Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

***GOOGLE REDIRECT***


  • Please log in to reply
11 replies to this topic

#1 ManO'Law

ManO'Law

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 30 April 2012 - 05:32 AM

Hi BCs.

I have had an issue with what I assume from the University of Google to be some sort of "google redirect". Usually the second hit or sometimes the first hit on a google search will take me somewhere unrelated to the search criteria [as the new tab is opening, the tab header says "Redirect..."]. Further I am experiencing an extremely sluggish browsing experience.

I have followed and implemented a number of "recommended" strategies to no avail.

I humbly seek some guidance on this. I am responsive and will follow direction well.

I am on Windows 7 Ultimate, I only use Mozilla.

Regards
Andrew

Edited by ManO'Law, 30 April 2012 - 05:36 AM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:04 AM

Posted 30 April 2012 - 09:58 AM

Before doing anything further, if you have not already done so, you should back up all your important documents, personal data files and photos to a CD or DVD drive as some infections may render your computer unbootable during or before the disinfection process. If that occurs there may be no option but to reformat and reinstall the OS or perform a full system recovery. The safest practice is not to backup any files with the following file extensions: exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.


Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!
-- The tool is frequently updated...if you used TDSSKiller previously, delete that version and download the most current one before using again.

Be sure to print out and follow these instructions for performing a scan.
  • Extract (unzip) the file to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the Desktop.
  • Alternatively, you can download TDSSKiller.exe and use that instead.
  • Double-click on TDSSKiller.exe to run the tool.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If an update is available, TDSSKiller will prompt you to update and download the most current version. Click Load Update. Close TDSSKiller and start again.
  • When the program opens, click the Change parameters.

    Posted Image

  • Under "Additional options", check the boxes next to Verify file digital signatures and Detect TDLFS file system, then click OK.

    Posted Image

  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If 'Suspicious objects' are detected, the default action will be Skip. Leave the default set to Skip and click on Continue.
  • If Malicious objects are detected, they will show in the Scan results - Select action for found objects and offer three options.

    Posted Image

  • Ensure Cure is selected...then click Continue -> Reboot computer for cure completion.

    Posted Image

  • Important! -> If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it to something else before beginning the download and saving to the computer or to perform the scan in "safe mode".


Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

Note: A 14-day trial of Malwarebytes Anti-Malware PRO is available as an option when first installing the free version so all users can test the real-time protection component for a period of two weeks. When the limited time period expires those features will be deactivated and locked. Enabling the Protection Module feature again requires registration and purchase of a license key that includes free lifetime upgrades and support. If you continue to use the free version, there is no requirement to buy a license...you can just use it as a stand-alone scanner.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

For other troubleshooting suggestions, please refer to: For those having trouble running Malwarebytes Anti-Malware
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 ManO'Law

ManO'Law
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 30 April 2012 - 04:41 PM

TDSS process run - results follow. One suspicious file - no cure option, so skip was chosen.

Malwarebytes process run - results follow. Two files deleted. Thanks for taking an interest in my problem!

07:31:23.0851 1608 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
07:31:24.0752 1608 ============================================================
07:31:24.0752 1608 Current date / time: 2012/05/01 07:31:24.0752
07:31:24.0752 1608 SystemInfo:
07:31:24.0752 1608
07:31:24.0752 1608 OS Version: 6.1.7601 ServicePack: 1.0
07:31:24.0752 1608 Product type: Workstation
07:31:24.0753 1608 ComputerName: TGWS012
07:31:24.0753 1608 UserName: Andrew
07:31:24.0753 1608 Windows directory: C:\Windows
07:31:24.0753 1608 System windows directory: C:\Windows
07:31:24.0753 1608 Processor architecture: Intel x86
07:31:24.0753 1608 Number of processors: 2
07:31:24.0753 1608 Page size: 0x1000
07:31:24.0753 1608 Boot type: Normal boot
07:31:24.0753 1608 ============================================================
07:31:25.0598 1608 Drive \Device\Harddisk0\DR0 - Size: 0x3A38A25E00 (232.88 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:31:25.0603 1608 ============================================================
07:31:25.0603 1608 \Device\Harddisk0\DR0:
07:31:25.0607 1608 MBR partitions:
07:31:25.0607 1608 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
07:31:25.0607 1608 ============================================================
07:31:25.0629 1608 C: <-> \Device\Harddisk0\DR0\Partition0
07:31:25.0629 1608 ============================================================
07:31:25.0629 1608 Initialize success
07:31:25.0629 1608 ============================================================
07:31:45.0619 4816 ============================================================
07:31:45.0619 4816 Scan started
07:31:45.0619 4816 Mode: Manual; SigCheck; TDLFS;
07:31:45.0619 4816 ============================================================
07:31:46.0947 4816 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
07:31:47.0046 4816 !SASCORE - ok
07:31:47.0211 4816 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
07:31:47.0264 4816 1394ohci - ok
07:31:47.0308 4816 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
07:31:47.0339 4816 ACPI - ok
07:31:47.0367 4816 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
07:31:47.0400 4816 AcpiPmi - ok
07:31:47.0464 4816 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
07:31:47.0480 4816 AdobeARMservice - ok
07:31:47.0553 4816 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
07:31:47.0581 4816 AdobeFlashPlayerUpdateSvc - ok
07:31:47.0623 4816 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
07:31:47.0664 4816 adp94xx - ok
07:31:47.0695 4816 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
07:31:47.0731 4816 adpahci - ok
07:31:47.0750 4816 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
07:31:47.0774 4816 adpu320 - ok
07:31:47.0816 4816 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
07:31:47.0863 4816 AeLookupSvc - ok
07:31:47.0900 4816 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
07:31:47.0949 4816 AFD - ok
07:31:47.0977 4816 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
07:31:47.0996 4816 agp440 - ok
07:31:48.0023 4816 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
07:31:48.0043 4816 aic78xx - ok
07:31:48.0059 4816 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
07:31:48.0095 4816 ALG - ok
07:31:48.0125 4816 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
07:31:48.0143 4816 aliide - ok
07:31:48.0164 4816 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
07:31:48.0184 4816 amdagp - ok
07:31:48.0203 4816 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
07:31:48.0221 4816 amdide - ok
07:31:48.0253 4816 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
07:31:48.0291 4816 AmdK8 - ok
07:31:48.0306 4816 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
07:31:48.0339 4816 AmdPPM - ok
07:31:48.0369 4816 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
07:31:48.0389 4816 amdsata - ok
07:31:48.0409 4816 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
07:31:48.0433 4816 amdsbs - ok
07:31:48.0451 4816 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
07:31:48.0470 4816 amdxata - ok
07:31:48.0499 4816 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
07:31:48.0556 4816 AppID - ok
07:31:48.0583 4816 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
07:31:48.0633 4816 AppIDSvc - ok
07:31:48.0664 4816 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
07:31:48.0707 4816 Appinfo - ok
07:31:48.0780 4816 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:31:48.0794 4816 Apple Mobile Device - ok
07:31:48.0827 4816 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
07:31:48.0871 4816 AppMgmt - ok
07:31:48.0937 4816 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
07:31:48.0961 4816 arc - ok
07:31:48.0978 4816 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
07:31:49.0003 4816 arcsas - ok
07:31:49.0089 4816 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
07:31:49.0106 4816 aspnet_state - ok
07:31:49.0136 4816 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\Windows\system32\drivers\aswFsBlk.sys
07:31:49.0176 4816 aswFsBlk - ok
07:31:49.0214 4816 aswMonFlt (6693141560b1615d8dccf0d8eb00087e) C:\Windows\system32\drivers\aswMonFlt.sys
07:31:49.0230 4816 aswMonFlt - ok
07:31:49.0261 4816 aswRdr (225013c16fe096714d71649ad7a20e8b) C:\Windows\System32\Drivers\aswrdr2.sys
07:31:49.0277 4816 aswRdr - ok
07:31:49.0313 4816 aswSnx (dcb199b967375753b5019ec15f008f53) C:\Windows\system32\drivers\aswSnx.sys
07:31:49.0337 4816 aswSnx - ok
07:31:49.0364 4816 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\Windows\system32\drivers\aswSP.sys
07:31:49.0385 4816 aswSP - ok
07:31:49.0403 4816 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\Windows\system32\drivers\aswTdi.sys
07:31:49.0419 4816 aswTdi - ok
07:31:49.0444 4816 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
07:31:49.0501 4816 AsyncMac - ok
07:31:49.0519 4816 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
07:31:49.0537 4816 atapi - ok
07:31:49.0579 4816 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
07:31:49.0636 4816 AudioEndpointBuilder - ok
07:31:49.0648 4816 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
07:31:49.0688 4816 Audiosrv - ok
07:31:49.0759 4816 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
07:31:49.0775 4816 avast! Antivirus - ok
07:31:49.0810 4816 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
07:31:49.0852 4816 AxInstSV - ok
07:31:49.0891 4816 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
07:31:49.0925 4816 b06bdrv - ok
07:31:49.0959 4816 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
07:31:50.0012 4816 b57nd60x - ok
07:31:50.0047 4816 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
07:31:50.0081 4816 BDESVC - ok
07:31:50.0095 4816 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
07:31:50.0145 4816 Beep - ok
07:31:50.0190 4816 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
07:31:50.0251 4816 BFE - ok
07:31:50.0295 4816 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
07:31:50.0357 4816 BITS - ok
07:31:50.0377 4816 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
07:31:50.0400 4816 blbdrive - ok
07:31:50.0483 4816 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files\Bonjour\mDNSResponder.exe
07:31:50.0511 4816 Bonjour Service - ok
07:31:50.0537 4816 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
07:31:50.0571 4816 bowser - ok
07:31:50.0609 4816 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
07:31:50.0646 4816 BrFiltLo - ok
07:31:50.0656 4816 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
07:31:50.0686 4816 BrFiltUp - ok
07:31:50.0719 4816 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
07:31:50.0772 4816 BridgeMP - ok
07:31:50.0808 4816 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
07:31:50.0860 4816 Browser - ok
07:31:50.0886 4816 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
07:31:50.0927 4816 Brserid - ok
07:31:50.0946 4816 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
07:31:50.0980 4816 BrSerWdm - ok
07:31:51.0006 4816 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
07:31:51.0033 4816 BrUsbMdm - ok
07:31:51.0041 4816 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
07:31:51.0065 4816 BrUsbSer - ok
07:31:51.0086 4816 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
07:31:51.0112 4816 BTHMODEM - ok
07:31:51.0141 4816 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
07:31:51.0181 4816 bthserv - ok
07:31:51.0258 4816 catchme - ok
07:31:51.0275 4816 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
07:31:51.0323 4816 cdfs - ok
07:31:51.0357 4816 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
07:31:51.0385 4816 cdrom - ok
07:31:51.0408 4816 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
07:31:51.0466 4816 CertPropSvc - ok
07:31:51.0495 4816 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
07:31:51.0521 4816 circlass - ok
07:31:51.0565 4816 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
07:31:51.0598 4816 CLFS - ok
07:31:51.0669 4816 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:31:51.0686 4816 clr_optimization_v2.0.50727_32 - ok
07:31:51.0748 4816 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:31:51.0769 4816 clr_optimization_v4.0.30319_32 - ok
07:31:51.0782 4816 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
07:31:51.0810 4816 CmBatt - ok
07:31:51.0833 4816 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
07:31:51.0852 4816 cmdide - ok
07:31:51.0881 4816 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
07:31:51.0922 4816 CNG - ok
07:31:51.0949 4816 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
07:31:51.0968 4816 Compbatt - ok
07:31:52.0009 4816 CompFilter (6e14fc8c0984954158f8174cb9d69bf9) C:\Windows\system32\DRIVERS\lvbusflt.sys
07:31:52.0024 4816 CompFilter - ok
07:31:52.0072 4816 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
07:31:52.0115 4816 CompositeBus - ok
07:31:52.0130 4816 COMSysApp - ok
07:31:52.0193 4816 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
07:31:52.0208 4816 cpudrv - ok
07:31:52.0222 4816 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
07:31:52.0241 4816 crcdisk - ok
07:31:52.0281 4816 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
07:31:52.0329 4816 CryptSvc - ok
07:31:52.0371 4816 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
07:31:52.0415 4816 CSC - ok
07:31:52.0444 4816 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
07:31:52.0496 4816 CscService - ok
07:31:52.0526 4816 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
07:31:52.0571 4816 DcomLaunch - ok
07:31:52.0606 4816 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
07:31:52.0664 4816 defragsvc - ok
07:31:52.0732 4816 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
07:31:52.0780 4816 DfsC - ok
07:31:52.0821 4816 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
07:31:52.0876 4816 Dhcp - ok
07:31:52.0917 4816 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
07:31:52.0956 4816 discache - ok
07:31:52.0971 4816 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
07:31:52.0991 4816 Disk - ok
07:31:53.0027 4816 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
07:31:53.0073 4816 Dnscache - ok
07:31:53.0109 4816 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
07:31:53.0158 4816 dot3svc - ok
07:31:53.0193 4816 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
07:31:53.0323 4816 DPS - ok
07:31:53.0364 4816 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
07:31:53.0397 4816 drmkaud - ok
07:31:53.0464 4816 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
07:31:53.0509 4816 DXGKrnl - ok
07:31:53.0563 4816 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
07:31:53.0608 4816 EapHost - ok
07:31:53.0735 4816 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
07:31:53.0839 4816 ebdrv - ok
07:31:53.0925 4816 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
07:31:53.0985 4816 EFS - ok
07:31:54.0191 4816 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
07:31:54.0250 4816 ehRecvr - ok
07:31:54.0287 4816 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
07:31:54.0316 4816 ehSched - ok
07:31:54.0381 4816 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
07:31:54.0419 4816 elxstor - ok
07:31:54.0445 4816 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
07:31:54.0478 4816 ErrDev - ok
07:31:54.0556 4816 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
07:31:54.0620 4816 EventSystem - ok
07:31:54.0650 4816 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
07:31:54.0711 4816 exfat - ok
07:31:54.0736 4816 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
07:31:54.0779 4816 fastfat - ok
07:31:54.0827 4816 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
07:31:54.0880 4816 Fax - ok
07:31:54.0896 4816 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
07:31:54.0925 4816 fdc - ok
07:31:54.0957 4816 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
07:31:54.0996 4816 fdPHost - ok
07:31:55.0014 4816 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
07:31:55.0054 4816 FDResPub - ok
07:31:55.0082 4816 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
07:31:55.0102 4816 FileInfo - ok
07:31:55.0119 4816 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
07:31:55.0163 4816 Filetrace - ok
07:31:55.0179 4816 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
07:31:55.0219 4816 flpydisk - ok
07:31:55.0248 4816 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
07:31:55.0280 4816 FltMgr - ok
07:31:55.0346 4816 FontCache (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll
07:31:55.0438 4816 FontCache - ok
07:31:55.0515 4816 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
07:31:55.0532 4816 FontCache3.0.0.0 - ok
07:31:55.0552 4816 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
07:31:55.0571 4816 FsDepends - ok
07:31:55.0599 4816 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
07:31:55.0618 4816 Fs_Rec - ok
07:31:55.0658 4816 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
07:31:55.0695 4816 fvevol - ok
07:31:55.0716 4816 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
07:31:55.0737 4816 gagp30kx - ok
07:31:55.0761 4816 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:31:55.0775 4816 GEARAspiWDM - ok
07:31:55.0852 4816 GoToAssist (5cc2b1d06ac1962af5fbbcf88d781dd8) C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
07:31:55.0866 4816 GoToAssist - ok
07:31:55.0917 4816 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
07:31:55.0985 4816 gpsvc - ok
07:31:56.0051 4816 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
07:31:56.0071 4816 gupdate - ok
07:31:56.0078 4816 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
07:31:56.0092 4816 gupdatem - ok
07:31:56.0124 4816 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
07:31:56.0158 4816 hcw85cir - ok
07:31:56.0198 4816 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
07:31:56.0235 4816 HdAudAddService - ok
07:31:56.0273 4816 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
07:31:56.0304 4816 HDAudBus - ok
07:31:56.0318 4816 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
07:31:56.0355 4816 HidBatt - ok
07:31:56.0378 4816 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
07:31:56.0417 4816 HidBth - ok
07:31:56.0441 4816 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
07:31:56.0466 4816 HidIr - ok
07:31:56.0506 4816 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
07:31:56.0548 4816 hidserv - ok
07:31:56.0580 4816 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
07:31:56.0612 4816 HidUsb - ok
07:31:56.0640 4816 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
07:31:56.0706 4816 hkmsvc - ok
07:31:56.0737 4816 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
07:31:56.0774 4816 HomeGroupListener - ok
07:31:56.0813 4816 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
07:31:56.0851 4816 HomeGroupProvider - ok
07:31:57.0017 4816 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
07:31:57.0052 4816 HpSAMD - ok
07:31:57.0098 4816 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
07:31:57.0155 4816 HTTP - ok
07:31:57.0196 4816 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
07:31:57.0215 4816 hwpolicy - ok
07:31:57.0255 4816 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
07:31:57.0292 4816 i8042prt - ok
07:31:57.0343 4816 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
07:31:57.0373 4816 iaStorV - ok
07:31:57.0472 4816 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:31:57.0514 4816 idsvc - ok
07:31:57.0924 4816 igfx (aa1636107c0c05a881bfbce41142c70f) C:\Windows\system32\DRIVERS\igdkmd32.sys
07:31:58.0200 4816 igfx - ok
07:31:58.0304 4816 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
07:31:58.0324 4816 iirsp - ok
07:31:58.0377 4816 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
07:31:58.0449 4816 IKEEXT - ok
07:31:58.0604 4816 IntcAzAudAddService (0dbef9cd5a2cd71240dd5afcee56d073) C:\Windows\system32\drivers\RTKVHDA.sys
07:31:58.0732 4816 IntcAzAudAddService - ok
07:31:58.0866 4816 IntcHdmiAddService (81486f0eb4238b65c317f97de246c4ac) C:\Windows\system32\drivers\IntcHdmi.sys
07:31:58.0898 4816 IntcHdmiAddService - ok
07:31:58.0929 4816 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
07:31:58.0950 4816 intelide - ok
07:31:58.0987 4816 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
07:31:59.0011 4816 intelppm - ok
07:31:59.0042 4816 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
07:31:59.0090 4816 IPBusEnum - ok
07:31:59.0108 4816 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:31:59.0148 4816 IpFilterDriver - ok
07:31:59.0446 4816 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
07:31:59.0521 4816 iphlpsvc - ok
07:31:59.0572 4816 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
07:31:59.0597 4816 IPMIDRV - ok
07:31:59.0617 4816 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
07:31:59.0670 4816 IPNAT - ok
07:31:59.0748 4816 iPod Service (3a6d4d8abacf64292d060c9e06d2050d) C:\Program Files\iPod\bin\iPodService.exe
07:31:59.0790 4816 iPod Service - ok
07:31:59.0805 4816 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
07:31:59.0841 4816 IRENUM - ok
07:31:59.0871 4816 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
07:31:59.0890 4816 isapnp - ok
07:31:59.0930 4816 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
07:31:59.0963 4816 iScsiPrt - ok
07:31:59.0987 4816 ISODrive (2f03ceb28307983f3b36216d35ffa5aa) C:\Program Files\UltraISO\drivers\ISODrive.sys
07:32:00.0004 4816 ISODrive - ok
07:32:00.0037 4816 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
07:32:00.0056 4816 kbdclass - ok
07:32:00.0091 4816 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
07:32:00.0126 4816 kbdhid - ok
07:32:00.0148 4816 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
07:32:00.0174 4816 KeyIso - ok
07:32:00.0208 4816 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
07:32:00.0229 4816 KSecDD - ok
07:32:00.0252 4816 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
07:32:00.0276 4816 KSecPkg - ok
07:32:00.0309 4816 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
07:32:00.0381 4816 KtmRm - ok
07:32:00.0410 4816 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
07:32:00.0471 4816 LanmanServer - ok
07:32:00.0508 4816 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
07:32:00.0571 4816 LanmanWorkstation - ok
07:32:00.0650 4816 LBTServ (910344e2a984010435ae84783b25e5eb) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
07:32:00.0679 4816 LBTServ - ok
07:32:00.0715 4816 LHidFilt (01cc7fb6e790ef044b411377f3a1ff41) C:\Windows\system32\DRIVERS\LHidFilt.Sys
07:32:00.0731 4816 LHidFilt - ok
07:32:00.0767 4816 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
07:32:00.0806 4816 lltdio - ok
07:32:00.0841 4816 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
07:32:00.0905 4816 lltdsvc - ok
07:32:00.0918 4816 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
07:32:00.0959 4816 lmhosts - ok
07:32:01.0012 4816 LMIGuardianSvc (2375e7e01635fbccde2f796a9e078e07) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
07:32:01.0030 4816 LMIGuardianSvc - ok
07:32:01.0064 4816 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
07:32:01.0079 4816 LMIInfo - ok
07:32:01.0096 4816 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
07:32:01.0111 4816 lmimirr - ok
07:32:01.0119 4816 LMIRfsClientNP - ok
07:32:01.0137 4816 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
07:32:01.0152 4816 LMIRfsDriver - ok
07:32:01.0164 4816 LMouFilt (a2e7eae8898d7b4b8c302b8f4e836bb5) C:\Windows\system32\DRIVERS\LMouFilt.Sys
07:32:01.0180 4816 LMouFilt - ok
07:32:01.0224 4816 LogMeIn (432618fa75b61059d2c57d6a7e55147a) C:\Program Files\LogMeIn\x86\LogMeIn.exe
07:32:01.0242 4816 LogMeIn - ok
07:32:01.0284 4816 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
07:32:01.0311 4816 LSI_FC - ok
07:32:01.0331 4816 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
07:32:01.0357 4816 LSI_SAS - ok
07:32:01.0372 4816 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
07:32:01.0392 4816 LSI_SAS2 - ok
07:32:01.0413 4816 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
07:32:01.0437 4816 LSI_SCSI - ok
07:32:01.0455 4816 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
07:32:01.0504 4816 luafv - ok
07:32:01.0529 4816 LUsbFilt (ddfa88e36d5f8db5fbdbdddc4969db0a) C:\Windows\system32\Drivers\LUsbFilt.Sys
07:32:01.0545 4816 LUsbFilt - ok
07:32:01.0578 4816 LVRS (35c2b196a8773d1f33905831daf16c2b) C:\Windows\system32\DRIVERS\lvrs.sys
07:32:01.0606 4816 LVRS - ok
07:32:01.0774 4816 LVUVC (0d6b0ccd22caa668e559b4bb7e86abf1) C:\Windows\system32\DRIVERS\lvuvc.sys
07:32:01.0918 4816 LVUVC - ok
07:32:02.0032 4816 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
07:32:02.0061 4816 Mcx2Svc - ok
07:32:02.0111 4816 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
07:32:02.0131 4816 megasas - ok
07:32:02.0155 4816 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
07:32:02.0189 4816 MegaSR - ok
07:32:02.0252 4816 Microsoft SharePoint Workspace Audit Service - ok
07:32:02.0286 4816 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
07:32:02.0337 4816 MMCSS - ok
07:32:02.0362 4816 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
07:32:02.0406 4816 Modem - ok
07:32:02.0433 4816 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
07:32:02.0458 4816 monitor - ok
07:32:02.0491 4816 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
07:32:02.0510 4816 mouclass - ok
07:32:02.0524 4816 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
07:32:02.0561 4816 mouhid - ok
07:32:02.0593 4816 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
07:32:02.0613 4816 mountmgr - ok
07:32:02.0666 4816 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
07:32:02.0687 4816 MozillaMaintenance - ok
07:32:02.0732 4816 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
07:32:02.0757 4816 mpio - ok
07:32:02.0789 4816 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
07:32:02.0838 4816 mpsdrv - ok
07:32:02.0886 4816 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
07:32:02.0955 4816 MpsSvc - ok
07:32:02.0995 4816 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
07:32:03.0028 4816 MRxDAV - ok
07:32:03.0061 4816 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
07:32:03.0089 4816 mrxsmb - ok
07:32:03.0124 4816 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:32:03.0159 4816 mrxsmb10 - ok
07:32:03.0195 4816 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:32:03.0231 4816 mrxsmb20 - ok
07:32:03.0267 4816 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
07:32:03.0286 4816 msahci - ok
07:32:03.0327 4816 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
07:32:03.0352 4816 msdsm - ok
07:32:03.0394 4816 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
07:32:03.0441 4816 MSDTC - ok
07:32:03.0491 4816 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
07:32:03.0536 4816 Msfs - ok
07:32:03.0560 4816 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
07:32:03.0611 4816 mshidkmdf - ok
07:32:03.0639 4816 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
07:32:03.0658 4816 msisadrv - ok
07:32:03.0693 4816 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
07:32:03.0743 4816 MSiSCSI - ok
07:32:03.0752 4816 msiserver - ok
07:32:03.0775 4816 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
07:32:03.0823 4816 MSKSSRV - ok
07:32:03.0850 4816 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
07:32:03.0900 4816 MSPCLOCK - ok
07:32:03.0920 4816 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
07:32:03.0974 4816 MSPQM - ok
07:32:04.0028 4816 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
07:32:04.0068 4816 MsRPC - ok
07:32:04.0108 4816 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
07:32:04.0132 4816 mssmbios - ok
07:32:04.0236 4816 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
07:32:04.0276 4816 MSTEE - ok
07:32:04.0311 4816 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
07:32:04.0349 4816 MTConfig - ok
07:32:04.0388 4816 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
07:32:04.0408 4816 Mup - ok
07:32:04.0473 4816 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
07:32:04.0536 4816 napagent - ok
07:32:04.0577 4816 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
07:32:04.0624 4816 NativeWifiP - ok
07:32:04.0680 4816 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
07:32:04.0727 4816 NDIS - ok
07:32:04.0766 4816 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
07:32:04.0805 4816 NdisCap - ok
07:32:04.0821 4816 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
07:32:04.0862 4816 NdisTapi - ok
07:32:04.0896 4816 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
07:32:04.0938 4816 Ndisuio - ok
07:32:04.0967 4816 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
07:32:05.0008 4816 NdisWan - ok
07:32:05.0043 4816 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
07:32:05.0082 4816 NDProxy - ok
07:32:05.0122 4816 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
07:32:05.0173 4816 NetBIOS - ok
07:32:05.0226 4816 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
07:32:05.0277 4816 NetBT - ok
07:32:05.0304 4816 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
07:32:05.0331 4816 Netlogon - ok
07:32:05.0381 4816 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
07:32:05.0457 4816 Netman - ok
07:32:05.0576 4816 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:32:05.0613 4816 NetMsmqActivator - ok
07:32:05.0621 4816 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:32:05.0639 4816 NetPipeActivator - ok
07:32:05.0678 4816 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
07:32:05.0740 4816 netprofm - ok
07:32:05.0748 4816 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:32:05.0765 4816 NetTcpActivator - ok
07:32:05.0773 4816 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:32:05.0790 4816 NetTcpPortSharing - ok
07:32:05.0853 4816 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
07:32:05.0873 4816 nfrd960 - ok
07:32:05.0919 4816 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
07:32:05.0984 4816 NlaSvc - ok
07:32:06.0003 4816 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
07:32:06.0048 4816 Npfs - ok
07:32:06.0087 4816 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
07:32:06.0131 4816 nsi - ok
07:32:06.0151 4816 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
07:32:06.0190 4816 nsiproxy - ok
07:32:06.0268 4816 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
07:32:06.0331 4816 Ntfs - ok
07:32:06.0457 4816 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
07:32:06.0505 4816 Null - ok
07:32:06.0543 4816 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
07:32:06.0568 4816 nvraid - ok
07:32:06.0621 4816 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
07:32:06.0649 4816 nvstor - ok
07:32:06.0703 4816 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
07:32:06.0730 4816 nv_agp - ok
07:32:06.0781 4816 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
07:32:06.0821 4816 ohci1394 - ok
07:32:06.0895 4816 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:32:06.0918 4816 ose - ok
07:32:10.0275 4816 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:32:10.0455 4816 osppsvc - ok
07:32:11.0221 4816 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
07:32:11.0265 4816 p2pimsvc - ok
07:32:11.0299 4816 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
07:32:11.0364 4816 p2psvc - ok
07:32:11.0509 4816 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
07:32:11.0544 4816 Parport - ok
07:32:11.0597 4816 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
07:32:11.0619 4816 partmgr - ok
07:32:11.0699 4816 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
07:32:11.0748 4816 Parvdm - ok
07:32:12.0287 4816 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
07:32:12.0362 4816 PcaSvc - ok
07:32:12.0603 4816 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
07:32:12.0665 4816 pci - ok
07:32:12.0711 4816 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
07:32:12.0733 4816 pciide - ok
07:32:12.0776 4816 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
07:32:12.0818 4816 pcmcia - ok
07:32:12.0839 4816 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
07:32:12.0861 4816 pcw - ok
07:32:12.0914 4816 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
07:32:12.0997 4816 PEAUTH - ok
07:32:13.0122 4816 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
07:32:13.0189 4816 PeerDistSvc - ok
07:32:13.0358 4816 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
07:32:13.0508 4816 pla - ok
07:32:14.0064 4816 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
07:32:14.0207 4816 PlugPlay - ok
07:32:14.0497 4816 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
07:32:14.0535 4816 PNRPAutoReg - ok
07:32:15.0678 4816 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
07:32:15.0728 4816 PNRPsvc - ok
07:32:16.0364 4816 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
07:32:16.0450 4816 PolicyAgent - ok
07:32:16.0493 4816 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
07:32:16.0591 4816 Power - ok
07:32:16.0902 4816 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
07:32:16.0993 4816 PptpMiniport - ok
07:32:17.0029 4816 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
07:32:17.0064 4816 Processor - ok
07:32:17.0188 4816 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
07:32:17.0237 4816 ProfSvc - ok
07:32:17.0366 4816 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
07:32:17.0392 4816 ProtectedStorage - ok
07:32:17.0427 4816 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
07:32:17.0477 4816 Psched - ok
07:32:17.0637 4816 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
07:32:17.0707 4816 ql2300 - ok
07:32:18.0347 4816 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
07:32:18.0374 4816 ql40xx - ok
07:32:18.0526 4816 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
07:32:18.0618 4816 QWAVE - ok
07:32:18.0749 4816 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
07:32:18.0794 4816 QWAVEdrv - ok
07:32:18.0893 4816 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
07:32:18.0914 4816 RapiMgr - ok
07:32:18.0978 4816 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
07:32:19.0041 4816 RasAcd - ok
07:32:19.0180 4816 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
07:32:19.0235 4816 RasAgileVpn - ok
07:32:19.0572 4816 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
07:32:19.0637 4816 RasAuto - ok
07:32:19.0935 4816 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
07:32:19.0984 4816 Rasl2tp - ok
07:32:20.0721 4816 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
07:32:20.0809 4816 RasMan - ok
07:32:21.0159 4816 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
07:32:21.0242 4816 RasPppoe - ok
07:32:21.0568 4816 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
07:32:21.0667 4816 RasSstp - ok
07:32:22.0337 4816 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
07:32:22.0393 4816 rdbss - ok
07:32:22.0450 4816 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
07:32:22.0490 4816 rdpbus - ok
07:32:22.0558 4816 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
07:32:22.0643 4816 RDPCDD - ok
07:32:22.0971 4816 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
07:32:23.0002 4816 RDPDR - ok
07:32:23.0057 4816 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
07:32:23.0102 4816 RDPENCDD - ok
07:32:23.0176 4816 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
07:32:23.0228 4816 RDPREFMP - ok
07:32:23.0292 4816 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
07:32:23.0324 4816 RdpVideoMiniport - ok
07:32:23.0856 4816 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
07:32:23.0899 4816 RDPWD - ok
07:32:24.0469 4816 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
07:32:24.0521 4816 rdyboost - ok
07:32:24.0786 4816 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
07:32:24.0837 4816 RemoteAccess - ok
07:32:25.0180 4816 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
07:32:25.0261 4816 RemoteRegistry - ok
07:32:25.0357 4816 Revoflt (b9bb8e2093c1615ad6ea55ad96214354) C:\Windows\system32\DRIVERS\revoflt.sys
07:32:25.0385 4816 Revoflt - ok
07:32:25.0547 4816 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
07:32:25.0610 4816 RpcEptMapper - ok
07:32:25.0674 4816 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
07:32:25.0705 4816 RpcLocator - ok
07:32:26.0570 4816 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
07:32:26.0617 4816 RpcSs - ok
07:32:26.0695 4816 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
07:32:26.0741 4816 rspndr - ok
07:32:27.0069 4816 RTL8167 (442f90838ea6d95080c557a16363a71b) C:\Windows\system32\DRIVERS\Rt86win7.sys
07:32:27.0100 4816 RTL8167 - ok
07:32:27.0163 4816 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
07:32:27.0194 4816 s3cap - ok
07:32:27.0241 4816 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
07:32:27.0256 4816 SamSs - ok
07:32:27.0506 4816 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
07:32:27.0521 4816 SASDIFSV - ok
07:32:27.0755 4816 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
07:32:27.0771 4816 SASKUTIL - ok
07:32:28.0114 4816 SAVRKBootTasks (e5c587c0668f83e799d1c43bc53e5e37) C:\Windows\system32\SAVRKBootTasks.sys
07:32:28.0130 4816 SAVRKBootTasks ( UnsignedFile.Multi.Generic ) - warning
07:32:28.0130 4816 SAVRKBootTasks - detected UnsignedFile.Multi.Generic (1)
07:32:28.0629 4816 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
07:32:28.0676 4816 sbp2port - ok
07:32:29.0768 4816 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
07:32:29.0877 4816 SCardSvr - ok
07:32:29.0939 4816 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
07:32:29.0986 4816 scfilter - ok
07:32:30.0111 4816 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
07:32:30.0189 4816 Schedule - ok
07:32:30.0220 4816 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
07:32:30.0267 4816 SCPolicySvc - ok
07:32:30.0470 4816 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
07:32:30.0501 4816 SDRSVC - ok
07:32:30.0532 4816 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
07:32:30.0579 4816 secdrv - ok
07:32:30.0610 4816 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
07:32:30.0673 4816 seclogon - ok
07:32:30.0688 4816 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
07:32:30.0735 4816 SENS - ok
07:32:30.0860 4816 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
07:32:30.0891 4816 SensrSvc - ok
07:32:31.0000 4816 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
07:32:31.0031 4816 Serenum - ok
07:32:31.0172 4816 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
07:32:31.0234 4816 Serial - ok
07:32:31.0265 4816 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
07:32:31.0312 4816 sermouse - ok
07:32:31.0640 4816 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
07:32:31.0702 4816 SessionEnv - ok
07:32:31.0780 4816 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
07:32:31.0843 4816 sffdisk - ok
07:32:31.0874 4816 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
07:32:31.0905 4816 sffp_mmc - ok
07:32:31.0967 4816 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
07:32:32.0045 4816 sffp_sd - ok
07:32:32.0155 4816 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
07:32:32.0217 4816 sfloppy - ok
07:32:32.0513 4816 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
07:32:32.0576 4816 SharedAccess - ok
07:32:32.0638 4816 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
07:32:32.0701 4816 ShellHWDetection - ok
07:32:32.0747 4816 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
07:32:32.0763 4816 sisagp - ok
07:32:32.0903 4816 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
07:32:32.0919 4816 SiSRaid2 - ok
07:32:32.0935 4816 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
07:32:32.0966 4816 SiSRaid4 - ok
07:32:34.0573 4816 Skype C2C Service (192d93ee7ae6a3c599c96cd8d736e914) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
07:32:34.0666 4816 Skype C2C Service - ok
07:32:34.0885 4816 SkypeUpdate (68ea68d03bf58389fe6ad2b38fad798c) C:\Program Files\Skype\Updater\Updater.exe
07:32:34.0900 4816 SkypeUpdate - ok
07:32:35.0056 4816 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
07:32:35.0119 4816 Smb - ok
07:32:35.0228 4816 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
07:32:35.0259 4816 SNMPTRAP - ok
07:32:35.0353 4816 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
07:32:35.0399 4816 spldr - ok
07:32:36.0179 4816 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
07:32:36.0242 4816 Spooler - ok
07:32:38.0161 4816 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
07:32:38.0363 4816 sppsvc - ok
07:32:38.0738 4816 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
07:32:38.0769 4816 sppuinotify - ok
07:32:38.0956 4816 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
07:32:39.0003 4816 srv - ok
07:32:39.0050 4816 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
07:32:39.0112 4816 srv2 - ok
07:32:39.0331 4816 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
07:32:39.0393 4816 srvnet - ok
07:32:39.0986 4816 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
07:32:40.0111 4816 SSDPSRV - ok
07:32:40.0282 4816 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
07:32:40.0360 4816 SstpSvc - ok
07:32:40.0469 4816 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
07:32:40.0501 4816 stexstor - ok
07:32:40.0547 4816 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
07:32:40.0625 4816 StiSvc - ok
07:32:40.0813 4816 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
07:32:40.0828 4816 storflt - ok
07:32:40.0875 4816 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
07:32:40.0891 4816 storvsc - ok
07:32:40.0984 4816 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
07:32:41.0000 4816 swenum - ok
07:32:41.0608 4816 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
07:32:41.0686 4816 swprv - ok
07:32:41.0702 4816 Synth3dVsc - ok
07:32:44.0416 4816 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
07:32:44.0510 4816 SysMain - ok
07:32:44.0775 4816 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
07:32:44.0806 4816 TabletInputService - ok
07:32:45.0524 4816 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
07:32:45.0602 4816 TapiSrv - ok
07:32:45.0805 4816 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
07:32:45.0867 4816 TBS - ok
07:32:46.0491 4816 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
07:32:46.0569 4816 Tcpip - ok
07:32:47.0193 4816 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
07:32:47.0224 4816 TCPIP6 - ok
07:32:47.0396 4816 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
07:32:47.0443 4816 tcpipreg - ok
07:32:47.0567 4816 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
07:32:47.0599 4816 TDPIPE - ok
07:32:47.0661 4816 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
07:32:47.0692 4816 TDTCP - ok
07:32:47.0942 4816 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
07:32:47.0989 4816 tdx - ok
07:32:48.0020 4816 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
07:32:48.0051 4816 TermDD - ok
07:32:48.0098 4816 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
07:32:48.0176 4816 TermService - ok
07:32:48.0223 4816 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
07:32:48.0269 4816 Themes - ok
07:32:48.0316 4816 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
07:32:48.0347 4816 THREADORDER - ok
07:32:48.0379 4816 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
07:32:48.0441 4816 TrkWks - ok
07:32:48.0503 4816 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
07:32:48.0550 4816 TrustedInstaller - ok
07:32:48.0597 4816 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
07:32:48.0628 4816 tssecsrv - ok
07:32:48.0659 4816 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
07:32:48.0691 4816 TsUsbFlt - ok
07:32:48.0706 4816 tsusbhub - ok
07:32:48.0831 4816 TuneUp.UtilitiesSvc (747ae9d7c5489455e2e3ca9459419e17) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
07:32:48.0862 4816 TuneUp.UtilitiesSvc - ok
07:32:48.0987 4816 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
07:32:49.0003 4816 TuneUpUtilitiesDrv - ok
07:32:50.0204 4816 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
07:32:50.0235 4816 tunnel - ok
07:32:50.0282 4816 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
07:32:50.0297 4816 uagp35 - ok
07:32:50.0344 4816 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
07:32:50.0391 4816 udfs - ok
07:32:50.0453 4816 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
07:32:50.0500 4816 UI0Detect - ok
07:32:50.0531 4816 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
07:32:50.0563 4816 uliagpkx - ok
07:32:50.0594 4816 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
07:32:50.0625 4816 umbus - ok
07:32:50.0656 4816 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
07:32:50.0687 4816 UmPass - ok
07:32:50.0734 4816 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
07:32:50.0781 4816 UmRdpService - ok
07:32:50.0859 4816 UMVPFSrv (6aa98eeb910e3d3a718592834ebe61d7) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
07:32:50.0890 4816 UMVPFSrv - ok
07:32:50.0937 4816 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
07:32:50.0999 4816 upnphost - ok
07:32:51.0031 4816 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
07:32:51.0046 4816 USBAAPL - ok
07:32:51.0171 4816 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
07:32:51.0187 4816 usbaudio - ok
07:32:51.0249 4816 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
07:32:51.0280 4816 usbccgp - ok
07:32:51.0374 4816 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
07:32:51.0389 4816 usbcir - ok
07:32:51.0436 4816 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
07:32:51.0467 4816 usbehci - ok
07:32:51.0499 4816 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
07:32:51.0545 4816 usbhub - ok
07:32:51.0561 4816 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
07:32:51.0577 4816 usbohci - ok
07:32:51.0623 4816 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
07:32:51.0655 4816 usbprint - ok
07:32:51.0670 4816 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:32:51.0717 4816 USBSTOR - ok
07:32:51.0779 4816 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
07:32:51.0842 4816 usbuhci - ok
07:32:51.0873 4816 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys
07:32:51.0904 4816 usbvideo - ok
07:32:51.0935 4816 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys
07:32:51.0967 4816 usb_rndisx - ok
07:32:52.0029 4816 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
07:32:52.0076 4816 UxSms - ok
07:32:52.0123 4816 UxTuneUp (56947ac4045d9cc2b2ab6e768fc91cac) C:\Windows\System32\uxtuneup.dll
07:32:52.0138 4816 UxTuneUp - ok
07:32:52.0169 4816 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
07:32:52.0201 4816 VaultSvc - ok
07:32:52.0232 4816 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
07:32:52.0247 4816 vdrvroot - ok
07:32:52.0450 4816 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
07:32:52.0513 4816 vds - ok
07:32:52.0559 4816 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
07:32:52.0575 4816 vga - ok
07:32:52.0606 4816 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
07:32:52.0653 4816 VgaSave - ok
07:32:52.0669 4816 VGPU - ok
07:32:52.0715 4816 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
07:32:52.0747 4816 vhdmp - ok
07:32:52.0793 4816 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
07:32:52.0825 4816 viaagp - ok
07:32:52.0840 4816 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
07:32:52.0871 4816 ViaC7 - ok
07:32:52.0903 4816 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
07:32:52.0918 4816 viaide - ok
07:32:52.0965 4816 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
07:32:52.0996 4816 vmbus - ok
07:32:53.0012 4816 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
07:32:53.0043 4816 VMBusHID - ok
07:32:53.0090 4816 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
07:32:53.0121 4816 volmgr - ok
07:32:53.0152 4816 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
07:32:53.0183 4816 volmgrx - ok
07:32:53.0230 4816 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
07:32:53.0261 4816 volsnap - ok
07:32:53.0277 4816 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
07:32:53.0308 4816 vsmraid - ok
07:32:53.0495 4816 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
07:32:53.0605 4816 VSS - ok
07:32:53.0683 4816 vtigercrmMysql521 - ok
07:32:53.0761 4816 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
07:32:53.0792 4816 vwifibus - ok
07:32:53.0839 4816 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
07:32:53.0917 4816 W32Time - ok
07:32:53.0963 4816 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
07:32:53.0979 4816 WacomPen - ok
07:32:54.0073 4816 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
07:32:54.0151 4816 WANARP - ok
07:32:54.0182 4816 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
07:32:54.0213 4816 Wanarpv6 - ok
07:32:54.0369 4816 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
07:32:54.0447 4816 wbengine - ok
07:32:54.0619 4816 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
07:32:54.0650 4816 WbioSrvc - ok
07:32:54.0712 4816 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
07:32:54.0743 4816 WcesComm - ok
07:32:54.0790 4816 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
07:32:54.0837 4816 wcncsvc - ok
07:32:54.0868 4816 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
07:32:54.0931 4816 WcsPlugInService - ok
07:32:54.0993 4816 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
07:32:55.0009 4816 Wd - ok
07:32:55.0055 4816 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
07:32:55.0087 4816 Wdf01000 - ok
07:32:55.0133 4816 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
07:32:55.0180 4816 WdiServiceHost - ok
07:32:55.0196 4816 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
07:32:55.0227 4816 WdiSystemHost - ok
07:32:55.0274 4816 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
07:32:55.0336 4816 WebClient - ok
07:32:55.0414 4816 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
07:32:55.0477 4816 Wecsvc - ok
07:32:55.0648 4816 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
07:32:55.0711 4816 wercplsupport - ok
07:32:55.0742 4816 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
07:32:55.0773 4816 WfpLwf - ok
07:32:55.0820 4816 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
07:32:55.0851 4816 WIMMount - ok
07:32:55.0945 4816 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
07:32:55.0991 4816 WinDefend - ok
07:32:56.0038 4816 WinHttpAutoProxySvc - ok
07:32:56.0116 4816 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
07:32:56.0179 4816 Winmgmt - ok
07:32:56.0257 4816 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
07:32:56.0335 4816 WinRM - ok
07:32:56.0600 4816 WinUSB (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
07:32:56.0631 4816 WinUSB - ok
07:32:56.0849 4816 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
07:32:56.0927 4816 Wlansvc - ok
07:32:57.0068 4816 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:32:57.0130 4816 wlidsvc - ok
07:32:57.0271 4816 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
07:32:57.0302 4816 WmiAcpi - ok
07:32:57.0380 4816 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
07:32:57.0411 4816 wmiApSrv - ok
07:32:57.0661 4816 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
07:32:57.0723 4816 WMPNetworkSvc - ok
07:32:57.0817 4816 WMZuneComm (017695393afffed8de58abd1b085be6d) C:\Program Files\Zune\WMZuneComm.exe
07:32:57.0848 4816 WMZuneComm - ok
07:32:57.0957 4816 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
07:32:57.0988 4816 WPCSvc - ok
07:32:58.0035 4816 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
07:32:58.0066 4816 WPDBusEnum - ok
07:32:58.0144 4816 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
07:32:58.0175 4816 ws2ifsl - ok
07:32:58.0222 4816 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
07:32:58.0285 4816 wscsvc - ok
07:32:58.0300 4816 WSearch - ok
07:32:58.0519 4816 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
07:32:58.0612 4816 wuauserv - ok
07:32:58.0753 4816 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
07:32:58.0799 4816 WudfPf - ok
07:32:58.0846 4816 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
07:32:58.0893 4816 WUDFRd - ok
07:32:58.0924 4816 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
07:32:58.0971 4816 wudfsvc - ok
07:32:59.0018 4816 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
07:32:59.0065 4816 WwanSvc - ok
07:32:59.0548 4816 ZuneNetworkSvc (1076df9ade4e13ea3bf39d2165aeb903) C:\Program Files\Zune\ZuneNss.exe
07:32:59.0751 4816 ZuneNetworkSvc - ok
07:32:59.0829 4816 ZuneWlanCfgSvc (de1cdb333a402b279f04d627122fa08e) C:\Program Files\Zune\ZuneWlanCfgSvc.exe
07:32:59.0860 4816 ZuneWlanCfgSvc - ok
07:32:59.0985 4816 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
07:33:00.0063 4816 \Device\Harddisk0\DR0 - ok
07:33:00.0063 4816 Boot (0x1200) (a78a2638e4f63b7490a89cbaeb49230b) \Device\Harddisk0\DR0\Partition0
07:33:00.0063 4816 \Device\Harddisk0\DR0\Partition0 - ok
07:33:00.0063 4816 ============================================================
07:33:00.0063 4816 Scan finished
07:33:00.0063 4816 ============================================================
07:33:00.0094 4212 Detected object count: 1
07:33:00.0094 4212 Actual detected object count: 1
07:34:02.0276 4212 SAVRKBootTasks ( UnsignedFile.Multi.Generic ) - skipped by user
07:34:02.0276 4212 SAVRKBootTasks ( UnsignedFile.Multi.Generic ) - User select action: Skip

______________________________________________________________________________________________________________________

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.30.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Andrew :: TGWS012 [administrator]

01/05/2012 7:39:22 AM
mbam-log-2012-05-01 (07-39-22).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 247006
Time elapsed: 4 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Windows\System32\regteak (Backdoor.Agent) -> Quarantined and deleted successfully.

Files Detected: 1
C:\Windows\System32\regteak\klog.dat (Backdoor.Agent) -> Quarantined and deleted successfully.

(end)

Edited by ManO'Law, 30 April 2012 - 04:55 PM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:04 AM

Posted 30 April 2012 - 04:49 PM

Please continue with Malwarebytes Anti-Malware and post the log results.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 ManO'Law

ManO'Law
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 30 April 2012 - 06:06 PM

Done - Posted under TDSS log above.

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:04 AM

Posted 01 May 2012 - 07:46 AM

Now rescan again with Malwarebytes Anti-Malware, but this time perform a Full Scan in normal mode and check all items found for removal. Don't forgot to check for database definition updates through the program's interface (preferable method) before scanning and to reboot afterwards. Failure to reboot normally will prevent Malwarebytes from removing all the malware. When done, click the Logs tab and copy/paste the contents of the new report in your next reply.

Some redirects are caused by malicious browser extensions. To test Firefox to see if such an extension is causing the problem, run Firefox in Safe Mode Firefox.

Then perform a few searches to see if you are redirected. If you are not redirected then it is most likely a malicious extension that is causing the problem. Close Firefox and restart Firefox normally. Once it is opened, go to Tools > Add-ons > Extensions and check for any new or unknown Extensions which you did not add as shown in this example. <- scroll about halfway down the page to Trojan:Win32/Medfos.B installs a Mozilla Firefox extension

If you're now sure, you may have to disable all extension and then enable one extension at a time. Restart Firefox and perform some searches to see if you are redirected. If not, enable another extension, restart Firefox and perform some more searches until you find out which extension is causing the redirects.

If it turns out to be an extension, in Windows 7 and Vista the malicious folder most likely would be found in this location with a recent creation date:
C:\Users\username\AppData\Local\{C34AF34F-7375-11E1-826D-B8AC6F996F26} <- this random identifier is only an example
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 ManO'Law

ManO'Law
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 01 May 2012 - 08:21 AM

Thanks - running full scan now remotely on the subject workstation.

Have checked all Mozilla add-on extensions - none unfamilar. To be safe either removed or disabled all except Add Block Plus and Log Me.

At this juncture, no redirects, however performance will have to be tested when in front of the subject workstation in the morning. I will let MBAM do its thing and post the log in due course.

Thanks again.

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:04 AM

Posted 01 May 2012 - 09:48 AM

Not a problem.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 ManO'Law

ManO'Law
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 01 May 2012 - 05:38 PM

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.01.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Andrew :: TGWS012 [administrator]

01/05/2012 10:58:25 PM
mbam-log-2012-05-01 (22-58-25).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 426838
Time elapsed: 1 hour(s), 13 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:04 AM

Posted 01 May 2012 - 06:25 PM

Looks good.

How is the computer running now?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 ManO'Law

ManO'Law
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 01 May 2012 - 06:28 PM

I have to say that no redirects have occurred in Mozilla via google.
Web browsing seems to be back to usual speed.
I would have to say "all fixed"!

Thanks!

Can I ask two questions:

1. What do you think was causing it?
2. What is the best precautionary measure to invest to assist in it not happening again?

Thanks for all of your help.

Regards

#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:04 AM

Posted 01 May 2012 - 08:44 PM

You're welcome.

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:

1. What do you think was causing it?

I'm inclined to suspect it was one of those extensions like in the example link I provided since we did not find much of anything else. Anyway you may want to read How Malware Spreads - How did I get infected which explains the most common ways malware is contracted and spread.

2. What is the best precautionary measure to invest to assist in it not
happening again?

Tips to protect yourself against malware and reduce the potential for re-infection
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users