Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan:Win32/Alureon.fq


  • Please log in to reply
27 replies to this topic

#1 richirene

richirene

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 13 October 2012 - 11:30 PM

A scan of my computer showed that I was infected with the trojan Alureon.fq. I have run several scan programs Malware bytes, Super Anti-spyware, housecall, drwebs cureit all in safe mode and followed their instructions with the exception of removing the item dplaysvr that i was receiving conflicting stories as to whether it was a threat or not. After doing all this I am still having trouble accessing the internet in normal mode, but have no problem in safe mode. Could you please help! Windows 7

Edited by richirene, 13 October 2012 - 11:46 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:21 AM

Posted 13 October 2012 - 11:51 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 richirene

richirene
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 14 October 2012 - 12:33 AM

Okay, before I hardly got started TDSsKILLER found an object and wants me to either SKIP,COPY TO QUARANTINE or DELETE, what should I do with it?

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:21 AM

Posted 14 October 2012 - 12:42 AM

Go for default option given by TDSSkiller.If it ask to skip>>SKIP IT or if it ask to CURE>>CURE IT

#5 richirene

richirene
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 14 October 2012 - 03:56 AM

22:27:21.0834 1648 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
22:27:22.0427 1648 ============================================================
22:27:22.0427 1648 Current date / time: 2012/10/13 22:27:22.0427
22:27:22.0427 1648 SystemInfo:
22:27:22.0427 1648
22:27:22.0427 1648 OS Version: 6.1.7601 ServicePack: 1.0
22:27:22.0427 1648 Product type: Workstation
22:27:22.0427 1648 ComputerName: BRONSON-PC
22:27:22.0427 1648 UserName: bronson
22:27:22.0427 1648 Windows directory: C:\Windows
22:27:22.0427 1648 System windows directory: C:\Windows
22:27:22.0427 1648 Processor architecture: Intel x86
22:27:22.0427 1648 Number of processors: 2
22:27:22.0427 1648 Page size: 0x1000
22:27:22.0427 1648 Boot type: Safe boot with network
22:27:22.0427 1648 ============================================================
22:27:24.0252 1648 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:27:24.0252 1648 ============================================================
22:27:24.0268 1648 \Device\Harddisk0\DR0:
22:27:24.0268 1648 MBR partitions:
22:27:24.0268 1648 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1388000
22:27:24.0268 1648 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13BA800, BlocksNum 0x1BE0A970
22:27:24.0268 1648 ============================================================
22:27:24.0299 1648 C: <-> \Device\Harddisk0\DR0\Partition2
22:27:24.0299 1648 ============================================================
22:27:24.0299 1648 Initialize success
22:27:24.0299 1648 ============================================================
22:28:05.0109 1952 ============================================================
22:28:05.0109 1952 Scan started
22:28:05.0109 1952 Mode: Manual; TDLFS;
22:28:05.0109 1952 ============================================================
22:28:05.0358 1952 ================ Scan system memory ========================
22:28:05.0358 1952 System memory - ok
22:28:05.0358 1952 ================ Scan services =============================
22:28:05.0467 1952 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
22:28:05.0467 1952 !SASCORE - ok
22:28:05.0499 1952 .afd - ok
22:28:05.0530 1952 .avgtdix - ok
22:28:05.0592 1952 .netbt - ok
22:28:05.0733 1952 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:28:05.0733 1952 1394ohci - ok
22:28:05.0779 1952 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:28:05.0779 1952 ACPI - ok
22:28:05.0811 1952 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:28:05.0811 1952 AcpiPmi - ok
22:28:05.0904 1952 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:28:05.0904 1952 AdobeARMservice - ok
22:28:06.0029 1952 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:28:06.0029 1952 AdobeFlashPlayerUpdateSvc - ok
22:28:06.0091 1952 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:28:06.0091 1952 adp94xx - ok
22:28:06.0154 1952 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:28:06.0169 1952 adpahci - ok
22:28:06.0201 1952 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:28:06.0201 1952 adpu320 - ok
22:28:06.0247 1952 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:28:06.0247 1952 AeLookupSvc - ok
22:28:06.0357 1952 [ A6CE73469591554279DA63BE715DBC93 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
22:28:06.0357 1952 AERTFilters - ok
22:28:06.0419 1952 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
22:28:06.0435 1952 AFD - ok
22:28:06.0466 1952 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
22:28:06.0466 1952 agp440 - ok
22:28:06.0528 1952 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
22:28:06.0528 1952 aic78xx - ok
22:28:06.0575 1952 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
22:28:06.0575 1952 ALG - ok
22:28:06.0606 1952 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
22:28:06.0606 1952 aliide - ok
22:28:06.0653 1952 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:28:06.0653 1952 amdagp - ok
22:28:06.0684 1952 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
22:28:06.0684 1952 amdide - ok
22:28:06.0700 1952 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:28:06.0700 1952 AmdK8 - ok
22:28:06.0731 1952 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:28:06.0731 1952 AmdPPM - ok
22:28:06.0793 1952 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:28:06.0793 1952 amdsata - ok
22:28:06.0825 1952 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:28:06.0825 1952 amdsbs - ok
22:28:06.0856 1952 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:28:06.0871 1952 amdxata - ok
22:28:06.0903 1952 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
22:28:06.0903 1952 AppID - ok
22:28:06.0949 1952 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:28:06.0949 1952 AppIDSvc - ok
22:28:06.0981 1952 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
22:28:06.0996 1952 Appinfo - ok
22:28:07.0105 1952 [ 018857EAD9A077A56AEDFC0E5EF7A24A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:28:07.0121 1952 Apple Mobile Device - ok
22:28:07.0183 1952 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
22:28:07.0183 1952 arc - ok
22:28:07.0246 1952 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:28:07.0246 1952 arcsas - ok
22:28:07.0293 1952 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:28:07.0293 1952 AsyncMac - ok
22:28:07.0308 1952 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
22:28:07.0308 1952 atapi - ok
22:28:07.0355 1952 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:28:07.0371 1952 AudioEndpointBuilder - ok
22:28:07.0386 1952 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:28:07.0386 1952 Audiosrv - ok
22:28:07.0667 1952 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
22:28:07.0870 1952 AVGIDSAgent - ok
22:28:07.0932 1952 [ 2F47851015D8837976E481F6DAA46A67 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
22:28:07.0948 1952 AVGIDSDriver - ok
22:28:07.0995 1952 [ 303BDE0DCDC04CE597C6C1CD06C6F186 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
22:28:07.0995 1952 AVGIDSHX - ok
22:28:08.0041 1952 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
22:28:08.0057 1952 AVGIDSShim - ok
22:28:08.0104 1952 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
22:28:08.0104 1952 Avgldx86 - ok
22:28:08.0151 1952 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
22:28:08.0151 1952 Avglogx - ok
22:28:08.0213 1952 [ 6DF7236D3A16C8417FF72F2EB2ADD244 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
22:28:08.0213 1952 Avgmfx86 - ok
22:28:08.0260 1952 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
22:28:08.0260 1952 Avgrkx86 - ok
22:28:08.0307 1952 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
22:28:08.0307 1952 Avgtdix - ok
22:28:08.0353 1952 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
22:28:08.0353 1952 avgwd - ok
22:28:08.0400 1952 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:28:08.0400 1952 AxInstSV - ok
22:28:08.0463 1952 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
22:28:08.0478 1952 b06bdrv - ok
22:28:08.0509 1952 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
22:28:08.0525 1952 b57nd60x - ok
22:28:08.0681 1952 [ 2ED050291BC1D7F9E322E328DB3AAECF ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
22:28:08.0681 1952 BBSvc - ok
22:28:08.0712 1952 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
22:28:08.0728 1952 BBUpdate - ok
22:28:08.0775 1952 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
22:28:08.0775 1952 BDESVC - ok
22:28:08.0853 1952 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
22:28:08.0853 1952 Beep - ok
22:28:08.0931 1952 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
22:28:08.0931 1952 BFE - ok
22:28:09.0009 1952 [ 1B63F2B7CA6B5290CC124CDD07520BC9 ] BingDesktopUpdate C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
22:28:09.0009 1952 BingDesktopUpdate - ok
22:28:09.0087 1952 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
22:28:09.0118 1952 BITS - ok
22:28:09.0180 1952 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:28:09.0180 1952 blbdrive - ok
22:28:09.0274 1952 [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:28:09.0274 1952 Bonjour Service - ok
22:28:09.0336 1952 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:28:09.0336 1952 bowser - ok
22:28:09.0367 1952 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:28:09.0367 1952 BrFiltLo - ok
22:28:09.0399 1952 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:28:09.0399 1952 BrFiltUp - ok
22:28:09.0461 1952 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
22:28:09.0461 1952 BridgeMP - ok
22:28:09.0492 1952 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
22:28:09.0492 1952 Browser - ok
22:28:09.0555 1952 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:28:09.0555 1952 Brserid - ok
22:28:09.0586 1952 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:28:09.0586 1952 BrSerWdm - ok
22:28:09.0617 1952 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:28:09.0617 1952 BrUsbMdm - ok
22:28:09.0633 1952 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:28:09.0633 1952 BrUsbSer - ok
22:28:09.0695 1952 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:28:09.0711 1952 BthEnum - ok
22:28:09.0757 1952 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:28:09.0757 1952 BTHMODEM - ok
22:28:09.0789 1952 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:28:09.0789 1952 BthPan - ok
22:28:09.0851 1952 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:28:09.0851 1952 BTHPORT - ok
22:28:09.0882 1952 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
22:28:09.0898 1952 bthserv - ok
22:28:09.0929 1952 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:28:09.0945 1952 BTHUSB - ok
22:28:09.0991 1952 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:28:09.0991 1952 cdfs - ok
22:28:10.0007 1952 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:28:10.0007 1952 cdrom - ok
22:28:10.0069 1952 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
22:28:10.0069 1952 CertPropSvc - ok
22:28:10.0116 1952 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:28:10.0116 1952 circlass - ok
22:28:10.0179 1952 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
22:28:10.0194 1952 CLFS - ok
22:28:10.0288 1952 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:28:10.0303 1952 clr_optimization_v2.0.50727_32 - ok
22:28:10.0413 1952 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:28:10.0413 1952 clr_optimization_v4.0.30319_32 - ok
22:28:10.0459 1952 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:28:10.0459 1952 CmBatt - ok
22:28:10.0491 1952 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:28:10.0506 1952 cmdide - ok
22:28:10.0553 1952 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
22:28:10.0569 1952 CNG - ok
22:28:10.0600 1952 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:28:10.0600 1952 Compbatt - ok
22:28:10.0647 1952 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:28:10.0647 1952 CompositeBus - ok
22:28:10.0662 1952 COMSysApp - ok
22:28:10.0693 1952 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:28:10.0693 1952 crcdisk - ok
22:28:10.0740 1952 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:28:10.0740 1952 CryptSvc - ok
22:28:10.0771 1952 [ 0F538DF1673E5216F3BAACB6911D9D0F ] CtAudDrv C:\Windows\system32\Drivers\CtAudDrv.sys
22:28:10.0787 1952 CtAudDrv - ok
22:28:10.0818 1952 [ CEBA8413F9B2C73A4E9E16DBD127DC25 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
22:28:10.0818 1952 CtClsFlt - ok
22:28:10.0927 1952 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:28:10.0943 1952 cvhsvc - ok
22:28:10.0990 1952 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
22:28:10.0990 1952 DcomLaunch - ok
22:28:11.0021 1952 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
22:28:11.0037 1952 defragsvc - ok
22:28:11.0099 1952 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:28:11.0099 1952 DfsC - ok
22:28:11.0146 1952 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:28:11.0146 1952 Dhcp - ok
22:28:11.0177 1952 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
22:28:11.0177 1952 discache - ok
22:28:11.0193 1952 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:28:11.0208 1952 Disk - ok
22:28:11.0239 1952 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:28:11.0239 1952 Dnscache - ok
22:28:11.0349 1952 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
22:28:11.0349 1952 DockLoginService - ok
22:28:11.0395 1952 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
22:28:11.0411 1952 dot3svc - ok
22:28:11.0442 1952 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
22:28:11.0442 1952 DPS - ok
22:28:11.0473 1952 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:28:11.0473 1952 drmkaud - ok
22:28:11.0536 1952 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:28:11.0551 1952 DXGKrnl - ok
22:28:11.0583 1952 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
22:28:11.0583 1952 EapHost - ok
22:28:11.0707 1952 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
22:28:11.0817 1952 ebdrv - ok
22:28:11.0863 1952 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
22:28:11.0863 1952 EFS - ok
22:28:11.0926 1952 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:28:11.0941 1952 elxstor - ok
22:28:11.0973 1952 [ CF460F454A0473E6C7AD846B94D8382A ] EMSC C:\Windows\system32\DRIVERS\EMSC.SYS
22:28:11.0973 1952 EMSC - ok
22:28:11.0988 1952 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:28:11.0988 1952 ErrDev - ok
22:28:12.0066 1952 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
22:28:12.0066 1952 EventSystem - ok
22:28:12.0097 1952 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
22:28:12.0097 1952 exfat - ok
22:28:12.0129 1952 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:28:12.0129 1952 fastfat - ok
22:28:12.0191 1952 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
22:28:12.0191 1952 Fax - ok
22:28:12.0222 1952 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:28:12.0222 1952 fdc - ok
22:28:12.0238 1952 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
22:28:12.0238 1952 fdPHost - ok
22:28:12.0269 1952 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
22:28:12.0269 1952 FDResPub - ok
22:28:12.0331 1952 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:28:12.0331 1952 FileInfo - ok
22:28:12.0347 1952 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:28:12.0347 1952 Filetrace - ok
22:28:12.0409 1952 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:28:12.0409 1952 flpydisk - ok
22:28:12.0456 1952 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:28:12.0472 1952 FltMgr - ok
22:28:12.0566 1952 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
22:28:12.0581 1952 FontCache - ok
22:28:12.0644 1952 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:28:12.0644 1952 FontCache3.0.0.0 - ok
22:28:12.0675 1952 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:28:12.0690 1952 FsDepends - ok
22:28:12.0722 1952 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:28:12.0722 1952 Fs_Rec - ok
22:28:12.0768 1952 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:28:12.0784 1952 fvevol - ok
22:28:12.0800 1952 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:28:12.0800 1952 gagp30kx - ok
22:28:12.0862 1952 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:28:12.0862 1952 GEARAspiWDM - ok
22:28:12.0940 1952 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
22:28:12.0940 1952 GoToAssist - ok
22:28:12.0987 1952 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
22:28:13.0002 1952 gpsvc - ok
22:28:13.0112 1952 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:28:13.0112 1952 gupdate - ok
22:28:13.0127 1952 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:28:13.0127 1952 gupdatem - ok
22:28:13.0143 1952 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:28:13.0143 1952 hcw85cir - ok
22:28:13.0174 1952 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:28:13.0190 1952 HdAudAddService - ok
22:28:13.0221 1952 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:28:13.0221 1952 HDAudBus - ok
22:28:13.0268 1952 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:28:13.0268 1952 HidBatt - ok
22:28:13.0283 1952 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:28:13.0283 1952 HidBth - ok
22:28:13.0314 1952 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:28:13.0314 1952 HidIr - ok
22:28:13.0346 1952 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
22:28:13.0346 1952 hidserv - ok
22:28:13.0408 1952 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
22:28:13.0408 1952 HidUsb - ok
22:28:13.0455 1952 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:28:13.0455 1952 hkmsvc - ok
22:28:13.0486 1952 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:28:13.0502 1952 HomeGroupListener - ok
22:28:13.0533 1952 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:28:13.0548 1952 HomeGroupProvider - ok
22:28:13.0564 1952 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:28:13.0564 1952 HpSAMD - ok
22:28:13.0611 1952 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:28:13.0626 1952 HTTP - ok
22:28:13.0658 1952 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:28:13.0673 1952 hwpolicy - ok
22:28:13.0689 1952 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:28:13.0689 1952 i8042prt - ok
22:28:13.0767 1952 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:28:13.0767 1952 iaStorV - ok
22:28:13.0845 1952 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:28:13.0845 1952 IDriverT - ok
22:28:13.0923 1952 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:28:13.0938 1952 idsvc - ok
22:28:14.0094 1952 [ BA41E1BBA410212CE6D30E0DAC47972B ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
22:28:14.0235 1952 igfx - ok
22:28:14.0266 1952 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:28:14.0266 1952 iirsp - ok
22:28:14.0313 1952 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
22:28:14.0328 1952 IKEEXT - ok
22:28:14.0484 1952 [ 4BE85CF5831A41104C2DDED55FBC3565 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:28:14.0578 1952 IntcAzAudAddService - ok
22:28:14.0609 1952 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
22:28:14.0609 1952 intelide - ok
22:28:14.0672 1952 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:28:14.0672 1952 intelppm - ok
22:28:14.0703 1952 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:28:14.0703 1952 IPBusEnum - ok
22:28:14.0750 1952 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:28:14.0750 1952 IpFilterDriver - ok
22:28:14.0765 1952 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:28:14.0765 1952 IPMIDRV - ok
22:28:14.0796 1952 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:28:14.0812 1952 IPNAT - ok
22:28:14.0906 1952 [ 6E27978A4755F4789F912F5F49392F7C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:28:14.0984 1952 iPod Service - ok
22:28:15.0015 1952 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:28:15.0015 1952 IRENUM - ok
22:28:15.0046 1952 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:28:15.0046 1952 isapnp - ok
22:28:15.0108 1952 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:28:15.0108 1952 iScsiPrt - ok
22:28:15.0140 1952 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
22:28:15.0140 1952 kbdclass - ok
22:28:15.0155 1952 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:28:15.0171 1952 kbdhid - ok
22:28:15.0202 1952 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
22:28:15.0218 1952 KeyIso - ok
22:28:15.0233 1952 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:28:15.0249 1952 KSecDD - ok
22:28:15.0264 1952 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:28:15.0280 1952 KSecPkg - ok
22:28:15.0311 1952 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
22:28:15.0327 1952 KtmRm - ok
22:28:15.0358 1952 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
22:28:15.0374 1952 LanmanServer - ok
22:28:15.0405 1952 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:28:15.0420 1952 LanmanWorkstation - ok
22:28:15.0467 1952 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:28:15.0467 1952 lltdio - ok
22:28:15.0545 1952 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:28:15.0592 1952 lltdsvc - ok
22:28:15.0670 1952 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
22:28:15.0670 1952 lmhosts - ok
22:28:15.0717 1952 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:28:15.0717 1952 LSI_FC - ok
22:28:15.0779 1952 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:28:15.0810 1952 LSI_SAS - ok
22:28:15.0857 1952 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:28:15.0857 1952 LSI_SAS2 - ok
22:28:15.0920 1952 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:28:15.0935 1952 LSI_SCSI - ok
22:28:15.0982 1952 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
22:28:15.0982 1952 luafv - ok
22:28:16.0044 1952 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:28:16.0044 1952 MBAMProtector - ok
22:28:16.0122 1952 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:28:16.0138 1952 MBAMScheduler - ok
22:28:16.0200 1952 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:28:16.0232 1952 MBAMService - ok
22:28:16.0263 1952 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:28:16.0263 1952 megasas - ok
22:28:16.0294 1952 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:28:16.0294 1952 MegaSR - ok
22:28:16.0325 1952 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
22:28:16.0341 1952 MMCSS - ok
22:28:16.0372 1952 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
22:28:16.0388 1952 Modem - ok
22:28:16.0466 1952 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:28:16.0466 1952 monitor - ok
22:28:16.0497 1952 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
22:28:16.0497 1952 mouclass - ok
22:28:16.0544 1952 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:28:16.0544 1952 mouhid - ok
22:28:16.0590 1952 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:28:16.0590 1952 mountmgr - ok
22:28:16.0622 1952 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
22:28:16.0622 1952 mpio - ok
22:28:16.0668 1952 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:28:16.0668 1952 mpsdrv - ok
22:28:16.0715 1952 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:28:16.0731 1952 MpsSvc - ok
22:28:16.0762 1952 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:28:16.0778 1952 MRxDAV - ok
22:28:16.0856 1952 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:28:16.0856 1952 mrxsmb - ok
22:28:16.0902 1952 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:28:16.0902 1952 mrxsmb10 - ok
22:28:16.0949 1952 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:28:16.0949 1952 mrxsmb20 - ok
22:28:17.0012 1952 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
22:28:17.0012 1952 msahci - ok
22:28:17.0043 1952 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:28:17.0043 1952 msdsm - ok
22:28:17.0058 1952 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
22:28:17.0074 1952 MSDTC - ok
22:28:17.0136 1952 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:28:17.0136 1952 Msfs - ok
22:28:17.0168 1952 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:28:17.0168 1952 mshidkmdf - ok
22:28:17.0183 1952 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:28:17.0183 1952 msisadrv - ok
22:28:17.0230 1952 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:28:17.0246 1952 MSiSCSI - ok
22:28:17.0246 1952 msiserver - ok
22:28:17.0292 1952 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:28:17.0292 1952 MSKSSRV - ok
22:28:17.0324 1952 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:28:17.0324 1952 MSPCLOCK - ok
22:28:17.0339 1952 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:28:17.0355 1952 MSPQM - ok
22:28:17.0386 1952 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:28:17.0386 1952 MsRPC - ok
22:28:17.0417 1952 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:28:17.0417 1952 mssmbios - ok
22:28:17.0464 1952 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:28:17.0464 1952 MSTEE - ok
22:28:17.0511 1952 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:28:17.0511 1952 MTConfig - ok
22:28:17.0542 1952 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
22:28:17.0542 1952 Mup - ok
22:28:17.0573 1952 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
22:28:17.0589 1952 napagent - ok
22:28:17.0636 1952 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:28:17.0636 1952 NativeWifiP - ok
22:28:17.0698 1952 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:28:17.0698 1952 NDIS - ok
22:28:17.0729 1952 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:28:17.0745 1952 NdisCap - ok
22:28:17.0760 1952 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:28:17.0776 1952 NdisTapi - ok
22:28:17.0807 1952 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:28:17.0807 1952 Ndisuio - ok
22:28:17.0838 1952 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:28:17.0838 1952 NdisWan - ok
22:28:17.0885 1952 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:28:17.0885 1952 NDProxy - ok
22:28:17.0948 1952 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:28:17.0948 1952 NetBIOS - ok
22:28:18.0026 1952 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:28:18.0026 1952 NetBT - ok
22:28:18.0057 1952 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
22:28:18.0057 1952 Netlogon - ok
22:28:18.0088 1952 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
22:28:18.0088 1952 Netman - ok
22:28:18.0119 1952 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
22:28:18.0135 1952 netprofm - ok
22:28:18.0182 1952 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:28:18.0182 1952 NetTcpPortSharing - ok
22:28:18.0228 1952 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:28:18.0228 1952 nfrd960 - ok
22:28:18.0244 1952 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:28:18.0260 1952 NlaSvc - ok
22:28:18.0447 1952 [ 5515E0CF93B8C726385F49D5B10FECEF ] NOBU C:\Program Files\Dell\Dell Datasafe Online\NOBuAgent.exe
22:28:18.0478 1952 NOBU - ok
22:28:18.0509 1952 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:28:18.0509 1952 Npfs - ok
22:28:18.0556 1952 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
22:28:18.0556 1952 nsi - ok
22:28:18.0603 1952 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:28:18.0603 1952 nsiproxy - ok
22:28:18.0696 1952 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:28:18.0728 1952 Ntfs - ok
22:28:18.0774 1952 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
22:28:18.0774 1952 Null - ok
22:28:18.0806 1952 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:28:18.0806 1952 nvraid - ok
22:28:18.0868 1952 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:28:18.0868 1952 nvstor - ok
22:28:18.0915 1952 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:28:18.0915 1952 nv_agp - ok
22:28:18.0946 1952 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:28:18.0946 1952 ohci1394 - ok
22:28:19.0008 1952 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:28:19.0008 1952 ose - ok
22:28:19.0180 1952 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:28:19.0336 1952 osppsvc - ok
22:28:19.0398 1952 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:28:19.0398 1952 p2pimsvc - ok
22:28:19.0445 1952 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
22:28:19.0445 1952 p2psvc - ok
22:28:19.0476 1952 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:28:19.0476 1952 Parport - ok
22:28:19.0554 1952 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:28:19.0554 1952 partmgr - ok
22:28:19.0586 1952 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
22:28:19.0586 1952 Parvdm - ok
22:28:19.0632 1952 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:28:19.0632 1952 PcaSvc - ok
22:28:19.0679 1952 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
22:28:19.0695 1952 pci - ok
22:28:19.0710 1952 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
22:28:19.0710 1952 pciide - ok
22:28:19.0757 1952 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:28:19.0757 1952 pcmcia - ok
22:28:19.0788 1952 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
22:28:19.0788 1952 pcw - ok
22:28:19.0866 1952 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:28:19.0882 1952 PEAUTH - ok
22:28:20.0022 1952 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
22:28:20.0054 1952 pla - ok
22:28:20.0100 1952 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:28:20.0100 1952 PlugPlay - ok
22:28:20.0132 1952 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:28:20.0132 1952 PNRPAutoReg - ok
22:28:20.0163 1952 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:28:20.0178 1952 PNRPsvc - ok
22:28:20.0225 1952 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:28:20.0241 1952 PolicyAgent - ok
22:28:20.0288 1952 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
22:28:20.0303 1952 Power - ok
22:28:20.0334 1952 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:28:20.0334 1952 PptpMiniport - ok
22:28:20.0412 1952 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:28:20.0412 1952 Processor - ok
22:28:20.0444 1952 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
22:28:20.0459 1952 ProfSvc - ok
22:28:20.0475 1952 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:28:20.0475 1952 ProtectedStorage - ok
22:28:20.0490 1952 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:28:20.0490 1952 Psched - ok
22:28:20.0568 1952 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
22:28:20.0568 1952 PSI - ok
22:28:20.0646 1952 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:28:20.0662 1952 ql2300 - ok
22:28:20.0693 1952 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:28:20.0693 1952 ql40xx - ok
22:28:20.0802 1952 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
22:28:20.0849 1952 QWAVE - ok
22:28:20.0896 1952 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:28:20.0896 1952 QWAVEdrv - ok
22:28:20.0927 1952 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:28:20.0927 1952 RasAcd - ok
22:28:20.0958 1952 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:28:20.0974 1952 RasAgileVpn - ok
22:28:20.0990 1952 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
22:28:21.0005 1952 RasAuto - ok
22:28:21.0036 1952 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:28:21.0036 1952 Rasl2tp - ok
22:28:21.0068 1952 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
22:28:21.0083 1952 RasMan - ok
22:28:21.0099 1952 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:28:21.0099 1952 RasPppoe - ok
22:28:21.0130 1952 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:28:21.0146 1952 RasSstp - ok
22:28:21.0192 1952 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:28:21.0192 1952 rdbss - ok
22:28:21.0224 1952 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:28:21.0224 1952 rdpbus - ok
22:28:21.0255 1952 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:28:21.0255 1952 RDPCDD - ok
22:28:21.0286 1952 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:28:21.0286 1952 RDPENCDD - ok
22:28:21.0317 1952 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:28:21.0317 1952 RDPREFMP - ok
22:28:21.0348 1952 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:28:21.0364 1952 RDPWD - ok
22:28:21.0411 1952 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:28:21.0411 1952 rdyboost - ok
22:28:21.0442 1952 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
22:28:21.0442 1952 RemoteAccess - ok
22:28:21.0489 1952 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:28:21.0489 1952 RemoteRegistry - ok
22:28:21.0504 1952 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:28:21.0504 1952 RFCOMM - ok
22:28:21.0536 1952 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:28:21.0536 1952 RpcEptMapper - ok
22:28:21.0582 1952 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
22:28:21.0582 1952 RpcLocator - ok
22:28:21.0614 1952 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
22:28:21.0614 1952 RpcSs - ok
22:28:21.0660 1952 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:28:21.0660 1952 rspndr - ok
22:28:21.0707 1952 [ A633399432491BB173BB3CF3B41B9C55 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
22:28:21.0707 1952 RSUSBSTOR - ok
22:28:21.0754 1952 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
22:28:21.0770 1952 RTL8167 - ok
22:28:21.0816 1952 [ 3862C682EEBDFE2B7CC44AEDC5B85254 ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
22:28:21.0832 1952 RTL8192Ce - ok
22:28:21.0848 1952 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
22:28:21.0848 1952 SamSs - ok
22:28:21.0894 1952 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:28:21.0894 1952 SASDIFSV - ok
22:28:21.0926 1952 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:28:21.0926 1952 SASKUTIL - ok
22:28:21.0957 1952 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:28:21.0957 1952 sbp2port - ok
22:28:22.0004 1952 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:28:22.0004 1952 SCardSvr - ok
22:28:22.0050 1952 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:28:22.0050 1952 scfilter - ok
22:28:22.0097 1952 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
22:28:22.0113 1952 Schedule - ok
22:28:22.0128 1952 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:28:22.0128 1952 SCPolicySvc - ok
22:28:22.0175 1952 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:28:22.0175 1952 SDRSVC - ok
22:28:22.0222 1952 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:28:22.0222 1952 secdrv - ok
22:28:22.0253 1952 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
22:28:22.0253 1952 seclogon - ok
22:28:22.0347 1952 [ 5B66DB4877BBAC9F7493AA8D84421E49 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
22:28:22.0362 1952 Secunia PSI Agent - ok
22:28:22.0409 1952 [ 0E88FDF474F2CDD370A4A6CE77D018F0 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
22:28:22.0425 1952 Secunia Update Agent - ok
22:28:22.0487 1952 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
22:28:22.0487 1952 SENS - ok
22:28:22.0550 1952 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:28:22.0550 1952 Serenum - ok
22:28:22.0550 1952 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:28:22.0565 1952 Serial - ok
22:28:22.0581 1952 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:28:22.0581 1952 sermouse - ok
22:28:22.0643 1952 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
22:28:22.0659 1952 SessionEnv - ok
22:28:22.0674 1952 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:28:22.0674 1952 sffdisk - ok
22:28:22.0737 1952 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:28:22.0737 1952 sffp_mmc - ok
22:28:22.0752 1952 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:28:22.0752 1952 sffp_sd - ok
22:28:22.0784 1952 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:28:22.0784 1952 sfloppy - ok
22:28:22.0830 1952 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
22:28:22.0846 1952 Sftfs - ok
22:28:22.0955 1952 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
22:28:23.0018 1952 sftlist - ok
22:28:23.0064 1952 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:28:23.0064 1952 Sftplay - ok
22:28:23.0096 1952 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:28:23.0111 1952 Sftredir - ok
22:28:23.0220 1952 [ 38F88F0DF46C4D42125EF721ABD7F6B9 ] SftService C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE
22:28:23.0236 1952 SftService - ok
22:28:23.0267 1952 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
22:28:23.0267 1952 Sftvol - ok
22:28:23.0314 1952 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
22:28:23.0314 1952 sftvsa - ok
22:28:23.0361 1952 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:28:23.0361 1952 SharedAccess - ok
22:28:23.0408 1952 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:28:23.0423 1952 ShellHWDetection - ok
22:28:23.0470 1952 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:28:23.0470 1952 sisagp - ok
22:28:23.0486 1952 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:28:23.0486 1952 SiSRaid2 - ok
22:28:23.0517 1952 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:28:23.0517 1952 SiSRaid4 - ok
22:28:23.0595 1952 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:28:23.0595 1952 SkypeUpdate - ok
22:28:23.0626 1952 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:28:23.0626 1952 Smb - ok
22:28:23.0673 1952 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:28:23.0673 1952 SNMPTRAP - ok
22:28:23.0688 1952 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
22:28:23.0704 1952 spldr - ok
22:28:23.0751 1952 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
22:28:23.0751 1952 Spooler - ok
22:28:23.0860 1952 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
22:28:23.0954 1952 sppsvc - ok
22:28:24.0000 1952 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:28:24.0000 1952 sppuinotify - ok
22:28:24.0047 1952 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:28:24.0063 1952 srv - ok
22:28:24.0094 1952 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:28:24.0125 1952 srv2 - ok
22:28:24.0156 1952 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:28:24.0156 1952 srvnet - ok
22:28:24.0188 1952 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:28:24.0203 1952 SSDPSRV - ok
22:28:24.0219 1952 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:28:24.0234 1952 SstpSvc - ok
22:28:24.0250 1952 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:28:24.0266 1952 stexstor - ok
22:28:24.0328 1952 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
22:28:24.0344 1952 StiSvc - ok
22:28:24.0359 1952 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
22:28:24.0375 1952 swenum - ok
22:28:24.0422 1952 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
22:28:24.0437 1952 swprv - ok
22:28:24.0531 1952 [ D7DC30B8B41E7A913C3FCCC0631E72EC ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:28:24.0531 1952 SynTP - ok
22:28:24.0593 1952 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
22:28:24.0624 1952 SysMain - ok
22:28:24.0656 1952 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:28:24.0671 1952 TabletInputService - ok
22:28:24.0718 1952 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
22:28:24.0734 1952 TapiSrv - ok
22:28:24.0765 1952 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
22:28:24.0765 1952 TBS - ok
22:28:24.0843 1952 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:28:24.0858 1952 Tcpip - ok
22:28:24.0936 1952 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:28:24.0936 1952 TCPIP6 - ok
22:28:24.0999 1952 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:28:24.0999 1952 tcpipreg - ok
22:28:25.0046 1952 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:28:25.0046 1952 TDPIPE - ok
22:28:25.0077 1952 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:28:25.0077 1952 TDTCP - ok
22:28:25.0124 1952 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:28:25.0124 1952 tdx - ok
22:28:25.0155 1952 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
22:28:25.0155 1952 TermDD - ok
22:28:25.0217 1952 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
22:28:25.0217 1952 TermService - ok
22:28:25.0264 1952 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
22:28:25.0264 1952 Themes - ok
22:28:25.0280 1952 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
22:28:25.0295 1952 THREADORDER - ok
22:28:25.0311 1952 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
22:28:25.0311 1952 TrkWks - ok
22:28:25.0389 1952 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:28:25.0389 1952 TrustedInstaller - ok
22:28:25.0420 1952 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:28:25.0420 1952 tssecsrv - ok
22:28:25.0467 1952 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:28:25.0467 1952 TsUsbFlt - ok
22:28:25.0529 1952 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:28:25.0529 1952 tunnel - ok
22:28:25.0560 1952 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:28:25.0560 1952 uagp35 - ok
22:28:25.0592 1952 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:28:25.0607 1952 udfs - ok
22:28:25.0638 1952 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:28:25.0654 1952 UI0Detect - ok
22:28:25.0670 1952 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:28:25.0685 1952 uliagpkx - ok
22:28:25.0732 1952 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
22:28:25.0732 1952 umbus - ok
22:28:25.0748 1952 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:28:25.0748 1952 UmPass - ok
22:28:25.0794 1952 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
22:28:25.0794 1952 upnphost - ok
22:28:25.0826 1952 [ 5C2BDC152BBAB34F36473DEAF7713F22 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
22:28:25.0826 1952 USBAAPL - ok
22:28:25.0872 1952 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:28:25.0872 1952 usbaudio - ok
22:28:25.0935 1952 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:28:25.0950 1952 usbccgp - ok
22:28:25.0982 1952 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:28:26.0028 1952 usbcir - ok
22:28:26.0091 1952 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:28:26.0091 1952 usbehci - ok
22:28:26.0106 1952 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:28:26.0122 1952 usbhub - ok
22:28:26.0153 1952 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:28:26.0153 1952 usbohci - ok
22:28:26.0200 1952 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:28:26.0200 1952 usbprint - ok
22:28:26.0309 1952 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:28:26.0309 1952 usbscan - ok
22:28:26.0372 1952 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:28:26.0387 1952 USBSTOR - ok
22:28:26.0434 1952 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:28:26.0434 1952 usbuhci - ok
22:28:26.0465 1952 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:28:26.0481 1952 usbvideo - ok
22:28:26.0512 1952 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
22:28:26.0528 1952 UxSms - ok
22:28:26.0559 1952 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
22:28:26.0559 1952 VaultSvc - ok
22:28:26.0652 1952 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:28:26.0652 1952 vdrvroot - ok
22:28:26.0777 1952 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
22:28:26.0793 1952 vds - ok
22:28:26.0840 1952 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:28:26.0855 1952 vga - ok
22:28:26.0886 1952 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:28:26.0886 1952 VgaSave - ok
22:28:26.0933 1952 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:28:26.0933 1952 vhdmp - ok
22:28:26.0964 1952 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:28:26.0964 1952 viaagp - ok
22:28:27.0027 1952 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
22:28:27.0027 1952 ViaC7 - ok
22:28:27.0058 1952 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
22:28:27.0058 1952 viaide - ok
22:28:27.0089 1952 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:28:27.0089 1952 volmgr - ok
22:28:27.0136 1952 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:28:27.0152 1952 volmgrx - ok
22:28:27.0183 1952 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:28:27.0198 1952 volsnap - ok
22:28:27.0245 1952 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:28:27.0261 1952 vsmraid - ok
22:28:27.0323 1952 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
22:28:27.0339 1952 VSS - ok
22:28:27.0370 1952 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:28:27.0370 1952 vwifibus - ok
22:28:27.0401 1952 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:28:27.0401 1952 vwififlt - ok
22:28:27.0448 1952 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
22:28:27.0464 1952 W32Time - ok
22:28:27.0479 1952 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:28:27.0479 1952 WacomPen - ok
22:28:27.0495 1952 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:28:27.0510 1952 WANARP - ok
22:28:27.0510 1952 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:28:27.0510 1952 Wanarpv6 - ok
22:28:27.0573 1952 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
22:28:27.0604 1952 wbengine - ok
22:28:27.0635 1952 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:28:27.0651 1952 WbioSrvc - ok
22:28:27.0698 1952 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:28:27.0713 1952 wcncsvc - ok
22:28:27.0744 1952 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:28:27.0744 1952 WcsPlugInService - ok
22:28:27.0776 1952 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:28:27.0776 1952 Wd - ok
22:28:27.0822 1952 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
22:28:27.0822 1952 WDC_SAM - ok
22:28:27.0854 1952 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:28:27.0869 1952 Wdf01000 - ok
22:28:27.0900 1952 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:28:27.0916 1952 WdiServiceHost - ok
22:28:27.0916 1952 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:28:27.0932 1952 WdiSystemHost - ok
22:28:27.0963 1952 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
22:28:27.0978 1952 WebClient - ok
22:28:28.0010 1952 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:28:28.0025 1952 Wecsvc - ok
22:28:28.0041 1952 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:28:28.0041 1952 wercplsupport - ok
22:28:28.0056 1952 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
22:28:28.0072 1952 WerSvc - ok
22:28:28.0119 1952 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:28:28.0119 1952 WfpLwf - ok
22:28:28.0181 1952 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
22:28:28.0181 1952 WimFltr - ok
22:28:28.0197 1952 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:28:28.0197 1952 WIMMount - ok
22:28:28.0306 1952 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:28:28.0306 1952 WinDefend - ok
22:28:28.0322 1952 WinHttpAutoProxySvc - ok
22:28:28.0384 1952 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:28:28.0415 1952 Winmgmt - ok
22:28:28.0493 1952 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
22:28:28.0509 1952 WinRM - ok
22:28:28.0571 1952 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:28:28.0587 1952 WinUsb - ok
22:28:28.0634 1952 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:28:28.0649 1952 Wlansvc - ok
22:28:28.0665 1952 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:28:28.0680 1952 WmiAcpi - ok
22:28:28.0712 1952 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:28:28.0712 1952 wmiApSrv - ok
22:28:28.0805 1952 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:28:28.0821 1952 WMPNetworkSvc - ok
22:28:28.0852 1952 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:28:28.0868 1952 WPCSvc - ok
22:28:28.0899 1952 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:28:28.0914 1952 WPDBusEnum - ok
22:28:28.0946 1952 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:28:28.0946 1952 ws2ifsl - ok
22:28:29.0008 1952 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
22:28:29.0024 1952 wscsvc - ok
22:28:29.0039 1952 WSearch - ok
22:28:29.0133 1952 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
22:28:29.0164 1952 wuauserv - ok
22:28:29.0180 1952 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:28:29.0195 1952 WudfPf - ok
22:28:29.0226 1952 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:28:29.0226 1952 WUDFRd - ok
22:28:29.0258 1952 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:28:29.0258 1952 wudfsvc - ok
22:28:29.0289 1952 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
22:28:29.0304 1952 WwanSvc - ok
22:28:29.0336 1952 ================ Scan global ===============================
22:28:29.0414 1952 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
22:28:29.0460 1952 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
22:28:29.0476 1952 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
22:28:29.0507 1952 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
22:28:29.0538 1952 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
22:28:29.0554 1952 [Global] - ok
22:28:29.0554 1952 ================ Scan MBR ==================================
22:28:29.0570 1952 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:28:30.0646 1952 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:28:30.0646 1952 \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:28:30.0646 1952 ================ Scan VBR ==================================
22:28:30.0693 1952 [ 215570AF190E693DC59FCFEB3CC7B9C2 ] \Device\Harddisk0\DR0\Partition1
22:28:30.0693 1952 \Device\Harddisk0\DR0\Partition1 - ok
22:28:30.0708 1952 [ E04FE59B1FD52F057DB6E865A1E0E50D ] \Device\Harddisk0\DR0\Partition2
22:28:30.0708 1952 \Device\Harddisk0\DR0\Partition2 - ok
22:28:30.0708 1952 ============================================================
22:28:30.0708 1952 Scan finished
22:28:30.0708 1952 ============================================================
22:28:30.0740 0872 Detected object count: 1
22:28:30.0740 0872 Actual detected object count: 1



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-13 22:36:16
-----------------------------
22:36:16.721 OS Version: Windows 6.1.7601 Service Pack 1
22:36:16.721 Number of processors: 2 586 0x1C0A
22:36:16.721 ComputerName: BRONSON-PC UserName: bronson
22:37:01.041 Initialize success
22:39:14.608 AVAST engine defs: 12101301
22:40:08.288 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:40:08.288 Disk 0 Vendor: TOSHIBA_MK2565GSX GJ002D Size: 238475MB BusType: 11
22:40:08.319 Disk 0 MBR read successfully
22:40:08.335 Disk 0 MBR scan
22:40:08.366 Disk 0 Windows 7 default MBR code
22:40:08.382 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
22:40:08.413 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10000 MB offset 206848
22:40:08.444 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 228373 MB offset 20686848
22:40:08.475 Disk 0 scanning sectors +488395120
22:40:08.585 Disk 0 scanning C:\Windows\system32\drivers
22:40:26.946 Service scanning
22:40:27.710 Service .afd \? **LOCKED** 123
22:40:27.773 Service .avgtdix \? **LOCKED** 123
22:40:27.835 Service .netbt \? **LOCKED** 123
22:41:14.526 Modules scanning
22:41:28.332 Disk 0 trace - called modules:
22:41:28.348 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys SynTP.sys mouclass.sys
22:41:28.348 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84b38828]
22:41:28.348 3 CLASSPNP.SYS[8719759e] -> nt!IofCallDriver -> [0x84a41900]
22:41:28.348 5 ACPI.sys[86ca13d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84a53030]
22:41:28.956 AVAST engine scan C:\Windows
22:41:33.324 AVAST engine scan C:\Windows\system32
22:46:18.087 AVAST engine scan C:\Windows\system32\drivers
22:46:38.975 AVAST engine scan C:\Users\bronson
22:51:06.157 AVAST engine scan C:\ProgramData
22:53:07.606 Scan finished successfully
22:57:19.066 Disk 0 MBR has been saved successfully to "C:\Users\bronson\Documents\MBR.dat"
22:57:19.081 The log file has been saved successfully to "C:\Users\bronson\Documents\aswMBR.txt"


No threats found with ESET

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:21 AM

Posted 14 October 2012 - 07:46 AM

Launch TDSSKiller again and select DELETE

22:28:30.0646 1952 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#7 richirene

richirene
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 14 October 2012 - 04:14 PM

10:34:29.0767 3460 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
10:34:30.0313 3460 ============================================================
10:34:30.0313 3460 Current date / time: 2012/10/14 10:34:30.0313
10:34:30.0313 3460 SystemInfo:
10:34:30.0313 3460
10:34:30.0313 3460 OS Version: 6.1.7601 ServicePack: 1.0
10:34:30.0313 3460 Product type: Workstation
10:34:30.0313 3460 ComputerName: BRONSON-PC
10:34:30.0313 3460 UserName: bronson
10:34:30.0313 3460 Windows directory: C:\Windows
10:34:30.0313 3460 System windows directory: C:\Windows
10:34:30.0313 3460 Processor architecture: Intel x86
10:34:30.0313 3460 Number of processors: 2
10:34:30.0313 3460 Page size: 0x1000
10:34:30.0313 3460 Boot type: Safe boot with network
10:34:30.0313 3460 ============================================================
10:34:31.0888 3460 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:34:31.0888 3460 ============================================================
10:34:31.0888 3460 \Device\Harddisk0\DR0:
10:34:31.0888 3460 MBR partitions:
10:34:31.0888 3460 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1388000
10:34:31.0888 3460 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13BA800, BlocksNum 0x1BE0A970
10:34:31.0888 3460 ============================================================
10:34:31.0935 3460 C: <-> \Device\Harddisk0\DR0\Partition2
10:34:31.0951 3460 ============================================================
10:34:31.0951 3460 Initialize success
10:34:31.0951 3460 ============================================================
10:34:46.0162 1828 ============================================================
10:34:46.0162 1828 Scan started
10:34:46.0162 1828 Mode: Manual; TDLFS;
10:34:46.0162 1828 ============================================================
10:34:46.0646 1828 ================ Scan system memory ========================
10:34:46.0646 1828 System memory - ok
10:34:46.0646 1828 ================ Scan services =============================
10:34:46.0739 1828 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
10:34:46.0739 1828 !SASCORE - ok
10:34:46.0771 1828 .afd - ok
10:34:46.0817 1828 .avgtdix - ok
10:34:46.0880 1828 .netbt - ok
10:34:47.0036 1828 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:34:47.0036 1828 1394ohci - ok
10:34:47.0083 1828 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:34:47.0083 1828 ACPI - ok
10:34:47.0114 1828 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:34:47.0114 1828 AcpiPmi - ok
10:34:47.0207 1828 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:34:47.0207 1828 AdobeARMservice - ok
10:34:47.0332 1828 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:34:47.0332 1828 AdobeFlashPlayerUpdateSvc - ok
10:34:47.0379 1828 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:34:47.0379 1828 adp94xx - ok
10:34:47.0457 1828 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:34:47.0457 1828 adpahci - ok
10:34:47.0504 1828 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:34:47.0504 1828 adpu320 - ok
10:34:47.0551 1828 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:34:47.0551 1828 AeLookupSvc - ok
10:34:47.0660 1828 [ A6CE73469591554279DA63BE715DBC93 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
10:34:47.0660 1828 AERTFilters - ok
10:34:47.0722 1828 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
10:34:47.0738 1828 AFD - ok
10:34:47.0769 1828 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
10:34:47.0769 1828 agp440 - ok
10:34:47.0831 1828 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
10:34:47.0831 1828 aic78xx - ok
10:34:47.0878 1828 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
10:34:47.0878 1828 ALG - ok
10:34:47.0909 1828 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
10:34:47.0925 1828 aliide - ok
10:34:47.0956 1828 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
10:34:47.0956 1828 amdagp - ok
10:34:47.0987 1828 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
10:34:47.0987 1828 amdide - ok
10:34:48.0003 1828 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:34:48.0003 1828 AmdK8 - ok
10:34:48.0034 1828 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:34:48.0034 1828 AmdPPM - ok
10:34:48.0097 1828 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:34:48.0097 1828 amdsata - ok
10:34:48.0128 1828 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:34:48.0128 1828 amdsbs - ok
10:34:48.0175 1828 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:34:48.0175 1828 amdxata - ok
10:34:48.0206 1828 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
10:34:48.0206 1828 AppID - ok
10:34:48.0253 1828 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:34:48.0253 1828 AppIDSvc - ok
10:34:48.0284 1828 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
10:34:48.0284 1828 Appinfo - ok
10:34:48.0393 1828 [ 018857EAD9A077A56AEDFC0E5EF7A24A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:34:48.0393 1828 Apple Mobile Device - ok
10:34:48.0455 1828 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:34:48.0455 1828 arc - ok
10:34:48.0518 1828 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:34:48.0518 1828 arcsas - ok
10:34:48.0565 1828 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:34:48.0565 1828 AsyncMac - ok
10:34:48.0596 1828 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
10:34:48.0596 1828 atapi - ok
10:34:48.0674 1828 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:34:48.0674 1828 AudioEndpointBuilder - ok
10:34:48.0689 1828 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
10:34:48.0705 1828 Audiosrv - ok
10:34:48.0986 1828 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
10:34:49.0157 1828 AVGIDSAgent - ok
10:34:49.0220 1828 [ 2F47851015D8837976E481F6DAA46A67 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
10:34:49.0220 1828 AVGIDSDriver - ok
10:34:49.0267 1828 [ 303BDE0DCDC04CE597C6C1CD06C6F186 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
10:34:49.0267 1828 AVGIDSHX - ok
10:34:49.0298 1828 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
10:34:49.0313 1828 AVGIDSShim - ok
10:34:49.0345 1828 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
10:34:49.0345 1828 Avgldx86 - ok
10:34:49.0391 1828 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
10:34:49.0407 1828 Avglogx - ok
10:34:49.0454 1828 [ 6DF7236D3A16C8417FF72F2EB2ADD244 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
10:34:49.0454 1828 Avgmfx86 - ok
10:34:49.0516 1828 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
10:34:49.0516 1828 Avgrkx86 - ok
10:34:49.0563 1828 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
10:34:49.0563 1828 Avgtdix - ok
10:34:49.0610 1828 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
10:34:49.0610 1828 avgwd - ok
10:34:49.0657 1828 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:34:49.0672 1828 AxInstSV - ok
10:34:49.0735 1828 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
10:34:49.0735 1828 b06bdrv - ok
10:34:49.0766 1828 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
10:34:49.0766 1828 b57nd60x - ok
10:34:49.0906 1828 [ 2ED050291BC1D7F9E322E328DB3AAECF ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
10:34:49.0906 1828 BBSvc - ok
10:34:49.0937 1828 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
10:34:49.0937 1828 BBUpdate - ok
10:34:49.0984 1828 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
10:34:49.0984 1828 BDESVC - ok
10:34:50.0047 1828 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
10:34:50.0047 1828 Beep - ok
10:34:50.0125 1828 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
10:34:50.0125 1828 BFE - ok
10:34:50.0203 1828 [ 1B63F2B7CA6B5290CC124CDD07520BC9 ] BingDesktopUpdate C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
10:34:50.0203 1828 BingDesktopUpdate - ok
10:34:50.0281 1828 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
10:34:50.0296 1828 BITS - ok
10:34:50.0359 1828 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:34:50.0359 1828 blbdrive - ok
10:34:50.0437 1828 [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:34:50.0437 1828 Bonjour Service - ok
10:34:50.0499 1828 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:34:50.0499 1828 bowser - ok
10:34:50.0515 1828 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:34:50.0515 1828 BrFiltLo - ok
10:34:50.0546 1828 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:34:50.0561 1828 BrFiltUp - ok
10:34:50.0624 1828 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
10:34:50.0624 1828 BridgeMP - ok
10:34:50.0671 1828 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
10:34:50.0686 1828 Browser - ok
10:34:50.0733 1828 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:34:50.0749 1828 Brserid - ok
10:34:50.0764 1828 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:34:50.0764 1828 BrSerWdm - ok
10:34:50.0795 1828 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:34:50.0795 1828 BrUsbMdm - ok
10:34:50.0827 1828 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:34:50.0827 1828 BrUsbSer - ok
10:34:50.0873 1828 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:34:50.0873 1828 BthEnum - ok
10:34:50.0936 1828 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:34:50.0936 1828 BTHMODEM - ok
10:34:50.0967 1828 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:34:50.0967 1828 BthPan - ok
10:34:51.0029 1828 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:34:51.0029 1828 BTHPORT - ok
10:34:51.0076 1828 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
10:34:51.0076 1828 bthserv - ok
10:34:51.0123 1828 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:34:51.0123 1828 BTHUSB - ok
10:34:51.0170 1828 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:34:51.0170 1828 cdfs - ok
10:34:51.0185 1828 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:34:51.0201 1828 cdrom - ok
10:34:51.0248 1828 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
10:34:51.0248 1828 CertPropSvc - ok
10:34:51.0310 1828 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:34:51.0310 1828 circlass - ok
10:34:51.0373 1828 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
10:34:51.0388 1828 CLFS - ok
10:34:51.0482 1828 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:34:51.0482 1828 clr_optimization_v2.0.50727_32 - ok
10:34:51.0591 1828 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:34:51.0591 1828 clr_optimization_v4.0.30319_32 - ok
10:34:51.0622 1828 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:34:51.0622 1828 CmBatt - ok
10:34:51.0653 1828 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:34:51.0653 1828 cmdide - ok
10:34:51.0700 1828 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
10:34:51.0716 1828 CNG - ok
10:34:51.0747 1828 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:34:51.0747 1828 Compbatt - ok
10:34:51.0794 1828 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:34:51.0794 1828 CompositeBus - ok
10:34:51.0809 1828 COMSysApp - ok
10:34:51.0841 1828 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:34:51.0841 1828 crcdisk - ok
10:34:51.0903 1828 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:34:51.0903 1828 CryptSvc - ok
10:34:51.0934 1828 [ 0F538DF1673E5216F3BAACB6911D9D0F ] CtAudDrv C:\Windows\system32\Drivers\CtAudDrv.sys
10:34:51.0934 1828 CtAudDrv - ok
10:34:51.0981 1828 [ CEBA8413F9B2C73A4E9E16DBD127DC25 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
10:34:51.0981 1828 CtClsFlt - ok
10:34:52.0106 1828 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:34:52.0121 1828 cvhsvc - ok
10:34:52.0168 1828 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
10:34:52.0184 1828 DcomLaunch - ok
10:34:52.0215 1828 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
10:34:52.0215 1828 defragsvc - ok
10:34:52.0277 1828 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:34:52.0277 1828 DfsC - ok
10:34:52.0324 1828 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:34:52.0324 1828 Dhcp - ok
10:34:52.0355 1828 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
10:34:52.0355 1828 discache - ok
10:34:52.0387 1828 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:34:52.0387 1828 Disk - ok
10:34:52.0433 1828 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:34:52.0433 1828 Dnscache - ok
10:34:52.0558 1828 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
10:34:52.0558 1828 DockLoginService - ok
10:34:52.0621 1828 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
10:34:52.0621 1828 dot3svc - ok
10:34:52.0652 1828 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
10:34:52.0652 1828 DPS - ok
10:34:52.0683 1828 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:34:52.0683 1828 drmkaud - ok
10:34:52.0761 1828 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:34:52.0777 1828 DXGKrnl - ok
10:34:52.0808 1828 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
10:34:52.0808 1828 EapHost - ok
10:34:52.0964 1828 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
10:34:53.0026 1828 ebdrv - ok
10:34:53.0073 1828 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
10:34:53.0089 1828 EFS - ok
10:34:53.0151 1828 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:34:53.0151 1828 elxstor - ok
10:34:53.0182 1828 [ CF460F454A0473E6C7AD846B94D8382A ] EMSC C:\Windows\system32\DRIVERS\EMSC.SYS
10:34:53.0182 1828 EMSC - ok
10:34:53.0198 1828 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:34:53.0198 1828 ErrDev - ok
10:34:53.0307 1828 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
10:34:53.0307 1828 EventSystem - ok
10:34:53.0338 1828 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
10:34:53.0338 1828 exfat - ok
10:34:53.0369 1828 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:34:53.0369 1828 fastfat - ok
10:34:53.0432 1828 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
10:34:53.0447 1828 Fax - ok
10:34:53.0479 1828 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:34:53.0479 1828 fdc - ok
10:34:53.0510 1828 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
10:34:53.0510 1828 fdPHost - ok
10:34:53.0541 1828 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
10:34:53.0541 1828 FDResPub - ok
10:34:53.0603 1828 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:34:53.0603 1828 FileInfo - ok
10:34:53.0635 1828 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:34:53.0635 1828 Filetrace - ok
10:34:53.0681 1828 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:34:53.0681 1828 flpydisk - ok
10:34:53.0728 1828 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:34:53.0728 1828 FltMgr - ok
10:34:53.0806 1828 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
10:34:53.0806 1828 FontCache - ok
10:34:53.0869 1828 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:34:53.0884 1828 FontCache3.0.0.0 - ok
10:34:53.0931 1828 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:34:53.0931 1828 FsDepends - ok
10:34:53.0978 1828 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:34:53.0978 1828 Fs_Rec - ok
10:34:54.0025 1828 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:34:54.0025 1828 fvevol - ok
10:34:54.0040 1828 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:34:54.0040 1828 gagp30kx - ok
10:34:54.0118 1828 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:34:54.0134 1828 GEARAspiWDM - ok
10:34:54.0227 1828 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
10:34:54.0227 1828 GoToAssist - ok
10:34:54.0274 1828 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
10:34:54.0274 1828 gpsvc - ok
10:34:54.0383 1828 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:34:54.0383 1828 gupdate - ok
10:34:54.0399 1828 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:34:54.0399 1828 gupdatem - ok
10:34:54.0430 1828 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:34:54.0430 1828 hcw85cir - ok
10:34:54.0477 1828 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:34:54.0493 1828 HdAudAddService - ok
10:34:54.0524 1828 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:34:54.0539 1828 HDAudBus - ok
10:34:54.0571 1828 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:34:54.0571 1828 HidBatt - ok
10:34:54.0602 1828 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:34:54.0602 1828 HidBth - ok
10:34:54.0633 1828 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:34:54.0633 1828 HidIr - ok
10:34:54.0664 1828 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
10:34:54.0680 1828 hidserv - ok
10:34:54.0742 1828 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
10:34:54.0742 1828 HidUsb - ok
10:34:54.0805 1828 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:34:54.0805 1828 hkmsvc - ok
10:34:54.0836 1828 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:34:54.0836 1828 HomeGroupListener - ok
10:34:54.0883 1828 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:34:54.0898 1828 HomeGroupProvider - ok
10:34:54.0914 1828 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:34:54.0914 1828 HpSAMD - ok
10:34:54.0961 1828 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:34:54.0976 1828 HTTP - ok
10:34:55.0007 1828 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:34:55.0007 1828 hwpolicy - ok
10:34:55.0039 1828 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:34:55.0039 1828 i8042prt - ok
10:34:55.0101 1828 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:34:55.0117 1828 iaStorV - ok
10:34:55.0179 1828 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:34:55.0179 1828 IDriverT - ok
10:34:55.0257 1828 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:34:55.0273 1828 idsvc - ok
10:34:55.0444 1828 [ BA41E1BBA410212CE6D30E0DAC47972B ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
10:34:55.0585 1828 igfx - ok
10:34:55.0600 1828 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:34:55.0616 1828 iirsp - ok
10:34:55.0663 1828 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
10:34:55.0678 1828 IKEEXT - ok
10:34:55.0834 1828 [ 4BE85CF5831A41104C2DDED55FBC3565 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
10:34:55.0897 1828 IntcAzAudAddService - ok
10:34:55.0912 1828 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
10:34:55.0912 1828 intelide - ok
10:34:55.0975 1828 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:34:55.0975 1828 intelppm - ok
10:34:56.0006 1828 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:34:56.0021 1828 IPBusEnum - ok
10:34:56.0053 1828 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:34:56.0053 1828 IpFilterDriver - ok
10:34:56.0068 1828 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:34:56.0068 1828 IPMIDRV - ok
10:34:56.0115 1828 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:34:56.0115 1828 IPNAT - ok
10:34:56.0224 1828 [ 6E27978A4755F4789F912F5F49392F7C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:34:56.0240 1828 iPod Service - ok
10:34:56.0255 1828 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:34:56.0255 1828 IRENUM - ok
10:34:56.0302 1828 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:34:56.0302 1828 isapnp - ok
10:34:56.0349 1828 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:34:56.0349 1828 iScsiPrt - ok
10:34:56.0380 1828 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:34:56.0380 1828 kbdclass - ok
10:34:56.0411 1828 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:34:56.0411 1828 kbdhid - ok
10:34:56.0427 1828 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
10:34:56.0443 1828 KeyIso - ok
10:34:56.0474 1828 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:34:56.0474 1828 KSecDD - ok
10:34:56.0505 1828 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:34:56.0505 1828 KSecPkg - ok
10:34:56.0552 1828 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
10:34:56.0567 1828 KtmRm - ok
10:34:56.0614 1828 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
10:34:56.0614 1828 LanmanServer - ok
10:34:56.0661 1828 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:34:56.0677 1828 LanmanWorkstation - ok
10:34:56.0723 1828 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:34:56.0723 1828 lltdio - ok
10:34:56.0770 1828 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:34:56.0770 1828 lltdsvc - ok
10:34:56.0801 1828 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
10:34:56.0801 1828 lmhosts - ok
10:34:56.0864 1828 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:34:56.0864 1828 LSI_FC - ok
10:34:56.0879 1828 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:34:56.0879 1828 LSI_SAS - ok
10:34:56.0911 1828 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:34:56.0911 1828 LSI_SAS2 - ok
10:34:56.0989 1828 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:34:56.0989 1828 LSI_SCSI - ok
10:34:57.0020 1828 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
10:34:57.0020 1828 luafv - ok
10:34:57.0082 1828 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:34:57.0082 1828 MBAMProtector - ok
10:34:57.0145 1828 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:34:57.0160 1828 MBAMScheduler - ok
10:34:57.0238 1828 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:34:57.0254 1828 MBAMService - ok
10:34:57.0285 1828 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:34:57.0285 1828 megasas - ok
10:34:57.0316 1828 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:34:57.0316 1828 MegaSR - ok
10:34:57.0363 1828 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
10:34:57.0363 1828 MMCSS - ok
10:34:57.0394 1828 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
10:34:57.0394 1828 Modem - ok
10:34:57.0457 1828 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:34:57.0472 1828 monitor - ok
10:34:57.0488 1828 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
10:34:57.0488 1828 mouclass - ok
10:34:57.0503 1828 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:34:57.0503 1828 mouhid - ok
10:34:57.0566 1828 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:34:57.0566 1828 mountmgr - ok
10:34:57.0613 1828 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
10:34:57.0613 1828 mpio - ok
10:34:57.0659 1828 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:34:57.0659 1828 mpsdrv - ok
10:34:57.0722 1828 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:34:57.0722 1828 MpsSvc - ok
10:34:57.0769 1828 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:34:57.0769 1828 MRxDAV - ok
10:34:57.0831 1828 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:34:57.0831 1828 mrxsmb - ok
10:34:57.0893 1828 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:34:57.0893 1828 mrxsmb10 - ok
10:34:57.0940 1828 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:34:57.0940 1828 mrxsmb20 - ok
10:34:57.0987 1828 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
10:34:57.0987 1828 msahci - ok
10:34:58.0034 1828 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:34:58.0034 1828 msdsm - ok
10:34:58.0065 1828 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
10:34:58.0065 1828 MSDTC - ok
10:34:58.0127 1828 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:34:58.0127 1828 Msfs - ok
10:34:58.0159 1828 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:34:58.0159 1828 mshidkmdf - ok
10:34:58.0174 1828 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:34:58.0174 1828 msisadrv - ok
10:34:58.0221 1828 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:34:58.0237 1828 MSiSCSI - ok
10:34:58.0237 1828 msiserver - ok
10:34:58.0283 1828 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:34:58.0283 1828 MSKSSRV - ok
10:34:58.0315 1828 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:34:58.0315 1828 MSPCLOCK - ok
10:34:58.0330 1828 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:34:58.0330 1828 MSPQM - ok
10:34:58.0361 1828 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:34:58.0361 1828 MsRPC - ok
10:34:58.0408 1828 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:34:58.0408 1828 mssmbios - ok
10:34:58.0439 1828 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:34:58.0439 1828 MSTEE - ok
10:34:58.0502 1828 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:34:58.0502 1828 MTConfig - ok
10:34:58.0533 1828 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
10:34:58.0533 1828 Mup - ok
10:34:58.0564 1828 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
10:34:58.0580 1828 napagent - ok
10:34:58.0627 1828 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:34:58.0627 1828 NativeWifiP - ok
10:34:58.0689 1828 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:34:58.0689 1828 NDIS - ok
10:34:58.0736 1828 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:34:58.0736 1828 NdisCap - ok
10:34:58.0767 1828 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:34:58.0767 1828 NdisTapi - ok
10:34:58.0814 1828 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:34:58.0814 1828 Ndisuio - ok
10:34:58.0861 1828 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:34:58.0861 1828 NdisWan - ok
10:34:58.0892 1828 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:34:58.0892 1828 NDProxy - ok
10:34:58.0939 1828 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:34:58.0939 1828 NetBIOS - ok
10:34:59.0001 1828 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:34:59.0001 1828 NetBT - ok
10:34:59.0017 1828 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
10:34:59.0032 1828 Netlogon - ok
10:34:59.0063 1828 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
10:34:59.0063 1828 Netman - ok
10:34:59.0095 1828 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
10:34:59.0110 1828 netprofm - ok
10:34:59.0141 1828 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:34:59.0141 1828 NetTcpPortSharing - ok
10:34:59.0173 1828 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:34:59.0173 1828 nfrd960 - ok
10:34:59.0204 1828 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:34:59.0219 1828 NlaSvc - ok
10:34:59.0360 1828 [ 5515E0CF93B8C726385F49D5B10FECEF ] NOBU C:\Program Files\Dell\Dell Datasafe Online\NOBuAgent.exe
10:34:59.0391 1828 NOBU - ok
10:34:59.0422 1828 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:34:59.0422 1828 Npfs - ok
10:34:59.0453 1828 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
10:34:59.0469 1828 nsi - ok
10:34:59.0500 1828 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:34:59.0500 1828 nsiproxy - ok
10:34:59.0594 1828 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:34:59.0609 1828 Ntfs - ok
10:34:59.0641 1828 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
10:34:59.0656 1828 Null - ok
10:34:59.0672 1828 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:34:59.0687 1828 nvraid - ok
10:34:59.0750 1828 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:34:59.0750 1828 nvstor - ok
10:34:59.0781 1828 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:34:59.0781 1828 nv_agp - ok
10:34:59.0812 1828 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:34:59.0812 1828 ohci1394 - ok
10:34:59.0875 1828 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:34:59.0875 1828 ose - ok
10:35:00.0046 1828 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:35:00.0171 1828 osppsvc - ok
10:35:00.0218 1828 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:35:00.0233 1828 p2pimsvc - ok
10:35:00.0249 1828 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
10:35:00.0265 1828 p2psvc - ok
10:35:00.0296 1828 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:35:00.0296 1828 Parport - ok
10:35:00.0327 1828 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:35:00.0327 1828 partmgr - ok
10:35:00.0374 1828 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
10:35:00.0374 1828 Parvdm - ok
10:35:00.0421 1828 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:35:00.0421 1828 PcaSvc - ok
10:35:00.0483 1828 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
10:35:00.0499 1828 pci - ok
10:35:00.0530 1828 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
10:35:00.0530 1828 pciide - ok
10:35:00.0577 1828 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:35:00.0577 1828 pcmcia - ok
10:35:00.0623 1828 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
10:35:00.0623 1828 pcw - ok
10:35:00.0670 1828 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:35:00.0670 1828 PEAUTH - ok
10:35:00.0795 1828 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
10:35:00.0811 1828 pla - ok
10:35:00.0857 1828 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:35:00.0873 1828 PlugPlay - ok
10:35:00.0904 1828 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:35:00.0920 1828 PNRPAutoReg - ok
10:35:00.0951 1828 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:35:00.0951 1828 PNRPsvc - ok
10:35:01.0013 1828 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:35:01.0013 1828 PolicyAgent - ok
10:35:01.0060 1828 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
10:35:01.0076 1828 Power - ok
10:35:01.0107 1828 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:35:01.0107 1828 PptpMiniport - ok
10:35:01.0169 1828 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:35:01.0169 1828 Processor - ok
10:35:01.0216 1828 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
10:35:01.0216 1828 ProfSvc - ok
10:35:01.0232 1828 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:35:01.0232 1828 ProtectedStorage - ok
10:35:01.0263 1828 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:35:01.0263 1828 Psched - ok
10:35:01.0325 1828 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
10:35:01.0325 1828 PSI - ok
10:35:01.0388 1828 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:35:01.0419 1828 ql2300 - ok
10:35:01.0435 1828 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:35:01.0435 1828 ql40xx - ok
10:35:01.0481 1828 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
10:35:01.0481 1828 QWAVE - ok
10:35:01.0528 1828 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:35:01.0528 1828 QWAVEdrv - ok
10:35:01.0559 1828 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:35:01.0559 1828 RasAcd - ok
10:35:01.0591 1828 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:35:01.0591 1828 RasAgileVpn - ok
10:35:01.0637 1828 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
10:35:01.0653 1828 RasAuto - ok
10:35:01.0684 1828 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:35:01.0684 1828 Rasl2tp - ok
10:35:01.0747 1828 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
10:35:01.0747 1828 RasMan - ok
10:35:01.0778 1828 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:35:01.0778 1828 RasPppoe - ok
10:35:01.0809 1828 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:35:01.0809 1828 RasSstp - ok
10:35:01.0871 1828 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:35:01.0871 1828 rdbss - ok
10:35:01.0903 1828 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:35:01.0903 1828 rdpbus - ok
10:35:01.0934 1828 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:35:01.0934 1828 RDPCDD - ok
10:35:01.0981 1828 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:35:01.0981 1828 RDPENCDD - ok
10:35:02.0043 1828 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:35:02.0043 1828 RDPREFMP - ok
10:35:02.0090 1828 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:35:02.0090 1828 RDPWD - ok
10:35:02.0137 1828 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:35:02.0137 1828 rdyboost - ok
10:35:02.0183 1828 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
10:35:02.0183 1828 RemoteAccess - ok
10:35:02.0215 1828 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:35:02.0230 1828 RemoteRegistry - ok
10:35:02.0246 1828 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:35:02.0246 1828 RFCOMM - ok
10:35:02.0277 1828 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:35:02.0277 1828 RpcEptMapper - ok
10:35:02.0308 1828 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
10:35:02.0308 1828 RpcLocator - ok
10:35:02.0355 1828 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
10:35:02.0355 1828 RpcSs - ok
10:35:02.0417 1828 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:35:02.0417 1828 rspndr - ok
10:35:02.0464 1828 [ A633399432491BB173BB3CF3B41B9C55 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
10:35:02.0464 1828 RSUSBSTOR - ok
10:35:02.0527 1828 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
10:35:02.0527 1828 RTL8167 - ok
10:35:02.0589 1828 [ 3862C682EEBDFE2B7CC44AEDC5B85254 ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
10:35:02.0605 1828 RTL8192Ce - ok
10:35:02.0620 1828 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
10:35:02.0620 1828 SamSs - ok
10:35:02.0667 1828 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
10:35:02.0667 1828 SASDIFSV - ok
10:35:02.0698 1828 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
10:35:02.0698 1828 SASKUTIL - ok
10:35:02.0729 1828 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:35:02.0729 1828 sbp2port - ok
10:35:02.0776 1828 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:35:02.0792 1828 SCardSvr - ok
10:35:02.0839 1828 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:35:02.0839 1828 scfilter - ok
10:35:02.0885 1828 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
10:35:02.0901 1828 Schedule - ok
10:35:02.0932 1828 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:35:02.0932 1828 SCPolicySvc - ok
10:35:02.0963 1828 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:35:02.0979 1828 SDRSVC - ok
10:35:03.0026 1828 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:35:03.0026 1828 secdrv - ok
10:35:03.0073 1828 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
10:35:03.0073 1828 seclogon - ok
10:35:03.0166 1828 [ 5B66DB4877BBAC9F7493AA8D84421E49 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
10:35:03.0197 1828 Secunia PSI Agent - ok
10:35:03.0229 1828 [ 0E88FDF474F2CDD370A4A6CE77D018F0 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
10:35:03.0229 1828 Secunia Update Agent - ok
10:35:03.0275 1828 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
10:35:03.0275 1828 SENS - ok
10:35:03.0338 1828 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:35:03.0338 1828 Serenum - ok
10:35:03.0353 1828 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:35:03.0353 1828 Serial - ok
10:35:03.0369 1828 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:35:03.0369 1828 sermouse - ok
10:35:03.0447 1828 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
10:35:03.0447 1828 SessionEnv - ok
10:35:03.0478 1828 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:35:03.0478 1828 sffdisk - ok
10:35:03.0525 1828 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:35:03.0525 1828 sffp_mmc - ok
10:35:03.0541 1828 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:35:03.0556 1828 sffp_sd - ok
10:35:03.0587 1828 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:35:03.0587 1828 sfloppy - ok
10:35:03.0634 1828 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
10:35:03.0650 1828 Sftfs - ok
10:35:03.0759 1828 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
10:35:03.0775 1828 sftlist - ok
10:35:03.0853 1828 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:35:03.0853 1828 Sftplay - ok
10:35:03.0868 1828 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:35:03.0884 1828 Sftredir - ok
10:35:03.0993 1828 [ 38F88F0DF46C4D42125EF721ABD7F6B9 ] SftService C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE
10:35:03.0993 1828 SftService - ok
10:35:04.0040 1828 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
10:35:04.0040 1828 Sftvol - ok
10:35:04.0087 1828 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
10:35:04.0087 1828 sftvsa - ok
10:35:04.0149 1828 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:35:04.0149 1828 SharedAccess - ok
10:35:04.0180 1828 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:35:04.0196 1828 ShellHWDetection - ok
10:35:04.0243 1828 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
10:35:04.0243 1828 sisagp - ok
10:35:04.0274 1828 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:35:04.0274 1828 SiSRaid2 - ok
10:35:04.0289 1828 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:35:04.0305 1828 SiSRaid4 - ok
10:35:04.0383 1828 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:35:04.0383 1828 SkypeUpdate - ok
10:35:04.0430 1828 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:35:04.0430 1828 Smb - ok
10:35:04.0492 1828 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:35:04.0492 1828 SNMPTRAP - ok
10:35:04.0523 1828 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
10:35:04.0523 1828 spldr - ok
10:35:04.0555 1828 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
10:35:04.0570 1828 Spooler - ok
10:35:04.0679 1828 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
10:35:04.0711 1828 sppsvc - ok
10:35:04.0757 1828 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:35:04.0773 1828 sppuinotify - ok
10:35:04.0820 1828 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:35:04.0820 1828 srv - ok
10:35:04.0851 1828 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:35:04.0867 1828 srv2 - ok
10:35:04.0898 1828 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:35:04.0898 1828 srvnet - ok
10:35:04.0945 1828 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:35:04.0945 1828 SSDPSRV - ok
10:35:04.0976 1828 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:35:04.0976 1828 SstpSvc - ok
10:35:05.0023 1828 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:35:05.0023 1828 stexstor - ok
10:35:05.0069 1828 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
10:35:05.0085 1828 StiSvc - ok
10:35:05.0101 1828 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
10:35:05.0101 1828 swenum - ok
10:35:05.0147 1828 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
10:35:05.0163 1828 swprv - ok
10:35:05.0241 1828 [ D7DC30B8B41E7A913C3FCCC0631E72EC ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
10:35:05.0241 1828 SynTP - ok
10:35:05.0319 1828 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
10:35:05.0335 1828 SysMain - ok
10:35:05.0366 1828 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:35:05.0381 1828 TabletInputService - ok
10:35:05.0428 1828 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
10:35:05.0428 1828 TapiSrv - ok
10:35:05.0459 1828 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
10:35:05.0475 1828 TBS - ok
10:35:05.0537 1828 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:35:05.0569 1828 Tcpip - ok
10:35:05.0631 1828 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:35:05.0647 1828 TCPIP6 - ok
10:35:05.0693 1828 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:35:05.0693 1828 tcpipreg - ok
10:35:05.0740 1828 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:35:05.0740 1828 TDPIPE - ok
10:35:05.0771 1828 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:35:05.0771 1828 TDTCP - ok
10:35:05.0818 1828 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:35:05.0834 1828 tdx - ok
10:35:05.0865 1828 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:35:05.0865 1828 TermDD - ok
10:35:05.0927 1828 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
10:35:05.0943 1828 TermService - ok
10:35:05.0974 1828 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
10:35:05.0974 1828 Themes - ok
10:35:06.0005 1828 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
10:35:06.0021 1828 THREADORDER - ok
10:35:06.0037 1828 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
10:35:06.0037 1828 TrkWks - ok
10:35:06.0130 1828 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:35:06.0130 1828 TrustedInstaller - ok
10:35:06.0146 1828 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:35:06.0161 1828 tssecsrv - ok
10:35:06.0208 1828 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:35:06.0208 1828 TsUsbFlt - ok
10:35:06.0271 1828 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:35:06.0271 1828 tunnel - ok
10:35:06.0286 1828 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:35:06.0286 1828 uagp35 - ok
10:35:06.0349 1828 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:35:06.0349 1828 udfs - ok
10:35:06.0395 1828 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:35:06.0411 1828 UI0Detect - ok
10:35:06.0442 1828 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:35:06.0442 1828 uliagpkx - ok
10:35:06.0489 1828 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
10:35:06.0489 1828 umbus - ok
10:35:06.0520 1828 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:35:06.0520 1828 UmPass - ok
10:35:06.0567 1828 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
10:35:06.0567 1828 upnphost - ok
10:35:06.0598 1828 [ 5C2BDC152BBAB34F36473DEAF7713F22 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
10:35:06.0598 1828 USBAAPL - ok
10:35:06.0645 1828 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:35:06.0645 1828 usbaudio - ok
10:35:06.0692 1828 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:35:06.0692 1828 usbccgp - ok
10:35:06.0707 1828 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:35:06.0723 1828 usbcir - ok
10:35:06.0754 1828 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:35:06.0754 1828 usbehci - ok
10:35:06.0817 1828 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:35:06.0817 1828 usbhub - ok
10:35:06.0848 1828 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:35:06.0848 1828 usbohci - ok
10:35:06.0879 1828 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:35:06.0879 1828 usbprint - ok
10:35:06.0941 1828 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:35:06.0941 1828 usbscan - ok
10:35:06.0973 1828 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:35:06.0973 1828 USBSTOR - ok
10:35:07.0004 1828 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:35:07.0019 1828 usbuhci - ok
10:35:07.0051 1828 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:35:07.0051 1828 usbvideo - ok
10:35:07.0082 1828 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
10:35:07.0097 1828 UxSms - ok
10:35:07.0113 1828 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
10:35:07.0113 1828 VaultSvc - ok
10:35:07.0175 1828 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:35:07.0175 1828 vdrvroot - ok
10:35:07.0222 1828 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
10:35:07.0238 1828 vds - ok
10:35:07.0253 1828 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:35:07.0253 1828 vga - ok
10:35:07.0300 1828 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:35:07.0300 1828 VgaSave - ok
10:35:07.0331 1828 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:35:07.0331 1828 vhdmp - ok
10:35:07.0347 1828 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
10:35:07.0347 1828 viaagp - ok
10:35:07.0425 1828 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
10:35:07.0425 1828 ViaC7 - ok
10:35:07.0456 1828 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
10:35:07.0456 1828 viaide - ok
10:35:07.0487 1828 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:35:07.0503 1828 volmgr - ok
10:35:07.0534 1828 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:35:07.0534 1828 volmgrx - ok
10:35:07.0581 1828 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:35:07.0581 1828 volsnap - ok
10:35:07.0643 1828 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:35:07.0643 1828 vsmraid - ok
10:35:07.0721 1828 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
10:35:07.0737 1828 VSS - ok
10:35:07.0768 1828 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:35:07.0768 1828 vwifibus - ok
10:35:07.0815 1828 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:35:07.0815 1828 vwififlt - ok
10:35:07.0862 1828 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
10:35:07.0877 1828 W32Time - ok
10:35:07.0924 1828 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:35:07.0924 1828 WacomPen - ok
10:35:07.0940 1828 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:35:07.0940 1828 WANARP - ok
10:35:07.0955 1828 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:35:07.0955 1828 Wanarpv6 - ok
10:35:08.0018 1828 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
10:35:08.0033 1828 wbengine - ok
10:35:08.0096 1828 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:35:08.0111 1828 WbioSrvc - ok
10:35:08.0158 1828 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:35:08.0158 1828 wcncsvc - ok
10:35:08.0205 1828 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:35:08.0205 1828 WcsPlugInService - ok
10:35:08.0221 1828 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:35:08.0236 1828 Wd - ok
10:35:08.0267 1828 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
10:35:08.0267 1828 WDC_SAM - ok
10:35:08.0314 1828 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:35:08.0314 1828 Wdf01000 - ok
10:35:08.0361 1828 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:35:08.0377 1828 WdiServiceHost - ok
10:35:08.0377 1828 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:35:08.0392 1828 WdiSystemHost - ok
10:35:08.0423 1828 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
10:35:08.0439 1828 WebClient - ok
10:35:08.0470 1828 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:35:08.0470 1828 Wecsvc - ok
10:35:08.0501 1828 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:35:08.0517 1828 wercplsupport - ok
10:35:08.0548 1828 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
10:35:08.0548 1828 WerSvc - ok
10:35:08.0595 1828 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:35:08.0595 1828 WfpLwf - ok
10:35:08.0673 1828 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
10:35:08.0673 1828 WimFltr - ok
10:35:08.0689 1828 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:35:08.0704 1828 WIMMount - ok
10:35:08.0813 1828 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:35:08.0813 1828 WinDefend - ok
10:35:08.0829 1828 WinHttpAutoProxySvc - ok
10:35:08.0907 1828 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:35:08.0907 1828 Winmgmt - ok
10:35:09.0001 1828 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
10:35:09.0016 1828 WinRM - ok
10:35:09.0079 1828 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:35:09.0079 1828 WinUsb - ok
10:35:09.0141 1828 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:35:09.0157 1828 Wlansvc - ok
10:35:09.0188 1828 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:35:09.0188 1828 WmiAcpi - ok
10:35:09.0250 1828 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:35:09.0250 1828 wmiApSrv - ok
10:35:09.0344 1828 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:35:09.0359 1828 WMPNetworkSvc - ok
10:35:09.0391 1828 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:35:09.0406 1828 WPCSvc - ok
10:35:09.0437 1828 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:35:09.0453 1828 WPDBusEnum - ok
10:35:09.0484 1828 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:35:09.0484 1828 ws2ifsl - ok
10:35:09.0547 1828 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
10:35:09.0562 1828 wscsvc - ok
10:35:09.0578 1828 WSearch - ok
10:35:09.0671 1828 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
10:35:09.0703 1828 wuauserv - ok
10:35:09.0718 1828 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:35:09.0734 1828 WudfPf - ok
10:35:09.0781 1828 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:35:09.0781 1828 WUDFRd - ok
10:35:09.0812 1828 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:35:09.0812 1828 wudfsvc - ok
10:35:09.0859 1828 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
10:35:09.0859 1828 WwanSvc - ok
10:35:09.0905 1828 ================ Scan global ===============================
10:35:09.0983 1828 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
10:35:10.0015 1828 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
10:35:10.0030 1828 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
10:35:10.0061 1828 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
10:35:10.0108 1828 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
10:35:10.0108 1828 [Global] - ok
10:35:10.0108 1828 ================ Scan MBR ==================================
10:35:10.0124 1828 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:35:11.0200 1828 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:35:11.0200 1828 \Device\Harddisk0\DR0 - detected TDSS File System (1)
10:35:11.0200 1828 ================ Scan VBR ==================================
10:35:11.0231 1828 [ 215570AF190E693DC59FCFEB3CC7B9C2 ] \Device\Harddisk0\DR0\Partition1
10:35:11.0231 1828 \Device\Harddisk0\DR0\Partition1 - ok
10:35:11.0247 1828 [ E04FE59B1FD52F057DB6E865A1E0E50D ] \Device\Harddisk0\DR0\Partition2
10:35:11.0263 1828 \Device\Harddisk0\DR0\Partition2 - ok
10:35:11.0263 1828 ============================================================
10:35:11.0263 1828 Scan finished
10:35:11.0263 1828 ============================================================
10:35:11.0434 2908 Detected object count: 1
10:35:11.0434 2908 Actual detected object count: 1
10:35:40.0325 2908 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
10:35:40.0341 2908 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
10:35:40.0341 2908 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
10:35:40.0357 2908 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
10:35:40.0388 2908 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
10:35:40.0403 2908 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
10:35:40.0403 2908 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
10:35:40.0403 2908 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
10:35:40.0403 2908 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
10:35:40.0419 2908 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
10:35:40.0419 2908 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
10:35:40.0419 2908 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
10:35:40.0419 2908 \Device\Harddisk0\DR0\TDLFS - deleted
10:35:40.0419 2908 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
10:41:07.0431 1264 Deinitialize success


Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.14.05

Windows 7 Service Pack 1 x86 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
bronson :: BRONSON-PC [administrator]

10/14/2012 12:31:54 PM
mbam-log-2012-10-14 (12-31-54).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 317772
Time elapsed: 58 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

I will post the other entries below

#8 richirene

richirene
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 14 October 2012 - 04:36 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by bronson (administrator) on 14-10-2012 at 14:16:46
Microsoft Windows 7 Starter Service Pack 1 (X86)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
Hosts file not detected in the default directory
========================= IP Configuration: ================================

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : bronson-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : 1C-65-9D-9F-A3-B7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::acad:74d4:672e:d86d%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, October 14, 2012 12:30:20 PM
Lease Expires . . . . . . . . . . : Sunday, October 14, 2012 3:12:30 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 303850909
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-87-93-09-5C-26-0A-1E-4D-BF
DNS Servers . . . . . . . . . . . : 68.116.46.115
24.205.192.61
24.205.224.36
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 5C-26-0A-1E-4D-BF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: vip01mdfdor.mdfd.or.charter.com
Address: 68.116.46.115

Name: google.com
Addresses: 2001:4860:4001:801::1003
74.125.224.66
74.125.224.68
74.125.224.72
74.125.224.64
74.125.224.67
74.125.224.69
74.125.224.71
74.125.224.65
74.125.224.73
74.125.224.70
74.125.224.78


Pinging google.com [74.125.224.72] with 32 bytes of data:
Reply from 74.125.224.72: bytes=32 time=31ms TTL=53
Reply from 74.125.224.72: bytes=32 time=28ms TTL=53

Ping statistics for 74.125.224.72:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 28ms, Maximum = 31ms, Average = 29ms
Server: vip01mdfdor.mdfd.or.charter.com
Address: 68.116.46.115

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=890ms TTL=52
Reply from 72.30.38.140: bytes=32 time=622ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 622ms, Maximum = 890ms, Average = 756ms
Server: vip01mdfdor.mdfd.or.charter.com
Address: 68.116.46.115

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...1c 65 9d 9f a3 b7 ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
10...5c 26 0a 1e 4d bf ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.10 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.10 286
192.168.0.10 255.255.255.255 On-link 192.168.0.10 286
192.168.0.255 255.255.255.255 On-link 192.168.0.10 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.10 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.10 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 286 fe80::/64 On-link
11 286 fe80::acad:74d4:672e:d86d/128
On-link
1 306 ff00::/8 On-link
11 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 07 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/13/2012 00:03:27 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/13/2012 11:23:05 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16450 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 15a8

Start Time: 01cda96f97cef315

Termination Time: 171

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (10/13/2012 00:39:21 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16450 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1468

Start Time: 01cda915673943e6

Termination Time: 47

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (10/13/2012 00:30:58 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {bff065e3-4b87-47df-af38-b369fe8a11db}

Error: (10/12/2012 11:57:45 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16450 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1478

Start Time: 01cda90f847f4497

Termination Time: 78

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (10/12/2012 11:23:18 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16450 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1298

Start Time: 01cda90aebcf6f11

Termination Time: 16

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (10/12/2012 11:19:09 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16450 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: c20

Start Time: 01cda90a50a61c94

Termination Time: 32

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (10/12/2012 06:13:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15756

Error: (10/12/2012 06:13:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15756

Error: (10/12/2012 06:13:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (10/14/2012 02:14:37 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/14/2012 02:14:37 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/14/2012 02:14:37 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/14/2012 02:12:38 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (10/14/2012 02:12:35 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/14/2012 02:12:35 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/14/2012 02:12:35 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/14/2012 02:12:34 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (10/14/2012 02:12:33 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/14/2012 02:12:33 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (10/13/2012 00:03:27 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\dell datasafe local backup\SftVss64.exe

Error: (10/13/2012 11:23:05 AM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.1645015a801cda96f97cef315171C:\Program Files\Internet Explorer\iexplore.exe

Error: (10/13/2012 00:39:21 AM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16450146801cda915673943e647C:\Program Files\Internet Explorer\iexplore.exe

Error: (10/13/2012 00:30:58 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {bff065e3-4b87-47df-af38-b369fe8a11db}

Error: (10/12/2012 11:57:45 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16450147801cda90f847f449778C:\Program Files\Internet Explorer\iexplore.exe

Error: (10/12/2012 11:23:18 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16450129801cda90aebcf6f1116C:\Program Files\Internet Explorer\iexplore.exe

Error: (10/12/2012 11:19:09 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16450c2001cda90a50a61c9432C:\Program Files\Internet Explorer\iexplore.exe

Error: (10/12/2012 06:13:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15756

Error: (10/12/2012 06:13:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15756

Error: (10/12/2012 06:13:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 1.4.1)
Apple Mobile Device Support (Version: 3.3.0.69)
Apple Software Update (Version: 2.1.2.120)
ASPCA Tri Reminder by We-Care.com v4.0.7.5 (Version: 4.0.7.5)
Audacity 1.2.6
AVG 2013 (Version: 13.0.2601)
AVG 2013 (Version: 13.0.2740)
AVG 2013 (Version: 2013.0.2740)
Battery Meter (Version: 0.0.1.7C)
Bing Bar (Version: 7.0.822.0)
Bing Desktop (Version: 1.0.45.0)
Bonjour (Version: 2.0.4.0)
Cake Poker 2.0 (Version: 2.0.1.4376)
CapsLKNotify (Version: 0.1.0.5)
CCleaner (Version: 3.17)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Cozi (Version: 1.0.4323.24051)
Dell DataSafe Local Backup - Support Software
Dell DataSafe Local Backup (Version: 9.4.51)
Dell DataSafe Online (Version: 2.1.19634)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Product Registration (Version: 1.0.3)
Dell Webcam Central (Version: 2.00.35)
Dream Chronicles 2
EMSC (Version: 0.0.0.22C)
ERUNT 1.1j
ESET Online Scanner v3
Function Keys (Version: 0.1.0.8)
Google Chrome (Version: 22.0.1229.94)
Google Earth Plug-in (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.123)
GoToAssist 8.0.0.514
Hidden Mysteries - Return to Titanic
House of 1000 Doors 2
Intel® Graphics Media Accelerator Driver (Version: 8.14.10.2230)
Intertops Poker (Version: 2.0.1.4484)
iTunes (Version: 10.1.1.4)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
JavaFX 2.1.1 (Version: 2.1.1)
JetMP3 (Version: 1.0517.1205)
Jewel Quest Bundle
Joining Hands
Juicy Stakes 2.0 (Version: 2.0.1.4995)
Junk Mail filter update (Version: 14.0.8117.416)
Learning Lodge Navigator
Lock Poker (Version: 2.0.1.4577)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MGTEK dopisp 6.1 (Version: 6.1.3574)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSVCRT (Version: 14.0.1468.721)
MyTomTom 3.1.0.432 (Version: 3.1.0.432)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
Plex (Version: 0.9.503)
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.22.615.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6136)
REALTEK PCIE Wireless LAN Driver (Version: 1.00.0153)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30117)
Secunia PSI (2.0.0.4003) (Version: 2.0.0.4003)
Skype Toolbars (Version: 1.0.4036)
Skype™ 5.10 (Version: 5.10.116)
SUPERAntiSpyware (Version: 5.6.1010)
Synaptics Pointing Device Driver (Version: 15.0.18.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
VTech Download Agent Library (Version: 1.00.0000)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
WSED (Version: 0.1.0.22)

========================= Devices: ================================

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 50%
Total physical RAM: 1013.42 MB
Available physical RAM: 497.54 MB
Total Pagefile: 2037.42 MB
Available Pagefile: 1619.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1944.52 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:223.02 GB) (Free:183.12 GB) NTFS

========================= Users: ========================================

User accounts for \\BRONSON-PC

Administrator bronson Guest

========================= Restore Points ==================================

12-09-2012 18:22:32 Windows Update
13-09-2012 10:00:47 Windows Update
18-09-2012 15:37:15 Windows Update
19-09-2012 10:00:14 Windows Update
22-09-2012 10:00:50 Windows Update
25-09-2012 23:04:51 Windows Update
27-09-2012 18:50:17 Windows Update
28-09-2012 04:47:20 Installed Java 7 Update 7
03-10-2012 03:32:55 Windows Update
07-10-2012 23:51:22 Installed OpenOffice.org 3.4.1
12-10-2012 17:28:31 Windows Update
12-10-2012 19:15:55 Removed AVG 2012
12-10-2012 19:24:58 Removed AVG 2012
12-10-2012 21:58:24 Installed AVG 2013
12-10-2012 22:15:18 Installed AVG 2013
13-10-2012 07:30:59 Windows Defender Checkpoint

**** End of log ****


Farbar Service Scanner Version: 07-10-2012
Ran by bronson (administrator) on 14-10-2012 at 13:59:57
Running from "C:\Users\bronson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2W3173AY"
Microsoft Windows 7 Starter Service Pack 1 (X86)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-09-12 11:28] - [2012-08-22 10:16] - 1292144 ____A (Microsoft Corporation) A5EBB8F648000E88B7D9390B514976BF

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-10-09 19:48] - [2012-06-01 21:36] - 0140288 ____A (Microsoft Corporation) 96C0E38905CFD788313BE8E11DAE3F2F

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#9 richirene

richirene
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 14 October 2012 - 04:58 PM

# AdwCleaner v2.005 - Logfile created 10/14/2012 at 14:36:07
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Starter Service Pack 1 (32 bits)
# User : bronson - BRONSON-PC
# Boot Mode : Safe mode with networking
# Running from : C:\Users\bronson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GPBANN5\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\bronson\AppData\Local\Temp\Uninstall.exe
Folder Deleted : C:\Program Files\BasicScan
Folder Deleted : C:\ProgramData\BasicScan
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Users\bronson\AppData\Local\OpenCandy
Folder Deleted : C:\Users\bronson\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\PricePeep
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Deleted : HKLM\Software\GamesBarSetup
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={7C8CB973-5079-46F6-AA28-FFE29097512A}&mid=f0bb523d65fe47d1a7078d6f4cfaa44c-0bd1ded07d68d2e32235ee481aac11f30b80d26f&lang=en&ds=AVG&pr=fr&d=2012-01-02 20:43:17&v=9.0.0.23&sap=nt --> hxxp://www.google.com

-\\ Google Chrome v [Unable to get version]

File : C:\Users\bronson\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.23] : keyword = "basicscan.com",
Deleted [l.26] : search_url = "hxxp://www.basicscan.com/?tmp=redir_bho_bing&dist=0&prt=BscscnPB&keywords={searchTerms}",

*************************

AdwCleaner[S1].txt - [3981 octets] - [14/10/2012 14:36:07]

########## EOF - C:\AdwCleaner[S1].txt - [4041 octets] ##########


Junkware Removal Tool (JRT) by Thisisu
Version: 1.5.7 (10.14.2012)
OS: Windows 7 Starter x86
Ran by bronson on Sun 10/14/2012 at 14:41:25.79
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{134da043-566e-4572-82e6-8978d0ed03d8}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{134da043-566e-4572-82e6-8978d0ed03d8}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{134da043-566e-4572-82e6-8978d0ed03d8}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{134da043-566e-4572-82e6-8978d0ed03d8}



*** Files:

Successfully deleted: [FILE] C:\Users\bronson\appdata\local\jetmp3\jtlicense.txt
Successfully deleted: [FILE] C:\Users\bronson\appdata\local\jetmp3\sqlite3.exe
Successfully deleted: [FILE] C:\Users\bronson\appdata\local\jetmp3\uninst.exe



*** Folders:

Successfully deleted: [FOLDER] "C:\Users\bronson\appdata\local\jetmp3"



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Sun 10/14/2012 at 14:53:40.88
End of Report


Sorry for the wait and the different posting, but I had to do this because some of the programs required a reboot and didnt want to lose the other info. So thank you, will wait for further instructions

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:21 AM

Posted 14 October 2012 - 05:16 PM

Please run malwarebytes,ESET online scanner and farbar service scanner in normal mode and post the log

Download Listparts from here

For 32 bit

List parts 32

Launch it,click on SCAN,post the log

#11 richirene

richirene
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 15 October 2012 - 04:56 PM

Here is the information that you asked for, sorry it took so long, but the internet takes a super long time to load in normal mode. Also, fell asleep last night during the ESET scan and I believe that it had found objects during the scan but when I looked at the computer this morning the scan was no longer up on the screen (I think it had shut down due to low battery) anyway after running a second scan today it did not find anything, I dont know if it had repaired or quarantied the items. So I did not have a log to post so I looked around my computer and found a log but it contains previous scans I had did back in April also. I dont know but I posted that log as well. Please let me know if there is a different area to find it. I will be waiting for futher instructions. :whistle:



Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.14.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
bronson :: BRONSON-PC [administrator]

10/14/2012 7:46:41 PM
mbam-log-2012-10-14 (19-46-41).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 319752
Time elapsed: 3 hour(s), 24 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=1c81f913007c374e83ad23b0c77a3518
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-16 07:44:23
# local_time=2012-04-16 12:44:23 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1024 16777215 100 0 8504274 8504274 0 0
# compatibility_mode=5893 16776574 100 94 8073492 86102127 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=117637
# found=19
# cleaned=19
# scan_time=4927
C:\TDSSKiller_Quarantine\09.04.2012_23.34.08\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AWO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\09.04.2012_23.34.08\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AD trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\09.04.2012_23.34.08\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\09.04.2012_23.34.08\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\09.04.2012_23.34.08\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.KS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\09.04.2012_23.34.08\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\09.04.2012_23.34.08\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AWO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\09.04.2012_23.34.08\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.X trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\09.04.2012_23.34.08\rtkt0000\svc0000\tsk0000.dta a variant of Win32/Rootkit.Kryptik.KR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\13.04.2012_22.01.56\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AXZ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\13.04.2012_22.01.56\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AD trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\13.04.2012_22.01.56\mbr0000\tdlfs0000\tsk0003.dta a variant of Win32/Rootkit.Kryptik.KS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\13.04.2012_22.01.56\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\13.04.2012_22.01.56\mbr0000\tdlfs0000\tsk0008.dta Win32/Olmarik.AWO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\13.04.2012_22.01.56\mbr0000\tdlfs0000\tsk0009.dta Win64/Olmarik.X trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\13.04.2012_22.01.56\rtkt0000\svc0000\tsk0000.dta Win32/Sirefef.DA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\13.04.2012_22.01.56\rtkt0001\svc0000\tsk0000.dta Win32/Sirefef.DA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\bronson\Documents\cnet_dopisp_exe.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Windows\System32\drivers\etc\hosts Win32/Qhost trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=1c81f913007c374e83ad23b0c77a3518
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-14 07:44:37
# local_time=2012-10-14 12:44:37 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1024 16777215 100 0 29064 29064 0 0
# compatibility_mode=5893 16776573 100 94 0 101739399 0 0
# compatibility_mode=8192 67108863 100 0 14716135 14716135 0 0
# scanned=131069
# found=0
# cleaned=0
# scan_time=6070
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=1c81f913007c374e83ad23b0c77a3518
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-15 07:00:18
# local_time=2012-10-15 12:00:18 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1024 16777215 100 0 153787 153787 0 0
# compatibility_mode=5893 16776573 100 94 0 101864122 0 0
# compatibility_mode=8192 67108863 100 0 14840858 14840858 0 0
# scanned=130187
# found=0
# cleaned=0
# scan_time=8288


Farbar Service Scanner Version: 07-10-2012
Ran by bronson (administrator) on 15-10-2012 at 14:09:01
Running from "C:\Users\bronson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WZO5C298"
Microsoft Windows 7 Starter Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-09-12 11:28] - [2012-08-22 10:16] - 1292144 ____A (Microsoft Corporation) A5EBB8F648000E88B7D9390B514976BF

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

ListParts by Farbar Version: 14-10-2012
Ran by bronson (administrator) on 15-10-2012 at 14:30:09
Windows 7 (X86)
Running From: C:\Users\bronson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WZO5C298
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 65%
Total physical RAM: 1013.42 MB
Available physical RAM: 348.16 MB
Total Pagefile: 2037.42 MB
Available Pagefile: 817.45 MB
Total Virtual: 2047.88 MB
Available Virtual: 1960.1 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:223.02 GB) (Free:186.9 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 100 MB 1024 KB
Partition 2 Primary 9 GB 101 MB
Partition 3 Primary 223 GB 9 GB

======================================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

There is no volume associated with this partition.

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 0 RECOVERY NTFS Partition 9 GB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C OS NTFS Partition 223 GB Healthy System (partition with boot components)

======================================================================================================

****** End Of Log ******

#12 richirene

richirene
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 15 October 2012 - 05:56 PM

Sorry, I re-read the instructions for Farbar on-line scanner and forgot to place a checkmark in all the boxes so this time I did so and here is the report.

I do realize that some of the services are disabled like the smart screen filter and my virus protection but I had turned them off because some of the tools you had me run would not work with the programs turned on (not all of them caused it to not work but I figured my computer might speed up some if I disabled them).


Farbar Service Scanner Version: 07-10-2012
Ran by bronson (administrator) on 15-10-2012 at 15:48:48
Running from "C:\Users\bronson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WZO5C298"
Microsoft Windows 7 Starter Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-09-12 11:28] - [2012-08-22 10:16] - 1292144 ____A (Microsoft Corporation) A5EBB8F648000E88B7D9390B514976BF

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-10-09 19:48] - [2012-06-01 21:36] - 0140288 ____A (Microsoft Corporation) 96C0E38905CFD788313BE8E11DAE3F2F

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:21 AM

Posted 15 October 2012 - 09:51 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

Any current issues?

#14 richirene

richirene
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 15 October 2012 - 10:36 PM

the only current issues are the same issues that i had from the beginning, that being very, very slow internet in normal mode no problem in safe mode that is what clued me in to begin with. please be patient and i will run the scans you asked. if i can run these in safe mode it would be alot faster but that up to you

#15 richirene

richirene
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 15 October 2012 - 10:50 PM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/15/2012 08:47:08 PM in x86 mode.
Windows Version: Windows 7 Starter Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* iphlpsvc [Missing Service]
* SensrSvc [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/15/2012 08:47:37 PM
Execution time: 0 hours(s), 0 minute(s), and 29 seconds(s)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users