Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Horse


  • Please log in to reply
13 replies to this topic

#1 BRedSox

BRedSox

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 25 July 2012 - 07:27 PM

A mere 2-3 hours ago AVG started popping up a message box saying:
"Threat Detected!"
File Name: c:\Windows\System32\services.exe
Threat Name: Trojan Horse Patched_c.LXT
Detected on Open

Process Name: C:\Windows\System32\svchost.exe

*While typing this post a new AVG message has popped up saying:
Multiple threat detection
c:\Windows\System32\services.exe Object is white-listed (critical/system file that should not be removed)

AVG offers no option to remove/delete the Trojan.
I also noticed when browsing online (even this site) links would routinely get redirect to random pages.

-Thanks in advance for the assistance!

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:41 AM

Posted 25 July 2012 - 07:34 PM

Hello BRedSox

Lets look with some other tools. I also moved this from Win7 to the Am I Infected forum.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).




Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. [color=green]In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 BRedSox

BRedSox
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 26 July 2012 - 07:47 AM

MiniToolBox

*Please note that I received this error in conjunction of running the program.

Nslookup.exe – Ordinal Not Found

The ordinal 1108 could not be located in the dynamic link library WSOCK32.dll.



MiniToolBox by Farbar Version: 23-07-2012
Ran by Bradley (administrator) on 26-07-2012 at 08:41:18
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
::1 localhost


127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6200 AGN = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)
The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Wireless Network Connection 3" address=192.168.16.2


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Bradley-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9
Physical Address. . . . . . . . . : 00-FF-F2-B7-44-B4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 00-23-14-65-60-81
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::dc7f:74f5:84fa:251b%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.16.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 486548244
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-87-66-E4-B8-AC-6F-6B-AC-69
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-23-14-65-60-81
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6200 AGN
Physical Address. . . . . . . . . : 00-23-14-65-60-80
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b46b:b1a1:ead8:1c8%13(Preferred)
IPv4 Address. . . . . . . . . . . : 172.16.0.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, July 26, 2012 8:33:57 AM
Lease Expires . . . . . . . . . . : Friday, July 27, 2012 8:34:01 AM
Default Gateway . . . . . . . . . : 172.16.0.1
DHCP Server . . . . . . . . . . . : 172.16.0.1
DHCPv6 IAID . . . . . . . . . . . : 184558356
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-87-66-E4-B8-AC-6F-6B-AC-69
DNS Servers . . . . . . . . . . . : 172.16.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : B8-AC-6F-6B-AC-69
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{57755AB6-9046-419F-AEEB-B298C297FF23}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F2B744B4-ADD9-4E58-8667-D4B1CD84477D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{1AAAB263-B8B2-4A48-9223-6CA3DCB0927D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{816A8EFA-15F1-4281-B470-F318CE401E94}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6CD9EBA1-8C4A-4BAB-9F17-BC23C3F47F71}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Pinging google.com [173.194.43.7] with 32 bytes of data:
Reply from 173.194.43.7: bytes=32 time=21ms TTL=58
Reply from 173.194.43.7: bytes=32 time=22ms TTL=58

Ping statistics for 173.194.43.7:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 21ms, Maximum = 22ms, Average = 21ms

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=56ms TTL=55
Reply from 98.139.183.24: bytes=32 time=165ms TTL=55

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 56ms, Maximum = 165ms, Average = 110ms

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...00 ff f2 b7 44 b4 ......TAP-Win32 Adapter V9
15...00 23 14 65 60 81 ......Microsoft Virtual WiFi Miniport Adapter #2
14...00 23 14 65 60 81 ......Microsoft Virtual WiFi Miniport Adapter
13...00 23 14 65 60 80 ......Intel® Centrino® Advanced-N 6200 AGN
11...b8 ac 6f 6b ac 69 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 172.16.0.1 172.16.0.10 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
172.16.0.0 255.255.255.0 On-link 172.16.0.10 281
172.16.0.10 255.255.255.255 On-link 172.16.0.10 281
172.16.0.255 255.255.255.255 On-link 172.16.0.10 281
192.168.16.0 255.255.255.0 On-link 192.168.16.2 281
192.168.16.2 255.255.255.255 On-link 192.168.16.2 281
192.168.16.255 255.255.255.255 On-link 192.168.16.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 172.16.0.10 281
224.0.0.0 240.0.0.0 On-link 192.168.16.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 172.16.0.10 281
255.255.255.255 255.255.255.255 On-link 192.168.16.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 281 fe80::/64 On-link
15 281 fe80::/64 On-link
13 281 fe80::b46b:b1a1:ead8:1c8/128
On-link
15 281 fe80::dc7f:74f5:84fa:251b/128
On-link
1 306 ff00::/8 On-link
13 281 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/25/2012 10:57:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7205889

Error: (07/25/2012 10:57:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7205889

Error: (07/25/2012 10:57:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/25/2012 10:57:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7204812

Error: (07/25/2012 10:57:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7204812

Error: (07/25/2012 10:57:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/25/2012 10:57:06 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7203814

Error: (07/25/2012 10:57:06 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7203814

Error: (07/25/2012 10:57:06 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/25/2012 10:57:05 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7202816


System errors:
=============
Error: (07/26/2012 08:36:10 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Network Agent service depends the following service: MfeFire. This service might not be installed.

Error: (07/26/2012 08:36:10 AM) (Source: Service Control Manager) (User: )
Description: The McAfee VirusScan Announcer service failed to start due to the following error:
%%2

Error: (07/26/2012 08:36:10 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Services service failed to start due to the following error:
%%2

Error: (07/26/2012 08:34:52 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/26/2012 08:33:48 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (07/26/2012 08:33:48 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Anti-Spam Service service depends the following service: MfeFire. This service might not be installed.

Error: (07/26/2012 08:33:48 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Proxy Service service depends the following service: MfeFire. This service might not be installed.

Error: (07/26/2012 08:33:48 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (07/26/2012 08:33:48 AM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (07/26/2012 08:33:48 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (05/30/2012 02:18:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 619 seconds with 300 seconds of active time. This session ended with a crash.

Error: (10/20/2011 10:48:08 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 607923 seconds with 5160 seconds of active time. This session ended with a crash.

Error: (09/16/2011 10:07:49 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 150065 seconds with 1800 seconds of active time. This session ended with a crash.

Error: (08/24/2011 09:25:35 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2195 seconds with 1260 seconds of active time. This session ended with a crash.

Error: (08/17/2011 02:42:46 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 103529 seconds with 480 seconds of active time. This session ended with a crash.

Error: (11/05/2010 02:37:36 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 361225 seconds with 8760 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Accelerometer (Version: 1.06.08.17)
Accidental Damage Services Agreement (Version: 2.0.0)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.0.3)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Reader X (10.0.1) (Version: 10.0.1)
Advanced Audio FX Engine (Version: 1.12.05)
Akamai NetSession Interface
Akamai NetSession Interface Service
AnyBizSoft PDF to Word (Build 3.0.0)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.96)
Apple Software Update (Version: 2.1.3.127)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
AVG PC Tuneup (Version: 10.0.0.27)
Banctec Service Agreement (Version: 2.0.0)
Bing Bar (Version: 7.0.850.0)
Bonjour (Version: 3.0.0.10)
Cozi (Version: 1.0.4323.24051)
Dell DataSafe Local Backup - Support Software (Version: 2.41)
Dell DataSafe Local Backup (Version: 9.4.45)
Dell DataSafe Online (Version: 1.2.0009)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.5.09100)
Dell Touchpad (Version: 14.0.2.0)
Dell Webcam Central (Version: 1.40.05)
FileZilla Server (remove only)
Gimp 2.6.2 Debug
Google AdWords Editor (Version: 8.5.1)
Google Chrome (Version: 20.0.1132.57)
Google Gears (Version: 0.5.3600)
Google Talk (remove only)
Google Talk Plugin (Version: 3.3.2.8436)
Google Update Helper (Version: 1.3.21.115)
GoToAssist 8.0.0.514
GoToMeeting 4.8.0.723 (Version: 4.8.0.723)
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1968)
Intel® PROSet/Wireless WiFi Software (Version: 13.00.0000)
iTunes (Version: 10.4.1.10)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 17 (64-bit) (Version: 6.0.170)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8089.726)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
metro for dev Screen Saver
MetroScreenSaver_testV2 Screen Saver
MetroSS_1000x635_Med Screen Saver
MetroSS_800x500_med Screen Saver
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MobileMe Control Panel (Version: 3.1.6.0)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NOOK for PC (Version: 2.5.2.458)
PowerDVD DX (Version: 8.3.6029)
Quickset64 (Version: 9.6.11)
QuickTime (Version: 7.70.80.34)
RotoChamp 2011 (Version: 2.1.0.97)
RotoLab 2011
Roxio Burn (Version: 1.01)
Safari (Version: 5.34.50.0)
Skype Toolbars (Version: 5.0.4112)
Skype™ 5.0 (Version: 5.0.123)
Spybot - Search & Destroy (Version: 1.6.2)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
WebEx
WildTangent Games (Version: 1.0.0.71)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WiTopia.Net personalVPN-v1.7 (Version: personalVPN-v1.7)
WiTopia.Net personalVPN 1.8 (Version: 1.8)
Wondershare PDF to Word (Build 3.5.0) (Version: 3.5.0)
Workspace Desktop
Yahoo! Search Marketing Desktop (Version: 1.2.0)
Yahoo! Search Marketing Desktop (Version: 1.2.0.0.131)

========================= Memory info: ===================================

Percentage of memory in use: 71%
Total physical RAM: 3892.52 MB
Available physical RAM: 1094.64 MB
Total Pagefile: 7783.19 MB
Available Pagefile: 4699.66 MB
Total Virtual: 4095.88 MB
Available Virtual: 3982.11 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:386.52 GB) NTFS

========================= Users: ========================================

User accounts for \\BRADLEY-PC

Administrator Bradley Guest
Guest 1


**** End of log ****

Edited by BRedSox, 26 July 2012 - 08:16 AM.


#4 BRedSox

BRedSox
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 26 July 2012 - 07:56 AM

Malwarebytes Anti-Malware:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.26.11

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Bradley :: BRADLEY-PC [administrator]

7/26/2012 9:04:58 AM
mbam-log-2012-07-26 (09-04-58).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 240319
Time elapsed: 9 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\Installer\{4fb9d4b6-3549-c408-902a-8cb479d34df0}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.

(end)

Edited by BRedSox, 26 July 2012 - 08:16 AM.


#5 BRedSox

BRedSox
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 26 July 2012 - 08:31 AM

TDSSKiller.exe


09:25:27.0323 2228 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
09:25:29.0109 2228 ============================================================
09:25:29.0109 2228 Current date / time: 2012/07/26 09:25:29.0109
09:25:29.0109 2228 SystemInfo:
09:25:29.0109 2228
09:25:29.0109 2228 OS Version: 6.1.7600 ServicePack: 0.0
09:25:29.0109 2228 Product type: Workstation
09:25:29.0109 2228 ComputerName: BRADLEY-PC
09:25:29.0109 2228 UserName: Bradley
09:25:29.0109 2228 Windows directory: C:\Windows
09:25:29.0109 2228 System windows directory: C:\Windows
09:25:29.0109 2228 Running under WOW64
09:25:29.0109 2228 Processor architecture: Intel x64
09:25:29.0109 2228 Number of processors: 4
09:25:29.0109 2228 Page size: 0x1000
09:25:29.0109 2228 Boot type: Normal boot
09:25:29.0109 2228 ============================================================
09:25:30.0973 2228 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:25:30.0979 2228 ============================================================
09:25:30.0979 2228 \Device\Harddisk0\DR0:
09:25:30.0979 2228 MBR partitions:
09:25:30.0979 2228 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
09:25:30.0979 2228 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x38625E6B
09:25:30.0979 2228 ============================================================
09:25:31.0015 2228 C: <-> \Device\Harddisk0\DR0\Partition1
09:25:31.0015 2228 ============================================================
09:25:31.0015 2228 Initialize success
09:25:31.0015 2228 ============================================================
09:25:36.0784 2792 ============================================================
09:25:36.0784 2792 Scan started
09:25:36.0784 2792 Mode: Manual;
09:25:36.0784 2792 ============================================================
09:25:44.0983 2792 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
09:25:44.0995 2792 1394ohci - ok
09:25:45.0055 2792 Acceler (c49c56b35bfc6cda8d1fdcad2885568f) C:\Windows\system32\DRIVERS\Acceler.sys
09:25:45.0066 2792 Acceler - ok
09:25:45.0113 2792 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
09:25:45.0129 2792 ACPI - ok
09:25:45.0157 2792 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
09:25:45.0190 2792 AcpiPmi - ok
09:25:45.0482 2792 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:25:45.0495 2792 AdobeFlashPlayerUpdateSvc - ok
09:25:45.0546 2792 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
09:25:45.0576 2792 adp94xx - ok
09:25:45.0622 2792 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
09:25:45.0656 2792 adpahci - ok
09:25:45.0703 2792 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
09:25:45.0744 2792 adpu320 - ok
09:25:45.0806 2792 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:25:45.0807 2792 AeLookupSvc - ok
09:25:46.0037 2792 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
09:25:46.0038 2792 AESTFilters - ok
09:25:46.0109 2792 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
09:25:46.0146 2792 AFD - ok
09:25:46.0256 2792 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
09:25:46.0275 2792 agp440 - ok
09:25:48.0308 2792 Akamai (29584f02a43e427c4227e3b1d9ff1b22) c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll
09:25:48.0308 2792 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584f02a43e427c4227e3b1d9ff1b22
09:25:48.0314 2792 Akamai ( HiddenFile.Multi.Generic ) - warning
09:25:48.0314 2792 Akamai - detected HiddenFile.Multi.Generic (1)
09:25:48.0927 2792 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:25:48.0939 2792 ALG - ok
09:25:49.0000 2792 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
09:25:49.0018 2792 aliide - ok
09:25:49.0039 2792 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
09:25:49.0050 2792 amdide - ok
09:25:49.0088 2792 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
09:25:49.0101 2792 AmdK8 - ok
09:25:49.0115 2792 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
09:25:49.0125 2792 AmdPPM - ok
09:25:49.0155 2792 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
09:25:49.0180 2792 amdsata - ok
09:25:49.0209 2792 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
09:25:49.0237 2792 amdsbs - ok
09:25:49.0252 2792 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
09:25:49.0253 2792 amdxata - ok
09:25:49.0299 2792 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
09:25:49.0311 2792 AppID - ok
09:25:49.0331 2792 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:25:49.0340 2792 AppIDSvc - ok
09:25:49.0353 2792 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
09:25:49.0356 2792 Appinfo - ok
09:25:49.0509 2792 Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:25:49.0510 2792 Apple Mobile Device - ok
09:25:49.0540 2792 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
09:25:49.0552 2792 arc - ok
09:25:49.0573 2792 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
09:25:49.0585 2792 arcsas - ok
09:25:49.0613 2792 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:25:49.0615 2792 AsyncMac - ok
09:25:49.0652 2792 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
09:25:49.0652 2792 atapi - ok
09:25:49.0719 2792 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
09:25:49.0723 2792 AudioEndpointBuilder - ok
09:25:49.0729 2792 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
09:25:49.0733 2792 AudioSrv - ok
09:25:49.0782 2792 Avgfwfd (96b4456f1dca4eda506ed31c7d2d6b05) C:\Windows\system32\DRIVERS\avgfwd6a.sys
09:25:49.0792 2792 Avgfwfd - ok
09:25:53.0274 2792 avgfws (bd5d11cedbcde4fa97d2387e7069b1ff) C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
09:25:53.0287 2792 avgfws - ok
09:25:55.0509 2792 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
09:25:55.0535 2792 AVGIDSAgent - ok
09:25:55.0733 2792 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
09:25:55.0734 2792 AVGIDSDriver - ok
09:25:55.0762 2792 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
09:25:55.0763 2792 AVGIDSFilter - ok
09:25:55.0803 2792 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
09:25:55.0803 2792 AVGIDSHA - ok
09:25:55.0861 2792 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
09:25:55.0874 2792 Avgldx64 - ok
09:25:55.0905 2792 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
09:25:55.0915 2792 Avgmfx64 - ok
09:25:55.0943 2792 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
09:25:55.0944 2792 Avgrkx64 - ok
09:25:55.0995 2792 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
09:25:56.0007 2792 Avgtdia - ok
09:25:56.0044 2792 avgtp (e1b8ec60c85a266cb604cd46921606b4) C:\Windows\system32\drivers\avgtpx64.sys
09:25:56.0055 2792 avgtp - ok
09:25:56.0334 2792 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
09:25:56.0337 2792 avgwd - ok
09:25:56.0383 2792 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
09:25:56.0398 2792 AxInstSV - ok
09:25:56.0452 2792 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
09:25:56.0502 2792 b06bdrv - ok
09:25:56.0557 2792 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:25:56.0591 2792 b57nd60a - ok
09:25:56.0729 2792 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
09:25:56.0731 2792 BBSvc - ok
09:25:56.0823 2792 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
09:25:56.0826 2792 BBUpdate - ok
09:25:56.0908 2792 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:25:56.0918 2792 BDESVC - ok
09:25:56.0946 2792 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:25:56.0960 2792 Beep - ok
09:25:56.0997 2792 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
09:25:57.0007 2792 blbdrive - ok
09:25:57.0188 2792 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
09:25:57.0192 2792 Bonjour Service - ok
09:25:57.0246 2792 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
09:25:57.0247 2792 bowser - ok
09:25:57.0275 2792 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:25:57.0285 2792 BrFiltLo - ok
09:25:57.0297 2792 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:25:57.0307 2792 BrFiltUp - ok
09:25:57.0339 2792 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
09:25:57.0341 2792 Browser - ok
09:25:57.0376 2792 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:25:57.0413 2792 Brserid - ok
09:25:57.0446 2792 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:25:57.0474 2792 BrSerWdm - ok
09:25:57.0494 2792 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:25:57.0504 2792 BrUsbMdm - ok
09:25:57.0517 2792 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:25:57.0532 2792 BrUsbSer - ok
09:25:57.0553 2792 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
09:25:57.0567 2792 BTHMODEM - ok
09:25:57.0613 2792 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:25:57.0634 2792 bthserv - ok
09:25:57.0766 2792 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:25:57.0795 2792 cdfs - ok
09:25:57.0834 2792 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
09:25:57.0862 2792 cdrom - ok
09:25:57.0889 2792 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
09:25:57.0901 2792 CertPropSvc - ok
09:25:57.0925 2792 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
09:25:57.0953 2792 circlass - ok
09:25:58.0000 2792 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:25:58.0013 2792 CLFS - ok
09:25:58.0277 2792 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:25:58.0280 2792 clr_optimization_v2.0.50727_32 - ok
09:25:58.0389 2792 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:25:58.0392 2792 clr_optimization_v2.0.50727_64 - ok
09:25:58.0541 2792 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:25:58.0587 2792 clr_optimization_v4.0.30319_32 - ok
09:25:58.0656 2792 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:25:58.0657 2792 clr_optimization_v4.0.30319_64 - ok
09:25:58.0687 2792 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
09:25:58.0698 2792 CmBatt - ok
09:25:58.0710 2792 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
09:25:58.0721 2792 cmdide - ok
09:25:58.0779 2792 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys
09:25:58.0796 2792 CNG - ok
09:25:58.0842 2792 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
09:25:58.0843 2792 Compbatt - ok
09:25:58.0898 2792 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
09:25:58.0909 2792 CompositeBus - ok
09:25:58.0921 2792 COMSysApp - ok
09:25:58.0936 2792 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
09:25:58.0948 2792 crcdisk - ok
09:25:58.0991 2792 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
09:25:58.0993 2792 CryptSvc - ok
09:25:59.0023 2792 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
09:25:59.0042 2792 CtClsFlt - ok
09:25:59.0111 2792 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
09:25:59.0118 2792 DcomLaunch - ok
09:25:59.0241 2792 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:25:59.0290 2792 defragsvc - ok
09:25:59.0361 2792 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
09:25:59.0374 2792 DfsC - ok
09:25:59.0438 2792 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
09:25:59.0441 2792 Dhcp - ok
09:25:59.0515 2792 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:25:59.0529 2792 discache - ok
09:25:59.0667 2792 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
09:25:59.0668 2792 Disk - ok
09:25:59.0716 2792 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
09:25:59.0718 2792 Dnscache - ok
09:25:59.0812 2792 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
09:25:59.0813 2792 DockLoginService - ok
09:25:59.0985 2792 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
09:26:00.0007 2792 dot3svc - ok
09:26:00.0299 2792 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
09:26:00.0300 2792 DPS - ok
09:26:00.0350 2792 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:26:00.0358 2792 drmkaud - ok
09:26:00.0443 2792 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
09:26:00.0463 2792 DXGKrnl - ok
09:26:00.0512 2792 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:26:00.0513 2792 EapHost - ok
09:26:00.0888 2792 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
09:26:00.0989 2792 ebdrv - ok
09:26:01.0540 2792 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
09:26:01.0542 2792 EFS - ok
09:26:01.0673 2792 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
09:26:01.0705 2792 ehRecvr - ok
09:26:01.0732 2792 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:26:01.0735 2792 ehSched - ok
09:26:01.0815 2792 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
09:26:01.0868 2792 elxstor - ok
09:26:01.0880 2792 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
09:26:01.0891 2792 ErrDev - ok
09:26:02.0017 2792 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:26:02.0024 2792 EventSystem - ok
09:26:02.0376 2792 EvtEng (51643ee2712d9212e1e53ca7e8d8eb4a) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:26:02.0385 2792 EvtEng - ok
09:26:02.0921 2792 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:26:02.0944 2792 exfat - ok
09:26:02.0963 2792 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:26:02.0967 2792 fastfat - ok
09:26:03.0519 2792 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
09:26:03.0538 2792 Fax - ok
09:26:03.0772 2792 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
09:26:03.0800 2792 fdc - ok
09:26:03.0837 2792 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:26:03.0839 2792 fdPHost - ok
09:26:03.0856 2792 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:26:03.0857 2792 FDResPub - ok
09:26:04.0556 2792 File Backup (5ff231e6c44de1546f79ce44e21b1bba) C:\Program Files (x86)\Workspace\offSyncService.exe
09:26:04.0564 2792 File Backup - ok
09:26:04.0608 2792 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:26:04.0610 2792 FileInfo - ok
09:26:04.0624 2792 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:26:04.0635 2792 Filetrace - ok
09:26:04.0737 2792 FileZilla Server (b1561c2eb542c666729ead60840bf3ed) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
09:26:04.0741 2792 FileZilla Server - ok
09:26:04.0788 2792 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
09:26:04.0797 2792 flpydisk - ok
09:26:04.0821 2792 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
09:26:04.0823 2792 FltMgr - ok
09:26:05.0402 2792 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
09:26:05.0427 2792 FontCache - ok
09:26:05.0547 2792 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:26:05.0549 2792 FontCache3.0.0.0 - ok
09:26:05.0591 2792 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:26:05.0606 2792 FsDepends - ok
09:26:05.0655 2792 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
09:26:05.0656 2792 Fs_Rec - ok
09:26:05.0697 2792 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:26:05.0709 2792 fvevol - ok
09:26:05.0734 2792 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:26:05.0747 2792 gagp30kx - ok
09:26:05.0961 2792 GameConsoleService (67cf4c2e7477b9a01df07e38af293414) C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
09:26:05.0975 2792 GameConsoleService - ok
09:26:06.0004 2792 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:26:06.0016 2792 GEARAspiWDM - ok
09:26:06.0063 2792 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
09:26:06.0065 2792 GoToAssist - ok
09:26:06.0130 2792 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
09:26:06.0135 2792 gpsvc - ok
09:26:06.0350 2792 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:26:06.0351 2792 gupdate - ok
09:26:06.0357 2792 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:26:06.0359 2792 gupdatem - ok
09:26:06.0380 2792 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:26:06.0394 2792 hcw85cir - ok
09:26:06.0438 2792 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
09:26:06.0465 2792 HdAudAddService - ok
09:26:06.0490 2792 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:26:06.0493 2792 HDAudBus - ok
09:26:06.0529 2792 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
09:26:06.0543 2792 HECIx64 - ok
09:26:06.0578 2792 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
09:26:06.0590 2792 HidBatt - ok
09:26:06.0609 2792 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
09:26:06.0622 2792 HidBth - ok
09:26:06.0652 2792 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
09:26:06.0663 2792 HidIr - ok
09:26:06.0689 2792 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:26:06.0699 2792 hidserv - ok
09:26:06.0729 2792 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
09:26:06.0748 2792 HidUsb - ok
09:26:06.0788 2792 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
09:26:06.0793 2792 hkmsvc - ok
09:26:06.0817 2792 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
09:26:06.0842 2792 HomeGroupListener - ok
09:26:06.0871 2792 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
09:26:06.0882 2792 HomeGroupProvider - ok
09:26:06.0908 2792 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
09:26:06.0955 2792 HpSAMD - ok
09:26:07.0012 2792 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
09:26:07.0017 2792 HTTP - ok
09:26:07.0054 2792 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
09:26:07.0055 2792 hwpolicy - ok
09:26:07.0109 2792 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
09:26:07.0122 2792 i8042prt - ok
09:26:07.0182 2792 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
09:26:07.0210 2792 iaStorV - ok
09:26:07.0909 2792 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:26:07.0950 2792 idsvc - ok
09:26:09.0821 2792 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
09:26:10.0068 2792 igfx - ok
09:26:10.0334 2792 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
09:26:10.0354 2792 iirsp - ok
09:26:10.0433 2792 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
09:26:10.0498 2792 IKEEXT - ok
09:26:10.0549 2792 InstallFilterService (fd5ef1d0210cb9c0773bba7ca360d762) C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
09:26:10.0550 2792 InstallFilterService - ok
09:26:10.0573 2792 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
09:26:10.0587 2792 intelide - ok
09:26:10.0618 2792 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
09:26:10.0619 2792 intelppm - ok
09:26:10.0653 2792 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:26:10.0657 2792 IPBusEnum - ok
09:26:10.0678 2792 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:26:10.0697 2792 IpFilterDriver - ok
09:26:10.0716 2792 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
09:26:10.0727 2792 IPMIDRV - ok
09:26:10.0767 2792 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:26:10.0801 2792 IPNAT - ok
09:26:11.0651 2792 iPod Service (3c0d4b3e80fc4854ca325dd123cc4ded) C:\Program Files\iPod\bin\iPodService.exe
09:26:11.0656 2792 iPod Service - ok
09:26:11.0683 2792 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:26:11.0701 2792 IRENUM - ok
09:26:11.0722 2792 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
09:26:11.0741 2792 isapnp - ok
09:26:11.0783 2792 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
09:26:11.0815 2792 iScsiPrt - ok
09:26:11.0843 2792 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
09:26:11.0858 2792 kbdclass - ok
09:26:11.0890 2792 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
09:26:11.0902 2792 kbdhid - ok
09:26:11.0935 2792 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
09:26:11.0936 2792 KeyIso - ok
09:26:12.0128 2792 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys
09:26:12.0130 2792 KSecDD - ok
09:26:12.0319 2792 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys
09:26:12.0321 2792 KSecPkg - ok
09:26:12.0473 2792 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:26:12.0488 2792 ksthunk - ok
09:26:12.0541 2792 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:26:12.0569 2792 KtmRm - ok
09:26:12.0617 2792 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
09:26:12.0620 2792 LanmanServer - ok
09:26:12.0644 2792 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
09:26:12.0647 2792 LanmanWorkstation - ok
09:26:12.0683 2792 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:26:12.0685 2792 lltdio - ok
09:26:12.0770 2792 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:26:12.0788 2792 lltdsvc - ok
09:26:12.0823 2792 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:26:12.0825 2792 lmhosts - ok
09:26:13.0065 2792 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:26:13.0079 2792 LSI_FC - ok
09:26:13.0104 2792 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:26:13.0117 2792 LSI_SAS - ok
09:26:13.0138 2792 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:26:13.0153 2792 LSI_SAS2 - ok
09:26:13.0169 2792 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:26:13.0182 2792 LSI_SCSI - ok
09:26:13.0196 2792 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:26:13.0198 2792 luafv - ok
09:26:13.0225 2792 McAfee SiteAdvisor Service - ok
09:26:13.0274 2792 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
09:26:13.0301 2792 mcdbus - ok
09:26:13.0304 2792 McMPFSvc - ok
09:26:13.0320 2792 mcmscsvc - ok
09:26:13.0335 2792 McNaiAnn - ok
09:26:13.0358 2792 McNASvc - ok
09:26:13.0369 2792 McODS - ok
09:26:13.0389 2792 McProxy - ok
09:26:13.0414 2792 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
09:26:13.0424 2792 Mcx2Svc - ok
09:26:13.0444 2792 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
09:26:13.0464 2792 megasas - ok
09:26:13.0515 2792 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
09:26:13.0530 2792 MegaSR - ok
09:26:13.0616 2792 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
09:26:13.0619 2792 Microsoft Office Groove Audit Service - ok
09:26:13.0648 2792 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:26:13.0650 2792 MMCSS - ok
09:26:13.0675 2792 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:26:13.0690 2792 Modem - ok
09:26:13.0716 2792 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:26:13.0717 2792 monitor - ok
09:26:13.0749 2792 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
09:26:13.0766 2792 mouclass - ok
09:26:13.0797 2792 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:26:13.0810 2792 mouhid - ok
09:26:13.0828 2792 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
09:26:13.0831 2792 mountmgr - ok
09:26:13.0895 2792 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:26:13.0899 2792 MozillaMaintenance - ok
09:26:13.0920 2792 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
09:26:13.0944 2792 mpio - ok
09:26:13.0964 2792 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:26:13.0978 2792 mpsdrv - ok
09:26:13.0994 2792 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
09:26:14.0009 2792 MRxDAV - ok
09:26:14.0044 2792 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:26:14.0045 2792 mrxsmb - ok
09:26:14.0322 2792 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:26:14.0326 2792 mrxsmb10 - ok
09:26:14.0470 2792 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:26:14.0472 2792 mrxsmb20 - ok
09:26:14.0531 2792 msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys
09:26:14.0532 2792 msahci - ok
09:26:14.0645 2792 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
09:26:14.0659 2792 msdsm - ok
09:26:14.0686 2792 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:26:14.0703 2792 MSDTC - ok
09:26:14.0727 2792 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:26:14.0736 2792 Msfs - ok
09:26:14.0744 2792 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:26:14.0753 2792 mshidkmdf - ok
09:26:14.0787 2792 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
09:26:14.0787 2792 msisadrv - ok
09:26:14.0840 2792 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:26:14.0879 2792 MSiSCSI - ok
09:26:14.0885 2792 msiserver - ok
09:26:14.0933 2792 MSK80Service - ok
09:26:14.0963 2792 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:26:14.0973 2792 MSKSSRV - ok
09:26:14.0995 2792 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:26:15.0005 2792 MSPCLOCK - ok
09:26:15.0016 2792 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:26:15.0025 2792 MSPQM - ok
09:26:15.0081 2792 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
09:26:15.0087 2792 MsRPC - ok
09:26:15.0105 2792 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
09:26:15.0106 2792 mssmbios - ok
09:26:15.0117 2792 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:26:15.0129 2792 MSTEE - ok
09:26:15.0141 2792 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
09:26:15.0158 2792 MTConfig - ok
09:26:15.0182 2792 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:26:15.0183 2792 Mup - ok
09:26:15.0253 2792 MyWiFiDHCPDNS (d285d0539016be299a55ff997b44da33) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
09:26:15.0256 2792 MyWiFiDHCPDNS - ok
09:26:15.0449 2792 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
09:26:15.0509 2792 napagent - ok
09:26:15.0579 2792 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:26:15.0582 2792 NativeWifiP - ok
09:26:15.0672 2792 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
09:26:15.0697 2792 NDIS - ok
09:26:15.0718 2792 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:26:15.0732 2792 NdisCap - ok
09:26:15.0760 2792 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:26:15.0776 2792 NdisTapi - ok
09:26:15.0808 2792 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
09:26:15.0809 2792 Ndisuio - ok
09:26:15.0830 2792 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
09:26:15.0845 2792 NdisWan - ok
09:26:15.0877 2792 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
09:26:15.0891 2792 NDProxy - ok
09:26:15.0907 2792 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:26:15.0926 2792 NetBIOS - ok
09:26:15.0946 2792 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
09:26:15.0981 2792 NetBT - ok
09:26:16.0051 2792 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
09:26:16.0052 2792 Netlogon - ok
09:26:16.0124 2792 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:26:16.0152 2792 Netman - ok
09:26:16.0219 2792 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:26:16.0258 2792 netprofm - ok
09:26:16.0468 2792 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:26:16.0470 2792 NetTcpPortSharing - ok
09:26:19.0553 2792 NETw5s64 (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys
09:26:19.0892 2792 NETw5s64 - ok
09:26:20.0726 2792 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
09:26:20.0742 2792 nfrd960 - ok
09:26:20.0792 2792 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
09:26:20.0807 2792 NlaSvc - ok
09:26:20.0823 2792 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:26:20.0835 2792 Npfs - ok
09:26:20.0862 2792 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:26:20.0864 2792 nsi - ok
09:26:20.0882 2792 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:26:20.0900 2792 nsiproxy - ok
09:26:21.0546 2792 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
09:26:21.0711 2792 Ntfs - ok
09:26:23.0315 2792 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:26:23.0327 2792 Null - ok
09:26:23.0400 2792 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
09:26:23.0415 2792 nvraid - ok
09:26:23.0748 2792 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
09:26:24.0077 2792 nvstor - ok
09:26:24.0113 2792 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
09:26:24.0150 2792 nv_agp - ok
09:26:24.0444 2792 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:26:24.0471 2792 odserv - ok
09:26:24.0506 2792 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
09:26:24.0519 2792 ohci1394 - ok
09:26:24.0622 2792 OpenVPNService (a861b4223b6b8ee13e1a5f7199b7e6c5) C:\Program Files\personalVPN\bin\openvpnserv.exe
09:26:24.0623 2792 OpenVPNService - ok
09:26:24.0658 2792 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:26:24.0668 2792 ose - ok
09:26:24.0722 2792 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:26:24.0733 2792 p2pimsvc - ok
09:26:24.0784 2792 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:26:24.0817 2792 p2psvc - ok
09:26:24.0842 2792 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
09:26:24.0858 2792 Parport - ok
09:26:24.0885 2792 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
09:26:24.0888 2792 partmgr - ok
09:26:24.0913 2792 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:26:24.0927 2792 PcaSvc - ok
09:26:24.0965 2792 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
09:26:24.0978 2792 pci - ok
09:26:25.0002 2792 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
09:26:25.0023 2792 pciide - ok
09:26:25.0078 2792 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
09:26:25.0097 2792 pcmcia - ok
09:26:25.0114 2792 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:26:25.0115 2792 pcw - ok
09:26:25.0182 2792 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:26:25.0205 2792 PEAUTH - ok
09:26:25.0449 2792 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:26:25.0451 2792 PerfHost - ok
09:26:25.0757 2792 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
09:26:25.0828 2792 pla - ok
09:26:25.0909 2792 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
09:26:25.0914 2792 PlugPlay - ok
09:26:25.0965 2792 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:26:25.0998 2792 PNRPAutoReg - ok
09:26:26.0067 2792 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:26:26.0070 2792 PNRPsvc - ok
09:26:26.0590 2792 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
09:26:26.0619 2792 PolicyAgent - ok
09:26:26.0646 2792 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:26:26.0649 2792 Power - ok
09:26:26.0719 2792 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
09:26:26.0747 2792 PptpMiniport - ok
09:26:26.0768 2792 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
09:26:26.0782 2792 Processor - ok
09:26:26.0844 2792 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
09:26:26.0849 2792 ProfSvc - ok
09:26:26.0898 2792 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
09:26:26.0900 2792 ProtectedStorage - ok
09:26:26.0940 2792 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
09:26:26.0949 2792 Psched - ok
09:26:26.0991 2792 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
09:26:26.0992 2792 PxHlpa64 - ok
09:26:28.0726 2792 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
09:26:28.0820 2792 ql2300 - ok
09:26:29.0242 2792 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
09:26:29.0260 2792 ql40xx - ok
09:26:29.0298 2792 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:26:29.0323 2792 QWAVE - ok
09:26:29.0342 2792 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:26:29.0356 2792 QWAVEdrv - ok
09:26:29.0372 2792 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:26:29.0383 2792 RasAcd - ok
09:26:29.0413 2792 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:26:29.0424 2792 RasAgileVpn - ok
09:26:29.0449 2792 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:26:29.0460 2792 RasAuto - ok
09:26:29.0475 2792 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:26:29.0490 2792 Rasl2tp - ok
09:26:29.0515 2792 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
09:26:29.0542 2792 RasMan - ok
09:26:29.0561 2792 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:26:29.0574 2792 RasPppoe - ok
09:26:29.0586 2792 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:26:29.0597 2792 RasSstp - ok
09:26:29.0629 2792 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
09:26:29.0663 2792 rdbss - ok
09:26:29.0690 2792 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
09:26:29.0700 2792 rdpbus - ok
09:26:29.0722 2792 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:26:29.0732 2792 RDPCDD - ok
09:26:29.0747 2792 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:26:29.0758 2792 RDPENCDD - ok
09:26:29.0787 2792 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:26:29.0800 2792 RDPREFMP - ok
09:26:29.0874 2792 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
09:26:29.0921 2792 RDPWD - ok
09:26:29.0961 2792 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
09:26:29.0975 2792 rdyboost - ok
09:26:30.0177 2792 RegSrvc (3b71b5b91e7dca93585d5a86c897adc4) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:26:30.0187 2792 RegSrvc - ok
09:26:30.0227 2792 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:26:30.0253 2792 RemoteAccess - ok
09:26:30.0286 2792 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:26:30.0320 2792 RemoteRegistry - ok
09:26:30.0372 2792 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys
09:26:30.0390 2792 rimmptsk - ok
09:26:30.0429 2792 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\Windows\system32\DRIVERS\rimspe64.sys
09:26:30.0441 2792 rimspci - ok
09:26:30.0485 2792 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
09:26:30.0505 2792 RimVSerPort - ok
09:26:30.0565 2792 risdpcie (a6da2b0c8f5bb3f9f5423cff8d6a02d9) C:\Windows\system32\DRIVERS\risdpe64.sys
09:26:30.0579 2792 risdpcie - ok
09:26:30.0590 2792 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys
09:26:30.0600 2792 rismxdp - ok
09:26:30.0614 2792 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\Windows\system32\DRIVERS\rixdpe64.sys
09:26:30.0624 2792 rixdpcie - ok
09:26:30.0654 2792 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
09:26:30.0663 2792 ROOTMODEM - ok
09:26:30.0695 2792 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:26:30.0699 2792 RpcEptMapper - ok
09:26:30.0720 2792 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:26:30.0731 2792 RpcLocator - ok
09:26:30.0773 2792 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
09:26:30.0777 2792 RpcSs - ok
09:26:30.0804 2792 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:26:30.0805 2792 rspndr - ok
09:26:30.0861 2792 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\Windows\system32\DRIVERS\Rt64win7.sys
09:26:30.0873 2792 RTL8167 - ok
09:26:30.0906 2792 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
09:26:30.0908 2792 SamSs - ok
09:26:31.0035 2792 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
09:26:31.0057 2792 sbp2port - ok
09:26:31.0106 2792 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\Windows\system32\drivers\SBREdrv.sys
09:26:31.0116 2792 SBRE - ok
09:26:31.0148 2792 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:26:31.0166 2792 SCardSvr - ok
09:26:31.0188 2792 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
09:26:31.0199 2792 scfilter - ok
09:26:31.0817 2792 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
09:26:31.0835 2792 Schedule - ok
09:26:31.0954 2792 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
09:26:31.0955 2792 SCPolicySvc - ok
09:26:32.0177 2792 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
09:26:32.0195 2792 SDRSVC - ok
09:26:32.0271 2792 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:26:32.0273 2792 secdrv - ok
09:26:32.0299 2792 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
09:26:32.0311 2792 seclogon - ok
09:26:32.0324 2792 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:26:32.0326 2792 SENS - ok
09:26:32.0338 2792 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:26:32.0347 2792 SensrSvc - ok
09:26:32.0360 2792 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
09:26:32.0371 2792 Serenum - ok
09:26:32.0391 2792 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
09:26:32.0405 2792 Serial - ok
09:26:32.0432 2792 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
09:26:32.0445 2792 sermouse - ok
09:26:32.0584 2792 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
09:26:32.0605 2792 SessionEnv - ok
09:26:32.0628 2792 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
09:26:32.0641 2792 sffdisk - ok
09:26:32.0654 2792 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
09:26:32.0664 2792 sffp_mmc - ok
09:26:32.0674 2792 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
09:26:32.0684 2792 sffp_sd - ok
09:26:32.0688 2792 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
09:26:32.0697 2792 sfloppy - ok
09:26:32.0797 2792 SftService (e1974a92ac0914a3859359a0a8c82c68) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
09:26:32.0803 2792 SftService - ok
09:26:33.0172 2792 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
09:26:33.0175 2792 ShellHWDetection - ok
09:26:33.0213 2792 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:26:33.0229 2792 SiSRaid2 - ok
09:26:33.0244 2792 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
09:26:33.0261 2792 SiSRaid4 - ok
09:26:33.0282 2792 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:26:33.0295 2792 Smb - ok
09:26:33.0341 2792 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:26:33.0359 2792 SNMPTRAP - ok
09:26:33.0390 2792 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:26:33.0391 2792 spldr - ok
09:26:33.0473 2792 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
09:26:33.0482 2792 Spooler - ok
09:26:34.0081 2792 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
09:26:34.0113 2792 sppsvc - ok
09:26:34.0844 2792 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:26:34.0876 2792 sppuinotify - ok
09:26:35.0114 2792 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
09:26:35.0117 2792 sprtsvc_DellSupportCenter - ok
09:26:35.0262 2792 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
09:26:35.0266 2792 srv - ok
09:26:35.0380 2792 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
09:26:35.0386 2792 srv2 - ok
09:26:35.0442 2792 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
09:26:35.0444 2792 srvnet - ok
09:26:35.0663 2792 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:26:35.0668 2792 SSDPSRV - ok
09:26:35.0727 2792 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:26:35.0750 2792 SstpSvc - ok
09:26:36.0066 2792 STacSV (da7702025dfd169b909c4da3126762cc) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
09:26:36.0068 2792 STacSV - ok
09:26:36.0111 2792 stdflt (c48e0745d33897c7a73394214f2b9b4f) C:\Windows\system32\DRIVERS\stdflt.sys
09:26:36.0112 2792 stdflt - ok
09:26:36.0133 2792 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
09:26:36.0146 2792 stexstor - ok
09:26:36.0200 2792 STHDA (caf5a9708671b14b9670260735b22c4e) C:\Windows\system32\DRIVERS\stwrt64.sys
09:26:36.0232 2792 STHDA - ok
09:26:36.0286 2792 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
09:26:36.0309 2792 stisvc - ok
09:26:36.0322 2792 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
09:26:36.0332 2792 swenum - ok
09:26:36.0382 2792 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:26:36.0410 2792 swprv - ok
09:26:36.0459 2792 SynTP (639b57dc871be4b86283027faf1f4e30) C:\Windows\system32\DRIVERS\SynTP.sys
09:26:36.0474 2792 SynTP - ok
09:26:37.0562 2792 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
09:26:37.0575 2792 SysMain - ok
09:26:38.0392 2792 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
09:26:38.0424 2792 TabletInputService - ok
09:26:38.0503 2792 tap0901 (7ccf5587bdcd50c102b526e69da40bf0) C:\Windows\system32\DRIVERS\tap0901.sys
09:26:38.0520 2792 tap0901 - ok
09:26:38.0551 2792 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
09:26:38.0581 2792 TapiSrv - ok
09:26:38.0605 2792 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:26:38.0608 2792 TBS - ok
09:26:39.0503 2792 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
09:26:39.0525 2792 Tcpip - ok
09:26:40.0380 2792 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
09:26:40.0393 2792 TCPIP6 - ok
09:26:40.0527 2792 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
09:26:40.0530 2792 tcpipreg - ok
09:26:40.0547 2792 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:26:40.0565 2792 TDPIPE - ok
09:26:40.0609 2792 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
09:26:40.0620 2792 TDTCP - ok
09:26:40.0646 2792 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
09:26:40.0658 2792 tdx - ok
09:26:40.0685 2792 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
09:26:40.0699 2792 TermDD - ok
09:26:40.0773 2792 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
09:26:40.0802 2792 TermService - ok
09:26:40.0820 2792 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:26:40.0823 2792 Themes - ok
09:26:40.0899 2792 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:26:40.0901 2792 THREADORDER - ok
09:26:41.0003 2792 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:26:41.0015 2792 TrkWks - ok
09:26:41.0071 2792 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
09:26:41.0075 2792 TrustedInstaller - ok
09:26:41.0104 2792 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:26:41.0119 2792 tssecsrv - ok
09:26:41.0151 2792 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
09:26:41.0164 2792 tunnel - ok
09:26:41.0180 2792 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
09:26:41.0194 2792 uagp35 - ok
09:26:41.0235 2792 udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
09:26:41.0262 2792 udfs - ok
09:26:41.0312 2792 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:26:41.0328 2792 UI0Detect - ok
09:26:41.0348 2792 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
09:26:41.0361 2792 uliagpkx - ok
09:26:41.0388 2792 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
09:26:41.0400 2792 umbus - ok
09:26:41.0416 2792 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
09:26:41.0428 2792 UmPass - ok
09:26:41.0466 2792 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:26:41.0480 2792 upnphost - ok
09:26:41.0522 2792 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
09:26:41.0533 2792 USBAAPL64 - ok
09:26:41.0842 2792 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
09:26:41.0870 2792 usbccgp - ok
09:26:41.0951 2792 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
09:26:41.0982 2792 usbcir - ok
09:26:42.0015 2792 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
09:26:42.0026 2792 usbehci - ok
09:26:42.0068 2792 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
09:26:42.0104 2792 usbhub - ok
09:26:42.0136 2792 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
09:26:42.0152 2792 usbohci - ok
09:26:42.0170 2792 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:26:42.0180 2792 usbprint - ok
09:26:42.0238 2792 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:26:42.0250 2792 USBSTOR - ok
09:26:42.0331 2792 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
09:26:42.0347 2792 usbuhci - ok
09:26:42.0407 2792 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
09:26:42.0448 2792 usbvideo - ok
09:26:42.0475 2792 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:26:42.0477 2792 UxSms - ok
09:26:42.0538 2792 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
09:26:42.0540 2792 VaultSvc - ok
09:26:42.0587 2792 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
09:26:42.0589 2792 vdrvroot - ok
09:26:42.0663 2792 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
09:26:42.0671 2792 vds - ok
09:26:42.0701 2792 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:26:42.0712 2792 vga - ok
09:26:42.0729 2792 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:26:42.0740 2792 VgaSave - ok
09:26:42.0763 2792 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
09:26:42.0790 2792 vhdmp - ok
09:26:42.0818 2792 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
09:26:42.0831 2792 viaide - ok
09:26:42.0853 2792 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
09:26:42.0856 2792 volmgr - ok
09:26:42.0889 2792 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
09:26:42.0908 2792 volmgrx - ok
09:26:42.0944 2792 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
09:26:42.0946 2792 volsnap - ok
09:26:42.0983 2792 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
09:26:43.0015 2792 vsmraid - ok
09:26:44.0644 2792 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
09:26:44.0698 2792 VSS - ok
09:26:46.0428 2792 vToolbarUpdater12.1.5 (3da649c6ec481d8f36b54f33fc01dd1e) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe
09:26:46.0434 2792 vToolbarUpdater12.1.5 - ok
09:26:47.0716 2792 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
09:26:47.0743 2792 vwifibus - ok
09:26:47.0870 2792 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
09:26:47.0882 2792 vwififlt - ok
09:26:47.0917 2792 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
09:26:47.0918 2792 vwifimp - ok
09:26:48.0283 2792 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:26:48.0317 2792 W32Time - ok
09:26:48.0342 2792 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
09:26:48.0355 2792 WacomPen - ok
09:26:48.0381 2792 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
09:26:48.0394 2792 WANARP - ok
09:26:48.0404 2792 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
09:26:48.0406 2792 Wanarpv6 - ok
09:26:48.0497 2792 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
09:26:48.0737 2792 WatAdminSvc - ok
09:26:49.0533 2792 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
09:26:49.0934 2792 wbengine - ok
09:26:50.0567 2792 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:26:50.0599 2792 WbioSrvc - ok
09:26:50.0674 2792 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
09:26:50.0724 2792 wcncsvc - ok
09:26:50.0750 2792 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:26:50.0763 2792 WcsPlugInService - ok
09:26:50.0829 2792 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
09:26:50.0847 2792 Wd - ok
09:26:50.0939 2792 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:26:50.0963 2792 Wdf01000 - ok
09:26:50.0998 2792 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:26:51.0008 2792 WdiServiceHost - ok
09:26:51.0012 2792 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:26:51.0016 2792 WdiSystemHost - ok
09:26:51.0269 2792 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
09:26:51.0320 2792 WebClient - ok
09:26:51.0363 2792 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:26:51.0393 2792 Wecsvc - ok
09:26:51.0414 2792 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:26:51.0418 2792 wercplsupport - ok
09:26:51.0488 2792 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:26:51.0712 2792 WerSvc - ok
09:26:51.0773 2792 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:26:51.0788 2792 WfpLwf - ok
09:26:51.0828 2792 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
09:26:51.0860 2792 WimFltr - ok
09:26:51.0880 2792 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:26:51.0891 2792 WIMMount - ok
09:26:51.0897 2792 WinHttpAutoProxySvc - ok
09:26:52.0080 2792 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:26:52.0100 2792 Winmgmt - ok
09:26:52.0630 2792 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
09:26:52.0725 2792 WinRM - ok
09:26:53.0004 2792 WinUsb (4d52c872018af7e18d078978dcc3f6f2) C:\Windows\system32\DRIVERS\WinUsb.sys
09:26:53.0020 2792 WinUsb - ok
09:26:53.0456 2792 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:26:53.0462 2792 Wlansvc - ok
09:26:53.0507 2792 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
09:26:53.0508 2792 WmiAcpi - ok
09:26:53.0717 2792 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:26:53.0749 2792 wmiApSrv - ok
09:26:53.0810 2792 WMPNetworkSvc - ok
09:26:53.0835 2792 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:26:53.0852 2792 WPCSvc - ok
09:26:53.0876 2792 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
09:26:53.0890 2792 WPDBusEnum - ok
09:26:53.0912 2792 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:26:53.0923 2792 ws2ifsl - ok
09:26:53.0965 2792 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
09:26:53.0978 2792 WSDPrintDevice - ok
09:26:53.0988 2792 WSearch - ok
09:26:54.0044 2792 WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys
09:26:54.0046 2792 WudfPf - ok
09:26:54.0223 2792 WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:26:54.0274 2792 WUDFRd - ok
09:26:54.0294 2792 wudfsvc (27b9bee5aac00139e3a3af5d6227a0dc) C:\Windows\System32\WUDFSvc.dll
09:26:54.0298 2792 wudfsvc - ok
09:26:54.0485 2792 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:26:54.0510 2792 WwanSvc - ok
09:26:54.0568 2792 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
09:26:57.0083 2792 \Device\Harddisk0\DR0 - ok
09:26:57.0108 2792 Boot (0x1200) (23d67aad727243674d1de8e73cfc9f41) \Device\Harddisk0\DR0\Partition0
09:26:57.0113 2792 \Device\Harddisk0\DR0\Partition0 - ok
09:26:57.0142 2792 Boot (0x1200) (5806b080c40c6cd2bf0775127e9433ca) \Device\Harddisk0\DR0\Partition1
09:26:57.0145 2792 \Device\Harddisk0\DR0\Partition1 - ok
09:26:57.0146 2792 ============================================================
09:26:57.0146 2792 Scan finished
09:26:57.0146 2792 ============================================================
09:26:57.0160 2480 Detected object count: 1
09:26:57.0160 2480 Actual detected object count: 1
09:29:31.0587 2480 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
09:29:31.0587 2480 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:41 AM

Posted 26 July 2012 - 12:12 PM

Hello,I suspect a rootkit from that info..

Rerun TDSSkiller like this.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.

>>>
Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.


>>>
Finally

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 BRedSox

BRedSox
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 26 July 2012 - 03:49 PM

I really appreciate your help.


Rerun TDSSkiller


16:47:37.0280 16324 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
16:47:39.0276 16324 ============================================================
16:47:39.0276 16324 Current date / time: 2012/07/26 16:47:39.0276
16:47:39.0276 16324 SystemInfo:
16:47:39.0276 16324
16:47:39.0276 16324 OS Version: 6.1.7600 ServicePack: 0.0
16:47:39.0276 16324 Product type: Workstation
16:47:39.0276 16324 ComputerName: BRADLEY-PC
16:47:39.0277 16324 UserName: Bradley
16:47:39.0277 16324 Windows directory: C:\Windows
16:47:39.0277 16324 System windows directory: C:\Windows
16:47:39.0277 16324 Running under WOW64
16:47:39.0277 16324 Processor architecture: Intel x64
16:47:39.0277 16324 Number of processors: 4
16:47:39.0277 16324 Page size: 0x1000
16:47:39.0277 16324 Boot type: Normal boot
16:47:39.0277 16324 ============================================================
16:47:40.0623 16324 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:47:40.0633 16324 ============================================================
16:47:40.0633 16324 \Device\Harddisk0\DR0:
16:47:40.0634 16324 MBR partitions:
16:47:40.0634 16324 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
16:47:40.0634 16324 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x38625E6B
16:47:40.0634 16324 ============================================================
16:47:40.0665 16324 C: <-> \Device\Harddisk0\DR0\Partition1
16:47:40.0666 16324 ============================================================
16:47:40.0666 16324 Initialize success
16:47:40.0666 16324 ============================================================
16:47:54.0089 10648 ============================================================
16:47:54.0089 10648 Scan started
16:47:54.0089 10648 Mode: Manual; TDLFS;
16:47:54.0089 10648 ============================================================
16:47:55.0539 10648 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
16:47:55.0554 10648 1394ohci - ok
16:47:55.0598 10648 Acceler (c49c56b35bfc6cda8d1fdcad2885568f) C:\Windows\system32\DRIVERS\Acceler.sys
16:47:55.0601 10648 Acceler - ok
16:47:55.0647 10648 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
16:47:55.0665 10648 ACPI - ok
16:47:55.0683 10648 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
16:47:55.0686 10648 AcpiPmi - ok
16:47:55.0819 10648 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:47:55.0833 10648 AdobeFlashPlayerUpdateSvc - ok
16:47:55.0881 10648 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:47:55.0913 10648 adp94xx - ok
16:47:55.0948 10648 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:47:55.0965 10648 adpahci - ok
16:47:55.0989 10648 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:47:56.0003 10648 adpu320 - ok
16:47:56.0033 10648 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:47:56.0036 10648 AeLookupSvc - ok
16:47:56.0147 10648 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
16:47:56.0174 10648 AESTFilters - ok
16:47:56.0250 10648 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
16:47:56.0267 10648 AFD - ok
16:47:56.0303 10648 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
16:47:56.0305 10648 agp440 - ok
16:47:56.0673 10648 Akamai (29584f02a43e427c4227e3b1d9ff1b22) c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll
16:47:56.0674 10648 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584f02a43e427c4227e3b1d9ff1b22
16:47:56.0687 10648 Akamai ( HiddenFile.Multi.Generic ) - warning
16:47:56.0687 10648 Akamai - detected HiddenFile.Multi.Generic (1)
16:47:56.0782 10648 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:47:56.0786 10648 ALG - ok
16:47:56.0836 10648 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
16:47:56.0839 10648 aliide - ok
16:47:56.0851 10648 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
16:47:56.0853 10648 amdide - ok
16:47:56.0884 10648 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:47:56.0887 10648 AmdK8 - ok
16:47:56.0902 10648 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:47:56.0905 10648 AmdPPM - ok
16:47:56.0934 10648 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
16:47:56.0938 10648 amdsata - ok
16:47:56.0963 10648 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:47:56.0976 10648 amdsbs - ok
16:47:56.0995 10648 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
16:47:56.0999 10648 amdxata - ok
16:47:57.0029 10648 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:47:57.0041 10648 AppID - ok
16:47:57.0104 10648 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:47:57.0125 10648 AppIDSvc - ok
16:47:57.0309 10648 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
16:47:57.0312 10648 Appinfo - ok
16:47:57.0413 10648 Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:47:57.0416 10648 Apple Mobile Device - ok
16:47:57.0441 10648 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:47:57.0444 10648 arc - ok
16:47:57.0460 10648 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:47:57.0463 10648 arcsas - ok
16:47:57.0499 10648 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:47:57.0501 10648 AsyncMac - ok
16:47:57.0533 10648 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
16:47:57.0533 10648 atapi - ok
16:47:57.0625 10648 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:47:57.0648 10648 AudioEndpointBuilder - ok
16:47:57.0654 10648 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:47:57.0659 10648 AudioSrv - ok
16:47:57.0709 10648 Avgfwfd (96b4456f1dca4eda506ed31c7d2d6b05) C:\Windows\system32\DRIVERS\avgfwd6a.sys
16:47:57.0713 10648 Avgfwfd - ok
16:47:57.0965 10648 avgfws (bd5d11cedbcde4fa97d2387e7069b1ff) C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
16:47:58.0032 10648 avgfws - ok
16:47:58.0383 10648 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
16:47:58.0499 10648 AVGIDSAgent - ok
16:47:58.0655 10648 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
16:47:58.0659 10648 AVGIDSDriver - ok
16:47:58.0681 10648 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
16:47:58.0684 10648 AVGIDSFilter - ok
16:47:58.0697 10648 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
16:47:58.0699 10648 AVGIDSHA - ok
16:47:58.0759 10648 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
16:47:58.0772 10648 Avgldx64 - ok
16:47:58.0783 10648 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
16:47:58.0785 10648 Avgmfx64 - ok
16:47:58.0813 10648 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
16:47:58.0816 10648 Avgrkx64 - ok
16:47:58.0855 10648 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
16:47:58.0870 10648 Avgtdia - ok
16:47:58.0914 10648 avgtp (e1b8ec60c85a266cb604cd46921606b4) C:\Windows\system32\drivers\avgtpx64.sys
16:47:58.0917 10648 avgtp - ok
16:47:59.0052 10648 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
16:47:59.0072 10648 avgwd - ok
16:47:59.0123 10648 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
16:47:59.0127 10648 AxInstSV - ok
16:47:59.0188 10648 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:47:59.0207 10648 b06bdrv - ok
16:47:59.0257 10648 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:47:59.0271 10648 b57nd60a - ok
16:47:59.0363 10648 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:47:59.0377 10648 BBSvc - ok
16:47:59.0424 10648 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:47:59.0438 10648 BBUpdate - ok
16:47:59.0459 10648 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:47:59.0463 10648 BDESVC - ok
16:47:59.0477 10648 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:47:59.0480 10648 Beep - ok
16:47:59.0504 10648 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:47:59.0507 10648 blbdrive - ok
16:47:59.0635 10648 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:47:59.0651 10648 Bonjour Service - ok
16:47:59.0752 10648 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:47:59.0756 10648 bowser - ok
16:47:59.0773 10648 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:47:59.0776 10648 BrFiltLo - ok
16:47:59.0786 10648 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:47:59.0789 10648 BrFiltUp - ok
16:47:59.0814 10648 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
16:47:59.0824 10648 Browser - ok
16:47:59.0859 10648 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:47:59.0873 10648 Brserid - ok
16:47:59.0889 10648 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:47:59.0892 10648 BrSerWdm - ok
16:47:59.0902 10648 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:47:59.0904 10648 BrUsbMdm - ok
16:47:59.0916 10648 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:47:59.0918 10648 BrUsbSer - ok
16:47:59.0935 10648 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:47:59.0938 10648 BTHMODEM - ok
16:47:59.0981 10648 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:47:59.0985 10648 bthserv - ok
16:48:00.0009 10648 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:48:00.0012 10648 cdfs - ok
16:48:00.0058 10648 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:48:00.0073 10648 cdrom - ok
16:48:00.0099 10648 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:48:00.0102 10648 CertPropSvc - ok
16:48:00.0118 10648 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:48:00.0121 10648 circlass - ok
16:48:00.0154 10648 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:48:00.0170 10648 CLFS - ok
16:48:00.0232 10648 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:48:00.0236 10648 clr_optimization_v2.0.50727_32 - ok
16:48:00.0287 10648 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:48:00.0290 10648 clr_optimization_v2.0.50727_64 - ok
16:48:00.0373 10648 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:48:00.0409 10648 clr_optimization_v4.0.30319_32 - ok
16:48:00.0454 10648 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:48:00.0464 10648 clr_optimization_v4.0.30319_64 - ok
16:48:00.0501 10648 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:48:00.0503 10648 CmBatt - ok
16:48:00.0524 10648 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
16:48:00.0527 10648 cmdide - ok
16:48:00.0581 10648 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys
16:48:00.0612 10648 CNG - ok
16:48:00.0630 10648 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:48:00.0633 10648 Compbatt - ok
16:48:00.0655 10648 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:48:00.0658 10648 CompositeBus - ok
16:48:00.0668 10648 COMSysApp - ok
16:48:00.0684 10648 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:48:00.0687 10648 crcdisk - ok
16:48:00.0726 10648 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
16:48:00.0735 10648 CryptSvc - ok
16:48:00.0780 10648 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:48:00.0794 10648 CtClsFlt - ok
16:48:00.0848 10648 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:48:00.0917 10648 DcomLaunch - ok
16:48:00.0960 10648 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:48:00.0973 10648 defragsvc - ok
16:48:01.0013 10648 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:48:01.0017 10648 DfsC - ok
16:48:01.0061 10648 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
16:48:01.0073 10648 Dhcp - ok
16:48:01.0105 10648 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:48:01.0107 10648 discache - ok
16:48:01.0142 10648 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:48:01.0146 10648 Disk - ok
16:48:01.0185 10648 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
16:48:01.0200 10648 Dnscache - ok
16:48:01.0298 10648 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
16:48:01.0307 10648 DockLoginService - ok
16:48:01.0345 10648 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
16:48:01.0358 10648 dot3svc - ok
16:48:01.0380 10648 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
16:48:01.0390 10648 DPS - ok
16:48:01.0413 10648 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:48:01.0415 10648 drmkaud - ok
16:48:01.0499 10648 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
16:48:01.0543 10648 DXGKrnl - ok
16:48:01.0575 10648 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:48:01.0579 10648 EapHost - ok
16:48:01.0808 10648 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:48:01.0891 10648 ebdrv - ok
16:48:02.0015 10648 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
16:48:02.0018 10648 EFS - ok
16:48:02.0115 10648 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
16:48:02.0145 10648 ehRecvr - ok
16:48:02.0168 10648 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:48:02.0172 10648 ehSched - ok
16:48:02.0230 10648 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:48:02.0258 10648 elxstor - ok
16:48:02.0275 10648 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
16:48:02.0278 10648 ErrDev - ok
16:48:02.0322 10648 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:48:02.0337 10648 EventSystem - ok
16:48:02.0497 10648 EvtEng (51643ee2712d9212e1e53ca7e8d8eb4a) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:48:02.0539 10648 EvtEng - ok
16:48:02.0635 10648 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:48:02.0648 10648 exfat - ok
16:48:02.0677 10648 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:48:02.0691 10648 fastfat - ok
16:48:02.0758 10648 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
16:48:02.0779 10648 Fax - ok
16:48:02.0798 10648 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:48:02.0801 10648 fdc - ok
16:48:02.0830 10648 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:48:02.0833 10648 fdPHost - ok
16:48:02.0849 10648 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:48:02.0853 10648 FDResPub - ok
16:48:03.0008 10648 File Backup (5ff231e6c44de1546f79ce44e21b1bba) C:\Program Files (x86)\Workspace\offSyncService.exe
16:48:03.0041 10648 File Backup - ok
16:48:03.0057 10648 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:48:03.0060 10648 FileInfo - ok
16:48:03.0073 10648 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:48:03.0075 10648 Filetrace - ok
16:48:03.0181 10648 FileZilla Server (b1561c2eb542c666729ead60840bf3ed) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
16:48:03.0198 10648 FileZilla Server - ok
16:48:03.0213 10648 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:48:03.0215 10648 flpydisk - ok
16:48:03.0252 10648 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:48:03.0269 10648 FltMgr - ok
16:48:03.0379 10648 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
16:48:03.0409 10648 FontCache - ok
16:48:03.0486 10648 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:48:03.0490 10648 FontCache3.0.0.0 - ok
16:48:03.0528 10648 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:48:03.0531 10648 FsDepends - ok
16:48:03.0566 10648 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
16:48:03.0569 10648 Fs_Rec - ok
16:48:03.0606 10648 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:48:03.0619 10648 fvevol - ok
16:48:03.0646 10648 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:48:03.0648 10648 gagp30kx - ok
16:48:03.0721 10648 GameConsoleService (67cf4c2e7477b9a01df07e38af293414) C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
16:48:03.0734 10648 GameConsoleService - ok
16:48:03.0767 10648 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:48:03.0770 10648 GEARAspiWDM - ok
16:48:03.0816 10648 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
16:48:03.0819 10648 GoToAssist - ok
16:48:04.0103 10648 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
16:48:04.0130 10648 gpsvc - ok
16:48:04.0224 10648 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:48:04.0233 10648 gupdate - ok
16:48:04.0257 10648 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:48:04.0258 10648 gupdatem - ok
16:48:04.0284 10648 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:48:04.0288 10648 hcw85cir - ok
16:48:04.0340 10648 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
16:48:04.0358 10648 HdAudAddService - ok
16:48:04.0398 10648 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:48:04.0406 10648 HDAudBus - ok
16:48:04.0443 10648 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
16:48:04.0446 10648 HECIx64 - ok
16:48:04.0458 10648 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:48:04.0461 10648 HidBatt - ok
16:48:04.0478 10648 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:48:04.0481 10648 HidBth - ok
16:48:04.0496 10648 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:48:04.0498 10648 HidIr - ok
16:48:04.0517 10648 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:48:04.0523 10648 hidserv - ok
16:48:04.0550 10648 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:48:04.0552 10648 HidUsb - ok
16:48:04.0588 10648 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
16:48:04.0599 10648 hkmsvc - ok
16:48:04.0631 10648 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
16:48:04.0654 10648 HomeGroupListener - ok
16:48:04.0683 10648 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
16:48:04.0688 10648 HomeGroupProvider - ok
16:48:04.0704 10648 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:48:04.0707 10648 HpSAMD - ok
16:48:04.0753 10648 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:48:04.0799 10648 HTTP - ok
16:48:04.0815 10648 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:48:04.0818 10648 hwpolicy - ok
16:48:04.0866 10648 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:48:04.0871 10648 i8042prt - ok
16:48:04.0928 10648 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
16:48:04.0944 10648 iaStorV - ok
16:48:05.0042 10648 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:48:05.0086 10648 idsvc - ok
16:48:05.0607 10648 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:48:05.0801 10648 igfx - ok
16:48:06.0559 10648 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:48:06.0562 10648 iirsp - ok
16:48:06.0642 10648 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
16:48:06.0677 10648 IKEEXT - ok
16:48:06.0743 10648 InstallFilterService (fd5ef1d0210cb9c0773bba7ca360d762) C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
16:48:06.0746 10648 InstallFilterService - ok
16:48:06.0768 10648 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
16:48:06.0775 10648 intelide - ok
16:48:06.0797 10648 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:48:06.0800 10648 intelppm - ok
16:48:06.0845 10648 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:48:06.0858 10648 IPBusEnum - ok
16:48:06.0880 10648 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:48:06.0894 10648 IpFilterDriver - ok
16:48:06.0911 10648 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:48:06.0916 10648 IPMIDRV - ok
16:48:06.0934 10648 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:48:06.0937 10648 IPNAT - ok
16:48:07.0062 10648 iPod Service (3c0d4b3e80fc4854ca325dd123cc4ded) C:\Program Files\iPod\bin\iPodService.exe
16:48:07.0098 10648 iPod Service - ok
16:48:07.0126 10648 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:48:07.0135 10648 IRENUM - ok
16:48:07.0148 10648 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
16:48:07.0150 10648 isapnp - ok
16:48:07.0173 10648 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
16:48:07.0183 10648 iScsiPrt - ok
16:48:07.0211 10648 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:48:07.0214 10648 kbdclass - ok
16:48:07.0229 10648 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
16:48:07.0232 10648 kbdhid - ok
16:48:07.0263 10648 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:48:07.0264 10648 KeyIso - ok
16:48:07.0295 10648 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys
16:48:07.0299 10648 KSecDD - ok
16:48:07.0315 10648 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys
16:48:07.0319 10648 KSecPkg - ok
16:48:07.0332 10648 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:48:07.0334 10648 ksthunk - ok
16:48:07.0374 10648 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:48:07.0389 10648 KtmRm - ok
16:48:07.0434 10648 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
16:48:07.0452 10648 LanmanServer - ok
16:48:07.0477 10648 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
16:48:07.0481 10648 LanmanWorkstation - ok
16:48:07.0507 10648 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:48:07.0509 10648 lltdio - ok
16:48:07.0569 10648 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:48:07.0575 10648 lltdsvc - ok
16:48:07.0591 10648 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:48:07.0594 10648 lmhosts - ok
16:48:07.0627 10648 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:48:07.0631 10648 LSI_FC - ok
16:48:07.0649 10648 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:48:07.0663 10648 LSI_SAS - ok
16:48:07.0682 10648 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:48:07.0685 10648 LSI_SAS2 - ok
16:48:07.0706 10648 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:48:07.0709 10648 LSI_SCSI - ok
16:48:07.0726 10648 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:48:07.0729 10648 luafv - ok
16:48:07.0754 10648 McAfee SiteAdvisor Service - ok
16:48:07.0795 10648 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
16:48:07.0812 10648 mcdbus - ok
16:48:07.0820 10648 McMPFSvc - ok
16:48:07.0848 10648 mcmscsvc - ok
16:48:08.0053 10648 McNaiAnn - ok
16:48:08.0122 10648 McNASvc - ok
16:48:08.0132 10648 McODS - ok
16:48:08.0148 10648 McProxy - ok
16:48:08.0173 10648 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
16:48:08.0176 10648 Mcx2Svc - ok
16:48:08.0199 10648 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:48:08.0201 10648 megasas - ok
16:48:08.0234 10648 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:48:08.0251 10648 MegaSR - ok
16:48:08.0328 10648 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:48:08.0332 10648 Microsoft Office Groove Audit Service - ok
16:48:08.0358 10648 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:48:08.0362 10648 MMCSS - ok
16:48:08.0379 10648 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:48:08.0382 10648 Modem - ok
16:48:08.0402 10648 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:48:08.0404 10648 monitor - ok
16:48:08.0418 10648 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:48:08.0421 10648 mouclass - ok
16:48:08.0459 10648 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:48:08.0463 10648 mouhid - ok
16:48:08.0481 10648 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:48:08.0484 10648 mountmgr - ok
16:48:08.0549 10648 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:48:08.0554 10648 MozillaMaintenance - ok
16:48:08.0575 10648 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
16:48:08.0584 10648 mpio - ok
16:48:08.0635 10648 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:48:08.0638 10648 mpsdrv - ok
16:48:08.0657 10648 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:48:08.0667 10648 MRxDAV - ok
16:48:08.0706 10648 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:48:08.0716 10648 mrxsmb - ok
16:48:08.0764 10648 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:48:08.0777 10648 mrxsmb10 - ok
16:48:08.0800 10648 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:48:08.0809 10648 mrxsmb20 - ok
16:48:08.0844 10648 msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys
16:48:08.0847 10648 msahci - ok
16:48:08.0873 10648 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
16:48:08.0883 10648 msdsm - ok
16:48:08.0913 10648 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:48:08.0929 10648 MSDTC - ok
16:48:09.0014 10648 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:48:09.0015 10648 Msfs - ok
16:48:09.0033 10648 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:48:09.0035 10648 mshidkmdf - ok
16:48:09.0043 10648 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
16:48:09.0045 10648 msisadrv - ok
16:48:09.0077 10648 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:48:09.0091 10648 MSiSCSI - ok
16:48:09.0095 10648 msiserver - ok
16:48:09.0123 10648 MSK80Service - ok
16:48:09.0151 10648 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:48:09.0154 10648 MSKSSRV - ok
16:48:09.0183 10648 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:48:09.0186 10648 MSPCLOCK - ok
16:48:09.0198 10648 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:48:09.0200 10648 MSPQM - ok
16:48:09.0230 10648 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:48:09.0247 10648 MsRPC - ok
16:48:09.0271 10648 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:48:09.0274 10648 mssmbios - ok
16:48:09.0291 10648 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:48:09.0293 10648 MSTEE - ok
16:48:09.0306 10648 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:48:09.0309 10648 MTConfig - ok
16:48:09.0323 10648 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:48:09.0327 10648 Mup - ok
16:48:09.0410 10648 MyWiFiDHCPDNS (d285d0539016be299a55ff997b44da33) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:48:09.0427 10648 MyWiFiDHCPDNS - ok
16:48:09.0470 10648 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
16:48:09.0502 10648 napagent - ok
16:48:09.0536 10648 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:48:09.0551 10648 NativeWifiP - ok
16:48:09.0626 10648 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:48:09.0658 10648 NDIS - ok
16:48:09.0672 10648 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:48:09.0676 10648 NdisCap - ok
16:48:09.0702 10648 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:48:09.0706 10648 NdisTapi - ok
16:48:09.0719 10648 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:48:09.0722 10648 Ndisuio - ok
16:48:09.0742 10648 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:48:09.0757 10648 NdisWan - ok
16:48:09.0778 10648 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:48:09.0782 10648 NDProxy - ok
16:48:09.0792 10648 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:48:09.0796 10648 NetBIOS - ok
16:48:09.0903 10648 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:48:09.0932 10648 NetBT - ok
16:48:09.0970 10648 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:48:09.0972 10648 Netlogon - ok
16:48:10.0020 10648 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:48:10.0038 10648 Netman - ok
16:48:10.0077 10648 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:48:10.0097 10648 netprofm - ok
16:48:10.0165 10648 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:48:10.0170 10648 NetTcpPortSharing - ok
16:48:10.0719 10648 NETw5s64 (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys
16:48:10.0854 10648 NETw5s64 - ok
16:48:10.0987 10648 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:48:10.0991 10648 nfrd960 - ok
16:48:11.0041 10648 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
16:48:11.0058 10648 NlaSvc - ok
16:48:11.0068 10648 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:48:11.0071 10648 Npfs - ok
16:48:11.0084 10648 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:48:11.0088 10648 nsi - ok
16:48:11.0102 10648 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:48:11.0105 10648 nsiproxy - ok
16:48:11.0243 10648 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
16:48:11.0296 10648 Ntfs - ok
16:48:11.0383 10648 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:48:11.0386 10648 Null - ok
16:48:11.0423 10648 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
16:48:11.0433 10648 nvraid - ok
16:48:11.0470 10648 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
16:48:11.0480 10648 nvstor - ok
16:48:11.0513 10648 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
16:48:11.0524 10648 nv_agp - ok
16:48:11.0617 10648 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:48:11.0642 10648 odserv - ok
16:48:11.0657 10648 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
16:48:11.0659 10648 ohci1394 - ok
16:48:11.0751 10648 OpenVPNService (a861b4223b6b8ee13e1a5f7199b7e6c5) C:\Program Files\personalVPN\bin\openvpnserv.exe
16:48:11.0753 10648 OpenVPNService - ok
16:48:11.0819 10648 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:48:11.0834 10648 ose - ok
16:48:11.0881 10648 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:48:11.0896 10648 p2pimsvc - ok
16:48:11.0932 10648 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:48:11.0956 10648 p2psvc - ok
16:48:11.0986 10648 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:48:11.0990 10648 Parport - ok
16:48:12.0022 10648 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
16:48:12.0026 10648 partmgr - ok
16:48:12.0053 10648 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:48:12.0065 10648 PcaSvc - ok
16:48:12.0100 10648 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
16:48:12.0116 10648 pci - ok
16:48:12.0147 10648 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:48:12.0149 10648 pciide - ok
16:48:12.0178 10648 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:48:12.0193 10648 pcmcia - ok
16:48:12.0210 10648 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:48:12.0214 10648 pcw - ok
16:48:12.0269 10648 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:48:12.0300 10648 PEAUTH - ok
16:48:12.0379 10648 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:48:12.0383 10648 PerfHost - ok
16:48:12.0496 10648 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
16:48:12.0542 10648 pla - ok
16:48:12.0600 10648 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
16:48:12.0618 10648 PlugPlay - ok
16:48:12.0637 10648 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:48:12.0640 10648 PNRPAutoReg - ok
16:48:12.0670 10648 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:48:12.0672 10648 PNRPsvc - ok
16:48:12.0722 10648 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
16:48:12.0739 10648 PolicyAgent - ok
16:48:12.0768 10648 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:48:12.0777 10648 Power - ok
16:48:12.0960 10648 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:48:12.0964 10648 PptpMiniport - ok
16:48:12.0995 10648 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:48:12.0998 10648 Processor - ok
16:48:13.0039 10648 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
16:48:13.0054 10648 ProfSvc - ok
16:48:13.0100 10648 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:48:13.0102 10648 ProtectedStorage - ok
16:48:13.0125 10648 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:48:13.0128 10648 Psched - ok
16:48:13.0167 10648 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:48:13.0175 10648 PxHlpa64 - ok
16:48:13.0277 10648 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:48:13.0340 10648 ql2300 - ok
16:48:13.0436 10648 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:48:13.0439 10648 ql40xx - ok
16:48:13.0480 10648 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:48:13.0494 10648 QWAVE - ok
16:48:13.0508 10648 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:48:13.0511 10648 QWAVEdrv - ok
16:48:13.0529 10648 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:48:13.0532 10648 RasAcd - ok
16:48:13.0559 10648 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:48:13.0561 10648 RasAgileVpn - ok
16:48:13.0582 10648 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:48:13.0586 10648 RasAuto - ok
16:48:13.0601 10648 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:48:13.0605 10648 Rasl2tp - ok
16:48:13.0633 10648 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
16:48:13.0646 10648 RasMan - ok
16:48:13.0661 10648 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:48:13.0664 10648 RasPppoe - ok
16:48:13.0677 10648 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:48:13.0684 10648 RasSstp - ok
16:48:13.0710 10648 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:48:13.0726 10648 rdbss - ok
16:48:13.0748 10648 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:48:13.0752 10648 rdpbus - ok
16:48:13.0771 10648 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:48:13.0775 10648 RDPCDD - ok
16:48:13.0807 10648 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:48:13.0829 10648 RDPENCDD - ok
16:48:14.0125 10648 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:48:14.0130 10648 RDPREFMP - ok
16:48:14.0169 10648 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
16:48:14.0183 10648 RDPWD - ok
16:48:14.0207 10648 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:48:14.0221 10648 rdyboost - ok
16:48:14.0330 10648 RegSrvc (3b71b5b91e7dca93585d5a86c897adc4) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:48:14.0362 10648 RegSrvc - ok
16:48:14.0407 10648 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:48:14.0411 10648 RemoteAccess - ok
16:48:14.0443 10648 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:48:14.0453 10648 RemoteRegistry - ok
16:48:14.0510 10648 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys
16:48:14.0513 10648 rimmptsk - ok
16:48:14.0533 10648 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\Windows\system32\DRIVERS\rimspe64.sys
16:48:14.0536 10648 rimspci - ok
16:48:14.0584 10648 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
16:48:14.0586 10648 RimVSerPort - ok
16:48:14.0605 10648 risdpcie (a6da2b0c8f5bb3f9f5423cff8d6a02d9) C:\Windows\system32\DRIVERS\risdpe64.sys
16:48:14.0608 10648 risdpcie - ok
16:48:14.0625 10648 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys
16:48:14.0629 10648 rismxdp - ok
16:48:14.0650 10648 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\Windows\system32\DRIVERS\rixdpe64.sys
16:48:14.0653 10648 rixdpcie - ok
16:48:14.0679 10648 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
16:48:14.0681 10648 ROOTMODEM - ok
16:48:14.0704 10648 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:48:14.0722 10648 RpcEptMapper - ok
16:48:14.0745 10648 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:48:14.0749 10648 RpcLocator - ok
16:48:14.0790 10648 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:48:14.0794 10648 RpcSs - ok
16:48:14.0827 10648 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:48:14.0830 10648 rspndr - ok
16:48:14.0885 10648 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:48:14.0901 10648 RTL8167 - ok
16:48:14.0928 10648 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:48:14.0931 10648 SamSs - ok
16:48:14.0958 10648 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
16:48:14.0962 10648 sbp2port - ok
16:48:15.0017 10648 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\Windows\system32\drivers\SBREdrv.sys
16:48:15.0020 10648 SBRE - ok
16:48:15.0053 10648 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:48:15.0066 10648 SCardSvr - ok
16:48:15.0082 10648 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:48:15.0085 10648 scfilter - ok
16:48:15.0186 10648 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
16:48:15.0231 10648 Schedule - ok
16:48:15.0263 10648 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:48:15.0264 10648 SCPolicySvc - ok
16:48:15.0286 10648 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
16:48:15.0300 10648 SDRSVC - ok
16:48:15.0347 10648 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:48:15.0350 10648 secdrv - ok
16:48:15.0367 10648 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
16:48:15.0373 10648 seclogon - ok
16:48:15.0393 10648 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:48:15.0398 10648 SENS - ok
16:48:15.0414 10648 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:48:15.0418 10648 SensrSvc - ok
16:48:15.0436 10648 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:48:15.0439 10648 Serenum - ok
16:48:15.0475 10648 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:48:15.0479 10648 Serial - ok
16:48:15.0491 10648 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:48:15.0494 10648 sermouse - ok
16:48:15.0523 10648 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
16:48:15.0528 10648 SessionEnv - ok
16:48:15.0539 10648 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:48:15.0542 10648 sffdisk - ok
16:48:15.0557 10648 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:48:15.0560 10648 sffp_mmc - ok
16:48:15.0566 10648 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:48:15.0568 10648 sffp_sd - ok
16:48:15.0573 10648 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:48:15.0575 10648 sfloppy - ok
16:48:15.0685 10648 SftService (e1974a92ac0914a3859359a0a8c82c68) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
16:48:15.0726 10648 SftService - ok
16:48:15.0771 10648 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
16:48:15.0786 10648 ShellHWDetection - ok
16:48:15.0830 10648 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:48:15.0841 10648 SiSRaid2 - ok
16:48:15.0859 10648 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:48:15.0863 10648 SiSRaid4 - ok
16:48:15.0889 10648 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:48:15.0893 10648 Smb - ok
16:48:15.0930 10648 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:48:15.0936 10648 SNMPTRAP - ok
16:48:15.0951 10648 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:48:15.0955 10648 spldr - ok
16:48:16.0020 10648 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
16:48:16.0056 10648 Spooler - ok
16:48:16.0285 10648 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
16:48:16.0376 10648 sppsvc - ok
16:48:16.0488 10648 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:48:16.0494 10648 sppuinotify - ok
16:48:16.0558 10648 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
16:48:16.0574 10648 sprtsvc_DellSupportCenter - ok
16:48:16.0643 10648 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:48:16.0670 10648 srv - ok
16:48:16.0703 10648 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:48:16.0720 10648 srv2 - ok
16:48:16.0745 10648 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:48:16.0759 10648 srvnet - ok
16:48:16.0806 10648 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:48:16.0821 10648 SSDPSRV - ok
16:48:16.0841 10648 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:48:16.0844 10648 SstpSvc - ok
16:48:16.0940 10648 STacSV (da7702025dfd169b909c4da3126762cc) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
16:48:16.0955 10648 STacSV - ok
16:48:17.0001 10648 stdflt (c48e0745d33897c7a73394214f2b9b4f) C:\Windows\system32\DRIVERS\stdflt.sys
16:48:17.0004 10648 stdflt - ok
16:48:17.0032 10648 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:48:17.0034 10648 stexstor - ok
16:48:17.0094 10648 STHDA (caf5a9708671b14b9670260735b22c4e) C:\Windows\system32\DRIVERS\stwrt64.sys
16:48:17.0119 10648 STHDA - ok
16:48:17.0183 10648 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
16:48:17.0208 10648 stisvc - ok
16:48:17.0222 10648 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:48:17.0225 10648 swenum - ok
16:48:17.0277 10648 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:48:17.0319 10648 swprv - ok
16:48:17.0385 10648 SynTP (639b57dc871be4b86283027faf1f4e30) C:\Windows\system32\DRIVERS\SynTP.sys
16:48:17.0399 10648 SynTP - ok
16:48:17.0523 10648 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
16:48:17.0580 10648 SysMain - ok
16:48:17.0691 10648 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
16:48:17.0695 10648 TabletInputService - ok
16:48:17.0740 10648 tap0901 (7ccf5587bdcd50c102b526e69da40bf0) C:\Windows\system32\DRIVERS\tap0901.sys
16:48:17.0744 10648 tap0901 - ok
16:48:17.0777 10648 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
16:48:17.0793 10648 TapiSrv - ok
16:48:17.0828 10648 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:48:17.0842 10648 TBS - ok
16:48:18.0075 10648 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
16:48:18.0132 10648 Tcpip - ok
16:48:18.0318 10648 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
16:48:18.0338 10648 TCPIP6 - ok
16:48:18.0422 10648 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:48:18.0437 10648 tcpipreg - ok
16:48:18.0456 10648 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:48:18.0458 10648 TDPIPE - ok
16:48:18.0497 10648 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
16:48:18.0510 10648 TDTCP - ok
16:48:18.0532 10648 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:48:18.0535 10648 tdx - ok
16:48:18.0547 10648 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
16:48:18.0549 10648 TermDD - ok
16:48:18.0588 10648 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
16:48:18.0632 10648 TermService - ok
16:48:18.0649 10648 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:48:18.0655 10648 Themes - ok
16:48:18.0680 10648 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:48:18.0681 10648 THREADORDER - ok
16:48:18.0727 10648 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:48:18.0734 10648 TrkWks - ok
16:48:18.0779 10648 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
16:48:18.0794 10648 TrustedInstaller - ok
16:48:18.0819 10648 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:48:18.0822 10648 tssecsrv - ok
16:48:18.0858 10648 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:48:18.0862 10648 tunnel - ok
16:48:18.0885 10648 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:48:18.0899 10648 uagp35 - ok
16:48:18.0940 10648 udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
16:48:18.0956 10648 udfs - ok
16:48:18.0976 10648 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:48:18.0981 10648 UI0Detect - ok
16:48:19.0004 10648 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:48:19.0008 10648 uliagpkx - ok
16:48:19.0028 10648 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:48:19.0031 10648 umbus - ok
16:48:19.0047 10648 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:48:19.0050 10648 UmPass - ok
16:48:19.0086 10648 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:48:19.0105 10648 upnphost - ok
16:48:19.0154 10648 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
16:48:19.0158 10648 USBAAPL64 - ok
16:48:19.0199 10648 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
16:48:19.0204 10648 usbccgp - ok
16:48:19.0238 10648 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
16:48:19.0243 10648 usbcir - ok
16:48:19.0259 10648 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
16:48:19.0262 10648 usbehci - ok
16:48:19.0297 10648 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
16:48:19.0316 10648 usbhub - ok
16:48:19.0337 10648 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
16:48:19.0341 10648 usbohci - ok
16:48:19.0364 10648 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:48:19.0367 10648 usbprint - ok
16:48:19.0402 10648 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:48:19.0406 10648 USBSTOR - ok
16:48:19.0420 10648 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
16:48:19.0426 10648 usbuhci - ok
16:48:19.0476 10648 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
16:48:19.0500 10648 usbvideo - ok
16:48:19.0529 10648 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:48:19.0534 10648 UxSms - ok
16:48:19.0564 10648 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:48:19.0567 10648 VaultSvc - ok
16:48:19.0601 10648 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:48:19.0604 10648 vdrvroot - ok
16:48:19.0649 10648 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
16:48:19.0695 10648 vds - ok
16:48:19.0720 10648 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:48:19.0723 10648 vga - ok
16:48:19.0740 10648 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:48:19.0743 10648 VgaSave - ok
16:48:19.0765 10648 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
16:48:19.0778 10648 vhdmp - ok
16:48:19.0797 10648 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
16:48:19.0818 10648 viaide - ok
16:48:19.0832 10648 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
16:48:19.0835 10648 volmgr - ok
16:48:19.0876 10648 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:48:19.0895 10648 volmgrx - ok
16:48:19.0927 10648 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
16:48:19.0940 10648 volsnap - ok
16:48:19.0968 10648 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:48:19.0978 10648 vsmraid - ok
16:48:20.0082 10648 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
16:48:20.0143 10648 VSS - ok
16:48:20.0258 10648 vToolbarUpdater12.1.5 (3da649c6ec481d8f36b54f33fc01dd1e) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe
16:48:20.0299 10648 vToolbarUpdater12.1.5 - ok
16:48:20.0447 10648 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:48:20.0458 10648 vwifibus - ok
16:48:20.0484 10648 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:48:20.0487 10648 vwififlt - ok
16:48:20.0494 10648 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:48:20.0497 10648 vwifimp - ok
16:48:20.0540 10648 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:48:20.0565 10648 W32Time - ok
16:48:20.0586 10648 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:48:20.0589 10648 WacomPen - ok
16:48:20.0618 10648 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:48:20.0622 10648 WANARP - ok
16:48:20.0633 10648 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:48:20.0635 10648 Wanarpv6 - ok
16:48:20.0739 10648 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:48:20.0785 10648 WatAdminSvc - ok
16:48:20.0893 10648 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
16:48:20.0941 10648 wbengine - ok
16:48:21.0067 10648 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:48:21.0083 10648 WbioSrvc - ok
16:48:21.0135 10648 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
16:48:21.0177 10648 wcncsvc - ok
16:48:21.0195 10648 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:48:21.0200 10648 WcsPlugInService - ok
16:48:21.0240 10648 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:48:21.0243 10648 Wd - ok
16:48:21.0295 10648 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:48:21.0334 10648 Wdf01000 - ok
16:48:21.0358 10648 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:48:21.0364 10648 WdiServiceHost - ok
16:48:21.0369 10648 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:48:21.0373 10648 WdiSystemHost - ok
16:48:21.0421 10648 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
16:48:21.0437 10648 WebClient - ok
16:48:21.0469 10648 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:48:21.0481 10648 Wecsvc - ok
16:48:21.0504 10648 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:48:21.0508 10648 wercplsupport - ok
16:48:21.0534 10648 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:48:21.0540 10648 WerSvc - ok
16:48:21.0575 10648 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:48:21.0578 10648 WfpLwf - ok
16:48:21.0612 10648 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
16:48:21.0621 10648 WimFltr - ok
16:48:21.0640 10648 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:48:21.0643 10648 WIMMount - ok
16:48:21.0651 10648 WinHttpAutoProxySvc - ok
16:48:21.0716 10648 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:48:21.0737 10648 Winmgmt - ok
16:48:21.0969 10648 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
16:48:22.0008 10648 WinRM - ok
16:48:22.0156 10648 WinUsb (4d52c872018af7e18d078978dcc3f6f2) C:\Windows\system32\DRIVERS\WinUsb.sys
16:48:22.0160 10648 WinUsb - ok
16:48:22.0239 10648 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:48:22.0270 10648 Wlansvc - ok
16:48:22.0308 10648 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:48:22.0311 10648 WmiAcpi - ok
16:48:22.0373 10648 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:48:22.0388 10648 wmiApSrv - ok
16:48:22.0416 10648 WMPNetworkSvc - ok
16:48:22.0432 10648 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:48:22.0437 10648 WPCSvc - ok
16:48:22.0461 10648 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
16:48:22.0465 10648 WPDBusEnum - ok
16:48:22.0475 10648 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:48:22.0477 10648 ws2ifsl - ok
16:48:22.0520 10648 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
16:48:22.0523 10648 WSDPrintDevice - ok
16:48:22.0529 10648 WSearch - ok
16:48:22.0565 10648 WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys
16:48:22.0568 10648 WudfPf - ok
16:48:22.0601 10648 WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:48:22.0615 10648 WUDFRd - ok
16:48:22.0635 10648 wudfsvc (27b9bee5aac00139e3a3af5d6227a0dc) C:\Windows\System32\WUDFSvc.dll
16:48:22.0641 10648 wudfsvc - ok
16:48:22.0667 10648 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:48:22.0682 10648 WwanSvc - ok
16:48:22.0745 10648 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
16:48:23.0153 10648 \Device\Harddisk0\DR0 - ok
16:48:23.0158 10648 Boot (0x1200) (23d67aad727243674d1de8e73cfc9f41) \Device\Harddisk0\DR0\Partition0
16:48:23.0163 10648 \Device\Harddisk0\DR0\Partition0 - ok
16:48:23.0198 10648 Boot (0x1200) (5806b080c40c6cd2bf0775127e9433ca) \Device\Harddisk0\DR0\Partition1
16:48:23.0201 10648 \Device\Harddisk0\DR0\Partition1 - ok
16:48:23.0201 10648 ============================================================
16:48:23.0201 10648 Scan finished
16:48:23.0201 10648 ============================================================
16:48:23.0220 14424 Detected object count: 1
16:48:23.0220 14424 Actual detected object count: 1
16:48:41.0412 14424 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
16:48:41.0413 14424 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

Edited by BRedSox, 26 July 2012 - 03:50 PM.


#8 BRedSox

BRedSox
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 26 July 2012 - 04:25 PM

Please download aswMBR ( 511KB ) to your desktop.


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-26 16:52:38
-----------------------------
16:52:38.540 OS Version: Windows x64 6.1.7600
16:52:38.540 Number of processors: 4 586 0x2502
16:52:38.541 ComputerName: BRADLEY-PC UserName: Bradley
16:52:41.251 Initialize success
16:57:12.716 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:57:12.721 Disk 0 Vendor: ST9500420AS D005SDM1 Size: 476940MB BusType: 11
16:57:12.741 Disk 0 MBR read successfully
16:57:12.746 Disk 0 MBR scan
16:57:12.751 Disk 0 Windows VISTA default MBR code
16:57:12.758 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
16:57:12.771 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
16:57:12.788 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461899 MB offset 30800325
16:57:12.806 Disk 0 scanning C:\Windows\system32\drivers
16:57:20.986 Service scanning
16:57:34.401 Modules scanning
16:57:34.419 Disk 0 trace - called modules:
16:57:34.446 ntoskrnl.exe CLASSPNP.SYS disk.sys stdflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
16:57:34.452 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a35060]
16:57:34.457 3 CLASSPNP.SYS[fffff8800100143f] -> nt!IofCallDriver -> [0xfffffa8004a34040]
16:57:34.672 5 stdflt.sys[fffff880015f5a4a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800490c060]
16:57:34.686 Scan finished successfully
16:57:50.382 Disk 0 MBR has been saved successfully to "C:\Users\Bradley\Desktop\MBR.dat"
16:57:50.388 The log file has been saved successfully to "C:\Users\Bradley\Desktop\aswMBR.txt"

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:41 AM

Posted 26 July 2012 - 05:00 PM

Looks good.. How is it running?
I guess we should see if AVG is happy now.

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
    64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u5-windows-i586.exe (or jre-7u5-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 BRedSox

BRedSox
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 26 July 2012 - 07:20 PM

ESET OnlineScan

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\FoxTabFlvPlayer\FLVPlayer.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Bradley\AppData\Local\Apps\Apple\rtfzrvfnz.dll a variant of Win32/Kryptik.AIZP trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Bradley\AppData\Local\Temp\NODAF73.tmp a variant of Win32/Kryptik.AIZP trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Bradley\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\120725184408059.rsc a variant of Java/Exploit.CVE-2012-1723.Q trojan deleted - quarantined
C:\Users\Bradley\AppData\Roaming\Mozilla\Firefox\Profiles\rns2yp61.default\extensions\sryzjsljvy@sryzjsljvy.org.xpi JS/Redirector.NCA trojan deleted (after the next restart) - quarantined
C:\Users\Bradley\Downloads\gimp_12105.exe probably a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Windows\Installer\{4fb9d4b6-3549-c408-902a-8cb479d34df0}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{4fb9d4b6-3549-c408-902a-8cb479d34df0}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
Operating memory a variant of Win32/Sirefef.EZ trojan

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:41 AM

Posted 26 July 2012 - 07:28 PM

I knew ESET would find the culprit.
How is it now you had a few rootkits removed.

These have stolen any passwords and/or credit card info stored on here and they will need to be changed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 BRedSox

BRedSox
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 27 July 2012 - 08:59 AM

As an update: When I make a general search in Google (Firefox Browser), I still get redirects...Very frustrating to say the least. It's like I'm being hijacked. Any solution behind this?

I ran the following scans as a final walk-through. AVG is a "Whole Computer Scan"

AVG Resident Shield Alert has picked up (2) threats detected.

File Name: c:/Windows/assembly/GAC_32/Desktop.ini
Threat name: Trojan horse BackDoor.Generic.15.AXLA

File name: c:/Windows/System32/services.exe
Threat name: Trojan horse Patched_c.LXT

*Removing of threat has failed. Using advanced object removing technique is forbidden


Malwarebytes: Clean Sweep

SpyBOT: Clean Sweep

I'll be sure to change my CC PW's asap.

Edited by BRedSox, 27 July 2012 - 09:15 AM.


#13 BRedSox

BRedSox
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 27 July 2012 - 09:15 AM

AVG Scan "Whole computer scan" completed.
Infections;"3";"1";"2"
Folders selected for scanning:;"Whole computer scan"
Scan started:;"Friday, July 27, 2012, 9:13:41 AM"
Scan finished:;"Friday, July 27, 2012, 10:12:24 AM (58 minute(s) 43 second(s))"
Total object scanned:;"1599735"
User who launched the scan:;"Bradley"

Infections
;"File";"Infection";"Result"
;"C:\Program Files (x86)\Mozilla Firefox\firefox.exe (3872):\memory_002b0000";"Found Luhe.Sirefef.A";"Object is inaccessible."
;"C:\Program Files (x86)\Mozilla Firefox\firefox.exe (3872)";"Found Luhe.Sirefef.A";""
;"C:\Windows\System32\services.exe";"Trojan horse Patched_c.LXT";"Object is white-listed (critical/system file that should not be removed)"

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:41 AM

Posted 27 July 2012 - 07:34 PM

Hello, here's the reality with these Backdoor infections.

One or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.

To clean...
We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users