Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

links opening up without wanting them to


  • Please log in to reply
3 replies to this topic

#1 fmnot

fmnot

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:18 PM

Posted 13 July 2012 - 02:38 AM

I've read through a couple of your answers and think i may have the info needed to find my problem. can someone help me please? it seems like google always gets redirected or even when i pass over a link, a new page opens up with some ad or info i didn't even request. help!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:18 PM

Posted 13 July 2012 - 03:01 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 fmnot

fmnot
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:18 PM

Posted 14 July 2012 - 04:09 AM

here you go. hope it works. and thanks for helping me.

22:48:39.0572 5784 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
22:48:40.0051 5784 ============================================================
22:48:40.0051 5784 Current date / time: 2012/07/13 22:48:40.0051
22:48:40.0051 5784 SystemInfo:
22:48:40.0051 5784
22:48:40.0051 5784 OS Version: 6.1.7601 ServicePack: 1.0
22:48:40.0051 5784 Product type: Workstation
22:48:40.0051 5784 ComputerName: LESLIERAE-PC
22:48:40.0051 5784 UserName: Leslie Rae
22:48:40.0051 5784 Windows directory: C:\Windows
22:48:40.0051 5784 System windows directory: C:\Windows
22:48:40.0051 5784 Running under WOW64
22:48:40.0051 5784 Processor architecture: Intel x64
22:48:40.0051 5784 Number of processors: 4
22:48:40.0051 5784 Page size: 0x1000
22:48:40.0051 5784 Boot type: Normal boot
22:48:40.0051 5784 ============================================================
22:48:41.0107 5784 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:48:41.0111 5784 ============================================================
22:48:41.0111 5784 \Device\Harddisk0\DR0:
22:48:41.0111 5784 MBR partitions:
22:48:41.0111 5784 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x13C3000
22:48:41.0111 5784 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13D7000, BlocksNum 0x7332F000
22:48:41.0111 5784 ============================================================
22:48:41.0138 5784 C: <-> \Device\Harddisk0\DR0\Partition1
22:48:41.0138 5784 ============================================================
22:48:41.0138 5784 Initialize success
22:48:41.0138 5784 ============================================================
22:48:44.0687 3604 ============================================================
22:48:44.0687 3604 Scan started
22:48:44.0687 3604 Mode: Manual;
22:48:44.0687 3604 ============================================================
22:48:46.0519 3604 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:48:46.0522 3604 1394ohci - ok
22:48:46.0549 3604 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:48:46.0552 3604 ACPI - ok
22:48:46.0566 3604 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:48:46.0567 3604 AcpiPmi - ok
22:48:46.0632 3604 Adobe Version Cue CS3 (14c23516c990dcd6052152cf034dde40) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
22:48:46.0635 3604 Adobe Version Cue CS3 - ok
22:48:46.0677 3604 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:48:46.0682 3604 adp94xx - ok
22:48:46.0701 3604 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:48:46.0703 3604 adpahci - ok
22:48:46.0718 3604 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:48:46.0719 3604 adpu320 - ok
22:48:46.0743 3604 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:48:46.0743 3604 AeLookupSvc - ok
22:48:46.0772 3604 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
22:48:46.0777 3604 AFD - ok
22:48:46.0794 3604 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:48:46.0795 3604 agp440 - ok
22:48:46.0821 3604 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:48:46.0823 3604 ALG - ok
22:48:46.0855 3604 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:48:46.0856 3604 aliide - ok
22:48:46.0878 3604 AMD External Events Utility (41a0813f22d3330c0ca71ce5bbd42b12) C:\Windows\system32\atiesrxx.exe
22:48:46.0883 3604 AMD External Events Utility - ok
22:48:46.0899 3604 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:48:46.0900 3604 amdide - ok
22:48:46.0911 3604 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:48:46.0913 3604 AmdK8 - ok
22:48:46.0925 3604 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:48:46.0926 3604 AmdPPM - ok
22:48:46.0958 3604 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:48:46.0958 3604 amdsata - ok
22:48:46.0976 3604 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:48:46.0979 3604 amdsbs - ok
22:48:46.0995 3604 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:48:46.0996 3604 amdxata - ok
22:48:47.0045 3604 AppHostSvc (59d01fa91962c9c1e9b4022b2d3b46db) C:\Windows\system32\inetsrv\apphostsvc.dll
22:48:47.0046 3604 AppHostSvc - ok
22:48:47.0063 3604 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:48:47.0064 3604 AppID - ok
22:48:47.0080 3604 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:48:47.0081 3604 AppIDSvc - ok
22:48:47.0100 3604 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
22:48:47.0101 3604 Appinfo - ok
22:48:47.0167 3604 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:48:47.0169 3604 Apple Mobile Device - ok
22:48:47.0192 3604 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
22:48:47.0195 3604 AppMgmt - ok
22:48:47.0211 3604 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:48:47.0212 3604 arc - ok
22:48:47.0219 3604 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:48:47.0220 3604 arcsas - ok
22:48:47.0222 3604 ASPI - ok
22:48:47.0236 3604 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:48:47.0238 3604 AsyncMac - ok
22:48:47.0241 3604 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:48:47.0241 3604 atapi - ok
22:48:47.0255 3604 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
22:48:47.0257 3604 AtiHdmiService - ok
22:48:47.0417 3604 atikmdag (37456be85384e4cc38dc899f07f88c45) C:\Windows\system32\DRIVERS\atikmdag.sys
22:48:47.0511 3604 atikmdag - ok
22:48:47.0615 3604 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:48:47.0625 3604 AudioEndpointBuilder - ok
22:48:47.0635 3604 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:48:47.0642 3604 AudioSrv - ok
22:48:47.0807 3604 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
22:48:47.0825 3604 AVGIDSAgent - ok
22:48:47.0896 3604 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
22:48:47.0898 3604 AVGIDSDriver - ok
22:48:47.0912 3604 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
22:48:47.0913 3604 AVGIDSEH - ok
22:48:47.0923 3604 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
22:48:47.0925 3604 AVGIDSFilter - ok
22:48:47.0969 3604 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
22:48:47.0973 3604 Avgldx64 - ok
22:48:47.0988 3604 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
22:48:47.0989 3604 Avgmfx64 - ok
22:48:48.0010 3604 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
22:48:48.0011 3604 Avgrkx64 - ok
22:48:48.0030 3604 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
22:48:48.0032 3604 Avgtdia - ok
22:48:48.0062 3604 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
22:48:48.0064 3604 avgwd - ok
22:48:48.0097 3604 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
22:48:48.0099 3604 AxInstSV - ok
22:48:48.0142 3604 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:48:48.0147 3604 b06bdrv - ok
22:48:48.0171 3604 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:48:48.0174 3604 b57nd60a - ok
22:48:48.0195 3604 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:48:48.0196 3604 BDESVC - ok
22:48:48.0211 3604 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:48:48.0213 3604 Beep - ok
22:48:48.0252 3604 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
22:48:48.0264 3604 BITS - ok
22:48:48.0285 3604 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:48:48.0286 3604 blbdrive - ok
22:48:48.0341 3604 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:48:48.0345 3604 Bonjour Service - ok
22:48:48.0373 3604 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:48:48.0375 3604 bowser - ok
22:48:48.0387 3604 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:48:48.0388 3604 BrFiltLo - ok
22:48:48.0395 3604 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:48:48.0396 3604 BrFiltUp - ok
22:48:48.0429 3604 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
22:48:48.0430 3604 Browser - ok
22:48:48.0449 3604 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:48:48.0453 3604 Brserid - ok
22:48:48.0466 3604 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:48:48.0466 3604 BrSerWdm - ok
22:48:48.0478 3604 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:48:48.0479 3604 BrUsbMdm - ok
22:48:48.0487 3604 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:48:48.0487 3604 BrUsbSer - ok
22:48:48.0503 3604 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:48:48.0504 3604 BTHMODEM - ok
22:48:48.0517 3604 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:48:48.0518 3604 bthserv - ok
22:48:48.0530 3604 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:48:48.0532 3604 cdfs - ok
22:48:48.0583 3604 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
22:48:48.0585 3604 cdrom - ok
22:48:48.0600 3604 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:48:48.0602 3604 CertPropSvc - ok
22:48:48.0619 3604 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:48:48.0620 3604 circlass - ok
22:48:48.0637 3604 CISVC (ff60401f1c659ca2ed4bae85d3fd14da) C:\Windows\system32\CISVC.EXE
22:48:48.0637 3604 CISVC - ok
22:48:48.0658 3604 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:48:48.0660 3604 CLFS - ok
22:48:48.0704 3604 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:48:48.0705 3604 clr_optimization_v2.0.50727_32 - ok
22:48:48.0749 3604 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:48:48.0751 3604 clr_optimization_v2.0.50727_64 - ok
22:48:48.0778 3604 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:48:48.0780 3604 clr_optimization_v4.0.30319_32 - ok
22:48:48.0795 3604 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:48:48.0797 3604 clr_optimization_v4.0.30319_64 - ok
22:48:48.0806 3604 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:48:48.0807 3604 CmBatt - ok
22:48:48.0835 3604 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:48:48.0837 3604 cmdide - ok
22:48:48.0881 3604 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
22:48:48.0885 3604 CNG - ok
22:48:48.0896 3604 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:48:48.0897 3604 Compbatt - ok
22:48:48.0916 3604 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:48:48.0917 3604 CompositeBus - ok
22:48:48.0921 3604 COMSysApp - ok
22:48:48.0934 3604 cpuz132 - ok
22:48:48.0941 3604 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:48:48.0942 3604 crcdisk - ok
22:48:48.0972 3604 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
22:48:48.0975 3604 CryptSvc - ok
22:48:49.0016 3604 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
22:48:49.0025 3604 CSC - ok
22:48:49.0083 3604 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
22:48:49.0092 3604 CscService - ok
22:48:49.0114 3604 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
22:48:49.0115 3604 dc3d - ok
22:48:49.0140 3604 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:48:49.0145 3604 DcomLaunch - ok
22:48:49.0177 3604 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:48:49.0181 3604 defragsvc - ok
22:48:49.0215 3604 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:48:49.0218 3604 DfsC - ok
22:48:49.0234 3604 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
22:48:49.0240 3604 Dhcp - ok
22:48:49.0245 3604 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:48:49.0246 3604 discache - ok
22:48:49.0255 3604 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:48:49.0256 3604 Disk - ok
22:48:49.0270 3604 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
22:48:49.0272 3604 Dnscache - ok
22:48:49.0306 3604 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
22:48:49.0308 3604 DockLoginService - ok
22:48:49.0339 3604 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
22:48:49.0343 3604 dot3svc - ok
22:48:49.0374 3604 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
22:48:49.0376 3604 DPS - ok
22:48:49.0390 3604 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:48:49.0392 3604 drmkaud - ok
22:48:49.0423 3604 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:48:49.0429 3604 DXGKrnl - ok
22:48:49.0451 3604 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:48:49.0453 3604 EapHost - ok
22:48:49.0542 3604 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:48:49.0554 3604 ebdrv - ok
22:48:49.0638 3604 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
22:48:49.0641 3604 EFS - ok
22:48:49.0684 3604 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
22:48:49.0694 3604 ehRecvr - ok
22:48:49.0719 3604 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:48:49.0721 3604 ehSched - ok
22:48:49.0765 3604 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:48:49.0771 3604 elxstor - ok
22:48:49.0798 3604 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:48:49.0799 3604 ErrDev - ok
22:48:49.0843 3604 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:48:49.0849 3604 EventSystem - ok
22:48:49.0871 3604 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:48:49.0873 3604 exfat - ok
22:48:49.0890 3604 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:48:49.0891 3604 fastfat - ok
22:48:49.0919 3604 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
22:48:49.0922 3604 Fax - ok
22:48:49.0957 3604 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:48:49.0958 3604 fdc - ok
22:48:49.0974 3604 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:48:49.0976 3604 fdPHost - ok
22:48:49.0991 3604 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:48:49.0993 3604 FDResPub - ok
22:48:50.0006 3604 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:48:50.0007 3604 FileInfo - ok
22:48:50.0020 3604 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:48:50.0022 3604 Filetrace - ok
22:48:50.0078 3604 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:48:50.0081 3604 FLEXnet Licensing Service - ok
22:48:50.0091 3604 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:48:50.0092 3604 flpydisk - ok
22:48:50.0441 3604 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:48:50.0444 3604 FltMgr - ok
22:48:50.0498 3604 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
22:48:50.0519 3604 FontCache - ok
22:48:50.0586 3604 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:48:50.0588 3604 FontCache3.0.0.0 - ok
22:48:50.0627 3604 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:48:50.0629 3604 FsDepends - ok
22:48:50.0650 3604 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
22:48:50.0651 3604 Fs_Rec - ok
22:48:50.0682 3604 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:48:50.0685 3604 fvevol - ok
22:48:50.0700 3604 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:48:50.0701 3604 gagp30kx - ok
22:48:50.0728 3604 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:48:50.0729 3604 GEARAspiWDM - ok
22:48:50.0762 3604 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
22:48:50.0774 3604 gpsvc - ok
22:48:50.0821 3604 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:48:50.0823 3604 gupdate - ok
22:48:50.0828 3604 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:48:50.0830 3604 gupdatem - ok
22:48:50.0838 3604 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:48:50.0839 3604 hcw85cir - ok
22:48:50.0866 3604 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:48:50.0868 3604 HDAudBus - ok
22:48:50.0890 3604 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
22:48:50.0892 3604 HECIx64 - ok
22:48:50.0902 3604 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:48:50.0903 3604 HidBatt - ok
22:48:50.0917 3604 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:48:50.0919 3604 HidBth - ok
22:48:50.0932 3604 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:48:50.0933 3604 HidIr - ok
22:48:50.0951 3604 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
22:48:50.0953 3604 hidserv - ok
22:48:50.0956 3604 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
22:48:50.0957 3604 HidUsb - ok
22:48:50.0985 3604 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
22:48:50.0987 3604 hkmsvc - ok
22:48:51.0021 3604 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
22:48:51.0026 3604 HomeGroupListener - ok
22:48:51.0044 3604 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
22:48:51.0047 3604 HomeGroupProvider - ok
22:48:51.0057 3604 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:48:51.0058 3604 HpSAMD - ok
22:48:51.0085 3604 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:48:51.0092 3604 HTTP - ok
22:48:51.0103 3604 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:48:51.0103 3604 hwpolicy - ok
22:48:51.0117 3604 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
22:48:51.0118 3604 i8042prt - ok
22:48:51.0145 3604 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:48:51.0147 3604 iaStorV - ok
22:48:51.0246 3604 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:48:51.0254 3604 idsvc - ok
22:48:51.0570 3604 igfx (f4f91789c7c7a159ce8215c1f69f2a85) C:\Windows\system32\DRIVERS\igdkmd64.sys
22:48:51.0735 3604 igfx - ok
22:48:51.0810 3604 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:48:51.0811 3604 iirsp - ok
22:48:51.0842 3604 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
22:48:51.0850 3604 IKEEXT - ok
22:48:51.0869 3604 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
22:48:51.0870 3604 Impcd - ok
22:48:51.0946 3604 IntcAzAudAddService (e9befd8c6a1db3b544b61647dda35f62) C:\Windows\system32\drivers\RTKVHD64.sys
22:48:51.0956 3604 IntcAzAudAddService - ok
22:48:52.0008 3604 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
22:48:52.0012 3604 IntcDAud - ok
22:48:52.0058 3604 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:48:52.0059 3604 intelide - ok
22:48:52.0075 3604 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:48:52.0076 3604 intelppm - ok
22:48:52.0092 3604 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:48:52.0094 3604 IPBusEnum - ok
22:48:52.0108 3604 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:48:52.0109 3604 IpFilterDriver - ok
22:48:52.0133 3604 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:48:52.0134 3604 IPMIDRV - ok
22:48:52.0146 3604 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:48:52.0148 3604 IPNAT - ok
22:48:52.0219 3604 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
22:48:52.0231 3604 iPod Service - ok
22:48:52.0251 3604 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:48:52.0252 3604 IRENUM - ok
22:48:52.0279 3604 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:48:52.0280 3604 isapnp - ok
22:48:52.0303 3604 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:48:52.0305 3604 iScsiPrt - ok
22:48:52.0327 3604 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
22:48:52.0330 3604 k57nd60a - ok
22:48:52.0339 3604 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
22:48:52.0339 3604 kbdclass - ok
22:48:52.0352 3604 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
22:48:52.0353 3604 kbdhid - ok
22:48:52.0369 3604 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:48:52.0370 3604 KeyIso - ok
22:48:52.0398 3604 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
22:48:52.0400 3604 KSecDD - ok
22:48:52.0433 3604 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
22:48:52.0435 3604 KSecPkg - ok
22:48:52.0445 3604 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:48:52.0447 3604 ksthunk - ok
22:48:52.0481 3604 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:48:52.0487 3604 KtmRm - ok
22:48:52.0515 3604 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
22:48:52.0520 3604 LanmanServer - ok
22:48:52.0550 3604 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
22:48:52.0554 3604 LanmanWorkstation - ok
22:48:52.0571 3604 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:48:52.0573 3604 lltdio - ok
22:48:52.0596 3604 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:48:52.0599 3604 lltdsvc - ok
22:48:52.0611 3604 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:48:52.0613 3604 lmhosts - ok
22:48:52.0629 3604 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:48:52.0630 3604 LSI_FC - ok
22:48:52.0639 3604 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:48:52.0640 3604 LSI_SAS - ok
22:48:52.0649 3604 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:48:52.0650 3604 LSI_SAS2 - ok
22:48:52.0663 3604 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:48:52.0665 3604 LSI_SCSI - ok
22:48:52.0683 3604 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:48:52.0684 3604 luafv - ok
22:48:52.0721 3604 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
22:48:52.0722 3604 MBAMProtector - ok
22:48:52.0806 3604 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:48:52.0816 3604 MBAMService - ok
22:48:52.0862 3604 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
22:48:52.0866 3604 Mcx2Svc - ok
22:48:52.0878 3604 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:48:52.0879 3604 megasas - ok
22:48:52.0895 3604 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:48:52.0898 3604 MegaSR - ok
22:48:52.0912 3604 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:48:52.0914 3604 MMCSS - ok
22:48:52.0925 3604 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:48:52.0926 3604 Modem - ok
22:48:52.0940 3604 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:48:52.0940 3604 monitor - ok
22:48:52.0969 3604 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:48:52.0971 3604 mouclass - ok
22:48:52.0980 3604 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:48:52.0981 3604 mouhid - ok
22:48:53.0012 3604 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:48:53.0013 3604 mountmgr - ok
22:48:53.0025 3604 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:48:53.0027 3604 mpio - ok
22:48:53.0043 3604 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:48:53.0045 3604 mpsdrv - ok
22:48:53.0081 3604 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:48:53.0082 3604 MRxDAV - ok
22:48:53.0110 3604 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:48:53.0113 3604 mrxsmb - ok
22:48:53.0127 3604 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:48:53.0130 3604 mrxsmb10 - ok
22:48:53.0145 3604 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:48:53.0147 3604 mrxsmb20 - ok
22:48:53.0162 3604 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:48:53.0163 3604 msahci - ok
22:48:53.0180 3604 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:48:53.0181 3604 msdsm - ok
22:48:53.0197 3604 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:48:53.0198 3604 MSDTC - ok
22:48:53.0213 3604 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:48:53.0214 3604 Msfs - ok
22:48:53.0226 3604 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:48:53.0227 3604 mshidkmdf - ok
22:48:53.0241 3604 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:48:53.0241 3604 msisadrv - ok
22:48:53.0257 3604 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:48:53.0260 3604 MSiSCSI - ok
22:48:53.0262 3604 msiserver - ok
22:48:53.0271 3604 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:48:53.0273 3604 MSKSSRV - ok
22:48:53.0283 3604 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:48:53.0284 3604 MSPCLOCK - ok
22:48:53.0296 3604 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:48:53.0298 3604 MSPQM - ok
22:48:53.0333 3604 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:48:53.0338 3604 MsRPC - ok
22:48:53.0350 3604 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:48:53.0351 3604 mssmbios - ok
22:48:53.0354 3604 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:48:53.0356 3604 MSTEE - ok
22:48:53.0371 3604 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:48:53.0372 3604 MTConfig - ok
22:48:53.0388 3604 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:48:53.0389 3604 Mup - ok
22:48:53.0423 3604 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
22:48:53.0432 3604 napagent - ok
22:48:53.0465 3604 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:48:53.0469 3604 NativeWifiP - ok
22:48:53.0500 3604 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
22:48:53.0504 3604 NDIS - ok
22:48:53.0516 3604 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:48:53.0517 3604 NdisCap - ok
22:48:53.0532 3604 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:48:53.0533 3604 NdisTapi - ok
22:48:53.0559 3604 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:48:53.0561 3604 Ndisuio - ok
22:48:53.0582 3604 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:48:53.0585 3604 NdisWan - ok
22:48:53.0617 3604 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:48:53.0619 3604 NDProxy - ok
22:48:53.0623 3604 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:48:53.0625 3604 NetBIOS - ok
22:48:53.0646 3604 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:48:53.0651 3604 NetBT - ok
22:48:53.0668 3604 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:48:53.0669 3604 Netlogon - ok
22:48:53.0696 3604 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:48:53.0704 3604 Netman - ok
22:48:53.0724 3604 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:48:53.0729 3604 netprofm - ok
22:48:53.0786 3604 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:48:53.0788 3604 NetTcpPortSharing - ok
22:48:53.0802 3604 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:48:53.0804 3604 nfrd960 - ok
22:48:53.0834 3604 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
22:48:53.0840 3604 NlaSvc - ok
22:48:53.0855 3604 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:48:53.0857 3604 Npfs - ok
22:48:53.0887 3604 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:48:53.0888 3604 nsi - ok
22:48:53.0898 3604 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:48:53.0900 3604 nsiproxy - ok
22:48:53.0986 3604 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:48:53.0999 3604 Ntfs - ok
22:48:54.0057 3604 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:48:54.0058 3604 Null - ok
22:48:54.0076 3604 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:48:54.0077 3604 nvraid - ok
22:48:54.0107 3604 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:48:54.0108 3604 nvstor - ok
22:48:54.0137 3604 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:48:54.0139 3604 nv_agp - ok
22:48:54.0162 3604 OA002Afx (226d2c0e1aa9040646d6b158fd344046) C:\Windows\system32\Drivers\OA002Afx.sys
22:48:54.0163 3604 OA002Afx - ok
22:48:54.0176 3604 OA002Ufd (706f5504af9f28c8641dab5eddfde03b) C:\Windows\system32\DRIVERS\OA002Ufd.sys
22:48:54.0178 3604 OA002Ufd - ok
22:48:54.0193 3604 OA002Vid (2ce066adca145892715f1df163d879da) C:\Windows\system32\DRIVERS\OA002Vid.sys
22:48:54.0196 3604 OA002Vid - ok
22:48:54.0212 3604 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:48:54.0212 3604 ohci1394 - ok
22:48:54.0266 3604 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:48:54.0269 3604 ose - ok
22:48:54.0441 3604 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:48:54.0460 3604 osppsvc - ok
22:48:54.0542 3604 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:48:54.0548 3604 p2pimsvc - ok
22:48:54.0583 3604 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:48:54.0589 3604 p2psvc - ok
22:48:54.0626 3604 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:48:54.0628 3604 Parport - ok
22:48:54.0659 3604 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
22:48:54.0660 3604 partmgr - ok
22:48:54.0678 3604 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:48:54.0680 3604 PcaSvc - ok
22:48:54.0740 3604 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
22:48:54.0742 3604 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
22:48:54.0774 3604 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:48:54.0776 3604 pci - ok
22:48:54.0785 3604 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:48:54.0786 3604 pciide - ok
22:48:54.0801 3604 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:48:54.0803 3604 pcmcia - ok
22:48:54.0820 3604 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:48:54.0820 3604 pcw - ok
22:48:54.0850 3604 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:48:54.0857 3604 PEAUTH - ok
22:48:54.0935 3604 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
22:48:54.0998 3604 PeerDistSvc - ok
22:48:55.0045 3604 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:48:55.0046 3604 PerfHost - ok
22:48:55.0150 3604 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
22:48:55.0178 3604 pla - ok
22:48:55.0205 3604 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
22:48:55.0209 3604 PlugPlay - ok
22:48:55.0231 3604 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:48:55.0234 3604 PNRPAutoReg - ok
22:48:55.0256 3604 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:48:55.0259 3604 PNRPsvc - ok
22:48:55.0293 3604 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
22:48:55.0294 3604 Point64 - ok
22:48:55.0316 3604 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
22:48:55.0322 3604 PolicyAgent - ok
22:48:55.0346 3604 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:48:55.0349 3604 Power - ok
22:48:55.0380 3604 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:48:55.0382 3604 PptpMiniport - ok
22:48:55.0403 3604 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:48:55.0404 3604 Processor - ok
22:48:55.0430 3604 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
22:48:55.0433 3604 ProfSvc - ok
22:48:55.0449 3604 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:48:55.0450 3604 ProtectedStorage - ok
22:48:55.0489 3604 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:48:55.0491 3604 Psched - ok
22:48:55.0545 3604 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:48:55.0551 3604 ql2300 - ok
22:48:55.0598 3604 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:48:55.0599 3604 ql40xx - ok
22:48:55.0617 3604 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:48:55.0621 3604 QWAVE - ok
22:48:55.0633 3604 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:48:55.0634 3604 QWAVEdrv - ok
22:48:55.0642 3604 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:48:55.0644 3604 RasAcd - ok
22:48:55.0654 3604 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:48:55.0656 3604 RasAgileVpn - ok
22:48:55.0673 3604 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:48:55.0675 3604 RasAuto - ok
22:48:55.0691 3604 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:48:55.0693 3604 Rasl2tp - ok
22:48:55.0733 3604 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
22:48:55.0740 3604 RasMan - ok
22:48:55.0754 3604 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:48:55.0756 3604 RasPppoe - ok
22:48:55.0768 3604 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:48:55.0770 3604 RasSstp - ok
22:48:55.0788 3604 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:48:55.0791 3604 rdbss - ok
22:48:55.0803 3604 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:48:55.0805 3604 rdpbus - ok
22:48:55.0814 3604 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:48:55.0815 3604 RDPCDD - ok
22:48:55.0852 3604 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
22:48:55.0856 3604 RDPDR - ok
22:48:55.0863 3604 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:48:55.0864 3604 RDPENCDD - ok
22:48:55.0881 3604 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:48:55.0882 3604 RDPREFMP - ok
22:48:55.0914 3604 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
22:48:55.0918 3604 RDPWD - ok
22:48:55.0945 3604 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:48:55.0947 3604 rdyboost - ok
22:48:55.0982 3604 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:48:55.0986 3604 RemoteAccess - ok
22:48:56.0007 3604 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:48:56.0010 3604 RemoteRegistry - ok
22:48:56.0038 3604 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:48:56.0040 3604 RpcEptMapper - ok
22:48:56.0054 3604 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:48:56.0055 3604 RpcLocator - ok
22:48:56.0074 3604 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:48:56.0078 3604 RpcSs - ok
22:48:56.0092 3604 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:48:56.0094 3604 rspndr - ok
22:48:56.0120 3604 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\Windows\system32\Drivers\RtsUStor.sys
22:48:56.0122 3604 RSUSBSTOR - ok
22:48:56.0144 3604 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
22:48:56.0145 3604 s3cap - ok
22:48:56.0165 3604 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:48:56.0167 3604 SamSs - ok
22:48:56.0185 3604 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:48:56.0186 3604 sbp2port - ok
22:48:56.0204 3604 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:48:56.0207 3604 SCardSvr - ok
22:48:56.0233 3604 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:48:56.0235 3604 scfilter - ok
22:48:56.0282 3604 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
22:48:56.0307 3604 Schedule - ok
22:48:56.0333 3604 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:48:56.0335 3604 SCPolicySvc - ok
22:48:56.0369 3604 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
22:48:56.0374 3604 SDRSVC - ok
22:48:56.0402 3604 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:48:56.0403 3604 secdrv - ok
22:48:56.0418 3604 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
22:48:56.0421 3604 seclogon - ok
22:48:56.0438 3604 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
22:48:56.0441 3604 SENS - ok
22:48:56.0459 3604 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:48:56.0462 3604 SensrSvc - ok
22:48:56.0476 3604 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:48:56.0476 3604 Serenum - ok
22:48:56.0493 3604 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:48:56.0494 3604 Serial - ok
22:48:56.0513 3604 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:48:56.0514 3604 sermouse - ok
22:48:56.0539 3604 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
22:48:56.0542 3604 SessionEnv - ok
22:48:56.0564 3604 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:48:56.0566 3604 sffdisk - ok
22:48:56.0580 3604 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:48:56.0581 3604 sffp_mmc - ok
22:48:56.0596 3604 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:48:56.0597 3604 sffp_sd - ok
22:48:56.0604 3604 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:48:56.0605 3604 sfloppy - ok
22:48:56.0641 3604 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
22:48:56.0646 3604 ShellHWDetection - ok
22:48:56.0667 3604 simptcp (e9e830d540ededed650f906628468548) C:\Windows\System32\tcpsvcs.exe
22:48:56.0668 3604 simptcp - ok
22:48:56.0708 3604 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:48:56.0709 3604 SiSRaid2 - ok
22:48:56.0718 3604 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:48:56.0719 3604 SiSRaid4 - ok
22:48:56.0781 3604 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
22:48:56.0783 3604 SkypeUpdate - ok
22:48:56.0804 3604 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:48:56.0806 3604 Smb - ok
22:48:56.0843 3604 SNMP (ca62ae004e98374bf7f082cd765eea02) C:\Windows\System32\snmp.exe
22:48:56.0845 3604 SNMP - ok
22:48:56.0857 3604 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:48:56.0859 3604 SNMPTRAP - ok
22:48:56.0874 3604 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:48:56.0875 3604 spldr - ok
22:48:56.0897 3604 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
22:48:56.0903 3604 Spooler - ok
22:48:57.0009 3604 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
22:48:57.0139 3604 sppsvc - ok
22:48:57.0202 3604 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:48:57.0205 3604 sppuinotify - ok
22:48:57.0244 3604 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:48:57.0248 3604 srv - ok
22:48:57.0266 3604 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:48:57.0270 3604 srv2 - ok
22:48:57.0281 3604 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:48:57.0283 3604 srvnet - ok
22:48:57.0300 3604 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:48:57.0303 3604 SSDPSRV - ok
22:48:57.0316 3604 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:48:57.0319 3604 SstpSvc - ok
22:48:57.0335 3604 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:48:57.0336 3604 stexstor - ok
22:48:57.0365 3604 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
22:48:57.0373 3604 stisvc - ok
22:48:57.0404 3604 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
22:48:57.0405 3604 storflt - ok
22:48:57.0460 3604 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
22:48:57.0463 3604 StorSvc - ok
22:48:57.0475 3604 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
22:48:57.0477 3604 storvsc - ok
22:48:57.0493 3604 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:48:57.0494 3604 swenum - ok
22:48:57.0516 3604 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:48:57.0523 3604 swprv - ok
22:48:57.0598 3604 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
22:48:57.0623 3604 SysMain - ok
22:48:57.0716 3604 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
22:48:57.0721 3604 TabletInputService - ok
22:48:57.0753 3604 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
22:48:57.0760 3604 TapiSrv - ok
22:48:57.0776 3604 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:48:57.0777 3604 TBS - ok
22:48:57.0854 3604 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
22:48:57.0861 3604 Tcpip - ok
22:48:57.0955 3604 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
22:48:57.0962 3604 TCPIP6 - ok
22:48:58.0021 3604 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:48:58.0022 3604 tcpipreg - ok
22:48:58.0054 3604 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:48:58.0055 3604 TDPIPE - ok
22:48:58.0077 3604 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
22:48:58.0078 3604 TDTCP - ok
22:48:58.0109 3604 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:48:58.0110 3604 tdx - ok
22:48:58.0143 3604 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:48:58.0144 3604 TermDD - ok
22:48:58.0170 3604 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
22:48:58.0180 3604 TermService - ok
22:48:58.0194 3604 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:48:58.0195 3604 Themes - ok
22:48:58.0215 3604 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:48:58.0216 3604 THREADORDER - ok
22:48:58.0232 3604 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:48:58.0234 3604 TrkWks - ok
22:48:58.0263 3604 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
22:48:58.0264 3604 TrustedInstaller - ok
22:48:58.0295 3604 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:48:58.0297 3604 tssecsrv - ok
22:48:58.0328 3604 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:48:58.0329 3604 TsUsbFlt - ok
22:48:58.0363 3604 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:48:58.0366 3604 tunnel - ok
22:48:58.0386 3604 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:48:58.0388 3604 uagp35 - ok
22:48:58.0411 3604 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:48:58.0415 3604 udfs - ok
22:48:58.0436 3604 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:48:58.0437 3604 UI0Detect - ok
22:48:58.0452 3604 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:48:58.0453 3604 uliagpkx - ok
22:48:58.0470 3604 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
22:48:58.0471 3604 umbus - ok
22:48:58.0481 3604 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:48:58.0482 3604 UmPass - ok
22:48:58.0506 3604 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
22:48:58.0509 3604 UmRdpService - ok
22:48:58.0529 3604 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:48:58.0533 3604 upnphost - ok
22:48:58.0548 3604 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
22:48:58.0549 3604 USBAAPL64 - ok
22:48:58.0563 3604 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
22:48:58.0564 3604 usbaudio - ok
22:48:58.0586 3604 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:48:58.0588 3604 usbccgp - ok
22:48:58.0607 3604 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:48:58.0608 3604 usbcir - ok
22:48:58.0620 3604 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
22:48:58.0621 3604 usbehci - ok
22:48:58.0636 3604 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
22:48:58.0640 3604 usbhub - ok
22:48:58.0665 3604 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
22:48:58.0666 3604 usbohci - ok
22:48:58.0683 3604 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:48:58.0684 3604 usbprint - ok
22:48:58.0728 3604 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:48:58.0729 3604 usbscan - ok
22:48:58.0753 3604 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:48:58.0755 3604 USBSTOR - ok
22:48:58.0770 3604 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
22:48:58.0771 3604 usbuhci - ok
22:48:58.0791 3604 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
22:48:58.0793 3604 usbvideo - ok
22:48:58.0808 3604 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:48:58.0810 3604 UxSms - ok
22:48:58.0829 3604 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:48:58.0830 3604 VaultSvc - ok
22:48:58.0842 3604 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:48:58.0843 3604 vdrvroot - ok
22:48:58.0885 3604 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
22:48:58.0895 3604 vds - ok
22:48:58.0913 3604 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:48:58.0915 3604 vga - ok
22:48:58.0925 3604 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:48:58.0926 3604 VgaSave - ok
22:48:58.0946 3604 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:48:58.0948 3604 vhdmp - ok
22:48:58.0961 3604 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:48:58.0962 3604 viaide - ok
22:48:58.0977 3604 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
22:48:58.0979 3604 vmbus - ok
22:48:58.0990 3604 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
22:48:58.0991 3604 VMBusHID - ok
22:48:59.0004 3604 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:48:59.0005 3604 volmgr - ok
22:48:59.0039 3604 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:48:59.0040 3604 volmgrx - ok
22:48:59.0052 3604 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:48:59.0054 3604 volsnap - ok
22:48:59.0068 3604 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:48:59.0069 3604 vsmraid - ok
22:48:59.0128 3604 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
22:48:59.0157 3604 VSS - ok
22:48:59.0231 3604 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
22:48:59.0232 3604 vwifibus - ok
22:48:59.0245 3604 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:48:59.0247 3604 vwififlt - ok
22:48:59.0269 3604 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:48:59.0273 3604 W32Time - ok
22:48:59.0305 3604 W3SVC (b32009db1972e7f2c227499289c4384a) C:\Windows\system32\inetsrv\iisw3adm.dll
22:48:59.0310 3604 W3SVC - ok
22:48:59.0323 3604 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:48:59.0324 3604 WacomPen - ok
22:48:59.0343 3604 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:48:59.0344 3604 WANARP - ok
22:48:59.0346 3604 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:48:59.0347 3604 Wanarpv6 - ok
22:48:59.0350 3604 WAS (b32009db1972e7f2c227499289c4384a) C:\Windows\system32\inetsrv\iisw3adm.dll
22:48:59.0352 3604 WAS - ok
22:48:59.0401 3604 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
22:48:59.0422 3604 WatAdminSvc - ok
22:48:59.0475 3604 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
22:48:59.0499 3604 wbengine - ok
22:48:59.0543 3604 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:48:59.0547 3604 WbioSrvc - ok
22:48:59.0564 3604 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
22:48:59.0569 3604 wcncsvc - ok
22:48:59.0580 3604 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:48:59.0582 3604 WcsPlugInService - ok
22:48:59.0598 3604 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:48:59.0599 3604 Wd - ok
22:48:59.0625 3604 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:48:59.0629 3604 Wdf01000 - ok
22:48:59.0643 3604 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:48:59.0646 3604 WdiServiceHost - ok
22:48:59.0648 3604 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:48:59.0650 3604 WdiSystemHost - ok
22:48:59.0672 3604 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
22:48:59.0676 3604 WebClient - ok
22:48:59.0693 3604 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:48:59.0696 3604 Wecsvc - ok
22:48:59.0708 3604 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:48:59.0710 3604 wercplsupport - ok
22:48:59.0722 3604 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:48:59.0724 3604 WerSvc - ok
22:48:59.0736 3604 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:48:59.0737 3604 WfpLwf - ok
22:48:59.0763 3604 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
22:48:59.0765 3604 WimFltr - ok
22:48:59.0778 3604 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:48:59.0779 3604 WIMMount - ok
22:48:59.0783 3604 WinHttpAutoProxySvc - ok
22:48:59.0827 3604 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:48:59.0830 3604 Winmgmt - ok
22:48:59.0888 3604 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
22:48:59.0918 3604 WinRM - ok
22:48:59.0985 3604 winusb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
22:48:59.0988 3604 winusb - ok
22:49:00.0019 3604 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:49:00.0028 3604 Wlansvc - ok
22:49:00.0138 3604 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:49:00.0146 3604 wlidsvc - ok
22:49:00.0211 3604 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:49:00.0212 3604 WmiAcpi - ok
22:49:00.0233 3604 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:49:00.0236 3604 wmiApSrv - ok
22:49:00.0258 3604 WMPNetworkSvc - ok
22:49:00.0298 3604 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:49:00.0301 3604 WPCSvc - ok
22:49:00.0324 3604 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
22:49:00.0329 3604 WPDBusEnum - ok
22:49:00.0350 3604 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:49:00.0350 3604 ws2ifsl - ok
22:49:00.0353 3604 WSearch - ok
22:49:00.0434 3604 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
22:49:00.0467 3604 wuauserv - ok
22:49:00.0529 3604 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:49:00.0531 3604 WudfPf - ok
22:49:00.0550 3604 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:49:00.0553 3604 WUDFRd - ok
22:49:00.0580 3604 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
22:49:00.0582 3604 wudfsvc - ok
22:49:00.0612 3604 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:49:00.0618 3604 WwanSvc - ok
22:49:00.0638 3604 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
22:49:00.0777 3604 \Device\Harddisk0\DR0 - ok
22:49:00.0779 3604 Boot (0x1200) (79ffb74593f49de3264d279cf6377e71) \Device\Harddisk0\DR0\Partition0
22:49:00.0780 3604 \Device\Harddisk0\DR0\Partition0 - ok
22:49:00.0795 3604 Boot (0x1200) (ec9a106434f5b3fd8c7bbfa294f59896) \Device\Harddisk0\DR0\Partition1
22:49:00.0797 3604 \Device\Harddisk0\DR0\Partition1 - ok
22:49:00.0797 3604 ============================================================
22:49:00.0797 3604 Scan finished
22:49:00.0797 3604 ============================================================
22:49:00.0804 5400 Detected object count: 0
22:49:00.0804 5400 Actual detected object count: 0


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-13 22:50:41
-----------------------------
22:50:41.576 OS Version: Windows x64 6.1.7601 Service Pack 1
22:50:41.576 Number of processors: 4 586 0x2502
22:50:41.578 ComputerName: LESLIERAE-PC UserName: Leslie Rae
22:50:43.268 Initialize success
22:51:55.665 AVAST engine defs: 12071301
22:52:25.763 The log file has been saved successfully to "C:\Users\Leslie Rae\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-14 00:15:09
-----------------------------
00:15:09.033 OS Version: Windows x64 6.1.7601 Service Pack 1
00:15:09.033 Number of processors: 4 586 0x2502
00:15:09.033 ComputerName: LESLIERAE-PC UserName: Leslie Rae
00:15:12.636 Initialize success
00:15:16.037 AVAST engine defs: 12071301
00:15:33.854 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
00:15:33.858 Disk 0 Vendor: ST31000528AS CC46 Size: 953869MB BusType: 3
00:15:33.875 Disk 0 MBR read successfully
00:15:33.880 Disk 0 MBR scan
00:15:33.885 Disk 0 Windows VISTA default MBR code
00:15:33.891 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
00:15:33.906 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 10118 MB offset 81920
00:15:33.921 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 943710 MB offset 20803584
00:15:33.951 Disk 0 scanning C:\Windows\system32\drivers
00:15:44.330 Service scanning
00:15:59.592 Modules scanning
00:15:59.602 Disk 0 trace - called modules:
00:15:59.646 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
00:15:59.651 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006417060]
00:15:59.653 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa80061b1520]
00:15:59.656 5 ACPI.sys[fffff88000fa07a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80061b3060]
00:16:01.953 AVAST engine scan C:\Windows
00:16:06.418 AVAST engine scan C:\Windows\system32
00:18:08.977 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
00:18:11.106 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
00:19:30.709 AVAST engine scan C:\Windows\system32\drivers
00:19:53.295 AVAST engine scan C:\Users\Leslie Rae
00:28:23.779 AVAST engine scan C:\ProgramData
00:32:21.440 Scan finished successfully
00:32:33.068 Disk 0 MBR has been saved successfully to "C:\Users\Leslie Rae\Desktop\MBR.dat"
00:32:33.071 The log file has been saved successfully to "C:\Users\Leslie Rae\Desktop\aswMBR.txt"


C:\Program Files (x86)\RegGenie\RegGenie.exe probably a variant of Win32/Adware.RegGenie application cleaned by deleting - quarantined
C:\Program Files (x86)\Uniblue\RegistryBooster\Launcher.exe a variant of Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files (x86)\Uniblue\RegistryBooster\rbnotifier.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files (x86)\Uniblue\RegistryBooster\rb_move_serial.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files (x86)\Uniblue\RegistryBooster\rb_ubm.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XKKY7J6F\RegGenieSetup.exe probably a variant of Win32/Adware.RegGenie application cleaned by deleting - quarantined
C:\Users\Leslie Rae\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\29ffb5f1-1d70e5b9 Java/Exploit.CVE-2012-0507.CA trojan deleted - quarantined
C:\Users\Leslie Rae\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\110919103442353.rsc multiple threats deleted - quarantined
C:\Users\Leslie Rae\AppData\Roaming\Uniblue\RegistryBooster\_temp\ub.exe a variant of Win32/RegistryBooster application deleted - quarantined
C:\Windows\Installer\{8f615c06-fcc9-45e0-8a19-4d3031f2b6f8}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{8f615c06-fcc9-45e0-8a19-4d3031f2b6f8}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Windows\Installer\{8f615c06-fcc9-45e0-8a19-4d3031f2b6f8}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
Operating memory multiple threats

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:18 PM

Posted 14 July 2012 - 04:45 AM

We need advanced tools here

Read the guide on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users