Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirect virus


  • This topic is locked This topic is locked
11 replies to this topic

#1 creators

creators

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 05 September 2012 - 07:29 PM

I am facing problem Google redirect virus.
I tried mcafee, malware bytes and TDSkiller but still the problem exist. Could someone please help me with the problem ?

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:51 AM

Posted 05 September 2012 - 07:45 PM

Hello and welcome.

I moved this from WIN 7 to Am I Infected.

Would you post those logs please and run these,

Rerun TDSS like this

  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.




Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Edited by boopme, 05 September 2012 - 07:45 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 creators

creators
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 05 September 2012 - 09:01 PM

Below is the log from aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-05 21:19:06
-----------------------------
21:19:06.524 OS Version: Windows x64 6.1.7601 Service Pack 1
21:19:06.524 Number of processors: 8 586 0x2A07
21:19:06.524 ComputerName: VINOD-PC UserName: Vinod
21:19:09.553 Initialize success
21:20:36.379 AVAST engine defs: 12090502
21:21:04.558 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:21:04.559 Disk 0 Vendor: ST315003 CC4G Size: 1430799MB BusType: 3
21:21:04.568 Disk 0 MBR read successfully
21:21:04.569 Disk 0 MBR scan
21:21:04.572 Disk 0 Windows VISTA default MBR code
21:21:04.573 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
21:21:04.581 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12044 MB offset 81920
21:21:04.593 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 1316312 MB offset 24748032
21:21:04.597 Disk 0 Partition - 00 0F Extended LBA 102402 MB offset 2720555008
21:21:04.630 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 102401 MB offset 2720557056
21:21:04.669 Disk 0 scanning C:\Windows\system32\drivers
21:21:13.217 Service scanning
21:21:30.460 Modules scanning
21:21:30.474 Disk 0 trace - called modules:
21:21:30.499 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
21:21:30.505 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009dd0060]
21:21:30.510 3 CLASSPNP.SYS[fffff88001fcd43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800786b050]
21:21:33.530 AVAST engine scan C:\Windows
21:21:37.206 AVAST engine scan C:\Windows\system32
21:25:14.209 AVAST engine scan C:\Windows\system32\drivers
21:25:25.633 AVAST engine scan C:\Users\Vinod
21:48:19.573 AVAST engine scan C:\ProgramData
21:53:21.153 Scan finished successfully
21:58:55.784 Disk 0 MBR has been saved successfully to "C:\Users\Vinod\Desktop\MBR.dat"
21:58:55.789 The log file has been saved successfully to "C:\Users\Vinod\Desktop\aswMBR.txt"


Below is the log from TDSSKiller.exe but it didnt detect any object.


21:15:46.0921 5568 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
21:15:47.0451 5568 ============================================================
21:15:47.0451 5568 Current date / time: 2012/09/05 21:15:47.0451
21:15:47.0451 5568 SystemInfo:
21:15:47.0451 5568
21:15:47.0451 5568 OS Version: 6.1.7601 ServicePack: 1.0
21:15:47.0451 5568 Product type: Workstation
21:15:47.0451 5568 ComputerName: VINOD-PC
21:15:47.0451 5568 UserName: Vinod
21:15:47.0451 5568 Windows directory: C:\Windows
21:15:47.0451 5568 System windows directory: C:\Windows
21:15:47.0451 5568 Running under WOW64
21:15:47.0451 5568 Processor architecture: Intel x64
21:15:47.0451 5568 Number of processors: 8
21:15:47.0451 5568 Page size: 0x1000
21:15:47.0451 5568 Boot type: Normal boot
21:15:47.0451 5568 ============================================================
21:15:47.0903 5568 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:15:47.0919 5568 ============================================================
21:15:47.0919 5568 \Device\Harddisk0\DR0:
21:15:47.0919 5568 MBR partitions:
21:15:47.0919 5568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1786000
21:15:47.0919 5568 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x179A000, BlocksNum 0xA0AEC000
21:15:47.0950 5568 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xA2286800, BlocksNum 0xC800800
21:15:47.0950 5568 ============================================================
21:15:48.0028 5568 C: <-> \Device\Harddisk0\DR0\Partition2
21:15:48.0059 5568 B: <-> \Device\Harddisk0\DR0\Partition1
21:15:48.0122 5568 R: <-> \Device\Harddisk0\DR0\Partition3
21:15:48.0122 5568 ============================================================
21:15:48.0122 5568 Initialize success
21:15:48.0122 5568 ============================================================
21:15:55.0485 5712 ============================================================
21:15:55.0485 5712 Scan started
21:15:55.0485 5712 Mode: Manual; TDLFS;
21:15:55.0485 5712 ============================================================
21:15:56.0203 5712 ================ Scan system memory ========================
21:15:56.0203 5712 System memory - ok
21:15:56.0203 5712 ================ Scan services =============================
21:15:56.0359 5712 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:15:56.0359 5712 1394ohci - ok
21:15:56.0390 5712 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:15:56.0390 5712 ACPI - ok
21:15:56.0406 5712 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:15:56.0406 5712 AcpiPmi - ok
21:15:56.0530 5712 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:15:56.0530 5712 AdobeARMservice - ok
21:15:56.0562 5712 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:15:56.0562 5712 adp94xx - ok
21:15:56.0577 5712 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:15:56.0577 5712 adpahci - ok
21:15:56.0593 5712 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:15:56.0593 5712 adpu320 - ok
21:15:56.0608 5712 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:15:56.0608 5712 AeLookupSvc - ok
21:15:56.0655 5712 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:15:56.0655 5712 AFD - ok
21:15:56.0671 5712 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:15:56.0671 5712 agp440 - ok
21:15:56.0686 5712 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:15:56.0686 5712 ALG - ok
21:15:56.0718 5712 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:15:56.0718 5712 aliide - ok
21:15:56.0764 5712 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:15:56.0764 5712 AMD External Events Utility - ok
21:15:56.0811 5712 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:15:56.0811 5712 amdide - ok
21:15:56.0827 5712 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:15:56.0827 5712 AmdK8 - ok
21:15:56.0998 5712 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:15:57.0030 5712 amdkmdag - ok
21:15:57.0092 5712 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:15:57.0092 5712 amdkmdap - ok
21:15:57.0108 5712 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:15:57.0108 5712 AmdPPM - ok
21:15:57.0108 5712 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:15:57.0123 5712 amdsata - ok
21:15:57.0123 5712 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:15:57.0139 5712 amdsbs - ok
21:15:57.0139 5712 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:15:57.0139 5712 amdxata - ok
21:15:57.0154 5712 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:15:57.0154 5712 AppID - ok
21:15:57.0170 5712 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:15:57.0170 5712 AppIDSvc - ok
21:15:57.0217 5712 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:15:57.0217 5712 Appinfo - ok
21:15:57.0232 5712 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
21:15:57.0232 5712 arc - ok
21:15:57.0279 5712 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:15:57.0279 5712 arcsas - ok
21:15:57.0373 5712 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:15:57.0373 5712 aspnet_state - ok
21:15:57.0404 5712 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:15:57.0404 5712 AsyncMac - ok
21:15:57.0435 5712 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:15:57.0435 5712 atapi - ok
21:15:57.0498 5712 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:15:57.0498 5712 AtiHDAudioService - ok
21:15:57.0529 5712 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:15:57.0529 5712 AudioEndpointBuilder - ok
21:15:57.0529 5712 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:15:57.0529 5712 AudioSrv - ok
21:15:57.0576 5712 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:15:57.0576 5712 AxInstSV - ok
21:15:57.0591 5712 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:15:57.0591 5712 b06bdrv - ok
21:15:57.0607 5712 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:15:57.0607 5712 b57nd60a - ok
21:15:57.0685 5712 [ 8B5D16D20774FC3727F44E161BE2C0AC ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
21:15:57.0700 5712 BCM43XX - ok
21:15:57.0732 5712 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:15:57.0732 5712 BDESVC - ok
21:15:57.0732 5712 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:15:57.0732 5712 Beep - ok
21:15:57.0794 5712 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:15:57.0794 5712 BFE - ok
21:15:57.0825 5712 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:15:57.0872 5712 BITS - ok
21:15:57.0903 5712 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:15:57.0903 5712 blbdrive - ok
21:15:57.0966 5712 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:15:57.0966 5712 bowser - ok
21:15:57.0981 5712 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:15:57.0981 5712 BrFiltLo - ok
21:15:57.0997 5712 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:15:57.0997 5712 BrFiltUp - ok
21:15:58.0075 5712 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:15:58.0075 5712 Browser - ok
21:15:58.0090 5712 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:15:58.0090 5712 Brserid - ok
21:15:58.0106 5712 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:15:58.0106 5712 BrSerWdm - ok
21:15:58.0106 5712 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:15:58.0106 5712 BrUsbMdm - ok
21:15:58.0122 5712 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:15:58.0122 5712 BrUsbSer - ok
21:15:58.0184 5712 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
21:15:58.0184 5712 BrYNSvc - ok
21:15:58.0262 5712 [ 233F834C71F1EF95D266F86D0860D4D3 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
21:15:58.0262 5712 BstHdAndroidSvc - ok
21:15:58.0309 5712 [ BCA794E1A1B55A926773AE741DEE93A1 ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
21:15:58.0309 5712 BstHdDrv - ok
21:15:58.0356 5712 [ 6736C5C64313909CD8126B253A7AEE0F ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
21:15:58.0356 5712 BstHdLogRotatorSvc - ok
21:15:58.0371 5712 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:15:58.0371 5712 BTHMODEM - ok
21:15:58.0418 5712 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:15:58.0418 5712 bthserv - ok
21:15:58.0434 5712 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:15:58.0434 5712 cdfs - ok
21:15:58.0465 5712 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:15:58.0465 5712 cdrom - ok
21:15:58.0496 5712 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:15:58.0496 5712 CertPropSvc - ok
21:15:58.0527 5712 [ 274CE03459896006F7A5069266E0469E ] cfwids C:\Windows\system32\drivers\cfwids.sys
21:15:58.0527 5712 cfwids - ok
21:15:58.0543 5712 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
21:15:58.0543 5712 circlass - ok
21:15:58.0558 5712 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:15:58.0558 5712 CLFS - ok
21:15:58.0605 5712 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:15:58.0605 5712 clr_optimization_v2.0.50727_32 - ok
21:15:58.0652 5712 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:15:58.0652 5712 clr_optimization_v2.0.50727_64 - ok
21:15:58.0714 5712 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:15:58.0714 5712 clr_optimization_v4.0.30319_32 - ok
21:15:58.0730 5712 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:15:58.0730 5712 clr_optimization_v4.0.30319_64 - ok
21:15:58.0746 5712 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:15:58.0746 5712 CmBatt - ok
21:15:58.0746 5712 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:15:58.0761 5712 cmdide - ok
21:15:58.0792 5712 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:15:58.0792 5712 CNG - ok
21:15:58.0808 5712 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:15:58.0808 5712 Compbatt - ok
21:15:58.0808 5712 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:15:58.0808 5712 CompositeBus - ok
21:15:58.0824 5712 COMSysApp - ok
21:15:58.0824 5712 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:15:58.0824 5712 crcdisk - ok
21:15:58.0870 5712 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:15:58.0870 5712 CryptSvc - ok
21:15:58.0933 5712 [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
21:15:58.0933 5712 ctxusbm - ok
21:15:58.0964 5712 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:15:58.0964 5712 DcomLaunch - ok
21:15:58.0980 5712 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:15:58.0980 5712 defragsvc - ok
21:15:59.0026 5712 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:15:59.0058 5712 DfsC - ok
21:15:59.0104 5712 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:15:59.0104 5712 Dhcp - ok
21:15:59.0120 5712 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:15:59.0120 5712 discache - ok
21:15:59.0136 5712 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
21:15:59.0136 5712 Disk - ok
21:15:59.0151 5712 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:15:59.0151 5712 Dnscache - ok
21:15:59.0167 5712 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:15:59.0167 5712 dot3svc - ok
21:15:59.0182 5712 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:15:59.0182 5712 DPS - ok
21:15:59.0198 5712 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:15:59.0198 5712 drmkaud - ok
21:15:59.0229 5712 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:15:59.0229 5712 DXGKrnl - ok
21:15:59.0245 5712 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:15:59.0245 5712 EapHost - ok
21:15:59.0323 5712 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:15:59.0338 5712 ebdrv - ok
21:15:59.0370 5712 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:15:59.0370 5712 EFS - ok
21:15:59.0448 5712 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:15:59.0448 5712 ehRecvr - ok
21:15:59.0463 5712 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:15:59.0463 5712 ehSched - ok
21:15:59.0479 5712 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:15:59.0479 5712 elxstor - ok
21:15:59.0494 5712 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:15:59.0494 5712 ErrDev - ok
21:15:59.0541 5712 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:15:59.0541 5712 EventSystem - ok
21:15:59.0572 5712 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:15:59.0572 5712 exfat - ok
21:15:59.0588 5712 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:15:59.0588 5712 fastfat - ok
21:15:59.0619 5712 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:15:59.0619 5712 Fax - ok
21:15:59.0650 5712 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
21:15:59.0650 5712 fdc - ok
21:15:59.0666 5712 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:15:59.0666 5712 fdPHost - ok
21:15:59.0682 5712 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:15:59.0682 5712 FDResPub - ok
21:15:59.0682 5712 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:15:59.0682 5712 FileInfo - ok
21:15:59.0697 5712 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:15:59.0697 5712 Filetrace - ok
21:15:59.0728 5712 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:15:59.0728 5712 flpydisk - ok
21:15:59.0744 5712 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:15:59.0744 5712 FltMgr - ok
21:15:59.0791 5712 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:15:59.0791 5712 FontCache - ok
21:15:59.0838 5712 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:15:59.0838 5712 FontCache3.0.0.0 - ok
21:15:59.0853 5712 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:15:59.0853 5712 FsDepends - ok
21:15:59.0884 5712 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:15:59.0884 5712 Fs_Rec - ok
21:15:59.0916 5712 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:15:59.0916 5712 fvevol - ok
21:15:59.0931 5712 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:15:59.0931 5712 gagp30kx - ok
21:15:59.0962 5712 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:15:59.0962 5712 gpsvc - ok
21:15:59.0978 5712 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:15:59.0978 5712 hcw85cir - ok
21:16:00.0009 5712 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:16:00.0009 5712 HdAudAddService - ok
21:16:00.0040 5712 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:16:00.0040 5712 HDAudBus - ok
21:16:00.0056 5712 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:16:00.0056 5712 HidBatt - ok
21:16:00.0072 5712 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:16:00.0072 5712 HidBth - ok
21:16:00.0087 5712 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
21:16:00.0087 5712 HidIr - ok
21:16:00.0087 5712 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:16:00.0103 5712 hidserv - ok
21:16:00.0134 5712 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:16:00.0134 5712 HidUsb - ok
21:16:00.0150 5712 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:16:00.0150 5712 hkmsvc - ok
21:16:00.0165 5712 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:16:00.0196 5712 HomeGroupListener - ok
21:16:00.0228 5712 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:16:00.0228 5712 HomeGroupProvider - ok
21:16:00.0228 5712 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:16:00.0228 5712 HpSAMD - ok
21:16:00.0259 5712 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:16:00.0259 5712 HTTP - ok
21:16:00.0274 5712 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:16:00.0274 5712 hwpolicy - ok
21:16:00.0321 5712 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:16:00.0321 5712 i8042prt - ok
21:16:00.0368 5712 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\drivers\iaStor.sys
21:16:00.0368 5712 iaStor - ok
21:16:00.0430 5712 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
21:16:00.0430 5712 IAStorDataMgrSvc - ok
21:16:00.0446 5712 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:16:00.0493 5712 iaStorV - ok
21:16:00.0540 5712 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:16:00.0555 5712 idsvc - ok
21:16:00.0727 5712 [ 33FAA40B288002C89529DBD14F3AB72C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:16:00.0774 5712 igfx - ok
21:16:00.0789 5712 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:16:00.0789 5712 iirsp - ok
21:16:00.0820 5712 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:16:00.0820 5712 IKEEXT - ok
21:16:00.0898 5712 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:16:00.0914 5712 IntcAzAudAddService - ok
21:16:00.0961 5712 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:16:00.0961 5712 IntcDAud - ok
21:16:00.0992 5712 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:16:00.0992 5712 intelide - ok
21:16:01.0008 5712 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:16:01.0008 5712 intelppm - ok
21:16:01.0023 5712 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:16:01.0023 5712 IPBusEnum - ok
21:16:01.0039 5712 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:16:01.0039 5712 IpFilterDriver - ok
21:16:01.0086 5712 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:16:01.0086 5712 iphlpsvc - ok
21:16:01.0101 5712 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:16:01.0101 5712 IPMIDRV - ok
21:16:01.0101 5712 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:16:01.0101 5712 IPNAT - ok
21:16:01.0148 5712 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:16:01.0148 5712 IRENUM - ok
21:16:01.0179 5712 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:16:01.0179 5712 isapnp - ok
21:16:01.0195 5712 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:16:01.0195 5712 iScsiPrt - ok
21:16:01.0210 5712 [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
21:16:01.0210 5712 k57nd60a - ok
21:16:01.0242 5712 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:16:01.0242 5712 kbdclass - ok
21:16:01.0257 5712 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:16:01.0257 5712 kbdhid - ok
21:16:01.0288 5712 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:16:01.0288 5712 KeyIso - ok
21:16:01.0335 5712 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:16:01.0335 5712 KSecDD - ok
21:16:01.0351 5712 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:16:01.0351 5712 KSecPkg - ok
21:16:01.0351 5712 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:16:01.0351 5712 ksthunk - ok
21:16:01.0382 5712 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:16:01.0382 5712 KtmRm - ok
21:16:01.0398 5712 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:16:01.0398 5712 LanmanServer - ok
21:16:01.0413 5712 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:16:01.0413 5712 LanmanWorkstation - ok
21:16:01.0460 5712 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:16:01.0460 5712 lltdio - ok
21:16:01.0491 5712 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:16:01.0491 5712 lltdsvc - ok
21:16:01.0507 5712 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:16:01.0507 5712 lmhosts - ok
21:16:01.0538 5712 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:16:01.0538 5712 LSI_FC - ok
21:16:01.0538 5712 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:16:01.0538 5712 LSI_SAS - ok
21:16:01.0538 5712 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:16:01.0538 5712 LSI_SAS2 - ok
21:16:01.0554 5712 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:16:01.0554 5712 LSI_SCSI - ok
21:16:01.0569 5712 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:16:01.0569 5712 luafv - ok
21:16:01.0632 5712 [ 4CB64D7458ABD8396BCD389A69C8FC80 ] lvpepf64 C:\Windows\system32\DRIVERS\lv302a64.sys
21:16:01.0632 5712 lvpepf64 - ok
21:16:01.0678 5712 [ 0034F69D0007D3F77F6B96FA51228E85 ] LVUSBS64 C:\Windows\system32\drivers\LVUSBS64.sys
21:16:01.0678 5712 LVUSBS64 - ok
21:16:01.0725 5712 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:16:01.0725 5712 MBAMProtector - ok
21:16:01.0788 5712 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:16:01.0834 5712 MBAMService - ok
21:16:02.0006 5712 [ ACB01BF1A905356AB7F978C7FE852209 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:16:02.0006 5712 McAfee SiteAdvisor Service - ok
21:16:02.0006 5712 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:16:02.0006 5712 McMPFSvc - ok
21:16:02.0022 5712 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:16:02.0022 5712 mcmscsvc - ok
21:16:02.0022 5712 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:16:02.0022 5712 McNaiAnn - ok
21:16:02.0037 5712 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:16:02.0037 5712 McNASvc - ok
21:16:02.0162 5712 [ 44D0DA102FA7A1BE22FD7499E80DCF9B ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
21:16:02.0162 5712 McODS - ok
21:16:02.0178 5712 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:16:02.0178 5712 McProxy - ok
21:16:02.0209 5712 [ E998E3B12101288D716558466CBF6AE1 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
21:16:02.0209 5712 McShield - ok
21:16:02.0256 5712 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:16:02.0256 5712 Mcx2Svc - ok
21:16:02.0287 5712 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
21:16:02.0287 5712 megasas - ok
21:16:02.0318 5712 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:16:02.0334 5712 MegaSR - ok
21:16:02.0349 5712 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:16:02.0349 5712 MEIx64 - ok
21:16:02.0380 5712 [ 01884CB7655C8908B43FF5E364FE6FD2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
21:16:02.0396 5712 mfeapfk - ok
21:16:02.0396 5712 [ DAB9A9CDFB04E4D68924492AA043019D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
21:16:02.0412 5712 mfeavfk - ok
21:16:02.0458 5712 mfeavfk01 - ok
21:16:02.0474 5712 [ B26782C3D6045B4464017D7926877560 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:16:02.0474 5712 mfefire - ok
21:16:02.0536 5712 [ CE9A3680675C0907ADE16404CA967B49 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
21:16:02.0536 5712 mfefirek - ok
21:16:02.0552 5712 [ 60CF67458DD29CD17E77F2327B1A9A54 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
21:16:02.0552 5712 mfehidk - ok
21:16:02.0599 5712 [ A8129CFB919347F8533C934B365E9202 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
21:16:02.0599 5712 mfenlfk - ok
21:16:02.0599 5712 [ 5041FA2BD2B3A2693B015771BFBF6DCA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
21:16:02.0599 5712 mferkdet - ok
21:16:02.0630 5712 [ 723A5EB6CEF7F408C3D0F15A82A6BFF8 ] mfevtp C:\Windows\system32\mfevtps.exe
21:16:02.0630 5712 mfevtp - ok
21:16:02.0646 5712 [ 919C56DB14A0E1E2AB6DA5D2821DC26E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
21:16:02.0646 5712 mfewfpk - ok
21:16:02.0724 5712 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:16:02.0724 5712 Microsoft Office Groove Audit Service - ok
21:16:02.0755 5712 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:16:02.0755 5712 MMCSS - ok
21:16:02.0770 5712 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:16:02.0770 5712 Modem - ok
21:16:02.0817 5712 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:16:02.0817 5712 monitor - ok
21:16:02.0848 5712 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:16:02.0848 5712 mouclass - ok
21:16:02.0895 5712 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:16:02.0895 5712 mouhid - ok
21:16:02.0895 5712 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:16:02.0895 5712 mountmgr - ok
21:16:02.0911 5712 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:16:02.0911 5712 mpio - ok
21:16:02.0926 5712 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:16:02.0926 5712 mpsdrv - ok
21:16:02.0942 5712 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:16:02.0958 5712 MpsSvc - ok
21:16:02.0989 5712 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:16:02.0989 5712 MRxDAV - ok
21:16:03.0004 5712 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:16:03.0004 5712 mrxsmb - ok
21:16:03.0020 5712 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:16:03.0020 5712 mrxsmb10 - ok
21:16:03.0036 5712 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:16:03.0036 5712 mrxsmb20 - ok
21:16:03.0051 5712 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:16:03.0051 5712 msahci - ok
21:16:03.0051 5712 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:16:03.0067 5712 msdsm - ok
21:16:03.0067 5712 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:16:03.0067 5712 MSDTC - ok
21:16:03.0082 5712 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:16:03.0082 5712 Msfs - ok
21:16:03.0114 5712 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:16:03.0114 5712 mshidkmdf - ok
21:16:03.0129 5712 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:16:03.0129 5712 msisadrv - ok
21:16:03.0160 5712 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:16:03.0160 5712 MSiSCSI - ok
21:16:03.0160 5712 msiserver - ok
21:16:03.0176 5712 [ ACB01BF1A905356AB7F978C7FE852209 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:16:03.0176 5712 MSK80Service - ok
21:16:03.0192 5712 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:16:03.0192 5712 MSKSSRV - ok
21:16:03.0192 5712 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:16:03.0192 5712 MSPCLOCK - ok
21:16:03.0192 5712 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:16:03.0192 5712 MSPQM - ok
21:16:03.0223 5712 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:16:03.0223 5712 MsRPC - ok
21:16:03.0223 5712 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:16:03.0223 5712 mssmbios - ok
21:16:03.0316 5712 MSSQL$SQLEXPRESS - ok
21:16:03.0363 5712 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
21:16:03.0363 5712 MSSQLServerADHelper - ok
21:16:03.0363 5712 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:16:03.0363 5712 MSTEE - ok
21:16:03.0488 5712 [ 95DC808A9A177F575DE9FD49F7D97312 ] msvsmon80 C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe
21:16:03.0504 5712 msvsmon80 - ok
21:16:03.0519 5712 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:16:03.0519 5712 MTConfig - ok
21:16:03.0535 5712 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:16:03.0535 5712 Mup - ok
21:16:03.0550 5712 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:16:03.0550 5712 napagent - ok
21:16:03.0597 5712 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:16:03.0597 5712 NativeWifiP - ok
21:16:03.0628 5712 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:16:03.0644 5712 NDIS - ok
21:16:03.0660 5712 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:16:03.0660 5712 NdisCap - ok
21:16:03.0691 5712 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:16:03.0691 5712 NdisTapi - ok
21:16:03.0738 5712 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:16:03.0738 5712 Ndisuio - ok
21:16:03.0753 5712 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:16:03.0784 5712 NdisWan - ok
21:16:03.0816 5712 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:16:03.0816 5712 NDProxy - ok
21:16:03.0831 5712 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:16:03.0831 5712 NetBIOS - ok
21:16:03.0847 5712 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:16:03.0847 5712 NetBT - ok
21:16:03.0862 5712 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:16:03.0862 5712 Netlogon - ok
21:16:03.0894 5712 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:16:03.0894 5712 Netman - ok
21:16:03.0940 5712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:16:03.0940 5712 NetMsmqActivator - ok
21:16:03.0956 5712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:16:03.0956 5712 NetPipeActivator - ok
21:16:03.0972 5712 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:16:03.0972 5712 netprofm - ok
21:16:03.0972 5712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:16:03.0972 5712 NetTcpActivator - ok
21:16:03.0987 5712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:16:03.0987 5712 NetTcpPortSharing - ok
21:16:04.0003 5712 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:16:04.0003 5712 nfrd960 - ok
21:16:04.0018 5712 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:16:04.0034 5712 NlaSvc - ok
21:16:04.0034 5712 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:16:04.0034 5712 Npfs - ok
21:16:04.0050 5712 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:16:04.0050 5712 nsi - ok
21:16:04.0050 5712 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:16:04.0065 5712 nsiproxy - ok
21:16:04.0096 5712 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:16:04.0112 5712 Ntfs - ok
21:16:04.0159 5712 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:16:04.0159 5712 Null - ok
21:16:04.0206 5712 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:16:04.0206 5712 nvraid - ok
21:16:04.0221 5712 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:16:04.0221 5712 nvstor - ok
21:16:04.0237 5712 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:16:04.0237 5712 nv_agp - ok
21:16:04.0315 5712 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:16:04.0315 5712 odserv - ok
21:16:04.0330 5712 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:16:04.0330 5712 ohci1394 - ok
21:16:04.0362 5712 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:16:04.0362 5712 ose - ok
21:16:04.0377 5712 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:16:04.0377 5712 p2pimsvc - ok
21:16:04.0393 5712 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:16:04.0408 5712 p2psvc - ok
21:16:04.0408 5712 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
21:16:04.0424 5712 Parport - ok
21:16:04.0440 5712 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:16:04.0455 5712 partmgr - ok
21:16:04.0455 5712 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:16:04.0471 5712 PcaSvc - ok
21:16:04.0564 5712 [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{1E208CE0-FB7451FF-06020200}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
21:16:04.0580 5712 PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - ok
21:16:04.0596 5712 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:16:04.0596 5712 pci - ok
21:16:04.0611 5712 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:16:04.0611 5712 pciide - ok
21:16:04.0627 5712 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:16:04.0627 5712 pcmcia - ok
21:16:04.0642 5712 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:16:04.0642 5712 pcw - ok
21:16:04.0689 5712 [ C1C3BAF078BE5A14384A4BA2D730817D ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
21:16:04.0689 5712 PDFProFiltSrvPP - ok
21:16:04.0705 5712 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:16:04.0720 5712 PEAUTH - ok
21:16:04.0767 5712 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:16:04.0767 5712 PerfHost - ok
21:16:04.0845 5712 [ 37EA62238E17AE88E4713D9246CA1C1C ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V64.SYS
21:16:04.0845 5712 PID_PEPI - ok
21:16:04.0892 5712 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:16:04.0908 5712 pla - ok
21:16:04.0970 5712 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:16:04.0986 5712 PlugPlay - ok
21:16:04.0986 5712 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:16:04.0986 5712 PNRPAutoReg - ok
21:16:05.0001 5712 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:16:05.0001 5712 PNRPsvc - ok
21:16:05.0032 5712 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:16:05.0032 5712 PolicyAgent - ok
21:16:05.0064 5712 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
21:16:05.0064 5712 Power - ok
21:16:05.0110 5712 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:16:05.0110 5712 PptpMiniport - ok
21:16:05.0110 5712 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
21:16:05.0126 5712 Processor - ok
21:16:05.0157 5712 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:16:05.0173 5712 ProfSvc - ok
21:16:05.0173 5712 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:16:05.0173 5712 ProtectedStorage - ok
21:16:05.0220 5712 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:16:05.0220 5712 Psched - ok
21:16:05.0282 5712 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:16:05.0298 5712 ql2300 - ok
21:16:05.0298 5712 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:16:05.0298 5712 ql40xx - ok
21:16:05.0329 5712 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:16:05.0344 5712 QWAVE - ok
21:16:05.0344 5712 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:16:05.0344 5712 QWAVEdrv - ok
21:16:05.0360 5712 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:16:05.0360 5712 RasAcd - ok
21:16:05.0376 5712 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:16:05.0376 5712 RasAgileVpn - ok
21:16:05.0376 5712 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:16:05.0376 5712 RasAuto - ok
21:16:05.0407 5712 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:16:05.0407 5712 Rasl2tp - ok
21:16:05.0454 5712 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:16:05.0454 5712 RasMan - ok
21:16:05.0469 5712 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:16:05.0469 5712 RasPppoe - ok
21:16:05.0485 5712 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:16:05.0485 5712 RasSstp - ok
21:16:05.0532 5712 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:16:05.0532 5712 rdbss - ok
21:16:05.0547 5712 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
21:16:05.0547 5712 rdpbus - ok
21:16:05.0563 5712 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:16:05.0563 5712 RDPCDD - ok
21:16:05.0594 5712 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:16:05.0594 5712 RDPENCDD - ok
21:16:05.0594 5712 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:16:05.0594 5712 RDPREFMP - ok
21:16:05.0641 5712 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:16:05.0641 5712 RDPWD - ok
21:16:05.0656 5712 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:16:05.0656 5712 rdyboost - ok
21:16:05.0672 5712 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:16:05.0688 5712 RemoteAccess - ok
21:16:05.0703 5712 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:16:05.0703 5712 RemoteRegistry - ok
21:16:05.0703 5712 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:16:05.0703 5712 RpcEptMapper - ok
21:16:05.0719 5712 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:16:05.0734 5712 RpcLocator - ok
21:16:05.0750 5712 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:16:05.0750 5712 RpcSs - ok
21:16:05.0766 5712 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:16:05.0766 5712 rspndr - ok
21:16:05.0781 5712 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:16:05.0781 5712 SamSs - ok
21:16:05.0781 5712 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:16:05.0781 5712 sbp2port - ok
21:16:05.0797 5712 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:16:05.0797 5712 SCardSvr - ok
21:16:05.0812 5712 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:16:05.0812 5712 scfilter - ok
21:16:05.0844 5712 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:16:05.0844 5712 Schedule - ok
21:16:05.0859 5712 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:16:05.0859 5712 SCPolicySvc - ok
21:16:05.0875 5712 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:16:05.0875 5712 SDRSVC - ok
21:16:05.0890 5712 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:16:05.0890 5712 secdrv - ok
21:16:05.0906 5712 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:16:05.0906 5712 seclogon - ok
21:16:05.0906 5712 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:16:05.0906 5712 SENS - ok
21:16:05.0922 5712 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:16:05.0922 5712 SensrSvc - ok
21:16:05.0937 5712 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
21:16:05.0937 5712 Serenum - ok
21:16:05.0953 5712 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
21:16:05.0953 5712 Serial - ok
21:16:05.0968 5712 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:16:05.0968 5712 sermouse - ok
21:16:06.0000 5712 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:16:06.0000 5712 SessionEnv - ok
21:16:06.0000 5712 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:16:06.0000 5712 sffdisk - ok
21:16:06.0000 5712 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:16:06.0000 5712 sffp_mmc - ok
21:16:06.0000 5712 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:16:06.0015 5712 sffp_sd - ok
21:16:06.0015 5712 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:16:06.0015 5712 sfloppy - ok
21:16:06.0046 5712 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:16:06.0046 5712 SharedAccess - ok
21:16:06.0062 5712 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:16:06.0109 5712 ShellHWDetection - ok
21:16:06.0140 5712 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:16:06.0140 5712 SiSRaid2 - ok
21:16:06.0156 5712 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:16:06.0156 5712 SiSRaid4 - ok
21:16:06.0156 5712 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:16:06.0156 5712 Smb - ok
21:16:06.0171 5712 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:16:06.0171 5712 SNMPTRAP - ok
21:16:06.0187 5712 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:16:06.0187 5712 spldr - ok
21:16:06.0234 5712 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:16:06.0234 5712 Spooler - ok
21:16:06.0296 5712 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:16:06.0327 5712 sppsvc - ok
21:16:06.0327 5712 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:16:06.0327 5712 sppuinotify - ok
21:16:06.0405 5712 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:16:06.0405 5712 SQLBrowser - ok
21:16:06.0483 5712 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:16:06.0483 5712 SQLWriter - ok
21:16:06.0514 5712 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:16:06.0514 5712 srv - ok
21:16:06.0530 5712 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:16:06.0530 5712 srv2 - ok
21:16:06.0546 5712 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:16:06.0546 5712 srvnet - ok
21:16:06.0561 5712 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:16:06.0561 5712 SSDPSRV - ok
21:16:06.0561 5712 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:16:06.0561 5712 SstpSvc - ok
21:16:06.0577 5712 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:16:06.0577 5712 stexstor - ok
21:16:06.0624 5712 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:16:06.0624 5712 StillCam - ok
21:16:06.0717 5712 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:16:06.0717 5712 stisvc - ok
21:16:06.0733 5712 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:16:06.0733 5712 swenum - ok
21:16:06.0748 5712 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:16:06.0748 5712 swprv - ok
21:16:06.0780 5712 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:16:06.0795 5712 SysMain - ok
21:16:06.0842 5712 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:16:06.0842 5712 TabletInputService - ok
21:16:06.0858 5712 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:16:06.0858 5712 TapiSrv - ok
21:16:06.0873 5712 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:16:06.0873 5712 TBS - ok
21:16:06.0951 5712 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:16:06.0967 5712 Tcpip - ok
21:16:07.0045 5712 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:16:07.0045 5712 TCPIP6 - ok
21:16:07.0107 5712 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:16:07.0107 5712 tcpipreg - ok
21:16:07.0123 5712 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:16:07.0123 5712 TDPIPE - ok
21:16:07.0154 5712 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:16:07.0154 5712 TDTCP - ok
21:16:07.0154 5712 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:16:07.0170 5712 tdx - ok
21:16:07.0263 5712 [ 3E85BDD019E3DB66D9471DAD7FD6A887 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
21:16:07.0279 5712 TeamViewer7 - ok
21:16:07.0310 5712 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:16:07.0310 5712 TermDD - ok
21:16:07.0357 5712 [ F9D55A4461EA40D0D20CF732EC250C81 ] TermService C:\Windows\System32\termsrv.dll
21:16:07.0372 5712 TermService - ok
21:16:07.0388 5712 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:16:07.0388 5712 Themes - ok
21:16:07.0404 5712 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:16:07.0404 5712 THREADORDER - ok
21:16:07.0419 5712 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:16:07.0419 5712 TrkWks - ok
21:16:07.0466 5712 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:16:07.0466 5712 TrustedInstaller - ok
21:16:07.0466 5712 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:16:07.0466 5712 tssecsrv - ok
21:16:07.0482 5712 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:16:07.0482 5712 TsUsbFlt - ok
21:16:07.0497 5712 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:16:07.0497 5712 TsUsbGD - ok
21:16:07.0544 5712 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:16:07.0544 5712 tunnel - ok
21:16:07.0653 5712 [ E6118E6FA528A62CB31B8BC4013A3DAF ] tvnserver C:\Program Files\TightVNC\tvnserver.exe
21:16:07.0669 5712 tvnserver - ok
21:16:07.0669 5712 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:16:07.0669 5712 uagp35 - ok
21:16:07.0684 5712 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:16:07.0684 5712 udfs - ok
21:16:07.0700 5712 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:16:07.0700 5712 UI0Detect - ok
21:16:07.0716 5712 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:16:07.0716 5712 uliagpkx - ok
21:16:07.0716 5712 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:16:07.0731 5712 umbus - ok
21:16:07.0731 5712 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
21:16:07.0731 5712 UmPass - ok
21:16:07.0762 5712 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:16:07.0762 5712 upnphost - ok
21:16:07.0809 5712 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:16:07.0809 5712 usbaudio - ok
21:16:07.0840 5712 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:16:07.0840 5712 usbccgp - ok
21:16:07.0840 5712 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:16:07.0840 5712 usbcir - ok
21:16:07.0856 5712 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:16:07.0856 5712 usbehci - ok
21:16:07.0887 5712 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:16:07.0887 5712 usbhub - ok
21:16:07.0903 5712 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:16:07.0903 5712 usbohci - ok
21:16:07.0934 5712 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:16:07.0934 5712 usbprint - ok
21:16:07.0950 5712 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:16:07.0950 5712 USBSTOR - ok
21:16:07.0981 5712 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:16:07.0981 5712 usbuhci - ok
21:16:07.0996 5712 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:16:07.0996 5712 UxSms - ok
21:16:08.0012 5712 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:16:08.0012 5712 VaultSvc - ok
21:16:08.0012 5712 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:16:08.0012 5712 vdrvroot - ok
21:16:08.0043 5712 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:16:08.0043 5712 vds - ok
21:16:08.0043 5712 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:16:08.0043 5712 vga - ok
21:16:08.0059 5712 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:16:08.0059 5712 VgaSave - ok
21:16:08.0074 5712 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:16:08.0074 5712 vhdmp - ok
21:16:08.0090 5712 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:16:08.0090 5712 viaide - ok
21:16:08.0106 5712 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:16:08.0106 5712 volmgr - ok
21:16:08.0152 5712 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:16:08.0152 5712 volmgrx - ok
21:16:08.0168 5712 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:16:08.0168 5712 volsnap - ok
21:16:08.0184 5712 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:16:08.0184 5712 vsmraid - ok
21:16:08.0215 5712 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:16:08.0230 5712 VSS - ok
21:16:08.0246 5712 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:16:08.0246 5712 vwifibus - ok
21:16:08.0293 5712 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:16:08.0293 5712 vwififlt - ok
21:16:08.0308 5712 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:16:08.0308 5712 W32Time - ok
21:16:08.0324 5712 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:16:08.0324 5712 WacomPen - ok
21:16:08.0340 5712 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:16:08.0340 5712 WANARP - ok
21:16:08.0340 5712 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:16:08.0340 5712 Wanarpv6 - ok
21:16:08.0402 5712 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:16:08.0418 5712 WatAdminSvc - ok
21:16:08.0464 5712 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:16:08.0464 5712 wbengine - ok
21:16:08.0480 5712 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:16:08.0496 5712 WbioSrvc - ok
21:16:08.0511 5712 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:16:08.0511 5712 wcncsvc - ok
21:16:08.0527 5712 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:16:08.0527 5712 WcsPlugInService - ok
21:16:08.0527 5712 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
21:16:08.0527 5712 Wd - ok
21:16:08.0558 5712 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:16:08.0558 5712 Wdf01000 - ok
21:16:08.0574 5712 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:16:08.0574 5712 WdiServiceHost - ok
21:16:08.0574 5712 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:16:08.0589 5712 WdiSystemHost - ok
21:16:08.0605 5712 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:16:08.0605 5712 WebClient - ok
21:16:08.0620 5712 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:16:08.0620 5712 Wecsvc - ok
21:16:08.0636 5712 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:16:08.0636 5712 wercplsupport - ok
21:16:08.0667 5712 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:16:08.0667 5712 WerSvc - ok
21:16:08.0683 5712 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:16:08.0683 5712 WfpLwf - ok
21:16:08.0698 5712 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:16:08.0698 5712 WIMMount - ok
21:16:08.0714 5712 WinDefend - ok
21:16:08.0714 5712 WinHttpAutoProxySvc - ok
21:16:08.0761 5712 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:16:08.0761 5712 Winmgmt - ok
21:16:08.0808 5712 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:16:08.0823 5712 WinRM - ok
21:16:08.0870 5712 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:16:08.0870 5712 Wlansvc - ok
21:16:08.0932 5712 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:16:08.0932 5712 wlcrasvc - ok
21:16:09.0010 5712 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:16:09.0026 5712 wlidsvc - ok
21:16:09.0026 5712 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:16:09.0026 5712 WmiAcpi - ok
21:16:09.0073 5712 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:16:09.0073 5712 wmiApSrv - ok
21:16:09.0104 5712 WMPNetworkSvc - ok
21:16:09.0151 5712 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:16:09.0151 5712 WPCSvc - ok
21:16:09.0166 5712 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:16:09.0166 5712 WPDBusEnum - ok
21:16:09.0166 5712 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:16:09.0182 5712 ws2ifsl - ok
21:16:09.0182 5712 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:16:09.0182 5712 wscsvc - ok
21:16:09.0182 5712 WSearch - ok
21:16:09.0260 5712 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:16:09.0276 5712 wuauserv - ok
21:16:09.0291 5712 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:16:09.0291 5712 WudfPf - ok
21:16:09.0354 5712 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:16:09.0354 5712 WUDFRd - ok
21:16:09.0369 5712 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:16:09.0369 5712 wudfsvc - ok
21:16:09.0385 5712 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:16:09.0385 5712 WwanSvc - ok
21:16:09.0400 5712 ================ Scan global ===============================
21:16:09.0447 5712 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:16:09.0463 5712 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:16:09.0478 5712 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:16:09.0494 5712 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:16:09.0510 5712 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:16:09.0525 5712 [Global] - ok
21:16:09.0525 5712 ================ Scan MBR ==================================
21:16:09.0525 5712 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
21:16:09.0822 5712 \Device\Harddisk0\DR0 - ok
21:16:09.0822 5712 ================ Scan VBR ==================================
21:16:09.0853 5712 [ 62F4C96F8143ACF3320C0AEFCEF01B14 ] \Device\Harddisk0\DR0\Partition1
21:16:09.0853 5712 \Device\Harddisk0\DR0\Partition1 - ok
21:16:09.0853 5712 [ AB5F0A34357E06B717B22409A8E3FA2B ] \Device\Harddisk0\DR0\Partition2
21:16:09.0868 5712 \Device\Harddisk0\DR0\Partition2 - ok
21:16:09.0884 5712 [ 3FCDB7393B81FCABA83A6B1B6040654A ] \Device\Harddisk0\DR0\Partition3
21:16:09.0884 5712 \Device\Harddisk0\DR0\Partition3 - ok
21:16:09.0884 5712 ============================================================
21:16:09.0884 5712 Scan finished
21:16:09.0884 5712 ============================================================
21:16:09.0900 1248 Detected object count: 0
21:16:09.0900 1248 Actual detected object count: 0


Please let me know if you need any additional information

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:51 AM

Posted 05 September 2012 - 09:11 PM

Are you on a router? Are other machines on it,if so are they redirecting?

Do you use the Firefox or Chrome browser?


Now...
Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 creators

creators
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 05 September 2012 - 09:16 PM

Thanks for your quick response
I am on router and none of the other machines are infected. I use internet explorer and Google chrome

Below is the log from GooredFix


GooredFix by jpshortstuff (03.07.10.1)
Log created at 22:14 on 05/09/2012 (Vinod)
Firefox version [Unable to determine]

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
(none)

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [16:15 28/01/2012]
"{D19CA586-DD6C-4a0a-96F8-14644F340D60}"="C:\Program Files (x86)\Common Files\McAfee\SystemCore" [16:14 28/01/2012]

-=E.O.F=-

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:51 AM

Posted 05 September 2012 - 09:28 PM

OK two more things..
Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the prompts in the Fix it wizard.






In FireFox it may be the Add ons/Plugins. try disabling them one at a time and see which one was at fault.

How to disable extensions and plugins

Keeping your third-party plugins up to date


In Chrome it may be the Add ons/Plugins. try disabling them one at a time and see which one was at fault.

OR Disable All Extensions ,see if that worked,then you need to go back to one by one to see which ps the culprit.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 creators

creators
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 05 September 2012 - 09:46 PM

I have reset the HOSTS file

I disabled all the chrome plugin using Disable All Extensions. I don't see the redirection problem.
I tried enabling one at a time and checked for redirection, I found the ps culprit. its named Default Extension. I tried disabling and deleting the extension but when I re-open the browser its persist

Please suggest me a way to get rid of it.

Edited by creators, 05 September 2012 - 10:00 PM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:51 AM

Posted 05 September 2012 - 10:15 PM

OK, then need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 creators

creators
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 05 September 2012 - 10:15 PM

I tried re installing chrome and Default extension is not showing up again. I dont have redirection problem
is there any way to check if the virus exist ?

Thanks

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:51 AM

Posted 05 September 2012 - 10:15 PM

We posted at the same time,see post above yours.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 creators

creators
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 06 September 2012 - 11:31 AM

Posted to new malware removal request
Reference: http://www.bleepingcomputer.com/forums/topic467703.html

Thanks

#12 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,539 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:07:51 AM

Posted 06 September 2012 - 11:42 AM

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the logs you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another Malware Removal Team member is already assisting you and not open the thread to respond.

To avoid confusion, I am closing this topic.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users