Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

smitfraud-c.generic trojan/windows update


  • Please log in to reply
12 replies to this topic

#1 habs1998

habs1998

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:upstate ny
  • Local time:07:49 PM

Posted 21 June 2012 - 12:02 PM

hello to all the peeps out there:

when trying to install windows updates recieved these to failure errors:

windows update error code 80070005
windows update error code fffffffe
microsoft trouble shooting error code 80072ee2

ran the usual virus/malware software and found this trojan:
smitfraud-c.generic

but after removing it & rebooting the system, it keeps coming back.

Ive now run these programs, but still have the trojan & i'm still unable to update windows
AVG virus & rootkit software
Malwarebytes
Spybot S&D
Hitman Pro_36x64

Any suggestions on what I can do now, or am I totally bleeped?

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:49 PM

Posted 21 June 2012 - 12:42 PM

Hello, I moved this from WIN7 to Am I Infected..

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
  • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
  • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
  • Click the Scan your computer... button.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.

Edited by boopme, 21 June 2012 - 12:43 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 habs1998

habs1998
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:upstate ny
  • Local time:07:49 PM

Posted 21 June 2012 - 06:13 PM

Yes it did ask for a reboot.


19:09:22.0609 0772 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
19:09:22.0972 0772 ============================================================
19:09:22.0972 0772 Current date / time: 2012/06/21 19:09:22.0972
19:09:22.0972 0772 SystemInfo:
19:09:22.0972 0772
19:09:22.0972 0772 OS Version: 6.1.7601 ServicePack: 1.0
19:09:22.0972 0772 Product type: Workstation
19:09:22.0972 0772 ComputerName: JANE-PC
19:09:22.0972 0772 UserName: Administrator
19:09:22.0972 0772 Windows directory: C:\Windows
19:09:22.0972 0772 System windows directory: C:\Windows
19:09:22.0972 0772 Running under WOW64
19:09:22.0972 0772 Processor architecture: Intel x64
19:09:22.0972 0772 Number of processors: 2
19:09:22.0972 0772 Page size: 0x1000
19:09:22.0972 0772 Boot type: Normal boot
19:09:22.0973 0772 ============================================================
19:09:24.0961 0772 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:09:24.0966 0772 Drive \Device\Harddisk1\DR1 - Size: 0x772EFE00 (1.86 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:09:24.0972 0772 ============================================================
19:09:24.0972 0772 \Device\Harddisk0\DR0:
19:09:24.0972 0772 MBR partitions:
19:09:24.0972 0772 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
19:09:24.0973 0772 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x38625E6B
19:09:24.0973 0772 \Device\Harddisk1\DR1:
19:09:24.0973 0772 MBR partitions:
19:09:24.0973 0772 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x3B95A1
19:09:24.0974 0772 ============================================================
19:09:24.0991 0772 C: <-> \Device\Harddisk0\DR0\Partition1
19:09:24.0992 0772 ============================================================
19:09:24.0992 0772 Initialize success
19:09:24.0992 0772 ============================================================
19:09:47.0505 4828 ============================================================
19:09:47.0505 4828 Scan started
19:09:47.0505 4828 Mode: Manual; TDLFS;
19:09:47.0505 4828 ============================================================
19:09:48.0701 4828 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:09:48.0705 4828 1394ohci - ok
19:09:48.0726 4828 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:09:48.0729 4828 ACPI - ok
19:09:48.0735 4828 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:09:48.0739 4828 AcpiPmi - ok
19:09:48.0914 4828 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:09:48.0918 4828 AdobeFlashPlayerUpdateSvc - ok
19:09:48.0990 4828 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:09:49.0000 4828 adp94xx - ok
19:09:49.0037 4828 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:09:49.0045 4828 adpahci - ok
19:09:49.0059 4828 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:09:49.0063 4828 adpu320 - ok
19:09:49.0117 4828 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:09:49.0118 4828 AeLookupSvc - ok
19:09:49.0193 4828 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:09:49.0201 4828 AFD - ok
19:09:49.0238 4828 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:09:49.0240 4828 agp440 - ok
19:09:49.0257 4828 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:09:49.0259 4828 ALG - ok
19:09:49.0291 4828 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:09:49.0295 4828 aliide - ok
19:09:49.0318 4828 AMD External Events Utility (98ea7f7006ced103f8756b437950ce01) C:\Windows\system32\atiesrxx.exe
19:09:49.0320 4828 AMD External Events Utility - ok
19:09:49.0326 4828 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:09:49.0330 4828 amdide - ok
19:09:49.0352 4828 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:09:49.0355 4828 AmdK8 - ok
19:09:49.0618 4828 amdkmdag (3e84ad6af9f4194807fc56813f0bc100) C:\Windows\system32\DRIVERS\atikmdag.sys
19:09:49.0751 4828 amdkmdag - ok
19:09:49.0884 4828 amdkmdap (04e712dc9cb5e951d9ffacb5412b50e8) C:\Windows\system32\DRIVERS\atikmpag.sys
19:09:49.0888 4828 amdkmdap - ok
19:09:49.0903 4828 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:09:49.0905 4828 AmdPPM - ok
19:09:49.0911 4828 amdsata (cc3021d064eb6d3c2f949530e2b0ba47) C:\Windows\system32\DRIVERS\amdsata.sys
19:09:49.0912 4828 amdsata - ok
19:09:49.0945 4828 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:09:49.0949 4828 amdsbs - ok
19:09:49.0955 4828 amdxata (ffc5a0f6263574ef0d5467496b721f77) C:\Windows\system32\DRIVERS\amdxata.sys
19:09:49.0956 4828 amdxata - ok
19:09:49.0999 4828 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:09:50.0002 4828 AppID - ok
19:09:50.0033 4828 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:09:50.0035 4828 AppIDSvc - ok
19:09:50.0058 4828 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:09:50.0061 4828 Appinfo - ok
19:09:50.0070 4828 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:09:50.0072 4828 arc - ok
19:09:50.0089 4828 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:09:50.0092 4828 arcsas - ok
19:09:50.0146 4828 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:09:50.0148 4828 AsyncMac - ok
19:09:50.0172 4828 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:09:50.0174 4828 atapi - ok
19:09:50.0194 4828 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
19:09:50.0195 4828 AtiPcie - ok
19:09:50.0267 4828 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:09:50.0276 4828 AudioEndpointBuilder - ok
19:09:50.0287 4828 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:09:50.0293 4828 AudioSrv - ok
19:09:50.0359 4828 Avgfwfd (96b4456f1dca4eda506ed31c7d2d6b05) C:\Windows\system32\DRIVERS\avgfwd6a.sys
19:09:50.0361 4828 Avgfwfd - ok
19:09:50.0528 4828 avgfws (3f246752bc1309f71a737c6a90dd5295) C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
19:09:50.0548 4828 avgfws - ok
19:09:50.0794 4828 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
19:09:50.0838 4828 AVGIDSAgent - ok
19:09:51.0006 4828 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:09:51.0008 4828 AVGIDSDriver - ok
19:09:51.0043 4828 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
19:09:51.0044 4828 AVGIDSFilter - ok
19:09:51.0092 4828 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
19:09:51.0093 4828 AVGIDSHA - ok
19:09:51.0146 4828 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
19:09:51.0150 4828 Avgldx64 - ok
19:09:51.0202 4828 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
19:09:51.0204 4828 Avgmfx64 - ok
19:09:51.0253 4828 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
19:09:51.0254 4828 Avgrkx64 - ok
19:09:51.0314 4828 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
19:09:51.0322 4828 Avgtdia - ok
19:09:51.0415 4828 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:09:51.0417 4828 avgwd - ok
19:09:51.0470 4828 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:09:51.0473 4828 AxInstSV - ok
19:09:51.0540 4828 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:09:51.0547 4828 b06bdrv - ok
19:09:51.0596 4828 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:09:51.0600 4828 b57nd60a - ok
19:09:51.0637 4828 BCM42RLY (ac4e2d84de54cd3a013aeff0cc56095c) C:\Windows\system32\drivers\BCM42RLY.sys
19:09:51.0638 4828 BCM42RLY - ok
19:09:51.0796 4828 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
19:09:51.0820 4828 BCM43XX - ok
19:09:51.0970 4828 BcmVWL (d224b2e6bb543f1d8f1177d57fec2950) C:\Windows\system32\DRIVERS\bcmvwl64.sys
19:09:51.0971 4828 BcmVWL - ok
19:09:52.0022 4828 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:09:52.0025 4828 BDESVC - ok
19:09:52.0076 4828 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:09:52.0078 4828 Beep - ok
19:09:52.0155 4828 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:09:52.0165 4828 BFE - ok
19:09:52.0204 4828 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:09:52.0217 4828 BITS - ok
19:09:52.0295 4828 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:09:52.0297 4828 blbdrive - ok
19:09:52.0324 4828 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:09:52.0326 4828 bowser - ok
19:09:52.0346 4828 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:09:52.0350 4828 BrFiltLo - ok
19:09:52.0355 4828 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:09:52.0360 4828 BrFiltUp - ok
19:09:52.0397 4828 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:09:52.0400 4828 Browser - ok
19:09:52.0421 4828 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:09:52.0427 4828 Brserid - ok
19:09:52.0434 4828 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:09:52.0437 4828 BrSerWdm - ok
19:09:52.0441 4828 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:09:52.0446 4828 BrUsbMdm - ok
19:09:52.0451 4828 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:09:52.0455 4828 BrUsbSer - ok
19:09:52.0464 4828 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:09:52.0466 4828 BTHMODEM - ok
19:09:52.0526 4828 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:09:52.0529 4828 bthserv - ok
19:09:52.0556 4828 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:09:52.0559 4828 cdfs - ok
19:09:52.0589 4828 Cdr4_2K - ok
19:09:52.0655 4828 Cdralw2k (bf22b3f663e6d1662e6159ab8ea7d113) C:\Windows\system32\drivers\Cdralw2k.sys
19:09:52.0656 4828 Cdralw2k - ok
19:09:52.0691 4828 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
19:09:52.0695 4828 cdrom - ok
19:09:52.0733 4828 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:09:52.0735 4828 CertPropSvc - ok
19:09:52.0755 4828 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:09:52.0758 4828 circlass - ok
19:09:52.0797 4828 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:09:52.0801 4828 CLFS - ok
19:09:52.0867 4828 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:09:52.0871 4828 clr_optimization_v2.0.50727_32 - ok
19:09:52.0921 4828 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:09:52.0925 4828 clr_optimization_v2.0.50727_64 - ok
19:09:52.0989 4828 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:09:53.0003 4828 clr_optimization_v4.0.30319_32 - ok
19:09:53.0047 4828 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:09:53.0052 4828 clr_optimization_v4.0.30319_64 - ok
19:09:53.0081 4828 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:09:53.0082 4828 CmBatt - ok
19:09:53.0086 4828 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:09:53.0091 4828 cmdide - ok
19:09:53.0124 4828 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:09:53.0129 4828 CNG - ok
19:09:53.0147 4828 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:09:53.0150 4828 Compbatt - ok
19:09:53.0172 4828 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:09:53.0175 4828 CompositeBus - ok
19:09:53.0185 4828 COMSysApp - ok
19:09:53.0192 4828 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:09:53.0196 4828 crcdisk - ok
19:09:53.0267 4828 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
19:09:53.0269 4828 CryptSvc - ok
19:09:53.0302 4828 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:09:53.0308 4828 DcomLaunch - ok
19:09:53.0337 4828 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:09:53.0342 4828 defragsvc - ok
19:09:53.0448 4828 DellOSDservice (5cb5fd5d4f9e160052a593749507cef7) C:\Program Files\Dell\OSD\DellOSDservice.exe
19:09:53.0449 4828 DellOSDservice - ok
19:09:53.0482 4828 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:09:53.0485 4828 DfsC - ok
19:09:53.0541 4828 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:09:53.0544 4828 Dhcp - ok
19:09:53.0573 4828 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:09:53.0575 4828 discache - ok
19:09:53.0616 4828 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:09:53.0617 4828 Disk - ok
19:09:53.0644 4828 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:09:53.0647 4828 Dnscache - ok
19:09:53.0682 4828 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:09:53.0687 4828 dot3svc - ok
19:09:53.0704 4828 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:09:53.0706 4828 DPS - ok
19:09:53.0748 4828 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:09:53.0749 4828 drmkaud - ok
19:09:53.0800 4828 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:09:53.0809 4828 DXGKrnl - ok
19:09:53.0858 4828 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:09:53.0860 4828 EapHost - ok
19:09:53.0983 4828 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:09:54.0041 4828 ebdrv - ok
19:09:54.0166 4828 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:09:54.0168 4828 EFS - ok
19:09:54.0263 4828 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:09:54.0273 4828 ehRecvr - ok
19:09:54.0302 4828 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:09:54.0304 4828 ehSched - ok
19:09:54.0367 4828 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:09:54.0375 4828 elxstor - ok
19:09:54.0390 4828 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:09:54.0392 4828 ErrDev - ok
19:09:54.0456 4828 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:09:54.0461 4828 EventSystem - ok
19:09:54.0491 4828 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:09:54.0495 4828 exfat - ok
19:09:54.0541 4828 FACAP (2c1d443e14f376e8331f52f135dca9ef) C:\Windows\system32\DRIVERS\facap.sys
19:09:54.0544 4828 FACAP - ok
19:09:54.0705 4828 FAService (2b85d60e470acf871e4ef0db02e26861) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
19:09:54.0725 4828 FAService - ok
19:09:54.0870 4828 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:09:54.0873 4828 fastfat - ok
19:09:54.0942 4828 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:09:54.0952 4828 Fax - ok
19:09:54.0985 4828 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:09:54.0987 4828 fdc - ok
19:09:55.0035 4828 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:09:55.0037 4828 fdPHost - ok
19:09:55.0051 4828 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:09:55.0054 4828 FDResPub - ok
19:09:55.0071 4828 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:09:55.0072 4828 FileInfo - ok
19:09:55.0082 4828 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:09:55.0086 4828 Filetrace - ok
19:09:55.0220 4828 FLEXnet Licensing Service (8669be94f63944e4f899c3950b520241) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:09:55.0234 4828 FLEXnet Licensing Service - ok
19:09:55.0251 4828 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:09:55.0253 4828 flpydisk - ok
19:09:55.0309 4828 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:09:55.0312 4828 FltMgr - ok
19:09:55.0380 4828 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:09:55.0407 4828 FontCache - ok
19:09:55.0485 4828 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:09:55.0487 4828 FontCache3.0.0.0 - ok
19:09:55.0552 4828 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:09:55.0554 4828 FsDepends - ok
19:09:55.0602 4828 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
19:09:55.0604 4828 fssfltr - ok
19:09:55.0725 4828 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:09:55.0755 4828 fsssvc - ok
19:09:55.0876 4828 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:09:55.0877 4828 Fs_Rec - ok
19:09:55.0932 4828 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:09:55.0935 4828 fvevol - ok
19:09:55.0961 4828 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:09:55.0963 4828 gagp30kx - ok
19:09:56.0059 4828 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
19:09:56.0062 4828 GoToAssist - ok
19:09:56.0114 4828 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:09:56.0122 4828 gpsvc - ok
19:09:56.0128 4828 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:09:56.0131 4828 hcw85cir - ok
19:09:56.0143 4828 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:09:56.0145 4828 HDAudBus - ok
19:09:56.0158 4828 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:09:56.0162 4828 HidBatt - ok
19:09:56.0171 4828 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:09:56.0175 4828 HidBth - ok
19:09:56.0196 4828 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:09:56.0199 4828 HidIr - ok
19:09:56.0236 4828 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:09:56.0238 4828 hidserv - ok
19:09:56.0262 4828 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:09:56.0265 4828 HidUsb - ok
19:09:56.0333 4828 hitmanpro35 (44f92c1f913e582bef9cac66443c6230) C:\Windows\system32\drivers\hitmanpro36.sys
19:09:56.0336 4828 hitmanpro35 - ok
19:09:56.0371 4828 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:09:56.0374 4828 hkmsvc - ok
19:09:56.0413 4828 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:09:56.0418 4828 HomeGroupListener - ok
19:09:56.0461 4828 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:09:56.0465 4828 HomeGroupProvider - ok
19:09:56.0483 4828 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:09:56.0485 4828 HpSAMD - ok
19:09:56.0553 4828 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:09:56.0561 4828 HTTP - ok
19:09:56.0587 4828 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:09:56.0589 4828 hwpolicy - ok
19:09:56.0615 4828 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:09:56.0617 4828 i8042prt - ok
19:09:56.0671 4828 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:09:56.0678 4828 iaStorV - ok
19:09:56.0778 4828 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:09:56.0791 4828 idsvc - ok
19:09:56.0799 4828 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:09:56.0801 4828 iirsp - ok
19:09:56.0857 4828 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:09:56.0868 4828 IKEEXT - ok
19:09:56.0991 4828 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
19:09:57.0012 4828 IntcAzAudAddService - ok
19:09:57.0126 4828 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:09:57.0128 4828 intelide - ok
19:09:57.0154 4828 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:09:57.0157 4828 intelppm - ok
19:09:57.0197 4828 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:09:57.0200 4828 IPBusEnum - ok
19:09:57.0233 4828 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:09:57.0235 4828 IpFilterDriver - ok
19:09:57.0270 4828 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:09:57.0280 4828 iphlpsvc - ok
19:09:57.0287 4828 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:09:57.0290 4828 IPMIDRV - ok
19:09:57.0330 4828 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:09:57.0332 4828 IPNAT - ok
19:09:57.0345 4828 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:09:57.0347 4828 IRENUM - ok
19:09:57.0352 4828 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:09:57.0355 4828 isapnp - ok
19:09:57.0388 4828 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:09:57.0394 4828 iScsiPrt - ok
19:09:57.0400 4828 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:09:57.0402 4828 kbdclass - ok
19:09:57.0409 4828 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:09:57.0412 4828 kbdhid - ok
19:09:57.0446 4828 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:09:57.0448 4828 KeyIso - ok
19:09:57.0462 4828 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:09:57.0463 4828 KSecDD - ok
19:09:57.0481 4828 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:09:57.0483 4828 KSecPkg - ok
19:09:57.0491 4828 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:09:57.0493 4828 ksthunk - ok
19:09:57.0531 4828 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:09:57.0538 4828 KtmRm - ok
19:09:57.0606 4828 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:09:57.0613 4828 LanmanServer - ok
19:09:57.0672 4828 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:09:57.0676 4828 LanmanWorkstation - ok
19:09:57.0738 4828 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:09:57.0740 4828 lltdio - ok
19:09:57.0764 4828 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:09:57.0769 4828 lltdsvc - ok
19:09:57.0807 4828 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:09:57.0810 4828 lmhosts - ok
19:09:57.0856 4828 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:09:57.0859 4828 LSI_FC - ok
19:09:57.0875 4828 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:09:57.0879 4828 LSI_SAS - ok
19:09:57.0886 4828 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:09:57.0888 4828 LSI_SAS2 - ok
19:09:57.0904 4828 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:09:57.0907 4828 LSI_SCSI - ok
19:09:57.0924 4828 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:09:57.0925 4828 luafv - ok
19:09:57.0954 4828 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:09:57.0958 4828 Mcx2Svc - ok
19:09:57.0971 4828 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:09:57.0973 4828 megasas - ok
19:09:58.0005 4828 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:09:58.0011 4828 MegaSR - ok
19:09:58.0052 4828 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:09:58.0054 4828 MMCSS - ok
19:09:58.0069 4828 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:09:58.0071 4828 Modem - ok
19:09:58.0101 4828 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:09:58.0102 4828 monitor - ok
19:09:58.0117 4828 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:09:58.0119 4828 mouclass - ok
19:09:58.0132 4828 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:09:58.0134 4828 mouhid - ok
19:09:58.0163 4828 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:09:58.0165 4828 mountmgr - ok
19:09:58.0177 4828 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:09:58.0180 4828 mpio - ok
19:09:58.0196 4828 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:09:58.0198 4828 mpsdrv - ok
19:09:58.0255 4828 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:09:58.0263 4828 MpsSvc - ok
19:09:58.0296 4828 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:09:58.0301 4828 MRxDAV - ok
19:09:58.0327 4828 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:09:58.0329 4828 mrxsmb - ok
19:09:58.0371 4828 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:09:58.0374 4828 mrxsmb10 - ok
19:09:58.0407 4828 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:09:58.0409 4828 mrxsmb20 - ok
19:09:58.0436 4828 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:09:58.0439 4828 msahci - ok
19:09:58.0454 4828 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:09:58.0460 4828 msdsm - ok
19:09:58.0490 4828 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:09:58.0493 4828 MSDTC - ok
19:09:58.0551 4828 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:09:58.0552 4828 Msfs - ok
19:09:58.0565 4828 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:09:58.0567 4828 mshidkmdf - ok
19:09:58.0585 4828 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:09:58.0586 4828 msisadrv - ok
19:09:58.0648 4828 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:09:58.0653 4828 MSiSCSI - ok
19:09:58.0657 4828 msiserver - ok
19:09:58.0702 4828 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:09:58.0704 4828 MSKSSRV - ok
19:09:58.0716 4828 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:09:58.0717 4828 MSPCLOCK - ok
19:09:58.0726 4828 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:09:58.0727 4828 MSPQM - ok
19:09:58.0771 4828 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:09:58.0774 4828 MsRPC - ok
19:09:58.0798 4828 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:09:58.0800 4828 mssmbios - ok
19:09:58.0811 4828 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:09:58.0813 4828 MSTEE - ok
19:09:58.0832 4828 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:09:58.0836 4828 MTConfig - ok
19:09:58.0877 4828 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:09:58.0878 4828 Mup - ok
19:09:58.0909 4828 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:09:58.0916 4828 napagent - ok
19:09:59.0005 4828 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:09:59.0008 4828 NativeWifiP - ok
19:09:59.0077 4828 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:09:59.0085 4828 NDIS - ok
19:09:59.0115 4828 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:09:59.0118 4828 NdisCap - ok
19:09:59.0159 4828 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:09:59.0161 4828 NdisTapi - ok
19:09:59.0195 4828 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:09:59.0196 4828 Ndisuio - ok
19:09:59.0234 4828 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:09:59.0237 4828 NdisWan - ok
19:09:59.0266 4828 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:09:59.0268 4828 NDProxy - ok
19:09:59.0284 4828 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:09:59.0286 4828 NetBIOS - ok
19:09:59.0320 4828 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:09:59.0324 4828 NetBT - ok
19:09:59.0352 4828 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:09:59.0354 4828 Netlogon - ok
19:09:59.0408 4828 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:09:59.0415 4828 Netman - ok
19:09:59.0439 4828 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:09:59.0444 4828 netprofm - ok
19:09:59.0511 4828 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:09:59.0514 4828 NetTcpPortSharing - ok
19:09:59.0540 4828 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:09:59.0542 4828 nfrd960 - ok
19:09:59.0573 4828 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:09:59.0577 4828 NlaSvc - ok
19:09:59.0612 4828 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:09:59.0614 4828 Npfs - ok
19:09:59.0648 4828 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:09:59.0651 4828 nsi - ok
19:09:59.0658 4828 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:09:59.0661 4828 nsiproxy - ok
19:09:59.0738 4828 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:09:59.0753 4828 Ntfs - ok
19:09:59.0892 4828 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:09:59.0894 4828 Null - ok
19:09:59.0940 4828 nuviocir (be29aa3cba78480ab8591873197cb56a) C:\Windows\system32\DRIVERS\nuviocir_win7_x64.sys
19:09:59.0942 4828 nuviocir - ok
19:09:59.0967 4828 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:09:59.0971 4828 nvraid - ok
19:09:59.0984 4828 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:09:59.0989 4828 nvstor - ok
19:10:00.0000 4828 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:10:00.0003 4828 nv_agp - ok
19:10:00.0010 4828 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:10:00.0013 4828 ohci1394 - ok
19:10:00.0117 4828 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:10:00.0120 4828 ose - ok
19:10:00.0158 4828 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:10:00.0164 4828 p2pimsvc - ok
19:10:00.0186 4828 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:10:00.0194 4828 p2psvc - ok
19:10:00.0204 4828 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:10:00.0206 4828 Parport - ok
19:10:00.0227 4828 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:10:00.0229 4828 partmgr - ok
19:10:00.0255 4828 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:10:00.0258 4828 PcaSvc - ok
19:10:00.0388 4828 PcdrNdisuio - ok
19:10:00.0406 4828 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:10:00.0408 4828 pci - ok
19:10:00.0422 4828 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:10:00.0426 4828 pciide - ok
19:10:00.0444 4828 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:10:00.0448 4828 pcmcia - ok
19:10:00.0466 4828 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:10:00.0468 4828 pcw - ok
19:10:00.0534 4828 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:10:00.0541 4828 PEAUTH - ok
19:10:00.0615 4828 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:10:00.0618 4828 PerfHost - ok
19:10:00.0764 4828 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:10:00.0796 4828 pla - ok
19:10:00.0848 4828 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:10:00.0853 4828 PlugPlay - ok
19:10:00.0892 4828 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:10:00.0895 4828 PNRPAutoReg - ok
19:10:00.0916 4828 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:10:00.0921 4828 PNRPsvc - ok
19:10:00.0950 4828 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:10:00.0959 4828 PolicyAgent - ok
19:10:01.0000 4828 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:10:01.0006 4828 Power - ok
19:10:01.0089 4828 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:10:01.0091 4828 PptpMiniport - ok
19:10:01.0117 4828 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:10:01.0120 4828 Processor - ok
19:10:01.0176 4828 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
19:10:01.0181 4828 ProfSvc - ok
19:10:01.0208 4828 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:10:01.0210 4828 ProtectedStorage - ok
19:10:01.0265 4828 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:10:01.0268 4828 Psched - ok
19:10:01.0297 4828 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:10:01.0298 4828 PxHlpa64 - ok
19:10:01.0394 4828 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:10:01.0431 4828 ql2300 - ok
19:10:01.0553 4828 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:10:01.0557 4828 ql40xx - ok
19:10:01.0582 4828 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:10:01.0589 4828 QWAVE - ok
19:10:01.0624 4828 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:10:01.0626 4828 QWAVEdrv - ok
19:10:01.0644 4828 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:10:01.0646 4828 RasAcd - ok
19:10:01.0689 4828 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:10:01.0692 4828 RasAgileVpn - ok
19:10:01.0711 4828 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:10:01.0715 4828 RasAuto - ok
19:10:01.0742 4828 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:10:01.0745 4828 Rasl2tp - ok
19:10:01.0767 4828 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:10:01.0775 4828 RasMan - ok
19:10:01.0793 4828 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:10:01.0795 4828 RasPppoe - ok
19:10:01.0809 4828 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:10:01.0812 4828 RasSstp - ok
19:10:01.0860 4828 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:10:01.0865 4828 rdbss - ok
19:10:01.0896 4828 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:10:01.0898 4828 rdpbus - ok
19:10:01.0940 4828 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:10:01.0941 4828 RDPCDD - ok
19:10:01.0956 4828 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:10:01.0958 4828 RDPENCDD - ok
19:10:01.0971 4828 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:10:01.0973 4828 RDPREFMP - ok
19:10:02.0007 4828 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
19:10:02.0012 4828 RDPWD - ok
19:10:02.0061 4828 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:10:02.0063 4828 rdyboost - ok
19:10:02.0094 4828 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:10:02.0098 4828 RemoteAccess - ok
19:10:02.0134 4828 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:10:02.0138 4828 RemoteRegistry - ok
19:10:02.0187 4828 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:10:02.0190 4828 RpcEptMapper - ok
19:10:02.0210 4828 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:10:02.0213 4828 RpcLocator - ok
19:10:02.0257 4828 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:10:02.0263 4828 RpcSs - ok
19:10:02.0323 4828 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:10:02.0325 4828 rspndr - ok
19:10:02.0379 4828 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:10:02.0386 4828 RTL8167 - ok
19:10:02.0424 4828 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:10:02.0427 4828 SamSs - ok
19:10:02.0447 4828 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:10:02.0450 4828 sbp2port - ok
19:10:02.0502 4828 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:10:02.0521 4828 SCardSvr - ok
19:10:02.0550 4828 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:10:02.0551 4828 scfilter - ok
19:10:02.0616 4828 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:10:02.0628 4828 Schedule - ok
19:10:02.0672 4828 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:10:02.0674 4828 SCPolicySvc - ok
19:10:02.0689 4828 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:10:02.0695 4828 SDRSVC - ok
19:10:02.0802 4828 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
19:10:02.0804 4828 SeaPort - ok
19:10:02.0887 4828 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:10:02.0888 4828 secdrv - ok
19:10:02.0912 4828 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:10:02.0915 4828 seclogon - ok
19:10:02.0941 4828 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:10:02.0944 4828 SENS - ok
19:10:02.0960 4828 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:10:02.0963 4828 SensrSvc - ok
19:10:02.0968 4828 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:10:02.0972 4828 Serenum - ok
19:10:02.0981 4828 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:10:02.0983 4828 Serial - ok
19:10:02.0988 4828 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:10:02.0992 4828 sermouse - ok
19:10:03.0047 4828 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:10:03.0052 4828 SessionEnv - ok
19:10:03.0056 4828 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:10:03.0061 4828 sffdisk - ok
19:10:03.0065 4828 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:10:03.0070 4828 sffp_mmc - ok
19:10:03.0076 4828 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:10:03.0079 4828 sffp_sd - ok
19:10:03.0085 4828 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:10:03.0089 4828 sfloppy - ok
19:10:03.0145 4828 SftService (e1974a92ac0914a3859359a0a8c82c68) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
19:10:03.0151 4828 SftService - ok
19:10:03.0201 4828 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:10:03.0207 4828 SharedAccess - ok
19:10:03.0242 4828 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:10:03.0247 4828 ShellHWDetection - ok
19:10:03.0314 4828 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:10:03.0315 4828 SiSRaid2 - ok
19:10:03.0321 4828 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:10:03.0325 4828 SiSRaid4 - ok
19:10:03.0376 4828 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:10:03.0382 4828 Smb - ok
19:10:03.0432 4828 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:10:03.0435 4828 SNMPTRAP - ok
19:10:03.0448 4828 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:10:03.0449 4828 spldr - ok
19:10:03.0495 4828 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:10:03.0503 4828 Spooler - ok
19:10:03.0633 4828 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:10:03.0694 4828 sppsvc - ok
19:10:03.0802 4828 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:10:03.0806 4828 sppuinotify - ok
19:10:03.0870 4828 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:10:03.0876 4828 srv - ok
19:10:03.0907 4828 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:10:03.0914 4828 srv2 - ok
19:10:03.0935 4828 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:10:03.0939 4828 srvnet - ok
19:10:03.0983 4828 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:10:03.0987 4828 SSDPSRV - ok
19:10:04.0001 4828 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:10:04.0004 4828 SstpSvc - ok
19:10:04.0038 4828 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:10:04.0040 4828 stexstor - ok
19:10:04.0086 4828 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:10:04.0096 4828 stisvc - ok
19:10:04.0101 4828 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:10:04.0104 4828 swenum - ok
19:10:04.0129 4828 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:10:04.0138 4828 swprv - ok
19:10:04.0230 4828 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:10:04.0267 4828 SysMain - ok
19:10:04.0391 4828 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:10:04.0394 4828 TabletInputService - ok
19:10:04.0431 4828 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:10:04.0438 4828 TapiSrv - ok
19:10:04.0472 4828 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:10:04.0476 4828 TBS - ok
19:10:04.0576 4828 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:10:04.0593 4828 Tcpip - ok
19:10:04.0790 4828 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:10:04.0806 4828 TCPIP6 - ok
19:10:04.0903 4828 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:10:04.0904 4828 tcpipreg - ok
19:10:04.0934 4828 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:10:04.0936 4828 TDPIPE - ok
19:10:04.0959 4828 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:10:04.0961 4828 TDTCP - ok
19:10:05.0017 4828 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:10:05.0019 4828 tdx - ok
19:10:05.0038 4828 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:10:05.0040 4828 TermDD - ok
19:10:05.0074 4828 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:10:05.0085 4828 TermService - ok
19:10:05.0114 4828 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:10:05.0117 4828 Themes - ok
19:10:05.0144 4828 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:10:05.0147 4828 THREADORDER - ok
19:10:05.0162 4828 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:10:05.0168 4828 TrkWks - ok
19:10:05.0222 4828 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:10:05.0225 4828 TrustedInstaller - ok
19:10:05.0257 4828 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:10:05.0259 4828 tssecsrv - ok
19:10:05.0315 4828 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:10:05.0317 4828 TsUsbFlt - ok
19:10:05.0387 4828 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:10:05.0389 4828 tunnel - ok
19:10:05.0414 4828 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:10:05.0416 4828 uagp35 - ok
19:10:05.0444 4828 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:10:05.0452 4828 udfs - ok
19:10:05.0490 4828 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:10:05.0494 4828 UI0Detect - ok
19:10:05.0502 4828 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:10:05.0505 4828 uliagpkx - ok
19:10:05.0525 4828 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
19:10:05.0528 4828 umbus - ok
19:10:05.0534 4828 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:10:05.0538 4828 UmPass - ok
19:10:05.0571 4828 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:10:05.0577 4828 upnphost - ok
19:10:05.0644 4828 USB28xxBGA (1e1786e15f91183be26732e89adc1817) C:\Windows\system32\DRIVERS\emBDA64.sys
19:10:05.0654 4828 USB28xxBGA - ok
19:10:05.0685 4828 USB28xxOEM (e97f0e00adbc1bcef691c71dbee77041) C:\Windows\system32\DRIVERS\emOEM64.sys
19:10:05.0696 4828 USB28xxOEM - ok
19:10:05.0734 4828 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
19:10:05.0736 4828 usbaudio - ok
19:10:05.0745 4828 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:10:05.0747 4828 usbccgp - ok
19:10:05.0760 4828 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:10:05.0763 4828 usbcir - ok
19:10:05.0771 4828 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:10:05.0773 4828 usbehci - ok
19:10:05.0808 4828 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:10:05.0823 4828 usbhub - ok
19:10:05.0829 4828 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
19:10:05.0836 4828 usbohci - ok
19:10:05.0841 4828 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:10:05.0843 4828 usbprint - ok
19:10:05.0872 4828 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:10:05.0873 4828 usbscan - ok
19:10:05.0881 4828 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:10:05.0886 4828 USBSTOR - ok
19:10:05.0891 4828 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:10:05.0895 4828 usbuhci - ok
19:10:05.0913 4828 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
19:10:05.0919 4828 usbvideo - ok
19:10:05.0950 4828 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:10:05.0954 4828 UxSms - ok
19:10:06.0003 4828 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:10:06.0005 4828 VaultSvc - ok
19:10:06.0012 4828 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:10:06.0014 4828 vdrvroot - ok
19:10:06.0069 4828 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:10:06.0077 4828 vds - ok
19:10:06.0083 4828 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:10:06.0091 4828 vga - ok
19:10:06.0119 4828 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:10:06.0120 4828 VgaSave - ok
19:10:06.0140 4828 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:10:06.0144 4828 vhdmp - ok
19:10:06.0149 4828 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:10:06.0153 4828 viaide - ok
19:10:06.0161 4828 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:10:06.0163 4828 volmgr - ok
19:10:06.0200 4828 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:10:06.0206 4828 volmgrx - ok
19:10:06.0230 4828 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:10:06.0233 4828 volsnap - ok
19:10:06.0248 4828 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:10:06.0252 4828 vsmraid - ok
19:10:06.0338 4828 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:10:06.0374 4828 VSS - ok
19:10:06.0499 4828 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:10:06.0501 4828 vwifibus - ok
19:10:06.0543 4828 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:10:06.0545 4828 vwififlt - ok
19:10:06.0580 4828 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:10:06.0589 4828 W32Time - ok
19:10:06.0627 4828 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:10:06.0629 4828 WacomPen - ok
19:10:06.0683 4828 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:10:06.0685 4828 WANARP - ok
19:10:06.0690 4828 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:10:06.0691 4828 Wanarpv6 - ok
19:10:06.0795 4828 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:10:06.0826 4828 WatAdminSvc - ok
19:10:06.0917 4828 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:10:06.0952 4828 wbengine - ok
19:10:07.0064 4828 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:10:07.0070 4828 WbioSrvc - ok
19:10:07.0114 4828 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:10:07.0122 4828 wcncsvc - ok
19:10:07.0134 4828 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:10:07.0138 4828 WcsPlugInService - ok
19:10:07.0185 4828 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:10:07.0186 4828 Wd - ok
19:10:07.0237 4828 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:10:07.0243 4828 Wdf01000 - ok
19:10:07.0261 4828 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:10:07.0265 4828 WdiServiceHost - ok
19:10:07.0270 4828 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:10:07.0274 4828 WdiSystemHost - ok
19:10:07.0305 4828 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:10:07.0312 4828 WebClient - ok
19:10:07.0353 4828 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:10:07.0359 4828 Wecsvc - ok
19:10:07.0372 4828 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:10:07.0376 4828 wercplsupport - ok
19:10:07.0415 4828 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:10:07.0420 4828 WerSvc - ok
19:10:07.0513 4828 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:10:07.0515 4828 WfpLwf - ok
19:10:07.0573 4828 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
19:10:07.0578 4828 WimFltr - ok
19:10:07.0594 4828 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:10:07.0597 4828 WIMMount - ok
19:10:07.0641 4828 WinDefend - ok
19:10:07.0651 4828 WinHttpAutoProxySvc - ok
19:10:07.0711 4828 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:10:07.0715 4828 Winmgmt - ok
19:10:07.0812 4828 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:10:07.0855 4828 WinRM - ok
19:10:07.0995 4828 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:10:08.0004 4828 Wlansvc - ok
19:10:08.0122 4828 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:10:08.0124 4828 wlcrasvc - ok
19:10:08.0290 4828 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:10:08.0309 4828 wlidsvc - ok
19:10:08.0342 4828 wltrysvc (de816a0624d54d68e1fb8a9028dcf81a) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
19:10:08.0344 4828 wltrysvc - ok
19:10:08.0493 4828 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:10:08.0494 4828 WmiAcpi - ok
19:10:08.0551 4828 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:10:08.0555 4828 wmiApSrv - ok
19:10:08.0641 4828 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
19:10:08.0653 4828 WMPNetworkSvc - ok
19:10:08.0682 4828 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:10:08.0685 4828 WPCSvc - ok
19:10:08.0717 4828 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:10:08.0722 4828 WPDBusEnum - ok
19:10:08.0787 4828 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:10:08.0789 4828 ws2ifsl - ok
19:10:08.0802 4828 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:10:08.0806 4828 wscsvc - ok
19:10:08.0812 4828 WSearch - ok
19:10:08.0920 4828 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
19:10:08.0967 4828 wuauserv - ok
19:10:09.0114 4828 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:10:09.0116 4828 WudfPf - ok
19:10:09.0133 4828 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:10:09.0136 4828 WUDFRd - ok
19:10:09.0168 4828 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:10:09.0172 4828 wudfsvc - ok
19:10:09.0209 4828 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:10:09.0218 4828 WwanSvc - ok
19:10:09.0283 4828 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:10:09.0484 4828 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:10:09.0484 4828 \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:10:09.0492 4828 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk1\DR1
19:10:09.0661 4828 \Device\Harddisk1\DR1 - ok
19:10:09.0670 4828 Boot (0x1200) (93700df1cae9dc714479203a8ca73e78) \Device\Harddisk0\DR0\Partition0
19:10:09.0672 4828 \Device\Harddisk0\DR0\Partition0 - ok
19:10:09.0686 4828 Boot (0x1200) (d87397e4636518f0a255f70f4c969bc9) \Device\Harddisk0\DR0\Partition1
19:10:09.0688 4828 \Device\Harddisk0\DR0\Partition1 - ok
19:10:09.0694 4828 Boot (0x1200) (5404c7db2b1e6f3f26b7c9682a39b79d) \Device\Harddisk1\DR1\Partition0
19:10:09.0695 4828 \Device\Harddisk1\DR1\Partition0 - ok
19:10:09.0696 4828 ============================================================
19:10:09.0696 4828 Scan finished
19:10:09.0696 4828 ============================================================
19:10:09.0714 3220 Detected object count: 1
19:10:09.0714 3220 Actual detected object count: 1
19:10:23.0941 3220 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:10:23.0941 3220 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#4 habs1998

habs1998
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:upstate ny
  • Local time:07:49 PM

Posted 21 June 2012 - 07:31 PM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/21/2012 at 08:22 PM

Application Version : 5.1.1002

Core Rules Database Version : 8777
Trace Rules Database Version: 6589

Scan type : Complete Scan
Total Scan Time : 01:03:10

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 645
Memory threats detected : 0
Registry items scanned : 64903
Registry threats detected : 0
File items scanned : 67144
File threats detected : 52

Adware.Tracking Cookie
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\6OP09ZGL.txt [ /atdmt.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\RLNIQCQ6.txt [ /c.atdmt.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\T9VIN9GY.txt [ /clickbooth.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\T5BH17J3.txt [ /revsci.net ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\0H6B35PS.txt [ /invitemedia.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\CYHRXLTS.txt [ /doubleclick.net ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\T69BC22T.txt [ /questionmarket.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\84VU3OUN.txt [ /zedo.com ]
C:\USERS\ADMINISTRATOR\Cookies\6OP09ZGL.txt [ Cookie:administrator@atdmt.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\RLNIQCQ6.txt [ Cookie:administrator@c.atdmt.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\T9VIN9GY.txt [ Cookie:administrator@clickbooth.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\T5BH17J3.txt [ Cookie:administrator@revsci.net/ ]
C:\USERS\ADMINISTRATOR\Cookies\CYHRXLTS.txt [ Cookie:administrator@doubleclick.net/ ]
C:\USERS\ADMINISTRATOR\Cookies\T69BC22T.txt [ Cookie:administrator@questionmarket.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\84VU3OUN.txt [ Cookie:administrator@zedo.com/ ]
account.goodgamestudios.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
art.aim4media.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
cdn.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
cdn2.baronsmedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
click.searchnation.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
content.yieldmanager.edgesuite.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
convoad.technoratimedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
convoad.technoratimedia.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
core.insightexpressai.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
core.saymedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
crackle.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
demo.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
ds.serving-sys.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
files.youporn.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
i.adultswim.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
media.heavy.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
media.kyte.tv [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
media.mtvnservices.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
media.oprah.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
media.whosay.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
media1.break.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
media3.onsugar.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
media4.onsugar.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
media5.break.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
mediabrix.hs.llnwd.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
msnbcmedia.msn.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
objects.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
s0.2mdn.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
secure-uk.imrworldwide.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
secure-us.imrworldwide.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
tag.2bluemedia.hiro.tv [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
tag.blutonicmedia.hiro.tv [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
tag.mediashakers.hiro.tv [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
video.adultswim.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
videocdn.pgoamedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
vitamine.networldmedia.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]
www.entrepreneur.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\H5SYBSFB ]


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:49 PM

Posted 21 June 2012 - 07:33 PM

HI after you post SAS rerun TDSS and change the option to Cure or Delete on these..
.
19:10:23.0941 3220 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:10:23.0941 3220 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 habs1998

habs1998
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:upstate ny
  • Local time:07:49 PM

Posted 22 June 2012 - 11:38 AM

SAS report posted above, & reran TDSS & delete remaining items.
But still was unable to be able to windows update automatically, so decided to re-run my AVG/Malwares/S&D again & this is what I got:



AVG

"Scan ""Sidebar gadget scan"" completed."
"Infections";"1";"1";"0"
"Folders selected for scanning:";"Whole computer scan"
"Scan started:";"Friday, June 22, 2012, 11:01:24 AM"
"Scan finished:";"Friday, June 22, 2012, 11:32:28 AM (31 minute(s) 3 second(s))"
"Total object scanned:";"1261335"
"User who launched the scan:";"Administrator"

"Infections"
"";"File";"Infection";"Result"
"";"C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KI06I261\4485[1].pdf";"Virus found Script/PDF.Exploit";"Moved to Virus Vault"

S&D
Smitfraud-C.generic: [SBI $5926A588] Executable (File, nothing done) C:\Windows\svchost.exe Properties.size=20480 Properties.md5=2CEFF13ACE25A40BD8D97654944297CD Properties.filedate=1247534086 Properties.filedatetext=2009-07-13 21:14:45
DoubleClick: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)
Zedo: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)

--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8) 2009-01-26 SDFiles.exe (1.6.1.7) 2009-01-26 SDMain.exe (1.0.0.6) 2009-01-26 SDShred.exe (1.0.2.5) 2009-01-26 SDUpdate.exe (1.6.0.12) 2009-01-26 SDWinSec.exe (1.0.0.12) 2009-01-26 SpybotSD.exe (1.6.2.46) 2009-03-05 TeaTimer.exe (1.6.6.32) 2012-05-11 unins000.exe (51.49.0.0) 2009-01-26 Update.exe (1.6.0.7) 2009-11-04 advcheck.dll (1.6.5.20) 2007-04-02 aports.dll (2.1.0.0) 2008-06-14 DelZip179.dll (1.79.11.1) 2009-01-26 SDHelper.dll (1.6.2.14) 2008-06-19 sqlite3.dll 2009-01-26 Tools.dll (2.1.6.10) 2009-01-16 UninsSrv.dll (1.0.0.0) 2012-01-16 Includes\Adware.sbi (*) 2012-06-05 Includes\AdwareC.sbi (*) 2010-08-13 Includes\Cookies.sbi (*) 2010-12-14 Includes\Dialer.sbi (*) 2011-11-29 Includes\DialerC.sbi (*) 2012-01-31 Includes\HeavyDuty.sbi (*) 2012-06-19 Includes\Hijackers.sbi (*) 2012-05-16 Includes\HijackersC.sbi (*) 2010-09-15 Includes\iPhone.sbi (*) 2012-03-13 Includes\Keyloggers.sbi (*) 2012-03-13 Includes\KeyloggersC.sbi (*) 2004-11-29 Includes\LSP.sbi (*) 2012-06-18 Includes\Malware.sbi (*) 2012-06-19 Includes\MalwareC.sbi (*) 2011-02-24 Includes\PUPS.sbi (*) 2012-05-29 Includes\PUPSC.sbi (*) 2010-01-25 Includes\Revision.sbi (*) 2012-06-19 Includes\Security.sbi (*) 2011-12-13 Includes\SecurityC.sbi (*) 2008-06-03 Includes\Spybots.sbi (*) 2008-06-03 Includes\SpybotsC.sbi (*) 2012-01-17 Includes\Spyware.sbi (*) 2012-05-08 Includes\SpywareC.sbi (*) 2010-03-08 Includes\Tracks.uti 2011-09-28 Includes\Trojans.sbi (*) 2012-06-18 Includes\TrojansC-02.sbi (*) 2012-06-19 Includes\TrojansC-03.sbi (*) 2012-06-18 Includes\TrojansC-04.sbi (*) 2012-05-23 Includes\TrojansC-05.sbi (*) 2012-06-19 Includes\TrojansC.sbi (*) 2008-03-04 Plugins\Chai.dll 2008-03-05 Plugins\Fennel.dll 2008-02-26 Plugins\Mate.dll 2007-12-24 Plugins\TCPIPAddress.dll

Malwares
alwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.22.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Administrator :: JANE-PC [administrator]

6/22/2012 11:01:41 AM
mbam-log-2012-06-22 (11-01-41).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 552705
Time elapsed: 1 hour(s), 34 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:49 PM

Posted 22 June 2012 - 07:12 PM

Hello, 2 things I see... In Spybot on the infections found it says... nothing done.. Was there an option for something like ,Cure,Delete quarantine?

Now MBAM may have removed it with the Heuristics/Shuriken. Heuristics in MBAM means to scan system startup locations for improved detection and to target persistent malware that may be obstructing removal.

Now we should run these and see if we can spot the exploits and get Updates to work.
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed



Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 habs1998

habs1998
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:upstate ny
  • Local time:07:49 PM

Posted 23 June 2012 - 04:12 PM

All the items from previos post from S&D were deleted.

MiniToolBox results

MiniToolBox by Farbar Version: 09-06-2012
Ran by Administrator (administrator) on 23-06-2012 at 17:05:41
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Media disconnected)
Broadcom Virtual Wireless Adapter = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Jane-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : twcny.rr.com

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom Virtual Wireless Adapter
Physical Address. . . . . . . . . : 1C-65-9D-91-81-96
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : 1C-65-9D-91-81-96
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : twcny.rr.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 84-2B-2B-81-55-B5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3959:8e85:8605:9e4d%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, June 23, 2012 4:59:13 PM
Lease Expires . . . . . . . . . . : Saturday, June 30, 2012 4:59:13 PM
Default Gateway . . . . . . . . . : fe80::226:5aff:feb7:ac8e%10
192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{A410785D-0D48-402A-9E0E-3E2D0E355A62}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.twcny.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : twcny.rr.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F7A93B66-B6F7-4F10-9470-2344C23F2089}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:24e2:2cc1:e7c5:d07b(Preferred)
Link-local IPv6 Address . . . . . : fe80::24e2:2cc1:e7c5:d07b%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:4004:803::1005
74.125.228.101
74.125.228.102
74.125.228.103
74.125.228.104
74.125.228.105
74.125.228.110
74.125.228.96
74.125.228.97
74.125.228.98
74.125.228.99
74.125.228.100


Pinging google.com [74.125.228.100] with 32 bytes of data:
Reply from 74.125.228.100: bytes=32 time=45ms TTL=51
Reply from 74.125.228.100: bytes=32 time=45ms TTL=51

Ping statistics for 74.125.228.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 45ms, Maximum = 45ms, Average = 45ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=101ms TTL=52
Reply from 72.30.38.140: bytes=32 time=102ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 101ms, Maximum = 102ms, Average = 101ms
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...1c 65 9d 91 81 96 ......Broadcom Virtual Wireless Adapter
11...1c 65 9d 91 81 96 ......DW1501 Wireless-N WLAN Half-Mini Card
10...84 2b 2b 81 55 b5 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.100 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.100 276
192.168.0.100 255.255.255.255 On-link 192.168.0.100 276
192.168.0.255 255.255.255.255 On-link 192.168.0.100 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.100 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.100 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 276 ::/0 fe80::226:5aff:feb7:ac8e
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:24e2:2cc1:e7c5:d07b/128
On-link
10 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::24e2:2cc1:e7c5:d07b/128
On-link
10 276 fe80::3959:8e85:8605:9e4d/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/23/2012 05:02:16 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/23/2012 03:20:58 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/23/2012 03:07:38 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/23/2012 02:14:59 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/23/2012 01:45:25 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/23/2012 11:26:40 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/22/2012 09:08:29 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/22/2012 08:02:08 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/22/2012 07:18:31 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/22/2012 02:16:53 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (06/23/2012 04:59:41 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005

Error: (06/23/2012 04:59:41 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005

Error: (06/23/2012 04:59:40 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005

Error: (06/23/2012 04:59:40 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005

Error: (06/23/2012 04:59:20 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Cdr4_2K

Error: (06/23/2012 04:58:54 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\Cdr4_2K.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/23/2012 04:58:48 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\Cdr4_2K.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/23/2012 03:19:12 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005

Error: (06/23/2012 03:19:12 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005

Error: (06/23/2012 03:19:12 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005


Microsoft Office Sessions:
=========================
Error: (06/23/2012 05:02:16 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/23/2012 03:20:58 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/23/2012 03:07:38 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/23/2012 02:14:59 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/23/2012 01:45:25 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/23/2012 11:26:40 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/22/2012 09:08:29 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/22/2012 08:02:08 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/22/2012 07:18:31 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/22/2012 02:16:53 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

Accidental Damage Services Agreement (Version: 2.0.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader 9.5.1 (Version: 9.5.1)
ATI Catalyst Control Center (Version: 2.010.0619.2308)
ATI Catalyst Install Manager (Version: 3.0.812.0)
AVG 2012 (Version: 12.0.2180)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2180)
AVG PC Tuneup (Version: 10.0.0.27)
Bing Maps 3D (Version: 4.0.903.16005)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.0619.2309.39726)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0619.2309.39726)
Catalyst Control Center InstallProxy (Version: 2010.0619.2309.39726)
Catalyst Control Center Localization All (Version: 2010.0619.2309.39726)
ccc-core-static (Version: 2010.0619.2309.39726)
ccc-utility64 (Version: 2010.0619.2309.39726)
CCC Help Chinese Standard (Version: 2010.0619.2308.39726)
CCC Help Chinese Traditional (Version: 2010.0619.2308.39726)
CCC Help Czech (Version: 2010.0619.2308.39726)
CCC Help Danish (Version: 2010.0619.2308.39726)
CCC Help Dutch (Version: 2010.0619.2308.39726)
CCC Help English (Version: 2010.0619.2308.39726)
CCC Help Finnish (Version: 2010.0619.2308.39726)
CCC Help French (Version: 2010.0619.2308.39726)
CCC Help German (Version: 2010.0619.2308.39726)
CCC Help Greek (Version: 2010.0619.2308.39726)
CCC Help Hungarian (Version: 2010.0619.2308.39726)
CCC Help Italian (Version: 2010.0619.2308.39726)
CCC Help Japanese (Version: 2010.0619.2308.39726)
CCC Help Korean (Version: 2010.0619.2308.39726)
CCC Help Norwegian (Version: 2010.0619.2308.39726)
CCC Help Polish (Version: 2010.0619.2308.39726)
CCC Help Portuguese (Version: 2010.0619.2308.39726)
CCC Help Russian (Version: 2010.0619.2308.39726)
CCC Help Spanish (Version: 2010.0619.2308.39726)
CCC Help Swedish (Version: 2010.0619.2308.39726)
CCC Help Thai (Version: 2010.0619.2308.39726)
CCC Help Turkish (Version: 2010.0619.2308.39726)
CCleaner (Version: 3.17)
CIR Tool Kit (Version: 2.2.2010.714)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Coupon Printer for Windows (Version: 5.0.0.0)
Cozi (Version: 1.0.4323.24051)
CyberLink YouPaint (Version: 1.2.1721)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software
Dell DataSafe Local Backup (Version: 9.4.47)
Dell DataSafe Online (Version: 1.2.0011)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.5.402.0)
Dell PhotoStage (Version: 1.5.0.130)
Dell PhotoStage (Version: 1.5.0.19)
Dell Stage (Version: 1.4.173.0)
Dell Support Center (Version: 3.1.5907.12)
Dell Touch Software Suite Games (Version: 1.2.6.0)
Dell TouchCam (Version: 1.1.1615)
Dell VideoStage (Version: 1.0.0.0630)
DellOSD (Version: 1.1.2)
DirectX 9 Runtime (Version: 1.00.0000)
DW WLAN Card Utility (Version: 5.60.48.35)
FastAccess (Version: 2.4.97.1)
GoToAssist 8.0.0.514
HP Update (Version: 5.003.001.001)
Internet TV for Windows Media Center (Version: 4.2.2.0)
Java Auto Updater (Version: 2.0.7.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Touch Pack for Windows 7 (Version: 1.0.40517.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft XNA Framework Redistributable 3.0 (Version: 3.0.11010.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.1.1817.91)
QualxServ Service Agreement (Version: 2.0.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
Roxio Burn (Version: 1.01)
Roxio Easy VHS to DVD (Version: 2.0)
Skins (Version: 2010.0619.2309.39726)
Skype™ 4.2 (Version: 4.2.169)
Spybot - Search & Destroy (Version: 1.6.2)
StickyNotes (Version: 1.0.5.0)
THX TruStudio PC (Version: 1.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
WildTangent Games (Version: 1.0.0.71)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WONswap
WordPerfect Office 11 (Version: 11.0)

========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 3835.95 MB
Available physical RAM: 2204.79 MB
Total Pagefile: 7670.09 MB
Available Pagefile: 5521.15 MB
Total Virtual: 4095.88 MB
Available Virtual: 3960.03 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:401.38 GB) NTFS
3 Drive e: (KINGSTON) (Removable) (Total:1.86 GB) (Free:1.83 GB) FAT

========================= Users: ========================================

User accounts for \\JANE-PC

Administrator Guest Jane


**** End of log ****


TDSS
17:09:12.0617 4200 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
17:09:12.0979 4200 ============================================================
17:09:12.0979 4200 Current date / time: 2012/06/23 17:09:12.0979
17:09:12.0979 4200 SystemInfo:
17:09:12.0979 4200
17:09:12.0980 4200 OS Version: 6.1.7601 ServicePack: 1.0
17:09:12.0980 4200 Product type: Workstation
17:09:12.0980 4200 ComputerName: JANE-PC
17:09:12.0980 4200 UserName: Administrator
17:09:12.0980 4200 Windows directory: C:\Windows
17:09:12.0980 4200 System windows directory: C:\Windows
17:09:12.0980 4200 Running under WOW64
17:09:12.0980 4200 Processor architecture: Intel x64
17:09:12.0981 4200 Number of processors: 2
17:09:12.0981 4200 Page size: 0x1000
17:09:12.0981 4200 Boot type: Normal boot
17:09:12.0981 4200 ============================================================
17:09:17.0189 4200 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:09:17.0195 4200 Drive \Device\Harddisk1\DR1 - Size: 0x772EFE00 (1.86 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:09:17.0202 4200 ============================================================
17:09:17.0202 4200 \Device\Harddisk0\DR0:
17:09:17.0227 4200 MBR partitions:
17:09:17.0227 4200 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
17:09:17.0227 4200 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x38625E6B
17:09:17.0227 4200 \Device\Harddisk1\DR1:
17:09:17.0229 4200 MBR partitions:
17:09:17.0229 4200 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x3B95A1
17:09:17.0229 4200 ============================================================
17:09:17.0301 4200 C: <-> \Device\Harddisk0\DR0\Partition1
17:09:17.0301 4200 ============================================================
17:09:17.0301 4200 Initialize success
17:09:17.0302 4200 ============================================================
17:09:22.0280 3116 ============================================================
17:09:22.0280 3116 Scan started
17:09:22.0280 3116 Mode: Manual; TDLFS;
17:09:22.0280 3116 ============================================================
17:09:24.0679 3116 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:09:24.0687 3116 1394ohci - ok
17:09:24.0769 3116 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:09:24.0772 3116 ACPI - ok
17:09:24.0803 3116 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:09:24.0804 3116 AcpiPmi - ok
17:09:25.0365 3116 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:09:25.0369 3116 AdobeFlashPlayerUpdateSvc - ok
17:09:25.0622 3116 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:09:25.0640 3116 adp94xx - ok
17:09:25.0821 3116 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:09:25.0839 3116 adpahci - ok
17:09:25.0965 3116 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:09:25.0971 3116 adpu320 - ok
17:09:26.0020 3116 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:09:26.0022 3116 AeLookupSvc - ok
17:09:26.0286 3116 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:09:26.0313 3116 AFD - ok
17:09:26.0401 3116 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:09:26.0405 3116 agp440 - ok
17:09:26.0479 3116 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:09:26.0485 3116 ALG - ok
17:09:26.0574 3116 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:09:26.0576 3116 aliide - ok
17:09:26.0685 3116 AMD External Events Utility (98ea7f7006ced103f8756b437950ce01) C:\Windows\system32\atiesrxx.exe
17:09:26.0690 3116 AMD External Events Utility - ok
17:09:26.0748 3116 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:09:26.0750 3116 amdide - ok
17:09:26.0789 3116 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:09:26.0792 3116 AmdK8 - ok
17:09:29.0259 3116 amdkmdag (3e84ad6af9f4194807fc56813f0bc100) C:\Windows\system32\DRIVERS\atikmdag.sys
17:09:29.0442 3116 amdkmdag - ok
17:09:30.0048 3116 amdkmdap (04e712dc9cb5e951d9ffacb5412b50e8) C:\Windows\system32\DRIVERS\atikmpag.sys
17:09:30.0055 3116 amdkmdap - ok
17:09:30.0146 3116 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:09:30.0148 3116 AmdPPM - ok
17:09:30.0193 3116 amdsata (cc3021d064eb6d3c2f949530e2b0ba47) C:\Windows\system32\DRIVERS\amdsata.sys
17:09:30.0194 3116 amdsata - ok
17:09:30.0299 3116 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:09:30.0320 3116 amdsbs - ok
17:09:30.0334 3116 amdxata (ffc5a0f6263574ef0d5467496b721f77) C:\Windows\system32\DRIVERS\amdxata.sys
17:09:30.0336 3116 amdxata - ok
17:09:30.0459 3116 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:09:30.0464 3116 AppID - ok
17:09:30.0515 3116 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:09:30.0517 3116 AppIDSvc - ok
17:09:30.0588 3116 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:09:30.0591 3116 Appinfo - ok
17:09:30.0650 3116 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:09:30.0656 3116 arc - ok
17:09:30.0702 3116 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:09:30.0706 3116 arcsas - ok
17:09:30.0773 3116 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:09:30.0775 3116 AsyncMac - ok
17:09:30.0816 3116 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:09:30.0818 3116 atapi - ok
17:09:30.0867 3116 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
17:09:30.0869 3116 AtiPcie - ok
17:09:31.0143 3116 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:09:31.0150 3116 AudioEndpointBuilder - ok
17:09:31.0160 3116 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:09:31.0167 3116 AudioSrv - ok
17:09:31.0275 3116 Avgfwfd (96b4456f1dca4eda506ed31c7d2d6b05) C:\Windows\system32\DRIVERS\avgfwd6a.sys
17:09:31.0278 3116 Avgfwfd - ok
17:09:32.0120 3116 avgfws (3f246752bc1309f71a737c6a90dd5295) C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
17:09:32.0145 3116 avgfws - ok
17:09:34.0087 3116 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
17:09:34.0136 3116 AVGIDSAgent - ok
17:09:34.0527 3116 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:09:34.0531 3116 AVGIDSDriver - ok
17:09:34.0833 3116 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
17:09:34.0862 3116 AVGIDSFilter - ok
17:09:35.0107 3116 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
17:09:35.0108 3116 AVGIDSHA - ok
17:09:35.0706 3116 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
17:09:35.0715 3116 Avgldx64 - ok
17:09:36.0185 3116 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
17:09:36.0187 3116 Avgmfx64 - ok
17:09:36.0425 3116 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
17:09:36.0427 3116 Avgrkx64 - ok
17:09:36.0971 3116 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
17:09:36.0982 3116 Avgtdia - ok
17:09:37.0919 3116 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
17:09:37.0923 3116 avgwd - ok
17:09:38.0113 3116 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:09:38.0118 3116 AxInstSV - ok
17:09:38.0847 3116 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:09:38.0860 3116 b06bdrv - ok
17:09:39.0291 3116 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:09:39.0296 3116 b57nd60a - ok
17:09:40.0274 3116 BCM42RLY (ac4e2d84de54cd3a013aeff0cc56095c) C:\Windows\system32\drivers\BCM42RLY.sys
17:09:40.0276 3116 BCM42RLY - ok
17:09:42.0173 3116 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
17:09:42.0261 3116 BCM43XX - ok
17:09:42.0803 3116 BcmVWL (d224b2e6bb543f1d8f1177d57fec2950) C:\Windows\system32\DRIVERS\bcmvwl64.sys
17:09:42.0805 3116 BcmVWL - ok
17:09:42.0941 3116 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:09:42.0945 3116 BDESVC - ok
17:09:43.0028 3116 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:09:43.0031 3116 Beep - ok
17:09:43.0482 3116 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:09:43.0500 3116 BFE - ok
17:09:43.0784 3116 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
17:09:43.0835 3116 BITS - ok
17:09:43.0996 3116 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:09:43.0999 3116 blbdrive - ok
17:09:44.0109 3116 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:09:44.0112 3116 bowser - ok
17:09:44.0201 3116 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:09:44.0203 3116 BrFiltLo - ok
17:09:44.0222 3116 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:09:44.0230 3116 BrFiltUp - ok
17:09:44.0328 3116 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:09:44.0332 3116 Browser - ok
17:09:44.0397 3116 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:09:44.0404 3116 Brserid - ok
17:09:44.0458 3116 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:09:44.0461 3116 BrSerWdm - ok
17:09:44.0511 3116 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:09:44.0513 3116 BrUsbMdm - ok
17:09:44.0525 3116 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:09:44.0527 3116 BrUsbSer - ok
17:09:44.0555 3116 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:09:44.0558 3116 BTHMODEM - ok
17:09:44.0689 3116 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:09:44.0693 3116 bthserv - ok
17:09:44.0764 3116 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:09:44.0768 3116 cdfs - ok
17:09:44.0877 3116 Cdr4_2K - ok
17:09:44.0953 3116 Cdralw2k (bf22b3f663e6d1662e6159ab8ea7d113) C:\Windows\system32\drivers\Cdralw2k.sys
17:09:44.0955 3116 Cdralw2k - ok
17:09:45.0136 3116 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
17:09:45.0142 3116 cdrom - ok
17:09:45.0264 3116 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:09:45.0268 3116 CertPropSvc - ok
17:09:45.0410 3116 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:09:45.0412 3116 circlass - ok
17:09:45.0885 3116 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:09:45.0892 3116 CLFS - ok
17:09:46.0050 3116 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:09:46.0053 3116 clr_optimization_v2.0.50727_32 - ok
17:09:46.0125 3116 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:09:46.0127 3116 clr_optimization_v2.0.50727_64 - ok
17:09:46.0418 3116 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:09:46.0422 3116 clr_optimization_v4.0.30319_32 - ok
17:09:46.0659 3116 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:09:46.0663 3116 clr_optimization_v4.0.30319_64 - ok
17:09:46.0733 3116 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:09:46.0737 3116 CmBatt - ok
17:09:46.0760 3116 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:09:46.0761 3116 cmdide - ok
17:09:47.0032 3116 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:09:47.0042 3116 CNG - ok
17:09:47.0078 3116 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:09:47.0080 3116 Compbatt - ok
17:09:47.0139 3116 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:09:47.0141 3116 CompositeBus - ok
17:09:47.0169 3116 COMSysApp - ok
17:09:47.0182 3116 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:09:47.0184 3116 crcdisk - ok
17:09:47.0321 3116 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
17:09:47.0326 3116 CryptSvc - ok
17:09:47.0553 3116 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:09:47.0562 3116 DcomLaunch - ok
17:09:47.0674 3116 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:09:47.0682 3116 defragsvc - ok
17:09:47.0816 3116 DellOSDservice (5cb5fd5d4f9e160052a593749507cef7) C:\Program Files\Dell\OSD\DellOSDservice.exe
17:09:47.0817 3116 DellOSDservice - ok
17:09:47.0911 3116 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:09:47.0915 3116 DfsC - ok
17:09:48.0088 3116 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:09:48.0095 3116 Dhcp - ok
17:09:48.0149 3116 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:09:48.0151 3116 discache - ok
17:09:48.0362 3116 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:09:48.0363 3116 Disk - ok
17:09:48.0497 3116 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:09:48.0502 3116 Dnscache - ok
17:09:48.0597 3116 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:09:48.0605 3116 dot3svc - ok
17:09:48.0700 3116 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:09:48.0705 3116 DPS - ok
17:09:48.0773 3116 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:09:48.0775 3116 drmkaud - ok
17:09:49.0157 3116 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:09:49.0184 3116 DXGKrnl - ok
17:09:49.0254 3116 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:09:49.0258 3116 EapHost - ok
17:09:49.0973 3116 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:09:50.0057 3116 ebdrv - ok
17:09:50.0357 3116 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:09:50.0359 3116 EFS - ok
17:09:50.0708 3116 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:09:50.0736 3116 ehRecvr - ok
17:09:50.0823 3116 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:09:50.0837 3116 ehSched - ok
17:09:51.0477 3116 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:09:51.0493 3116 elxstor - ok
17:09:51.0541 3116 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:09:51.0543 3116 ErrDev - ok
17:09:51.0701 3116 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:09:51.0709 3116 EventSystem - ok
17:09:51.0845 3116 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:09:51.0852 3116 exfat - ok
17:09:52.0003 3116 FACAP (2c1d443e14f376e8331f52f135dca9ef) C:\Windows\system32\DRIVERS\facap.sys
17:09:52.0008 3116 FACAP - ok
17:09:53.0289 3116 FAService (2b85d60e470acf871e4ef0db02e26861) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
17:09:53.0310 3116 FAService - ok
17:09:53.0930 3116 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:09:53.0934 3116 fastfat - ok
17:09:54.0275 3116 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:09:54.0301 3116 Fax - ok
17:09:54.0341 3116 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:09:54.0343 3116 fdc - ok
17:09:54.0423 3116 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:09:54.0426 3116 fdPHost - ok
17:09:54.0482 3116 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:09:54.0483 3116 FDResPub - ok
17:09:54.0538 3116 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:09:54.0540 3116 FileInfo - ok
17:09:54.0604 3116 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:09:54.0607 3116 Filetrace - ok
17:09:55.0158 3116 FLEXnet Licensing Service (8669be94f63944e4f899c3950b520241) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:09:55.0209 3116 FLEXnet Licensing Service - ok
17:09:55.0232 3116 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:09:55.0234 3116 flpydisk - ok
17:09:55.0321 3116 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:09:55.0324 3116 FltMgr - ok
17:09:55.0603 3116 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:09:55.0635 3116 FontCache - ok
17:09:55.0824 3116 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:09:55.0826 3116 FontCache3.0.0.0 - ok
17:09:55.0915 3116 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:09:55.0917 3116 FsDepends - ok
17:09:55.0988 3116 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
17:09:55.0991 3116 fssfltr - ok
17:09:56.0564 3116 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:09:56.0615 3116 fsssvc - ok
17:09:57.0161 3116 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:09:57.0162 3116 Fs_Rec - ok
17:09:57.0326 3116 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:09:57.0331 3116 fvevol - ok
17:09:57.0411 3116 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:09:57.0414 3116 gagp30kx - ok
17:09:57.0518 3116 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
17:09:57.0521 3116 GoToAssist - ok
17:09:57.0767 3116 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:09:57.0782 3116 gpsvc - ok
17:09:57.0853 3116 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:09:57.0856 3116 hcw85cir - ok
17:09:57.0949 3116 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:09:57.0962 3116 HDAudBus - ok
17:09:57.0981 3116 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:09:57.0984 3116 HidBatt - ok
17:09:58.0040 3116 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:09:58.0043 3116 HidBth - ok
17:09:58.0084 3116 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:09:58.0086 3116 HidIr - ok
17:09:58.0160 3116 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:09:58.0162 3116 hidserv - ok
17:09:58.0213 3116 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:09:58.0215 3116 HidUsb - ok
17:09:58.0317 3116 hitmanpro35 (44f92c1f913e582bef9cac66443c6230) C:\Windows\system32\drivers\hitmanpro36.sys
17:09:58.0319 3116 hitmanpro35 - ok
17:09:58.0397 3116 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:09:58.0402 3116 hkmsvc - ok
17:09:58.0508 3116 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:09:58.0516 3116 HomeGroupListener - ok
17:09:58.0670 3116 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:09:58.0676 3116 HomeGroupProvider - ok
17:09:58.0771 3116 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:09:58.0776 3116 HpSAMD - ok
17:09:59.0065 3116 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:09:59.0078 3116 HTTP - ok
17:09:59.0113 3116 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:09:59.0114 3116 hwpolicy - ok
17:09:59.0197 3116 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:09:59.0200 3116 i8042prt - ok
17:09:59.0397 3116 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:09:59.0405 3116 iaStorV - ok
17:09:59.0803 3116 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:09:59.0828 3116 idsvc - ok
17:09:59.0993 3116 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:09:59.0995 3116 iirsp - ok
17:10:00.0368 3116 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:10:00.0397 3116 IKEEXT - ok
17:10:01.0333 3116 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
17:10:01.0392 3116 IntcAzAudAddService - ok
17:10:01.0916 3116 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:10:01.0919 3116 intelide - ok
17:10:02.0127 3116 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:10:02.0191 3116 intelppm - ok
17:10:02.0401 3116 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:10:02.0408 3116 IPBusEnum - ok
17:10:02.0482 3116 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:10:02.0490 3116 IpFilterDriver - ok
17:10:02.0674 3116 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:10:02.0689 3116 iphlpsvc - ok
17:10:02.0712 3116 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:10:02.0715 3116 IPMIDRV - ok
17:10:02.0752 3116 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:10:02.0754 3116 IPNAT - ok
17:10:02.0817 3116 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:10:02.0819 3116 IRENUM - ok
17:10:02.0831 3116 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:10:02.0833 3116 isapnp - ok
17:10:03.0031 3116 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:10:03.0046 3116 iScsiPrt - ok
17:10:03.0142 3116 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:10:03.0146 3116 kbdclass - ok
17:10:03.0161 3116 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
17:10:03.0163 3116 kbdhid - ok
17:10:03.0209 3116 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:10:03.0211 3116 KeyIso - ok
17:10:03.0286 3116 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:10:03.0288 3116 KSecDD - ok
17:10:03.0427 3116 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:10:03.0431 3116 KSecPkg - ok
17:10:03.0504 3116 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:10:03.0507 3116 ksthunk - ok
17:10:03.0631 3116 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:10:03.0640 3116 KtmRm - ok
17:10:03.0759 3116 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
17:10:03.0775 3116 LanmanServer - ok
17:10:03.0881 3116 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:10:03.0888 3116 LanmanWorkstation - ok
17:10:03.0984 3116 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:10:03.0986 3116 lltdio - ok
17:10:04.0084 3116 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:10:04.0090 3116 lltdsvc - ok
17:10:04.0121 3116 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:10:04.0123 3116 lmhosts - ok
17:10:04.0197 3116 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:10:04.0199 3116 LSI_FC - ok
17:10:04.0240 3116 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:10:04.0242 3116 LSI_SAS - ok
17:10:04.0275 3116 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:10:04.0277 3116 LSI_SAS2 - ok
17:10:04.0316 3116 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:10:04.0320 3116 LSI_SCSI - ok
17:10:04.0402 3116 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:10:04.0403 3116 luafv - ok
17:10:04.0454 3116 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:10:04.0461 3116 Mcx2Svc - ok
17:10:04.0484 3116 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:10:04.0511 3116 megasas - ok
17:10:04.0613 3116 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:10:04.0618 3116 MegaSR - ok
17:10:04.0683 3116 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:10:04.0686 3116 MMCSS - ok
17:10:04.0734 3116 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:10:04.0735 3116 Modem - ok
17:10:04.0808 3116 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:10:04.0809 3116 monitor - ok
17:10:04.0856 3116 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:10:04.0858 3116 mouclass - ok
17:10:04.0920 3116 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:10:04.0923 3116 mouhid - ok
17:10:05.0039 3116 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:10:05.0040 3116 mountmgr - ok
17:10:05.0082 3116 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:10:05.0102 3116 mpio - ok
17:10:05.0154 3116 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:10:05.0155 3116 mpsdrv - ok
17:10:05.0456 3116 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:10:05.0465 3116 MpsSvc - ok
17:10:05.0578 3116 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:10:05.0583 3116 MRxDAV - ok
17:10:05.0694 3116 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:10:05.0697 3116 mrxsmb - ok
17:10:05.0822 3116 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:10:05.0825 3116 mrxsmb10 - ok
17:10:05.0903 3116 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:10:05.0905 3116 mrxsmb20 - ok
17:10:05.0957 3116 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:10:05.0959 3116 msahci - ok
17:10:06.0022 3116 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:10:06.0026 3116 msdsm - ok
17:10:06.0076 3116 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:10:06.0081 3116 MSDTC - ok
17:10:06.0146 3116 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:10:06.0151 3116 Msfs - ok
17:10:06.0179 3116 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:10:06.0181 3116 mshidkmdf - ok
17:10:06.0222 3116 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:10:06.0223 3116 msisadrv - ok
17:10:06.0389 3116 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:10:06.0398 3116 MSiSCSI - ok
17:10:06.0406 3116 msiserver - ok
17:10:06.0506 3116 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:10:06.0508 3116 MSKSSRV - ok
17:10:06.0636 3116 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:10:06.0638 3116 MSPCLOCK - ok
17:10:06.0697 3116 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:10:06.0699 3116 MSPQM - ok
17:10:06.0881 3116 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:10:06.0889 3116 MsRPC - ok
17:10:06.0935 3116 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:10:06.0936 3116 mssmbios - ok
17:10:07.0018 3116 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:10:07.0019 3116 MSTEE - ok
17:10:07.0094 3116 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:10:07.0097 3116 MTConfig - ok
17:10:07.0161 3116 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:10:07.0163 3116 Mup - ok
17:10:07.0288 3116 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:10:07.0310 3116 napagent - ok
17:10:07.0698 3116 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:10:07.0704 3116 NativeWifiP - ok
17:10:08.0107 3116 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:10:08.0124 3116 NDIS - ok
17:10:08.0207 3116 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:10:08.0209 3116 NdisCap - ok
17:10:08.0281 3116 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:10:08.0283 3116 NdisTapi - ok
17:10:08.0351 3116 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:10:08.0353 3116 Ndisuio - ok
17:10:08.0463 3116 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:10:08.0468 3116 NdisWan - ok
17:10:08.0566 3116 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:10:08.0569 3116 NDProxy - ok
17:10:08.0655 3116 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:10:08.0658 3116 NetBIOS - ok
17:10:08.0800 3116 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:10:08.0808 3116 NetBT - ok
17:10:08.0884 3116 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:10:08.0886 3116 Netlogon - ok
17:10:09.0086 3116 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:10:09.0117 3116 Netman - ok
17:10:09.0309 3116 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:10:09.0323 3116 netprofm - ok
17:10:09.0458 3116 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:10:09.0460 3116 NetTcpPortSharing - ok
17:10:09.0534 3116 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:10:09.0537 3116 nfrd960 - ok
17:10:09.0714 3116 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:10:09.0722 3116 NlaSvc - ok
17:10:09.0776 3116 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:10:09.0778 3116 Npfs - ok
17:10:09.0835 3116 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:10:09.0837 3116 nsi - ok
17:10:09.0870 3116 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:10:09.0872 3116 nsiproxy - ok
17:10:10.0533 3116 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:10:10.0577 3116 Ntfs - ok
17:10:11.0050 3116 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:10:11.0052 3116 Null - ok
17:10:11.0117 3116 nuviocir (be29aa3cba78480ab8591873197cb56a) C:\Windows\system32\DRIVERS\nuviocir_win7_x64.sys
17:10:11.0120 3116 nuviocir - ok
17:10:11.0175 3116 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:10:11.0178 3116 nvraid - ok
17:10:11.0233 3116 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:10:11.0237 3116 nvstor - ok
17:10:11.0278 3116 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:10:11.0281 3116 nv_agp - ok
17:10:11.0308 3116 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:10:11.0311 3116 ohci1394 - ok
17:10:11.0501 3116 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:10:11.0505 3116 ose - ok
17:10:11.0643 3116 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:10:11.0651 3116 p2pimsvc - ok
17:10:11.0724 3116 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:10:11.0733 3116 p2psvc - ok
17:10:11.0762 3116 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:10:11.0765 3116 Parport - ok
17:10:11.0826 3116 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
17:10:11.0827 3116 partmgr - ok
17:10:11.0912 3116 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:10:11.0916 3116 PcaSvc - ok
17:10:12.0205 3116 PcdrNdisuio - ok
17:10:12.0293 3116 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:10:12.0298 3116 pci - ok
17:10:12.0330 3116 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:10:12.0332 3116 pciide - ok
17:10:12.0396 3116 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:10:12.0400 3116 pcmcia - ok
17:10:12.0461 3116 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:10:12.0463 3116 pcw - ok
17:10:12.0851 3116 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:10:12.0858 3116 PEAUTH - ok
17:10:13.0369 3116 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:10:13.0372 3116 PerfHost - ok
17:10:14.0218 3116 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:10:14.0251 3116 pla - ok
17:10:14.0461 3116 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:10:14.0467 3116 PlugPlay - ok
17:10:14.0516 3116 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:10:14.0520 3116 PNRPAutoReg - ok
17:10:14.0660 3116 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:10:14.0670 3116 PNRPsvc - ok
17:10:14.0909 3116 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:10:14.0931 3116 PolicyAgent - ok
17:10:15.0047 3116 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:10:15.0054 3116 Power - ok
17:10:15.0237 3116 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:10:15.0241 3116 PptpMiniport - ok
17:10:15.0284 3116 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:10:15.0287 3116 Processor - ok
17:10:15.0395 3116 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
17:10:15.0402 3116 ProfSvc - ok
17:10:15.0452 3116 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:10:15.0454 3116 ProtectedStorage - ok
17:10:15.0559 3116 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:10:15.0564 3116 Psched - ok
17:10:15.0644 3116 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
17:10:15.0645 3116 PxHlpa64 - ok
17:10:16.0352 3116 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:10:16.0393 3116 ql2300 - ok
17:10:16.0785 3116 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:10:16.0789 3116 ql40xx - ok
17:10:16.0866 3116 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:10:16.0872 3116 QWAVE - ok
17:10:16.0895 3116 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:10:16.0897 3116 QWAVEdrv - ok
17:10:16.0913 3116 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:10:16.0915 3116 RasAcd - ok
17:10:16.0985 3116 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:10:16.0987 3116 RasAgileVpn - ok
17:10:17.0059 3116 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:10:17.0071 3116 RasAuto - ok
17:10:17.0122 3116 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:10:17.0126 3116 Rasl2tp - ok
17:10:17.0304 3116 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:10:17.0316 3116 RasMan - ok
17:10:17.0471 3116 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:10:17.0486 3116 RasPppoe - ok
17:10:17.0558 3116 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:10:17.0560 3116 RasSstp - ok
17:10:17.0762 3116 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:10:17.0768 3116 rdbss - ok
17:10:17.0823 3116 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:10:17.0825 3116 rdpbus - ok
17:10:17.0859 3116 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:10:17.0861 3116 RDPCDD - ok
17:10:17.0934 3116 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:10:17.0936 3116 RDPENCDD - ok
17:10:17.0967 3116 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:10:17.0969 3116 RDPREFMP - ok
17:10:18.0097 3116 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
17:10:18.0102 3116 RDPWD - ok
17:10:18.0566 3116 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:10:18.0570 3116 rdyboost - ok
17:10:18.0650 3116 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:10:18.0653 3116 RemoteAccess - ok
17:10:18.0748 3116 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:10:18.0757 3116 RemoteRegistry - ok
17:10:18.0813 3116 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:10:18.0815 3116 RpcEptMapper - ok
17:10:18.0855 3116 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:10:18.0857 3116 RpcLocator - ok
17:10:19.0052 3116 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:10:19.0060 3116 RpcSs - ok
17:10:19.0145 3116 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:10:19.0147 3116 rspndr - ok
17:10:19.0444 3116 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:10:19.0452 3116 RTL8167 - ok
17:10:19.0515 3116 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:10:19.0517 3116 SamSs - ok
17:10:19.0621 3116 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:10:19.0625 3116 sbp2port - ok
17:10:19.0797 3116 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:10:19.0806 3116 SCardSvr - ok
17:10:19.0856 3116 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:10:19.0857 3116 scfilter - ok
17:10:20.0305 3116 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:10:20.0369 3116 Schedule - ok
17:10:20.0400 3116 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:10:20.0401 3116 SCPolicySvc - ok
17:10:20.0450 3116 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:10:20.0456 3116 SDRSVC - ok
17:10:20.0608 3116 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
17:10:20.0610 3116 SeaPort - ok
17:10:20.0728 3116 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:10:20.0730 3116 secdrv - ok
17:10:20.0770 3116 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:10:20.0774 3116 seclogon - ok
17:10:20.0821 3116 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:10:20.0824 3116 SENS - ok
17:10:20.0843 3116 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:10:20.0846 3116 SensrSvc - ok
17:10:20.0899 3116 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:10:20.0900 3116 Serenum - ok
17:10:20.0981 3116 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:10:20.0986 3116 Serial - ok
17:10:21.0036 3116 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:10:21.0038 3116 sermouse - ok
17:10:21.0167 3116 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:10:21.0176 3116 SessionEnv - ok
17:10:21.0206 3116 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:10:21.0209 3116 sffdisk - ok
17:10:21.0222 3116 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:10:21.0224 3116 sffp_mmc - ok
17:10:21.0230 3116 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:10:21.0231 3116 sffp_sd - ok
17:10:21.0259 3116 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:10:21.0262 3116 sfloppy - ok
17:10:21.0692 3116 SftService (e1974a92ac0914a3859359a0a8c82c68) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:10:21.0705 3116 SftService - ok
17:10:21.0816 3116 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:10:21.0846 3116 SharedAccess - ok
17:10:22.0024 3116 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:10:22.0033 3116 ShellHWDetection - ok
17:10:22.0248 3116 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:10:22.0251 3116 SiSRaid2 - ok
17:10:22.0330 3116 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:10:22.0348 3116 SiSRaid4 - ok
17:10:22.0478 3116 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:10:22.0482 3116 Smb - ok
17:10:22.0587 3116 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:10:22.0591 3116 SNMPTRAP - ok
17:10:22.0648 3116 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:10:22.0649 3116 spldr - ok
17:10:22.0880 3116 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:10:22.0893 3116 Spooler - ok
17:10:24.0176 3116 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:10:24.0254 3116 sppsvc - ok
17:10:24.0603 3116 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:10:24.0609 3116 sppuinotify - ok
17:10:24.0916 3116 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:10:24.0978 3116 srv - ok
17:10:25.0138 3116 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:10:25.0148 3116 srv2 - ok
17:10:25.0234 3116 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:10:25.0239 3116 srvnet - ok
17:10:25.0322 3116 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:10:25.0330 3116 SSDPSRV - ok
17:10:25.0360 3116 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:10:25.0363 3116 SstpSvc - ok
17:10:25.0389 3116 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:10:25.0391 3116 stexstor - ok
17:10:25.0506 3116 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:10:25.0526 3116 stisvc - ok
17:10:25.0569 3116 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:10:25.0573 3116 swenum - ok
17:10:25.0692 3116 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:10:25.0703 3116 swprv - ok
17:10:26.0231 3116 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:10:26.0282 3116 SysMain - ok
17:10:26.0613 3116 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:10:26.0618 3116 TabletInputService - ok
17:10:26.0753 3116 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:10:26.0789 3116 TapiSrv - ok
17:10:26.0868 3116 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:10:26.0872 3116 TBS - ok
17:10:27.0248 3116 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:10:27.0298 3116 Tcpip - ok
17:10:27.0972 3116 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:10:27.0990 3116 TCPIP6 - ok
17:10:28.0217 3116 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:10:28.0220 3116 tcpipreg - ok
17:10:28.0265 3116 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:10:28.0267 3116 TDPIPE - ok
17:10:28.0307 3116 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:10:28.0310 3116 TDTCP - ok
17:10:28.0384 3116 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:10:28.0386 3116 tdx - ok
17:10:28.0433 3116 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:10:28.0435 3116 TermDD - ok
17:10:28.0571 3116 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:10:28.0584 3116 TermService - ok
17:10:28.0639 3116 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:10:28.0644 3116 Themes - ok
17:10:28.0702 3116 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:10:28.0705 3116 THREADORDER - ok
17:10:28.0805 3116 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:10:28.0812 3116 TrkWks - ok
17:10:28.0885 3116 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:10:28.0889 3116 TrustedInstaller - ok
17:10:28.0955 3116 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:10:28.0958 3116 tssecsrv - ok
17:10:29.0038 3116 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:10:29.0042 3116 TsUsbFlt - ok
17:10:29.0151 3116 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:10:29.0154 3116 tunnel - ok
17:10:29.0193 3116 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:10:29.0196 3116 uagp35 - ok
17:10:29.0276 3116 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:10:29.0283 3116 udfs - ok
17:10:29.0351 3116 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:10:29.0355 3116 UI0Detect - ok
17:10:29.0435 3116 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:10:29.0438 3116 uliagpkx - ok
17:10:29.0519 3116 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:10:29.0524 3116 umbus - ok
17:10:29.0553 3116 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:10:29.0555 3116 UmPass - ok
17:10:29.0702 3116 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:10:29.0727 3116 upnphost - ok
17:10:29.0918 3116 USB28xxBGA (1e1786e15f91183be26732e89adc1817) C:\Windows\system32\DRIVERS\emBDA64.sys
17:10:29.0937 3116 USB28xxBGA - ok
17:10:30.0119 3116 USB28xxOEM (e97f0e00adbc1bcef691c71dbee77041) C:\Windows\system32\DRIVERS\emOEM64.sys
17:10:30.0174 3116 USB28xxOEM - ok
17:10:30.0340 3116 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
17:10:30.0345 3116 usbaudio - ok
17:10:30.0389 3116 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:10:30.0392 3116 usbccgp - ok
17:10:30.0428 3116 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:10:30.0439 3116 usbcir - ok
17:10:30.0478 3116 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:10:30.0480 3116 usbehci - ok
17:10:30.0689 3116 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:10:30.0695 3116 usbhub - ok
17:10:30.0766 3116 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:10:30.0769 3116 usbohci - ok
17:10:30.0813 3116 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:10:30.0814 3116 usbprint - ok
17:10:30.0907 3116 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:10:30.0909 3116 usbscan - ok
17:10:30.0990 3116 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:10:30.0993 3116 USBSTOR - ok
17:10:31.0013 3116 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:10:31.0016 3116 usbuhci - ok
17:10:31.0159 3116 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
17:10:31.0165 3116 usbvideo - ok
17:10:31.0254 3116 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:10:31.0259 3116 UxSms - ok
17:10:31.0316 3116 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:10:31.0318 3116 VaultSvc - ok
17:10:31.0415 3116 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:10:31.0416 3116 vdrvroot - ok
17:10:31.0745 3116 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:10:31.0782 3116 vds - ok
17:10:31.0864 3116 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:10:31.0867 3116 vga - ok
17:10:31.0926 3116 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:10:31.0929 3116 VgaSave - ok
17:10:31.0989 3116 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:10:31.0993 3116 vhdmp - ok
17:10:32.0000 3116 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:10:32.0002 3116 viaide - ok
17:10:32.0028 3116 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:10:32.0030 3116 volmgr - ok
17:10:32.0139 3116 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:10:32.0143 3116 volmgrx - ok
17:10:32.0306 3116 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:10:32.0312 3116 volsnap - ok
17:10:32.0418 3116 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:10:32.0423 3116 vsmraid - ok
17:10:32.0947 3116 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:10:32.0999 3116 VSS - ok
17:10:33.0391 3116 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:10:33.0393 3116 vwifibus - ok
17:10:33.0460 3116 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:10:33.0462 3116 vwififlt - ok
17:10:33.0595 3116 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:10:33.0611 3116 W32Time - ok
17:10:33.0670 3116 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:10:33.0674 3116 WacomPen - ok
17:10:33.0750 3116 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:10:33.0754 3116 WANARP - ok
17:10:33.0780 3116 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:10:33.0782 3116 Wanarpv6 - ok
17:10:34.0557 3116 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:10:34.0592 3116 WatAdminSvc - ok
17:10:35.0147 3116 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:10:35.0185 3116 wbengine - ok
17:10:35.0578 3116 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:10:35.0584 3116 WbioSrvc - ok
17:10:35.0658 3116 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:10:35.0668 3116 wcncsvc - ok
17:10:35.0693 3116 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:10:35.0699 3116 WcsPlugInService - ok
17:10:35.0799 3116 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:10:35.0802 3116 Wd - ok
17:10:36.0475 3116 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:10:36.0486 3116 Wdf01000 - ok
17:10:36.0538 3116 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:10:36.0542 3116 WdiServiceHost - ok
17:10:36.0548 3116 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:10:36.0551 3116 WdiSystemHost - ok
17:10:36.0609 3116 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:10:36.0616 3116 WebClient - ok
17:10:36.0679 3116 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:10:36.0685 3116 Wecsvc - ok
17:10:36.0729 3116 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:10:36.0732 3116 wercplsupport - ok
17:10:36.0804 3116 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:10:36.0813 3116 WerSvc - ok
17:10:36.0966 3116 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:10:36.0968 3116 WfpLwf - ok
17:10:37.0080 3116 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
17:10:37.0100 3116 WimFltr - ok
17:10:37.0151 3116 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:10:37.0155 3116 WIMMount - ok
17:10:37.0212 3116 WinDefend - ok
17:10:37.0229 3116 WinHttpAutoProxySvc - ok
17:10:37.0353 3116 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:10:37.0360 3116 Winmgmt - ok
17:10:37.0905 3116 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:10:37.0960 3116 WinRM - ok
17:10:38.0334 3116 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:10:38.0343 3116 Wlansvc - ok
17:10:38.0447 3116 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:10:38.0450 3116 wlcrasvc - ok
17:10:39.0053 3116 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:10:39.0074 3116 wlidsvc - ok
17:10:39.0131 3116 wltrysvc (de816a0624d54d68e1fb8a9028dcf81a) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
17:10:39.0132 3116 wltrysvc - ok
17:10:39.0551 3116 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:10:39.0556 3116 WmiAcpi - ok
17:10:39.0831 3116 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:10:39.0835 3116 wmiApSrv - ok
17:10:40.0535 3116 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
17:10:40.0589 3116 WMPNetworkSvc - ok
17:10:40.0672 3116 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:10:40.0680 3116 WPCSvc - ok
17:10:40.0836 3116 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:10:40.0844 3116 WPDBusEnum - ok
17:10:40.0923 3116 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:10:40.0925 3116 ws2ifsl - ok
17:10:40.0969 3116 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
17:10:40.0973 3116 wscsvc - ok
17:10:40.0986 3116 WSearch - ok
17:10:41.0595 3116 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
17:10:41.0656 3116 wuauserv - ok
17:10:41.0837 3116 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:10:41.0839 3116 WudfPf - ok
17:10:41.0886 3116 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:10:41.0891 3116 WUDFRd - ok
17:10:41.0956 3116 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:10:41.0960 3116 wudfsvc - ok
17:10:42.0094 3116 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:10:42.0123 3116 WwanSvc - ok
17:10:42.0226 3116 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
17:10:43.0895 3116 \Device\Harddisk0\DR0 - ok
17:10:43.0907 3116 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk1\DR1
17:10:44.0092 3116 \Device\Harddisk1\DR1 - ok
17:10:44.0109 3116 Boot (0x1200) (93700df1cae9dc714479203a8ca73e78) \Device\Harddisk0\DR0\Partition0
17:10:44.0111 3116 \Device\Harddisk0\DR0\Partition0 - ok
17:10:44.0136 3116 Boot (0x1200) (d87397e4636518f0a255f70f4c969bc9) \Device\Harddisk0\DR0\Partition1
17:10:44.0138 3116 \Device\Harddisk0\DR0\Partition1 - ok
17:10:44.0145 3116 Boot (0x1200) (75ce32ed17c59ebdd6f5138d4dc52571) \Device\Harddisk1\DR1\Partition0
17:10:44.0148 3116 \Device\Harddisk1\DR1\Partition0 - ok
17:10:44.0151 3116 ============================================================
17:10:44.0151 3116 Scan finished
17:10:44.0151 3116 ============================================================
17:10:44.0171 5132 Detected object count: 0
17:10:44.0171 5132 Actual detected object count: 0

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:49 PM

Posted 23 June 2012 - 09:52 PM

This is exploitble...Uninstall Adobe Reader 9.5.1 (Version: 9.5.1)
Reboot

Update to Adobe Reader X (10.1.0)
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional





See Windows Update error 80072ee2
To add the Windows Update websites to a firewall exceptions.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 habs1998

habs1998
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:upstate ny
  • Local time:07:49 PM

Posted 25 June 2012 - 08:13 AM

Updated Adobe Reader but still getting windows update error 80070005

Windows could not search for new updates

An error occured while checking for new updates for your computer.

Error(s) found:
Code 80070005 Windows Update encountered an unknown error.


#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:49 PM

Posted 25 June 2012 - 10:07 AM

Let's My link Reset and Re-register Windows Update Components Use Option Two.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 habs1998

habs1998
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:upstate ny
  • Local time:07:49 PM

Posted 10 July 2012 - 02:56 AM

Thank you very much....I believe i'm all set now.

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:49 PM

Posted 10 July 2012 - 08:37 PM

Great!! If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users