming\Microsoft\Windows\Cookies\DRFS6Y42.txt [ Cookie:[email protected]/adServe ]
    C:\USERS\FLORIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\DBDHGIHH.txt [ Cookie:[email protected]/ ]
    C:\USERS\FLORIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\9C0WAK4O.txt [ Cookie:[email protected]/ ]
    C:\USERS\FLORIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZPWQQXXR.txt [ Cookie:[email protected]/ ]
    C:\USERS\FLORIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\ATU0EPID.txt [ Cookie:[email protected]/ ]
    C:\USERS\FLORIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\JQT3RCHP.txt [ Cookie:[email protected]/ ]
    C:\USERS\FLORIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\KOI47M7L.txt [ Cookie:[email protected]/ ]
    C:\USERS\FLORIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\MUEBDVSQ.txt [ Cookie:[email protected]/ ]
    C:\USERS\FLORIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\2DH0VIIW.txt [ Cookie:[email protected]/ ]
    C:\USERS\FLORIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\59B92S2S.txt [ Cookie:[email protected]/ ]
    C:\USERS\FLORIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\ATX0WR8V.txt [ Cookie:[email protected]/ ]
    C:\USERS\FLORIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZCIV521E.txt [ Cookie:[email protected]/ ]
    C:\USERS\FLORIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\WQEDRM1K.txt [ Cookie:[email protected]/ ]
    C:\USERS\FLORIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z5U19O4E.txt [ Cookie:[email protected]/ ]
    C:\USERS\FLORIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\ONBDOKS1.txt [ Cookie:[email protected]/ ]
    accounts.youtube.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    accounts.google.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    accounts.google.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    .gametracker.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    .histats.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    .histats.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    wstat.wibiya.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    .xiti.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    nl.sitestat.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    nl.sitestat.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    nl.sitestat.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    nl.sitestat.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    .estat.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\FLORIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKT2EEKR.DEFAULT\COOKIES.SQLITE ]

    Trojan.Agent/Gen-Dropper
    C:\USERS\FLORIS\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ORRVMRAN\WINRMS[1].EXE
     
  4. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,849
    'Files Detected: 1
    C:\Users\Floris\AppData\Local\Temp\xxxyyyzzz.dat (Malware.Trace)'

    'Trojan.Agent/Gen-Dropper
    C:\USERS\FLORIS\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ORRVMRAN\WINRMS[1].EXE'

    Looking at the SUPERAntiSpyware forum - some are saying the the Trojan.Agent/Gen-Dropper may be what's called a False Positive - that is a file picked up as being Malware but is in fact safe.

    I will ask one of our Malware Experts to take a look at the logs above and they may ask you to run other scans.
     
  5. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,849
    While waiting for a reply from our Malware Expert.
    Download Security Check by screen317
    http://screen317.spywareinfoforum.org/
    Save it to your Desktop.

    Right click and select "Run as Administrator"
    A command Prompt window will open.
    Let it scan the Pc - press any key when asked.
    It should now open in Notepad - and will save a log called checkup.txt.
    Post the result of the scan here.
    ------
    Check and post
    TSG System Information Utility - found here.
    http://library.techguy.org/wiki/TSG_Valuable_links
     
  6. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Hi 4gony, please run this scan and post the log.

    1. Download Malwarebytes Anti-Rootkit from this link mbar
    2. Unzip the File to a convenient location. (Recommend the Desktop)
    3. Open the folder where the contents were unzipped to run mbar.exe

    [​IMG]

    4. Double-click on the mbar.exe file, you may receive a User Account Control prompt asking if you are sure you wish to allow the program to run. Please allow the program to run and MBAR will now start to install any necessary drivers that are required for the program to operate correctly. If a rootkit is interfering with the installation of the drivers you will see a message that states that the DDA driver was not installed and that you should reboot your computer to install it. You will see this image:

    [​IMG]

    5. If you receive this message, please click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer. Once the computer is rebooted and you login, MBAR will automatically start and you will now be at the start screen. (If no Rootkit warning you will go from step 4 to 6.)

    6. The following image opens, select Next.

    [​IMG]

    7. The following image opens, select Update

    [​IMG]

    8. When the Update completes, select Next

    [​IMG]

    9. In the following window ensure "Targets" are ticked. Then select "Scan"

    [​IMG]

    10. If an infection/s is found the "Cleanup Button" to remove threats will be available. A list of infected files will be listed like the following example:

    [​IMG]

    11. Do not select the "Clean up Button" select the "Exit" button, there will be a warning as follows:

    [​IMG]

    12. Select "Yes" to close down the program. If NO infections were found you will see the following image:

    [​IMG]

    13. Select "Exit" to close down.
    14. Copy and paste the two following logs from the mbar folder:

    System - log
    Mbar - log Date and time of scan will also be shown

    [​IMG]
     
  7. 4gony

    4gony Thread Starter

    Joined:
    Dec 27, 2012
    Messages:
    14
    The security check log

    Results of screen317's Security Check version 0.99.56
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 9
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Windows Firewall Disabled!
    Kaspersky Anti-Virus
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    Malwarebytes Anti-Malware version 1.65.1.1000
    Java(TM) 6 Update 35
    Java 7 Update 9
    Adobe Flash Player 11.5.502.135
    Adobe Reader 10.1.4 Adobe Reader out of Date!
    Mozilla Firefox (17.0.1)
    ````````Process Check: objlist.exe by Laurent````````
    Kaspersky Lab Kaspersky Anti-Virus 2011 avp.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: 0%
    ````````````````````End of Log``````````````````````
     
  8. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,849
    Ok - thanks for the above.
    Now check Mark1956's post # 6 and follow all suggestions.
     
  9. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Please uninstall Java 6 Update 35 before running Mbar.
     
  10. 4gony

    4gony Thread Starter

    Joined:
    Dec 27, 2012
    Messages:
    14
    I attached the root logs. thanks for your help
     

    Attached Files:

  11. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    The instructions clearly ask you to Copy and Paste the logs into your next post which saves us helpers a bit of time so I am posting the logs for all to see.


    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.01.0.1011

    (c) Malwarebytes Corporation 2011-2012

    OS version: 6.1.7601 Windows 7 Service Pack 1 x64

    Account is Administrative

    Internet Explorer version: 9.0.8112.16421

    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
    CPU speed: 2.195000 GHz
    Memory total: 6331478016, free: 4321243136

    ------------ Kernel report ------------
    12/27/2012 17:13:07
    ------------ Loaded modules -----------
    \SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kdcom.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\CLFS.SYS
    \SystemRoot\system32\CI.dll
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\System32\Drivers\sptd.sys
    \SystemRoot\system32\drivers\ACPI.sys
    \SystemRoot\system32\drivers\WMILIB.SYS
    \SystemRoot\system32\drivers\msisadrv.sys
    \SystemRoot\system32\drivers\vdrvroot.sys
    \SystemRoot\system32\drivers\pci.sys
    \SystemRoot\system32\DRIVERS\kl1.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\system32\DRIVERS\compbatt.sys
    \SystemRoot\system32\DRIVERS\BATTC.SYS
    \SystemRoot\system32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\system32\drivers\iaStor.sys
    \SystemRoot\system32\drivers\amdxata.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\system32\drivers\fileinfo.sys
    \SystemRoot\System32\Drivers\PxHlpa64.sys
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\msrpc.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\drivers\volsnap.sys
    \SystemRoot\system32\DRIVERS\stdcfltn.sys
    \SystemRoot\System32\Drivers\spldr.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\system32\DRIVERS\nvpciflt.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\hwpolicy.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\system32\drivers\disk.sys
    \SystemRoot\system32\drivers\CLASSPNP.SYS
    \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
    \SystemRoot\system32\DRIVERS\cdrom.sys
    \SystemRoot\system32\DRIVERS\klif.sys
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\vga.sys
    \SystemRoot\System32\drivers\VIDEOPRT.SYS
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\System32\DRIVERS\RDPCDD.sys
    \SystemRoot\system32\drivers\rdpencdd.sys
    \SystemRoot\system32\drivers\rdprefmp.sys
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\system32\DRIVERS\kl2.sys
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\system32\DRIVERS\wfplwf.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\vwififlt.sys
    \SystemRoot\system32\DRIVERS\klim6.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\wanarp.sys
    \SystemRoot\system32\DRIVERS\termdd.sys
    \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
    \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\DRIVERS\nvkflt.sys
    \SystemRoot\System32\drivers\dxgkrnl.sys
    \SystemRoot\System32\drivers\dxgmms1.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\system32\DRIVERS\mssmbios.sys
    \SystemRoot\System32\drivers\discache.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\DRIVERS\blbdrive.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\system32\DRIVERS\wmiacpi.sys
    \SystemRoot\system32\DRIVERS\nvlddmkm.sys
    \SystemRoot\System32\Drivers\nvBridge.kmd
    \SystemRoot\system32\DRIVERS\igdkmd64.sys
    \SystemRoot\system32\DRIVERS\HECIx64.sys
    \SystemRoot\system32\DRIVERS\usbehci.sys
    \SystemRoot\system32\DRIVERS\USBPORT.SYS
    \SystemRoot\system32\DRIVERS\HDAudBus.sys
    \SystemRoot\system32\DRIVERS\NETwNs64.sys
    \SystemRoot\system32\DRIVERS\vwifibus.sys
    \SystemRoot\system32\DRIVERS\nusb3xhc.sys
    \SystemRoot\system32\DRIVERS\USBD.SYS
    \SystemRoot\system32\DRIVERS\Rt64win7.sys
    \SystemRoot\system32\DRIVERS\i8042prt.sys
    \SystemRoot\system32\DRIVERS\kbdclass.sys
    \SystemRoot\system32\DRIVERS\SynTP.sys
    \SystemRoot\system32\DRIVERS\klmouflt.sys
    \SystemRoot\system32\DRIVERS\mouclass.sys
    \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    \SystemRoot\System32\Drivers\a6qk9bda.SYS
    \SystemRoot\System32\Drivers\SCSIPORT.SYS
    \SystemRoot\system32\DRIVERS\Accelern.sys
    \SystemRoot\system32\DRIVERS\CmBatt.sys
    \SystemRoot\system32\DRIVERS\intelppm.sys
    \SystemRoot\system32\DRIVERS\AMPPAL.sys
    \SystemRoot\system32\DRIVERS\CompositeBus.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\DRIVERS\swenum.sys
    \SystemRoot\system32\DRIVERS\ks.sys
    \SystemRoot\system32\DRIVERS\umbus.sys
    \SystemRoot\system32\DRIVERS\usbhub.sys
    \SystemRoot\system32\DRIVERS\nusb3hub.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\system32\drivers\RTKVHD64.sys
    \SystemRoot\system32\drivers\portcls.sys
    \SystemRoot\system32\drivers\drmk.sys
    \SystemRoot\system32\drivers\ksthunk.sys
    \SystemRoot\system32\DRIVERS\IntcDAud.sys
    \SystemRoot\system32\DRIVERS\hidusb.sys
    \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    \SystemRoot\system32\DRIVERS\mouhid.sys
    \SystemRoot\System32\win32k.sys
    \SystemRoot\System32\drivers\Dxapi.sys
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\Drivers\dump_iaStor.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\system32\DRIVERS\usbccgp.sys
    \SystemRoot\System32\Drivers\usbvideo.sys
    \SystemRoot\system32\DRIVERS\qicflt.sys
    \SystemRoot\system32\DRIVERS\CtClsFlt.sys
    \SystemRoot\system32\DRIVERS\monitor.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\cdd.dll
    \SystemRoot\System32\ATMFD.DLL
    \SystemRoot\system32\drivers\luafv.sys
    \SystemRoot\system32\DRIVERS\Sftvollh.sys
    \SystemRoot\system32\drivers\WudfPf.sys
    \SystemRoot\system32\DRIVERS\lltdio.sys
    \SystemRoot\system32\DRIVERS\nwifi.sys
    \SystemRoot\system32\DRIVERS\ndisuio.sys
    \SystemRoot\system32\DRIVERS\rspndr.sys
    \SystemRoot\system32\DRIVERS\TurboB.sys
    \SystemRoot\system32\drivers\HTTP.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\drivers\peauth.sys
    \SystemRoot\System32\Drivers\secdrv.SYS
    \SystemRoot\system32\DRIVERS\Sftfslh.sys
    \SystemRoot\system32\DRIVERS\Sftplaylh.sys
    \SystemRoot\System32\DRIVERS\srvnet.sys
    \SystemRoot\System32\drivers\tcpipreg.sys
    \SystemRoot\system32\DRIVERS\vwifimp.sys
    \SystemRoot\System32\DRIVERS\srv2.sys
    \SystemRoot\System32\DRIVERS\srv.sys
    \SystemRoot\System32\Drivers\fastfat.SYS
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\mbamswissarmy.sys
    \Windows\System32\ntdll.dll
    \Windows\System32\smss.exe
    \Windows\System32\apisetschema.dll
    \Windows\System32\autochk.exe
    \Windows\System32\imm32.dll
    \Windows\System32\sechost.dll
    \Windows\System32\clbcatq.dll
    \Windows\System32\shlwapi.dll
    \Windows\System32\comdlg32.dll
    \Windows\System32\setupapi.dll
    \Windows\System32\rpcrt4.dll
    \Windows\System32\nsi.dll
    \Windows\System32\psapi.dll
    \Windows\System32\iertutil.dll
    \Windows\System32\msvcrt.dll
    \Windows\System32\user32.dll
    \Windows\System32\shell32.dll
    \Windows\System32\msctf.dll
    \Windows\System32\wininet.dll
    \Windows\System32\ole32.dll
    \Windows\System32\urlmon.dll
    \Windows\System32\difxapi.dll
    \Windows\System32\imagehlp.dll
    \Windows\System32\gdi32.dll
    \Windows\System32\ws2_32.dll
    \Windows\System32\lpk.dll
    \Windows\System32\kernel32.dll
    \Windows\System32\usp10.dll
    \Windows\System32\oleaut32.dll
    \Windows\System32\advapi32.dll
    \Windows\System32\Wldap32.dll
    \Windows\System32\normaliz.dll
    \Windows\System32\cfgmgr32.dll
    \Windows\System32\devobj.dll
    \Windows\System32\crypt32.dll
    \Windows\System32\comctl32.dll
    \Windows\System32\wintrust.dll
    \Windows\System32\KernelBase.dll
    \Windows\System32\msasn1.dll
    \Windows\SysWOW64\normaliz.dll
    ----------- End -----------
    <<<1>>>
    Upper Device Name: \Device\Harddisk0\DR0
    Upper Device Object: 0xfffffa8006598790
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\Ide\IAAStorageDevice-1\
    Lower Device Object: 0xfffffa80062e5050
    Lower Device Driver Name: \Driver\iaStor\
    Driver name found: iaStor
    DriverEntry returned 0x0
    Function returned 0x0
    Downloaded database version: v2012.12.27.07
    Initializing...
    Done!
    <<<2>>>
    Device number: 0, partition: 3
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa8006598790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa80065982c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa8006598790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa800649fc60, DeviceName: Unknown, DriverName: \Driver\stdcfltn\
    DevicePointer: 0xfffffa800630ce40, DeviceName: Unknown, DriverName: \Driver\ACPI\
    DevicePointer: 0xfffffa80062e5050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
    ------------ End ----------
    Upper DeviceData: 0xfffff8a00dc52370, 0xfffffa8006598790, 0xfffffa80057e5790
    Lower DeviceData: 0xfffff8a00c9fd040, 0xfffffa80062e5050, 0xfffffa8005b49990
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Scanning directory: C:\Windows\system32\drivers...
    File user open failed: C:\Windows\system32\drivers\sptd.sys (0x00000020)
    Done!
    Drive 0
    Scanning MBR on drive 0...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 7F2837E

    Partition information:

    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63 Numsec = 208782

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 212992 Numsec = 40960000
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 41172992 Numsec = 733826800

    Partition 3 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 775000064 Numsec = 690145280

    Disk Size: 750156374016 bytes
    Sector size: 512 bytes

    Scanning physical sectors of unpartitioned space on drive 0 (1-62-1465129168-1465149168)...
    Done!
    Performing system, memory and registry scan...
    Read File: File "C:\ProgramData\{5794CDCB-FAB7-4C15-9069-4D8AC02592DE}\CrysisWars_patch5.lan" is compressed (flags = 1)
    Read File: File "C:\ProgramData\{5794CDCB-FAB7-4C15-9069-4D8AC02592DE}\instance.dat" is compressed (flags = 1)
    <<<2>>>
    Device number: 0, partition: 4
    <<<3>>>
    Volume: E:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Infected: C:\Users\Floris\AppData\Local\Temp\xxxyyyzzz.dat --> [Malware.Trace]
    Done!
    Scan finished
    =======================================

    Malwarebytes Anti-Rootkit 1.01.0.1011
    www.malwarebytes.org

    Database version: v2012.12.27.07

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Floris :: FLORIS-PC [administrator]

    12/27/2012 5:24:40 PM
    mbar-log-2012-12-27 (17-24-40).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
    Scan options disabled:
    Objects scanned: 29698
    Time elapsed: 9 minute(s), 30 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 1
    C:\Users\Floris\AppData\Local\Temp\xxxyyyzzz.dat (Malware.Trace) -> Delete on reboot.

    (end)
     
  12. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Go to one of the following online services that analyzes suspicious files:

    In the "File to Scan" (Upload or Submit) box, click the "browse" button and locate the following file:

    C:\Users\Floris\AppData\Local\Temp\xxxyyyzzz.dat <- this file

    Click "Open", then click the "Submit" button. If you get a message saying "File has already been analyzed", click Reanalyze or Scan again.
    -- Post back with the results of the file analysis in your next reply. All I need know is how many of the scanners came up as detecting an infection.


    Please then run this scan and post the log, do not send it as an attachment.



    Please follow the instructions exactly as written, deviating from the instructions and trying to fix anything before I have seen the logs may make your PC unbootable. If TDSSKiller does not offer the Cure option DO NOT select delete as you may remove files needed for the system to operate.

    Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!
    -- The tool is frequently updated...if you used TDSSKiller before, delete that version and download the most current one before using again.

    Be sure to print out and follow the instructions for performing a scan.

    • Extract (unzip) the file to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the Desktop.
    • Alternatively, you can download TDSSKiller.exe and use that instead.
    • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
      Vista/Windows 7 users right-click and select Run As Administrator.
    • If an update is available, TDSSKiller will prompt you to update and download the most current version. Click Load Update. Close TDSSKiller and start again.


    • When the program opens, click the Change parameters.

      [​IMG]

    • Under "Additional options", check the boxes next to Verify file digital signatures and Detect TDLFS file system, then click OK.

      [​IMG]

    • Click the Start Scan button.

      [​IMG]

    • Do not use the computer during the scan
    • If the scan completes with nothing found, click Close to exit.
    • If 'Suspicious objects' are detected, the default action will be Skip. Leave the default set to Skip and click on Continue.
    • If Malicious objects are detected, they will show in the Scan results - Select action for found objects: and offer three options.

      [​IMG]

    • Ensure Cure is selected...then click Continue -> Reboot computer for cure completion.

      [​IMG]

    • Important! -> If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed. If you choose Delete you may remove critical system files and make your PC unstable or possibly unbootable.
    • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C: ).
    • Copy and paste the contents of that file in your next reply.

    -- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it to something else before beginning the download and saving to the computer or to perform the scan in "safe mode".
     
  13. 4gony

    4gony Thread Starter

    Joined:
    Dec 27, 2012
    Messages:
    14
    I used all of the 3 online services and all come out with 0 detections.
    here is the TDSS killer log
    14:11:30.0610 3076 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
    14:11:30.0788 3076 ============================================================
    14:11:30.0788 3076 Current date / time: 2012/12/28 14:11:30.0787
    14:11:30.0788 3076 SystemInfo:
    14:11:30.0788 3076
    14:11:30.0788 3076 OS Version: 6.1.7601 ServicePack: 1.0
    14:11:30.0788 3076 Product type: Workstation
    14:11:30.0788 3076 ComputerName: FLORIS-PC
    14:11:30.0788 3076 UserName: Floris
    14:11:30.0788 3076 Windows directory: C:\Windows
    14:11:30.0788 3076 System windows directory: C:\Windows
    14:11:30.0788 3076 Running under WOW64
    14:11:30.0788 3076 Processor architecture: Intel x64
    14:11:30.0788 3076 Number of processors: 8
    14:11:30.0788 3076 Page size: 0x1000
    14:11:30.0788 3076 Boot type: Normal boot
    14:11:30.0788 3076 ============================================================
    14:11:31.0206 3076 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    14:11:31.0222 3076 ============================================================
    14:11:31.0222 3076 \Device\Harddisk0\DR0:
    14:11:31.0222 3076 MBR partitions:
    14:11:31.0222 3076 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
    14:11:31.0222 3076 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x2BBD4EF0
    14:11:31.0238 3076 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2E319800, BlocksNum 0x2922C000
    14:11:31.0238 3076 ============================================================
    14:11:31.0269 3076 C: <-> \Device\Harddisk0\DR0\Partition2
    14:11:31.0300 3076 E: <-> \Device\Harddisk0\DR0\Partition3
    14:11:31.0300 3076 ============================================================
    14:11:31.0300 3076 Initialize success
    14:11:31.0300 3076 ============================================================
    14:12:00.0556 5708 ============================================================
    14:12:00.0556 5708 Scan started
    14:12:00.0556 5708 Mode: Manual; SigCheck; TDLFS;
    14:12:00.0556 5708 ============================================================
    14:12:01.0788 5708 ================ Scan system memory ========================
    14:12:01.0788 5708 System memory - ok
    14:12:01.0788 5708 ================ Scan services =============================
    14:12:01.0882 5708 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    14:12:01.0960 5708 !SASCORE - ok
    14:12:02.0116 5708 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    14:12:02.0209 5708 1394ohci - ok
    14:12:02.0240 5708 [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
    14:12:02.0303 5708 Acceler - ok
    14:12:02.0350 5708 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    14:12:02.0381 5708 ACPI - ok
    14:12:02.0428 5708 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    14:12:02.0537 5708 AcpiPmi - ok
    14:12:02.0646 5708 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    14:12:02.0677 5708 AdobeARMservice - ok
    14:12:02.0802 5708 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    14:12:02.0833 5708 AdobeFlashPlayerUpdateSvc - ok
    14:12:02.0880 5708 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
    14:12:02.0942 5708 adp94xx - ok
    14:12:02.0989 5708 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
    14:12:03.0030 5708 adpahci - ok
    14:12:03.0064 5708 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
    14:12:03.0078 5708 adpu320 - ok
    14:12:03.0108 5708 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    14:12:03.0267 5708 AeLookupSvc - ok
    14:12:03.0307 5708 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    14:12:03.0322 5708 AERTFilters - ok
    14:12:03.0385 5708 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
    14:12:03.0478 5708 AFD - ok
    14:12:03.0509 5708 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
    14:12:03.0556 5708 agp440 - ok
    14:12:03.0572 5708 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
    14:12:03.0634 5708 ALG - ok
    14:12:03.0665 5708 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
    14:12:03.0697 5708 aliide - ok
    14:12:03.0712 5708 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
    14:12:03.0728 5708 amdide - ok
    14:12:03.0759 5708 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
    14:12:03.0806 5708 AmdK8 - ok
    14:12:03.0806 5708 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
    14:12:03.0837 5708 AmdPPM - ok
    14:12:03.0853 5708 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    14:12:03.0899 5708 amdsata - ok
    14:12:03.0915 5708 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
    14:12:03.0962 5708 amdsbs - ok
    14:12:03.0977 5708 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
    14:12:03.0977 5708 amdxata - ok
    14:12:04.0030 5708 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
    14:12:04.0070 5708 AMPPAL - ok
    14:12:04.0077 5708 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
    14:12:04.0089 5708 AMPPALP - ok
    14:12:04.0176 5708 [ 864C632B999BE1237A3DC46736E71F27 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    14:12:04.0215 5708 AMPPALR3 - ok
    14:12:04.0247 5708 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
    14:12:04.0391 5708 AppID - ok
    14:12:04.0422 5708 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    14:12:04.0469 5708 AppIDSvc - ok
    14:12:04.0484 5708 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
    14:12:04.0531 5708 Appinfo - ok
    14:12:04.0609 5708 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    14:12:04.0640 5708 Apple Mobile Device - ok
    14:12:04.0672 5708 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
    14:12:04.0718 5708 arc - ok
    14:12:04.0734 5708 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
    14:12:04.0750 5708 arcsas - ok
    14:12:04.0859 5708 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    14:12:04.0890 5708 aspnet_state - ok
    14:12:04.0921 5708 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    14:12:04.0999 5708 AsyncMac - ok
    14:12:05.0046 5708 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
    14:12:05.0077 5708 atapi - ok
    14:12:05.0108 5708 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    14:12:05.0202 5708 AudioEndpointBuilder - ok
    14:12:05.0218 5708 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
    14:12:05.0249 5708 AudioSrv - ok
    14:12:05.0311 5708 [ B2B3FCBA37671C853879DF7DDE8A839A ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
    14:12:05.0342 5708 AVP - ok
    14:12:05.0389 5708 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
    14:12:05.0514 5708 AxInstSV - ok
    14:12:05.0576 5708 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
    14:12:05.0654 5708 b06bdrv - ok
    14:12:05.0686 5708 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    14:12:05.0748 5708 b57nd60a - ok
    14:12:05.0795 5708 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
    14:12:05.0873 5708 BDESVC - ok
    14:12:05.0888 5708 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
    14:12:05.0951 5708 Beep - ok
    14:12:06.0013 5708 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
    14:12:06.0088 5708 BFE - ok
    14:12:06.0160 5708 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
    14:12:06.0237 5708 BITS - ok
    14:12:06.0277 5708 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    14:12:06.0293 5708 blbdrive - ok
    14:12:06.0335 5708 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    14:12:06.0382 5708 Bonjour Service - ok
    14:12:06.0429 5708 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    14:12:06.0476 5708 bowser - ok
    14:12:06.0507 5708 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
    14:12:06.0569 5708 BrFiltLo - ok
    14:12:06.0569 5708 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
    14:12:06.0585 5708 BrFiltUp - ok
    14:12:06.0647 5708 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
    14:12:06.0678 5708 Browser - ok
    14:12:06.0710 5708 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    14:12:06.0772 5708 Brserid - ok
    14:12:06.0788 5708 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    14:12:06.0834 5708 BrSerWdm - ok
    14:12:06.0866 5708 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    14:12:06.0928 5708 BrUsbMdm - ok
    14:12:06.0944 5708 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    14:12:06.0959 5708 BrUsbSer - ok
    14:12:06.0990 5708 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
    14:12:07.0041 5708 BTHMODEM - ok
    14:12:07.0095 5708 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
    14:12:07.0151 5708 bthserv - ok
    14:12:07.0215 5708 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    14:12:07.0245 5708 BTHSSecurityMgr - ok
    14:12:07.0291 5708 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    14:12:07.0357 5708 cdfs - ok
    14:12:07.0404 5708 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
    14:12:07.0451 5708 cdrom - ok
    14:12:07.0482 5708 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
    14:12:07.0591 5708 CertPropSvc - ok
    14:12:07.0591 5708 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
    14:12:07.0622 5708 circlass - ok
    14:12:07.0638 5708 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
    14:12:07.0653 5708 CLFS - ok
    14:12:07.0716 5708 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    14:12:07.0747 5708 clr_optimization_v2.0.50727_32 - ok
    14:12:07.0794 5708 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    14:12:07.0825 5708 clr_optimization_v2.0.50727_64 - ok
    14:12:07.0903 5708 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    14:12:07.0934 5708 clr_optimization_v4.0.30319_32 - ok
    14:12:07.0950 5708 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    14:12:07.0965 5708 clr_optimization_v4.0.30319_64 - ok
    14:12:08.0028 5708 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    14:12:08.0069 5708 CmBatt - ok
    14:12:08.0083 5708 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
    14:12:08.0096 5708 cmdide - ok
    14:12:08.0140 5708 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
    14:12:08.0187 5708 CNG - ok
    14:12:08.0225 5708 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    14:12:08.0237 5708 Compbatt - ok
    14:12:08.0275 5708 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
    14:12:08.0311 5708 CompositeBus - ok
    14:12:08.0313 5708 COMSysApp - ok
    14:12:08.0454 5708 [ 78AF1C499BF02F9814DF959A04A4F9C9 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
    14:12:08.0485 5708 cphs - ok
    14:12:08.0501 5708 cpuz135 - ok
    14:12:08.0516 5708 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
    14:12:08.0547 5708 crcdisk - ok
    14:12:08.0610 5708 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
    14:12:08.0657 5708 CryptSvc - ok
    14:12:08.0719 5708 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
    14:12:08.0781 5708 CtClsFlt - ok
    14:12:08.0891 5708 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    14:12:08.0937 5708 cvhsvc - ok
    14:12:08.0969 5708 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
    14:12:09.0015 5708 DcomLaunch - ok
    14:12:09.0080 5708 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
    14:12:09.0160 5708 defragsvc - ok
    14:12:09.0173 5708 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    14:12:09.0220 5708 DfsC - ok
    14:12:09.0264 5708 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
    14:12:09.0299 5708 Dhcp - ok
    14:12:09.0348 5708 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
    14:12:09.0379 5708 discache - ok
    14:12:09.0410 5708 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
    14:12:09.0426 5708 Disk - ok
    14:12:09.0457 5708 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    14:12:09.0519 5708 Dnscache - ok
    14:12:09.0535 5708 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
    14:12:09.0566 5708 dot3svc - ok
    14:12:09.0582 5708 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
    14:12:09.0613 5708 DPS - ok
    14:12:09.0660 5708 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    14:12:09.0722 5708 drmkaud - ok
    14:12:09.0800 5708 [ D3D64CF7B2BCEAA34A270F45A3FFFB36 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
    14:12:09.0831 5708 dtsoftbus01 - ok
    14:12:09.0863 5708 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    14:12:09.0894 5708 DXGKrnl - ok
    14:12:09.0925 5708 EagleX64 - ok
    14:12:09.0956 5708 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
    14:12:10.0003 5708 EapHost - ok
    14:12:10.0106 5708 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
    14:12:10.0200 5708 ebdrv - ok
    14:12:10.0239 5708 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
    14:12:10.0280 5708 EFS - ok
    14:12:10.0340 5708 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    14:12:10.0399 5708 ehRecvr - ok
    14:12:10.0414 5708 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
    14:12:10.0446 5708 ehSched - ok
    14:12:10.0477 5708 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
    14:12:10.0492 5708 elxstor - ok
    14:12:10.0617 5708 [ B5581646636759D0DAFA8B008881C079 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
    14:12:10.0633 5708 EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - warning
    14:12:10.0633 5708 EPSON_EB_RPCV4_01 - detected UnsignedFile.Multi.Generic (1)
    14:12:10.0680 5708 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
    14:12:10.0711 5708 EPSON_PM_RPCV4_01 - ok
    14:12:10.0726 5708 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
    14:12:10.0758 5708 ErrDev - ok
    14:12:10.0820 5708 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
    14:12:10.0882 5708 EventSystem - ok
    14:12:11.0007 5708 [ E3A96D5AE6E5C7B5472011BA77353368 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    14:12:11.0085 5708 EvtEng - ok
    14:12:11.0142 5708 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
    14:12:11.0179 5708 exfat - ok
    14:12:11.0197 5708 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
    14:12:11.0257 5708 fastfat - ok
    14:12:11.0310 5708 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
    14:12:11.0364 5708 Fax - ok
    14:12:11.0377 5708 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
    14:12:11.0396 5708 fdc - ok
    14:12:11.0423 5708 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
    14:12:11.0485 5708 fdPHost - ok
    14:12:11.0485 5708 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
    14:12:11.0516 5708 FDResPub - ok
    14:12:11.0563 5708 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    14:12:11.0563 5708 FileInfo - ok
    14:12:11.0579 5708 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    14:12:11.0610 5708 Filetrace - ok
    14:12:11.0625 5708 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
    14:12:11.0641 5708 flpydisk - ok
    14:12:11.0657 5708 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    14:12:11.0672 5708 FltMgr - ok
    14:12:11.0703 5708 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
    14:12:11.0750 5708 FontCache - ok
    14:12:11.0781 5708 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    14:12:11.0813 5708 FontCache3.0.0.0 - ok
    14:12:11.0813 5708 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    14:12:11.0828 5708 FsDepends - ok
    14:12:11.0875 5708 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    14:12:11.0906 5708 Fs_Rec - ok
    14:12:12.0000 5708 [ C5A4A998EEA6297A235169CCD1F2D93F ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
    14:12:12.0047 5708 Futuremark SystemInfo Service - ok
    14:12:12.0093 5708 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    14:12:12.0109 5708 fvevol - ok
    14:12:12.0125 5708 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
    14:12:12.0151 5708 gagp30kx - ok
    14:12:12.0221 5708 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    14:12:12.0230 5708 GEARAspiWDM - ok
    14:12:12.0261 5708 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
    14:12:12.0303 5708 gpsvc - ok
    14:12:12.0381 5708 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
    14:12:12.0410 5708 hamachi - ok
    14:12:12.0411 5708 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    14:12:12.0458 5708 hcw85cir - ok
    14:12:12.0505 5708 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
    14:12:12.0536 5708 HDAudBus - ok
    14:12:12.0552 5708 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
    14:12:12.0567 5708 HidBatt - ok
    14:12:12.0583 5708 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
    14:12:12.0614 5708 HidBth - ok
    14:12:12.0645 5708 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
    14:12:12.0692 5708 HidIr - ok
    14:12:12.0708 5708 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
    14:12:12.0739 5708 hidserv - ok
    14:12:12.0786 5708 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    14:12:12.0832 5708 HidUsb - ok
    14:12:12.0832 5708 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
    14:12:12.0864 5708 hkmsvc - ok
    14:12:12.0910 5708 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    14:12:12.0942 5708 HomeGroupListener - ok
    14:12:12.0973 5708 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    14:12:13.0004 5708 HomeGroupProvider - ok
    14:12:13.0020 5708 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    14:12:13.0035 5708 HpSAMD - ok
    14:12:13.0051 5708 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    14:12:13.0113 5708 HTTP - ok
    14:12:13.0129 5708 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    14:12:13.0144 5708 hwpolicy - ok
    14:12:13.0205 5708 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
    14:12:13.0235 5708 i8042prt - ok
    14:12:13.0291 5708 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
    14:12:13.0317 5708 iaStor - ok
    14:12:13.0361 5708 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    14:12:13.0400 5708 iaStorV - ok
    14:12:13.0463 5708 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    14:12:13.0557 5708 idsvc - ok
    14:12:13.0760 5708 [ A1CF07D24EDCDC6870535471654D957C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
    14:12:13.0962 5708 igfx - ok
    14:12:13.0962 5708 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
    14:12:13.0978 5708 iirsp - ok
    14:12:14.0009 5708 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
    14:12:14.0056 5708 IKEEXT - ok
    14:12:14.0087 5708 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
    14:12:14.0150 5708 Impcd - ok
    14:12:14.0241 5708 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
    14:12:14.0340 5708 IntcAzAudAddService - ok
    14:12:14.0386 5708 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
    14:12:14.0424 5708 IntcDAud - ok
    14:12:14.0434 5708 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
    14:12:14.0450 5708 intelide - ok
    14:12:14.0465 5708 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    14:12:14.0481 5708 intelppm - ok
    14:12:14.0512 5708 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    14:12:14.0590 5708 IPBusEnum - ok
    14:12:14.0621 5708 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    14:12:14.0668 5708 IpFilterDriver - ok
    14:12:14.0746 5708 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    14:12:14.0793 5708 iphlpsvc - ok
    14:12:14.0809 5708 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    14:12:14.0824 5708 IPMIDRV - ok
    14:12:14.0840 5708 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    14:12:14.0887 5708 IPNAT - ok
    14:12:14.0965 5708 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    14:12:15.0027 5708 iPod Service - ok
    14:12:15.0074 5708 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
    14:12:15.0121 5708 IRENUM - ok
    14:12:15.0136 5708 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    14:12:15.0152 5708 isapnp - ok
    14:12:15.0152 5708 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    14:12:15.0167 5708 iScsiPrt - ok
    14:12:15.0214 5708 [ E56417C56B6A7316B6F527C890A1860D ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
    14:12:15.0230 5708 JMCR - ok
    14:12:15.0245 5708 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    14:12:15.0261 5708 kbdclass - ok
    14:12:15.0308 5708 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
    14:12:15.0323 5708 kbdhid - ok
    14:12:15.0370 5708 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
    14:12:15.0370 5708 KeyIso - ok
    14:12:15.0433 5708 [ 8D7120743A0973CEAB548B475C9D4289 ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
    14:12:15.0448 5708 KL1 - ok
    14:12:15.0479 5708 [ CD146D8E525D6EEBDCAF24120A8AB9CE ] kl2 C:\Windows\system32\DRIVERS\kl2.sys
    14:12:15.0511 5708 kl2 - ok
    14:12:15.0573 5708 [ C1786C2F8DE0F62E076F7EF8DEA4E87A ] KLIF C:\Windows\system32\DRIVERS\klif.sys
    14:12:15.0620 5708 KLIF - ok
    14:12:15.0667 5708 [ 2A64B3A9EED93A2E96537B67C079FC96 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
    14:12:15.0667 5708 KLIM6 - ok
    14:12:15.0682 5708 [ 9468D07E91BA136D82415F5DFC1FE168 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
    14:12:15.0698 5708 klmouflt - ok
    14:12:15.0729 5708 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    14:12:15.0776 5708 KSecDD - ok
    14:12:15.0807 5708 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    14:12:15.0854 5708 KSecPkg - ok
    14:12:15.0869 5708 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    14:12:15.0901 5708 ksthunk - ok
    14:12:15.0932 5708 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
    14:12:15.0994 5708 KtmRm - ok
    14:12:16.0025 5708 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
    14:12:16.0088 5708 LanmanServer - ok
    14:12:16.0103 5708 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    14:12:16.0135 5708 LanmanWorkstation - ok
    14:12:16.0193 5708 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    14:12:16.0265 5708 lltdio - ok
    14:12:16.0288 5708 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
    14:12:16.0324 5708 lltdsvc - ok
    14:12:16.0361 5708 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
    14:12:16.0414 5708 lmhosts - ok
    14:12:16.0475 5708 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    14:12:16.0506 5708 LMS - ok
    14:12:16.0553 5708 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
    14:12:16.0584 5708 LSI_FC - ok
    14:12:16.0584 5708 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
    14:12:16.0615 5708 LSI_SAS - ok
    14:12:16.0615 5708 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
    14:12:16.0647 5708 LSI_SAS2 - ok
    14:12:16.0647 5708 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
    14:12:16.0662 5708 LSI_SCSI - ok
    14:12:16.0693 5708 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
    14:12:16.0771 5708 luafv - ok
    14:12:16.0818 5708 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    14:12:16.0849 5708 Mcx2Svc - ok
    14:12:16.0865 5708 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
    14:12:16.0881 5708 megasas - ok
    14:12:16.0896 5708 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
    14:12:16.0912 5708 MegaSR - ok
    14:12:16.0927 5708 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
    14:12:16.0927 5708 MEIx64 - ok
    14:12:17.0037 5708 Microsoft SharePoint Workspace Audit Service - ok
    14:12:17.0083 5708 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
    14:12:17.0161 5708 MMCSS - ok
    14:12:17.0193 5708 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
    14:12:17.0239 5708 Modem - ok
    14:12:17.0274 5708 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    14:12:17.0308 5708 monitor - ok
    14:12:17.0345 5708 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    14:12:17.0356 5708 mouclass - ok
    14:12:17.0397 5708 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    14:12:17.0434 5708 mouhid - ok
    14:12:17.0460 5708 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    14:12:17.0477 5708 mountmgr - ok
    14:12:17.0559 5708 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    14:12:17.0590 5708 MozillaMaintenance - ok
    14:12:17.0622 5708 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
    14:12:17.0637 5708 mpio - ok
    14:12:17.0653 5708 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    14:12:17.0684 5708 mpsdrv - ok
    14:12:17.0700 5708 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
    14:12:17.0746 5708 MpsSvc - ok
    14:12:17.0762 5708 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    14:12:17.0793 5708 MRxDAV - ok
    14:12:17.0793 5708 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    14:12:17.0856 5708 mrxsmb - ok
    14:12:17.0871 5708 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    14:12:17.0887 5708 mrxsmb10 - ok
    14:12:17.0902 5708 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    14:12:17.0918 5708 mrxsmb20 - ok
    14:12:17.0934 5708 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
    14:12:17.0949 5708 msahci - ok
    14:12:17.0965 5708 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    14:12:17.0980 5708 msdsm - ok
    14:12:17.0980 5708 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
    14:12:18.0012 5708 MSDTC - ok
    14:12:18.0012 5708 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    14:12:18.0043 5708 Msfs - ok
    14:12:18.0090 5708 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    14:12:18.0183 5708 mshidkmdf - ok
    14:12:18.0199 5708 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    14:12:18.0199 5708 msisadrv - ok
    14:12:18.0236 5708 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    14:12:18.0271 5708 MSiSCSI - ok
    14:12:18.0273 5708 msiserver - ok
    14:12:18.0307 5708 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    14:12:18.0347 5708 MSKSSRV - ok
    14:12:18.0385 5708 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    14:12:18.0451 5708 MSPCLOCK - ok
    14:12:18.0482 5708 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    14:12:18.0516 5708 MSPQM - ok
    14:12:18.0516 5708 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    14:12:18.0547 5708 MsRPC - ok
    14:12:18.0547 5708 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
    14:12:18.0562 5708 mssmbios - ok
    14:12:18.0578 5708 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    14:12:18.0609 5708 MSTEE - ok
    14:12:18.0625 5708 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
    14:12:18.0640 5708 MTConfig - ok
    14:12:18.0656 5708 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
    14:12:18.0656 5708 Mup - ok
    14:12:18.0734 5708 [ 8F57DB74BF5407A4CDA6C8B005DC8DD0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    14:12:18.0781 5708 MyWiFiDHCPDNS - ok
    14:12:18.0796 5708 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
    14:12:18.0859 5708 napagent - ok
    14:12:18.0906 5708 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    14:12:18.0952 5708 NativeWifiP - ok
    14:12:19.0046 5708 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
    14:12:19.0077 5708 NAUpdate - ok
    14:12:19.0140 5708 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
    14:12:19.0186 5708 NDIS - ok
    14:12:19.0218 5708 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    14:12:19.0249 5708 NdisCap - ok
    14:12:19.0284 5708 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    14:12:19.0331 5708 NdisTapi - ok
    14:12:19.0374 5708 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    14:12:19.0420 5708 Ndisuio - ok
    14:12:19.0428 5708 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    14:12:19.0471 5708 NdisWan - ok
    14:12:19.0503 5708 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    14:12:19.0535 5708 NDProxy - ok
    14:12:19.0581 5708 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    14:12:19.0659 5708 NetBIOS - ok
    14:12:19.0675 5708 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    14:12:19.0706 5708 NetBT - ok
    14:12:19.0737 5708 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
    14:12:19.0769 5708 Netlogon - ok
    14:12:19.0815 5708 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
    14:12:19.0878 5708 Netman - ok
    14:12:19.0925 5708 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    14:12:19.0971 5708 NetMsmqActivator - ok
    14:12:19.0971 5708 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    14:12:19.0971 5708 NetPipeActivator - ok
    14:12:20.0003 5708 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
    14:12:20.0049 5708 netprofm - ok
    14:12:20.0049 5708 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    14:12:20.0049 5708 NetTcpActivator - ok
    14:12:20.0065 5708 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    14:12:20.0065 5708 NetTcpPortSharing - ok
    14:12:20.0350 5708 [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
    14:12:20.0634 5708 NETwNs64 - ok
    14:12:20.0650 5708 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
    14:12:20.0666 5708 nfrd960 - ok
    14:12:20.0712 5708 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
    14:12:20.0759 5708 NlaSvc - ok
    14:12:20.0900 5708 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
    14:12:20.0978 5708 NOBU - ok
    14:12:20.0993 5708 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
    14:12:21.0024 5708 Npfs - ok
    14:12:21.0040 5708 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
    14:12:21.0071 5708 nsi - ok
    14:12:21.0071 5708 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    14:12:21.0118 5708 nsiproxy - ok
    14:12:21.0212 5708 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    14:12:21.0258 5708 Ntfs - ok
    14:12:21.0274 5708 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
    14:12:21.0305 5708 Null - ok
    14:12:21.0352 5708 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
    14:12:21.0368 5708 nusb3hub - ok
    14:12:21.0414 5708 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
    14:12:21.0430 5708 nusb3xhc - ok
    14:12:21.0508 5708 [ 10204955027011E08A9DC27737A48A54 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
    14:12:21.0539 5708 NVHDA - ok
    14:12:21.0586 5708 [ 2EE34AD1A2133B547DEC17CB14DAC4C2 ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
    14:12:21.0633 5708 nvkflt - ok
    14:12:21.0914 5708 [ FE2909F7DFB12B9A20AD207FE23B7E96 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
    14:12:22.0315 5708 nvlddmkm - ok
    14:12:22.0358 5708 [ 54C7D4E3A31888FA4BE822F506FE905B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
    14:12:22.0369 5708 nvpciflt - ok
    14:12:22.0409 5708 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
    14:12:22.0436 5708 nvraid - ok
    14:12:22.0477 5708 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
    14:12:22.0498 5708 nvstor - ok
    14:12:22.0507 5708 [ 9E01B716C8085F7ADB1CDC10103CEEF8 ] NvStUSB C:\Windows\system32\drivers\nvstusb.sys
    14:12:22.0518 5708 NvStUSB - ok
    14:12:22.0564 5708 [ 3341D2C91989BC87C3C0BAA97C27253B ] NVSvc C:\Windows\system32\nvvsvc.exe
    14:12:22.0611 5708 NVSvc - ok
    14:12:22.0704 5708 [ 551CE34DAD2DFF0A480781E68B286E4D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    14:12:22.0751 5708 nvUpdatusService - ok
    14:12:22.0782 5708 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    14:12:22.0814 5708 nv_agp - ok
    14:12:22.0814 5708 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    14:12:22.0829 5708 ohci1394 - ok
    14:12:22.0876 5708 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    14:12:22.0892 5708 ose - ok
    14:12:23.0032 5708 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    14:12:23.0172 5708 osppsvc - ok
    14:12:23.0219 5708 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    14:12:23.0299 5708 p2pimsvc - ok
    14:12:23.0316 5708 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
    14:12:23.0335 5708 p2psvc - ok
    14:12:23.0346 5708 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
    14:12:23.0366 5708 Parport - ok
    14:12:23.0417 5708 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
    14:12:23.0450 5708 partmgr - ok
    14:12:23.0460 5708 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
    14:12:23.0483 5708 PcaSvc - ok
    14:12:23.0566 5708 [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{1E208CE0-FB7451FF-06020200}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
    14:12:23.0629 5708 PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - ok
    14:12:23.0644 5708 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
    14:12:23.0660 5708 pci - ok
    14:12:23.0675 5708 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
    14:12:23.0675 5708 pciide - ok
    14:12:23.0691 5708 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
    14:12:23.0707 5708 pcmcia - ok
    14:12:23.0722 5708 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
    14:12:23.0738 5708 pcw - ok
    14:12:23.0753 5708 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    14:12:23.0800 5708 PEAUTH - ok
    14:12:23.0909 5708 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
    14:12:23.0972 5708 PerfHost - ok
    14:12:24.0003 5708 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
    14:12:24.0065 5708 pla - ok
    14:12:24.0112 5708 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    14:12:24.0190 5708 PlugPlay - ok
    14:12:24.0253 5708 PnkBstrA - ok
    14:12:24.0287 5708 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    14:12:24.0309 5708 PNRPAutoReg - ok
    14:12:24.0326 5708 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    14:12:24.0341 5708 PNRPsvc - ok
    14:12:24.0394 5708 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    14:12:24.0453 5708 PolicyAgent - ok
    14:12:24.0471 5708 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
    14:12:24.0511 5708 Power - ok
    14:12:24.0554 5708 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    14:12:24.0617 5708 PptpMiniport - ok
    14:12:24.0617 5708 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
    14:12:24.0632 5708 Processor - ok
    14:12:24.0679 5708 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
    14:12:24.0742 5708 ProfSvc - ok
    14:12:24.0742 5708 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    14:12:24.0757 5708 ProtectedStorage - ok
    14:12:24.0804 5708 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    14:12:24.0866 5708 Psched - ok
    14:12:24.0929 5708 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
    14:12:24.0960 5708 PxHlpa64 - ok
    14:12:25.0007 5708 [ 0928BD20273625622722FE1DE5BBDE57 ] qicflt C:\Windows\system32\DRIVERS\qicflt.sys
    14:12:25.0038 5708 qicflt - ok
    14:12:25.0147 5708 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
    14:12:25.0210 5708 ql2300 - ok
    14:12:25.0225 5708 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
    14:12:25.0241 5708 ql40xx - ok
    14:12:25.0272 5708 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
    14:12:25.0288 5708 QWAVE - ok
    14:12:25.0288 5708 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    14:12:25.0303 5708 QWAVEdrv - ok
    14:12:25.0319 5708 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    14:12:25.0350 5708 RasAcd - ok
    14:12:25.0397 5708 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    14:12:25.0444 5708 RasAgileVpn - ok
    14:12:25.0490 5708 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
    14:12:25.0553 5708 RasAuto - ok
    14:12:25.0568 5708 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    14:12:25.0615 5708 Rasl2tp - ok
    14:12:25.0662 5708 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
    14:12:25.0771 5708 RasMan - ok
    14:12:25.0771 5708 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    14:12:25.0802 5708 RasPppoe - ok
    14:12:25.0849 5708 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    14:12:25.0896 5708 RasSstp - ok
    14:12:25.0912 5708 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    14:12:25.0943 5708 rdbss - ok
    14:12:25.0974 5708 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
    14:12:26.0005 5708 rdpbus - ok
    14:12:26.0021 5708 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    14:12:26.0052 5708 RDPCDD - ok
    14:12:26.0068 5708 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    14:12:26.0130 5708 RDPENCDD - ok
    14:12:26.0161 5708 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    14:12:26.0192 5708 RDPREFMP - ok
    14:12:26.0270 5708 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
    14:12:26.0323 5708 RdpVideoMiniport - ok
    14:12:26.0371 5708 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    14:12:26.0397 5708 RDPWD - ok
    14:12:26.0435 5708 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    14:12:26.0450 5708 rdyboost - ok
    14:12:26.0526 5708 [ FD11C1287D38A46FB72353E14D50089C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    14:12:26.0554 5708 RegSrvc - ok
    14:12:26.0563 5708 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
    14:12:26.0610 5708 RemoteAccess - ok
    14:12:26.0610 5708 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    14:12:26.0641 5708 RemoteRegistry - ok
    14:12:26.0735 5708 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
    14:12:26.0766 5708 RoxMediaDB12OEM - ok
    14:12:26.0813 5708 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
    14:12:26.0844 5708 RoxWatch12 - ok
    14:12:26.0859 5708 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    14:12:26.0891 5708 RpcEptMapper - ok
    14:12:26.0922 5708 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
    14:12:26.0922 5708 RpcLocator - ok
    14:12:26.0953 5708 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
    14:12:26.0984 5708 RpcSs - ok
    14:12:27.0000 5708 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    14:12:27.0062 5708 rspndr - ok
    14:12:27.0125 5708 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
    14:12:27.0171 5708 RTL8167 - ok
    14:12:27.0187 5708 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
    14:12:27.0187 5708 SamSs - ok
    14:12:27.0265 5708 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
    14:12:27.0281 5708 SASDIFSV - ok
    14:12:27.0320 5708 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
    14:12:27.0329 5708 SASKUTIL - ok
    14:12:27.0345 5708 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    14:12:27.0359 5708 sbp2port - ok
    14:12:27.0394 5708 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
    14:12:27.0428 5708 SCardSvr - ok
    14:12:27.0450 5708 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    14:12:27.0482 5708 scfilter - ok
    14:12:27.0542 5708 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
    14:12:27.0597 5708 Schedule - ok
    14:12:27.0629 5708 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
    14:12:27.0644 5708 SCPolicySvc - ok
    14:12:27.0722 5708 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
    14:12:27.0769 5708 sdbus - ok
    14:12:27.0785 5708 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    14:12:27.0816 5708 SDRSVC - ok
    14:12:27.0863 5708 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    14:12:27.0925 5708 secdrv - ok
    14:12:27.0941 5708 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
    14:12:27.0972 5708 seclogon - ok
    14:12:28.0003 5708 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
    14:12:28.0065 5708 SENS - ok
    14:12:28.0065 5708 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
    14:12:28.0081 5708 SensrSvc - ok
    14:12:28.0128 5708 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
    14:12:28.0159 5708 Serenum - ok
    14:12:28.0159 5708 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
    14:12:28.0175 5708 Serial - ok
    14:12:28.0221 5708 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
    14:12:28.0284 5708 sermouse - ok
    14:12:28.0299 5708 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
    14:12:28.0340 5708 SessionEnv - ok
    14:12:28.0347 5708 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
    14:12:28.0366 5708 sffdisk - ok
    14:12:28.0374 5708 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    14:12:28.0390 5708 sffp_mmc - ok
    14:12:28.0401 5708 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
    14:12:28.0416 5708 sffp_sd - ok
    14:12:28.0430 5708 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
    14:12:28.0443 5708 sfloppy - ok
    14:12:28.0518 5708 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
    14:12:28.0559 5708 Sftfs - ok
    14:12:28.0603 5708 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    14:12:28.0634 5708 sftlist - ok
    14:12:28.0649 5708 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
    14:12:28.0665 5708 Sftplay - ok
    14:12:28.0696 5708 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
    14:12:28.0743 5708 Sftredir - ok
    14:12:28.0837 5708 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    14:12:28.0883 5708 SftService - ok
    14:12:28.0883 5708 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
    14:12:28.0899 5708 Sftvol - ok
    14:12:28.0915 5708 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    14:12:28.0915 5708 sftvsa - ok
    14:12:28.0930 5708 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
    14:12:28.0977 5708 SharedAccess - ok
    14:12:28.0993 5708 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    14:12:29.0071 5708 ShellHWDetection - ok
    14:12:29.0086 5708 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
    14:12:29.0102 5708 SiSRaid2 - ok
    14:12:29.0117 5708 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
    14:12:29.0133 5708 SiSRaid4 - ok
    14:12:29.0180 5708 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    14:12:29.0211 5708 SkypeUpdate - ok
    14:12:29.0258 5708 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    14:12:29.0332 5708 Smb - ok
    14:12:29.0369 5708 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    14:12:29.0388 5708 SNMPTRAP - ok
    14:12:29.0397 5708 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
    14:12:29.0408 5708 spldr - ok
    14:12:29.0472 5708 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
    14:12:29.0503 5708 Spooler - ok
    14:12:29.0568 5708 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
    14:12:29.0637 5708 sppsvc - ok
    14:12:29.0653 5708 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    14:12:29.0684 5708 sppuinotify - ok
    14:12:29.0746 5708 [ A6CFF1AF7664627A296B6A0A96CF876E ] sptd C:\Windows\System32\Drivers\sptd.sys
    14:12:29.0746 5708 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: A6CFF1AF7664627A296B6A0A96CF876E
    14:12:29.0762 5708 sptd ( LockedFile.Multi.Generic ) - warning
    14:12:29.0762 5708 sptd - detected LockedFile.Multi.Generic (1)
    14:12:29.0777 5708 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
    14:12:29.0855 5708 srv - ok
    14:12:29.0871 5708 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    14:12:29.0887 5708 srv2 - ok
    14:12:29.0902 5708 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    14:12:29.0918 5708 srvnet - ok
    14:12:29.0949 5708 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    14:12:30.0011 5708 SSDPSRV - ok
    14:12:30.0011 5708 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
    14:12:30.0043 5708 SstpSvc - ok
    14:12:30.0074 5708 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
    14:12:30.0089 5708 stdcfltn - ok
    14:12:30.0152 5708 Steam Client Service - ok
    14:12:30.0261 5708 [ 0632004181860960CF6E10DE8DDEF78B ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    14:12:30.0277 5708 Stereo Service - ok
    14:12:30.0292 5708 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
    14:12:30.0323 5708 stexstor - ok
    14:12:30.0355 5708 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
    14:12:30.0386 5708 stisvc - ok
    14:12:30.0433 5708 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    14:12:30.0464 5708 stllssvr - ok
    14:12:30.0511 5708 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
    14:12:30.0542 5708 swenum - ok
    14:12:30.0557 5708 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
    14:12:30.0589 5708 swprv - ok
    14:12:30.0667 5708 [ B0C7D4DCF4800DF2F2145B500D0161E8 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
    14:12:30.0729 5708 SynTP - ok
    14:12:30.0760 5708 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
    14:12:30.0823 5708 SysMain - ok
    14:12:30.0823 5708 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    14:12:30.0838 5708 TabletInputService - ok
    14:12:30.0854 5708 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
    14:12:30.0901 5708 TapiSrv - ok
    14:12:30.0916 5708 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
    14:12:30.0932 5708 TBS - ok
    14:12:31.0010 5708 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    14:12:31.0088 5708 Tcpip - ok
    14:12:31.0150 5708 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    14:12:31.0181 5708 TCPIP6 - ok
    14:12:31.0228 5708 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    14:12:31.0259 5708 tcpipreg - ok
    14:12:31.0291 5708 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    14:12:31.0328 5708 TDPIPE - ok
    14:12:31.0374 5708 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    14:12:31.0409 5708 TDTCP - ok
    14:12:31.0441 5708 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    14:12:31.0491 5708 tdx - ok
    14:12:31.0497 5708 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
    14:12:31.0509 5708 TermDD - ok
    14:12:31.0529 5708 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
    14:12:31.0566 5708 TermService - ok
    14:12:31.0576 5708 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
    14:12:31.0582 5708 Themes - ok
    14:12:31.0597 5708 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
    14:12:31.0629 5708 THREADORDER - ok
    14:12:31.0644 5708 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
    14:12:31.0675 5708 TrkWks - ok
    14:12:31.0707 5708 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    14:12:31.0738 5708 TrustedInstaller - ok
    14:12:31.0753 5708 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    14:12:31.0785 5708 tssecsrv - ok
    14:12:31.0847 5708 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    14:12:31.0894 5708 TsUsbFlt - ok
    14:12:31.0925 5708 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
    14:12:31.0972 5708 TsUsbGD - ok
    14:12:32.0019 5708 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    14:12:32.0081 5708 tunnel - ok
    14:12:32.0128 5708 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
    14:12:32.0159 5708 TurboB - ok
    14:12:32.0221 5708 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    14:12:32.0253 5708 TurboBoost - ok
    14:12:32.0268 5708 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
    14:12:32.0284 5708 uagp35 - ok
    14:12:32.0284 5708 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    14:12:32.0354 5708 udfs - ok
    14:12:32.0363 5708 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    14:12:32.0377 5708 UI0Detect - ok
    14:12:32.0416 5708 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    14:12:32.0449 5708 uliagpkx - ok
    14:12:32.0464 5708 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
    14:12:32.0507 5708 umbus - ok
    14:12:32.0544 5708 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
    14:12:32.0575 5708 UmPass - ok
    14:12:32.0745 5708 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    14:12:32.0792 5708 UNS - ok
    14:12:32.0823 5708 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
    14:12:32.0854 5708 upnphost - ok
    14:12:32.0901 5708 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
    14:12:32.0932 5708 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
    14:12:32.0932 5708 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
    14:12:32.0948 5708 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    14:12:32.0995 5708 usbccgp - ok
    14:12:33.0010 5708 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
    14:12:33.0041 5708 usbcir - ok
    14:12:33.0057 5708 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
    14:12:33.0073 5708 usbehci - ok
    14:12:33.0135 5708 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    14:12:33.0213 5708 usbhub - ok
    14:12:33.0244 5708 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
    14:12:33.0260 5708 usbohci - ok
    14:12:33.0307 5708 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    14:12:33.0338 5708 usbprint - ok
    14:12:33.0402 5708 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
    14:12:33.0417 5708 usbscan - ok
    14:12:33.0452 5708 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    14:12:33.0484 5708 USBSTOR - ok
    14:12:33.0498 5708 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    14:12:33.0517 5708 usbuhci - ok
    14:12:33.0566 5708 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
    14:12:33.0598 5708 usbvideo - ok
    14:12:33.0621 5708 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
    14:12:33.0653 5708 UxSms - ok
    14:12:33.0699 5708 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
    14:12:33.0715 5708 VaultSvc - ok
    14:12:33.0746 5708 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    14:12:33.0793 5708 vdrvroot - ok
    14:12:33.0809 5708 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
    14:12:33.0855 5708 vds - ok
    14:12:33.0871 5708 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    14:12:33.0887 5708 vga - ok
    14:12:33.0902 5708 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
    14:12:33.0949 5708 VgaSave - ok
    14:12:33.0965 5708 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    14:12:33.0965 5708 vhdmp - ok
    14:12:33.0980 5708 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
    14:12:33.0996 5708 viaide - ok
    14:12:33.0996 5708 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    14:12:34.0011 5708 volmgr - ok
    14:12:34.0027 5708 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    14:12:34.0043 5708 volmgrx - ok
    14:12:34.0058 5708 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
    14:12:34.0074 5708 volsnap - ok
    14:12:34.0089 5708 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
    14:12:34.0105 5708 vsmraid - ok
    14:12:34.0152 5708 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
    14:12:34.0230 5708 VSS - ok
    14:12:34.0230 5708 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    14:12:34.0261 5708 vwifibus - ok
    14:12:34.0308 5708 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    14:12:34.0323 5708 vwififlt - ok
    14:12:34.0382 5708 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
    14:12:34.0408 5708 vwifimp - ok
    14:12:34.0456 5708 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
    14:12:34.0511 5708 W32Time - ok
    14:12:34.0523 5708 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
    14:12:34.0542 5708 WacomPen - ok
    14:12:34.0575 5708 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    14:12:34.0627 5708 WANARP - ok
    14:12:34.0627 5708 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    14:12:34.0642 5708 Wanarpv6 - ok
    14:12:34.0736 5708 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    14:12:34.0798 5708 WatAdminSvc - ok
    14:12:34.0845 5708 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
    14:12:34.0970 5708 wbengine - ok
    14:12:34.0986 5708 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    14:12:35.0017 5708 WbioSrvc - ok
    14:12:35.0032 5708 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
    14:12:35.0048 5708 wcncsvc - ok
    14:12:35.0064 5708 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    14:12:35.0079 5708 WcsPlugInService - ok
    14:12:35.0095 5708 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
    14:12:35.0095 5708 Wd - ok
    14:12:35.0126 5708 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    14:12:35.0157 5708 Wdf01000 - ok
    14:12:35.0188 5708 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
    14:12:35.0313 5708 WdiServiceHost - ok
    14:12:35.0313 5708 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
    14:12:35.0329 5708 WdiSystemHost - ok
    14:12:35.0344 5708 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
    14:12:35.0373 5708 WebClient - ok
    14:12:35.0390 5708 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
    14:12:35.0426 5708 Wecsvc - ok
    14:12:35.0434 5708 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    14:12:35.0465 5708 wercplsupport - ok
    14:12:35.0502 5708 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
    14:12:35.0533 5708 WerSvc - ok
    14:12:35.0542 5708 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    14:12:35.0572 5708 WfpLwf - ok
    14:12:35.0633 5708 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
    14:12:35.0664 5708 WimFltr - ok
    14:12:35.0664 5708 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    14:12:35.0680 5708 WIMMount - ok
    14:12:35.0680 5708 WinDefend - ok
    14:12:35.0789 5708 WINFLASH64 - ok
    14:12:35.0805 5708 WinHttpAutoProxySvc - ok
    14:12:35.0851 5708 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    14:12:35.0914 5708 Winmgmt - ok
    14:12:35.0992 5708 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
    14:12:36.0101 5708 WinRM - ok
    14:12:36.0163 5708 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
    14:12:36.0210 5708 WinUsb - ok
    14:12:36.0226 5708 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
    14:12:36.0288 5708 Wlansvc - ok
    14:12:36.0304 5708 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    14:12:36.0319 5708 wlcrasvc - ok
    14:12:36.0471 5708 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    14:12:36.0582 5708 wlidsvc - ok
    14:12:36.0624 5708 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
    14:12:36.0653 5708 WmiAcpi - ok
    14:12:36.0684 5708 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    14:12:36.0715 5708 wmiApSrv - ok
    14:12:36.0762 5708 WMPNetworkSvc - ok
    14:12:36.0778 5708 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
    14:12:36.0824 5708 WPCSvc - ok
    14:12:36.0840 5708 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    14:12:36.0856 5708 WPDBusEnum - ok
    14:12:36.0871 5708 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    14:12:36.0902 5708 ws2ifsl - ok
    14:12:36.0902 5708 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
    14:12:36.0934 5708 wscsvc - ok
    14:12:36.0934 5708 WSearch - ok
    14:12:37.0043 5708 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
    14:12:37.0121 5708 wuauserv - ok
    14:12:37.0168 5708 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    14:12:37.0214 5708 WudfPf - ok
    14:12:37.0246 5708 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    14:12:37.0292 5708 WUDFRd - ok
    14:12:37.0339 5708 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    14:12:37.0375 5708 wudfsvc - ok
    14:12:37.0385 5708 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
    14:12:37.0410 5708 WwanSvc - ok
    14:12:37.0424 5708 ================ Scan global ===============================
    14:12:37.0445 5708 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    14:12:37.0498 5708 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
    14:12:37.0522 5708 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
    14:12:37.0539 5708 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    14:12:37.0563 5708 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    14:12:37.0573 5708 [Global] - ok
    14:12:37.0575 5708 ================ Scan MBR ==================================
    14:12:37.0585 5708 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
    14:12:37.0951 5708 \Device\Harddisk0\DR0 - ok
    14:12:37.0951 5708 ================ Scan VBR ==================================
    14:12:37.0951 5708 [ 78DA0616E9237BBF156D8659BC6C6AE6 ] \Device\Harddisk0\DR0\Partition1
    14:12:37.0967 5708 \Device\Harddisk0\DR0\Partition1 - ok
    14:12:37.0983 5708 [ 1365E8D31EBCF598D7B3F5A44366EFAA ] \Device\Harddisk0\DR0\Partition2
    14:12:37.0983 5708 \Device\Harddisk0\DR0\Partition2 - ok
    14:12:38.0014 5708 [ C5B30957529007EAD3A792DB1DBDBCF4 ] \Device\Harddisk0\DR0\Partition3
    14:12:38.0014 5708 \Device\Harddisk0\DR0\Partition3 - ok
    14:12:38.0014 5708 ============================================================
    14:12:38.0014 5708 Scan finished
    14:12:38.0014 5708 ============================================================
    14:12:38.0029 5756 Detected object count: 3
    14:12:38.0029 5756 Actual detected object count: 3
    14:13:07.0929 5756 EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - skipped by user
    14:13:07.0929 5756 EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:13:07.0929 5756 sptd ( LockedFile.Multi.Generic ) - skipped by user
    14:13:07.0929 5756 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
    14:13:07.0944 5756 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
    14:13:07.0944 5756 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:13:31.0300 6268 Deinitialize success
     
  14. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    All clean so far and the file you uploaded and had scanned is clearly a false positive. I do believe your system is free of infections but we will do one last scan to be sure.


    Eset online scan instructions.
    IMPORTANT ---> Please make sure you follow the instruction to uncheck the box next to Remove found threats. Eset will detect anything that looks even remotely suspicious, this can include legitimate program files. If you do not uncheck the box, as instructed, Eset will automatically remove all suspect files which could leave some of your software inoperative. If you make a mistake these files can be restored from quarantine, but it would be preferable not to add any extra work to the clean up of your system.

    • Disable your existing Anti Virus following these instructions.
    • Please go here to use the Eset Online Scanner.
    • When the web page opens click on this button [​IMG]
    • If you are not using Internet Explorer you will see a message box open asking you to to download the ESET Smart Installer, click on the link and allow it to download and then run it. Accept the Terms of use and click on Start. The required components will download.
    • If using Internet Explorer the Terms of use box will open immediately, accept it and click on Start.
    • After the download is complete the Computer scan settings window will open, IMPORTANT ----> uncheck the box next to Remove found threats and click on Start. The virus signature database will then download which may take some time depending on the speed of your internet connection. The scan will automatically start when the download is complete.
    • This is a very thorough scan and may take several hours to complete depending on how much data you have on your hard drive. Do not interrupt it, be patient and let it finish.
    • A Scan Results window will appear at the end of the scan. If it lists any number of Infected Files click on List of found threats. Click on Copy to clipboard, come back to this thread and right click on the message box. Select Paste and the report will appear, add any comments you have and post the reply.
    • Back on the Eset window, click the Back button and then click on Finish.
     
  15. 4gony

    4gony Thread Starter

    Joined:
    Dec 27, 2012
    Messages:
    14
    here is the list

    C:\Users\Floris\AppData\Roaming\WinHost\host.exe multiple threats
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1082571

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice