Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Locked out of internet extremely infected


  • Please log in to reply
15 replies to this topic

#1 stevenljones

stevenljones

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 16 October 2012 - 11:10 AM

I've been handed a computer of an older couple. They use the computer only for internet surfing. They rarely perform virus or malware scans and have picked up a nasty bug. I discovered this when configuring their wireless network. I went to change the password on this computer. When I did this the virus disabled access to the internet via both the wireless card and the ethernet cable. I've tried to bring over multiple on a flash drive, and the virus crashes the program before it can finish scanning. Please advise...

Edited by hamluis, 16 October 2012 - 12:52 PM.
No logs, moved from Malware Removal Logs to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Quote

Quote

  • Banned
  • 173 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:55 AM

Posted 16 October 2012 - 01:37 PM

Hello and welcome to BC!

Pleas follow this steps, if you have a problem with a tool post it here.

Download Malwarebytes' Anti-Malware, chek for updates and do a quick scan. Pleas post the logfile (can be found in Logs) in your next reply.
Download Security Chek and run it, post also this log in your next reply.

In the next reply I want 2 logs:
  • Malwarebytes' Anti-Malware
  • Security Chek
I wait for your next reply,
Quote

#3 stevenljones

stevenljones
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 17 October 2012 - 08:50 AM

I have run Malware Antibites the output is as followed:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.07.13

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 8.0.6001.19088
sonny&shirley :: DELL-LT [administrator]

10/16/2012 6:36:27 PM
mbam-log-2012-10-16 (18-36-27).txt

Scan type: Full scan (C:\|D:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 316020
Time elapsed: 55 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


I then ran security check. The machine will not run the program and when it tries to produce an output the command prompt says "File not found" multiple times. then the program says "results have been copied to checkup.txt which should open ... now!
The system cannot find the path specified.
The system cannot find the path specified."

Please also not that I downloaded both programs from bleeping computer on to a flash drive, copied them to the desktop of the computer in question, and then ran both."

Thank you

#4 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:10:55 PM

Posted 21 October 2012 - 10:02 AM

Hello stevenljones,

Sorry for the delay in response...we can get overloaded at times, but now that I've picked you up, I will stay with you! :)

Let's try again with MBAM, but I'd like you to copy over these below links to your flashdrive and move them to the desktop of your sick machine for the next scans:


Now before you scan again with MBAM I'd like you to boot into safemode first, then run Rkill, and then MBAM with the following instructions:

Step :step1:

First, boot into Safemode With Networking using my safemode link above.

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.

Now immediately run MBAM again (full scan) without rebooting in between RKill and MBAM!

Post the resultant log in your next reply. Also let me know if you have internet in safemode!

==========

Step :step2:

Reboot into normal mode and run TDSSKiller next:

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

==========

In your next reply, please provide the following:

  • The RKill log
  • The MBAM log
  • The TDSSKiller log
  • Let me know how the computer is running now, and weather you have internet in safemode?
bloopie

#5 stevenljones

stevenljones
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 23 October 2012 - 08:42 AM

bloopie,

I have done everything you asked. I was able to connect to the internet using both wireless card and ethernet while in safe mode and am now able to do the same when I booted normally. However, none of the programs found an issues....I am confused by this. Please see logs below.

RKILL:
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/23/2012 08:30:40 AM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Automatic

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

* gpsvc => %windir%\system32\svchost.exe -k GPSvcGroup [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/23/2012 08:30:49 AM
Execution time: 0 hours(s), 0 minute(s), and 9 seconds(s)

MBAM:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.23.04

Windows Vista Service Pack 1 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.19088
sonny&shirley :: DELL-LT [administrator]

10/23/2012 8:34:24 AM
mbam-log-2012-10-23 (08-34-24).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 317267
Time elapsed: 44 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

TDSSKiller:

09:37:50.0579 3384 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
09:37:50.0938 3384 ============================================================
09:37:50.0938 3384 Current date / time: 2012/10/23 09:37:50.0938
09:37:50.0938 3384 SystemInfo:
09:37:50.0938 3384
09:37:50.0938 3384 OS Version: 6.0.6001 ServicePack: 1.0
09:37:50.0938 3384 Product type: Workstation
09:37:50.0938 3384 ComputerName: DELL-LT
09:37:50.0938 3384 UserName: sonny&shirley
09:37:50.0938 3384 Windows directory: C:\Windows
09:37:50.0938 3384 System windows directory: C:\Windows
09:37:50.0938 3384 Processor architecture: Intel x86
09:37:50.0938 3384 Number of processors: 2
09:37:50.0938 3384 Page size: 0x1000
09:37:50.0938 3384 Boot type: Normal boot
09:37:50.0938 3384 ============================================================
09:37:52.0919 3384 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:37:53.0013 3384 Drive \Device\Harddisk1\DR1 - Size: 0x77460000 (1.86 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:37:53.0013 3384 ============================================================
09:37:53.0013 3384 \Device\Harddisk0\DR0:
09:37:53.0044 3384 MBR partitions:
09:37:53.0044 3384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1388000
09:37:53.0044 3384 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x139C000, BlocksNum 0xC6F83A8
09:37:53.0091 3384 \Device\Harddisk1\DR1:
09:37:53.0091 3384 MBR partitions:
09:37:53.0091 3384 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2, BlocksNum 0x3BA2FE
09:37:53.0091 3384 ============================================================
09:37:53.0184 3384 C: <-> \Device\Harddisk0\DR0\Partition2
09:37:53.0262 3384 D: <-> \Device\Harddisk0\DR0\Partition1
09:37:53.0262 3384 ============================================================
09:37:53.0262 3384 Initialize success
09:37:53.0262 3384 ============================================================
09:37:57.0069 4232 ============================================================
09:37:57.0069 4232 Scan started
09:37:57.0069 4232 Mode: Manual;
09:37:57.0069 4232 ============================================================
09:38:04.0588 4232 ================ Scan system memory ========================
09:38:04.0588 4232 System memory - ok
09:38:04.0588 4232 ================ Scan services =============================
09:38:06.0148 4232 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys
09:38:06.0195 4232 ACPI - ok
09:38:06.0647 4232 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:38:06.0647 4232 AdobeARMservice - ok
09:38:06.0710 4232 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:38:06.0725 4232 adp94xx - ok
09:38:06.0756 4232 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:38:06.0772 4232 adpahci - ok
09:38:06.0788 4232 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
09:38:06.0803 4232 adpu160m - ok
09:38:06.0803 4232 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:38:06.0803 4232 adpu320 - ok
09:38:06.0866 4232 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:38:06.0881 4232 AeLookupSvc - ok
09:38:06.0944 4232 [ EF1142512BEC12F1C2C87735DA1755BE ] AESTFilters C:\Windows\system32\aestsrv.exe
09:38:06.0944 4232 AESTFilters - ok
09:38:07.0146 4232 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys
09:38:07.0178 4232 AFD - ok
09:38:07.0240 4232 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:38:07.0240 4232 agp440 - ok
09:38:07.0334 4232 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:38:07.0365 4232 aic78xx - ok
09:38:07.0380 4232 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
09:38:07.0396 4232 ALG - ok
09:38:07.0443 4232 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
09:38:07.0443 4232 aliide - ok
09:38:07.0490 4232 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:38:07.0490 4232 amdagp - ok
09:38:07.0521 4232 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
09:38:07.0521 4232 amdide - ok
09:38:07.0583 4232 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
09:38:07.0583 4232 AmdK7 - ok
09:38:07.0583 4232 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:38:07.0583 4232 AmdK8 - ok
09:38:07.0661 4232 [ A80230BD04F0B8BF05185B369BB1CBB8 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
09:38:07.0677 4232 ApfiltrService - ok
09:38:07.0833 4232 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
09:38:07.0848 4232 Appinfo - ok
09:38:08.0145 4232 [ 70D7BE78061126DD0C3ACCDB7E129017 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:38:08.0176 4232 Apple Mobile Device - ok
09:38:08.0223 4232 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
09:38:08.0254 4232 arc - ok
09:38:08.0301 4232 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:38:08.0301 4232 arcsas - ok
09:38:08.0426 4232 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:38:08.0441 4232 AsyncMac - ok
09:38:08.0504 4232 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
09:38:08.0535 4232 atapi - ok
09:38:08.0597 4232 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:38:08.0597 4232 AudioEndpointBuilder - ok
09:38:08.0597 4232 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:38:08.0613 4232 Audiosrv - ok
09:38:08.0769 4232 BCM42RLY - ok
09:38:09.0174 4232 [ CDF7F28FFD693B1B4137845DD1EF1CCC ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
09:38:09.0206 4232 BCM43XX - ok
09:38:09.0284 4232 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
09:38:09.0284 4232 Beep - ok
09:38:09.0440 4232 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll
09:38:09.0440 4232 BFE - ok
09:38:09.0580 4232 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll
09:38:09.0596 4232 BITS - ok
09:38:09.0627 4232 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:38:09.0627 4232 blbdrive - ok
09:38:09.0798 4232 [ 673CF4F6BB1FBE09331B526802FBB892 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:38:09.0814 4232 Bonjour Service - ok
09:38:09.0861 4232 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:38:09.0861 4232 bowser - ok
09:38:09.0954 4232 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
09:38:09.0970 4232 BrFiltLo - ok
09:38:10.0032 4232 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
09:38:10.0064 4232 BrFiltUp - ok
09:38:10.0110 4232 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
09:38:10.0142 4232 Browser - ok
09:38:10.0251 4232 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
09:38:10.0282 4232 Brserid - ok
09:38:10.0329 4232 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
09:38:10.0344 4232 BrSerWdm - ok
09:38:10.0391 4232 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
09:38:10.0407 4232 BrUsbMdm - ok
09:38:10.0469 4232 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
09:38:10.0485 4232 BrUsbSer - ok
09:38:10.0532 4232 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:38:10.0532 4232 BTHMODEM - ok
09:38:10.0578 4232 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:38:10.0610 4232 cdfs - ok
09:38:10.0625 4232 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:38:10.0641 4232 cdrom - ok
09:38:10.0656 4232 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll
09:38:10.0656 4232 CertPropSvc - ok
09:38:10.0734 4232 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
09:38:10.0750 4232 circlass - ok
09:38:10.0859 4232 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys
09:38:10.0859 4232 CLFS - ok
09:38:10.0984 4232 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:38:10.0984 4232 clr_optimization_v2.0.50727_32 - ok
09:38:11.0078 4232 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:38:11.0109 4232 clr_optimization_v4.0.30319_32 - ok
09:38:11.0156 4232 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:38:11.0156 4232 CmBatt - ok
09:38:11.0171 4232 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:38:11.0171 4232 cmdide - ok
09:38:11.0202 4232 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:38:11.0202 4232 Compbatt - ok
09:38:11.0218 4232 COMSysApp - ok
09:38:11.0218 4232 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:38:11.0218 4232 crcdisk - ok
09:38:11.0249 4232 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
09:38:11.0249 4232 Crusoe - ok
09:38:11.0296 4232 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:38:11.0296 4232 CryptSvc - ok
09:38:11.0592 4232 [ DDAC7684F4BC3F655ED31D8AA494E9AB ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:38:11.0592 4232 cvhsvc - ok
09:38:11.0764 4232 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:38:11.0764 4232 DcomLaunch - ok
09:38:11.0811 4232 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:38:11.0826 4232 DfsC - ok
09:38:11.0967 4232 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe
09:38:12.0045 4232 DFSR - ok
09:38:12.0092 4232 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
09:38:12.0092 4232 Dhcp - ok
09:38:12.0154 4232 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys
09:38:12.0185 4232 disk - ok
09:38:12.0263 4232 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:38:12.0294 4232 Dnscache - ok
09:38:12.0466 4232 [ 13511564CAC5A005255765E322C16967 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
09:38:12.0497 4232 DockLoginService - ok
09:38:12.0528 4232 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll
09:38:12.0528 4232 dot3svc - ok
09:38:12.0544 4232 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
09:38:12.0560 4232 DPS - ok
09:38:12.0606 4232 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:38:12.0606 4232 drmkaud - ok
09:38:12.0653 4232 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:38:12.0669 4232 DXGKrnl - ok
09:38:12.0716 4232 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
09:38:12.0716 4232 e1express - ok
09:38:12.0747 4232 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
09:38:12.0747 4232 E1G60 - ok
09:38:12.0778 4232 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
09:38:12.0778 4232 EapHost - ok
09:38:12.0809 4232 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys
09:38:12.0825 4232 Ecache - ok
09:38:12.0950 4232 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:38:12.0965 4232 ehRecvr - ok
09:38:12.0996 4232 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
09:38:12.0996 4232 ehSched - ok
09:38:13.0028 4232 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
09:38:13.0028 4232 ehstart - ok
09:38:13.0059 4232 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:38:13.0074 4232 elxstor - ok
09:38:13.0168 4232 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
09:38:13.0184 4232 EMDMgmt - ok
09:38:13.0230 4232 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:38:13.0230 4232 ErrDev - ok
09:38:13.0293 4232 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll
09:38:13.0324 4232 EventSystem - ok
09:38:13.0386 4232 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys
09:38:13.0402 4232 exfat - ok
09:38:13.0449 4232 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:38:13.0449 4232 fastfat - ok
09:38:13.0511 4232 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:38:13.0511 4232 fdc - ok
09:38:13.0558 4232 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
09:38:13.0558 4232 fdPHost - ok
09:38:13.0589 4232 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
09:38:13.0605 4232 FDResPub - ok
09:38:13.0620 4232 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:38:13.0620 4232 FileInfo - ok
09:38:13.0667 4232 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:38:13.0667 4232 Filetrace - ok
09:38:13.0698 4232 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:38:13.0698 4232 flpydisk - ok
09:38:13.0730 4232 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:38:13.0745 4232 FltMgr - ok
09:38:13.0808 4232 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:38:13.0808 4232 FontCache3.0.0.0 - ok
09:38:13.0839 4232 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:38:13.0839 4232 Fs_Rec - ok
09:38:13.0901 4232 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:38:13.0932 4232 gagp30kx - ok
09:38:13.0995 4232 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:38:14.0010 4232 GEARAspiWDM - ok
09:38:14.0182 4232 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
09:38:14.0213 4232 GoogleDesktopManager-051210-111108 - ok
09:38:14.0276 4232 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
09:38:14.0276 4232 GoToAssist - ok
09:38:14.0510 4232 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll
09:38:14.0541 4232 gpsvc - ok
09:38:14.0588 4232 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:38:14.0603 4232 gupdate - ok
09:38:14.0634 4232 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:38:14.0634 4232 gupdatem - ok
09:38:14.0681 4232 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:38:14.0697 4232 gusvc - ok
09:38:14.0744 4232 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:38:14.0744 4232 HDAudBus - ok
09:38:14.0775 4232 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:38:14.0775 4232 HidBth - ok
09:38:14.0806 4232 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
09:38:14.0806 4232 HidIr - ok
09:38:14.0853 4232 [ 53D5A2F9CE6AE47D7507727DF1DA79F8 ] hidserv C:\Windows\system32\hidserv.dll
09:38:14.0884 4232 hidserv - ok
09:38:14.0931 4232 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:38:14.0946 4232 HidUsb - ok
09:38:14.0993 4232 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:38:15.0024 4232 hkmsvc - ok
09:38:15.0056 4232 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
09:38:15.0056 4232 HpCISSs - ok
09:38:15.0305 4232 [ 99F85640054BA65190B860D878A7C9AE ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
09:38:15.0368 4232 HSF_DPV - ok
09:38:15.0430 4232 [ CFBC2B81972E298F0E19EE68FA9E73DA ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
09:38:15.0461 4232 HSXHWAZL - ok
09:38:15.0492 4232 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:38:15.0508 4232 HTTP - ok
09:38:15.0555 4232 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
09:38:15.0555 4232 i2omp - ok
09:38:15.0602 4232 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:38:15.0617 4232 i8042prt - ok
09:38:15.0742 4232 [ AE38A12F79A4980DDB88F36514F8A1DA ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
09:38:15.0758 4232 IAANTMON - ok
09:38:15.0804 4232 [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor C:\Windows\system32\drivers\iastor.sys
09:38:15.0804 4232 iaStor - ok
09:38:15.0851 4232 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
09:38:15.0851 4232 iaStorV - ok
09:38:15.0929 4232 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:38:15.0960 4232 idsvc - ok
09:38:16.0491 4232 [ C134E69CE901422D1F2D7EA8D69098FE ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
09:38:16.0584 4232 igfx - ok
09:38:16.0600 4232 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:38:16.0600 4232 iirsp - ok
09:38:16.0662 4232 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll
09:38:16.0662 4232 IKEEXT - ok
09:38:16.0740 4232 [ 98D303CCB3415E9202E82043B37D66DC ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
09:38:16.0756 4232 IntcHdmiAddService - ok
09:38:16.0850 4232 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
09:38:16.0881 4232 intelide - ok
09:38:16.0928 4232 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:38:16.0928 4232 intelppm - ok
09:38:16.0943 4232 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:38:16.0943 4232 IPBusEnum - ok
09:38:16.0974 4232 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:38:16.0974 4232 IpFilterDriver - ok
09:38:17.0099 4232 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:38:17.0130 4232 iphlpsvc - ok
09:38:17.0130 4232 IpInIp - ok
09:38:17.0162 4232 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
09:38:17.0162 4232 IPMIDRV - ok
09:38:17.0208 4232 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
09:38:17.0208 4232 IPNAT - ok
09:38:17.0489 4232 [ DCB3796E0169419618C72F0CE34C68ED ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:38:17.0536 4232 iPod Service - ok
09:38:17.0567 4232 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:38:17.0567 4232 IRENUM - ok
09:38:17.0598 4232 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:38:17.0598 4232 isapnp - ok
09:38:17.0645 4232 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
09:38:17.0676 4232 iScsiPrt - ok
09:38:17.0692 4232 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
09:38:17.0708 4232 iteatapi - ok
09:38:17.0723 4232 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
09:38:17.0723 4232 iteraid - ok
09:38:17.0770 4232 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:38:17.0770 4232 kbdclass - ok
09:38:17.0801 4232 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:38:17.0817 4232 kbdhid - ok
09:38:17.0848 4232 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe
09:38:17.0864 4232 KeyIso - ok
09:38:17.0879 4232 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:38:17.0895 4232 KSecDD - ok
09:38:17.0942 4232 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
09:38:17.0942 4232 KtmRm - ok
09:38:18.0051 4232 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:38:18.0082 4232 LanmanServer - ok
09:38:18.0129 4232 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:38:18.0144 4232 LanmanWorkstation - ok
09:38:18.0191 4232 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:38:18.0191 4232 lltdio - ok
09:38:18.0332 4232 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:38:18.0363 4232 lltdsvc - ok
09:38:18.0394 4232 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:38:18.0394 4232 lmhosts - ok
09:38:18.0456 4232 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:38:18.0472 4232 LSI_FC - ok
09:38:18.0519 4232 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:38:18.0519 4232 LSI_SAS - ok
09:38:18.0566 4232 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:38:18.0566 4232 LSI_SCSI - ok
09:38:18.0581 4232 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
09:38:18.0597 4232 luafv - ok
09:38:18.0675 4232 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:38:18.0706 4232 MBAMProtector - ok
09:38:18.0800 4232 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:38:18.0800 4232 MBAMScheduler - ok
09:38:18.0846 4232 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:38:18.0862 4232 MBAMService - ok
09:38:19.0080 4232 [ ECAB006AC6136F1307E140B633CDB8C2 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:38:19.0112 4232 McAfee SiteAdvisor Service - ok
09:38:19.0236 4232 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
09:38:19.0283 4232 McComponentHostService - ok
09:38:19.0299 4232 [ ECAB006AC6136F1307E140B633CDB8C2 ] McMPFSvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:38:19.0299 4232 McMPFSvc - ok
09:38:19.0299 4232 [ ECAB006AC6136F1307E140B633CDB8C2 ] mcmscsvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:38:19.0299 4232 mcmscsvc - ok
09:38:19.0314 4232 [ ECAB006AC6136F1307E140B633CDB8C2 ] McNaiAnn C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:38:19.0314 4232 McNaiAnn - ok
09:38:19.0346 4232 [ ECAB006AC6136F1307E140B633CDB8C2 ] McNASvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:38:19.0361 4232 McNASvc - ok
09:38:19.0517 4232 [ B3CD9ADE1C2665124CA34125B331B0B4 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
09:38:19.0533 4232 McODS - ok
09:38:19.0533 4232 [ ECAB006AC6136F1307E140B633CDB8C2 ] McProxy C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:38:19.0533 4232 McProxy - ok
09:38:19.0580 4232 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:38:19.0580 4232 Mcx2Svc - ok
09:38:19.0642 4232 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
09:38:19.0642 4232 mdmxsdk - ok
09:38:19.0689 4232 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
09:38:19.0689 4232 megasas - ok
09:38:19.0751 4232 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
09:38:19.0767 4232 MegaSR - ok
09:38:19.0814 4232 [ AC04A618AEF3DE0FCE91C766F9E069DA ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
09:38:19.0814 4232 mfenlfk - ok
09:38:19.0829 4232 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
09:38:19.0845 4232 MMCSS - ok
09:38:19.0907 4232 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
09:38:19.0923 4232 Modem - ok
09:38:19.0985 4232 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:38:19.0985 4232 monitor - ok
09:38:20.0032 4232 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:38:20.0063 4232 mouclass - ok
09:38:20.0110 4232 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:38:20.0126 4232 mouhid - ok
09:38:20.0172 4232 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
09:38:20.0172 4232 MountMgr - ok
09:38:20.0204 4232 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
09:38:20.0219 4232 mpio - ok
09:38:20.0266 4232 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:38:20.0266 4232 mpsdrv - ok
09:38:20.0391 4232 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll
09:38:20.0438 4232 MpsSvc - ok
09:38:20.0500 4232 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
09:38:20.0500 4232 Mraid35x - ok
09:38:20.0500 4232 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:38:20.0516 4232 MRxDAV - ok
09:38:20.0562 4232 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:38:20.0562 4232 mrxsmb - ok
09:38:20.0625 4232 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:38:20.0656 4232 mrxsmb10 - ok
09:38:20.0672 4232 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:38:20.0672 4232 mrxsmb20 - ok
09:38:20.0734 4232 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
09:38:20.0750 4232 msahci - ok
09:38:20.0781 4232 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:38:20.0781 4232 msdsm - ok
09:38:20.0812 4232 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
09:38:20.0843 4232 MSDTC - ok
09:38:20.0906 4232 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:38:20.0906 4232 Msfs - ok
09:38:20.0921 4232 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:38:20.0921 4232 msisadrv - ok
09:38:20.0968 4232 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:38:20.0968 4232 MSiSCSI - ok
09:38:20.0984 4232 msiserver - ok
09:38:20.0999 4232 [ ECAB006AC6136F1307E140B633CDB8C2 ] MSK80Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:38:20.0999 4232 MSK80Service - ok
09:38:21.0030 4232 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:38:21.0030 4232 MSKSSRV - ok
09:38:21.0062 4232 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:38:21.0062 4232 MSPCLOCK - ok
09:38:21.0077 4232 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:38:21.0093 4232 MSPQM - ok
09:38:21.0108 4232 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:38:21.0108 4232 MsRPC - ok
09:38:21.0186 4232 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:38:21.0202 4232 mssmbios - ok
09:38:21.0233 4232 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:38:21.0233 4232 MSTEE - ok
09:38:21.0249 4232 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys
09:38:21.0249 4232 Mup - ok
09:38:21.0342 4232 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll
09:38:21.0374 4232 napagent - ok
09:38:21.0483 4232 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:38:21.0483 4232 NativeWifiP - ok
09:38:21.0514 4232 [ C8560010A542B5DCA94C62468DC20784 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:38:21.0530 4232 NDIS - ok
09:38:21.0561 4232 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:38:21.0561 4232 NdisTapi - ok
09:38:21.0576 4232 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:38:21.0576 4232 Ndisuio - ok
09:38:21.0608 4232 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:38:21.0608 4232 NdisWan - ok
09:38:21.0639 4232 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:38:21.0639 4232 NDProxy - ok
09:38:21.0654 4232 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:38:21.0654 4232 NetBIOS - ok
09:38:21.0686 4232 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
09:38:21.0701 4232 netbt - ok
09:38:21.0701 4232 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe
09:38:21.0701 4232 Netlogon - ok
09:38:21.0779 4232 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
09:38:21.0779 4232 Netman - ok
09:38:21.0842 4232 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
09:38:21.0842 4232 netprofm - ok
09:38:21.0998 4232 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:38:22.0029 4232 NetTcpPortSharing - ok
09:38:22.0060 4232 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:38:22.0076 4232 nfrd960 - ok
09:38:22.0091 4232 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:38:22.0107 4232 NlaSvc - ok
09:38:22.0154 4232 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:38:22.0154 4232 Npfs - ok
09:38:22.0216 4232 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
09:38:22.0232 4232 nsi - ok
09:38:22.0278 4232 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:38:22.0278 4232 nsiproxy - ok
09:38:22.0356 4232 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:38:22.0388 4232 Ntfs - ok
09:38:22.0419 4232 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
09:38:22.0419 4232 ntrigdigi - ok
09:38:22.0434 4232 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
09:38:22.0434 4232 Null - ok
09:38:22.0466 4232 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:38:22.0466 4232 nvraid - ok
09:38:22.0481 4232 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:38:22.0481 4232 nvstor - ok
09:38:22.0528 4232 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:38:22.0544 4232 nv_agp - ok
09:38:22.0544 4232 NwlnkFlt - ok
09:38:22.0559 4232 NwlnkFwd - ok
09:38:22.0590 4232 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
09:38:22.0606 4232 ohci1394 - ok
09:38:22.0653 4232 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:38:22.0653 4232 ose - ok
09:38:23.0027 4232 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:38:23.0121 4232 osppsvc - ok
09:38:23.0183 4232 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll
09:38:23.0199 4232 p2pimsvc - ok
09:38:23.0214 4232 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll
09:38:23.0230 4232 p2psvc - ok
09:38:23.0277 4232 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
09:38:23.0277 4232 Parport - ok
09:38:23.0324 4232 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:38:23.0324 4232 partmgr - ok
09:38:23.0370 4232 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
09:38:23.0370 4232 Parvdm - ok
09:38:23.0386 4232 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
09:38:23.0386 4232 PcaSvc - ok
09:38:23.0402 4232 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys
09:38:23.0417 4232 pci - ok
09:38:23.0464 4232 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
09:38:23.0464 4232 pciide - ok
09:38:23.0495 4232 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:38:23.0511 4232 pcmcia - ok
09:38:23.0558 4232 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:38:23.0573 4232 PEAUTH - ok
09:38:23.0636 4232 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
09:38:23.0745 4232 pla - ok
09:38:23.0792 4232 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:38:23.0823 4232 PlugPlay - ok
09:38:24.0041 4232 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
09:38:24.0041 4232 PNRPAutoReg - ok
09:38:24.0088 4232 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll
09:38:24.0088 4232 PNRPsvc - ok
09:38:24.0306 4232 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:38:24.0338 4232 PolicyAgent - ok
09:38:24.0384 4232 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:38:24.0384 4232 PptpMiniport - ok
09:38:24.0416 4232 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
09:38:24.0416 4232 Processor - ok
09:38:24.0462 4232 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll
09:38:24.0478 4232 ProfSvc - ok
09:38:24.0525 4232 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:38:24.0525 4232 ProtectedStorage - ok
09:38:24.0681 4232 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
09:38:24.0712 4232 PSched - ok
09:38:24.0806 4232 [ 03E0FE281823BA64B3782F5B38950E73 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
09:38:24.0806 4232 PxHelp20 - ok
09:38:24.0977 4232 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:38:25.0008 4232 ql2300 - ok
09:38:25.0055 4232 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:38:25.0055 4232 ql40xx - ok
09:38:25.0102 4232 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
09:38:25.0102 4232 QWAVE - ok
09:38:25.0118 4232 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:38:25.0118 4232 QWAVEdrv - ok
09:38:25.0476 4232 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
09:38:25.0554 4232 R300 - ok
09:38:25.0586 4232 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:38:25.0601 4232 RasAcd - ok
09:38:25.0648 4232 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
09:38:25.0664 4232 RasAuto - ok
09:38:25.0695 4232 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:38:25.0695 4232 Rasl2tp - ok
09:38:25.0726 4232 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll
09:38:25.0757 4232 RasMan - ok
09:38:25.0788 4232 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:38:25.0788 4232 RasPppoe - ok
09:38:25.0835 4232 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:38:25.0866 4232 RasSstp - ok
09:38:25.0898 4232 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:38:25.0898 4232 rdbss - ok
09:38:25.0898 4232 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:38:25.0898 4232 RDPCDD - ok
09:38:25.0944 4232 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
09:38:25.0960 4232 rdpdr - ok
09:38:25.0960 4232 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:38:25.0960 4232 RDPENCDD - ok
09:38:26.0022 4232 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:38:26.0022 4232 RDPWD - ok
09:38:26.0100 4232 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:38:26.0100 4232 RemoteAccess - ok
09:38:26.0132 4232 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:38:26.0132 4232 RemoteRegistry - ok
09:38:26.0194 4232 [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
09:38:26.0194 4232 rimmptsk - ok
09:38:26.0210 4232 [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
09:38:26.0241 4232 rimsptsk - ok
09:38:26.0288 4232 [ D231B577024AA324AF13A42F3A807D10 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
09:38:26.0288 4232 rismxdp - ok
09:38:26.0319 4232 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
09:38:26.0319 4232 RpcLocator - ok
09:38:26.0350 4232 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll
09:38:26.0366 4232 RpcSs - ok
09:38:26.0459 4232 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:38:26.0490 4232 rspndr - ok
09:38:26.0490 4232 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe
09:38:26.0506 4232 SamSs - ok
09:38:26.0553 4232 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:38:26.0553 4232 sbp2port - ok
09:38:26.0600 4232 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:38:26.0600 4232 SCardSvr - ok
09:38:26.0771 4232 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll
09:38:26.0787 4232 Schedule - ok
09:38:26.0834 4232 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll
09:38:26.0834 4232 SCPolicySvc - ok
09:38:26.0880 4232 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
09:38:26.0880 4232 sdbus - ok
09:38:26.0927 4232 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:38:26.0958 4232 SDRSVC - ok
09:38:26.0990 4232 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:38:26.0990 4232 secdrv - ok
09:38:27.0021 4232 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
09:38:27.0021 4232 seclogon - ok
09:38:27.0099 4232 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
09:38:27.0130 4232 SENS - ok
09:38:27.0161 4232 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
09:38:27.0161 4232 Serenum - ok
09:38:27.0192 4232 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
09:38:27.0192 4232 Serial - ok
09:38:27.0224 4232 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:38:27.0224 4232 sermouse - ok
09:38:27.0317 4232 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
09:38:27.0348 4232 SessionEnv - ok
09:38:27.0380 4232 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
09:38:27.0380 4232 sffdisk - ok
09:38:27.0411 4232 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:38:27.0411 4232 sffp_mmc - ok
09:38:27.0458 4232 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
09:38:27.0458 4232 sffp_sd - ok
09:38:27.0473 4232 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:38:27.0473 4232 sfloppy - ok
09:38:27.0645 4232 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
09:38:27.0692 4232 Sftfs - ok
09:38:27.0879 4232 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
09:38:27.0926 4232 sftlist - ok
09:38:28.0004 4232 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
09:38:28.0019 4232 Sftplay - ok
09:38:28.0050 4232 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
09:38:28.0050 4232 Sftredir - ok
09:38:28.0097 4232 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
09:38:28.0113 4232 Sftvol - ok
09:38:28.0160 4232 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
09:38:28.0160 4232 sftvsa - ok
09:38:28.0206 4232 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:38:28.0222 4232 SharedAccess - ok
09:38:28.0253 4232 [ 27F10F348E508243F6254846F8370D0D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:38:28.0269 4232 ShellHWDetection - ok
09:38:28.0300 4232 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:38:28.0300 4232 sisagp - ok
09:38:28.0331 4232 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
09:38:28.0331 4232 SiSRaid2 - ok
09:38:28.0347 4232 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:38:28.0347 4232 SiSRaid4 - ok
09:38:28.0425 4232 [ 886DBE1E6DE104591E8B7334B6D42ED8 ] slabbus C:\Windows\system32\DRIVERS\slabbus.sys
09:38:28.0456 4232 slabbus - ok
09:38:28.0487 4232 [ 2F3A6EEBBBBB158CAAA78790FD49E7C3 ] slabser C:\Windows\system32\DRIVERS\slabser.sys
09:38:28.0487 4232 slabser - ok
09:38:28.0596 4232 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe
09:38:28.0659 4232 slsvc - ok
09:38:28.0674 4232 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll
09:38:28.0690 4232 SLUINotify - ok
09:38:28.0706 4232 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:38:28.0706 4232 Smb - ok
09:38:28.0737 4232 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:38:28.0737 4232 SNMPTRAP - ok
09:38:28.0768 4232 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
09:38:28.0768 4232 spldr - ok
09:38:28.0830 4232 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe
09:38:28.0846 4232 Spooler - ok
09:38:28.0908 4232 sprtsvc_dellsupportcenter - ok
09:38:28.0971 4232 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:38:29.0002 4232 srv - ok
09:38:29.0064 4232 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:38:29.0096 4232 srv2 - ok
09:38:29.0111 4232 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:38:29.0111 4232 srvnet - ok
09:38:29.0174 4232 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:38:29.0189 4232 SSDPSRV - ok
09:38:29.0236 4232 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:38:29.0236 4232 SstpSvc - ok
09:38:29.0267 4232 [ 7E6DD4B34ACD36AF6C711D2BDE91B040 ] STacSV C:\Windows\system32\STacSV.exe
09:38:29.0283 4232 STacSV - ok
09:38:29.0376 4232 [ 6A2A5E809C2C0178326D92B19EE4AAD3 ] STHDA C:\Windows\system32\drivers\stwrt.sys
09:38:29.0408 4232 STHDA - ok
09:38:29.0454 4232 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll
09:38:29.0470 4232 stisvc - ok
09:38:29.0532 4232 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
09:38:29.0548 4232 stllssvr - ok
09:38:29.0595 4232 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:38:29.0595 4232 swenum - ok
09:38:29.0626 4232 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll
09:38:29.0626 4232 swprv - ok
09:38:29.0657 4232 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
09:38:29.0657 4232 Symc8xx - ok
09:38:29.0673 4232 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
09:38:29.0673 4232 Sym_hi - ok
09:38:29.0673 4232 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
09:38:29.0673 4232 Sym_u3 - ok
09:38:29.0735 4232 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll
09:38:29.0766 4232 SysMain - ok
09:38:29.0798 4232 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:38:29.0813 4232 TabletInputService - ok
09:38:29.0860 4232 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll
09:38:29.0860 4232 TapiSrv - ok
09:38:29.0891 4232 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
09:38:29.0907 4232 TBS - ok
09:38:29.0985 4232 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:38:30.0032 4232 Tcpip - ok
09:38:30.0047 4232 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
09:38:30.0047 4232 Tcpip6 - ok
09:38:30.0078 4232 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:38:30.0078 4232 tcpipreg - ok
09:38:30.0125 4232 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:38:30.0125 4232 TDPIPE - ok
09:38:30.0156 4232 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:38:30.0156 4232 TDTCP - ok
09:38:30.0188 4232 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:38:30.0188 4232 tdx - ok
09:38:30.0203 4232 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:38:30.0203 4232 TermDD - ok
09:38:30.0234 4232 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll
09:38:30.0234 4232 TermService - ok
09:38:30.0250 4232 [ 27F10F348E508243F6254846F8370D0D ] Themes C:\Windows\system32\shsvcs.dll
09:38:30.0266 4232 Themes - ok
09:38:30.0297 4232 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
09:38:30.0297 4232 THREADORDER - ok
09:38:30.0359 4232 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
09:38:30.0359 4232 TrkWks - ok
09:38:30.0531 4232 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:38:30.0531 4232 TrustedInstaller - ok
09:38:30.0609 4232 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:38:30.0624 4232 tssecsrv - ok
09:38:30.0718 4232 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
09:38:30.0718 4232 tunmp - ok
09:38:30.0812 4232 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:38:30.0812 4232 tunnel - ok
09:38:30.0890 4232 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:38:30.0890 4232 uagp35 - ok
09:38:30.0921 4232 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:38:30.0936 4232 udfs - ok
09:38:30.0983 4232 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:38:30.0983 4232 UI0Detect - ok
09:38:31.0014 4232 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:38:31.0014 4232 uliagpkx - ok
09:38:31.0061 4232 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
09:38:31.0061 4232 uliahci - ok
09:38:31.0092 4232 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
09:38:31.0108 4232 UlSata - ok
09:38:31.0139 4232 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
09:38:31.0139 4232 ulsata2 - ok
09:38:31.0186 4232 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:38:31.0202 4232 umbus - ok
09:38:31.0233 4232 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
09:38:31.0248 4232 upnphost - ok
09:38:31.0295 4232 [ 4B8A9C16B6D9258ED99C512AECB8C555 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
09:38:31.0295 4232 USBAAPL - ok
09:38:31.0326 4232 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:38:31.0326 4232 usbccgp - ok
09:38:31.0342 4232 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:38:31.0358 4232 usbcir - ok
09:38:31.0389 4232 [ 686D4188AE36254C3008B71FEDACADF3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:38:31.0389 4232 usbehci - ok
09:38:31.0420 4232 [ 4E42F665A658F08D153F7FFFE7C83806 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:38:31.0420 4232 usbhub - ok
09:38:31.0420 4232 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:38:31.0420 4232 usbohci - ok
09:38:31.0451 4232 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
09:38:31.0451 4232 usbprint - ok
09:38:31.0482 4232 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:38:31.0482 4232 USBSTOR - ok
09:38:31.0498 4232 [ 40F95A3D6D50D82F947F1D167C2EC39D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:38:31.0529 4232 usbuhci - ok
09:38:31.0592 4232 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll
09:38:31.0592 4232 UxSms - ok
09:38:31.0763 4232 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe
09:38:31.0794 4232 vds - ok
09:38:31.0810 4232 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:38:31.0810 4232 vga - ok
09:38:31.0826 4232 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
09:38:31.0826 4232 VgaSave - ok
09:38:31.0857 4232 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:38:31.0857 4232 viaagp - ok
09:38:31.0872 4232 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
09:38:31.0872 4232 ViaC7 - ok
09:38:31.0904 4232 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
09:38:31.0904 4232 viaide - ok
09:38:31.0919 4232 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:38:31.0919 4232 volmgr - ok
09:38:31.0966 4232 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:38:31.0966 4232 volmgrx - ok
09:38:31.0997 4232 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:38:31.0997 4232 volsnap - ok
09:38:32.0044 4232 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:38:32.0044 4232 vsmraid - ok
09:38:32.0106 4232 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe
09:38:32.0169 4232 VSS - ok
09:38:32.0200 4232 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll
09:38:32.0200 4232 W32Time - ok
09:38:32.0231 4232 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:38:32.0247 4232 WacomPen - ok
09:38:32.0278 4232 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
09:38:32.0278 4232 Wanarp - ok
09:38:32.0278 4232 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:38:32.0278 4232 Wanarpv6 - ok
09:38:32.0309 4232 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:38:32.0325 4232 wcncsvc - ok
09:38:32.0325 4232 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:38:32.0340 4232 WcsPlugInService - ok
09:38:32.0340 4232 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
09:38:32.0340 4232 Wd - ok
09:38:32.0387 4232 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:38:32.0387 4232 Wdf01000 - ok
09:38:32.0403 4232 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:38:32.0418 4232 WdiServiceHost - ok
09:38:32.0418 4232 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:38:32.0418 4232 WdiSystemHost - ok
09:38:32.0434 4232 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll
09:38:32.0434 4232 WebClient - ok
09:38:32.0481 4232 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:38:32.0481 4232 Wecsvc - ok
09:38:32.0496 4232 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:38:32.0496 4232 wercplsupport - ok
09:38:32.0528 4232 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll
09:38:32.0543 4232 WerSvc - ok
09:38:32.0559 4232 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
09:38:32.0574 4232 winachsf - ok
09:38:32.0730 4232 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:38:32.0777 4232 WinDefend - ok
09:38:32.0777 4232 WinHttpAutoProxySvc - ok
09:38:32.0980 4232 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:38:32.0980 4232 Winmgmt - ok
09:38:33.0292 4232 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
09:38:33.0339 4232 WinRM - ok
09:38:33.0386 4232 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:38:33.0401 4232 Wlansvc - ok
09:38:33.0401 4232 wltrysvc - ok
09:38:33.0464 4232 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:38:33.0479 4232 WmiAcpi - ok
09:38:33.0526 4232 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:38:33.0526 4232 wmiApSrv - ok
09:38:33.0776 4232 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:38:33.0791 4232 WMPNetworkSvc - ok
09:38:33.0838 4232 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:38:33.0838 4232 WPCSvc - ok
09:38:33.0869 4232 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:38:33.0869 4232 WPDBusEnum - ok
09:38:34.0041 4232 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:38:34.0056 4232 WPFFontCache_v0400 - ok
09:38:34.0088 4232 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:38:34.0088 4232 ws2ifsl - ok
09:38:34.0119 4232 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll
09:38:34.0119 4232 wscsvc - ok
09:38:34.0134 4232 WSearch - ok
09:38:34.0556 4232 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
09:38:34.0634 4232 wuauserv - ok
09:38:34.0665 4232 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:38:34.0665 4232 WUDFRd - ok
09:38:34.0712 4232 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:38:34.0712 4232 wudfsvc - ok
09:38:34.0743 4232 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
09:38:34.0743 4232 XAudio - ok
09:38:34.0774 4232 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
09:38:34.0790 4232 XAudioService - ok
09:38:34.0836 4232 [ A4822191C7CEA271903C2A4FB6D9809D ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
09:38:34.0852 4232 yukonwlh - ok
09:38:34.0852 4232 ================ Scan global ===============================
09:38:34.0899 4232 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
09:38:34.0961 4232 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
09:38:34.0977 4232 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
09:38:35.0024 4232 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
09:38:35.0024 4232 [Global] - ok
09:38:35.0024 4232 ================ Scan MBR ==================================
09:38:35.0039 4232 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
09:38:36.0880 4232 \Device\Harddisk0\DR0 - ok
09:38:36.0896 4232 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
09:38:36.0896 4232 \Device\Harddisk1\DR1 - ok
09:38:36.0896 4232 ================ Scan VBR ==================================
09:38:36.0927 4232 [ 1C87BB41B794AA77B498067DE1159056 ] \Device\Harddisk0\DR0\Partition1
09:38:36.0942 4232 \Device\Harddisk0\DR0\Partition1 - ok
09:38:36.0974 4232 [ 927A9DBF00CD43240F760F56A95BC6BD ] \Device\Harddisk0\DR0\Partition2
09:38:36.0974 4232 \Device\Harddisk0\DR0\Partition2 - ok
09:38:36.0974 4232 [ B3E75E9CF0E7506BEF2AED93A01021F9 ] \Device\Harddisk1\DR1\Partition1
09:38:36.0989 4232 \Device\Harddisk1\DR1\Partition1 - ok
09:38:36.0989 4232 ============================================================
09:38:36.0989 4232 Scan finished
09:38:36.0989 4232 ============================================================
09:38:36.0989 2672 Detected object count: 0
09:38:36.0989 2672 Actual detected object count: 0
09:37:50.0579 3384 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
09:37:50.0938 3384 ============================================================
09:37:50.0938 3384 Current date / time: 2012/10/23 09:37:50.0938
09:37:50.0938 3384 SystemInfo:
09:37:50.0938 3384
09:37:50.0938 3384 OS Version: 6.0.6001 ServicePack: 1.0
09:37:50.0938 3384 Product type: Workstation
09:37:50.0938 3384 ComputerName: DELL-LT
09:37:50.0938 3384 UserName: sonny&shirley
09:37:50.0938 3384 Windows directory: C:\Windows
09:37:50.0938 3384 System windows directory: C:\Windows
09:37:50.0938 3384 Processor architecture: Intel x86
09:37:50.0938 3384 Number of processors: 2
09:37:50.0938 3384 Page size: 0x1000
09:37:50.0938 3384 Boot type: Normal boot
09:37:50.0938 3384 ============================================================
09:37:52.0919 3384 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:37:53.0013 3384 Drive \Device\Harddisk1\DR1 - Size: 0x77460000 (1.86 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:37:53.0013 3384 ============================================================
09:37:53.0013 3384 \Device\Harddisk0\DR0:
09:37:53.0044 3384 MBR partitions:
09:37:53.0044 3384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1388000
09:37:53.0044 3384 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x139C000, BlocksNum 0xC6F83A8
09:37:53.0091 3384 \Device\Harddisk1\DR1:
09:37:53.0091 3384 MBR partitions:
09:37:53.0091 3384 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2, BlocksNum 0x3BA2FE
09:37:53.0091 3384 ============================================================
09:37:53.0184 3384 C: <-> \Device\Harddisk0\DR0\Partition2
09:37:53.0262 3384 D: <-> \Device\Harddisk0\DR0\Partition1
09:37:53.0262 3384 ============================================================
09:37:53.0262 3384 Initialize success
09:37:53.0262 3384 ============================================================
09:37:57.0069 4232 ============================================================
09:37:57.0069 4232 Scan started
09:37:57.0069 4232 Mode: Manual;
09:37:57.0069 4232 ============================================================
09:38:04.0588 4232 ================ Scan system memory ========================
09:38:04.0588 4232 System memory - ok
09:38:04.0588 4232 ================ Scan services =============================
09:38:06.0148 4232 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys
09:38:06.0195 4232 ACPI - ok
09:38:06.0647 4232 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:38:06.0647 4232 AdobeARMservice - ok
09:38:06.0710 4232 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:38:06.0725 4232 adp94xx - ok
09:38:06.0756 4232 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:38:06.0772 4232 adpahci - ok
09:38:06.0788 4232 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
09:38:06.0803 4232 adpu160m - ok
09:38:06.0803 4232 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:38:06.0803 4232 adpu320 - ok
09:38:06.0866 4232 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:38:06.0881 4232 AeLookupSvc - ok
09:38:06.0944 4232 [ EF1142512BEC12F1C2C87735DA1755BE ] AESTFilters C:\Windows\system32\aestsrv.exe
09:38:06.0944 4232 AESTFilters - ok
09:38:07.0146 4232 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys
09:38:07.0178 4232 AFD - ok
09:38:07.0240 4232 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:38:07.0240 4232 agp440 - ok
09:38:07.0334 4232 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:38:07.0365 4232 aic78xx - ok
09:38:07.0380 4232 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
09:38:07.0396 4232 ALG - ok
09:38:07.0443 4232 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
09:38:07.0443 4232 aliide - ok
09:38:07.0490 4232 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:38:07.0490 4232 amdagp - ok
09:38:07.0521 4232 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
09:38:07.0521 4232 amdide - ok
09:38:07.0583 4232 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
09:38:07.0583 4232 AmdK7 - ok
09:38:07.0583 4232 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:38:07.0583 4232 AmdK8 - ok
09:38:07.0661 4232 [ A80230BD04F0B8BF05185B369BB1CBB8 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
09:38:07.0677 4232 ApfiltrService - ok
09:38:07.0833 4232 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
09:38:07.0848 4232 Appinfo - ok
09:38:08.0145 4232 [ 70D7BE78061126DD0C3ACCDB7E129017 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:38:08.0176 4232 Apple Mobile Device - ok
09:38:08.0223 4232 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
09:38:08.0254 4232 arc - ok
09:38:08.0301 4232 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:38:08.0301 4232 arcsas - ok
09:38:08.0426 4232 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:38:08.0441 4232 AsyncMac - ok
09:38:08.0504 4232 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
09:38:08.0535 4232 atapi - ok
09:38:08.0597 4232 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:38:08.0597 4232 AudioEndpointBuilder - ok
09:38:08.0597 4232 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:38:08.0613 4232 Audiosrv - ok
09:38:08.0769 4232 BCM42RLY - ok
09:38:09.0174 4232 [ CDF7F28FFD693B1B4137845DD1EF1CCC ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
09:38:09.0206 4232 BCM43XX - ok
09:38:09.0284 4232 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
09:38:09.0284 4232 Beep - ok
09:38:09.0440 4232 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll
09:38:09.0440 4232 BFE - ok
09:38:09.0580 4232 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll
09:38:09.0596 4232 BITS - ok
09:38:09.0627 4232 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:38:09.0627 4232 blbdrive - ok
09:38:09.0798 4232 [ 673CF4F6BB1FBE09331B526802FBB892 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:38:09.0814 4232 Bonjour Service - ok
09:38:09.0861 4232 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:38:09.0861 4232 bowser - ok
09:38:09.0954 4232 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
09:38:09.0970 4232 BrFiltLo - ok
09:38:10.0032 4232 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
09:38:10.0064 4232 BrFiltUp - ok
09:38:10.0110 4232 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
09:38:10.0142 4232 Browser - ok
09:38:10.0251 4232 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
09:38:10.0282 4232 Brserid - ok
09:38:10.0329 4232 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
09:38:10.0344 4232 BrSerWdm - ok
09:38:10.0391 4232 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
09:38:10.0407 4232 BrUsbMdm - ok
09:38:10.0469 4232 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
09:38:10.0485 4232 BrUsbSer - ok
09:38:10.0532 4232 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:38:10.0532 4232 BTHMODEM - ok
09:38:10.0578 4232 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:38:10.0610 4232 cdfs - ok
09:38:10.0625 4232 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:38:10.0641 4232 cdrom - ok
09:38:10.0656 4232 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll
09:38:10.0656 4232 CertPropSvc - ok
09:38:10.0734 4232 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
09:38:10.0750 4232 circlass - ok
09:38:10.0859 4232 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys
09:38:10.0859 4232 CLFS - ok
09:38:10.0984 4232 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:38:10.0984 4232 clr_optimization_v2.0.50727_32 - ok
09:38:11.0078 4232 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:38:11.0109 4232 clr_optimization_v4.0.30319_32 - ok
09:38:11.0156 4232 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:38:11.0156 4232 CmBatt - ok
09:38:11.0171 4232 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:38:11.0171 4232 cmdide - ok
09:38:11.0202 4232 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:38:11.0202 4232 Compbatt - ok
09:38:11.0218 4232 COMSysApp - ok
09:38:11.0218 4232 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:38:11.0218 4232 crcdisk - ok
09:38:11.0249 4232 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
09:38:11.0249 4232 Crusoe - ok
09:38:11.0296 4232 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:38:11.0296 4232 CryptSvc - ok
09:38:11.0592 4232 [ DDAC7684F4BC3F655ED31D8AA494E9AB ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:38:11.0592 4232 cvhsvc - ok
09:38:11.0764 4232 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:38:11.0764 4232 DcomLaunch - ok
09:38:11.0811 4232 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:38:11.0826 4232 DfsC - ok
09:38:11.0967 4232 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe
09:38:12.0045 4232 DFSR - ok
09:38:12.0092 4232 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
09:38:12.0092 4232 Dhcp - ok
09:38:12.0154 4232 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys
09:38:12.0185 4232 disk - ok
09:38:12.0263 4232 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:38:12.0294 4232 Dnscache - ok
09:38:12.0466 4232 [ 13511564CAC5A005255765E322C16967 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
09:38:12.0497 4232 DockLoginService - ok
09:38:12.0528 4232 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll
09:38:12.0528 4232 dot3svc - ok
09:38:12.0544 4232 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
09:38:12.0560 4232 DPS - ok
09:38:12.0606 4232 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:38:12.0606 4232 drmkaud - ok
09:38:12.0653 4232 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:38:12.0669 4232 DXGKrnl - ok
09:38:12.0716 4232 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
09:38:12.0716 4232 e1express - ok
09:38:12.0747 4232 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
09:38:12.0747 4232 E1G60 - ok
09:38:12.0778 4232 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
09:38:12.0778 4232 EapHost - ok
09:38:12.0809 4232 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys
09:38:12.0825 4232 Ecache - ok
09:38:12.0950 4232 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:38:12.0965 4232 ehRecvr - ok
09:38:12.0996 4232 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
09:38:12.0996 4232 ehSched - ok
09:38:13.0028 4232 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
09:38:13.0028 4232 ehstart - ok
09:38:13.0059 4232 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:38:13.0074 4232 elxstor - ok
09:38:13.0168 4232 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
09:38:13.0184 4232 EMDMgmt - ok
09:38:13.0230 4232 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:38:13.0230 4232 ErrDev - ok
09:38:13.0293 4232 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll
09:38:13.0324 4232 EventSystem - ok
09:38:13.0386 4232 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys
09:38:13.0402 4232 exfat - ok
09:38:13.0449 4232 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:38:13.0449 4232 fastfat - ok
09:38:13.0511 4232 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:38:13.0511 4232 fdc - ok
09:38:13.0558 4232 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
09:38:13.0558 4232 fdPHost - ok
09:38:13.0589 4232 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
09:38:13.0605 4232 FDResPub - ok
09:38:13.0620 4232 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:38:13.0620 4232 FileInfo - ok
09:38:13.0667 4232 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:38:13.0667 4232 Filetrace - ok
09:38:13.0698 4232 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:38:13.0698 4232 flpydisk - ok
09:38:13.0730 4232 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:38:13.0745 4232 FltMgr - ok
09:38:13.0808 4232 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:38:13.0808 4232 FontCache3.0.0.0 - ok
09:38:13.0839 4232 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:38:13.0839 4232 Fs_Rec - ok
09:38:13.0901 4232 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:38:13.0932 4232 gagp30kx - ok
09:38:13.0995 4232 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:38:14.0010 4232 GEARAspiWDM - ok
09:38:14.0182 4232 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
09:38:14.0213 4232 GoogleDesktopManager-051210-111108 - ok
09:38:14.0276 4232 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
09:38:14.0276 4232 GoToAssist - ok
09:38:14.0510 4232 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll
09:38:14.0541 4232 gpsvc - ok
09:38:14.0588 4232 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:38:14.0603 4232 gupdate - ok
09:38:14.0634 4232 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:38:14.0634 4232 gupdatem - ok
09:38:14.0681 4232 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:38:14.0697 4232 gusvc - ok
09:38:14.0744 4232 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:38:14.0744 4232 HDAudBus - ok
09:38:14.0775 4232 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:38:14.0775 4232 HidBth - ok
09:38:14.0806 4232 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
09:38:14.0806 4232 HidIr - ok
09:38:14.0853 4232 [ 53D5A2F9CE6AE47D7507727DF1DA79F8 ] hidserv C:\Windows\system32\hidserv.dll
09:38:14.0884 4232 hidserv - ok
09:38:14.0931 4232 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:38:14.0946 4232 HidUsb - ok
09:38:14.0993 4232 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:38:15.0024 4232 hkmsvc - ok
09:38:15.0056 4232 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
09:38:15.0056 4232 HpCISSs - ok
09:38:15.0305 4232 [ 99F85640054BA65190B860D878A7C9AE ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
09:38:15.0368 4232 HSF_DPV - ok
09:38:15.0430 4232 [ CFBC2B81972E298F0E19EE68FA9E73DA ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
09:38:15.0461 4232 HSXHWAZL - ok
09:38:15.0492 4232 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:38:15.0508 4232 HTTP - ok
09:38:15.0555 4232 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
09:38:15.0555 4232 i2omp - ok
09:38:15.0602 4232 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:38:15.0617 4232 i8042prt - ok
09:38:15.0742 4232 [ AE38A12F79A4980DDB88F36514F8A1DA ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
09:38:15.0758 4232 IAANTMON - ok
09:38:15.0804 4232 [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor C:\Windows\system32\drivers\iastor.sys
09:38:15.0804 4232 iaStor - ok
09:38:15.0851 4232 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
09:38:15.0851 4232 iaStorV - ok
09:38:15.0929 4232 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:38:15.0960 4232 idsvc - ok
09:38:16.0491 4232 [ C134E69CE901422D1F2D7EA8D69098FE ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
09:38:16.0584 4232 igfx - ok
09:38:16.0600 4232 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:38:16.0600 4232 iirsp - ok
09:38:16.0662 4232 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll
09:38:16.0662 4232 IKEEXT - ok
09:38:16.0740 4232 [ 98D303CCB3415E9202E82043B37D66DC ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
09:38:16.0756 4232 IntcHdmiAddService - ok
09:38:16.0850 4232 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
09:38:16.0881 4232 intelide - ok
09:38:16.0928 4232 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:38:16.0928 4232 intelppm - ok
09:38:16.0943 4232 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:38:16.0943 4232 IPBusEnum - ok
09:38:16.0974 4232 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:38:16.0974 4232 IpFilterDriver - ok
09:38:17.0099 4232 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:38:17.0130 4232 iphlpsvc - ok
09:38:17.0130 4232 IpInIp - ok
09:38:17.0162 4232 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
09:38:17.0162 4232 IPMIDRV - ok
09:38:17.0208 4232 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
09:38:17.0208 4232 IPNAT - ok
09:38:17.0489 4232 [ DCB3796E0169419618C72F0CE34C68ED ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:38:17.0536 4232 iPod Service - ok
09:38:17.0567 4232 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:38:17.0567 4232 IRENUM - ok
09:38:17.0598 4232 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:38:17.0598 4232 isapnp - ok
09:38:17.0645 4232 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
09:38:17.0676 4232 iScsiPrt - ok
09:38:17.0692 4232 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
09:38:17.0708 4232 iteatapi - ok
09:38:17.0723 4232 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
09:38:17.0723 4232 iteraid - ok
09:38:17.0770 4232 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:38:17.0770 4232 kbdclass - ok
09:38:17.0801 4232 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:38:17.0817 4232 kbdhid - ok
09:38:17.0848 4232 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe
09:38:17.0864 4232 KeyIso - ok
09:38:17.0879 4232 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:38:17.0895 4232 KSecDD - ok
09:38:17.0942 4232 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
09:38:17.0942 4232 KtmRm - ok
09:38:18.0051 4232 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:38:18.0082 4232 LanmanServer - ok
09:38:18.0129 4232 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:38:18.0144 4232 LanmanWorkstation - ok
09:38:18.0191 4232 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:38:18.0191 4232 lltdio - ok
09:38:18.0332 4232 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:38:18.0363 4232 lltdsvc - ok
09:38:18.0394 4232 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:38:18.0394 4232 lmhosts - ok
09:38:18.0456 4232 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:38:18.0472 4232 LSI_FC - ok
09:38:18.0519 4232 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:38:18.0519 4232 LSI_SAS - ok
09:38:18.0566 4232 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:38:18.0566 4232 LSI_SCSI - ok
09:38:18.0581 4232 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
09:38:18.0597 4232 luafv - ok
09:38:18.0675 4232 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:38:18.0706 4232 MBAMProtector - ok
09:38:18.0800 4232 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:38:18.0800 4232 MBAMScheduler - ok
09:38:18.0846 4232 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:38:18.0862 4232 MBAMService - ok
09:38:19.0080 4232 [ ECAB006AC6136F1307E140B633CDB8C2 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:38:19.0112 4232 McAfee SiteAdvisor Service - ok
09:38:19.0236 4232 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
09:38:19.0283 4232 McComponentHostService - ok
09:38:19.0299 4232 [ ECAB006AC6136F1307E140B633CDB8C2 ] McMPFSvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:38:19.0299 4232 McMPFSvc - ok
09:38:19.0299 4232 [ ECAB006AC6136F1307E140B633CDB8C2 ] mcmscsvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:38:19.0299 4232 mcmscsvc - ok
09:38:19.0314 4232 [ ECAB006AC6136F1307E140B633CDB8C2 ] McNaiAnn C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:38:19.0314 4232 McNaiAnn - ok
09:38:19.0346 4232 [ ECAB006AC6136F1307E140B633CDB8C2 ] McNASvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:38:19.0361 4232 McNASvc - ok
09:38:19.0517 4232 [ B3CD9ADE1C2665124CA34125B331B0B4 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
09:38:19.0533 4232 McODS - ok
09:38:19.0533 4232 [ ECAB006AC6136F1307E140B633CDB8C2 ] McProxy C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:38:19.0533 4232 McProxy - ok
09:38:19.0580 4232 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:38:19.0580 4232 Mcx2Svc - ok
09:38:19.0642 4232 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
09:38:19.0642 4232 mdmxsdk - ok
09:38:19.0689 4232 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
09:38:19.0689 4232 megasas - ok
09:38:19.0751 4232 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
09:38:19.0767 4232 MegaSR - ok
09:38:19.0814 4232 [ AC04A618AEF3DE0FCE91C766F9E069DA ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
09:38:19.0814 4232 mfenlfk - ok
09:38:19.0829 4232 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
09:38:19.0845 4232 MMCSS - ok
09:38:19.0907 4232 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
09:38:19.0923 4232 Modem - ok
09:38:19.0985 4232 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:38:19.0985 4232 monitor - ok
09:38:20.0032 4232 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:38:20.0063 4232 mouclass - ok
09:38:20.0110 4232 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:38:20.0126 4232 mouhid - ok
09:38:20.0172 4232 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
09:38:20.0172 4232 MountMgr - ok
09:38:20.0204 4232 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
09:38:20.0219 4232 mpio - ok
09:38:20.0266 4232 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:38:20.0266 4232 mpsdrv - ok
09:38:20.0391 4232 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll
09:38:20.0438 4232 MpsSvc - ok
09:38:20.0500 4232 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
09:38:20.0500 4232 Mraid35x - ok
09:38:20.0500 4232 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:38:20.0516 4232 MRxDAV - ok
09:38:20.0562 4232 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:38:20.0562 4232 mrxsmb - ok
09:38:20.0625 4232 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:38:20.0656 4232 mrxsmb10 - ok
09:38:20.0672 4232 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:38:20.0672 4232 mrxsmb20 - ok
09:38:20.0734 4232 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
09:38:20.0750 4232 msahci - ok
09:38:20.0781 4232 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:38:20.0781 4232 msdsm - ok
09:38:20.0812 4232 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
09:38:20.0843 4232 MSDTC - ok
09:38:20.0906 4232 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:38:20.0906 4232 Msfs - ok
09:38:20.0921 4232 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:38:20.0921 4232 msisadrv - ok
09:38:20.0968 4232 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:38:20.0968 4232 MSiSCSI - ok
09:38:20.0984 4232 msiserver - ok
09:38:20.0999 4232 [ ECAB006AC6136F1307E140B633CDB8C2 ] MSK80Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:38:20.0999 4232 MSK80Service - ok
09:38:21.0030 4232 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:38:21.0030 4232 MSKSSRV - ok
09:38:21.0062 4232 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:38:21.0062 4232 MSPCLOCK - ok
09:38:21.0077 4232 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:38:21.0093 4232 MSPQM - ok
09:38:21.0108 4232 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:38:21.0108 4232 MsRPC - ok
09:38:21.0186 4232 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:38:21.0202 4232 mssmbios - ok
09:38:21.0233 4232 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:38:21.0233 4232 MSTEE - ok
09:38:21.0249 4232 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys
09:38:21.0249 4232 Mup - ok
09:38:21.0342 4232 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll
09:38:21.0374 4232 napagent - ok
09:38:21.0483 4232 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:38:21.0483 4232 NativeWifiP - ok
09:38:21.0514 4232 [ C8560010A542B5DCA94C62468DC20784 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:38:21.0530 4232 NDIS - ok
09:38:21.0561 4232 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:38:21.0561 4232 NdisTapi - ok
09:38:21.0576 4232 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:38:21.0576 4232 Ndisuio - ok
09:38:21.0608 4232 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:38:21.0608 4232 NdisWan - ok
09:38:21.0639 4232 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:38:21.0639 4232 NDProxy - ok
09:38:21.0654 4232 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:38:21.0654 4232 NetBIOS - ok
09:38:21.0686 4232 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
09:38:21.0701 4232 netbt - ok
09:38:21.0701 4232 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe
09:38:21.0701 4232 Netlogon - ok
09:38:21.0779 4232 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
09:38:21.0779 4232 Netman - ok
09:38:21.0842 4232 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
09:38:21.0842 4232 netprofm - ok
09:38:21.0998 4232 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:38:22.0029 4232 NetTcpPortSharing - ok
09:38:22.0060 4232 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:38:22.0076 4232 nfrd960 - ok
09:38:22.0091 4232 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:38:22.0107 4232 NlaSvc - ok
09:38:22.0154 4232 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:38:22.0154 4232 Npfs - ok
09:38:22.0216 4232 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
09:38:22.0232 4232 nsi - ok
09:38:22.0278 4232 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:38:22.0278 4232 nsiproxy - ok
09:38:22.0356 4232 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:38:22.0388 4232 Ntfs - ok
09:38:22.0419 4232 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
09:38:22.0419 4232 ntrigdigi - ok
09:38:22.0434 4232 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
09:38:22.0434 4232 Null - ok
09:38:22.0466 4232 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:38:22.0466 4232 nvraid - ok
09:38:22.0481 4232 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:38:22.0481 4232 nvstor - ok
09:38:22.0528 4232 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:38:22.0544 4232 nv_agp - ok
09:38:22.0544 4232 NwlnkFlt - ok
09:38:22.0559 4232 NwlnkFwd - ok
09:38:22.0590 4232 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
09:38:22.0606 4232 ohci1394 - ok
09:38:22.0653 4232 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:38:22.0653 4232 ose - ok
09:38:23.0027 4232 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:38:23.0121 4232 osppsvc - ok
09:38:23.0183 4232 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll
09:38:23.0199 4232 p2pimsvc - ok
09:38:23.0214 4232 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll
09:38:23.0230 4232 p2psvc - ok
09:38:23.0277 4232 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
09:38:23.0277 4232 Parport - ok
09:38:23.0324 4232 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:38:23.0324 4232 partmgr - ok
09:38:23.0370 4232 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
09:38:23.0370 4232 Parvdm - ok
09:38:23.0386 4232 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
09:38:23.0386 4232 PcaSvc - ok
09:38:23.0402 4232 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys
09:38:23.0417 4232 pci - ok
09:38:23.0464 4232 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
09:38:23.0464 4232 pciide - ok
09:38:23.0495 4232 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:38:23.0511 4232 pcmcia - ok
09:38:23.0558 4232 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:38:23.0573 4232 PEAUTH - ok
09:38:23.0636 4232 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
09:38:23.0745 4232 pla - ok
09:38:23.0792 4232 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:38:23.0823 4232 PlugPlay - ok
09:38:24.0041 4232 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
09:38:24.0041 4232 PNRPAutoReg - ok
09:38:24.0088 4232 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll
09:38:24.0088 4232 PNRPsvc - ok
09:38:24.0306 4232 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:38:24.0338 4232 PolicyAgent - ok
09:38:24.0384 4232 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:38:24.0384 4232 PptpMiniport - ok
09:38:24.0416 4232 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
09:38:24.0416 4232 Processor - ok
09:38:24.0462 4232 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll
09:38:24.0478 4232 ProfSvc - ok
09:38:24.0525 4232 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:38:24.0525 4232 ProtectedStorage - ok
09:38:24.0681 4232 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
09:38:24.0712 4232 PSched - ok
09:38:24.0806 4232 [ 03E0FE281823BA64B3782F5B38950E73 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
09:38:24.0806 4232 PxHelp20 - ok
09:38:24.0977 4232 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:38:25.0008 4232 ql2300 - ok
09:38:25.0055 4232 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:38:25.0055 4232 ql40xx - ok
09:38:25.0102 4232 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
09:38:25.0102 4232 QWAVE - ok
09:38:25.0118 4232 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:38:25.0118 4232 QWAVEdrv - ok
09:38:25.0476 4232 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
09:38:25.0554 4232 R300 - ok
09:38:25.0586 4232 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:38:25.0601 4232 RasAcd - ok
09:38:25.0648 4232 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
09:38:25.0664 4232 RasAuto - ok
09:38:25.0695 4232 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:38:25.0695 4232 Rasl2tp - ok
09:38:25.0726 4232 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll
09:38:25.0757 4232 RasMan - ok
09:38:25.0788 4232 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:38:25.0788 4232 RasPppoe - ok
09:38:25.0835 4232 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:38:25.0866 4232 RasSstp - ok
09:38:25.0898 4232 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:38:25.0898 4232 rdbss - ok
09:38:25.0898 4232 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:38:25.0898 4232 RDPCDD - ok
09:38:25.0944 4232 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
09:38:25.0960 4232 rdpdr - ok
09:38:25.0960 4232 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:38:25.0960 4232 RDPENCDD - ok
09:38:26.0022 4232 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:38:26.0022 4232 RDPWD - ok
09:38:26.0100 4232 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:38:26.0100 4232 RemoteAccess - ok
09:38:26.0132 4232 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:38:26.0132 4232 RemoteRegistry - ok
09:38:26.0194 4232 [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
09:38:26.0194 4232 rimmptsk - ok
09:38:26.0210 4232 [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
09:38:26.0241 4232 rimsptsk - ok
09:38:26.0288 4232 [ D231B577024AA324AF13A42F3A807D10 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
09:38:26.0288 4232 rismxdp - ok
09:38:26.0319 4232 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
09:38:26.0319 4232 RpcLocator - ok
09:38:26.0350 4232 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll
09:38:26.0366 4232 RpcSs - ok
09:38:26.0459 4232 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:38:26.0490 4232 rspndr - ok
09:38:26.0490 4232 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe
09:38:26.0506 4232 SamSs - ok
09:38:26.0553 4232 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:38:26.0553 4232 sbp2port - ok
09:38:26.0600 4232 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:38:26.0600 4232 SCardSvr - ok
09:38:26.0771 4232 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll
09:38:26.0787 4232 Schedule - ok
09:38:26.0834 4232 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll
09:38:26.0834 4232 SCPolicySvc - ok
09:38:26.0880 4232 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
09:38:26.0880 4232 sdbus - ok
09:38:26.0927 4232 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:38:26.0958 4232 SDRSVC - ok
09:38:26.0990 4232 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:38:26.0990 4232 secdrv - ok
09:38:27.0021 4232 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
09:38:27.0021 4232 seclogon - ok
09:38:27.0099 4232 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
09:38:27.0130 4232 SENS - ok
09:38:27.0161 4232 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
09:38:27.0161 4232 Serenum - ok
09:38:27.0192 4232 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
09:38:27.0192 4232 Serial - ok
09:38:27.0224 4232 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:38:27.0224 4232 sermouse - ok
09:38:27.0317 4232 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
09:38:27.0348 4232 SessionEnv - ok
09:38:27.0380 4232 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
09:38:27.0380 4232 sffdisk - ok
09:38:27.0411 4232 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:38:27.0411 4232 sffp_mmc - ok
09:38:27.0458 4232 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
09:38:27.0458 4232 sffp_sd - ok
09:38:27.0473 4232 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:38:27.0473 4232 sfloppy - ok
09:38:27.0645 4232 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
09:38:27.0692 4232 Sftfs - ok
09:38:27.0879 4232 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
09:38:27.0926 4232 sftlist - ok
09:38:28.0004 4232 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
09:38:28.0019 4232 Sftplay - ok
09:38:28.0050 4232 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
09:38:28.0050 4232 Sftredir - ok
09:38:28.0097 4232 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
09:38:28.0113 4232 Sftvol - ok
09:38:28.0160 4232 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
09:38:28.0160 4232 sftvsa - ok
09:38:28.0206 4232 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:38:28.0222 4232 SharedAccess - ok
09:38:28.0253 4232 [ 27F10F348E508243F6254846F8370D0D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:38:28.0269 4232 ShellHWDetection - ok
09:38:28.0300 4232 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:38:28.0300 4232 sisagp - ok
09:38:28.0331 4232 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
09:38:28.0331 4232 SiSRaid2 - ok
09:38:28.0347 4232 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:38:28.0347 4232 SiSRaid4 - ok
09:38:28.0425 4232 [ 886DBE1E6DE104591E8B7334B6D42ED8 ] slabbus C:\Windows\system32\DRIVERS\slabbus.sys
09:38:28.0456 4232 slabbus - ok
09:38:28.0487 4232 [ 2F3A6EEBBBBB158CAAA78790FD49E7C3 ] slabser C:\Windows\system32\DRIVERS\slabser.sys
09:38:28.0487 4232 slabser - ok
09:38:28.0596 4232 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe
09:38:28.0659 4232 slsvc - ok
09:38:28.0674 4232 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll
09:38:28.0690 4232 SLUINotify - ok
09:38:28.0706 4232 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:38:28.0706 4232 Smb - ok
09:38:28.0737 4232 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:38:28.0737 4232 SNMPTRAP - ok
09:38:28.0768 4232 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
09:38:28.0768 4232 spldr - ok
09:38:28.0830 4232 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe
09:38:28.0846 4232 Spooler - ok
09:38:28.0908 4232 sprtsvc_dellsupportcenter - ok
09:38:28.0971 4232 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:38:29.0002 4232 srv - ok
09:38:29.0064 4232 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:38:29.0096 4232 srv2 - ok
09:38:29.0111 4232 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:38:29.0111 4232 srvnet - ok
09:38:29.0174 4232 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:38:29.0189 4232 SSDPSRV - ok
09:38:29.0236 4232 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:38:29.0236 4232 SstpSvc - ok
09:38:29.0267 4232 [ 7E6DD4B34ACD36AF6C711D2BDE91B040 ] STacSV C:\Windows\system32\STacSV.exe
09:38:29.0283 4232 STacSV - ok
09:38:29.0376 4232 [ 6A2A5E809C2C0178326D92B19EE4AAD3 ] STHDA C:\Windows\system32\drivers\stwrt.sys
09:38:29.0408 4232 STHDA - ok
09:38:29.0454 4232 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll
09:38:29.0470 4232 stisvc - ok
09:38:29.0532 4232 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
09:38:29.0548 4232 stllssvr - ok
09:38:29.0595 4232 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:38:29.0595 4232 swenum - ok
09:38:29.0626 4232 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll
09:38:29.0626 4232 swprv - ok
09:38:29.0657 4232 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
09:38:29.0657 4232 Symc8xx - ok
09:38:29.0673 4232 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
09:38:29.0673 4232 Sym_hi - ok
09:38:29.0673 4232 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
09:38:29.0673 4232 Sym_u3 - ok
09:38:29.0735 4232 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll
09:38:29.0766 4232 SysMain - ok
09:38:29.0798 4232 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:38:29.0813 4232 TabletInputService - ok
09:38:29.0860 4232 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll
09:38:29.0860 4232 TapiSrv - ok
09:38:29.0891 4232 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
09:38:29.0907 4232 TBS - ok
09:38:29.0985 4232 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:38:30.0032 4232 Tcpip - ok
09:38:30.0047 4232 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
09:38:30.0047 4232 Tcpip6 - ok
09:38:30.0078 4232 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:38:30.0078 4232 tcpipreg - ok
09:38:30.0125 4232 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:38:30.0125 4232 TDPIPE - ok
09:38:30.0156 4232 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:38:30.0156 4232 TDTCP - ok
09:38:30.0188 4232 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:38:30.0188 4232 tdx - ok
09:38:30.0203 4232 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:38:30.0203 4232 TermDD - ok
09:38:30.0234 4232 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll
09:38:30.0234 4232 TermService - ok
09:38:30.0250 4232 [ 27F10F348E508243F6254846F8370D0D ] Themes C:\Windows\system32\shsvcs.dll
09:38:30.0266 4232 Themes - ok
09:38:30.0297 4232 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
09:38:30.0297 4232 THREADORDER - ok
09:38:30.0359 4232 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
09:38:30.0359 4232 TrkWks - ok
09:38:30.0531 4232 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:38:30.0531 4232 TrustedInstaller - ok
09:38:30.0609 4232 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:38:30.0624 4232 tssecsrv - ok
09:38:30.0718 4232 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
09:38:30.0718 4232 tunmp - ok
09:38:30.0812 4232 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:38:30.0812 4232 tunnel - ok
09:38:30.0890 4232 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:38:30.0890 4232 uagp35 - ok
09:38:30.0921 4232 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:38:30.0936 4232 udfs - ok
09:38:30.0983 4232 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:38:30.0983 4232 UI0Detect - ok
09:38:31.0014 4232 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:38:31.0014 4232 uliagpkx - ok
09:38:31.0061 4232 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
09:38:31.0061 4232 uliahci - ok
09:38:31.0092 4232 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
09:38:31.0108 4232 UlSata - ok
09:38:31.0139 4232 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
09:38:31.0139 4232 ulsata2 - ok
09:38:31.0186 4232 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:38:31.0202 4232 umbus - ok
09:38:31.0233 4232 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
09:38:31.0248 4232 upnphost - ok
09:38:31.0295 4232 [ 4B8A9C16B6D9258ED99C512AECB8C555 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
09:38:31.0295 4232 USBAAPL - ok
09:38:31.0326 4232 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:38:31.0326 4232 usbccgp - ok
09:38:31.0342 4232 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:38:31.0358 4232 usbcir - ok
09:38:31.0389 4232 [ 686D4188AE36254C3008B71FEDACADF3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:38:31.0389 4232 usbehci - ok
09:38:31.0420 4232 [ 4E42F665A658F08D153F7FFFE7C83806 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:38:31.0420 4232 usbhub - ok
09:38:31.0420 4232 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:38:31.0420 4232 usbohci - ok
09:38:31.0451 4232 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
09:38:31.0451 4232 usbprint - ok
09:38:31.0482 4232 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:38:31.0482 4232 USBSTOR - ok
09:38:31.0498 4232 [ 40F95A3D6D50D82F947F1D167C2EC39D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:38:31.0529 4232 usbuhci - ok
09:38:31.0592 4232 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll
09:38:31.0592 4232 UxSms - ok
09:38:31.0763 4232 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe
09:38:31.0794 4232 vds - ok
09:38:31.0810 4232 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:38:31.0810 4232 vga - ok
09:38:31.0826 4232 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
09:38:31.0826 4232 VgaSave - ok
09:38:31.0857 4232 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:38:31.0857 4232 viaagp - ok
09:38:31.0872 4232 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
09:38:31.0872 4232 ViaC7 - ok
09:38:31.0904 4232 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
09:38:31.0904 4232 viaide - ok
09:38:31.0919 4232 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:38:31.0919 4232 volmgr - ok
09:38:31.0966 4232 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:38:31.0966 4232 volmgrx - ok
09:38:31.0997 4232 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:38:31.0997 4232 volsnap - ok
09:38:32.0044 4232 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:38:32.0044 4232 vsmraid - ok
09:38:32.0106 4232 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe
09:38:32.0169 4232 VSS - ok
09:38:32.0200 4232 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll
09:38:32.0200 4232 W32Time - ok
09:38:32.0231 4232 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:38:32.0247 4232 WacomPen - ok
09:38:32.0278 4232 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
09:38:32.0278 4232 Wanarp - ok
09:38:32.0278 4232 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:38:32.0278 4232 Wanarpv6 - ok
09:38:32.0309 4232 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:38:32.0325 4232 wcncsvc - ok
09:38:32.0325 4232 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:38:32.0340 4232 WcsPlugInService - ok
09:38:32.0340 4232 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
09:38:32.0340 4232 Wd - ok
09:38:32.0387 4232 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:38:32.0387 4232 Wdf01000 - ok
09:38:32.0403 4232 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:38:32.0418 4232 WdiServiceHost - ok
09:38:32.0418 4232 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:38:32.0418 4232 WdiSystemHost - ok
09:38:32.0434 4232 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll
09:38:32.0434 4232 WebClient - ok
09:38:32.0481 4232 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:38:32.0481 4232 Wecsvc - ok
09:38:32.0496 4232 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:38:32.0496 4232 wercplsupport - ok
09:38:32.0528 4232 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll
09:38:32.0543 4232 WerSvc - ok
09:38:32.0559 4232 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
09:38:32.0574 4232 winachsf - ok
09:38:32.0730 4232 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:38:32.0777 4232 WinDefend - ok
09:38:32.0777 4232 WinHttpAutoProxySvc - ok
09:38:32.0980 4232 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:38:32.0980 4232 Winmgmt - ok
09:38:33.0292 4232 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
09:38:33.0339 4232 WinRM - ok
09:38:33.0386 4232 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:38:33.0401 4232 Wlansvc - ok
09:38:33.0401 4232 wltrysvc - ok
09:38:33.0464 4232 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:38:33.0479 4232 WmiAcpi - ok
09:38:33.0526 4232 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:38:33.0526 4232 wmiApSrv - ok
09:38:33.0776 4232 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:38:33.0791 4232 WMPNetworkSvc - ok
09:38:33.0838 4232 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:38:33.0838 4232 WPCSvc - ok
09:38:33.0869 4232 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:38:33.0869 4232 WPDBusEnum - ok
09:38:34.0041 4232 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:38:34.0056 4232 WPFFontCache_v0400 - ok
09:38:34.0088 4232 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:38:34.0088 4232 ws2ifsl - ok
09:38:34.0119 4232 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll
09:38:34.0119 4232 wscsvc - ok
09:38:34.0134 4232 WSearch - ok
09:38:34.0556 4232 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
09:38:34.0634 4232 wuauserv - ok
09:38:34.0665 4232 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:38:34.0665 4232 WUDFRd - ok
09:38:34.0712 4232 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:38:34.0712 4232 wudfsvc - ok
09:38:34.0743 4232 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
09:38:34.0743 4232 XAudio - ok
09:38:34.0774 4232 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
09:38:34.0790 4232 XAudioService - ok
09:38:34.0836 4232 [ A4822191C7CEA271903C2A4FB6D9809D ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
09:38:34.0852 4232 yukonwlh - ok
09:38:34.0852 4232 ================ Scan global ===============================
09:38:34.0899 4232 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
09:38:34.0961 4232 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
09:38:34.0977 4232 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
09:38:35.0024 4232 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
09:38:35.0024 4232 [Global] - ok
09:38:35.0024 4232 ================ Scan MBR ==================================
09:38:35.0039 4232 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
09:38:36.0880 4232 \Device\Harddisk0\DR0 - ok
09:38:36.0896 4232 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
09:38:36.0896 4232 \Device\Harddisk1\DR1 - ok
09:38:36.0896 4232 ================ Scan VBR ==================================
09:38:36.0927 4232 [ 1C87BB41B794AA77B498067DE1159056 ] \Device\Harddisk0\DR0\Partition1
09:38:36.0942 4232 \Device\Harddisk0\DR0\Partition1 - ok
09:38:36.0974 4232 [ 927A9DBF00CD43240F760F56A95BC6BD ] \Device\Harddisk0\DR0\Partition2
09:38:36.0974 4232 \Device\Harddisk0\DR0\Partition2 - ok
09:38:36.0974 4232 [ B3E75E9CF0E7506BEF2AED93A01021F9 ] \Device\Harddisk1\DR1\Partition1
09:38:36.0989 4232 \Device\Harddisk1\DR1\Partition1 - ok
09:38:36.0989 4232 ============================================================
09:38:36.0989 4232 Scan finished
09:38:36.0989 4232 ============================================================
09:38:36.0989 2672 Detected object count: 0
09:38:36.0989 2672 Actual detected object count: 0


Thank you,

Please let me know how to proceed.

#6 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:10:55 PM

Posted 23 October 2012 - 09:18 AM

Hi again,

So your internet is working now? That's good. What are your current issues you're experiencing?

I see you're Windows Installation is out of date, but we'll get to that. :thumbup2:

I've tried to bring over multiple on a flash drive, and the virus crashes the program before it can finish scanning. Please advise...


Which program are you talking about here?

==========

A couple of more scans to be safe:

Step :step1:

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

==========

Step :step2:

ESET Online Scanner:

***Note: This scan may take a while

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here to run the scan.

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

==========

In your next reply, please include the following:

  • The AdwCleaner log
  • The ESET log
  • An answer to my questions at the top
bloopie

#7 stevenljones

stevenljones
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 23 October 2012 - 09:34 AM

yes I know. I was handed this computer and expected to fix it...thank god for bleeping. I am performing your instructions now. I cannot get the antivirsu they have to load. I assume it hasn't been updated in ages or has never been updated. I will post results when finished.

#8 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:10:55 PM

Posted 23 October 2012 - 09:45 AM

Good! :thumbup2:

What's the current antivirus program installed?

bloopie

#9 stevenljones

stevenljones
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 23 October 2012 - 10:10 AM

Machine is currently running Macafee total protection. I cannot get the program to load. It launches at startup but like I said it won't load so I am unable to perform a full scan. I'm away from the computer for the next couple hours but I will run the scans when I return.

As far as preventing future issues. What programs should I install for this machine...winpatrol? MBAM? ??

Bloopie...Thanks again for everything now and in the future. :clapping: :thumbsup:

#10 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:10:55 PM

Posted 23 October 2012 - 10:50 AM

Hi again,

Bloopie...Thanks again for everything now and in the future. :clapping: :thumbsup:

My pleasure! :)

Machine is currently running Macafee total protection.

You may need to uninstall/reinstall it, if the owners of the computer have their activation/license. Otherwise I can link you to other free alternative antivirus solutions you can run instead.

As far as preventing future issues. What programs should I install for this machine...winpatrol? MBAM? ??

As for prevention...your best bet is to make sure your antivirus program is running and up to date at all times, run MBAM once a week, and practice safe surfing! I'll give you some more options when we're done cleaning and getting the system up to date. :)

Safe surfing is probably THE BEST way to prevent an infection that no one really pays a lot of attention to. :thumbup2:

==========

I'll be looking for those scan logs when you have time.

bloopie

#11 stevenljones

stevenljones
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 23 October 2012 - 06:10 PM

ESET log

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=043fc2eabe5c08418ade33325730ac6d
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-10-23 10:49:32
# local_time=2012-10-23 06:49:32 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=5121 16777213 100 75 0 4369592 0 0
# compatibility_mode=5892 16776574 100 100 66093823 187635172 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=151292
# found=0
# cleaned=0
# scan_time=4928

AdwCleaner log:

# AdwCleaner v2.005 - Logfile created 10/23/2012 at 10:36:51
# Updated 14/10/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 1 (32 bits)
# User : sonny&shirley - DELL-LT
# Boot Mode : Normal
# Running from : C:\Users\sonny&shirley\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~1\22630~1.40\{16cdf~1\browse~1.dll
Key Deleted : HKCU\Software\BrowserMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.19088

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [6215 octets] - [13/10/2012 14:12:02]
AdwCleaner[R2].txt - [6275 octets] - [13/10/2012 14:12:39]
AdwCleaner[S1].txt - [6931 octets] - [13/10/2012 14:15:31]
AdwCleaner[R3].txt - [2317 octets] - [23/10/2012 10:36:33]
AdwCleaner[S2].txt - [1966 octets] - [23/10/2012 10:36:51]

########## EOF - C:\AdwCleaner[S2].txt - [2026 octets] ##########

thank you

steven

#12 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:10:55 PM

Posted 24 October 2012 - 10:11 AM

Hi again,

That's really not too bad. Any other problems with the machine?

==========

Your Microsoft Windows installation is out of date.
Whenever a security problem in its software is found, Microsoft will usually create a patch for it. After the patch is installed, attackers can't use the vulnerability to install malicious software on your PC, so keeping up with these patches will help to prevent malicious software being installed on your PC
Go here to check for & install updates to Microsoft applications.
Note: The update process uses ActiveX, so you will need to use Internet Explorer for it, and allow the ActiveX control that it wants to install.

Please reboot and repeat the update process until there are no more updates to install.

When you are finished, please post a new HijackThis log here in a reply. Also, please let me know of any problems you may have encountered.

==========

Keep your programs up to date. This is very important to security! Most recent threats target other third party software, such as Adobe's Adobe Reader, Shockwave Player, or Flash Player, or Oracle's Java browser plugins. you can check your system for out of date software manually, or by using automated tools such as Secunia's Personal Software Inspector. This goes doubly for security applications such as antivirus and other antimalware products based on definition lists, where out of date lists mean no detection of newer malware.

==========

Does the owner of the PC want to keep Macafee? Are you able to reinstall that program, or would you like to switch?


bloopie

#13 stevenljones

stevenljones
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 29 October 2012 - 08:32 AM

Unable to reinstall Mcafee....I have performed a system update to service pack two...I have the free version of MBAM. what do you suggest i install for virus protection. Since none of the scans found anything. Do you suggest I do anything else with this machine to clean..

Thanks for everything

#14 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:10:55 PM

Posted 29 October 2012 - 10:25 AM

Hi again,

Okay, you can uninstall Mcafee through the Programs and Features menu. If you have problems with uninstalling, then use the McAfee Consumer Products Removal Tool.

Personally I use Microsoft Security Essentials, but you can choose any of the free AV's below:


==========

Now let's run a couple of follow up scans:

Step :step1:

Download the Junkware Removal Rool by thisisu and save it to your desktop.
  • Right-click on JRT.exe and select Run as Administrator
  • When the scan finishes, post the results in your next reply

==========

Step :step2:

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

==========

In your next reply, please include the following:

  • The Junkware Remover log
  • The FSS log

bloopie

#15 stevenljones

stevenljones
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 29 October 2012 - 02:03 PM

I installed MS. Here are the logs also going with MBAM and super anti spyware.

Junkware Removal Log:

Junkware Removal Tool (JRT) by Thisisu
Version: 2.2.4 (10.28.2012)
OS: Windows Vista ™ Home Premium x86
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values:

Successfully deleted: ["BrowserMngr Start Page"] from hkey_users\S-1-5-21-2138515189-3331502318-1133760833-1000\software\microsoft\internet explorer\main
Successfully deleted: [BrowserMngrDefaultScope] from hkey_users\S-1-5-21-2138515189-3331502318-1133760833-1000\software\microsoft\internet explorer\searchscopes



*** Registry Keys:

Successfully deleted: [KEY] "hkey_current_user\software\microsoft\babylon"



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Mon 10/29/2012 at 14:46:52.64
End of Report


FSS log:

Farbar Service Scanner Version: 27-10-2012
Ran by sonny&shirley (administrator) on 29-10-2012 at 14:48:53
Running from "C:\Users\sonny&shirley\Desktop\Fixers"
Microsoft® Windows Vista™ Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll
[2008-01-20 22:24] - [2008-01-20 22:24] - 0204288 ____A (Microsoft Corporation) 43A988A9C10333476CB5FB667CBD629D

C:\Windows\system32\Drivers\afd.sys
[2011-06-17 08:47] - [2011-04-21 09:16] - 0273408 ____A (Microsoft Corporation) 48EB99503533C27AC6135648E5474457

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2010-09-08 23:43] - [2010-06-16 11:55] - 0902032 ____A (Microsoft Corporation) 6216A954ED7045B62880A92D6C9B9FC7

C:\Windows\system32\dnsrslvr.dll
[2011-04-12 17:50] - [2011-03-02 10:49] - 0086528 ____A (Microsoft Corporation) 4805D9A6D281C7A7DEFD9094DEC6AF7D

C:\Windows\system32\mpssvc.dll
[2008-01-20 22:24] - [2008-01-20 22:24] - 0393216 ____A (Microsoft Corporation) D1639BA315B0D79DEC49A4B0E1FB929B

C:\Windows\system32\bfe.dll
[2010-09-08 23:43] - [2010-06-16 11:09] - 0328704 ____A (Microsoft Corporation) D3E6D78285529962349A7F1617035938

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe
[2008-01-20 22:23] - [2008-01-20 22:23] - 1054720 ____A (Microsoft Corporation) D5FB73D19C46ADE183F968E13F186B23

C:\Windows\system32\wscsvc.dll
[2008-01-20 22:23] - [2008-01-20 22:23] - 0061440 ____A (Microsoft Corporation) 683DD16B590372F2C9661D277F35E49C

C:\Windows\system32\wbem\WMIsvc.dll
[2008-01-20 22:24] - [2008-01-20 22:24] - 0161792 ____A (Microsoft Corporation) 00B79A7C984678F24CF052E5BEB3A2F5

C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll
[2008-01-20 22:25] - [2008-01-20 22:25] - 0758272 ____A (Microsoft Corporation) 02ED7B4DBC2A3232A389106DA7515C3D

C:\Windows\system32\es.dll
[2010-09-08 23:46] - [2008-04-18 01:48] - 0269312 ____A (Microsoft Corporation) 3CB3343D720168B575133A0A20DC2465

C:\Windows\system32\cryptsvc.dll
[2008-01-20 22:24] - [2008-01-20 22:24] - 0128000 ____A (Microsoft Corporation) 6DE363F9F99334514C46AEC02D3E3678

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll
[2010-09-08 23:47] - [2009-03-03 00:39] - 0551424 ____A (Microsoft Corporation) 301AE00E12408650BADDC04DBC832830



**** End of log ****

-steven




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users