Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

redirect to Yahoo Developer Console


  • Please log in to reply
5 replies to this topic

#1 diageminc

diageminc

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:07 PM

Posted 03 July 2012 - 01:59 PM

Hello,

Everyone once in a while when i go to my home page (www.google.com) i get redirected to http://developer.yql connsole, this happens with all computers in the LAN, the problem is not persistent, for days everything would work fine and then all of a sudden i would get redirects.... from browsing the forum i noticed other users were having the same issue, i will greatly appreciate if someone can help me out.

thanks

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:07 AM

Posted 03 July 2012 - 08:27 PM

Hello diageminc

Lets get a little information and run a couple tools.


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

This post has been edited by Farbar: 25 May 2012 - 03:45 PM





Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).




Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. [color=green]In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 diageminc

diageminc
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:07 PM

Posted 05 July 2012 - 10:56 AM

Thanks for your help, here are the reports you requested


MiniToolBox by Farbar Version: 25-06-2012
Ran by amit (administrator) on 05-07-2012 at 08:31:19
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom 802.11n Network Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : amitlenovo
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-26-82-4B-39-32
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 2C-81-58-BD-3B-2E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 802.11n Network Adapter
Physical Address. . . . . . . . . : 00-26-82-4B-39-32
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::49ac:17b7:2b4:9560%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, July 05, 2012 7:31:57 AM
Lease Expires . . . . . . . . . . : Friday, July 06, 2012 7:31:57 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 318776962
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-D6-2F-B6-00-25-11-63-4B-76
DNS Servers . . . . . . . . . . . : 192.168.2.1
68.238.64.12
68.238.128.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : test.com
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-25-11-63-4B-76
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9197043D-A5B8-4AE6-B9B4-A92C071BF6CB}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3021:3d9b:3f57:fd98(Preferred)
Link-local IPv6 Address . . . . . : fe80::3021:3d9b:3f57:fd98%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.2.1

Name: google.com
Addresses: 2001:4860:4007:800::100e
74.125.239.7
74.125.239.1
74.125.239.4
74.125.239.14
74.125.239.6
74.125.239.2
74.125.239.0
74.125.239.9
74.125.239.3
74.125.239.5
74.125.239.8


Pinging google.com [74.125.239.8] with 32 bytes of data:
Reply from 74.125.239.8: bytes=32 time=29ms TTL=55
Reply from 74.125.239.8: bytes=32 time=29ms TTL=55

Ping statistics for 74.125.239.8:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 29ms, Maximum = 29ms, Average = 29ms
Server: UnKnown
Address: 192.168.2.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=76ms TTL=56
Reply from 209.191.122.70: bytes=32 time=74ms TTL=56

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 74ms, Maximum = 76ms, Average = 75ms
Server: UnKnown
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 4ms, Average = 3ms
===========================================================================
Interface List
20...00 26 82 4b 39 32 ......Microsoft Virtual WiFi Miniport Adapter
13...2c 81 58 bd 3b 2e ......Bluetooth Device (Personal Area Network)
11...00 26 82 4b 39 32 ......Broadcom 802.11n Network Adapter
10...00 25 11 63 4b 76 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.103 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.103 281
192.168.2.103 255.255.255.255 On-link 192.168.2.103 281
192.168.2.255 255.255.255.255 On-link 192.168.2.103 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.103 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.103 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:3021:3d9b:3f57:fd98/128
On-link
11 281 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::3021:3d9b:3f57:fd98/128
On-link
11 281 fe80::49ac:17b7:2b4:9560/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 16 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 17 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 18 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 19 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 20 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/05/2012 08:15:53 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/05/2012 08:15:50 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/05/2012 08:15:41 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/05/2012 08:15:35 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/05/2012 08:15:34 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/05/2012 08:15:34 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/05/2012 08:15:34 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/05/2012 08:15:33 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/05/2012 08:15:33 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/05/2012 08:15:33 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (07/05/2012 07:31:50 AM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (07/03/2012 03:12:09 PM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (07/03/2012 01:49:28 PM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (07/03/2012 01:19:43 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the QBCFMonitorService service to connect.

Error: (07/03/2012 01:19:12 PM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (07/03/2012 01:06:54 PM) (Source: DCOM) (User: amitlenovo)
Description: application-specificLocalActivation{D3DCB472-7261-43CE-924B-0704BD730D5F}{D3DCB472-7261-43CE-924B-0704BD730D5F}amitlenovoamitS-1-5-21-441121017-1560239404-2709421132-1001LocalHost (Using LRPC)

Error: (07/03/2012 01:06:54 PM) (Source: DCOM) (User: amitlenovo)
Description: application-specificLocalActivation{145B4335-FE2A-4927-A040-7C35AD3180EF}{145B4335-FE2A-4927-A040-7C35AD3180EF}amitlenovoamitS-1-5-21-441121017-1560239404-2709421132-1001LocalHost (Using LRPC)

Error: (07/03/2012 08:28:52 AM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (07/03/2012 08:28:50 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:27:14 AM on ?7/?3/?2012 was unexpected.

Error: (07/03/2012 07:49:57 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server (UPSWSDBSERVER) service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (07/05/2012 08:15:53 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/05/2012 08:15:50 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/05/2012 08:15:41 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/05/2012 08:15:35 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/05/2012 08:15:34 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/05/2012 08:15:34 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/05/2012 08:15:34 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/05/2012 08:15:33 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/05/2012 08:15:33 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/05/2012 08:15:33 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 8.2.4)
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Adobe AIR (Version: 2.0.3.13070)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
Adobe Flash Player 10 Plugin (Version: 10.3.183.7)
Adobe Photoshop CS (Version: CS)
Adobe Reader 9.4.6 (Version: 9.4.6)
AdWordAccelerator 3.0
AlignmentUtility (Version: 15.00.0000)
Apple Application Support (Version: 1.4.1)
Apple Software Update (Version: 2.1.1.116)
Ask Toolbar (Version: 1.15.4.0)
AudibleManager (Version: 2130567168.1990987482.1638264.2001404957)
Avira Free Antivirus (Version: 12.0.0.1125)
Avira SearchFree Toolbar plus Web Protection Updater (Version: 1.3.0.23930)
Banner Designer Pro v4.0 (Version: 4.0)
Batch File Renamer 2.51
Broadcom 802.11 Wireless Driver (Version: 1.0.0.0)
CamSuite (Version: 3.0.3328.1)
CCC (Version: 15.00.0000)
Chinese Simplified Fonts Support For Adobe Reader 9 (Version: 9.0.0)
Corel Paint Shop Pro Photo XI (Version: 11.00.0000)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (Version: 10.5.0.0)
DAZzle
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Download Updater (AOL LLC)
DYMO Label Software
DYMO Label v.8 (Version: 8.2.1.913)
DYMO LabelWriter Drivers (Version: 8.1.0.364)
DYMO Printable Postage (Version: 2.5)
Endicia Professional (Version: 5.11)
Excel Remove (Delete, Replace) Text, Spaces & Characters From C
EZBack-it-up 2.0.1 (Version: 2.0.1)
FanSpeedControl (Version: 1.00.00.13)
FileZilla Client 3.5.0 (Version: 3.5.0)
FormsComponent (Version: 15.00.0000)
FOSS (Version: 15.00.0400)
Google AdWords Editor (Version: 7.6.1)
Google Chrome (Version: 20.0.1132.47)
Google Earth Plug-in (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.111)
Hybrid TV (Version: 6.14.10373)
ICCHelp (Version: 1.0.0.2)
inFlow Inventory (Version: 2.4.0.3)
inFlow Inventory 64-bit (Version: 2.4.0.3)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Labeler (Version: 6.0)
Lenovo Bluetooth with Enhanced Data Rate Software (Version: 6.2.1.700)
Lenovo Driver and Application Installation (Version: 5.1.0.0927)
Lenovo Power2Go (Version: 6.0.3026)
Lenovo Rescue System (Version: 3.0.0827)
Lenovo Screensaver (Version: 1.0.9.090919)
LIVE! OSD 0.05 (Version: 0.05)
LogMeIn (Version: 4.1.1586)
LVT (Version: 4.1.0.0902)
LXH-JME8002B Hotkey Driver (Version: 5.0.0825)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MediaShow (Version: 4.1.3224.15874)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Backward compatibility (Version: 8.05.1054)
Microsoft SQL Server 2005 Express Edition (INFLOWSQL) (Version: 9.4.5000.00)
Microsoft SQL Server 2005 Express Edition (UPSWSDBSERVER) (Version: 9.4.5000.00)
Microsoft SQL Server 2008 R2 (64-bit)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.50.1600.1)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.50.1600.1)
Microsoft SQL Server Management Objects Collection (Version: 9.00.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Move Media Player
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
Mr Smooth (Version: 1.0)
Mr Smooth (Version: v1.0F)
Mr Smooth v1.0
MSIChecker (Version: 9.00.0000)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
NA1Messenger (Version: 15.00.0000)
NRF (Version: 15.00.0000)
NVIDIA Drivers (Version: 1.8)
PolicyManager (Version: 15.00.0000)
Printer Configuration Utility (Version: 1.6.56)
QuickBooks (Version: 18.0.4010.606)
QuickBooks Pro 2008 (Version: 18.0.4010.606)
QuickTime (Version: 7.69.80.9)
Realtek Ethernet Controller Driver (Version: 1.00.0008)
Realtek High Definition Audio Driver (Version: 6.0.1.5953)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30102)
Reconciler (Version: 15.00.0400)
ReportServer (Version: 15.00.0400)
ShipWorks 2.9.49 (Version: 2.9.49)
ShipWorks® 3.1.19.3230 (Version: 3.1.19.3230)
SixBit eCommerce Solution (Version: 1.00.070)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
SUPERAntiSpyware (Version: 5.0.1146)
SupportSoft Assisted Service (Version: 15)
SupportUtility (Version: 15.00.0000)
System (Version: 15.00.0000)
ThemeWallpaper (Version: 1.1.0.090902)
UnifiedPrinting (Version: 15.00.0000)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
UPS WorldShip (Version: 15.0)
UPSDB (Version: 15.00.0000)
UPSICC (Version: 1.0.0.16)
UPSlinkHTTP (Version: 1.0.0.13)
UPSVC2008MM (Version: 1.00.0000)
UPSVCMM (Version: 12.00.0000)
WebEx
WebHelp (Version: 1.00.0000)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (Version: 09/11/2009 6.2.0.9407)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Driver Package - YUAN High-Tech Development Co., Ltd (ATIAVPCI) MEDIA (07/16/2009 6.14.10.373) (Version: 07/16/2009 6.14.10.373)
WinRAR archiver
WorldShip (Version: 15.00.0400)
WSShared (Version: 15.00.0400)

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 4095.24 MB
Available physical RAM: 2459.99 MB
Total Pagefile: 8188.68 MB
Available Pagefile: 5679.71 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.64 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:440.59 GB) (Free:334.48 GB) NTFS
3 Drive e: (VERBATIM) (Fixed) (Total:298.02 GB) (Free:50.66 GB) FAT32

========================= Users: ========================================

User accounts for \\AMITLENOVO

Administrator amit ASPNET
Guest


**** End of log ****



Malwarebytes Anti-Malware (PRO) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.05.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
amit :: AMITLENOVO [administrator]

Protection: Enabled

7/5/2012 8:33:24 AM
mbam-log-2012-07-05 (08-33-24).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 241156
Time elapsed: 9 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



08:53:29.0455 5612 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
08:53:29.0995 5612 ============================================================
08:53:29.0995 5612 Current date / time: 2012/07/05 08:53:29.0995
08:53:29.0995 5612 SystemInfo:
08:53:29.0995 5612
08:53:29.0995 5612 OS Version: 6.1.7601 ServicePack: 1.0
08:53:29.0995 5612 Product type: Workstation
08:53:29.0996 5612 ComputerName: AMITLENOVO
08:53:29.0996 5612 UserName: amit
08:53:29.0996 5612 Windows directory: C:\windows
08:53:29.0996 5612 System windows directory: C:\windows
08:53:29.0996 5612 Running under WOW64
08:53:29.0996 5612 Processor architecture: Intel x64
08:53:29.0996 5612 Number of processors: 2
08:53:29.0996 5612 Page size: 0x1000
08:53:29.0996 5612 Boot type: Normal boot
08:53:29.0996 5612 ============================================================
08:53:31.0261 5612 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:53:31.0261 5612 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:53:31.0271 5612 ============================================================
08:53:31.0271 5612 \Device\Harddisk0\DR0:
08:53:31.0271 5612 MBR partitions:
08:53:31.0271 5612 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:53:31.0271 5612 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3712E000
08:53:31.0271 5612 \Device\Harddisk1\DR1:
08:53:31.0271 5612 MBR partitions:
08:53:31.0271 5612 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x2542D682
08:53:31.0271 5612 ============================================================
08:53:31.0281 5612 C: <-> \Device\Harddisk0\DR0\Partition1
08:53:31.0637 5612 E: <-> \Device\Harddisk1\DR1\Partition0
08:53:31.0637 5612 ============================================================
08:53:31.0638 5612 Initialize success
08:53:31.0638 5612 ============================================================
08:53:37.0540 6092 ============================================================
08:53:37.0540 6092 Scan started
08:53:37.0540 6092 Mode: Manual;
08:53:37.0540 6092 ============================================================
08:53:38.0755 6092 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
08:53:38.0758 6092 !SASCORE - ok
08:53:38.0865 6092 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
08:53:38.0877 6092 1394ohci - ok
08:53:38.0927 6092 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
08:53:38.0932 6092 ACPI - ok
08:53:38.0977 6092 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
08:53:38.0982 6092 AcpiPmi - ok
08:53:39.0047 6092 Adobe LM Service (5ddc0a8d2cd60bda593ddaf45821ce08) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
08:53:39.0048 6092 Adobe LM Service - ok
08:53:39.0092 6092 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
08:53:39.0105 6092 adp94xx - ok
08:53:39.0127 6092 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
08:53:39.0137 6092 adpahci - ok
08:53:39.0153 6092 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
08:53:39.0161 6092 adpu320 - ok
08:53:39.0186 6092 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
08:53:39.0194 6092 AeLookupSvc - ok
08:53:39.0255 6092 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
08:53:39.0272 6092 AFD - ok
08:53:39.0301 6092 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
08:53:39.0308 6092 agp440 - ok
08:53:39.0323 6092 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
08:53:39.0330 6092 ALG - ok
08:53:39.0350 6092 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
08:53:39.0355 6092 aliide - ok
08:53:39.0372 6092 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
08:53:39.0376 6092 amdide - ok
08:53:39.0397 6092 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
08:53:39.0405 6092 AmdK8 - ok
08:53:39.0414 6092 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
08:53:39.0421 6092 AmdPPM - ok
08:53:39.0461 6092 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\windows\system32\drivers\amdsata.sys
08:53:39.0467 6092 amdsata - ok
08:53:39.0491 6092 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
08:53:39.0498 6092 amdsbs - ok
08:53:39.0511 6092 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\windows\system32\drivers\amdxata.sys
08:53:39.0515 6092 amdxata - ok
08:53:39.0669 6092 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
08:53:39.0671 6092 AntiVirSchedulerService - ok
08:53:39.0725 6092 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
08:53:39.0726 6092 AntiVirService - ok
08:53:39.0781 6092 AntiVirWebService (e38ba9fab3981a2115c53260b930fd3c) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
08:53:39.0787 6092 AntiVirWebService - ok
08:53:39.0837 6092 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
08:53:39.0842 6092 AppID - ok
08:53:39.0863 6092 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
08:53:39.0871 6092 AppIDSvc - ok
08:53:39.0901 6092 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
08:53:39.0911 6092 Appinfo - ok
08:53:39.0939 6092 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
08:53:39.0947 6092 arc - ok
08:53:39.0965 6092 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
08:53:39.0972 6092 arcsas - ok
08:53:40.0059 6092 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:53:40.0061 6092 aspnet_state - ok
08:53:40.0097 6092 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
08:53:40.0098 6092 AsyncMac - ok
08:53:40.0124 6092 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
08:53:40.0129 6092 atapi - ok
08:53:40.0185 6092 atashost (fcf685f3d5458121c568f268d4d90ee5) C:\windows\SysWOW64\atashost.exe
08:53:40.0187 6092 atashost - ok
08:53:40.0247 6092 ATIAVPCI (c5b7809742ad1b792bdd075b763b13a3) C:\windows\system32\DRIVERS\atinavrr.sys
08:53:40.0290 6092 ATIAVPCI - ok
08:53:40.0507 6092 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\windows\system32\drivers\atikmdag.sys
08:53:40.0644 6092 atikmdag - ok
08:53:40.0933 6092 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
08:53:40.0941 6092 AudioEndpointBuilder - ok
08:53:40.0949 6092 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
08:53:40.0952 6092 AudioSrv - ok
08:53:40.0995 6092 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\windows\system32\DRIVERS\avgntflt.sys
08:53:40.0997 6092 avgntflt - ok
08:53:41.0044 6092 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\windows\system32\DRIVERS\avipbb.sys
08:53:41.0046 6092 avipbb - ok
08:53:41.0074 6092 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\windows\system32\DRIVERS\avkmgr.sys
08:53:41.0079 6092 avkmgr - ok
08:53:41.0123 6092 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
08:53:41.0130 6092 AxInstSV - ok
08:53:41.0172 6092 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
08:53:41.0183 6092 b06bdrv - ok
08:53:41.0211 6092 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
08:53:41.0220 6092 b57nd60a - ok
08:53:41.0319 6092 BCM43XX (fb4fda64f2e8552eaeb5986c3f34462c) C:\windows\system32\DRIVERS\bcmwl664.sys
08:53:41.0358 6092 BCM43XX - ok
08:53:41.0422 6092 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
08:53:41.0429 6092 BDESVC - ok
08:53:41.0460 6092 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
08:53:41.0464 6092 Beep - ok
08:53:41.0519 6092 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
08:53:41.0527 6092 BFE - ok
08:53:41.0744 6092 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
08:53:41.0831 6092 BITS - ok
08:53:41.0869 6092 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
08:53:41.0874 6092 blbdrive - ok
08:53:41.0919 6092 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
08:53:41.0927 6092 bowser - ok
08:53:41.0935 6092 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
08:53:41.0939 6092 BrFiltLo - ok
08:53:41.0953 6092 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
08:53:41.0955 6092 BrFiltUp - ok
08:53:41.0982 6092 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
08:53:41.0984 6092 Browser - ok
08:53:42.0014 6092 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
08:53:42.0023 6092 Brserid - ok
08:53:42.0034 6092 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
08:53:42.0038 6092 BrSerWdm - ok
08:53:42.0046 6092 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
08:53:42.0049 6092 BrUsbMdm - ok
08:53:42.0052 6092 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
08:53:42.0055 6092 BrUsbSer - ok
08:53:42.0116 6092 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
08:53:42.0121 6092 BthEnum - ok
08:53:42.0134 6092 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
08:53:42.0140 6092 BTHMODEM - ok
08:53:42.0164 6092 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
08:53:42.0171 6092 BthPan - ok
08:53:42.0220 6092 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\system32\Drivers\BTHport.sys
08:53:42.0227 6092 BTHPORT - ok
08:53:42.0240 6092 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
08:53:42.0247 6092 bthserv - ok
08:53:42.0262 6092 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\system32\Drivers\BTHUSB.sys
08:53:42.0264 6092 BTHUSB - ok
08:53:42.0271 6092 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\windows\system32\drivers\btusbflt.sys
08:53:42.0276 6092 btusbflt - ok
08:53:42.0287 6092 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\windows\system32\drivers\btwaudio.sys
08:53:42.0292 6092 btwaudio - ok
08:53:42.0302 6092 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\windows\system32\drivers\btwavdt.sys
08:53:42.0308 6092 btwavdt - ok
08:53:42.0401 6092 btwdins (9ecc42acb6d00b7d1f668aa4f17fae26) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
08:53:42.0412 6092 btwdins - ok
08:53:42.0436 6092 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\windows\system32\DRIVERS\btwl2cap.sys
08:53:42.0441 6092 btwl2cap - ok
08:53:42.0453 6092 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\windows\system32\DRIVERS\btwrchid.sys
08:53:42.0458 6092 btwrchid - ok
08:53:42.0494 6092 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
08:53:42.0501 6092 cdfs - ok
08:53:42.0558 6092 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
08:53:42.0567 6092 cdrom - ok
08:53:42.0595 6092 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
08:53:42.0595 6092 CertPropSvc - ok
08:53:42.0625 6092 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
08:53:42.0635 6092 circlass - ok
08:53:42.0655 6092 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
08:53:42.0655 6092 CLFS - ok
08:53:42.0695 6092 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:53:42.0705 6092 clr_optimization_v2.0.50727_32 - ok
08:53:42.0755 6092 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:53:42.0765 6092 clr_optimization_v2.0.50727_64 - ok
08:53:42.0835 6092 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:53:42.0835 6092 clr_optimization_v4.0.30319_32 - ok
08:53:42.0875 6092 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:53:42.0875 6092 clr_optimization_v4.0.30319_64 - ok
08:53:42.0895 6092 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
08:53:42.0905 6092 CmBatt - ok
08:53:42.0935 6092 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
08:53:42.0945 6092 cmdide - ok
08:53:42.0985 6092 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
08:53:43.0005 6092 CNG - ok
08:53:43.0015 6092 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
08:53:43.0025 6092 Compbatt - ok
08:53:43.0055 6092 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
08:53:43.0065 6092 CompositeBus - ok
08:53:43.0065 6092 COMSysApp - ok
08:53:43.0085 6092 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
08:53:43.0095 6092 crcdisk - ok
08:53:43.0135 6092 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
08:53:43.0145 6092 CryptSvc - ok
08:53:43.0195 6092 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
08:53:43.0205 6092 DcomLaunch - ok
08:53:43.0235 6092 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
08:53:43.0255 6092 defragsvc - ok
08:53:43.0285 6092 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
08:53:43.0285 6092 DfsC - ok
08:53:43.0305 6092 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
08:53:43.0315 6092 Dhcp - ok
08:53:43.0335 6092 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
08:53:43.0345 6092 discache - ok
08:53:43.0355 6092 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
08:53:43.0365 6092 Disk - ok
08:53:43.0405 6092 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
08:53:43.0405 6092 Dnscache - ok
08:53:43.0455 6092 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
08:53:43.0475 6092 dot3svc - ok
08:53:43.0505 6092 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
08:53:43.0505 6092 DPS - ok
08:53:43.0525 6092 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
08:53:43.0525 6092 drmkaud - ok
08:53:43.0588 6092 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
08:53:43.0604 6092 DXGKrnl - ok
08:53:43.0622 6092 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
08:53:43.0627 6092 EapHost - ok
08:53:43.0952 6092 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
08:53:44.0016 6092 ebdrv - ok
08:53:44.0097 6092 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
08:53:44.0099 6092 EFS - ok
08:53:44.0154 6092 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
08:53:44.0162 6092 ehRecvr - ok
08:53:44.0197 6092 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
08:53:44.0207 6092 ehSched - ok
08:53:44.0254 6092 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
08:53:44.0268 6092 elxstor - ok
08:53:44.0299 6092 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
08:53:44.0304 6092 ErrDev - ok
08:53:44.0354 6092 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
08:53:44.0372 6092 EventSystem - ok
08:53:44.0399 6092 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
08:53:44.0408 6092 exfat - ok
08:53:44.0429 6092 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
08:53:44.0438 6092 fastfat - ok
08:53:44.0510 6092 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
08:53:44.0519 6092 Fax - ok
08:53:44.0566 6092 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
08:53:44.0580 6092 fdc - ok
08:53:44.0594 6092 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
08:53:44.0596 6092 fdPHost - ok
08:53:44.0608 6092 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
08:53:44.0615 6092 FDResPub - ok
08:53:44.0627 6092 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
08:53:44.0634 6092 FileInfo - ok
08:53:44.0647 6092 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
08:53:44.0650 6092 Filetrace - ok
08:53:44.0664 6092 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
08:53:44.0668 6092 flpydisk - ok
08:53:44.0700 6092 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
08:53:44.0703 6092 FltMgr - ok
08:53:44.0754 6092 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\windows\system32\FntCache.dll
08:53:44.0787 6092 FontCache - ok
08:53:44.0852 6092 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:53:44.0854 6092 FontCache3.0.0.0 - ok
08:53:44.0885 6092 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
08:53:44.0892 6092 FsDepends - ok
08:53:44.0923 6092 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
08:53:44.0929 6092 Fs_Rec - ok
08:53:44.0978 6092 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
08:53:44.0981 6092 fvevol - ok
08:53:44.0994 6092 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
08:53:45.0001 6092 gagp30kx - ok
08:53:45.0052 6092 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
08:53:45.0069 6092 gpsvc - ok
08:53:45.0170 6092 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:53:45.0173 6092 gupdate - ok
08:53:45.0177 6092 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:53:45.0179 6092 gupdatem - ok
08:53:45.0217 6092 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\windows\system32\DRIVERS\hamachi.sys
08:53:45.0222 6092 hamachi - ok
08:53:45.0245 6092 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
08:53:45.0252 6092 hcw85cir - ok
08:53:45.0295 6092 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
08:53:45.0310 6092 HdAudAddService - ok
08:53:45.0331 6092 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
08:53:45.0334 6092 HDAudBus - ok
08:53:45.0346 6092 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
08:53:45.0351 6092 HidBatt - ok
08:53:45.0365 6092 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
08:53:45.0370 6092 HidBth - ok
08:53:45.0384 6092 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
08:53:45.0388 6092 HidIr - ok
08:53:45.0404 6092 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
08:53:45.0410 6092 hidserv - ok
08:53:45.0452 6092 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
08:53:45.0457 6092 HidUsb - ok
08:53:45.0489 6092 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
08:53:45.0492 6092 hkmsvc - ok
08:53:45.0529 6092 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
08:53:45.0541 6092 HomeGroupListener - ok
08:53:45.0562 6092 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
08:53:45.0573 6092 HomeGroupProvider - ok
08:53:45.0597 6092 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
08:53:45.0603 6092 HpSAMD - ok
08:53:45.0677 6092 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
08:53:45.0686 6092 HTTP - ok
08:53:45.0714 6092 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
08:53:45.0717 6092 hwpolicy - ok
08:53:45.0776 6092 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
08:53:45.0784 6092 i8042prt - ok
08:53:45.0823 6092 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\windows\system32\drivers\iaStorV.sys
08:53:45.0834 6092 iaStorV - ok
08:53:45.0921 6092 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:53:45.0933 6092 idsvc - ok
08:53:46.0108 6092 igfx (a87261ef1546325b559374f5689cf5bc) C:\windows\system32\DRIVERS\igdkmd64.sys
08:53:46.0226 6092 igfx - ok
08:53:46.0302 6092 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
08:53:46.0307 6092 iirsp - ok
08:53:46.0360 6092 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
08:53:46.0381 6092 IKEEXT - ok
08:53:46.0462 6092 IntcAzAudAddService (ee64207f2f5c20bfe5f73db2566c4601) C:\windows\system32\drivers\RTKVHD64.sys
08:53:46.0509 6092 IntcAzAudAddService - ok
08:53:46.0593 6092 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
08:53:46.0598 6092 intelide - ok
08:53:46.0639 6092 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
08:53:46.0641 6092 intelppm - ok
08:53:46.0699 6092 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
08:53:46.0713 6092 IPBusEnum - ok
08:53:46.0752 6092 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
08:53:46.0758 6092 IpFilterDriver - ok
08:53:46.0808 6092 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
08:53:46.0816 6092 iphlpsvc - ok
08:53:46.0840 6092 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
08:53:46.0848 6092 IPMIDRV - ok
08:53:46.0887 6092 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
08:53:46.0895 6092 IPNAT - ok
08:53:46.0910 6092 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
08:53:46.0915 6092 IRENUM - ok
08:53:46.0926 6092 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
08:53:46.0931 6092 isapnp - ok
08:53:46.0945 6092 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
08:53:46.0955 6092 iScsiPrt - ok
08:53:46.0995 6092 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
08:53:47.0002 6092 kbdclass - ok
08:53:47.0046 6092 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
08:53:47.0052 6092 kbdhid - ok
08:53:47.0085 6092 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:53:47.0087 6092 KeyIso - ok
08:53:47.0101 6092 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
08:53:47.0108 6092 KSecDD - ok
08:53:47.0120 6092 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
08:53:47.0129 6092 KSecPkg - ok
08:53:47.0158 6092 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
08:53:47.0161 6092 ksthunk - ok
08:53:47.0199 6092 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
08:53:47.0212 6092 KtmRm - ok
08:53:47.0262 6092 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
08:53:47.0267 6092 LanmanServer - ok
08:53:47.0295 6092 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
08:53:47.0299 6092 LanmanWorkstation - ok
08:53:47.0319 6092 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
08:53:47.0325 6092 lltdio - ok
08:53:47.0356 6092 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
08:53:47.0367 6092 lltdsvc - ok
08:53:47.0380 6092 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
08:53:47.0386 6092 lmhosts - ok
08:53:47.0480 6092 LMIGuardianSvc (c2e8bf4d0ce0337f54a83d2ec698570a) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
08:53:47.0485 6092 LMIGuardianSvc - ok
08:53:47.0530 6092 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
08:53:47.0531 6092 LMIInfo - ok
08:53:47.0560 6092 LMIMaint (f46c8b109b17703e234edc3873ff261c) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
08:53:47.0569 6092 LMIMaint - ok
08:53:47.0587 6092 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\windows\system32\DRIVERS\lmimirr.sys
08:53:47.0592 6092 lmimirr - ok
08:53:47.0622 6092 LMIRfsClientNP - ok
08:53:47.0635 6092 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\windows\system32\drivers\LMIRfsDriver.sys
08:53:47.0642 6092 LMIRfsDriver - ok
08:53:47.0675 6092 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
08:53:47.0680 6092 LogMeIn - ok
08:53:47.0713 6092 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
08:53:47.0720 6092 LSI_FC - ok
08:53:47.0736 6092 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
08:53:47.0744 6092 LSI_SAS - ok
08:53:47.0758 6092 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
08:53:47.0765 6092 LSI_SAS2 - ok
08:53:47.0779 6092 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
08:53:47.0787 6092 LSI_SCSI - ok
08:53:47.0818 6092 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
08:53:47.0826 6092 luafv - ok
08:53:47.0859 6092 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\windows\system32\drivers\mbam.sys
08:53:47.0864 6092 MBAMProtector - ok
08:53:47.0922 6092 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:53:47.0930 6092 MBAMService - ok
08:53:47.0940 6092 McAfee SiteAdvisor Service - ok
08:53:47.0978 6092 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
08:53:47.0983 6092 Mcx2Svc - ok
08:53:48.0005 6092 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
08:53:48.0010 6092 megasas - ok
08:53:48.0032 6092 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
08:53:48.0041 6092 MegaSR - ok
08:53:48.0065 6092 Mepqpese - ok
08:53:48.0085 6092 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
08:53:48.0087 6092 MMCSS - ok
08:53:48.0103 6092 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
08:53:48.0108 6092 Modem - ok
08:53:48.0128 6092 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
08:53:48.0133 6092 monitor - ok
08:53:48.0171 6092 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
08:53:48.0177 6092 mouclass - ok
08:53:48.0195 6092 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
08:53:48.0200 6092 mouhid - ok
08:53:48.0231 6092 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
08:53:48.0233 6092 mountmgr - ok
08:53:48.0290 6092 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:53:48.0292 6092 MozillaMaintenance - ok
08:53:48.0319 6092 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
08:53:48.0328 6092 mpio - ok
08:53:48.0371 6092 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
08:53:48.0377 6092 mpsdrv - ok
08:53:48.0419 6092 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
08:53:48.0440 6092 MpsSvc - ok
08:53:48.0482 6092 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
08:53:48.0491 6092 MRxDAV - ok
08:53:48.0524 6092 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
08:53:48.0532 6092 mrxsmb - ok
08:53:48.0570 6092 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
08:53:48.0586 6092 mrxsmb10 - ok
08:53:48.0617 6092 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
08:53:48.0617 6092 mrxsmb20 - ok
08:53:48.0648 6092 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
08:53:48.0658 6092 msahci - ok
08:53:48.0698 6092 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
08:53:48.0708 6092 msdsm - ok
08:53:48.0728 6092 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
08:53:48.0738 6092 MSDTC - ok
08:53:48.0754 6092 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
08:53:48.0770 6092 Msfs - ok
08:53:48.0770 6092 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
08:53:48.0770 6092 mshidkmdf - ok
08:53:48.0795 6092 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
08:53:48.0795 6092 msisadrv - ok
08:53:48.0815 6092 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
08:53:48.0815 6092 MSiSCSI - ok
08:53:48.0825 6092 msiserver - ok
08:53:48.0845 6092 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
08:53:48.0845 6092 MSKSSRV - ok
08:53:48.0855 6092 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
08:53:48.0855 6092 MSPCLOCK - ok
08:53:48.0855 6092 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
08:53:48.0855 6092 MSPQM - ok
08:53:49.0131 6092 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
08:53:49.0142 6092 MsRPC - ok
08:53:49.0173 6092 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
08:53:49.0174 6092 mssmbios - ok
08:53:49.0271 6092 MSSQL$INFLOWSQL - ok
08:53:49.0317 6092 MSSQL$SIXBITDBSERVER - ok
08:53:49.0423 6092 MSSQL$UPSWSDBSERVER - ok
08:53:49.0499 6092 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
08:53:49.0501 6092 MSSQLServerADHelper - ok
08:53:49.0573 6092 MSSQLServerADHelper100 (04ef36eaf5c4dbce424d81b76f1e9231) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
08:53:49.0575 6092 MSSQLServerADHelper100 - ok
08:53:49.0604 6092 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
08:53:49.0608 6092 MSTEE - ok
08:53:49.0613 6092 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
08:53:49.0617 6092 MTConfig - ok
08:53:49.0636 6092 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
08:53:49.0643 6092 Mup - ok
08:53:49.0689 6092 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
08:53:49.0697 6092 napagent - ok
08:53:49.0740 6092 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
08:53:49.0752 6092 NativeWifiP - ok
08:53:49.0787 6092 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
08:53:49.0799 6092 NDIS - ok
08:53:49.0814 6092 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
08:53:49.0818 6092 NdisCap - ok
08:53:49.0839 6092 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
08:53:49.0843 6092 NdisTapi - ok
08:53:49.0881 6092 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
08:53:49.0885 6092 Ndisuio - ok
08:53:49.0923 6092 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
08:53:49.0932 6092 NdisWan - ok
08:53:49.0961 6092 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
08:53:49.0967 6092 NDProxy - ok
08:53:50.0013 6092 Net Driver HPZ12 (2c723e42fc8d7b0209492828f921fb50) C:\Windows\system32\HPZinw12.dll
08:53:50.0015 6092 Net Driver HPZ12 - ok
08:53:50.0044 6092 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
08:53:50.0054 6092 NetBIOS - ok
08:53:50.0086 6092 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
08:53:50.0094 6092 NetBT - ok
08:53:50.0124 6092 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:53:50.0125 6092 Netlogon - ok
08:53:50.0158 6092 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
08:53:50.0175 6092 Netman - ok
08:53:50.0244 6092 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:53:50.0247 6092 NetMsmqActivator - ok
08:53:50.0251 6092 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:53:50.0253 6092 NetPipeActivator - ok
08:53:50.0277 6092 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
08:53:50.0298 6092 netprofm - ok
08:53:50.0303 6092 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:53:50.0304 6092 NetTcpActivator - ok
08:53:50.0309 6092 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:53:50.0310 6092 NetTcpPortSharing - ok
08:53:50.0368 6092 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
08:53:50.0375 6092 nfrd960 - ok
08:53:50.0415 6092 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
08:53:50.0421 6092 NlaSvc - ok
08:53:50.0433 6092 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
08:53:50.0436 6092 Npfs - ok
08:53:50.0447 6092 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
08:53:50.0449 6092 nsi - ok
08:53:50.0463 6092 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
08:53:50.0467 6092 nsiproxy - ok
08:53:50.0532 6092 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\windows\system32\drivers\Ntfs.sys
08:53:50.0563 6092 Ntfs - ok
08:53:50.0626 6092 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
08:53:50.0630 6092 Null - ok
08:53:50.0943 6092 nvlddmkm (f0ee9d78913e921bee475c6cf2e0e933) C:\windows\system32\DRIVERS\nvlddmkm.sys
08:53:51.0139 6092 nvlddmkm - ok
08:53:51.0240 6092 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\windows\system32\drivers\nvraid.sys
08:53:51.0248 6092 nvraid - ok
08:53:51.0268 6092 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\windows\system32\drivers\nvstor.sys
08:53:51.0277 6092 nvstor - ok
08:53:51.0317 6092 nvsvc (96a7c5dd7e7de44f00a676b018b3be18) C:\windows\system32\nvvsvc.exe
08:53:51.0332 6092 nvsvc - ok
08:53:51.0362 6092 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
08:53:51.0372 6092 nv_agp - ok
08:53:51.0389 6092 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
08:53:51.0396 6092 ohci1394 - ok
08:53:51.0461 6092 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:53:51.0464 6092 ose - ok
08:53:51.0625 6092 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:53:51.0698 6092 osppsvc - ok
08:53:51.0785 6092 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
08:53:51.0790 6092 p2pimsvc - ok
08:53:51.0826 6092 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
08:53:51.0841 6092 p2psvc - ok
08:53:51.0876 6092 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
08:53:51.0882 6092 Parport - ok
08:53:51.0906 6092 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
08:53:51.0913 6092 partmgr - ok
08:53:51.0934 6092 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
08:53:51.0937 6092 PcaSvc - ok
08:53:51.0979 6092 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
08:53:51.0988 6092 pci - ok
08:53:51.0999 6092 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
08:53:52.0004 6092 pciide - ok
08:53:52.0018 6092 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
08:53:52.0028 6092 pcmcia - ok
08:53:52.0049 6092 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
08:53:52.0055 6092 pcw - ok
08:53:52.0080 6092 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
08:53:52.0095 6092 PEAUTH - ok
08:53:52.0141 6092 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
08:53:52.0141 6092 PerfHost - ok
08:53:52.0212 6092 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
08:53:52.0263 6092 pla - ok
08:53:52.0301 6092 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
08:53:52.0307 6092 PlugPlay - ok
08:53:52.0353 6092 Pml Driver HPZ12 (171e6d91a20aac8d02172a64e82ce90b) C:\Windows\system32\HPZipm12.dll
08:53:52.0355 6092 Pml Driver HPZ12 - ok
08:53:52.0372 6092 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
08:53:52.0379 6092 PNRPAutoReg - ok
08:53:52.0401 6092 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
08:53:52.0404 6092 PNRPsvc - ok
08:53:52.0434 6092 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
08:53:52.0449 6092 PolicyAgent - ok
08:53:52.0490 6092 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
08:53:52.0494 6092 Power - ok
08:53:52.0538 6092 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
08:53:52.0546 6092 PptpMiniport - ok
08:53:52.0574 6092 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
08:53:52.0582 6092 Processor - ok
08:53:52.0617 6092 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
08:53:52.0621 6092 ProfSvc - ok
08:53:52.0654 6092 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:53:52.0656 6092 ProtectedStorage - ok
08:53:52.0697 6092 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
08:53:52.0700 6092 Psched - ok
08:53:52.0781 6092 QBCFMonitorService (f6ea2dce39f1accb2c6c38d61fc79075) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
08:53:52.0782 6092 QBCFMonitorService - ok
08:53:52.0843 6092 QBFCService (bab30d2799754f6ea22f0b9076311793) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
08:53:52.0844 6092 QBFCService - ok
08:53:52.0909 6092 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
08:53:52.0980 6092 ql2300 - ok
08:53:53.0055 6092 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
08:53:53.0064 6092 ql40xx - ok
08:53:53.0090 6092 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
08:53:53.0105 6092 QWAVE - ok
08:53:53.0122 6092 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
08:53:53.0127 6092 QWAVEdrv - ok
08:53:53.0142 6092 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
08:53:53.0147 6092 RasAcd - ok
08:53:53.0168 6092 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
08:53:53.0168 6092 RasAgileVpn - ok
08:53:53.0187 6092 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
08:53:53.0195 6092 RasAuto - ok
08:53:53.0227 6092 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
08:53:53.0236 6092 Rasl2tp - ok
08:53:53.0294 6092 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
08:53:53.0320 6092 RasMan - ok
08:53:53.0343 6092 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
08:53:53.0351 6092 RasPppoe - ok
08:53:53.0366 6092 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
08:53:53.0373 6092 RasSstp - ok
08:53:53.0391 6092 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
08:53:53.0402 6092 rdbss - ok
08:53:53.0415 6092 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
08:53:53.0419 6092 rdpbus - ok
08:53:53.0429 6092 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
08:53:53.0430 6092 RDPCDD - ok
08:53:53.0440 6092 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
08:53:53.0443 6092 RDPENCDD - ok
08:53:53.0452 6092 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
08:53:53.0455 6092 RDPREFMP - ok
08:53:53.0488 6092 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
08:53:53.0497 6092 RDPWD - ok
08:53:53.0560 6092 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
08:53:53.0570 6092 rdyboost - ok
08:53:53.0600 6092 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
08:53:53.0610 6092 RemoteAccess - ok
08:53:53.0636 6092 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
08:53:53.0647 6092 RemoteRegistry - ok
08:53:53.0677 6092 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
08:53:53.0684 6092 RFCOMM - ok
08:53:53.0745 6092 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
08:53:53.0749 6092 RichVideo - ok
08:53:53.0763 6092 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
08:53:53.0766 6092 RpcEptMapper - ok
08:53:53.0789 6092 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
08:53:53.0794 6092 RpcLocator - ok
08:53:53.0833 6092 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
08:53:53.0839 6092 RpcSs - ok
08:53:53.0882 6092 RsFx0150 (eb1c539e621a35a49f7692b0eb565ab9) C:\windows\system32\DRIVERS\RsFx0150.sys
08:53:53.0894 6092 RsFx0150 - ok
08:53:53.0926 6092 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
08:53:53.0933 6092 rspndr - ok
08:53:53.0965 6092 RSUSBSTOR (fb39af63d6617f028ba0ebc21b83360d) C:\windows\system32\Drivers\RtsUStor.sys
08:53:53.0973 6092 RSUSBSTOR - ok
08:53:53.0988 6092 RTL8023x64 (68dd0457d18fccef7384ae84022f0c86) C:\windows\system32\DRIVERS\Rtnic64.sys
08:53:53.0994 6092 RTL8023x64 - ok
08:53:54.0031 6092 RTL8167 (f65f171165fbb613f7aa3cc78e8cab42) C:\windows\system32\DRIVERS\Rt64win7.sys
08:53:54.0034 6092 RTL8167 - ok
08:53:54.0070 6092 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:53:54.0071 6092 SamSs - ok
08:53:54.0115 6092 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
08:53:54.0115 6092 SASDIFSV - ok
08:53:54.0162 6092 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
08:53:54.0163 6092 SASKUTIL - ok
08:53:54.0181 6092 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
08:53:54.0196 6092 sbp2port - ok
08:53:54.0228 6092 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
08:53:54.0228 6092 SCardSvr - ok
08:53:54.0260 6092 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
08:53:54.0266 6092 scfilter - ok
08:53:54.0346 6092 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
08:53:54.0383 6092 Schedule - ok
08:53:54.0422 6092 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
08:53:54.0423 6092 SCPolicySvc - ok
08:53:54.0462 6092 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
08:53:54.0467 6092 SDRSVC - ok
08:53:54.0508 6092 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
08:53:54.0513 6092 secdrv - ok
08:53:54.0528 6092 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
08:53:54.0536 6092 seclogon - ok
08:53:54.0562 6092 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
08:53:54.0564 6092 SENS - ok
08:53:54.0583 6092 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
08:53:54.0589 6092 SensrSvc - ok
08:53:54.0602 6092 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
08:53:54.0606 6092 Serenum - ok
08:53:54.0626 6092 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
08:53:54.0632 6092 Serial - ok
08:53:54.0664 6092 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
08:53:54.0667 6092 sermouse - ok
08:53:54.0753 6092 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
08:53:54.0763 6092 SessionEnv - ok
08:53:54.0793 6092 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
08:53:54.0797 6092 sffdisk - ok
08:53:54.0804 6092 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
08:53:54.0807 6092 sffp_mmc - ok
08:53:54.0815 6092 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
08:53:54.0818 6092 sffp_sd - ok
08:53:54.0838 6092 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
08:53:54.0842 6092 sfloppy - ok
08:53:54.0881 6092 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
08:53:54.0891 6092 SharedAccess - ok
08:53:54.0928 6092 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
08:53:54.0941 6092 ShellHWDetection - ok
08:53:54.0953 6092 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
08:53:54.0959 6092 SiSRaid2 - ok
08:53:54.0972 6092 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
08:53:54.0977 6092 SiSRaid4 - ok
08:53:55.0045 6092 SixBitAgent (304233af4dffbd28f318be8d111b5c20) C:\Program Files (x86)\SixBit Software\SixBit eCommerce Solution\SixBitAgent.exe
08:53:55.0047 6092 SixBitAgent - ok
08:53:55.0071 6092 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
08:53:55.0080 6092 Smb - ok
08:53:55.0097 6092 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
08:53:55.0103 6092 SNMPTRAP - ok
08:53:55.0124 6092 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
08:53:55.0128 6092 spldr - ok
08:53:55.0174 6092 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
08:53:55.0182 6092 Spooler - ok
08:53:55.0292 6092 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
08:53:55.0403 6092 sppsvc - ok
08:53:55.0474 6092 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
08:53:55.0483 6092 sppuinotify - ok
08:53:55.0555 6092 SQLAgent$SIXBITDBSERVER (bea7fea5bb31eb58d78971f821ae6844) c:\Program Files\Microsoft SQL Server\MSSQL10_50.SIXBITDBSERVER\MSSQL\Binn\SQLAGENT.EXE
08:53:55.0560 6092 SQLAgent$SIXBITDBSERVER - ok
08:53:55.0621 6092 SQLBrowser (7d67c07c63796775cc5492bcfeaff125) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
08:53:55.0634 6092 SQLBrowser - ok
08:53:55.0664 6092 SQLWriter (f98ddfbfe0ee66d4c4b00693512b9527) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
08:53:55.0667 6092 SQLWriter - ok
08:53:55.0726 6092 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
08:53:55.0740 6092 srv - ok
08:53:55.0760 6092 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
08:53:55.0775 6092 srv2 - ok
08:53:55.0793 6092 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
08:53:55.0802 6092 srvnet - ok
08:53:55.0841 6092 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
08:53:55.0851 6092 SSDPSRV - ok
08:53:55.0861 6092 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
08:53:55.0871 6092 SstpSvc - ok
08:53:55.0891 6092 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
08:53:55.0901 6092 stexstor - ok
08:53:55.0941 6092 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
08:53:55.0961 6092 stisvc - ok
08:53:55.0981 6092 SuperIO (d310da4bb3d61a52f8c50ddb1a62ff5e) C:\windows\system32\DRIVERS\spio.sys
08:53:55.0991 6092 SuperIO - ok
08:53:56.0021 6092 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
08:53:56.0021 6092 swenum - ok
08:53:56.0061 6092 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
08:53:56.0071 6092 swprv - ok
08:53:56.0131 6092 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
08:53:56.0181 6092 SysMain - ok
08:53:56.0261 6092 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
08:53:56.0271 6092 TabletInputService - ok
08:53:56.0301 6092 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
08:53:56.0311 6092 TapiSrv - ok
08:53:56.0331 6092 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
08:53:56.0341 6092 TBS - ok
08:53:56.0421 6092 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
08:53:56.0491 6092 Tcpip - ok
08:53:56.0611 6092 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
08:53:56.0620 6092 TCPIP6 - ok
08:53:56.0727 6092 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
08:53:56.0732 6092 tcpipreg - ok
08:53:56.0757 6092 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
08:53:56.0762 6092 TDPIPE - ok
08:53:56.0792 6092 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
08:53:56.0796 6092 TDTCP - ok
08:53:56.0826 6092 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
08:53:56.0834 6092 tdx - ok
08:53:56.0867 6092 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
08:53:56.0874 6092 TermDD - ok
08:53:56.0911 6092 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
08:53:56.0921 6092 TermService - ok
08:53:56.0942 6092 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
08:53:56.0946 6092 Themes - ok
08:53:56.0967 6092 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
08:53:56.0970 6092 THREADORDER - ok
08:53:56.0987 6092 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
08:53:56.0991 6092 TrkWks - ok
08:53:57.0046 6092 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
08:53:57.0049 6092 TrustedInstaller - ok
08:53:57.0078 6092 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
08:53:57.0080 6092 tssecsrv - ok
08:53:57.0121 6092 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
08:53:57.0129 6092 TsUsbFlt - ok
08:53:57.0167 6092 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
08:53:57.0173 6092 tunnel - ok
08:53:57.0191 6092 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
08:53:57.0196 6092 uagp35 - ok
08:53:57.0236 6092 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
08:53:57.0246 6092 udfs - ok
08:53:57.0269 6092 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
08:53:57.0272 6092 UI0Detect - ok
08:53:57.0298 6092 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
08:53:57.0304 6092 uliagpkx - ok
08:53:57.0358 6092 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
08:53:57.0363 6092 umbus - ok
08:53:57.0377 6092 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
08:53:57.0382 6092 UmPass - ok
08:53:57.0399 6092 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
08:53:57.0412 6092 upnphost - ok
08:53:57.0451 6092 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\windows\system32\drivers\usbaudio.sys
08:53:57.0459 6092 usbaudio - ok
08:53:57.0472 6092 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\windows\system32\drivers\usbccgp.sys
08:53:57.0480 6092 usbccgp - ok
08:53:57.0494 6092 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
08:53:57.0501 6092 usbcir - ok
08:53:57.0526 6092 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\windows\system32\DRIVERS\usbehci.sys
08:53:57.0531 6092 usbehci - ok
08:53:57.0555 6092 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\windows\system32\drivers\usbhub.sys
08:53:57.0565 6092 usbhub - ok
08:53:57.0573 6092 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\DRIVERS\usbohci.sys
08:53:57.0583 6092 usbohci - ok
08:53:57.0603 6092 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
08:53:57.0613 6092 usbprint - ok
08:53:57.0623 6092 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\windows\system32\DRIVERS\USBSTOR.SYS
08:53:57.0623 6092 USBSTOR - ok
08:53:57.0633 6092 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\DRIVERS\usbuhci.sys
08:53:57.0633 6092 usbuhci - ok
08:53:57.0653 6092 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
08:53:57.0663 6092 usbvideo - ok
08:53:57.0683 6092 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
08:53:57.0683 6092 UxSms - ok
08:53:57.0703 6092 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:53:57.0703 6092 VaultSvc - ok
08:53:57.0753 6092 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
08:53:57.0763 6092 vdrvroot - ok
08:53:57.0813 6092 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
08:53:57.0823 6092 vds - ok
08:53:57.0853 6092 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
08:53:57.0863 6092 vga - ok
08:53:57.0873 6092 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
08:53:57.0883 6092 VgaSave - ok
08:53:57.0903 6092 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
08:53:57.0913 6092 vhdmp - ok
08:53:57.0933 6092 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
08:53:57.0933 6092 viaide - ok
08:53:57.0953 6092 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
08:53:57.0963 6092 volmgr - ok
08:53:58.0003 6092 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
08:53:58.0013 6092 volmgrx - ok
08:53:58.0043 6092 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
08:53:58.0053 6092 volsnap - ok
08:53:58.0073 6092 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
08:53:58.0083 6092 vsmraid - ok
08:53:58.0173 6092 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
08:53:58.0193 6092 VSS - ok
08:53:58.0263 6092 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
08:53:58.0273 6092 vwifibus - ok
08:53:58.0293 6092 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
08:53:58.0303 6092 vwififlt - ok
08:53:58.0323 6092 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
08:53:58.0323 6092 vwifimp - ok
08:53:58.0353 6092 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
08:53:58.0353 6092 W32Time - ok
08:53:58.0382 6092 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
08:53:58.0387 6092 WacomPen - ok
08:53:58.0438 6092 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
08:53:58.0445 6092 WANARP - ok
08:53:58.0449 6092 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
08:53:58.0451 6092 Wanarpv6 - ok
08:53:58.0523 6092 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
08:53:58.0585 6092 WatAdminSvc - ok
08:53:58.0642 6092 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
08:53:58.0676 6092 wbengine - ok
08:53:58.0787 6092 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
08:53:58.0798 6092 WbioSrvc - ok
08:53:58.0851 6092 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
08:53:58.0863 6092 wcncsvc - ok
08:53:58.0878 6092 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
08:53:58.0886 6092 WcsPlugInService - ok
08:53:58.0923 6092 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
08:53:58.0929 6092 Wd - ok
08:53:58.0958 6092 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
08:53:58.0976 6092 Wdf01000 - ok
08:53:59.0017 6092 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
08:53:59.0027 6092 WdiServiceHost - ok
08:53:59.0031 6092 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
08:53:59.0041 6092 WdiSystemHost - ok
08:53:59.0083 6092 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
08:53:59.0098 6092 WebClient - ok
08:53:59.0118 6092 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
08:53:59.0130 6092 Wecsvc - ok
08:53:59.0205 6092 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
08:53:59.0228 6092 wercplsupport - ok
08:53:59.0348 6092 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
08:53:59.0352 6092 WerSvc - ok
08:53:59.0385 6092 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
08:53:59.0389 6092 WfpLwf - ok
08:53:59.0462 6092 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\windows\system32\DRIVERS\wimfltr.sys
08:53:59.0471 6092 WimFltr - ok
08:53:59.0487 6092 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
08:53:59.0492 6092 WIMMount - ok
08:53:59.0508 6092 WinDefend - ok
08:53:59.0517 6092 WinHttpAutoProxySvc - ok
08:53:59.0565 6092 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
08:53:59.0575 6092 Winmgmt - ok
08:53:59.0655 6092 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
08:53:59.0705 6092 WinRM - ok
08:53:59.0805 6092 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
08:53:59.0815 6092 WinUsb - ok
08:53:59.0865 6092 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
08:53:59.0875 6092 Wlansvc - ok
08:53:59.0905 6092 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
08:53:59.0905 6092 WmiAcpi - ok
08:53:59.0955 6092 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
08:53:59.0965 6092 wmiApSrv - ok
08:53:59.0995 6092 WMPNetworkSvc - ok
08:54:00.0015 6092 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
08:54:00.0015 6092 WPCSvc - ok
08:54:00.0055 6092 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
08:54:00.0065 6092 WPDBusEnum - ok
08:54:00.0085 6092 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
08:54:00.0085 6092 ws2ifsl - ok
08:54:00.0105 6092 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
08:54:00.0115 6092 wscsvc - ok
08:54:00.0115 6092 WSearch - ok
08:54:00.0155 6092 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
08:54:00.0165 6092 wsvd - ok
08:54:00.0235 6092 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
08:54:00.0275 6092 wuauserv - ok
08:54:00.0351 6092 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
08:54:00.0367 6092 WudfPf - ok
08:54:00.0402 6092 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
08:54:00.0402 6092 WUDFRd - ok
08:54:00.0452 6092 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
08:54:00.0461 6092 wudfsvc - ok
08:54:00.0487 6092 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
08:54:00.0499 6092 WwanSvc - ok
08:54:00.0554 6092 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\windows\system32\DRIVERS\yk62x64.sys
08:54:00.0569 6092 yukonw7 - ok
08:54:00.0608 6092 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
08:54:00.0684 6092 \Device\Harddisk0\DR0 - ok
08:54:00.0688 6092 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
08:54:00.0722 6092 \Device\Harddisk1\DR1 - ok
08:54:00.0725 6092 Boot (0x1200) (beaa62d9ba5574d2d6abaaf277840366) \Device\Harddisk0\DR0\Partition0
08:54:00.0726 6092 \Device\Harddisk0\DR0\Partition0 - ok
08:54:00.0753 6092 Boot (0x1200) (d60ab5cb70d123ec35df51bcf0334580) \Device\Harddisk0\DR0\Partition1
08:54:00.0754 6092 \Device\Harddisk0\DR0\Partition1 - ok
08:54:00.0757 6092 Boot (0x1200) (304cf2d1f6a8a6aa0aa00c631e643dc7) \Device\Harddisk1\DR1\Partition0
08:54:00.0758 6092 \Device\Harddisk1\DR1\Partition0 - ok
08:54:00.0759 6092 ============================================================
08:54:00.0759 6092 Scan finished
08:54:00.0759 6092 ============================================================
08:54:00.0766 3104 Detected object count: 0
08:54:00.0766 3104 Actual detected object count: 0

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:07 AM

Posted 05 July 2012 - 12:19 PM

The problem is actually based in your router.
Open MBAM in normal mode and click Update tab, select Check for Updates
Next disconnect your system from the internet, and your router, then…
Open MBAM in normal mode and click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected,

Next you must reset the router to its default configuration. This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds). If you don’t know the router's default password, you can look it up HERE


However, if there are other infected machines using the same router, they will need to be cleared with the above steps before resetting the router. Otherwise, the malware will simply go back and change the router's DNS settings. You also need to reconfigure any security settings you had in place prior to the reset. Check out this site here for video tutorials on how to properly configure your router's encryption and security settings. You may also need to consult with your Internet service provider to find out which DNS servers your network should be using.

Once you have ran Malwarebytes' Anti-Malware on the infected system, and reset the router to its default configuration you can reconnect to the internet, and router. Then return to this site to post your logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 diageminc

diageminc
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:07 PM

Posted 06 July 2012 - 10:22 AM

I appreciate your response, we are getting a network person to reset the router as our security system is hooked up to it, out of curiosity how did you figure that the problem is in our router?

diageminc

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:07 AM

Posted 06 July 2012 - 11:23 AM

Since the machine looks fairly clean and all the machines are having an issue ...the Common thread is the router.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users