Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus infected laptop - media & installation software attacked


  • Please log in to reply
49 replies to this topic

#1 Flatley

Flatley

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:53 AM

Posted 27 May 2012 - 07:49 PM

Windows 7, Dell Inspiron laptop

Several days ago, my wife's computer began to exhibit odd symptoms. Upon startup, the following errors immediately popped up:

iTuneSHelper
iTunesHelper was not installed correctly. Please reinstall iTunes.

Error 7


TWCApp.exe - .NET Framework Initialization Error

To run this application, you must first install one of the following versoins of the .NET Framework:
v4.0.030319
Contact your applicatoin publisher for instructions about obtaining the appropriate version of the .NET Framework.


At first, I had thought it a matter of updating or reinstalling the software. But then, when I downloaded and kicked off the .exe, the following error popped up:

Windows Installer
The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assitance.


This was when I started to suspect I had a more severe issue than I initially thought. Going into control panel, I tried to uninstall iTunes, and, lo and behold, I got the same Windows Installer error. I then attempted to find a way to run an antivirus on the laptop (didn't have one installed), but I've not had any success. I had successfully installed Avast, but when I start it up, I got the following error message:

C:\Program Files\AVAST Software\Avast\AvastUI.exe

The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line systrace.exe tool for more detail.


That's about where things lie so far. I've tried some of the recommended steps to fix my installer (msiexec /regserver, /unregister; regedit, etc), but had no success to speak of. System restore is not an option, because I kept using Windows Updates as my installation tester each time I tried a different solution, and I can't go further back than two days ago. I *did* try to do a system restore, but even restoring back three weeks prior yielded the same issues (though the issues weren't present at the time). I would love to get any advice I can, because unless I can figure this out soon, I have little choice but to format my hard drive and start from scratch.

Edited by Flatley, 27 May 2012 - 07:50 PM.


BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:53 AM

Posted 27 May 2012 - 08:32 PM

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

#3 Flatley

Flatley
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:53 AM

Posted 27 May 2012 - 10:13 PM

Thank you for your help.

MiniToolBox by Farbar Version: 14-01-2012
Ran by E(administrator) on 27-05-2012 at 22:10:55
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : WhiteRabbit
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : 70-F1-A1-63-CD-CF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9dee:3019:46b8:4573%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.130(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, May 27, 2012 10:07:50 PM
Lease Expires . . . . . . . . . . : Monday, May 28, 2012 10:07:49 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 225505697
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-63-25-EB-A4-BA-DB-B0-92-A3
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : A4-BA-DB-B0-92-A3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:c51:5ae:b326:9a5f(Preferred)
Link-local IPv6 Address . . . . . : fe80::c51:5ae:b326:9a5f%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C20AA60E-12B3-43CA-BE75-767FCC431816}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E1974829-5920-4772-8DFF-DA600E9C850B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.225.67
74.125.225.68
74.125.225.69
74.125.225.70
74.125.225.71
74.125.225.72
74.125.225.73
74.125.225.78
74.125.225.64
74.125.225.65
74.125.225.66


Pinging google.com [74.125.225.72] with 32 bytes of data:
Reply from 74.125.225.72: bytes=32 time=23ms TTL=50
Reply from 74.125.225.72: bytes=32 time=24ms TTL=50

Ping statistics for 74.125.225.72:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 24ms, Average = 23ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=42ms TTL=49
Reply from 209.191.122.70: bytes=32 time=43ms TTL=49

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 42ms, Maximum = 43ms, Average = 42ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...70 f1 a1 63 cd cf ......Dell Wireless 1397 WLAN Mini-Card
11...a4 ba db b0 92 a3 ......Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.130 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.130 281
192.168.0.130 255.255.255.255 On-link 192.168.0.130 281
192.168.0.255 255.255.255.255 On-link 192.168.0.130 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.130 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.130 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:5ef5:79fb:c51:5ae:b326:9a5f/128
On-link
12 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::c51:5ae:b326:9a5f/128
On-link
12 281 fe80::9dee:3019:46b8:4573/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/27/2012 10:06:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/27/2012 10:06:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/27/2012 10:06:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/27/2012 07:42:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/27/2012 07:34:39 PM) (Source: MsiInstaller) (User: Emily)Emily
Description: Windows Installer proxy information not correctly registered

Error: (05/27/2012 07:34:10 PM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Windows Installer proxy information not correctly registered

Error: (05/27/2012 07:34:10 PM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Windows Installer proxy information not correctly registered

Error: (05/27/2012 07:34:09 PM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Windows Installer proxy information not correctly registered

Error: (05/27/2012 07:34:08 PM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Windows Installer proxy information not correctly registered

Error: (05/27/2012 07:34:08 PM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Windows Installer proxy information not correctly registered


System errors:
=============
Error: (05/27/2012 10:08:28 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Network Agent service failed to start due to the following error:
%%2

Error: (05/27/2012 10:08:28 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Services service failed to start due to the following error:
%%2

Error: (05/27/2012 10:07:27 PM) (Source: DCOM) (User: SYSTEM)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (05/27/2012 10:07:07 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (05/27/2012 10:06:27 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
MPFP

Error: (05/27/2012 10:06:15 PM) (Source: Service Control Manager) (User: )
Description: The SeaPort service failed to start due to the following error:
%%2

Error: (05/27/2012 10:06:15 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Anti-Spam Service service failed to start due to the following error:
%%2

Error: (05/27/2012 10:06:14 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service failed to start due to the following error:
%%2

Error: (05/27/2012 10:06:14 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Real-time Scanner service failed to start due to the following error:
%%2

Error: (05/27/2012 10:06:14 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Proxy Service service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Adobe Flash Player 10 ActiveX (Version: 10.0.45.2)
Adobe Reader 9.1.2 (Version: 9.1.2)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 1.2.1)
Apple Mobile Device Support (Version: 3.0.1.3)
Apple Software Update (Version: 2.1.2.120)
avast! Free Antivirus (Version: 7.0.1426.0)
Banctec Service Agreement (Version: 2.0.0)
Bonjour (Version: 2.0.1.2)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.4518.1014)
Cozi (Version: 1.0.4323.24051)
Dell DataSafe Local Backup - Support Software (Version: 2.34)
Dell DataSafe Local Backup (Version: 9.3.94)
Dell DataSafe Online (Version: 1.2.0011)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.5.09100)
Dell Touchpad (Version: 7.104.115.102)
Dell Webcam Central (Version: 1.40.05)
Dell Wireless WLAN Card Utility (Version: 5.30.21.0)
Google Chrome (Version: 18.0.1025.168)
GoToAssist 8.0.0.514
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes (Version: 9.1.1.12)
Java™ 6 Update 17 (64-bit) (Version: 6.0.170)
Java™ 6 Update 17 (Version: 6.0.170)
Junk Mail filter update (Version: 14.0.8089.726)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
McAfee SecurityCenter
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Standard Edition 2003 (Version: 11.0.5614.0)
Microsoft Office Suite Activation Assistant (Version: 1.2.1)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Search Enhancement Pack (Version: 1.2.123.0)
Microsoft Silverlight (Version: 3.0.40624.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 14.0.1468.721)
PowerDVD DX (Version: 8.3.6029)
Quickset64 (Version: 9.6.6)
QuickTime (Version: 7.66.71.0)
Roxio Burn (Version: 1.01)
The Weather Channel Desktop 6
Update for Microsoft Office Word 2007 (KB974631)
Update for Office 2007 (KB934528)
Update for Office System 2007 Setup (KB929722)
WildTangent Games (Version: 1.0.0.71)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 4056.36 MB
Available physical RAM: 2355.99 MB
Total Pagefile: 8110.92 MB
Available Pagefile: 6194.7 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.36 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:221.48 GB) NTFS

========================= Users: ========================================

User accounts for \\WHITERABBIT

Administrator E Guest

========================= Minidump Files ==================================


**** End of log ****

Edited by Flatley, 27 May 2012 - 10:15 PM.


#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:53 AM

Posted 27 May 2012 - 10:26 PM

I see that you have 3 things installed that caught my eye, and they are as follows:

1) McAfee Security Center with no McAfee Applications installed, so I ask did you have McAfee installed at any point?

2) Avast, if you had McAfee AV and removed it remnants could cause issues.

3) Microsoft Choice Guard, which a lot of people have removed.

Have you ran Malwarebytes, Super Anti-Spyware, or any other removal tools?

#5 Flatley

Flatley
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:53 AM

Posted 28 May 2012 - 09:27 AM

I believe McAfee was preinstalled onto the computer. I just installed Avast two days ago, to try to address this issue.

I have ran Super Anti-Spyware Friday. It picked up the usual trackers, but nothing else.

I'm absolutely open to suggestions.

Edited by Flatley, 28 May 2012 - 09:28 AM.


#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:53 AM

Posted 28 May 2012 - 12:36 PM

Please download McAfee Removal Tool and remove McAfee.

#7 Flatley

Flatley
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:53 AM

Posted 28 May 2012 - 02:33 PM

Done.

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:53 AM

Posted 28 May 2012 - 02:41 PM

Lets do some scans:

Please download and run Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Malwarebytes Anti-Malware

NOTEMalwarebytes is now offering a free trial of their program, if you want to accept it you will need to enter some billing information, so that at the end of the trial you would be charged the cost of the product. Please decline this offer, if you are unable to provide billing information. If you want to try it out, then provide the billing information.

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.



Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


All scans above should be performed in regular boot mode, and if that is not possible then I will post instructions in a follow up reply on how to get into Safe Mode to perform the scans. Also all scans should be COMPLETE and not quick unless specifically instructed to do so.

#9 Flatley

Flatley
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:53 AM

Posted 28 May 2012 - 02:45 PM

All right. Give me a couple of minutes to run the gamut. Thanks again.

#10 Flatley

Flatley
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:53 AM

Posted 28 May 2012 - 03:29 PM

I'm running into a roadblock. Running SecurityCheck, I get prompted to hit any key. After doing so, it says "processing" for a couple of seconds, after which it closed. No .txt file was created on my laptop.

Should I continue with the Malware scans, or should we address the SecurityCheck issue first?

#11 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:53 AM

Posted 28 May 2012 - 03:31 PM

Yes continue.

#12 Flatley

Flatley
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:53 AM

Posted 28 May 2012 - 04:41 PM

Malware results:

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.28.04

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
E :: WHITERABBIT [administrator]

Protection: Enabled

5/28/2012 3:35:55 PM
mbam-log-2012-05-28 (15-35-55).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 377443
Time elapsed: 1 hour(s), 3 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Starting GMER now.

Edited by Flatley, 28 May 2012 - 04:41 PM.


#13 Flatley

Flatley
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:53 AM

Posted 28 May 2012 - 05:06 PM

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-05-28 17:05:58
Windows 6.1.7601
Running: lbd1qrcj.exe


---- Files - GMER 1.0.15 ----

File C:\avast! sandbox 0 bytes
File C:\avast! sandbox\S-1-5-21-4259215387-2856395737-1637825820-1001 0 bytes
File C:\avast! sandbox\S-1-5-21-4259215387-2856395737-1637825820-1001\r8 0 bytes
File C:\avast! sandbox\S-1-5-21-4259215387-2856395737-1637825820-1001\r8\SecurityCheck._{eee37bf6-a902-11e1-ba16-a4badbb092a3} 0 bytes
File C:\avast! sandbox\S-1-5-21-4259215387-2856395737-1637825820-1001\r8\SecurityCheck._{eee37bf6-a902-11e1-ba16-a4badbb092a3}\C 0 bytes
File C:\avast! sandbox\S-1-5-21-4259215387-2856395737-1637825820-1001\r8\SecurityCheck._{eee37bf6-a902-11e1-ba16-a4badbb092a3}\C\Users 0 bytes
File C:\avast! sandbox\S-1-5-21-4259215387-2856395737-1637825820-1001\r8\SecurityCheck._{eee37bf6-a902-11e1-ba16-a4badbb092a3}\C\Users\Emily 0 bytes
File C:\avast! sandbox\S-1-5-21-4259215387-2856395737-1637825820-1001\r8\SecurityCheck._{eee37bf6-a902-11e1-ba16-a4badbb092a3}\C\Users\Emily\AppData 0 bytes
File C:\avast! sandbox\S-1-5-21-4259215387-2856395737-1637825820-1001\r8\SecurityCheck._{eee37bf6-a902-11e1-ba16-a4badbb092a3}\C\Users\Emily\AppData\Local 0 bytes
File C:\avast! sandbox\S-1-5-21-4259215387-2856395737-1637825820-1001\r8\SecurityCheck._{eee37bf6-a902-11e1-ba16-a4badbb092a3}\C\Users\Emily\AppData\Local\Temp 0 bytes
File C:\avast! sandbox\S-1-5-21-4259215387-2856395737-1637825820-1001\r8\SecurityCheck._{eee37bf6-a902-11e1-ba16-a4badbb092a3}\C\Users\Emily\AppData\Local\Temp\RarSFX0 0 bytes
File C:\avast! sandbox\S-1-5-21-4259215387-2856395737-1637825820-1001\r8\SecurityCheck._{eee37bf6-a902-11e1-ba16-a4badbb092a3}\C\Users\Emily\AppData\Local\Temp\RarSFX0\SecurityCheck 0 bytes
File C:\avast! sandbox\S-1-5-21-4259215387-2856395737-1637825820-1001\r8\SecurityCheck._{eee37bf6-a902-11e1-ba16-a4badbb092a3}\C\Users\Emily\AppData\Local\Temp\RarSFX0\SecurityCheck\Objlist.exe 272412 bytes
File C:\avast! sandbox\snx_rhive 262144 bytes
File C:\avast! sandbox\snx_rhive.LOG1 9216 bytes
File C:\avast! sandbox\snx_rhive.LOG2 0 bytes
File C:\avast! sandbox\snx_rhive{eee37bf8-a902-11e1-ba16-a4badbb092a3}.TM.blf 65536 bytes
File C:\avast! sandbox\snx_rhive{eee37bf8-a902-11e1-ba16-a4badbb092a3}.TMContainer00000000000000000001.regtrans-ms 524288 bytes
File C:\avast! sandbox\snx_rhive{eee37bf8-a902-11e1-ba16-a4badbb092a3}.TMContainer00000000000000000002.regtrans-ms 524288 bytes

---- EOF - GMER 1.0.15 ----

#14 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:53 AM

Posted 30 May 2012 - 07:58 PM

Please download and run TDSS Killer and PLEASE DO NOT FIX ANYTHING IF PROMPTED. Post the resulting log which will be created under C:\.

#15 Flatley

Flatley
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:53 AM

Posted 30 May 2012 - 08:10 PM

20:07:59.0472 6636 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
20:07:59.0830 6636 ============================================================
20:07:59.0830 6636 Current date / time: 2012/05/30 20:07:59.0830
20:07:59.0830 6636 SystemInfo:
20:07:59.0830 6636
20:07:59.0830 6636 OS Version: 6.1.7601 ServicePack: 0.0
20:07:59.0830 6636 Product type: Workstation
20:07:59.0830 6636 ComputerName: WHITERABBIT
20:07:59.0830 6636 UserName: E
20:07:59.0830 6636 Windows directory: C:\Windows
20:07:59.0830 6636 System windows directory: C:\Windows
20:07:59.0830 6636 Running under WOW64
20:07:59.0830 6636 Processor architecture: Intel x64
20:07:59.0830 6636 Number of processors: 2
20:07:59.0830 6636 Page size: 0x1000
20:07:59.0830 6636 Boot type: Normal boot
20:07:59.0830 6636 ============================================================
20:08:00.0423 6636 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:08:00.0439 6636 ============================================================
20:08:00.0439 6636 \Device\Harddisk0\DR0:
20:08:00.0439 6636 MBR partitions:
20:08:00.0439 6636 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
20:08:00.0439 6636 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
20:08:00.0439 6636 ============================================================
20:08:00.0454 6636 C: <-> \Device\Harddisk0\DR0\Partition1
20:08:00.0454 6636 ============================================================
20:08:00.0454 6636 Initialize success
20:08:00.0454 6636 ============================================================
20:08:08.0036 2900 ============================================================
20:08:08.0036 2900 Scan started
20:08:08.0036 2900 Mode: Manual;
20:08:08.0036 2900 ============================================================
20:08:09.0034 2900 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
20:08:09.0050 2900 1394ohci - ok
20:08:09.0128 2900 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\DRIVERS\ACPI.sys
20:08:09.0144 2900 ACPI - ok
20:08:09.0175 2900 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\DRIVERS\acpipmi.sys
20:08:09.0190 2900 AcpiPmi - ok
20:08:09.0253 2900 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:08:09.0284 2900 adp94xx - ok
20:08:09.0346 2900 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:08:09.0362 2900 adpahci - ok
20:08:09.0424 2900 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:08:09.0440 2900 adpu320 - ok
20:08:09.0487 2900 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:08:09.0487 2900 AeLookupSvc - ok
20:08:09.0565 2900 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:08:09.0596 2900 AFD - ok
20:08:09.0658 2900 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
20:08:09.0658 2900 agp440 - ok
20:08:09.0690 2900 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:08:09.0705 2900 ALG - ok
20:08:09.0736 2900 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
20:08:09.0736 2900 aliide - ok
20:08:09.0752 2900 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
20:08:09.0768 2900 amdide - ok
20:08:09.0799 2900 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:08:09.0814 2900 AmdK8 - ok
20:08:09.0830 2900 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:08:09.0830 2900 AmdPPM - ok
20:08:09.0877 2900 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\DRIVERS\amdsata.sys
20:08:09.0892 2900 amdsata - ok
20:08:09.0939 2900 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:08:09.0955 2900 amdsbs - ok
20:08:09.0986 2900 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\DRIVERS\amdxata.sys
20:08:09.0986 2900 amdxata - ok
20:08:10.0033 2900 ApfiltrService (1412e9a88fe1f7e35ce6058a2ef03664) C:\Windows\system32\DRIVERS\Apfiltr.sys
20:08:10.0033 2900 ApfiltrService - ok
20:08:10.0080 2900 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:08:10.0080 2900 AppID - ok
20:08:10.0126 2900 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:08:10.0126 2900 AppIDSvc - ok
20:08:10.0158 2900 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:08:10.0173 2900 Appinfo - ok
20:08:10.0282 2900 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:08:10.0298 2900 Apple Mobile Device - ok
20:08:10.0329 2900 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:08:10.0329 2900 arc - ok
20:08:10.0345 2900 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:08:10.0345 2900 arcsas - ok
20:08:10.0407 2900 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
20:08:10.0407 2900 aswFsBlk - ok
20:08:10.0485 2900 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
20:08:10.0501 2900 aswMonFlt - ok
20:08:10.0532 2900 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
20:08:10.0532 2900 aswRdr - ok
20:08:10.0610 2900 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
20:08:10.0610 2900 aswSnx - ok
20:08:10.0657 2900 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
20:08:10.0657 2900 aswSP - ok
20:08:10.0735 2900 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
20:08:10.0735 2900 aswTdi - ok
20:08:10.0782 2900 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:08:10.0782 2900 AsyncMac - ok
20:08:10.0813 2900 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
20:08:10.0813 2900 atapi - ok
20:08:10.0922 2900 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:08:10.0969 2900 AudioEndpointBuilder - ok
20:08:10.0969 2900 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:08:10.0984 2900 AudioSrv - ok
20:08:11.0125 2900 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:08:11.0125 2900 avast! Antivirus - ok
20:08:11.0187 2900 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:08:11.0187 2900 AxInstSV - ok
20:08:11.0265 2900 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:08:11.0296 2900 b06bdrv - ok
20:08:11.0374 2900 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:08:11.0406 2900 b57nd60a - ok
20:08:11.0452 2900 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
20:08:11.0452 2900 BCM42RLY - ok
20:08:11.0686 2900 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
20:08:11.0718 2900 BCM43XX - ok
20:08:11.0889 2900 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:08:11.0905 2900 BDESVC - ok
20:08:11.0983 2900 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:08:11.0983 2900 Beep - ok
20:08:12.0092 2900 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:08:12.0108 2900 BFE - ok
20:08:12.0201 2900 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:08:12.0232 2900 BITS - ok
20:08:12.0295 2900 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:08:12.0295 2900 blbdrive - ok
20:08:12.0404 2900 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
20:08:12.0435 2900 Bonjour Service - ok
20:08:12.0498 2900 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
20:08:12.0498 2900 bowser - ok
20:08:12.0529 2900 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:08:12.0529 2900 BrFiltLo - ok
20:08:12.0560 2900 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:08:12.0560 2900 BrFiltUp - ok
20:08:12.0591 2900 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:08:12.0607 2900 Browser - ok
20:08:12.0669 2900 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:08:12.0685 2900 Brserid - ok
20:08:12.0716 2900 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:08:12.0716 2900 BrSerWdm - ok
20:08:12.0732 2900 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:08:12.0732 2900 BrUsbMdm - ok
20:08:12.0747 2900 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:08:12.0747 2900 BrUsbSer - ok
20:08:12.0778 2900 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:08:12.0794 2900 BTHMODEM - ok
20:08:12.0856 2900 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:08:12.0856 2900 bthserv - ok
20:08:12.0888 2900 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:08:12.0888 2900 cdfs - ok
20:08:12.0950 2900 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:08:12.0966 2900 cdrom - ok
20:08:13.0012 2900 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:08:13.0012 2900 CertPropSvc - ok
20:08:13.0044 2900 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:08:13.0059 2900 circlass - ok
20:08:13.0106 2900 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:08:13.0122 2900 CLFS - ok
20:08:13.0184 2900 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:08:13.0184 2900 clr_optimization_v2.0.50727_32 - ok
20:08:13.0231 2900 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:08:13.0246 2900 clr_optimization_v2.0.50727_64 - ok
20:08:13.0293 2900 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:08:13.0293 2900 CmBatt - ok
20:08:13.0324 2900 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
20:08:13.0324 2900 cmdide - ok
20:08:13.0387 2900 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
20:08:13.0402 2900 CNG - ok
20:08:13.0434 2900 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:08:13.0434 2900 Compbatt - ok
20:08:13.0480 2900 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
20:08:13.0480 2900 CompositeBus - ok
20:08:13.0496 2900 COMSysApp - ok
20:08:13.0512 2900 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:08:13.0512 2900 crcdisk - ok
20:08:13.0558 2900 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
20:08:13.0574 2900 CryptSvc - ok
20:08:13.0621 2900 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
20:08:13.0636 2900 CtClsFlt - ok
20:08:13.0699 2900 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:08:13.0714 2900 DcomLaunch - ok
20:08:13.0792 2900 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:08:13.0824 2900 defragsvc - ok
20:08:13.0870 2900 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:08:13.0886 2900 DfsC - ok
20:08:13.0948 2900 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:08:13.0964 2900 Dhcp - ok
20:08:13.0995 2900 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:08:14.0011 2900 discache - ok
20:08:14.0042 2900 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:08:14.0042 2900 Disk - ok
20:08:14.0073 2900 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:08:14.0104 2900 Dnscache - ok
20:08:14.0245 2900 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
20:08:14.0260 2900 DockLoginService - ok
20:08:14.0338 2900 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:08:14.0354 2900 dot3svc - ok
20:08:14.0416 2900 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:08:14.0463 2900 DPS - ok
20:08:14.0510 2900 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:08:14.0510 2900 drmkaud - ok
20:08:14.0635 2900 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:08:14.0650 2900 DXGKrnl - ok
20:08:14.0713 2900 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:08:14.0713 2900 EapHost - ok
20:08:15.0072 2900 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:08:15.0243 2900 ebdrv - ok
20:08:15.0446 2900 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:08:15.0446 2900 EFS - ok
20:08:15.0602 2900 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:08:15.0618 2900 ehRecvr - ok
20:08:15.0742 2900 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:08:15.0742 2900 ehSched - ok
20:08:16.0086 2900 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:08:16.0101 2900 elxstor - ok
20:08:16.0148 2900 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
20:08:16.0148 2900 ErrDev - ok
20:08:16.0257 2900 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:08:16.0288 2900 EventSystem - ok
20:08:16.0335 2900 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:08:16.0382 2900 exfat - ok
20:08:16.0413 2900 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:08:16.0460 2900 fastfat - ok
20:08:16.0569 2900 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:08:16.0585 2900 Fax - ok
20:08:16.0710 2900 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:08:16.0710 2900 fdc - ok
20:08:16.0772 2900 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:08:16.0772 2900 fdPHost - ok
20:08:16.0788 2900 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:08:16.0788 2900 FDResPub - ok
20:08:16.0819 2900 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:08:16.0819 2900 FileInfo - ok
20:08:16.0834 2900 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:08:16.0834 2900 Filetrace - ok
20:08:16.0850 2900 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:08:16.0850 2900 flpydisk - ok
20:08:16.0928 2900 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:08:16.0928 2900 FltMgr - ok
20:08:17.0053 2900 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:08:17.0131 2900 FontCache - ok
20:08:17.0302 2900 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:08:17.0318 2900 FontCache3.0.0.0 - ok
20:08:17.0396 2900 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:08:17.0412 2900 FsDepends - ok
20:08:17.0443 2900 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:08:17.0443 2900 Fs_Rec - ok
20:08:17.0505 2900 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:08:17.0505 2900 fvevol - ok
20:08:17.0536 2900 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:08:17.0536 2900 gagp30kx - ok
20:08:17.0583 2900 GameConsoleService - ok
20:08:17.0646 2900 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:08:17.0646 2900 GEARAspiWDM - ok
20:08:17.0692 2900 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
20:08:17.0692 2900 GoToAssist - ok
20:08:17.0786 2900 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:08:17.0802 2900 gpsvc - ok
20:08:17.0848 2900 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:08:17.0848 2900 hcw85cir - ok
20:08:17.0911 2900 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:08:17.0911 2900 HDAudBus - ok
20:08:17.0958 2900 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:08:17.0958 2900 HidBatt - ok
20:08:18.0004 2900 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:08:18.0004 2900 HidBth - ok
20:08:18.0036 2900 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:08:18.0036 2900 HidIr - ok
20:08:18.0082 2900 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:08:18.0082 2900 hidserv - ok
20:08:18.0114 2900 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:08:18.0114 2900 HidUsb - ok
20:08:18.0176 2900 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:08:18.0207 2900 hkmsvc - ok
20:08:18.0270 2900 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:08:18.0301 2900 HomeGroupListener - ok
20:08:18.0379 2900 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:08:18.0410 2900 HomeGroupProvider - ok
20:08:18.0472 2900 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\DRIVERS\HpSAMD.sys
20:08:18.0472 2900 HpSAMD - ok
20:08:18.0613 2900 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:08:18.0644 2900 HTTP - ok
20:08:18.0675 2900 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:08:18.0691 2900 hwpolicy - ok
20:08:18.0738 2900 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
20:08:18.0738 2900 i8042prt - ok
20:08:18.0878 2900 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
20:08:18.0940 2900 IAANTMON - ok
20:08:19.0096 2900 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
20:08:19.0096 2900 iaStor - ok
20:08:19.0190 2900 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\DRIVERS\iaStorV.sys
20:08:19.0221 2900 iaStorV - ok
20:08:19.0533 2900 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:08:19.0549 2900 idsvc - ok
20:08:20.0282 2900 igfx (babd5f9b2bcc82ce556a0baf1ae208a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:08:20.0500 2900 igfx - ok
20:08:20.0781 2900 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:08:20.0781 2900 iirsp - ok
20:08:20.0922 2900 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:08:21.0015 2900 IKEEXT - ok
20:08:21.0078 2900 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
20:08:21.0078 2900 intelide - ok
20:08:21.0140 2900 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:08:21.0140 2900 intelppm - ok
20:08:21.0218 2900 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:08:21.0234 2900 IPBusEnum - ok
20:08:21.0280 2900 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:08:21.0280 2900 IpFilterDriver - ok
20:08:21.0374 2900 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
20:08:21.0390 2900 iphlpsvc - ok
20:08:21.0421 2900 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\DRIVERS\IPMIDrv.sys
20:08:21.0436 2900 IPMIDRV - ok
20:08:21.0452 2900 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:08:21.0468 2900 IPNAT - ok
20:08:21.0639 2900 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
20:08:21.0686 2900 iPod Service - ok
20:08:21.0733 2900 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:08:21.0733 2900 IRENUM - ok
20:08:21.0764 2900 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
20:08:21.0764 2900 isapnp - ok
20:08:21.0811 2900 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\DRIVERS\msiscsi.sys
20:08:21.0842 2900 iScsiPrt - ok
20:08:21.0873 2900 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:08:21.0873 2900 kbdclass - ok
20:08:21.0936 2900 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
20:08:21.0951 2900 kbdhid - ok
20:08:21.0967 2900 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:08:21.0982 2900 KeyIso - ok
20:08:21.0998 2900 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
20:08:21.0998 2900 KSecDD - ok
20:08:22.0029 2900 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
20:08:22.0029 2900 KSecPkg - ok
20:08:22.0060 2900 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:08:22.0076 2900 ksthunk - ok
20:08:22.0138 2900 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:08:22.0201 2900 KtmRm - ok
20:08:22.0326 2900 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:08:22.0372 2900 LanmanServer - ok
20:08:22.0419 2900 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:08:22.0435 2900 LanmanWorkstation - ok
20:08:22.0466 2900 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:08:22.0466 2900 lltdio - ok
20:08:22.0513 2900 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:08:22.0528 2900 lltdsvc - ok
20:08:22.0560 2900 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:08:22.0575 2900 lmhosts - ok
20:08:22.0638 2900 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:08:22.0653 2900 LSI_FC - ok
20:08:22.0700 2900 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:08:22.0731 2900 LSI_SAS - ok
20:08:22.0731 2900 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:08:22.0731 2900 LSI_SAS2 - ok
20:08:22.0747 2900 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:08:22.0762 2900 LSI_SCSI - ok
20:08:22.0794 2900 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:08:22.0794 2900 luafv - ok
20:08:22.0809 2900 lxdx_device - ok
20:08:22.0903 2900 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
20:08:22.0903 2900 MBAMProtector - ok
20:08:23.0074 2900 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:08:23.0090 2900 MBAMService - ok
20:08:23.0137 2900 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:08:23.0137 2900 Mcx2Svc - ok
20:08:23.0184 2900 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:08:23.0184 2900 megasas - ok
20:08:23.0230 2900 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:08:23.0262 2900 MegaSR - ok
20:08:23.0355 2900 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:08:23.0371 2900 MMCSS - ok
20:08:23.0386 2900 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:08:23.0386 2900 Modem - ok
20:08:23.0418 2900 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:08:23.0418 2900 monitor - ok
20:08:23.0449 2900 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:08:23.0449 2900 mouclass - ok
20:08:23.0527 2900 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:08:23.0527 2900 mouhid - ok
20:08:24.0042 2900 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:08:24.0042 2900 mountmgr - ok
20:08:24.0042 2900 MPFP - ok
20:08:24.0104 2900 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\DRIVERS\mpio.sys
20:08:24.0120 2900 mpio - ok
20:08:24.0135 2900 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:08:24.0135 2900 mpsdrv - ok
20:08:24.0260 2900 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:08:24.0291 2900 MpsSvc - ok
20:08:24.0354 2900 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:08:24.0354 2900 MRxDAV - ok
20:08:24.0432 2900 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:08:24.0447 2900 mrxsmb - ok
20:08:24.0510 2900 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:08:24.0510 2900 mrxsmb10 - ok
20:08:24.0541 2900 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:08:24.0541 2900 mrxsmb20 - ok
20:08:24.0650 2900 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\DRIVERS\msahci.sys
20:08:24.0650 2900 msahci - ok
20:08:24.0697 2900 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\DRIVERS\msdsm.sys
20:08:24.0697 2900 msdsm - ok
20:08:24.0759 2900 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:08:24.0790 2900 MSDTC - ok
20:08:24.0837 2900 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:08:24.0837 2900 Msfs - ok
20:08:24.0853 2900 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:08:24.0868 2900 mshidkmdf - ok
20:08:24.0884 2900 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
20:08:24.0884 2900 msisadrv - ok
20:08:24.0931 2900 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:08:24.0962 2900 MSiSCSI - ok
20:08:24.0962 2900 msiserver - ok
20:08:25.0009 2900 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:08:25.0009 2900 MSKSSRV - ok
20:08:25.0040 2900 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:08:25.0040 2900 MSPCLOCK - ok
20:08:25.0040 2900 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:08:25.0040 2900 MSPQM - ok
20:08:25.0134 2900 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:08:25.0134 2900 MsRPC - ok
20:08:25.0165 2900 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
20:08:25.0165 2900 mssmbios - ok
20:08:25.0165 2900 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:08:25.0180 2900 MSTEE - ok
20:08:25.0196 2900 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:08:25.0196 2900 MTConfig - ok
20:08:25.0243 2900 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:08:25.0243 2900 Mup - ok
20:08:25.0321 2900 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:08:25.0368 2900 napagent - ok
20:08:25.0414 2900 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:08:25.0430 2900 NativeWifiP - ok
20:08:25.0539 2900 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:08:25.0555 2900 NDIS - ok
20:08:25.0586 2900 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:08:25.0586 2900 NdisCap - ok
20:08:25.0617 2900 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:08:25.0617 2900 NdisTapi - ok
20:08:25.0664 2900 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:08:25.0664 2900 Ndisuio - ok
20:08:25.0695 2900 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:08:25.0711 2900 NdisWan - ok
20:08:25.0742 2900 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:08:25.0742 2900 NDProxy - ok
20:08:25.0789 2900 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:08:25.0789 2900 NetBIOS - ok
20:08:25.0851 2900 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:08:25.0867 2900 NetBT - ok
20:08:25.0898 2900 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:08:25.0898 2900 Netlogon - ok
20:08:25.0976 2900 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:08:26.0023 2900 Netman - ok
20:08:26.0054 2900 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:08:26.0070 2900 netprofm - ok
20:08:26.0257 2900 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:08:26.0257 2900 NetTcpPortSharing - ok
20:08:26.0304 2900 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:08:26.0304 2900 nfrd960 - ok
20:08:26.0413 2900 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:08:26.0413 2900 NlaSvc - ok
20:08:26.0428 2900 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:08:26.0428 2900 Npfs - ok
20:08:26.0460 2900 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:08:26.0460 2900 nsi - ok
20:08:26.0506 2900 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:08:26.0506 2900 nsiproxy - ok
20:08:26.0834 2900 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:08:26.0896 2900 Ntfs - ok
20:08:27.0240 2900 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:08:27.0240 2900 Null - ok
20:08:27.0333 2900 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\DRIVERS\nvraid.sys
20:08:27.0349 2900 nvraid - ok
20:08:27.0396 2900 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\DRIVERS\nvstor.sys
20:08:27.0442 2900 nvstor - ok
20:08:27.0489 2900 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
20:08:27.0505 2900 nv_agp - ok
20:08:27.0708 2900 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:08:27.0739 2900 odserv - ok
20:08:27.0817 2900 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
20:08:27.0817 2900 ohci1394 - ok
20:08:27.0879 2900 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:08:27.0910 2900 ose - ok
20:08:27.0973 2900 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:08:28.0004 2900 p2pimsvc - ok
20:08:28.0144 2900 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:08:28.0144 2900 p2psvc - ok
20:08:28.0191 2900 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:08:28.0191 2900 Parport - ok
20:08:28.0254 2900 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
20:08:28.0254 2900 partmgr - ok
20:08:28.0285 2900 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:08:28.0332 2900 PcaSvc - ok
20:08:28.0378 2900 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\DRIVERS\pci.sys
20:08:28.0378 2900 pci - ok
20:08:28.0456 2900 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
20:08:28.0456 2900 pciide - ok
20:08:28.0519 2900 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:08:28.0519 2900 pcmcia - ok
20:08:28.0550 2900 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:08:28.0550 2900 pcw - ok
20:08:28.0628 2900 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:08:28.0659 2900 PEAUTH - ok
20:08:28.0753 2900 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:08:28.0768 2900 PerfHost - ok
20:08:28.0971 2900 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:08:29.0002 2900 pla - ok
20:08:29.0065 2900 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:08:29.0096 2900 PlugPlay - ok
20:08:29.0158 2900 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:08:29.0158 2900 PNRPAutoReg - ok
20:08:29.0205 2900 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:08:29.0205 2900 PNRPsvc - ok
20:08:29.0314 2900 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:08:29.0346 2900 PolicyAgent - ok
20:08:29.0424 2900 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:08:29.0486 2900 Power - ok
20:08:29.0704 2900 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:08:29.0704 2900 PptpMiniport - ok
20:08:29.0876 2900 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:08:29.0876 2900 Processor - ok
20:08:29.0954 2900 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
20:08:30.0016 2900 ProfSvc - ok
20:08:30.0048 2900 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:08:30.0048 2900 ProtectedStorage - ok
20:08:30.0094 2900 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:08:30.0110 2900 Psched - ok
20:08:30.0172 2900 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
20:08:30.0172 2900 PxHlpa64 - ok
20:08:30.0438 2900 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:08:30.0484 2900 ql2300 - ok
20:08:30.0890 2900 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:08:30.0906 2900 ql40xx - ok
20:08:30.0968 2900 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:08:31.0015 2900 QWAVE - ok
20:08:31.0030 2900 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:08:31.0030 2900 QWAVEdrv - ok
20:08:31.0046 2900 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:08:31.0062 2900 RasAcd - ok
20:08:31.0108 2900 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:08:31.0124 2900 RasAgileVpn - ok
20:08:31.0155 2900 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:08:31.0186 2900 RasAuto - ok
20:08:31.0218 2900 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:08:31.0249 2900 Rasl2tp - ok
20:08:31.0311 2900 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:08:31.0327 2900 RasMan - ok
20:08:31.0374 2900 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:08:31.0389 2900 RasPppoe - ok
20:08:31.0420 2900 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:08:31.0420 2900 RasSstp - ok
20:08:31.0514 2900 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:08:31.0608 2900 rdbss - ok
20:08:31.0670 2900 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:08:31.0670 2900 rdpbus - ok
20:08:31.0717 2900 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:08:31.0717 2900 RDPCDD - ok
20:08:31.0748 2900 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:08:31.0748 2900 RDPENCDD - ok
20:08:31.0779 2900 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:08:31.0779 2900 RDPREFMP - ok
20:08:31.0826 2900 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
20:08:31.0873 2900 RDPWD - ok
20:08:31.0920 2900 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:08:31.0935 2900 rdyboost - ok
20:08:31.0966 2900 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:08:31.0982 2900 RemoteAccess - ok
20:08:32.0029 2900 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:08:32.0076 2900 RemoteRegistry - ok
20:08:32.0107 2900 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:08:32.0138 2900 RpcEptMapper - ok
20:08:32.0169 2900 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:08:32.0169 2900 RpcLocator - ok
20:08:32.0263 2900 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:08:32.0278 2900 RpcSs - ok
20:08:32.0341 2900 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:08:32.0341 2900 rspndr - ok
20:08:32.0388 2900 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys
20:08:32.0403 2900 RSUSBSTOR - ok
20:08:32.0419 2900 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:08:32.0434 2900 SamSs - ok
20:08:32.0466 2900 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\DRIVERS\sbp2port.sys
20:08:32.0466 2900 sbp2port - ok
20:08:32.0512 2900 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:08:32.0528 2900 SCardSvr - ok
20:08:32.0606 2900 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:08:32.0606 2900 scfilter - ok
20:08:32.0762 2900 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:08:32.0793 2900 Schedule - ok
20:08:32.0871 2900 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:08:32.0871 2900 SCPolicySvc - ok
20:08:32.0902 2900 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:08:32.0965 2900 SDRSVC - ok
20:08:33.0027 2900 SeaPort - ok
20:08:33.0105 2900 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:08:33.0105 2900 secdrv - ok
20:08:33.0136 2900 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:08:33.0136 2900 seclogon - ok
20:08:33.0214 2900 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:08:33.0230 2900 SENS - ok
20:08:33.0261 2900 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:08:33.0277 2900 SensrSvc - ok
20:08:33.0292 2900 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:08:33.0308 2900 Serenum - ok
20:08:33.0324 2900 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:08:33.0324 2900 Serial - ok
20:08:33.0355 2900 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:08:33.0370 2900 sermouse - ok
20:08:33.0433 2900 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:08:33.0495 2900 SessionEnv - ok
20:08:33.0542 2900 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
20:08:33.0542 2900 sffdisk - ok
20:08:33.0573 2900 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
20:08:33.0573 2900 sffp_mmc - ok
20:08:33.0589 2900 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
20:08:33.0604 2900 sffp_sd - ok
20:08:33.0651 2900 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:08:33.0651 2900 sfloppy - ok
20:08:33.0823 2900 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
20:08:33.0870 2900 SftService - ok
20:08:34.0135 2900 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:08:34.0182 2900 SharedAccess - ok
20:08:34.0244 2900 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:08:34.0275 2900 ShellHWDetection - ok
20:08:34.0338 2900 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:08:34.0353 2900 SiSRaid2 - ok
20:08:34.0400 2900 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:08:34.0400 2900 SiSRaid4 - ok
20:08:34.0462 2900 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:08:34.0462 2900 Smb - ok
20:08:34.0525 2900 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:08:34.0525 2900 SNMPTRAP - ok
20:08:34.0556 2900 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:08:34.0572 2900 spldr - ok
20:08:34.0665 2900 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:08:34.0728 2900 Spooler - ok
20:08:35.0071 2900 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:08:35.0149 2900 sppsvc - ok
20:08:35.0383 2900 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:08:35.0430 2900 sppuinotify - ok
20:08:35.0586 2900 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
20:08:35.0586 2900 sprtsvc_DellSupportCenter - ok
20:08:35.0726 2900 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:08:35.0788 2900 srv - ok
20:08:35.0835 2900 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:08:35.0898 2900 srv2 - ok
20:08:35.0944 2900 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:08:35.0976 2900 srvnet - ok
20:08:36.0022 2900 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:08:36.0085 2900 SSDPSRV - ok
20:08:36.0100 2900 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:08:36.0116 2900 SstpSvc - ok
20:08:36.0350 2900 STacSV (444109453a2b87e6c16bcda5953e81a9) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
20:08:36.0366 2900 STacSV - ok
20:08:36.0490 2900 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:08:36.0490 2900 stexstor - ok
20:08:36.0553 2900 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
20:08:36.0568 2900 STHDA - ok
20:08:36.0678 2900 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:08:36.0724 2900 stisvc - ok
20:08:36.0740 2900 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
20:08:36.0740 2900 swenum - ok
20:08:36.0834 2900 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:08:36.0880 2900 swprv - ok
20:08:37.0099 2900 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:08:37.0192 2900 SysMain - ok
20:08:37.0364 2900 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:08:37.0395 2900 TabletInputService - ok
20:08:37.0489 2900 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:08:37.0536 2900 TapiSrv - ok
20:08:37.0582 2900 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:08:37.0582 2900 TBS - ok
20:08:37.0832 2900 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
20:08:37.0848 2900 Tcpip - ok
20:08:38.0238 2900 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
20:08:38.0269 2900 TCPIP6 - ok
20:08:38.0487 2900 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:08:38.0487 2900 tcpipreg - ok
20:08:38.0534 2900 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:08:38.0534 2900 TDPIPE - ok
20:08:38.0581 2900 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
20:08:38.0581 2900 TDTCP - ok
20:08:38.0690 2900 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:08:38.0690 2900 tdx - ok
20:08:38.0737 2900 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
20:08:38.0737 2900 TermDD - ok
20:08:38.0830 2900 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:08:38.0877 2900 TermService - ok
20:08:38.0908 2900 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:08:38.0924 2900 Themes - ok
20:08:39.0002 2900 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:08:39.0002 2900 THREADORDER - ok
20:08:39.0033 2900 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:08:39.0049 2900 TrkWks - ok
20:08:39.0174 2900 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:08:39.0189 2900 TrustedInstaller - ok
20:08:39.0236 2900 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:08:39.0236 2900 tssecsrv - ok
20:08:39.0314 2900 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:08:39.0314 2900 tunnel - ok
20:08:39.0345 2900 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:08:39.0345 2900 uagp35 - ok
20:08:39.0408 2900 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:08:39.0408 2900 udfs - ok
20:08:39.0501 2900 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:08:39.0501 2900 UI0Detect - ok
20:08:39.0579 2900 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
20:08:39.0579 2900 uliagpkx - ok
20:08:39.0642 2900 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
20:08:39.0642 2900 umbus - ok
20:08:39.0673 2900 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:08:39.0673 2900 UmPass - ok
20:08:39.0720 2900 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:08:39.0766 2900 upnphost - ok
20:08:39.0798 2900 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
20:08:39.0798 2900 USBAAPL64 - ok
20:08:39.0860 2900 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:08:39.0860 2900 usbccgp - ok
20:08:39.0922 2900 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
20:08:39.0922 2900 usbcir - ok
20:08:39.0954 2900 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
20:08:39.0954 2900 usbehci - ok
20:08:40.0016 2900 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:08:40.0016 2900 usbhub - ok
20:08:40.0047 2900 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
20:08:40.0047 2900 usbohci - ok
20:08:40.0094 2900 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:08:40.0094 2900 usbprint - ok
20:08:40.0125 2900 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:08:40.0125 2900 USBSTOR - ok
20:08:40.0203 2900 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
20:08:40.0203 2900 usbuhci - ok
20:08:40.0297 2900 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
20:08:40.0312 2900 usbvideo - ok
20:08:40.0390 2900 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:08:40.0422 2900 UxSms - ok
20:08:40.0468 2900 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:08:40.0468 2900 VaultSvc - ok
20:08:40.0500 2900 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
20:08:40.0515 2900 vdrvroot - ok
20:08:40.0593 2900 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:08:40.0656 2900 vds - ok
20:08:40.0702 2900 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:08:40.0702 2900 vga - ok
20:08:40.0734 2900 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:08:40.0734 2900 VgaSave - ok
20:08:40.0812 2900 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\DRIVERS\vhdmp.sys
20:08:40.0827 2900 vhdmp - ok
20:08:40.0858 2900 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
20:08:40.0858 2900 viaide - ok
20:08:40.0890 2900 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\DRIVERS\volmgr.sys
20:08:40.0890 2900 volmgr - ok
20:08:40.0968 2900 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:08:40.0968 2900 volmgrx - ok
20:08:40.0999 2900 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\DRIVERS\volsnap.sys
20:08:41.0014 2900 volsnap - ok
20:08:41.0061 2900 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:08:41.0124 2900 vsmraid - ok
20:08:41.0264 2900 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:08:41.0311 2900 VSS - ok
20:08:41.0794 2900 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:08:41.0794 2900 vwifibus - ok
20:08:41.0826 2900 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:08:41.0826 2900 vwififlt - ok
20:08:41.0888 2900 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:08:41.0919 2900 W32Time - ok
20:08:41.0950 2900 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:08:41.0950 2900 WacomPen - ok
20:08:42.0028 2900 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:08:42.0028 2900 WANARP - ok
20:08:42.0044 2900 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:08:42.0044 2900 Wanarpv6 - ok
20:08:42.0418 2900 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:08:42.0450 2900 WatAdminSvc - ok
20:08:42.0652 2900 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:08:42.0715 2900 wbengine - ok
20:08:42.0964 2900 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:08:42.0996 2900 WbioSrvc - ok
20:08:43.0042 2900 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:08:43.0074 2900 wcncsvc - ok
20:08:43.0105 2900 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:08:43.0152 2900 WcsPlugInService - ok
20:08:43.0245 2900 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:08:43.0245 2900 Wd - ok
20:08:43.0339 2900 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:08:43.0354 2900 Wdf01000 - ok
20:08:43.0417 2900 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:08:43.0432 2900 WdiServiceHost - ok
20:08:43.0432 2900 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:08:43.0432 2900 WdiSystemHost - ok
20:08:43.0510 2900 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:08:43.0542 2900 WebClient - ok
20:08:43.0588 2900 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:08:43.0604 2900 Wecsvc - ok
20:08:43.0651 2900 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:08:43.0651 2900 wercplsupport - ok
20:08:43.0682 2900 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:08:43.0698 2900 WerSvc - ok
20:08:43.0854 2900 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:08:43.0854 2900 WfpLwf - ok
20:08:43.0947 2900 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
20:08:43.0978 2900 WimFltr - ok
20:08:43.0994 2900 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:08:43.0994 2900 WIMMount - ok
20:08:44.0072 2900 WinDefend - ok
20:08:44.0088 2900 WinHttpAutoProxySvc - ok
20:08:44.0181 2900 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:08:44.0228 2900 Winmgmt - ok
20:08:44.0446 2900 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:08:44.0493 2900 WinRM - ok
20:08:44.0836 2900 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:08:44.0868 2900 Wlansvc - ok
20:08:44.0930 2900 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
20:08:44.0930 2900 wltrysvc - ok
20:08:45.0086 2900 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:08:45.0086 2900 WmiAcpi - ok
20:08:45.0258 2900 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:08:45.0273 2900 wmiApSrv - ok
20:08:45.0429 2900 WMPNetworkSvc - ok
20:08:45.0476 2900 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:08:45.0476 2900 WPCSvc - ok
20:08:45.0554 2900 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:08:45.0585 2900 WPDBusEnum - ok
20:08:45.0632 2900 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:08:45.0648 2900 ws2ifsl - ok
20:08:45.0663 2900 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
20:08:45.0726 2900 wscsvc - ok
20:08:45.0772 2900 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
20:08:45.0772 2900 WSDPrintDevice - ok
20:08:45.0772 2900 WSearch - ok
20:08:46.0038 2900 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
20:08:46.0116 2900 wuauserv - ok
20:08:46.0443 2900 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:08:46.0443 2900 WudfPf - ok
20:08:46.0521 2900 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:08:46.0537 2900 WUDFRd - ok
20:08:46.0662 2900 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:08:46.0662 2900 wudfsvc - ok
20:08:46.0693 2900 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:08:46.0724 2900 WwanSvc - ok
20:08:46.0802 2900 yukonw7 (79d9ce9614c955dd31aa2556b4014662) C:\Windows\system32\DRIVERS\yk62x64.sys
20:08:46.0802 2900 yukonw7 - ok
20:08:46.0833 2900 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:08:47.0161 2900 \Device\Harddisk0\DR0 - ok
20:08:47.0176 2900 Boot (0x1200) (da95cc62c3dd36d8f886bc7d401d0b4b) \Device\Harddisk0\DR0\Partition0
20:08:47.0176 2900 \Device\Harddisk0\DR0\Partition0 - ok
20:08:47.0192 2900 Boot (0x1200) (d55f103d8f93626bc96715ce52a9f530) \Device\Harddisk0\DR0\Partition1
20:08:47.0208 2900 \Device\Harddisk0\DR0\Partition1 - ok
20:08:47.0208 2900 ============================================================
20:08:47.0208 2900 Scan finished
20:08:47.0208 2900 ============================================================
20:08:47.0223 6588 Detected object count: 0
20:08:47.0223 6588 Actual detected object count: 0

Edited by Flatley, 30 May 2012 - 08:10 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users