Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TR/ATRAPS.GEN2 Trojan


  • Please log in to reply
18 replies to this topic

#1 xxdemonic

xxdemonic

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 23 August 2012 - 02:14 PM

So this is what Avira and Malwarebytes is coming up with TR/ATRAPS.GEN2 Trojan

Avira now reports I have 4 of these it use to be 1.

Anyhelp on what to do is really appreciated.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 23 August 2012 - 02:18 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 xxdemonic

xxdemonic
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 24 August 2012 - 05:16 PM

How do I upload the scan results?

#4 xxdemonic

xxdemonic
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 24 August 2012 - 05:24 PM

15:23:25.0767 5324 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
15:23:26.0000 5324 ============================================================
15:23:26.0000 5324 Current date / time: 2012/08/23 15:23:26.0000
15:23:26.0000 5324 SystemInfo:
15:23:26.0000 5324
15:23:26.0000 5324 OS Version: 6.1.7601 ServicePack: 1.0
15:23:26.0000 5324 Product type: Workstation
15:23:26.0000 5324 ComputerName: XXDEMO-PC
15:23:26.0000 5324 UserName: xxdemo
15:23:26.0000 5324 Windows directory: C:\Windows
15:23:26.0000 5324 System windows directory: C:\Windows
15:23:26.0000 5324 Running under WOW64
15:23:26.0001 5324 Processor architecture: Intel x64
15:23:26.0001 5324 Number of processors: 4
15:23:26.0001 5324 Page size: 0x1000
15:23:26.0001 5324 Boot type: Normal boot
15:23:26.0001 5324 ============================================================
15:23:26.0275 5324 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:23:26.0279 5324 ============================================================
15:23:26.0279 5324 \Device\Harddisk0\DR0:
15:23:26.0279 5324 MBR partitions:
15:23:26.0279 5324 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x279F000
15:23:26.0279 5324 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x27B3000, BlocksNum 0x54D92800
15:23:26.0279 5324 ============================================================
15:23:26.0297 5324 C: <-> \Device\Harddisk0\DR0\Partition2
15:23:26.0297 5324 ============================================================
15:23:26.0297 5324 Initialize success
15:23:26.0297 5324 ============================================================
15:23:44.0603 4676 ============================================================
15:23:44.0603 4676 Scan started
15:23:44.0603 4676 Mode: Manual; TDLFS;
15:23:44.0603 4676 ============================================================
15:23:44.0771 4676 ================ Scan system memory ========================
15:23:44.0771 4676 System memory - ok
15:23:44.0771 4676 ================ Scan services =============================
15:23:44.0897 4676 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:23:44.0899 4676 1394ohci - ok
15:23:44.0919 4676 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:23:44.0923 4676 ACPI - ok
15:23:44.0928 4676 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:23:44.0929 4676 AcpiPmi - ok
15:23:45.0020 4676 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
15:23:45.0021 4676 AdobeActiveFileMonitor9.0 - ok
15:23:45.0080 4676 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:23:45.0080 4676 AdobeARMservice - ok
15:23:45.0211 4676 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:23:45.0213 4676 AdobeFlashPlayerUpdateSvc - ok
15:23:45.0245 4676 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:23:45.0248 4676 adp94xx - ok
15:23:45.0273 4676 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:23:45.0276 4676 adpahci - ok
15:23:45.0280 4676 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:23:45.0281 4676 adpu320 - ok
15:23:45.0295 4676 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:23:45.0296 4676 AeLookupSvc - ok
15:23:45.0327 4676 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:23:45.0331 4676 AFD - ok
15:23:45.0391 4676 [ 4F2688F7399DC9A8C3078887E359095E ] AffinegyService C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
15:23:45.0395 4676 AffinegyService - ok
15:23:45.0404 4676 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:23:45.0405 4676 agp440 - ok
15:23:45.0417 4676 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:23:45.0417 4676 ALG - ok
15:23:45.0419 4676 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:23:45.0420 4676 aliide - ok
15:23:45.0449 4676 [ 6B86F165C7D518CDB70804D82AC3ACD5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:23:45.0451 4676 AMD External Events Utility - ok
15:23:45.0461 4676 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:23:45.0461 4676 amdide - ok
15:23:45.0464 4676 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:23:45.0464 4676 AmdK8 - ok
15:23:45.0605 4676 [ 116176D9B55DDA2C5494DF5611E246A7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:23:45.0743 4676 amdkmdag - ok
15:23:45.0765 4676 [ 29A5ACBF46308BD283A5F0D93C4686B5 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:23:45.0766 4676 amdkmdap - ok
15:23:45.0783 4676 [ FFCB1F4FEAC8AB77887031F8AD0D7C06 ] amdkmpfd C:\Windows\system32\DRIVERS\amdkmpfd.sys
15:23:45.0784 4676 amdkmpfd - ok
15:23:45.0787 4676 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:23:45.0788 4676 AmdPPM - ok
15:23:45.0802 4676 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:23:45.0802 4676 amdsata - ok
15:23:45.0807 4676 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:23:45.0808 4676 amdsbs - ok
15:23:45.0819 4676 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:23:45.0820 4676 amdxata - ok
15:23:45.0845 4676 [ 449D90F1FB6402773C2F1ECCEAE15F74 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
15:23:45.0846 4676 AMPPAL - ok
15:23:45.0854 4676 [ 449D90F1FB6402773C2F1ECCEAE15F74 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
15:23:45.0855 4676 AMPPALP - ok
15:23:45.0912 4676 [ AB6E5B9333101E414D8F04BC570064F1 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
15:23:45.0915 4676 AMPPALR3 - ok
15:23:46.0061 4676 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:23:46.0062 4676 AntiVirSchedulerService - ok
15:23:46.0084 4676 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:23:46.0085 4676 AntiVirService - ok
15:23:46.0118 4676 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:23:46.0118 4676 AppID - ok
15:23:46.0141 4676 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:23:46.0142 4676 AppIDSvc - ok
15:23:46.0150 4676 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:23:46.0150 4676 Appinfo - ok
15:23:46.0201 4676 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:23:46.0202 4676 Apple Mobile Device - ok
15:23:46.0217 4676 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:23:46.0218 4676 arc - ok
15:23:46.0223 4676 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:23:46.0223 4676 arcsas - ok
15:23:46.0278 4676 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:23:46.0278 4676 aspnet_state - ok
15:23:46.0288 4676 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:23:46.0289 4676 AsyncMac - ok
15:23:46.0309 4676 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:23:46.0310 4676 atapi - ok
15:23:46.0329 4676 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:23:46.0333 4676 AudioEndpointBuilder - ok
15:23:46.0346 4676 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:23:46.0349 4676 AudioSrv - ok
15:23:46.0362 4676 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:23:46.0363 4676 avgntflt - ok
15:23:46.0386 4676 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:23:46.0387 4676 avipbb - ok
15:23:46.0397 4676 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:23:46.0397 4676 avkmgr - ok
15:23:46.0410 4676 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:23:46.0411 4676 AxInstSV - ok
15:23:46.0430 4676 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:23:46.0434 4676 b06bdrv - ok
15:23:46.0470 4676 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:23:46.0472 4676 b57nd60a - ok
15:23:46.0477 4676 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:23:46.0478 4676 BDESVC - ok
15:23:46.0494 4676 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:23:46.0495 4676 Beep - ok
15:23:46.0497 4676 BFE - ok
15:23:46.0524 4676 BITCOMET_HELPER_SERVICE - ok
15:23:46.0542 4676 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:23:46.0542 4676 blbdrive - ok
15:23:46.0593 4676 [ A52EA1D8C2900055323C93DDB252A3DA ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
15:23:46.0598 4676 Bluetooth Device Monitor - ok
15:23:46.0621 4676 [ 091210450CA7CED08F360D9D7FEC5D11 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
15:23:46.0627 4676 Bluetooth Media Service - ok
15:23:46.0656 4676 [ 392450754E17FF778CBC5B9D20583AD1 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
15:23:46.0661 4676 Bluetooth OBEX Service - ok
15:23:46.0707 4676 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:23:46.0710 4676 Bonjour Service - ok
15:23:46.0734 4676 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:23:46.0735 4676 bowser - ok
15:23:46.0745 4676 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:23:46.0745 4676 BrFiltLo - ok
15:23:46.0748 4676 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:23:46.0748 4676 BrFiltUp - ok
15:23:46.0755 4676 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:23:46.0756 4676 BridgeMP - ok
15:23:46.0786 4676 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:23:46.0787 4676 Browser - ok
15:23:46.0791 4676 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:23:46.0793 4676 Brserid - ok
15:23:46.0796 4676 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:23:46.0797 4676 BrSerWdm - ok
15:23:46.0799 4676 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:23:46.0799 4676 BrUsbMdm - ok
15:23:46.0805 4676 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:23:46.0805 4676 BrUsbSer - ok
15:23:46.0851 4676 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:23:46.0851 4676 BthEnum - ok
15:23:46.0855 4676 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:23:46.0856 4676 BTHMODEM - ok
15:23:46.0875 4676 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:23:46.0876 4676 BthPan - ok
15:23:46.0910 4676 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:23:46.0914 4676 BTHPORT - ok
15:23:46.0949 4676 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:23:46.0950 4676 bthserv - ok
15:23:46.0960 4676 [ 588762F716C2B7A2054AFBC3D58E5C21 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
15:23:46.0961 4676 BTHSSecurityMgr - ok
15:23:46.0985 4676 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:23:46.0986 4676 BTHUSB - ok
15:23:46.0995 4676 [ 988CC6CC49303665D3B2435C51505C3F ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
15:23:46.0995 4676 btmaux - ok
15:23:47.0009 4676 [ 2B4B508AFAC2A563931AF1FE875A5B16 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
15:23:47.0015 4676 btmhsf - ok
15:23:47.0054 4676 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:23:47.0055 4676 cdfs - ok
15:23:47.0068 4676 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:23:47.0069 4676 cdrom - ok
15:23:47.0087 4676 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:23:47.0087 4676 CertPropSvc - ok
15:23:47.0101 4676 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:23:47.0101 4676 circlass - ok
15:23:47.0120 4676 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:23:47.0122 4676 CLFS - ok
15:23:47.0169 4676 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:23:47.0169 4676 clr_optimization_v2.0.50727_32 - ok
15:23:47.0198 4676 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:23:47.0199 4676 clr_optimization_v2.0.50727_64 - ok
15:23:47.0250 4676 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:23:47.0251 4676 clr_optimization_v4.0.30319_32 - ok
15:23:47.0264 4676 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:23:47.0265 4676 clr_optimization_v4.0.30319_64 - ok
15:23:47.0276 4676 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:23:47.0276 4676 CmBatt - ok
15:23:47.0279 4676 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:23:47.0279 4676 cmdide - ok
15:23:47.0311 4676 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:23:47.0315 4676 CNG - ok
15:23:47.0359 4676 [ 97238AC8006C14EAF80E374D3B81C2B3 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
15:23:47.0365 4676 CnxtHdAudService - ok
15:23:47.0382 4676 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:23:47.0383 4676 Compbatt - ok
15:23:47.0389 4676 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:23:47.0390 4676 CompositeBus - ok
15:23:47.0394 4676 COMSysApp - ok
15:23:47.0452 4676 [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:23:47.0453 4676 cphs - ok
15:23:47.0469 4676 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:23:47.0470 4676 crcdisk - ok
15:23:47.0501 4676 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:23:47.0503 4676 CryptSvc - ok
15:23:47.0530 4676 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
15:23:47.0531 4676 CtClsFlt - ok
15:23:47.0604 4676 [ 61A86809B62769643892BC0812B204AA ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:23:47.0610 4676 cvhsvc - ok
15:23:47.0645 4676 [ 9A59DF2CA690019FEA3B265D5A7EB619 ] CxUtilSvc C:\Program Files\Conexant\SA3\CxUtilSvc.exe
15:23:47.0645 4676 CxUtilSvc - ok
15:23:47.0665 4676 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:23:47.0670 4676 DcomLaunch - ok
15:23:47.0689 4676 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:23:47.0692 4676 defragsvc - ok
15:23:47.0735 4676 [ A97BD43C2628D7274C88A3B4CE785EFB ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
15:23:47.0735 4676 DellDigitalDelivery - ok
15:23:47.0747 4676 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:23:47.0748 4676 DfsC - ok
15:23:47.0761 4676 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:23:47.0763 4676 Dhcp - ok
15:23:47.0776 4676 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:23:47.0776 4676 discache - ok
15:23:47.0799 4676 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:23:47.0800 4676 Disk - ok
15:23:47.0819 4676 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:23:47.0820 4676 Dnscache - ok
15:23:47.0828 4676 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:23:47.0830 4676 dot3svc - ok
15:23:47.0839 4676 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:23:47.0840 4676 DPS - ok
15:23:47.0854 4676 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:23:47.0854 4676 drmkaud - ok
15:23:47.0875 4676 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:23:47.0879 4676 DXGKrnl - ok
15:23:47.0892 4676 EagleX64 - ok
15:23:47.0904 4676 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:23:47.0905 4676 EapHost - ok
15:23:47.0957 4676 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:23:47.0997 4676 ebdrv - ok
15:23:48.0013 4676 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:23:48.0014 4676 EFS - ok
15:23:48.0051 4676 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:23:48.0057 4676 ehRecvr - ok
15:23:48.0087 4676 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:23:48.0087 4676 ehSched - ok
15:23:48.0103 4676 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:23:48.0107 4676 elxstor - ok
15:23:48.0110 4676 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:23:48.0110 4676 ErrDev - ok
15:23:48.0148 4676 [ 3B1F66A4E400D7ACF90D233D47DE6C7E ] ETD C:\Windows\system32\DRIVERS\ETD.sys
15:23:48.0149 4676 ETD - ok
15:23:48.0166 4676 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:23:48.0168 4676 EventSystem - ok
15:23:48.0228 4676 [ 64D25284A4E9D11CA0722AF3F30FD970 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:23:48.0233 4676 EvtEng - ok
15:23:48.0248 4676 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:23:48.0250 4676 exfat - ok
15:23:48.0254 4676 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:23:48.0256 4676 fastfat - ok
15:23:48.0282 4676 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:23:48.0287 4676 Fax - ok
15:23:48.0290 4676 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:23:48.0290 4676 fdc - ok
15:23:48.0310 4676 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:23:48.0310 4676 fdPHost - ok
15:23:48.0324 4676 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:23:48.0324 4676 FDResPub - ok
15:23:48.0332 4676 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:23:48.0332 4676 FileInfo - ok
15:23:48.0344 4676 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:23:48.0344 4676 Filetrace - ok
15:23:48.0346 4676 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:23:48.0347 4676 flpydisk - ok
15:23:48.0352 4676 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:23:48.0354 4676 FltMgr - ok
15:23:48.0382 4676 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:23:48.0396 4676 FontCache - ok
15:23:48.0450 4676 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:23:48.0451 4676 FontCache3.0.0.0 - ok
15:23:48.0454 4676 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:23:48.0455 4676 FsDepends - ok
15:23:48.0463 4676 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:23:48.0464 4676 Fs_Rec - ok
15:23:48.0473 4676 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:23:48.0475 4676 fvevol - ok
15:23:48.0489 4676 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:23:48.0489 4676 gagp30kx - ok
15:23:48.0526 4676 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
15:23:48.0527 4676 GamesAppService - ok
15:23:48.0559 4676 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:23:48.0559 4676 GEARAspiWDM - ok
15:23:48.0574 4676 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:23:48.0580 4676 gpsvc - ok
15:23:48.0607 4676 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:23:48.0608 4676 hcw85cir - ok
15:23:48.0637 4676 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:23:48.0640 4676 HdAudAddService - ok
15:23:48.0667 4676 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:23:48.0667 4676 HDAudBus - ok
15:23:48.0670 4676 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:23:48.0670 4676 HidBatt - ok
15:23:48.0679 4676 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:23:48.0680 4676 HidBth - ok
15:23:48.0683 4676 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:23:48.0684 4676 HidIr - ok
15:23:48.0696 4676 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
15:23:48.0697 4676 hidserv - ok
15:23:48.0713 4676 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:23:48.0714 4676 HidUsb - ok
15:23:48.0729 4676 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:23:48.0730 4676 hkmsvc - ok
15:23:48.0744 4676 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:23:48.0747 4676 HomeGroupListener - ok
15:23:48.0760 4676 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:23:48.0762 4676 HomeGroupProvider - ok
15:23:48.0766 4676 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:23:48.0767 4676 HpSAMD - ok
15:23:48.0784 4676 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:23:48.0790 4676 HTTP - ok
15:23:48.0799 4676 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:23:48.0799 4676 hwpolicy - ok
15:23:48.0821 4676 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:23:48.0821 4676 i8042prt - ok
15:23:48.0841 4676 [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:23:48.0844 4676 iaStor - ok
15:23:48.0893 4676 [ 545462D0DBE24AF379BA869B7C185CCD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
15:23:48.0893 4676 IAStorDataMgrSvc - ok
15:23:48.0910 4676 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:23:48.0913 4676 iaStorV - ok
15:23:48.0936 4676 [ 60CC7AE9AEDB4D1E7923BD053B176D97 ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
15:23:48.0936 4676 ibtfltcoex - ok
15:23:48.0973 4676 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:23:48.0980 4676 idsvc - ok
15:23:49.0031 4676 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:23:49.0032 4676 iirsp - ok
15:23:49.0063 4676 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:23:49.0071 4676 IKEEXT - ok
15:23:49.0099 4676 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
15:23:49.0100 4676 intaud_WaveExtensible - ok
15:23:49.0132 4676 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:23:49.0135 4676 IntcDAud - ok
15:23:49.0168 4676 [ 7C76466F4E0F76CE259C6005D161E9E8 ] Intel® Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
15:23:49.0173 4676 Intel® Capability Licensing Service Interface - ok
15:23:49.0195 4676 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:23:49.0196 4676 intelide - ok
15:23:49.0379 4676 [ 371D7F91C0D2314EB984A4A6CBEABC92 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
15:23:49.0563 4676 intelkmd - ok
15:23:49.0580 4676 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:23:49.0580 4676 intelppm - ok
15:23:49.0594 4676 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:23:49.0596 4676 IPBusEnum - ok
15:23:49.0599 4676 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:23:49.0599 4676 IpFilterDriver - ok
15:23:49.0626 4676 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:23:49.0630 4676 iphlpsvc - ok
15:23:49.0634 4676 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:23:49.0634 4676 IPMIDRV - ok
15:23:49.0637 4676 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:23:49.0638 4676 IPNAT - ok
15:23:49.0695 4676 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:23:49.0700 4676 iPod Service - ok
15:23:49.0713 4676 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:23:49.0713 4676 IRENUM - ok
15:23:49.0719 4676 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:23:49.0720 4676 isapnp - ok
15:23:49.0732 4676 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:23:49.0734 4676 iScsiPrt - ok
15:23:49.0752 4676 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
15:23:49.0753 4676 iusb3hcs - ok
15:23:49.0779 4676 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
15:23:49.0781 4676 iusb3hub - ok
15:23:49.0803 4676 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
15:23:49.0807 4676 iusb3xhc - ok
15:23:49.0828 4676 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
15:23:49.0829 4676 iwdbus - ok
15:23:49.0836 4676 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:23:49.0837 4676 kbdclass - ok
15:23:49.0839 4676 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:23:49.0840 4676 kbdhid - ok
15:23:49.0846 4676 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:23:49.0847 4676 KeyIso - ok
15:23:49.0896 4676 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:23:49.0897 4676 KSecDD - ok
15:23:49.0903 4676 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:23:49.0904 4676 KSecPkg - ok
15:23:49.0906 4676 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:23:49.0907 4676 ksthunk - ok
15:23:49.0936 4676 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:23:49.0940 4676 KtmRm - ok
15:23:49.0979 4676 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:23:49.0981 4676 LanmanServer - ok
15:23:49.0989 4676 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:23:49.0990 4676 LanmanWorkstation - ok
15:23:50.0009 4676 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:23:50.0010 4676 lltdio - ok
15:23:50.0034 4676 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:23:50.0037 4676 lltdsvc - ok
15:23:50.0057 4676 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:23:50.0058 4676 lmhosts - ok
15:23:50.0101 4676 [ 5C08357C65F658E29B5DDC2EF18D575C ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:23:50.0102 4676 LMS - ok
15:23:50.0122 4676 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:23:50.0123 4676 LSI_FC - ok
15:23:50.0126 4676 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:23:50.0127 4676 LSI_SAS - ok
15:23:50.0131 4676 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:23:50.0132 4676 LSI_SAS2 - ok
15:23:50.0135 4676 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:23:50.0136 4676 LSI_SCSI - ok
15:23:50.0146 4676 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:23:50.0147 4676 luafv - ok
15:23:50.0170 4676 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:23:50.0171 4676 MBAMProtector - ok
15:23:50.0194 4676 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:23:50.0197 4676 MBAMService - ok
15:23:50.0207 4676 McMPFSvc - ok
15:23:50.0209 4676 mcmscsvc - ok
15:23:50.0217 4676 McNaiAnn - ok
15:23:50.0234 4676 McNASvc - ok
15:23:50.0236 4676 McODS - ok
15:23:50.0239 4676 McProxy - ok
15:23:50.0257 4676 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:23:50.0258 4676 Mcx2Svc - ok
15:23:50.0260 4676 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:23:50.0261 4676 megasas - ok
15:23:50.0266 4676 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:23:50.0268 4676 MegaSR - ok
15:23:50.0283 4676 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:23:50.0283 4676 MEIx64 - ok
15:23:50.0295 4676 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:23:50.0296 4676 MMCSS - ok
15:23:50.0299 4676 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:23:50.0299 4676 Modem - ok
15:23:50.0307 4676 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:23:50.0308 4676 monitor - ok
15:23:50.0315 4676 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:23:50.0315 4676 mouclass - ok
15:23:50.0330 4676 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:23:50.0330 4676 mouhid - ok
15:23:50.0337 4676 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:23:50.0337 4676 mountmgr - ok
15:23:50.0356 4676 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:23:50.0356 4676 MozillaMaintenance - ok
15:23:50.0366 4676 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:23:50.0366 4676 mpio - ok
15:23:50.0377 4676 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:23:50.0378 4676 mpsdrv - ok
15:23:50.0382 4676 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:23:50.0382 4676 MRxDAV - ok
15:23:50.0390 4676 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:23:50.0391 4676 mrxsmb - ok
15:23:50.0400 4676 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:23:50.0402 4676 mrxsmb10 - ok
15:23:50.0410 4676 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:23:50.0411 4676 mrxsmb20 - ok
15:23:50.0429 4676 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:23:50.0430 4676 msahci - ok
15:23:50.0443 4676 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:23:50.0443 4676 msdsm - ok
15:23:50.0461 4676 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:23:50.0462 4676 MSDTC - ok
15:23:50.0484 4676 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:23:50.0485 4676 Msfs - ok
15:23:50.0496 4676 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:23:50.0496 4676 mshidkmdf - ok
15:23:50.0506 4676 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:23:50.0506 4676 msisadrv - ok
15:23:50.0528 4676 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:23:50.0529 4676 MSiSCSI - ok
15:23:50.0532 4676 msiserver - ok
15:23:50.0534 4676 MSK80Service - ok
15:23:50.0556 4676 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:23:50.0556 4676 MSKSSRV - ok
15:23:50.0559 4676 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:23:50.0559 4676 MSPCLOCK - ok
15:23:50.0568 4676 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:23:50.0568 4676 MSPQM - ok
15:23:50.0588 4676 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:23:50.0591 4676 MsRPC - ok
15:23:50.0612 4676 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:23:50.0612 4676 mssmbios - ok
15:23:50.0622 4676 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:23:50.0623 4676 MSTEE - ok
15:23:50.0625 4676 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:23:50.0625 4676 MTConfig - ok
15:23:50.0640 4676 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:23:50.0640 4676 Mup - ok
15:23:50.0662 4676 [ E3B58E3011B207C5289D11173B30E298 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:23:50.0663 4676 MyWiFiDHCPDNS - ok
15:23:50.0688 4676 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:23:50.0692 4676 napagent - ok
15:23:50.0716 4676 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:23:50.0718 4676 NativeWifiP - ok
15:23:50.0814 4676 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
15:23:50.0819 4676 NAUpdate - ok
15:23:50.0852 4676 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:23:50.0859 4676 NDIS - ok
15:23:50.0888 4676 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:23:50.0888 4676 NdisCap - ok
15:23:50.0906 4676 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:23:50.0906 4676 NdisTapi - ok
15:23:50.0916 4676 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:23:50.0917 4676 Ndisuio - ok
15:23:50.0928 4676 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:23:50.0929 4676 NdisWan - ok
15:23:50.0939 4676 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:23:50.0941 4676 NDProxy - ok
15:23:50.0949 4676 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:23:50.0949 4676 NetBIOS - ok
15:23:50.0962 4676 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:23:50.0963 4676 NetBT - ok
15:23:50.0972 4676 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:23:50.0973 4676 Netlogon - ok
15:23:50.0991 4676 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:23:50.0995 4676 Netman - ok
15:23:51.0025 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:23:51.0026 4676 NetMsmqActivator - ok
15:23:51.0030 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:23:51.0031 4676 NetPipeActivator - ok
15:23:51.0038 4676 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:23:51.0042 4676 netprofm - ok
15:23:51.0045 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:23:51.0046 4676 NetTcpActivator - ok
15:23:51.0049 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:23:51.0050 4676 NetTcpPortSharing - ok
15:23:51.0205 4676 [ B51E9AD4F4E4F8DBE0AB882756BC5DAB ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
15:23:51.0368 4676 NETwNs64 - ok
15:23:51.0378 4676 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:23:51.0379 4676 nfrd960 - ok
15:23:51.0392 4676 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:23:51.0394 4676 NlaSvc - ok
15:23:51.0475 4676 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
15:23:51.0516 4676 NOBU - ok
15:23:51.0525 4676 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:23:51.0526 4676 Npfs - ok
15:23:51.0538 4676 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:23:51.0539 4676 nsi - ok
15:23:51.0549 4676 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:23:51.0549 4676 nsiproxy - ok
15:23:51.0581 4676 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:23:51.0606 4676 Ntfs - ok
15:23:51.0612 4676 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:23:51.0613 4676 Null - ok
15:23:51.0632 4676 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:23:51.0633 4676 nvraid - ok
15:23:51.0639 4676 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:23:51.0640 4676 nvstor - ok
15:23:51.0661 4676 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:23:51.0662 4676 nv_agp - ok
15:23:51.0666 4676 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:23:51.0667 4676 ohci1394 - ok
15:23:51.0712 4676 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:23:51.0713 4676 ose - ok
15:23:51.0813 4676 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:23:51.0916 4676 osppsvc - ok
15:23:51.0944 4676 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:23:51.0947 4676 p2pimsvc - ok
15:23:51.0969 4676 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:23:51.0973 4676 p2psvc - ok
15:23:51.0985 4676 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:23:51.0986 4676 Parport - ok
15:23:52.0002 4676 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:23:52.0003 4676 partmgr - ok
15:23:52.0013 4676 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:23:52.0015 4676 PcaSvc - ok
15:23:52.0033 4676 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:23:52.0034 4676 pci - ok
15:23:52.0054 4676 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:23:52.0054 4676 pciide - ok
15:23:52.0059 4676 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:23:52.0060 4676 pcmcia - ok
15:23:52.0072 4676 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:23:52.0073 4676 pcw - ok
15:23:52.0091 4676 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:23:52.0095 4676 PEAUTH - ok
15:23:52.0152 4676 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:23:52.0153 4676 PerfHost - ok
15:23:52.0180 4676 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:23:52.0205 4676 pla - ok
15:23:52.0232 4676 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:23:52.0235 4676 PlugPlay - ok
15:23:52.0248 4676 PnkBstrA - ok
15:23:52.0255 4676 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:23:52.0256 4676 PNRPAutoReg - ok
15:23:52.0265 4676 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:23:52.0267 4676 PNRPsvc - ok
15:23:52.0288 4676 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:23:52.0292 4676 PolicyAgent - ok
15:23:52.0315 4676 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
15:23:52.0317 4676 Power - ok
15:23:52.0324 4676 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:23:52.0325 4676 PptpMiniport - ok
15:23:52.0334 4676 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:23:52.0335 4676 Processor - ok
15:23:52.0370 4676 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:23:52.0372 4676 ProfSvc - ok
15:23:52.0380 4676 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:23:52.0381 4676 ProtectedStorage - ok
15:23:52.0387 4676 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:23:52.0388 4676 Psched - ok
15:23:52.0423 4676 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:23:52.0424 4676 PxHlpa64 - ok
15:23:52.0454 4676 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:23:52.0478 4676 ql2300 - ok
15:23:52.0481 4676 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:23:52.0482 4676 ql40xx - ok
15:23:52.0507 4676 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:23:52.0510 4676 QWAVE - ok
15:23:52.0523 4676 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:23:52.0523 4676 QWAVEdrv - ok
15:23:52.0526 4676 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:23:52.0526 4676 RasAcd - ok
15:23:52.0542 4676 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:23:52.0543 4676 RasAgileVpn - ok
15:23:52.0549 4676 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:23:52.0550 4676 RasAuto - ok
15:23:52.0557 4676 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:23:52.0557 4676 Rasl2tp - ok
15:23:52.0566 4676 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:23:52.0570 4676 RasMan - ok
15:23:52.0582 4676 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:23:52.0583 4676 RasPppoe - ok
15:23:52.0595 4676 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:23:52.0596 4676 RasSstp - ok
15:23:52.0612 4676 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:23:52.0614 4676 rdbss - ok
15:23:52.0621 4676 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:23:52.0621 4676 rdpbus - ok
15:23:52.0632 4676 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:23:52.0632 4676 RDPCDD - ok
15:23:52.0653 4676 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:23:52.0653 4676 RDPENCDD - ok
15:23:52.0662 4676 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:23:52.0662 4676 RDPREFMP - ok
15:23:52.0691 4676 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:23:52.0693 4676 RDPWD - ok
15:23:52.0698 4676 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:23:52.0699 4676 rdyboost - ok
15:23:52.0749 4676 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:23:52.0750 4676 RegSrvc - ok
15:23:52.0774 4676 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:23:52.0775 4676 RemoteAccess - ok
15:23:52.0792 4676 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:23:52.0793 4676 RemoteRegistry - ok
15:23:52.0809 4676 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:23:52.0810 4676 RFCOMM - ok
15:23:52.0831 4676 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:23:52.0833 4676 RpcEptMapper - ok
15:23:52.0852 4676 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:23:52.0853 4676 RpcLocator - ok
15:23:52.0865 4676 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:23:52.0869 4676 RpcSs - ok
15:23:52.0879 4676 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:23:52.0880 4676 rspndr - ok
15:23:52.0906 4676 rsqetvoy - ok
15:23:52.0920 4676 [ 40817D2DA49866C55781DB7601ABCEC1 ] RSUSBVSTOR C:\Windows\system32\Drivers\RTSUVSTOR.sys
15:23:52.0921 4676 RSUSBVSTOR - ok
15:23:52.0934 4676 [ 7F4F11527AF5A7E4526CB6A146B3E40C ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:23:52.0937 4676 RTL8167 - ok
15:23:52.0946 4676 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:23:52.0947 4676 SamSs - ok
15:23:52.0955 4676 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:23:52.0956 4676 sbp2port - ok
15:23:52.0970 4676 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:23:52.0972 4676 SCardSvr - ok
15:23:52.0981 4676 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:23:52.0981 4676 scfilter - ok
15:23:53.0007 4676 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:23:53.0018 4676 Schedule - ok
15:23:53.0028 4676 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:23:53.0029 4676 SCPolicySvc - ok
15:23:53.0043 4676 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:23:53.0045 4676 SDRSVC - ok
15:23:53.0063 4676 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:23:53.0063 4676 secdrv - ok
15:23:53.0070 4676 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:23:53.0072 4676 seclogon - ok
15:23:53.0080 4676 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:23:53.0081 4676 SENS - ok
15:23:53.0086 4676 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:23:53.0088 4676 SensrSvc - ok
15:23:53.0091 4676 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:23:53.0092 4676 Serenum - ok
15:23:53.0095 4676 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:23:53.0095 4676 Serial - ok
15:23:53.0106 4676 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:23:53.0107 4676 sermouse - ok
15:23:53.0124 4676 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:23:53.0126 4676 SessionEnv - ok
15:23:53.0128 4676 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:23:53.0128 4676 sffdisk - ok
15:23:53.0131 4676 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:23:53.0131 4676 sffp_mmc - ok
15:23:53.0134 4676 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:23:53.0134 4676 sffp_sd - ok
15:23:53.0144 4676 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:23:53.0144 4676 sfloppy - ok
15:23:53.0213 4676 [ D5183ED285D2795491DC15BDDCBEE5AD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
15:23:53.0217 4676 Sftfs - ok
15:23:53.0298 4676 [ BFDB58616FF5EA540A5F58301D50641E ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:23:53.0302 4676 sftlist - ok
15:23:53.0332 4676 [ 00F118B68C50D2206DD51634F9142B83 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:23:53.0333 4676 Sftplay - ok
15:23:53.0361 4676 [ 76A827DF5640BFE16A0CDBB4108ADECA ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:23:53.0361 4676 Sftredir - ok
15:23:53.0423 4676 [ 4215C271D6E6898C3F4DABAB4F387DC9 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:23:53.0429 4676 SftService - ok
15:23:53.0432 4676 [ 1B4C9701645086BAB8CAFFFCE30ED284 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
15:23:53.0432 4676 Sftvol - ok
15:23:53.0441 4676 [ B94C3C4DCA2093243C76CA218EDE2A97 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:23:53.0442 4676 sftvsa - ok
15:23:53.0454 4676 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:23:53.0456 4676 ShellHWDetection - ok
15:23:53.0459 4676 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:23:53.0460 4676 SiSRaid2 - ok
15:23:53.0472 4676 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:23:53.0473 4676 SiSRaid4 - ok
15:23:53.0477 4676 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:23:53.0478 4676 Smb - ok
15:23:53.0491 4676 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:23:53.0492 4676 SNMPTRAP - ok
15:23:53.0504 4676 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:23:53.0504 4676 spldr - ok
15:23:53.0543 4676 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:23:53.0548 4676 Spooler - ok
15:23:53.0594 4676 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:23:53.0632 4676 sppsvc - ok
15:23:53.0646 4676 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:23:53.0647 4676 sppuinotify - ok
15:23:53.0665 4676 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:23:53.0669 4676 srv - ok
15:23:53.0679 4676 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:23:53.0681 4676 srv2 - ok
15:23:53.0693 4676 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:23:53.0694 4676 srvnet - ok
15:23:53.0714 4676 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:23:53.0716 4676 SSDPSRV - ok
15:23:53.0726 4676 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:23:53.0728 4676 SstpSvc - ok
15:23:53.0750 4676 Steam Client Service - ok
15:23:53.0771 4676 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:23:53.0772 4676 stexstor - ok
15:23:53.0789 4676 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:23:53.0794 4676 stisvc - ok
15:23:53.0832 4676 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:23:53.0833 4676 swenum - ok
15:23:53.0852 4676 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:23:53.0858 4676 swprv - ok
15:23:53.0877 4676 SysInfo - ok
15:23:53.0902 4676 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:23:53.0925 4676 SysMain - ok
15:23:53.0945 4676 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:23:53.0947 4676 TabletInputService - ok
15:23:53.0957 4676 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:23:53.0960 4676 TapiSrv - ok
15:23:53.0972 4676 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:23:53.0974 4676 TBS - ok
15:23:54.0008 4676 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:23:54.0033 4676 Tcpip - ok
15:23:54.0054 4676 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:23:54.0061 4676 TCPIP6 - ok
15:23:54.0073 4676 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:23:54.0074 4676 tcpipreg - ok
15:23:54.0088 4676 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:23:54.0089 4676 TDPIPE - ok
15:23:54.0103 4676 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:23:54.0104 4676 TDTCP - ok
15:23:54.0115 4676 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:23:54.0116 4676 tdx - ok
15:23:54.0124 4676 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:23:54.0124 4676 TermDD - ok
15:23:54.0142 4676 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:23:54.0148 4676 TermService - ok
15:23:54.0154 4676 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:23:54.0156 4676 Themes - ok
15:23:54.0179 4676 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:23:54.0180 4676 THREADORDER - ok
15:23:54.0192 4676 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:23:54.0193 4676 TrkWks - ok
15:23:54.0229 4676 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:23:54.0230 4676 TrustedInstaller - ok
15:23:54.0240 4676 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:23:54.0240 4676 tssecsrv - ok
15:23:54.0243 4676 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:23:54.0243 4676 TsUsbFlt - ok
15:23:54.0250 4676 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:23:54.0251 4676 TsUsbGD - ok
15:23:54.0270 4676 ttnponqs - ok
15:23:54.0281 4676 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:23:54.0281 4676 tunnel - ok
15:23:54.0308 4676 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
15:23:54.0309 4676 TurboB - ok
15:23:54.0342 4676 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
15:23:54.0343 4676 TurboBoost - ok
15:23:54.0354 4676 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:23:54.0355 4676 uagp35 - ok
15:23:54.0360 4676 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:23:54.0363 4676 udfs - ok
15:23:54.0379 4676 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:23:54.0381 4676 UI0Detect - ok
15:23:54.0388 4676 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:23:54.0389 4676 uliagpkx - ok
15:23:54.0412 4676 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:23:54.0412 4676 umbus - ok
15:23:54.0415 4676 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:23:54.0415 4676 UmPass - ok
15:23:54.0448 4676 [ 0DFC9713D117B349E41A2A477448107A ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:23:54.0450 4676 UNS - ok
15:23:54.0476 4676 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:23:54.0480 4676 upnphost - ok
15:23:54.0522 4676 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:23:54.0522 4676 USBAAPL64 - ok
15:23:54.0544 4676 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:23:54.0545 4676 usbccgp - ok
15:23:54.0548 4676 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:23:54.0549 4676 usbcir - ok
15:23:54.0568 4676 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:23:54.0569 4676 usbehci - ok
15:23:54.0585 4676 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:23:54.0588 4676 usbhub - ok
15:23:54.0600 4676 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:23:54.0600 4676 usbohci - ok
15:23:54.0612 4676 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:23:54.0612 4676 usbprint - ok
15:23:54.0627 4676 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:23:54.0628 4676 USBSTOR - ok
15:23:54.0647 4676 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:23:54.0647 4676 usbuhci - ok
15:23:54.0656 4676 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:23:54.0657 4676 usbvideo - ok
15:23:54.0670 4676 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:23:54.0671 4676 UxSms - ok
15:23:54.0680 4676 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:23:54.0681 4676 VaultSvc - ok
15:23:54.0694 4676 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:23:54.0695 4676 vdrvroot - ok
15:23:54.0713 4676 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:23:54.0718 4676 vds - ok
15:23:54.0733 4676 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:23:54.0733 4676 vga - ok
15:23:54.0748 4676 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:23:54.0748 4676 VgaSave - ok
15:23:54.0753 4676 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:23:54.0754 4676 vhdmp - ok
15:23:54.0757 4676 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:23:54.0758 4676 viaide - ok
15:23:54.0766 4676 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:23:54.0767 4676 volmgr - ok
15:23:54.0786 4676 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:23:54.0788 4676 volmgrx - ok
15:23:54.0794 4676 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:23:54.0796 4676 volsnap - ok
15:23:54.0811 4676 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:23:54.0812 4676 vsmraid - ok
15:23:54.0844 4676 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:23:54.0869 4676 VSS - ok
15:23:54.0877 4676 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:23:54.0878 4676 vwifibus - ok
15:23:54.0883 4676 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:23:54.0883 4676 vwififlt - ok
15:23:54.0899 4676 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:23:54.0899 4676 vwifimp - ok
15:23:54.0910 4676 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:23:54.0914 4676 W32Time - ok
15:23:54.0917 4676 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:23:54.0918 4676 WacomPen - ok
15:23:54.0926 4676 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:23:54.0927 4676 WANARP - ok
15:23:54.0930 4676 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:23:54.0930 4676 Wanarpv6 - ok
15:23:54.0970 4676 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:23:54.0984 4676 WatAdminSvc - ok
15:23:55.0025 4676 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:23:55.0047 4676 wbengine - ok
15:23:55.0054 4676 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:23:55.0056 4676 WbioSrvc - ok
15:23:55.0072 4676 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:23:55.0076 4676 wcncsvc - ok
15:23:55.0086 4676 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:23:55.0087 4676 WcsPlugInService - ok
15:23:55.0090 4676 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:23:55.0091 4676 Wd - ok
15:23:55.0099 4676 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:23:55.0104 4676 Wdf01000 - ok
15:23:55.0113 4676 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:23:55.0114 4676 WdiServiceHost - ok
15:23:55.0117 4676 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:23:55.0118 4676 WdiSystemHost - ok
15:23:55.0129 4676 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:23:55.0132 4676 WebClient - ok
15:23:55.0140 4676 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:23:55.0143 4676 Wecsvc - ok
15:23:55.0151 4676 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:23:55.0152 4676 wercplsupport - ok
15:23:55.0177 4676 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:23:55.0179 4676 WerSvc - ok
15:23:55.0191 4676 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:23:55.0192 4676 WfpLwf - ok
15:23:55.0210 4676 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
15:23:55.0211 4676 WimFltr - ok
15:23:55.0220 4676 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:23:55.0220 4676 WIMMount - ok
15:23:55.0236 4676 WinDefend - ok
15:23:55.0241 4676 WinHttpAutoProxySvc - ok
15:23:55.0282 4676 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:23:55.0284 4676 Winmgmt - ok
15:23:55.0327 4676 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:23:55.0353 4676 WinRM - ok
15:23:55.0403 4676 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:23:55.0403 4676 WinUsb - ok
15:23:55.0427 4676 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:23:55.0435 4676 Wlansvc - ok
15:23:55.0462 4676 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:23:55.0463 4676 wlcrasvc - ok
15:23:55.0523 4676 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:23:55.0555 4676 wlidsvc - ok
15:23:55.0569 4676 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:23:55.0569 4676 WmiAcpi - ok
15:23:55.0579 4676 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:23:55.0580 4676 wmiApSrv - ok
15:23:55.0587 4676 WMPNetworkSvc - ok
15:23:55.0590 4676 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:23:55.0591 4676 WPCSvc - ok
15:23:55.0601 4676 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:23:55.0603 4676 WPDBusEnum - ok
15:23:55.0615 4676 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:23:55.0615 4676 ws2ifsl - ok
15:23:55.0630 4676 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
15:23:55.0631 4676 wscsvc - ok
15:23:55.0633 4676 WSearch - ok
15:23:55.0686 4676 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:23:55.0718 4676 wuauserv - ok
15:23:55.0727 4676 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:23:55.0728 4676 WudfPf - ok
15:23:55.0753 4676 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:23:55.0754 4676 WUDFRd - ok
15:23:55.0769 4676 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:23:55.0771 4676 wudfsvc - ok
15:23:55.0780 4676 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:23:55.0782 4676 WwanSvc - ok
15:23:55.0837 4676 [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
15:23:55.0843 4676 xnacc - ok
15:23:55.0902 4676 [ 74713CB32792F9C7632DAA7DA22CA974 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
15:23:55.0905 4676 ZeroConfigService - ok
15:23:55.0921 4676 ================ Scan global ===============================
15:23:55.0936 4676 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:23:55.0954 4676 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:23:55.0961 4676 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:23:55.0973 4676 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:23:56.0015 4676 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
15:23:56.0018 4676 [Global] - ok
15:23:56.0018 4676 ================ Scan MBR ==================================
15:23:56.0032 4676 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:23:56.0337 4676 \Device\Harddisk0\DR0 - ok
15:23:56.0338 4676 ================ Scan VBR ==================================
15:23:56.0339 4676 [ B386E235BA01363E94ECDA03711E46F1 ] \Device\Harddisk0\DR0\Partition1
15:23:56.0341 4676 \Device\Harddisk0\DR0\Partition1 - ok
15:23:56.0371 4676 [ 6A252D9AD35AE80B0C4A9E39D0324FA8 ] \Device\Harddisk0\DR0\Partition2
15:23:56.0372 4676 \Device\Harddisk0\DR0\Partition2 - ok
15:23:56.0372 4676 ============================================================
15:23:56.0372 4676 Scan finished
15:23:56.0372 4676 ============================================================
15:23:56.0380 1288 Detected object count: 0
15:23:56.0380 1288 Actual detected object count: 0
15:24:05.0121 3476 Deinitialize success

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-23 15:24:26
-----------------------------
15:24:26.450 OS Version: Windows x64 6.1.7601 Service Pack 1
15:24:26.450 Number of processors: 4 586 0x3A09
15:24:26.450 ComputerName: XXDEMO-PC UserName: xxdemo
15:24:27.581 Initialize success
15:25:13.567 AVAST engine defs: 12082300
15:26:30.597 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:26:30.601 Disk 0 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3
15:26:30.620 Disk 0 MBR read successfully
15:26:30.622 Disk 0 MBR scan
15:26:30.625 Disk 0 Windows VISTA default MBR code
15:26:30.627 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
15:26:30.633 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 20286 MB offset 81920
15:26:30.650 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 695077 MB offset 41627648
15:26:30.665 Disk 0 scanning C:\Windows\system32\drivers
15:26:36.225 Service scanning
15:26:49.684 Modules scanning
15:26:49.697 Disk 0 trace - called modules:
15:26:49.718 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:26:49.721 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006978790]
15:26:49.725 3 CLASSPNP.SYS[fffff88001d9743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007d14050]
15:26:51.095 AVAST engine scan C:\Windows
15:26:52.736 AVAST engine scan C:\Windows\system32
15:27:55.715 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
15:27:56.700 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
15:28:34.446 AVAST engine scan C:\Windows\system32\drivers
15:28:41.377 AVAST engine scan C:\Users\xxdemo
15:34:44.824 AVAST engine scan C:\ProgramData
15:36:15.923 Scan finished successfully
15:38:21.463 Disk 0 MBR has been saved successfully to "C:\Users\xxdemo\Downloads\MBR.dat"
15:38:21.467 The log file has been saved successfully to "C:\Users\xxdemo\Downloads\aswMBR.txt"
15:38:28.389 Disk 0 MBR has been saved successfully to "C:\Users\xxdemo\Desktop\MBR.dat"
15:38:28.393 The log file has been saved successfully to "C:\Users\xxdemo\Desktop\aswMBR.txt"


ESET
Operating memory a variant of Win32/Sirefef.EZ trojan

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 24 August 2012 - 08:44 PM

Download a new copy of TDSSkiller and run the scan again and post the new log

#6 xxdemonic

xxdemonic
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 25 August 2012 - 06:19 PM

It says no Threats found.

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 25 August 2012 - 06:53 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

Edited by narenxp, 27 August 2012 - 10:45 AM.


#8 xxdemonic

xxdemonic
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 27 August 2012 - 10:14 AM

Farbar Service Scanner Version: 06-08-2012
Ran by xxdemo (administrator) on 27-08-2012 at 11:11:14
Running from "C:\Users\xxdemo\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
The start type of bfe service is set to Demand. The default start type is Auto.
The ImagePath of bfe: ".".
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****





MiniToolBox by Farbar Version: 23-07-2012
Ran by xxdemo (administrator) on 27-08-2012 at 11:12:45
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Intel® Centrino® Wireless-N 2230 = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : xxdemo-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 68-5D-43-62-34-74
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 68-5D-43-62-34-74
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hr.cox.net
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 2230
Physical Address. . . . . . . . . : 68-5D-43-62-34-73
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : D4-BE-D9-38-71-3C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::91c1:b6b4:97e:61a3%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, August 27, 2012 11:07:41 AM
Lease Expires . . . . . . . . . . : Thursday, October 03, 2148 5:41:07 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 248823513
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-69-D9-C9-D4-BE-D9-38-71-3C
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{CA4EADCE-19FE-409D-A575-DBABF3FF4708}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{278DC9F9-F3BD-401A-94C9-E3AF8A1A2E40}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hr.cox.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.2.1

Name: google.com
Addresses: 2607:f8b0:4007:801::1006
74.125.227.98
74.125.227.99
74.125.227.100
74.125.227.101
74.125.227.102
74.125.227.103
74.125.227.104
74.125.227.105
74.125.227.110
74.125.227.96
74.125.227.97


Pinging google.com [74.125.239.8] with 32 bytes of data:
Reply from 74.125.239.8: bytes=32 time=82ms TTL=45
Reply from 74.125.239.8: bytes=32 time=104ms TTL=51

Ping statistics for 74.125.239.8:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 82ms, Maximum = 104ms, Average = 93ms
Server: UnKnown
Address: 192.168.2.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=965ms TTL=52
Reply from 98.139.183.24: bytes=32 time=350ms TTL=52

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 350ms, Maximum = 965ms, Average = 657ms
Server: UnKnown
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...68 5d 43 62 34 74 ......Microsoft Virtual WiFi Miniport Adapter #2
16...68 5d 43 62 34 74 ......Microsoft Virtual WiFi Miniport Adapter
13...68 5d 43 62 34 73 ......Intel® Centrino® Wireless-N 2230
11...d4 be d9 38 71 3c ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.4 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.4 276
192.168.2.4 255.255.255.255 On-link 192.168.2.4 276
192.168.2.255 255.255.255.255 On-link 192.168.2.4 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.4 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.4 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::91c1:b6b4:97e:61a3/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/27/2012 11:08:26 AM) (Source: BackItUp5) (User: )
Description: IDS_LINUX_INST_ERROR

Error: (08/27/2012 11:07:53 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/27/2012 11:02:47 AM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/26/2012 00:09:44 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7215717

Error: (08/26/2012 00:09:44 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7215717

Error: (08/26/2012 00:09:44 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2012 03:52:16 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11076

Error: (08/25/2012 03:52:16 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11076

Error: (08/25/2012 03:52:16 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2012 03:52:15 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10077


System errors:
=============
Error: (08/27/2012 11:10:06 AM) (Source: Service Control Manager) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/27/2012 11:10:01 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Network Agent service depends the following service: MfeFire. This service might not be installed.

Error: (08/27/2012 11:10:01 AM) (Source: Service Control Manager) (User: )
Description: The McAfee VirusScan Announcer service failed to start due to the following error:
%%2

Error: (08/27/2012 11:10:01 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Services service failed to start due to the following error:
%%2

Error: (08/27/2012 11:08:34 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/27/2012 11:08:34 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/27/2012 11:07:48 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/27/2012 11:07:48 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends on the BFE service which failed to start because of the following error:
%%5

Error: (08/27/2012 11:07:48 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Anti-Spam Service service depends the following service: MfeFire. This service might not be installed.

Error: (08/27/2012 11:07:48 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Proxy Service service depends the following service: MfeFire. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (08/27/2012 11:08:26 AM) (Source: BackItUp5)(User: )
Description: IDS_LINUX_INST_ERROR

Error: (08/27/2012 11:07:53 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/27/2012 11:02:47 AM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/26/2012 00:09:44 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7215717

Error: (08/26/2012 00:09:44 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7215717

Error: (08/26/2012 00:09:44 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2012 03:52:16 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11076

Error: (08/25/2012 03:52:16 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11076

Error: (08/25/2012 03:52:16 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2012 03:52:15 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10077


=========================== Installed Programs ============================

Accidental Damage Services Agreement (Version: 2.0.0)
Adobe AIR (Version: 2.6.0.19120)
Adobe Community Help (Version: 3.2.1)
Adobe Community Help (Version: 3.2.1.650)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Photoshop Elements 9 (Version: 9.0)
Adobe Premiere Elements 9 (Version: 9.0)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Advanced Audio FX Engine (Version: 1.12.05)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.898.1)
AMD AVIVO64 Codecs (Version: 12.3.103.20326)
AMD Catalyst Install Manager (Version: 3.0.868.0)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Avira Free Antivirus (Version: 12.0.0.1167)
BabylonObjectInstaller (Version: 2.0.0.3)
Banctec Service Agreement (Version: 2.0.0)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Belkin Setup and Router Monitor
BioShock
BitComet 1.32 64-bit (Version: 1.32)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blio (Version: 2.3.7140)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0326.310.3601)
Catalyst Control Center InstallProxy (Version: 2012.0326.310.3601)
Catalyst Control Center Localization All (Version: 2012.0326.310.3601)
Catalyst Control Center Profiles Mobile (Version: 2012.0326.310.3601)
ccc-utility64 (Version: 2012.0326.310.3601)
CCC Help Chinese Standard (Version: 2012.0326.0309.3601)
CCC Help Chinese Traditional (Version: 2012.0326.0309.3601)
CCC Help Danish (Version: 2012.0326.0309.3601)
CCC Help Dutch (Version: 2012.0326.0309.3601)
CCC Help English (Version: 2012.0326.0309.3601)
CCC Help Finnish (Version: 2012.0326.0309.3601)
CCC Help French (Version: 2012.0326.0309.3601)
CCC Help German (Version: 2012.0326.0309.3601)
CCC Help Italian (Version: 2012.0326.0309.3601)
CCC Help Japanese (Version: 2012.0326.0309.3601)
CCC Help Korean (Version: 2012.0326.0309.3601)
CCC Help Norwegian (Version: 2012.0326.0309.3601)
CCC Help Portuguese (Version: 2012.0326.0309.3601)
CCC Help Russian (Version: 2012.0326.0309.3601)
CCC Help Spanish (Version: 2012.0326.0309.3601)
CCC Help Swedish (Version: 2012.0326.0309.3601)
Chuzzle Deluxe (Version: 2.2.0.95)
Complete Care Business Service Agreement (Version: 2.0.0)
Conexant SmartAudio HD (Version: 8.54.29.0)
Consumer In-Home Service Agreement (Version: 2.0.0)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (Version: 9.4.67)
Dell DataSafe Local Backup (Version: 9.4.67)
Dell DataSafe Online (Version: 2.1.19634)
Dell Digital Delivery (Version: 2.1.1002.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Home Systems Service Agreement (Version: 2.0.0)
Dell MusicStage (Version: 1.6.225.0)
Dell PhotoStage (Version: 1.5.0.130)
Dell Stage Remote (Version: 2.0.0.43)
Dell Support Center (Version: 3.1.5907.16)
Dell Touchpad (Version: 10.3.2.2)
Dell VideoStage (Version: 1.3.0.2513)
Dell Webcam Central (Version: 2.00.44)
Diablo III (Version: 1.0.4.11327)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
eBay (Version: 1.4.0)
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
Escape Whisper Valley ™ (Version: 2.2.0.95)
ESET Online Scanner v3
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
Final Drive Fury (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
FINAL FANTASY XI: Ultimate Collection - Abyssea Edition
From Dust
High-Definition Video Playback (Version: 7.3.10000.0.0)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Display Audio Driver (Version: 6.14.00.3090)
Intel® Management Engine Components (Version: 8.0.1.1399)
Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed (Version: 15.0.0.0059)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 2.1.0.0140)
Intel® Rapid Storage Technology (Version: 11.1.0.1006)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.3.214)
Intel® WiDi (Version: 3.0.13.0)
Intel® Wireless Display
Intel® PROSet/Wireless WiFi Software (Version: 15.00.0000.0642)
Intel® Trusted Connect Service Client (Version: 1.23.219.2)
iTunes (Version: 10.6.3.25)
Jewel Quest (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Luxor (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MapleStory
Media Player Codec Pack 4.2.0 (Version: 4.2.0)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Namco All-Stars PAC-MAN (Version: 2.2.0.95)
Nero 10 Menu TemplatePack Basic (Version: 10.0.10600.6.0)
Nero 10 Movie ThemePack Basic (Version: 10.2.10200.0.0)
Nero BackItUp 10 (Version: 5.4.11600.19.100)
Nero BackItUp 10 Help (CHM) (Version: 1.0.10700)
Nero Burning ROM 10 (Version: 10.0.11100.10.100)
Nero BurningROM 10 Help (CHM) (Version: 1.0.10700)
Nero BurnRights 10 (Version: 4.0.11000.12.100)
Nero BurnRights 10 Help (CHM) (Version: 1.0.10600)
Nero Control Center 10 (Version: 10.6.12800.0.8)
Nero ControlCenter 10 Help (CHM) (Version: 10.2.10800)
Nero Core Components 10 (Version: 2.0.20500.9.16)
Nero CoverDesigner 10 (Version: 5.0.10900.11.100)
Nero CoverDesigner 10 Help (CHM) (Version: 1.0.10600)
Nero DiscSpeed 10 (Version: 6.0.10800.7.100)
Nero DiscSpeed 10 Help (CHM) (Version: 1.0.10600)
Nero Dolby Files 10 (Version: 2.0.11000.0.10)
Nero Express 10 (Version: 10.0.11000.10.100)
Nero Express 10 Help (CHM) (Version: 1.0.10700)
Nero InfoTool 10 (Version: 7.0.10800.8.100)
Nero InfoTool 10 Help (CHM) (Version: 1.0.10600)
Nero MediaHub 10 (Version: 1.0.13400.11.100)
Nero MediaHub 10 Help (CHM) (Version: 1.0.10700)
Nero Multimedia Suite 10 (Version: 10.0.13100)
Nero Recode 10 (Version: 4.6.10900.4.100)
Nero Recode 10 Help (CHM) (Version: 1.0.10600)
Nero RescueAgent 10 (Version: 3.0.10900.9.100)
Nero RescueAgent 10 Help (CHM) (Version: 1.0.10700)
Nero SoundTrax 10 (Version: 4.6.10600.2.100)
Nero SoundTrax 10 Help (CHM) (Version: 1.0.10600)
Nero StartSmart 10 (Version: 10.0.11200.12.100)
Nero StartSmart 10 Help (CHM) (Version: 1.0.10700)
Nero Update (Version: 11.0.11500.28.0)
Nero Vision 10 (Version: 7.0.11100.8.100)
Nero Vision 10 Help (CHM) (Version: 1.0.10600)
Nero WaveEditor 10 (Version: 5.6.10600.2.100)
Nero WaveEditor 10 Help (CHM) (Version: 1.0.10600)
NVIDIA PhysX (Version: 9.10.0513)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
PowerXpressHybrid (Version: 1.00.0000)
Premium Service Agreement (Version: 2.0.0)
PunkBuster Services (Version: 0.992)
PX Profile Update (Version: 1.00.1.)
QualxServ Service Agreement (Version: 2.0.0)
Quickset64 (Version: 10.14.010)
Realtek USB 2.0 Card Reader (Version: 6.1.7601.39019)
RIFT
Samantha Swift (Version: 2.2.0.95)
Skype™ 5.5 (Version: 5.5.119)
SmartSound Quicktracks for Premiere Elements 9.0 (Version: 3.12.3090)
Spec Ops: The Line Demo
Speccy (Version: 1.16)
Steam (Version: 1.0.0.0)
SyncUP (Version: 1.12.11500.11.105)
SyncUP (Version: 10.2.16500)
Ubisoft Game Launcher (Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
VLC media player 2.0.3 (Version: 2.0.3)
Wedding Dash - Ready, Aim, Love! (Version: 2.2.0.95)
WildTangent Games (Version: 1.0.2.5)
WildTangent Games App (Dell Games) (Version: 4.0.5.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zinio Reader 4 (Version: 4.2.4164)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 33%
Total physical RAM: 6046.36 MB
Available physical RAM: 4006.09 MB
Total Pagefile: 12090.9 MB
Available Pagefile: 9717.32 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.74 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:678.79 GB) (Free:520.3 GB) NTFS

========================= Users: ========================================

User accounts for \\XXDEMO-PC

Administrator Guest xxdemo


**** End of log ****







# AdwCleaner v1.801 - Logfile created 08/27/2012 at 11:14:01
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : xxdemo - XXDEMO-PC
# Boot Mode : Normal
# Running from : C:\Users\xxdemo\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\xxdemo\AppData\Local\Temp\BabylonToolbar
Folder Found : C:\Users\xxdemo\AppData\Roaming\Babylon
Folder Found : C:\ProgramData\Babylon
File Found : C:\user.js

***** [Registry] *****

Key Found : HKCU\Software\Ask.com.tmp
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
[x64] Key Found : HKCU\Software\Ask.com.tmp
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=109935&tt=010712_1&babsrc=HP_ss&mntrId=1ac4260b000000000000685d43623474

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\xxdemo\AppData\Roaming\Mozilla\Firefox\Profiles\66rswxd4.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2211 octets] - [27/08/2012 11:14:01]

########## EOF - C:\AdwCleaner[R1].txt - [2339 octets] ##########

#9 xxdemonic

xxdemonic
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 27 August 2012 - 10:21 AM

# AdwCleaner v1.801 - Logfile created 08/27/2012 at 11:15:46
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : xxdemo - XXDEMO-PC
# Boot Mode : Normal
# Running from : C:\Users\xxdemo\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\xxdemo\AppData\Local\Temp\BabylonToolbar
Folder Deleted : C:\Users\xxdemo\AppData\Roaming\Babylon
Folder Deleted : C:\ProgramData\Babylon
File Deleted : C:\user.js

***** [Registry] *****

Key Deleted : HKCU\Software\Ask.com.tmp
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=109935&tt=010712_1&babsrc=HP_ss&mntrId=1ac4260b000000000000685d43623474 --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\xxdemo\AppData\Roaming\Mozilla\Firefox\Profiles\66rswxd4.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2330 octets] - [27/08/2012 11:14:01]
AdwCleaner[S1].txt - [295 octets] - [27/08/2012 11:14:10]
AdwCleaner[S2].txt - [295 octets] - [27/08/2012 11:15:40]
AdwCleaner[S3].txt - [2056 octets] - [27/08/2012 11:15:46]

########## EOF - C:\AdwCleaner[S3].txt - [2184 octets] ##########

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 27 August 2012 - 10:45 AM

Malwarebytes log?

Download

BITS

Launch them ,click YES when you get UAC prompt

restart the PC


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#11 xxdemonic

xxdemonic
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 27 August 2012 - 02:57 PM

Farbar Service Scanner Version: 06-08-2012
Ran by xxdemo (administrator) on 27-08-2012 at 16:25:27
Running from "C:\Users\xxdemo\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****





Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/27/2012 04:26:21 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* C:\Users\xxdemo\Downloads\FSS.exe (PID: 4428) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\xxdemo\Desktop\rkill\rkill-08-27-2012-04-26-26.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
* C:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
* C:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

Checking Windows Service Integrity:

* Base Filtering Engine (BFE) is not Running.
Startup Type set to: Automatic

* Windows Firewall (MpsSvc) is not Running.
Startup Type set to: Automatic

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

* atapi => \SystemRoot\system32\drivers\atapi.sys [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/27/2012 04:26:34 PM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)

Edited by xxdemonic, 27 August 2012 - 03:27 PM.


#12 xxdemonic

xxdemonic
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 27 August 2012 - 03:27 PM

Avira just started again giving me the TRAPS virus, didnt do it all day

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 27 August 2012 - 03:33 PM

Run RKILL again and Post the new RKILL log

Edited by narenxp, 27 August 2012 - 03:50 PM.


#14 xxdemonic

xxdemonic
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 27 August 2012 - 03:42 PM

Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/27/2012 04:42:07 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Base Filtering Engine (BFE) is not Running.
Startup Type set to: Automatic

* Windows Firewall (MpsSvc) is not Running.
Startup Type set to: Automatic

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

* atapi => \SystemRoot\system32\drivers\atapi.sys [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/27/2012 04:42:12 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 27 August 2012 - 03:49 PM

Press Windows+ R key and type

regedit and click ok

go to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess

Right click on them-permissions

Click on ADD and type

Everyone and click ok

Now Click on Everyone

Below you have permission for users

Select full control and click ok

Restart the PC and post the new FSS log




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users