Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Fake Adobe Reader and redirect problem


  • Please log in to reply
5 replies to this topic

#1 n2thewind

n2thewind

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 17 August 2012 - 04:19 PM

Well...
I just posted my first forum message in the Introduction Forum and realized I immediately (inadvertantly) broke the rules. In addition to the intro I gave a description of the problems I'm having but now know the problem should have been posted in this forum..so here goes.

I'm into vintage motorcycles and do a lot of on-line web-surfing for hard to find parts. The searches often take me to friendly foreign countries such as Australia, New Zealand, England, Germany, etc. It seems that during the visits to the many web-sites I am picking up some viruses and malware along the way. The Security Shield virus is a recurring problem on my computer and I recently have been getting fake Adobe Reader updates. Web-site redirects happen on an on-going basis. My security is the McAfee security suite I got from my internet service provider. I go regular updates and scans but it doesn't seem to keep the malware out or remove it. I recently also had Microsoft Security Essentials installed but I uninstalled it so there would be no conflict between the two security applications.

The ISP tech folks helped me remove the Security Shield virus about a month ago but I just got another banner saying "Security Shield successfully installed". The continuous redirects and the fake adobe reader update have me really concerned. Can anyone assist in cleaning the vermin out of my computer and keeping them out?

Thanks,

n2thewind

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:14 AM

Posted 17 August 2012 - 04:22 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 n2thewind

n2thewind
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 19 August 2012 - 12:03 PM

Hello NarenXP,

Before I saw your post I ram Malwarebytes anti-malware program and it found and removed several issues. I have posted the log below. However, after these items were removed I still cannot turn on either the Windows Firewall or the McAfee Firewall. When I try to turn the McAfee firewall on it immediately switches back to off. When I try to turn the Windows firewall on I get an error message "Windows can't change some of your settings. Error code Ox80070424."

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.17.08

Windows 7 Service Pack 1 x64 NTFS

Protection: Enabled

8/17/2012 7:58:02 PM
mbam-log-2012-08-17 (19-58-02).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 475918
Time elapsed: 3 hour(s), 8 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Users\Rick\AppData\Local\PowerDVD DX\Microsoft Help\egavp.dll (Trojan.RedirRdll3.Gen) -> Delete on reboot.

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Microsoft Help (Trojan.RedirRdll3.Gen) -> Data: rundll32.exe "C:\Users\Rick\AppData\Local\PowerDVD DX\Microsoft Help\egavp.dll",CreateInstance -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Users\Rick\AppData\Local\Temp\0.11508672674592813 (Trojan.Happili) -> Quarantined and deleted successfully.
C:\Users\Rick\AppData\Local\Temp\4943E54D234815.exe (RootKit.0Access) -> Quarantined and deleted successfully.
C:\Users\Rick\AppData\Local\Temp\msimg32.dll (RootKit.0Access) -> Quarantined and deleted successfully.
C:\Users\Rick\AppData\Local\PowerDVD DX\Microsoft Help\egavp.dll (Trojan.RedirRdll3.Gen) -> Delete on reboot.

Here is the log for TDSSKiller

09:51:45.0200 1588 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
09:51:45.0478 1588 ============================================================
09:51:45.0478 1588 Current date / time: 2012/08/19 09:51:45.0478
09:51:45.0478 1588 SystemInfo:
09:51:45.0478 1588
09:51:45.0478 1588 OS Version: 6.1.7601 ServicePack: 1.0
09:51:45.0478 1588 Product type: Workstation
09:51:45.0478 1588 ComputerName: RICK-PC
09:51:45.0479 1588 UserName: Rick
09:51:45.0479 1588 Windows directory: C:\Windows
09:51:45.0479 1588 System windows directory: C:\Windows
09:51:45.0479 1588 Running under WOW64
09:51:45.0479 1588 Processor architecture: Intel x64
09:51:45.0479 1588 Number of processors: 4
09:51:45.0479 1588 Page size: 0x1000
09:51:45.0479 1588 Boot type: Normal boot
09:51:45.0479 1588 ============================================================
09:51:47.0121 1588 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:51:47.0131 1588 ============================================================
09:51:47.0131 1588 \Device\Harddisk0\DR0:
09:51:47.0131 1588 MBR partitions:
09:51:47.0132 1588 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1388000
09:51:47.0132 1588 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13BA800, BlocksNum 0x7530000
09:51:47.0147 1588 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x88EB000, BlocksNum 0x1CB43000
09:51:47.0147 1588 ============================================================
09:51:47.0179 1588 C: <-> \Device\Harddisk0\DR0\Partition2
09:51:47.0219 1588 D: <-> \Device\Harddisk0\DR0\Partition3
09:51:47.0219 1588 ============================================================
09:51:47.0219 1588 Initialize success
09:51:47.0219 1588 ============================================================
09:52:11.0076 4560 ============================================================
09:52:11.0076 4560 Scan started
09:52:11.0076 4560 Mode: Manual; TDLFS;
09:52:11.0076 4560 ============================================================
09:52:12.0560 4560 ================ Scan services =============================
09:52:12.0695 4560 [ 7d9d615201a483d6fa99491c2e655a5a ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
09:52:12.0697 4560 !SASCORE - ok
09:52:12.0897 4560 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:52:12.0900 4560 1394ohci - ok
09:52:12.0961 4560 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:52:12.0963 4560 ACPI - ok
09:52:12.0999 4560 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:52:13.0000 4560 AcpiPmi - ok
09:52:13.0145 4560 [ d19c4ee2ac7c47b8f5f84fff1a789d8a ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:52:13.0146 4560 AdobeARMservice - ok
09:52:13.0196 4560 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:52:13.0199 4560 adp94xx - ok
09:52:13.0219 4560 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:52:13.0224 4560 adpahci - ok
09:52:13.0236 4560 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:52:13.0239 4560 adpu320 - ok
09:52:13.0266 4560 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:52:13.0267 4560 AeLookupSvc - ok
09:52:13.0315 4560 [ 3ac22a3dfa8a050e35f0e3cd99d0cdf2 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
09:52:13.0376 4560 AERTFilters - ok
09:52:13.0445 4560 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:52:13.0452 4560 AFD - ok
09:52:13.0504 4560 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:52:13.0512 4560 agp440 - ok
09:52:13.0545 4560 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
09:52:13.0547 4560 ALG - ok
09:52:13.0573 4560 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:52:13.0574 4560 aliide - ok
09:52:13.0593 4560 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys
09:52:13.0597 4560 amdide - ok
09:52:13.0634 4560 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:52:13.0636 4560 AmdK8 - ok
09:52:13.0641 4560 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:52:13.0644 4560 AmdPPM - ok
09:52:13.0696 4560 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:52:13.0697 4560 amdsata - ok
09:52:13.0707 4560 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:52:13.0729 4560 amdsbs - ok
09:52:13.0743 4560 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:52:13.0744 4560 amdxata - ok
09:52:13.0785 4560 [ 4de0d5d747a73797c95a97dcce5018b5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
09:52:13.0786 4560 androidusb - ok
09:52:13.0821 4560 [ 8b522286c8d6a20133d12225b7759596 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
09:52:13.0824 4560 ApfiltrService - ok
09:52:13.0871 4560 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys
09:52:13.0873 4560 AppID - ok
09:52:13.0901 4560 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:52:13.0902 4560 AppIDSvc - ok
09:52:13.0935 4560 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:52:13.0938 4560 Appinfo - ok
09:52:14.0018 4560 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys
09:52:14.0019 4560 arc - ok
09:52:14.0027 4560 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:52:14.0030 4560 arcsas - ok
09:52:14.0076 4560 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:52:14.0077 4560 AsyncMac - ok
09:52:14.0122 4560 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys
09:52:14.0123 4560 atapi - ok
09:52:14.0188 4560 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:52:14.0196 4560 AudioEndpointBuilder - ok
09:52:14.0211 4560 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:52:14.0216 4560 AudioSrv - ok
09:52:14.0269 4560 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:52:14.0272 4560 AxInstSV - ok
09:52:14.0313 4560 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:52:14.0316 4560 b06bdrv - ok
09:52:14.0356 4560 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:52:14.0368 4560 b57nd60a - ok
09:52:14.0411 4560 [ e001dd475a7c27ebe5a0db45c11bad71 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
09:52:14.0412 4560 BCM42RLY - ok
09:52:14.0525 4560 [ 37394d3553e220fb732c21e217e1bd8b ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
09:52:14.0547 4560 BCM43XX - ok
09:52:14.0595 4560 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:52:14.0597 4560 BDESVC - ok
09:52:14.0642 4560 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:52:14.0650 4560 Beep - ok
09:52:14.0688 4560 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\system32\qmgr.dll
09:52:14.0695 4560 BITS - ok
09:52:14.0722 4560 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:52:14.0722 4560 blbdrive - ok
09:52:14.0772 4560 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:52:14.0775 4560 bowser - ok
09:52:14.0795 4560 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:52:14.0797 4560 BrFiltLo - ok
09:52:14.0821 4560 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:52:14.0822 4560 BrFiltUp - ok
09:52:14.0856 4560 [ 5c2f352a4e961d72518261257aae204b ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:52:14.0858 4560 BridgeMP - ok
09:52:14.0885 4560 [ 05f5a0d14a2ee1d8255c2aa0e9e8e694 ] Browser C:\Windows\System32\browser.dll
09:52:14.0888 4560 Browser - ok
09:52:14.0918 4560 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:52:14.0922 4560 Brserid - ok
09:52:14.0942 4560 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:52:14.0943 4560 BrSerWdm - ok
09:52:14.0963 4560 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:52:14.0966 4560 BrUsbMdm - ok
09:52:14.0978 4560 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:52:14.0981 4560 BrUsbSer - ok
09:52:14.0997 4560 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:52:14.0999 4560 BTHMODEM - ok
09:52:15.0036 4560 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
09:52:15.0040 4560 bthserv - ok
09:52:15.0076 4560 catchme - ok
09:52:15.0119 4560 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:52:15.0121 4560 cdfs - ok
09:52:15.0167 4560 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
09:52:15.0168 4560 cdrom - ok
09:52:15.0207 4560 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll
09:52:15.0209 4560 CertPropSvc - ok
09:52:15.0269 4560 [ 274ce03459896006f7a5069266e0469e ] cfwids C:\Windows\system32\drivers\cfwids.sys
09:52:15.0270 4560 cfwids - ok
09:52:15.0295 4560 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:52:15.0298 4560 circlass - ok
09:52:15.0334 4560 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
09:52:15.0339 4560 CLFS - ok
09:52:15.0423 4560 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:52:15.0423 4560 clr_optimization_v2.0.50727_32 - ok
09:52:15.0493 4560 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:52:15.0503 4560 clr_optimization_v2.0.50727_64 - ok
09:52:15.0593 4560 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:52:15.0593 4560 clr_optimization_v4.0.30319_32 - ok
09:52:15.0633 4560 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:52:15.0633 4560 clr_optimization_v4.0.30319_64 - ok
09:52:15.0663 4560 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:52:15.0663 4560 CmBatt - ok
09:52:15.0713 4560 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:52:15.0713 4560 cmdide - ok
09:52:15.0773 4560 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys
09:52:15.0833 4560 CNG - ok
09:52:15.0863 4560 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:52:15.0863 4560 Compbatt - ok
09:52:15.0913 4560 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:52:15.0913 4560 CompositeBus - ok
09:52:15.0938 4560 COMSysApp - ok
09:52:15.0966 4560 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:52:15.0968 4560 crcdisk - ok
09:52:16.0023 4560 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:52:16.0071 4560 CryptSvc - ok
09:52:16.0128 4560 [ ed5cf92396a62f4c15110dcdb5e854d9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
09:52:16.0131 4560 CtClsFlt - ok
09:52:16.0223 4560 [ a5bea0e5c297f5f3835638a87e512fba ] CTDevice_Srv C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
09:52:16.0224 4560 CTDevice_Srv - ok
09:52:16.0298 4560 [ 8e26d772f53b7883a651e0e4a9598f21 ] CTUPnPSv C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe
09:52:16.0299 4560 CTUPnPSv - ok
09:52:16.0359 4560 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:52:16.0367 4560 DcomLaunch - ok
09:52:16.0415 4560 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
09:52:16.0417 4560 defragsvc - ok
09:52:16.0463 4560 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:52:16.0465 4560 DfsC - ok
09:52:16.0512 4560 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll
09:52:16.0517 4560 Dhcp - ok
09:52:16.0545 4560 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
09:52:16.0546 4560 discache - ok
09:52:16.0585 4560 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:52:16.0586 4560 Disk - ok
09:52:16.0635 4560 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:52:16.0637 4560 Dnscache - ok
09:52:16.0721 4560 [ 0840abbbdf438691ee65a20040635cbe ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
09:52:16.0724 4560 DockLoginService - ok
09:52:16.0789 4560 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:52:16.0794 4560 dot3svc - ok
09:52:16.0837 4560 [ b42ed0320c6e41102fde0005154849bb ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
09:52:16.0839 4560 Dot4 - ok
09:52:16.0881 4560 [ e9f5969233c5d89f3c35e3a66a52a361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
09:52:16.0881 4560 Dot4Print - ok
09:52:16.0920 4560 [ fd05a02b0370bc3000f402e543ca5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
09:52:16.0921 4560 dot4usb - ok
09:52:16.0954 4560 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll
09:52:16.0957 4560 DPS - ok
09:52:17.0005 4560 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:52:17.0005 4560 drmkaud - ok
09:52:17.0069 4560 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:52:17.0081 4560 DXGKrnl - ok
09:52:17.0115 4560 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:52:17.0117 4560 EapHost - ok
09:52:17.0141 4560 easytether - ok
09:52:17.0245 4560 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:52:17.0282 4560 ebdrv - ok
09:52:17.0310 4560 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe
09:52:17.0311 4560 EFS - ok
09:52:17.0414 4560 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:52:17.0423 4560 ehRecvr - ok
09:52:17.0459 4560 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
09:52:17.0461 4560 ehSched - ok
09:52:17.0503 4560 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:52:17.0518 4560 elxstor - ok
09:52:17.0555 4560 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:52:17.0557 4560 ErrDev - ok
09:52:17.0602 4560 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
09:52:17.0608 4560 EventSystem - ok
09:52:17.0648 4560 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
09:52:17.0652 4560 exfat - ok
09:52:17.0689 4560 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:52:17.0691 4560 fastfat - ok
09:52:17.0749 4560 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe
09:52:17.0758 4560 Fax - ok
09:52:17.0789 4560 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:52:17.0790 4560 fdc - ok
09:52:17.0806 4560 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:52:17.0807 4560 fdPHost - ok
09:52:17.0815 4560 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:52:17.0816 4560 FDResPub - ok
09:52:17.0831 4560 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:52:17.0832 4560 FileInfo - ok
09:52:17.0862 4560 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:52:17.0863 4560 Filetrace - ok
09:52:17.0966 4560 [ bb0667b0171b632b97ea759515476f07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:52:17.0974 4560 FLEXnet Licensing Service - ok
09:52:17.0984 4560 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:52:17.0989 4560 flpydisk - ok
09:52:18.0036 4560 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:52:18.0076 4560 FltMgr - ok
09:52:18.0133 4560 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll
09:52:18.0146 4560 FontCache - ok
09:52:18.0213 4560 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:52:18.0214 4560 FontCache3.0.0.0 - ok
09:52:18.0268 4560 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:52:18.0272 4560 FsDepends - ok
09:52:18.0307 4560 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:52:18.0308 4560 Fs_Rec - ok
09:52:18.0371 4560 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:52:18.0374 4560 fvevol - ok
09:52:18.0398 4560 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:52:18.0399 4560 gagp30kx - ok
09:52:18.0476 4560 [ c1bbce4b30b45410178ee674c818d10c ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
09:52:18.0478 4560 GameConsoleService - ok
09:52:18.0523 4560 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll
09:52:18.0583 4560 gpsvc - ok
09:52:18.0603 4560 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:52:18.0603 4560 hcw85cir - ok
09:52:18.0638 4560 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:52:18.0640 4560 HDAudBus - ok
09:52:18.0686 4560 [ b6ac71aaa2b10848f57fc49d55a651af ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:52:18.0687 4560 HECIx64 - ok
09:52:18.0715 4560 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:52:18.0716 4560 HidBatt - ok
09:52:18.0734 4560 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:52:18.0737 4560 HidBth - ok
09:52:18.0769 4560 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:52:18.0772 4560 HidIr - ok
09:52:18.0803 4560 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\System32\hidserv.dll
09:52:18.0808 4560 hidserv - ok
09:52:18.0850 4560 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:52:18.0851 4560 HidUsb - ok
09:52:18.0915 4560 [ 44f92c1f913e582bef9cac66443c6230 ] hitmanpro36 C:\Windows\system32\drivers\hitmanpro36.sys
09:52:18.0985 4560 hitmanpro36 - ok
09:52:19.0020 4560 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:52:19.0058 4560 hkmsvc - ok
09:52:19.0095 4560 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:52:19.0097 4560 HomeGroupListener - ok
09:52:19.0129 4560 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:52:19.0135 4560 HomeGroupProvider - ok
09:52:19.0260 4560 [ 1dae5c46d42b02a6d5862e1482efb390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
09:52:19.0264 4560 hpqcxs08 - ok
09:52:19.0336 4560 [ 99e8eef42fe2f4af29b08c3355dd7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
09:52:19.0338 4560 hpqddsvc - ok
09:52:19.0384 4560 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:52:19.0385 4560 HpSAMD - ok
09:52:19.0455 4560 [ f37882f128efacefe353e0bae2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
09:52:19.0465 4560 HPSLPSVC - ok
09:52:19.0505 4560 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:52:19.0515 4560 HTTP - ok
09:52:19.0545 4560 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:52:19.0545 4560 hwpolicy - ok
09:52:19.0595 4560 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:52:19.0595 4560 i8042prt - ok
09:52:19.0675 4560 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:52:19.0685 4560 iaStorV - ok
09:52:19.0745 4560 [ 6f95324909b502e2651442c1548ab12f ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:52:19.0755 4560 IDriverT - ok
09:52:19.0825 4560 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:52:19.0830 4560 idsvc - ok
09:52:20.0020 4560 [ 0372c154226f7074cd150f475a4870a6 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:52:20.0100 4560 igfx - ok
09:52:20.0152 4560 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:52:20.0152 4560 iirsp - ok
09:52:20.0227 4560 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll
09:52:20.0290 4560 IKEEXT - ok
09:52:20.0322 4560 [ 36fdf367a1dabff903e2214023d71368 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
09:52:20.0322 4560 Impcd - ok
09:52:20.0412 4560 [ 2a7cf87be453241fe0baa1c8651e7aa4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:52:20.0427 4560 IntcAzAudAddService - ok
09:52:20.0460 4560 [ 49072edbc5c2f964917d1b585c90ed0a ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
09:52:20.0510 4560 IntcDAud - ok
09:52:20.0530 4560 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys
09:52:20.0532 4560 intelide - ok
09:52:20.0572 4560 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:52:20.0572 4560 intelppm - ok
09:52:20.0695 4560 [ 3dc635b66dd7412e1c9c3a77b8d78f25 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
09:52:20.0695 4560 IntuitUpdateService - ok
09:52:20.0800 4560 [ 1663a135865f0ba6e853353e98e67f2a ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
09:52:20.0802 4560 IntuitUpdateServiceV4 - ok
09:52:20.0837 4560 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:52:20.0840 4560 IPBusEnum - ok
09:52:20.0875 4560 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:52:20.0877 4560 IpFilterDriver - ok
09:52:20.0909 4560 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:52:20.0911 4560 IPMIDRV - ok
09:52:20.0959 4560 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:52:20.0970 4560 IPNAT - ok
09:52:21.0000 4560 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:52:21.0001 4560 IRENUM - ok
09:52:21.0017 4560 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:52:21.0018 4560 isapnp - ok
09:52:21.0043 4560 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:52:21.0047 4560 iScsiPrt - ok
09:52:21.0071 4560 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:52:21.0072 4560 kbdclass - ok
09:52:21.0110 4560 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:52:21.0111 4560 kbdhid - ok
09:52:21.0121 4560 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe
09:52:21.0124 4560 KeyIso - ok
09:52:21.0184 4560 [ 07071c1e3cd8f0f9114aac8b072ca1e5 ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
09:52:21.0185 4560 KMWDFILTER - ok
09:52:21.0224 4560 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:52:21.0226 4560 KSecDD - ok
09:52:21.0268 4560 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:52:21.0270 4560 KSecPkg - ok
09:52:21.0308 4560 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:52:21.0309 4560 ksthunk - ok
09:52:21.0359 4560 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
09:52:21.0375 4560 KtmRm - ok
09:52:21.0434 4560 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\System32\srvsvc.dll
09:52:21.0440 4560 LanmanServer - ok
09:52:21.0482 4560 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:52:21.0486 4560 LanmanWorkstation - ok
09:52:21.0539 4560 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:52:21.0541 4560 lltdio - ok
09:52:21.0574 4560 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:52:21.0579 4560 lltdsvc - ok
09:52:21.0604 4560 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:52:21.0607 4560 lmhosts - ok
09:52:21.0649 4560 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:52:21.0652 4560 LSI_FC - ok
09:52:21.0664 4560 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:52:21.0666 4560 LSI_SAS - ok
09:52:21.0688 4560 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:52:21.0691 4560 LSI_SAS2 - ok
09:52:21.0712 4560 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:52:21.0714 4560 LSI_SCSI - ok
09:52:21.0741 4560 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
09:52:21.0743 4560 luafv - ok
09:52:21.0817 4560 [ dc8490812a3b72811ae534f423b4c206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:52:21.0818 4560 MBAMProtector - ok
09:52:21.0854 4560 [ 43683e970f008c93c9429ef428147a54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:52:21.0954 4560 MBAMService - ok
09:52:22.0069 4560 [ be8c524313db75fa26fb2b0c0aaff88e ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
09:52:22.0137 4560 McAfee SiteAdvisor Service - ok
09:52:22.0248 4560 [ acb01bf1a905356ab7f978c7fe852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:52:22.0316 4560 McMPFSvc - ok
09:52:22.0351 4560 [ acb01bf1a905356ab7f978c7fe852209 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:52:22.0404 4560 mcmscsvc - ok
09:52:22.0410 4560 [ acb01bf1a905356ab7f978c7fe852209 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:52:22.0464 4560 McNaiAnn - ok
09:52:22.0470 4560 [ acb01bf1a905356ab7f978c7fe852209 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:52:22.0523 4560 McNASvc - ok
09:52:22.0598 4560 [ dd2321925274f2902929d76ce2b0eb45 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
09:52:22.0676 4560 McODS - ok
09:52:22.0682 4560 [ acb01bf1a905356ab7f978c7fe852209 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:52:22.0736 4560 McProxy - ok
09:52:22.0831 4560 [ 597c77235621e7ddd32a68574fde6464 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
09:52:22.0834 4560 McShield - ok
09:52:22.0878 4560 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:52:22.0882 4560 Mcx2Svc - ok
09:52:22.0894 4560 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:52:22.0895 4560 megasas - ok
09:52:22.0936 4560 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:52:22.0950 4560 MegaSR - ok
09:52:23.0003 4560 [ b574522827d94126c03975fd53f0b26b ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
09:52:23.0006 4560 mfeapfk - ok
09:52:23.0055 4560 [ dab9a9cdfb04e4d68924492aa043019d ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
09:52:23.0059 4560 mfeavfk - ok
09:52:23.0103 4560 mfeavfk01 - ok
09:52:23.0170 4560 [ 134bb16f93a07c2c89b0b9c399382bdb ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
09:52:23.0173 4560 mfefire - ok
09:52:23.0243 4560 [ ce9a3680675c0907ade16404ca967b49 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
09:52:23.0250 4560 mfefirek - ok
09:52:23.0315 4560 [ 7092a6c6158fc4f5aa39ebeb9d5af03d ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
09:52:23.0325 4560 mfehidk - ok
09:52:23.0361 4560 [ a8129cfb919347f8533c934b365e9202 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
09:52:23.0363 4560 mfenlfk - ok
09:52:23.0405 4560 [ 5041fa2bd2b3a2693b015771bfbf6dca ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
09:52:23.0406 4560 mferkdet - ok
09:52:23.0439 4560 [ 04d48692eff181da46dd8ea8be9ffb2b ] mfevtp C:\Windows\system32\mfevtps.exe
09:52:23.0513 4560 mfevtp - ok
09:52:23.0566 4560 [ 1631e2da6c4b47d97eca94842836592e ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
09:52:23.0571 4560 mfewfpk - ok
09:52:23.0675 4560 [ 123271bd5237ab991dc5c21fdf8835eb ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
09:52:23.0677 4560 Microsoft Office Groove Audit Service - ok
09:52:23.0715 4560 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
09:52:23.0718 4560 MMCSS - ok
09:52:23.0743 4560 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:52:23.0745 4560 Modem - ok
09:52:23.0782 4560 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:52:23.0784 4560 monitor - ok
09:52:23.0836 4560 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:52:23.0837 4560 mouclass - ok
09:52:23.0850 4560 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:52:23.0852 4560 mouhid - ok
09:52:23.0884 4560 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:52:23.0885 4560 mountmgr - ok
09:52:23.0926 4560 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:52:23.0928 4560 mpio - ok
09:52:23.0952 4560 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:52:23.0954 4560 mpsdrv - ok
09:52:23.0998 4560 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:52:24.0000 4560 MRxDAV - ok
09:52:24.0058 4560 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:52:24.0060 4560 mrxsmb - ok
09:52:24.0112 4560 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:52:24.0117 4560 mrxsmb10 - ok
09:52:24.0134 4560 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:52:24.0136 4560 mrxsmb20 - ok
09:52:24.0172 4560 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:52:24.0255 4560 msahci - ok
09:52:24.0269 4560 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:52:24.0270 4560 msdsm - ok
09:52:24.0298 4560 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
09:52:24.0302 4560 MSDTC - ok
09:52:24.0349 4560 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:52:24.0350 4560 Msfs - ok
09:52:24.0383 4560 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:52:24.0383 4560 mshidkmdf - ok
09:52:24.0398 4560 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:52:24.0399 4560 msisadrv - ok
09:52:24.0424 4560 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:52:24.0426 4560 MSiSCSI - ok
09:52:24.0430 4560 msiserver - ok
09:52:24.0458 4560 [ acb01bf1a905356ab7f978c7fe852209 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:52:24.0529 4560 MSK80Service - ok
09:52:24.0555 4560 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:52:24.0564 4560 MSKSSRV - ok
09:52:24.0579 4560 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:52:24.0588 4560 MSPCLOCK - ok
09:52:24.0603 4560 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:52:24.0605 4560 MSPQM - ok
09:52:24.0641 4560 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:52:24.0644 4560 MsRPC - ok
09:52:24.0690 4560 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:52:24.0691 4560 mssmbios - ok
09:52:24.0727 4560 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:52:24.0728 4560 MSTEE - ok
09:52:24.0747 4560 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:52:24.0748 4560 MTConfig - ok
09:52:24.0770 4560 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:52:24.0771 4560 Mup - ok
09:52:24.0816 4560 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll
09:52:24.0825 4560 napagent - ok
09:52:24.0869 4560 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:52:24.0875 4560 NativeWifiP - ok
09:52:24.0936 4560 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys
09:52:25.0003 4560 NDIS - ok
09:52:25.0026 4560 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:52:25.0027 4560 NdisCap - ok
09:52:25.0074 4560 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:52:25.0076 4560 NdisTapi - ok
09:52:25.0112 4560 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:52:25.0114 4560 Ndisuio - ok
09:52:25.0150 4560 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:52:25.0152 4560 NdisWan - ok
09:52:25.0187 4560 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:52:25.0188 4560 NDProxy - ok
09:52:25.0234 4560 [ 2334dc48997ba203b794df3ee70521db ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:52:25.0236 4560 Net Driver HPZ12 - ok
09:52:25.0263 4560 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:52:25.0265 4560 NetBIOS - ok
09:52:25.0299 4560 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:52:25.0302 4560 NetBT - ok
09:52:25.0320 4560 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe
09:52:25.0323 4560 Netlogon - ok
09:52:25.0371 4560 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
09:52:25.0378 4560 Netman - ok
09:52:25.0404 4560 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
09:52:25.0419 4560 netprofm - ok
09:52:25.0454 4560 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:52:25.0455 4560 NetTcpPortSharing - ok
09:52:25.0487 4560 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:52:25.0492 4560 nfrd960 - ok
09:52:25.0558 4560 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:52:25.0565 4560 NlaSvc - ok
09:52:25.0586 4560 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:52:25.0587 4560 Npfs - ok
09:52:25.0625 4560 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:52:25.0628 4560 nsi - ok
09:52:25.0645 4560 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:52:25.0646 4560 nsiproxy - ok
09:52:25.0724 4560 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:52:25.0780 4560 Ntfs - ok
09:52:25.0820 4560 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
09:52:25.0830 4560 Null - ok
09:52:25.0883 4560 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:52:25.0886 4560 nvraid - ok
09:52:25.0902 4560 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:52:25.0905 4560 nvstor - ok
09:52:25.0958 4560 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:52:25.0960 4560 nv_agp - ok
09:52:26.0029 4560 [ 785f487a64950f3cb8e9f16253ba3b7b ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:52:26.0032 4560 odserv - ok
09:52:26.0067 4560 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:52:26.0068 4560 ohci1394 - ok
09:52:26.0122 4560 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:52:26.0124 4560 ose - ok
09:52:26.0187 4560 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:52:26.0194 4560 p2pimsvc - ok
09:52:26.0225 4560 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:52:26.0229 4560 p2psvc - ok
09:52:26.0257 4560 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:52:26.0258 4560 Parport - ok
09:52:26.0296 4560 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:52:26.0297 4560 partmgr - ok
09:52:26.0317 4560 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:52:26.0320 4560 PcaSvc - ok
09:52:26.0360 4560 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys
09:52:26.0362 4560 pci - ok
09:52:26.0380 4560 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys
09:52:26.0381 4560 pciide - ok
09:52:26.0408 4560 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:52:26.0419 4560 pcmcia - ok
09:52:26.0436 4560 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:52:26.0437 4560 pcw - ok
09:52:26.0471 4560 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:52:26.0475 4560 PEAUTH - ok
09:52:26.0575 4560 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:52:26.0577 4560 PerfHost - ok
09:52:26.0655 4560 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll
09:52:26.0721 4560 pla - ok
09:52:26.0790 4560 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:52:26.0840 4560 PlugPlay - ok
09:52:26.0876 4560 [ ac78df349f0e4cfb8b667c0cfff83cce ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:52:26.0878 4560 Pml Driver HPZ12 - ok
09:52:26.0921 4560 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:52:26.0924 4560 PNRPAutoReg - ok
09:52:26.0943 4560 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:52:26.0957 4560 PNRPsvc - ok
09:52:27.0002 4560 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:52:27.0006 4560 PolicyAgent - ok
09:52:27.0035 4560 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
09:52:27.0045 4560 Power - ok
09:52:27.0075 4560 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:52:27.0075 4560 PptpMiniport - ok
09:52:27.0100 4560 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:52:27.0100 4560 Processor - ok
09:52:27.0140 4560 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:52:27.0145 4560 ProfSvc - ok
09:52:27.0160 4560 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:52:27.0165 4560 ProtectedStorage - ok
09:52:27.0215 4560 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:52:27.0285 4560 Psched - ok
09:52:27.0327 4560 [ 4712cc14e720ecccc0aa16949d18aaf1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
09:52:27.0330 4560 PxHlpa64 - ok
09:52:27.0417 4560 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:52:27.0450 4560 ql2300 - ok
09:52:27.0467 4560 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:52:27.0467 4560 ql40xx - ok
09:52:27.0507 4560 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
09:52:27.0520 4560 QWAVE - ok
09:52:27.0540 4560 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:52:27.0547 4560 QWAVEdrv - ok
09:52:27.0565 4560 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:52:27.0565 4560 RasAcd - ok
09:52:27.0587 4560 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:52:27.0590 4560 RasAgileVpn - ok
09:52:27.0610 4560 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
09:52:27.0615 4560 RasAuto - ok
09:52:27.0650 4560 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:52:27.0652 4560 Rasl2tp - ok
09:52:27.0710 4560 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll
09:52:27.0717 4560 RasMan - ok
09:52:27.0737 4560 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:52:27.0737 4560 RasPppoe - ok
09:52:27.0757 4560 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:52:27.0760 4560 RasSstp - ok
09:52:27.0797 4560 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:52:27.0802 4560 rdbss - ok
09:52:27.0837 4560 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:52:27.0845 4560 rdpbus - ok
09:52:27.0860 4560 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:52:27.0862 4560 RDPCDD - ok
09:52:27.0895 4560 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:52:27.0902 4560 RDPENCDD - ok
09:52:27.0930 4560 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:52:27.0930 4560 RDPREFMP - ok
09:52:27.0972 4560 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:52:27.0975 4560 RDPWD - ok
09:52:28.0027 4560 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:52:28.0100 4560 rdyboost - ok
09:52:28.0153 4560 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:52:28.0165 4560 RemoteAccess - ok
09:52:28.0210 4560 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:52:28.0215 4560 RemoteRegistry - ok
09:52:28.0221 4560 RimUsb - ok
09:52:28.0272 4560 [ c903d49655b4aae46673f0aaa6be0f58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
09:52:28.0273 4560 RimVSerPort - ok
09:52:28.0298 4560 [ 388d3dd1a6457280f3badba9f3acd6b1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
09:52:28.0299 4560 ROOTMODEM - ok
09:52:28.0320 4560 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:52:28.0324 4560 RpcEptMapper - ok
09:52:28.0340 4560 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
09:52:28.0342 4560 RpcLocator - ok
09:52:28.0378 4560 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll
09:52:28.0385 4560 RpcSs - ok
09:52:28.0413 4560 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:52:28.0415 4560 rspndr - ok
09:52:28.0460 4560 [ 502b316947ea887cddd325d4745eb7d0 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
09:52:28.0523 4560 RSUSBSTOR - ok
09:52:28.0583 4560 [ 3b01789ee4eaee97f5eb46b711387d5e ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:52:28.0587 4560 RTL8167 - ok
09:52:28.0608 4560 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe
09:52:28.0610 4560 SamSs - ok
09:52:28.0708 4560 [ 3289766038db2cb14d07dc84392138d5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
09:52:28.0785 4560 SASDIFSV - ok
09:52:28.0841 4560 [ 58a38e75f3316a83c23df6173d41f2b5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
09:52:28.0912 4560 SASKUTIL - ok
09:52:28.0942 4560 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:52:28.0945 4560 sbp2port - ok
09:52:28.0978 4560 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:52:28.0983 4560 SCardSvr - ok
09:52:29.0022 4560 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:52:29.0023 4560 scfilter - ok
09:52:29.0077 4560 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll
09:52:29.0092 4560 Schedule - ok
09:52:29.0116 4560 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll
09:52:29.0117 4560 SCPolicySvc - ok
09:52:29.0149 4560 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:52:29.0155 4560 SDRSVC - ok
09:52:29.0239 4560 [ 16a252022535b680046f6e34e136d378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
09:52:29.0243 4560 SeaPort - ok
09:52:29.0283 4560 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:52:29.0284 4560 secdrv - ok
09:52:29.0317 4560 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll
09:52:29.0319 4560 seclogon - ok
09:52:29.0369 4560 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\system32\sens.dll
09:52:29.0372 4560 SENS - ok
09:52:29.0389 4560 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:52:29.0392 4560 SensrSvc - ok
09:52:29.0411 4560 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:52:29.0415 4560 Serenum - ok
09:52:29.0445 4560 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:52:29.0446 4560 Serial - ok
09:52:29.0464 4560 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:52:29.0465 4560 sermouse - ok
09:52:29.0520 4560 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:52:29.0525 4560 SessionEnv - ok
09:52:29.0564 4560 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:52:29.0565 4560 sffdisk - ok
09:52:29.0578 4560 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:52:29.0579 4560 sffp_mmc - ok
09:52:29.0588 4560 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:52:29.0591 4560 sffp_sd - ok
09:52:29.0626 4560 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:52:29.0633 4560 sfloppy - ok
09:52:29.0687 4560 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:52:29.0697 4560 ShellHWDetection - ok
09:52:29.0737 4560 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:52:29.0738 4560 SiSRaid2 - ok
09:52:29.0764 4560 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:52:29.0766 4560 SiSRaid4 - ok
09:52:29.0833 4560 [ db0405d9aad62f0762e0876ac142b7e1 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:52:29.0835 4560 SkypeUpdate - ok
09:52:29.0862 4560 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:52:29.0864 4560 Smb - ok
09:52:29.0923 4560 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:52:29.0935 4560 SNMPTRAP - ok
09:52:29.0952 4560 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:52:29.0959 4560 spldr - ok
09:52:30.0004 4560 [ 85daa09a98c9286d4ea2ba8d0e644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:52:30.0013 4560 Spooler - ok
09:52:30.0140 4560 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe
09:52:30.0163 4560 sppsvc - ok
09:52:30.0200 4560 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:52:30.0212 4560 sppuinotify - ok
09:52:30.0260 4560 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys
09:52:30.0267 4560 srv - ok
09:52:30.0303 4560 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:52:30.0308 4560 srv2 - ok
09:52:30.0325 4560 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:52:30.0327 4560 srvnet - ok
09:52:30.0383 4560 [ 8f8324ed1de63ffc7b1a02cd2d963c72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
09:52:30.0386 4560 ssadbus - ok
09:52:30.0421 4560 [ f7936ac6e8437e10e1ae488ce21f3086 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
09:52:30.0422 4560 ssadmdfl - ok
09:52:30.0458 4560 [ 1fe033372a58c67b3ecca903fc637b36 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
09:52:30.0461 4560 ssadmdm - ok
09:52:30.0519 4560 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:52:30.0525 4560 SSDPSRV - ok
09:52:30.0540 4560 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:52:30.0544 4560 SstpSvc - ok
09:52:30.0582 4560 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:52:30.0582 4560 stexstor - ok
09:52:30.0637 4560 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll
09:52:30.0672 4560 stisvc - ok
09:52:30.0702 4560 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:52:30.0707 4560 swenum - ok
09:52:30.0749 4560 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
09:52:30.0759 4560 swprv - ok
09:52:30.0841 4560 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll
09:52:30.0861 4560 SysMain - ok
09:52:30.0888 4560 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:52:30.0891 4560 TabletInputService - ok
09:52:30.0914 4560 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:52:30.0969 4560 TapiSrv - ok
09:52:30.0999 4560 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
09:52:31.0001 4560 TBS - ok
09:52:31.0093 4560 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:52:31.0106 4560 Tcpip - ok
09:52:31.0145 4560 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:52:31.0156 4560 TCPIP6 - ok
09:52:31.0188 4560 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:52:31.0189 4560 tcpipreg - ok
09:52:31.0235 4560 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:52:31.0236 4560 TDPIPE - ok
09:52:31.0272 4560 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:52:31.0273 4560 TDTCP - ok
09:52:31.0307 4560 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:52:31.0309 4560 tdx - ok
09:52:31.0325 4560 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:52:31.0326 4560 TermDD - ok
09:52:31.0373 4560 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll
09:52:31.0385 4560 TermService - ok
09:52:31.0426 4560 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
09:52:31.0438 4560 Themes - ok
09:52:31.0457 4560 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
09:52:31.0459 4560 THREADORDER - ok
09:52:31.0555 4560 [ 3199a477f0f06eede41bd55179f8eb05 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
09:52:31.0557 4560 TomTomHOMEService - ok
09:52:31.0583 4560 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
09:52:31.0589 4560 TrkWks - ok
09:52:31.0647 4560 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:52:31.0650 4560 TrustedInstaller - ok
09:52:31.0691 4560 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:52:31.0692 4560 tssecsrv - ok
09:52:31.0750 4560 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:52:31.0752 4560 TsUsbFlt - ok
09:52:31.0799 4560 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:52:31.0801 4560 tunnel - ok
09:52:31.0838 4560 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:52:31.0839 4560 uagp35 - ok
09:52:31.0888 4560 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:52:31.0893 4560 udfs - ok
09:52:31.0952 4560 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:52:31.0964 4560 UI0Detect - ok
09:52:32.0001 4560 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:52:32.0002 4560 uliagpkx - ok
09:52:32.0077 4560 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\drivers\umbus.sys
09:52:32.0078 4560 umbus - ok
09:52:32.0117 4560 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:52:32.0118 4560 UmPass - ok
09:52:32.0160 4560 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
09:52:32.0164 4560 upnphost - ok
09:52:32.0224 4560 [ 82e8f44688e6fac57b5b7c6fc7adbc2a ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:52:32.0226 4560 usbaudio - ok
09:52:32.0261 4560 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:52:32.0262 4560 usbccgp - ok
09:52:32.0301 4560 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:52:32.0310 4560 usbcir - ok
09:52:32.0341 4560 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:52:32.0342 4560 usbehci - ok
09:52:32.0387 4560 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:52:32.0392 4560 usbhub - ok
09:52:32.0432 4560 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:52:32.0433 4560 usbohci - ok
09:52:32.0475 4560 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:52:32.0476 4560 usbprint - ok
09:52:32.0512 4560 [ aaa2513c8aed8b54b189fd0c6b1634c0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:52:32.0513 4560 usbscan - ok
09:52:32.0556 4560 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
09:52:32.0557 4560 USBSTOR - ok
09:52:32.0575 4560 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:52:32.0576 4560 usbuhci - ok
09:52:32.0634 4560 [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
09:52:32.0636 4560 usbvideo - ok
09:52:32.0674 4560 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
09:52:32.0680 4560 UxSms - ok
09:52:32.0696 4560 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe
09:52:32.0698 4560 VaultSvc - ok
09:52:32.0757 4560 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:52:32.0758 4560 vdrvroot - ok
09:52:32.0821 4560 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe
09:52:32.0829 4560 vds - ok
09:52:32.0870 4560 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:52:32.0871 4560 vga - ok
09:52:32.0891 4560 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
09:52:32.0899 4560 VgaSave - ok
09:52:32.0941 4560 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:52:32.0942 4560 vhdmp - ok
09:52:32.0980 4560 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:52:32.0981 4560 viaide - ok
09:52:33.0001 4560 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:52:33.0063 4560 volmgr - ok
09:52:33.0100 4560 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:52:33.0103 4560 volmgrx - ok
09:52:33.0129 4560 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:52:33.0188 4560 volsnap - ok
09:52:33.0232 4560 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:52:33.0235 4560 vsmraid - ok
09:52:33.0307 4560 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe
09:52:33.0328 4560 VSS - ok
09:52:33.0341 4560 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:52:33.0343 4560 vwifibus - ok
09:52:33.0379 4560 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:52:33.0381 4560 vwififlt - ok
09:52:33.0414 4560 [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:52:33.0415 4560 vwifimp - ok
09:52:33.0450 4560 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
09:52:33.0458 4560 W32Time - ok
09:52:33.0479 4560 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:52:33.0480 4560 WacomPen - ok
09:52:33.0533 4560 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:52:33.0596 4560 WANARP - ok
09:52:33.0600 4560 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:52:33.0651 4560 Wanarpv6 - ok
09:52:33.0743 4560 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:52:33.0811 4560 WatAdminSvc - ok
09:52:33.0885 4560 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe
09:52:33.0958 4560 wbengine - ok
09:52:34.0015 4560 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:52:34.0025 4560 WbioSrvc - ok
09:52:34.0065 4560 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:52:34.0075 4560 wcncsvc - ok
09:52:34.0095 4560 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:52:34.0095 4560 WcsPlugInService - ok
09:52:34.0135 4560 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:52:34.0135 4560 Wd - ok
09:52:34.0165 4560 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:52:34.0175 4560 Wdf01000 - ok
09:52:34.0185 4560 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:52:34.0195 4560 WdiServiceHost - ok
09:52:34.0195 4560 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:52:34.0195 4560 WdiSystemHost - ok
09:52:34.0235 4560 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:52:34.0235 4560 WebClient - ok
09:52:34.0265 4560 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:52:34.0265 4560 Wecsvc - ok
09:52:34.0285 4560 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:52:34.0295 4560 wercplsupport - ok
09:52:34.0335 4560 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:52:34.0335 4560 WerSvc - ok
09:52:34.0375 4560 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:52:34.0375 4560 WfpLwf - ok
09:52:34.0405 4560 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:52:34.0405 4560 WIMMount - ok
09:52:34.0415 4560 WinHttpAutoProxySvc - ok
09:52:34.0480 4560 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:52:34.0490 4560 Winmgmt - ok
09:52:34.0575 4560 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll
09:52:34.0590 4560 WinRM - ok
09:52:34.0655 4560 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:52:34.0655 4560 WinUsb - ok
09:52:34.0710 4560 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
09:52:34.0725 4560 Wlansvc - ok
09:52:34.0878 4560 [ 2bacd71123f42cea603f4e205e1ae337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:52:34.0892 4560 wlidsvc - ok
09:52:34.0968 4560 [ 13b0a570e1ae451c92da550085d72cf3 ] wltrysvc C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
09:52:35.0033 4560 wltrysvc - ok
09:52:35.0062 4560 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:52:35.0069 4560 WmiAcpi - ok
09:52:35.0123 4560 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:52:35.0134 4560 wmiApSrv - ok
09:52:35.0189 4560 WMPNetworkSvc - ok
09:52:35.0228 4560 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:52:35.0230 4560 WPCSvc - ok
09:52:35.0268 4560 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:52:35.0273 4560 WPDBusEnum - ok
09:52:35.0304 4560 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:52:35.0305 4560 ws2ifsl - ok
09:52:35.0313 4560 WSearch - ok
09:52:35.0419 4560 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:52:35.0435 4560 wuauserv - ok
09:52:35.0471 4560 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:52:35.0537 4560 WudfPf - ok
09:52:35.0574 4560 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:52:35.0577 4560 WUDFRd - ok
09:52:35.0614 4560 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:52:35.0621 4560 wudfsvc - ok
09:52:35.0664 4560 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
09:52:35.0671 4560 WwanSvc - ok
09:52:35.0700 4560 ================ Scan global ===============================
09:52:35.0721 4560 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
09:52:35.0764 4560 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
09:52:35.0777 4560 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
09:52:35.0815 4560 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
09:52:35.0856 4560 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
09:52:35.0863 4560 [Global] - ok
09:52:35.0864 4560 ================ Scan MBR ==================================
09:52:35.0879 4560 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:52:36.0327 4560 \Device\Harddisk0\DR0 - ok
09:52:36.0328 4560 ================ Scan VBR ==================================
09:52:36.0354 4560 Boot (0x1200) (a4623d7e46a0fb16bb5ae4b5db0bd957) \Device\Harddisk0\DR0\Partition1
09:52:36.0357 4560 \Device\Harddisk0\DR0\Partition1 - ok
09:52:36.0383 4560 Boot (0x1200) (5fbeec304255b89f9f44bfbc42ea0a09) \Device\Harddisk0\DR0\Partition2
09:52:36.0385 4560 \Device\Harddisk0\DR0\Partition2 - ok
09:52:36.0408 4560 Boot (0x1200) (9bc7b4ece071031515443f6f51f20af1) \Device\Harddisk0\DR0\Partition3
09:52:36.0411 4560 \Device\Harddisk0\DR0\Partition3 - ok
09:52:36.0413 4560 ============================================================
09:52:36.0413 4560 Scan finished
09:52:36.0413 4560 ============================================================
09:52:36.0430 0516 Detected object count: 0
09:52:36.0430 0516 Actual detected object count: 0

Here is the log for aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-19 09:58:31
-----------------------------
09:58:31.867 OS Version: Windows x64 6.1.7601 Service Pack 1
09:58:31.867 Number of processors: 4 586 0x2502
09:58:31.882 ComputerName: RICK-PC UserName: Rick
09:58:33.208 Initialize success
09:59:39.529 AVAST engine defs: 12081900
10:00:22.148 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:00:22.148 Disk 0 Vendor: SAMSUNG_HM320II 2AC101C4 Size: 305245MB BusType: 11
10:00:22.179 Disk 0 MBR read successfully
10:00:22.179 Disk 0 MBR scan
10:00:22.195 Disk 0 Windows 7 default MBR code
10:00:22.210 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
10:00:22.226 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 10000 MB offset 206848
10:00:22.242 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 60000 MB offset 20686848
10:00:22.242 Disk 0 Partition - 00 0F Extended LBA 235143 MB offset 143566848
10:00:22.257 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 235142 MB offset 143568896
10:00:22.288 Disk 0 scanning C:\Windows\system32\drivers
10:00:37.202 Service scanning
10:01:05.423 Modules scanning
10:01:05.937 Disk 0 trace - called modules:
10:01:05.953 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
10:01:05.969 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c09790]
10:01:05.984 3 CLASSPNP.SYS[fffff8800166c43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80049133b0]
10:01:06.998 AVAST engine scan C:\Windows
10:01:12.645 AVAST engine scan C:\Windows\system32
10:05:22.484 AVAST engine scan C:\Windows\system32\drivers
10:05:38.942 AVAST engine scan C:\Users\Rick
10:05:40.284 File: C:\Users\Rick\AppData\Local\Blizzard Entertainment\eiackorc.dll **INFECTED** Win32:Trojan-gen
10:16:36.276 AVAST engine scan C:\ProgramData
10:21:08.340 Scan finished successfully
10:21:36.093 Disk 0 MBR has been saved successfully to "D:\Computer\MBR.dat"
10:21:36.093 The log file has been saved successfully to "D:\Computer\aswMBR.txt"

Here is the list of ESET found threats:
C:\Users\Rick\AppData\Local\Blizzard Entertainment\eiackorc.dll Win32/Kryptik.AKGO.Gen trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Rick\AppData\Local\Temp\NOD25E3.tmp Win32/Kryptik.AKGO.Gen trojan cleaned by deleting (after the next restart) - quarantined
D:\setup-converterlite-ic-1.2.0.exe a variant of Win32/InstallCore.P application cleaned by deleting - quarantined

N2thewind

#4 n2thewind

n2thewind
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 19 August 2012 - 12:28 PM

I found that I still can't start the Windows Firewall. I got the following message: 'There was an error opening the Windows Firewall with Advanced Security snap-in. The Windows Firewall with Advanced Security smap-in failed to load. Restart the Windows Firewall Service on the computer that you are managing. Error Code Ox6D9.

I also still cannot get the McAfee Firewall to turn on. When I try to turn it on it immediately turns off again.

When I ran the anti-malware software I'm not sure I had the Microsoft and McAfee security applications fully disabled.

#5 n2thewind

n2thewind
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 19 August 2012 - 04:05 PM

OK..I think I have all the vermin cleared out and one of the McAfee Tier 2 tech's cleaned up my registry where the firewall and scanning tool is working again.

Thanks to NarenXP for his very responsive assistance in cleaning up my system. This is a great forum!

I will post again if additional issues pop up.

One question..since I foolishly did not make recovery disks when I bought my laptop should I make them now?

N2thewind

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:14 AM

Posted 19 August 2012 - 10:05 PM

Yes, you can create one now

If you feel there are no other issues

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users