Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to Stop multiple browser Hijacking?


  • Please log in to reply
25 replies to this topic

#1 luvs2surf

luvs2surf

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:27 PM

Posted 29 November 2012 - 09:18 PM

I have a Windows 7 Laptop.
I have Microsoft Security Essentials and Malwarebytes installed on my computer.
I have recently had a problem with major spyware (trojan viruses) and Browser hijacking.
A couple of days ago I ran Malwarebyes Quick Scan, then downloaded Spybot, then re-ran Malwarebytes & found the following on my computer (in safe mode)
* Pup.mywebsearch (HKCR>CLSID)
* W3I.IQ5.fraud & Win32.Downloader.bltu
* Backdoor.bot (HKCU/Software/Microsoft/Windows/CurrentVersion/ Run
Then my internet started really messing up and my computer started giving me a solid red screen upon restart and would freeze when I tried to run Malwarebytes again.
Thus I tried Spybot and Eset Online Scanner and agan found the following :
* Win32/Tobfy!mp3 (Appdata\local\VirtualStore\ProgramFiles(x86)\MozillaFirefox\1.mp3 & At
Windows\SysWow64\1mp3

Then I started finding several browser hijacks,etc.

* 63.209.69.107 (Isearch.Babylon.com)

* Smitfraud-C.generic

* BeesQ redirect virus (Trojan.Agent.M)

* Nixxie Answers redirect virus (c drive - ProgramData - Rootkit.0Access & 22B8.tmp.dat)

* Win32/Tracur.AV

* 8.26.70.252

After getting rid of those with the Eset online scan my laptop seemed better..Then today it started again, and two times worse..

* Internet redirect - 63.209.69.107 and 8.26.70.252

Then I ran tdsskiller root killer scan and found :

* Drive c - Device\HardDisk\DR0 (Rootkit.Bit.Phir.c)

Then MSC started going crazy and found a bunch of malware or something

* Win64/Alureon.gen!f , 32/Orsam!rts , Alureon.gen!AD, & DOS/Alureon j.

What can I do to get and keep my laptop free of browser hijacking,malware etc?!?!?!?

Any help will truly be appreciated.

Edited by Orange Blossom, 29 November 2012 - 11:12 PM.
Moved from Windows 7 to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:27 PM

Posted 30 November 2012 - 09:57 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 luvs2surf

luvs2surf
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:27 PM

Posted 30 November 2012 - 07:07 PM

I went into Safe Mode with networking and first ran the TDSSkiller, this is the log :

17:41:07.0918 1812 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:41:08.0604 1812 ============================================================
17:41:08.0604 1812 Current date / time: 2012/11/30 17:41:08.0604
17:41:08.0604 1812 SystemInfo:
17:41:08.0604 1812
17:41:08.0604 1812 OS Version: 6.1.7600 ServicePack: 0.0
17:41:08.0604 1812 Product type: Workstation
17:41:08.0604 1812 ComputerName: CRICKET-PC
17:41:08.0604 1812 UserName: cricket
17:41:08.0604 1812 Windows directory: C:\windows
17:41:08.0604 1812 System windows directory: C:\windows
17:41:08.0604 1812 Running under WOW64
17:41:08.0604 1812 Processor architecture: Intel x64
17:41:08.0604 1812 Number of processors: 2
17:41:08.0604 1812 Page size: 0x1000
17:41:08.0604 1812 Boot type: Safe boot with network
17:41:08.0604 1812 ============================================================
17:41:09.0119 1812 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:41:09.0119 1812 ============================================================
17:41:09.0119 1812 \Device\Harddisk0\DR0:
17:41:09.0119 1812 MBR partitions:
17:41:09.0119 1812 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
17:41:09.0119 1812 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x236AFAB0
17:41:09.0119 1812 ============================================================
17:41:09.0150 1812 C: <-> \Device\Harddisk0\DR0\Partition2
17:41:09.0150 1812 ============================================================
17:41:09.0150 1812 Initialize success
17:41:09.0150 1812 ============================================================
17:41:27.0715 2036 ============================================================
17:41:27.0715 2036 Scan started
17:41:27.0715 2036 Mode: Manual; TDLFS;
17:41:27.0715 2036 ============================================================
17:41:27.0886 2036 ================ Scan system memory ========================
17:41:27.0886 2036 System memory - ok
17:41:27.0886 2036 ================ Scan services =============================
17:41:28.0058 2036 [ 969C91060CBB5D17CB8440B5F78B4C51 ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
17:41:28.0058 2036 1394ohci - ok
17:41:28.0105 2036 [ 794FF35015209B9D44F1360C42C9776D ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
17:41:28.0120 2036 ACPI - ok
17:41:28.0136 2036 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
17:41:28.0136 2036 AcpiPmi - ok
17:41:28.0401 2036 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:41:28.0401 2036 AdobeARMservice - ok
17:41:28.0495 2036 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
17:41:28.0510 2036 adp94xx - ok
17:41:28.0541 2036 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
17:41:28.0541 2036 adpahci - ok
17:41:28.0588 2036 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
17:41:28.0588 2036 adpu320 - ok
17:41:28.0635 2036 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:41:28.0651 2036 AeLookupSvc - ok
17:41:28.0760 2036 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\AESTSr64.exe
17:41:28.0760 2036 AESTFilters - ok
17:41:28.0822 2036 [ 6EF20DDF3172E97D69F596FB90602F29 ] AFD C:\windows\system32\drivers\afd.sys
17:41:28.0822 2036 AFD - ok
17:41:28.0869 2036 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\DRIVERS\agp440.sys
17:41:28.0869 2036 agp440 - ok
17:41:28.0885 2036 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
17:41:28.0900 2036 ALG - ok
17:41:28.0947 2036 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\DRIVERS\aliide.sys
17:41:28.0947 2036 aliide - ok
17:41:28.0963 2036 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\DRIVERS\amdide.sys
17:41:28.0963 2036 amdide - ok
17:41:29.0009 2036 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
17:41:29.0009 2036 AmdK8 - ok
17:41:29.0025 2036 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
17:41:29.0025 2036 AmdPPM - ok
17:41:29.0103 2036 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\windows\system32\drivers\amdsata.sys
17:41:29.0103 2036 amdsata - ok
17:41:29.0134 2036 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
17:41:29.0150 2036 amdsbs - ok
17:41:29.0181 2036 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\windows\system32\drivers\amdxata.sys
17:41:29.0197 2036 amdxata - ok
17:41:29.0243 2036 [ 98449A2957778A6F025C418438A380F4 ] ApfiltrService C:\windows\system32\DRIVERS\Apfiltr.sys
17:41:29.0243 2036 ApfiltrService - ok
17:41:29.0290 2036 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\windows\system32\drivers\appid.sys
17:41:29.0290 2036 AppID - ok
17:41:29.0306 2036 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:41:29.0321 2036 AppIDSvc - ok
17:41:29.0368 2036 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\windows\System32\appinfo.dll
17:41:29.0368 2036 Appinfo - ok
17:41:29.0368 2036 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
17:41:29.0384 2036 arc - ok
17:41:29.0384 2036 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
17:41:29.0384 2036 arcsas - ok
17:41:29.0431 2036 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:41:29.0431 2036 AsyncMac - ok
17:41:29.0462 2036 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\DRIVERS\atapi.sys
17:41:29.0462 2036 atapi - ok
17:41:29.0524 2036 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:41:29.0540 2036 AudioEndpointBuilder - ok
17:41:29.0571 2036 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\windows\System32\Audiosrv.dll
17:41:29.0587 2036 AudioSrv - ok
17:41:29.0618 2036 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\windows\System32\AxInstSV.dll
17:41:29.0618 2036 AxInstSV - ok
17:41:29.0665 2036 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
17:41:29.0680 2036 b06bdrv - ok
17:41:29.0696 2036 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
17:41:29.0711 2036 b57nd60a - ok
17:41:29.0774 2036 [ 5C0F919666954885D7760DFFE4B29A25 ] BCM42RLY C:\windows\system32\drivers\BCM42RLY.sys
17:41:29.0774 2036 BCM42RLY - ok
17:41:29.0867 2036 [ BAB887A2B2786310A966881F074F4A99 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys
17:41:29.0883 2036 BCM43XX - ok
17:41:29.0977 2036 [ D98F22C21D2969DAD4F1FAAD8CD4FAAC ] BcmVWL C:\windows\system32\DRIVERS\bcmvwl64.sys
17:41:29.0977 2036 BcmVWL - ok
17:41:30.0008 2036 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
17:41:30.0008 2036 BDESVC - ok
17:41:30.0055 2036 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
17:41:30.0055 2036 Beep - ok
17:41:30.0117 2036 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\windows\System32\bfe.dll
17:41:30.0133 2036 BFE - ok
17:41:30.0179 2036 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\windows\System32\qmgr.dll
17:41:30.0320 2036 BITS - ok
17:41:30.0351 2036 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:41:30.0351 2036 blbdrive - ok
17:41:30.0382 2036 [ 19D20159708E152267E53B66677A4995 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:41:30.0382 2036 bowser - ok
17:41:30.0413 2036 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
17:41:30.0413 2036 BrFiltLo - ok
17:41:30.0413 2036 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
17:41:30.0413 2036 BrFiltUp - ok
17:41:30.0445 2036 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\windows\System32\browser.dll
17:41:30.0445 2036 Browser - ok
17:41:30.0476 2036 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:41:30.0476 2036 Brserid - ok
17:41:30.0491 2036 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:41:30.0491 2036 BrSerWdm - ok
17:41:30.0491 2036 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:41:30.0491 2036 BrUsbMdm - ok
17:41:30.0491 2036 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:41:30.0491 2036 BrUsbSer - ok
17:41:30.0507 2036 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
17:41:30.0507 2036 BTHMODEM - ok
17:41:30.0569 2036 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
17:41:30.0569 2036 bthserv - ok
17:41:30.0601 2036 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:41:30.0601 2036 cdfs - ok
17:41:30.0647 2036 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
17:41:30.0647 2036 cdrom - ok
17:41:30.0679 2036 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\windows\System32\certprop.dll
17:41:30.0679 2036 CertPropSvc - ok
17:41:30.0741 2036 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
17:41:30.0741 2036 circlass - ok
17:41:30.0757 2036 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
17:41:30.0772 2036 CLFS - ok
17:41:30.0866 2036 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:41:30.0866 2036 clr_optimization_v2.0.50727_32 - ok
17:41:30.0959 2036 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:41:30.0959 2036 clr_optimization_v2.0.50727_64 - ok
17:41:31.0147 2036 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:41:31.0162 2036 clr_optimization_v4.0.30319_32 - ok
17:41:31.0209 2036 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:41:31.0209 2036 clr_optimization_v4.0.30319_64 - ok
17:41:31.0240 2036 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:41:31.0240 2036 CmBatt - ok
17:41:31.0256 2036 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
17:41:31.0256 2036 cmdide - ok
17:41:31.0303 2036 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\windows\system32\Drivers\cng.sys
17:41:31.0303 2036 CNG - ok
17:41:31.0334 2036 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
17:41:31.0334 2036 Compbatt - ok
17:41:31.0365 2036 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
17:41:31.0365 2036 CompositeBus - ok
17:41:31.0396 2036 COMSysApp - ok
17:41:31.0521 2036 cpuz135 - ok
17:41:31.0568 2036 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
17:41:31.0568 2036 crcdisk - ok
17:41:31.0646 2036 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\windows\system32\cryptsvc.dll
17:41:31.0646 2036 CryptSvc - ok
17:41:31.0708 2036 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\windows\system32\DRIVERS\CtClsFlt.sys
17:41:31.0708 2036 CtClsFlt - ok
17:41:31.0833 2036 [ 61A86809B62769643892BC0812B204AA ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:41:31.0849 2036 cvhsvc - ok
17:41:31.0942 2036 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\windows\system32\rpcss.dll
17:41:31.0973 2036 DcomLaunch - ok
17:41:32.0020 2036 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
17:41:32.0020 2036 defragsvc - ok
17:41:32.0067 2036 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:41:32.0067 2036 DfsC - ok
17:41:32.0114 2036 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\windows\system32\dhcpcore.dll
17:41:32.0114 2036 Dhcp - ok
17:41:32.0145 2036 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
17:41:32.0145 2036 discache - ok
17:41:32.0192 2036 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
17:41:32.0192 2036 Disk - ok
17:41:32.0223 2036 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\windows\System32\dnsrslvr.dll
17:41:32.0223 2036 Dnscache - ok
17:41:32.0270 2036 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\windows\System32\dot3svc.dll
17:41:32.0270 2036 dot3svc - ok
17:41:32.0317 2036 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\windows\system32\dps.dll
17:41:32.0317 2036 DPS - ok
17:41:32.0348 2036 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:41:32.0348 2036 drmkaud - ok
17:41:32.0410 2036 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:41:32.0426 2036 DXGKrnl - ok
17:41:32.0504 2036 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
17:41:32.0504 2036 EapHost - ok
17:41:32.0582 2036 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
17:41:32.0675 2036 ebdrv - ok
17:41:32.0707 2036 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\windows\System32\lsass.exe
17:41:32.0707 2036 EFS - ok
17:41:32.0753 2036 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:41:32.0769 2036 ehRecvr - ok
17:41:32.0800 2036 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
17:41:32.0816 2036 ehSched - ok
17:41:32.0847 2036 [ 4778EEECB75C6FB419745BEED3530B9D ] ElRawDisk C:\windows\system32\drivers\rsdrvx64.sys
17:41:32.0847 2036 ElRawDisk - ok
17:41:32.0894 2036 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
17:41:32.0909 2036 elxstor - ok
17:41:32.0956 2036 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
17:41:32.0956 2036 ErrDev - ok
17:41:33.0003 2036 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
17:41:33.0003 2036 EventSystem - ok
17:41:33.0034 2036 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
17:41:33.0050 2036 exfat - ok
17:41:33.0065 2036 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
17:41:33.0081 2036 fastfat - ok
17:41:33.0143 2036 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\windows\system32\fxssvc.exe
17:41:33.0159 2036 Fax - ok
17:41:33.0175 2036 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
17:41:33.0175 2036 fdc - ok
17:41:33.0206 2036 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
17:41:33.0206 2036 fdPHost - ok
17:41:33.0237 2036 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
17:41:33.0237 2036 FDResPub - ok
17:41:33.0268 2036 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:41:33.0284 2036 FileInfo - ok
17:41:33.0315 2036 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:41:33.0315 2036 Filetrace - ok
17:41:33.0346 2036 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
17:41:33.0346 2036 flpydisk - ok
17:41:33.0409 2036 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:41:33.0409 2036 FltMgr - ok
17:41:33.0487 2036 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\windows\system32\FntCache.dll
17:41:33.0518 2036 FontCache - ok
17:41:33.0596 2036 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:41:33.0596 2036 FontCache3.0.0.0 - ok
17:41:33.0627 2036 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:41:33.0627 2036 FsDepends - ok
17:41:33.0721 2036 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:41:33.0721 2036 Fs_Rec - ok
17:41:33.0783 2036 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:41:33.0783 2036 fvevol - ok
17:41:33.0799 2036 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
17:41:33.0799 2036 gagp30kx - ok
17:41:33.0861 2036 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
17:41:33.0861 2036 GameConsoleService - ok
17:41:33.0908 2036 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
17:41:33.0908 2036 GoToAssist - ok
17:41:33.0986 2036 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\windows\System32\gpsvc.dll
17:41:34.0001 2036 gpsvc - ok
17:41:34.0157 2036 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:41:34.0157 2036 gupdate - ok
17:41:34.0189 2036 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:41:34.0189 2036 gupdatem - ok
17:41:34.0220 2036 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:41:34.0220 2036 hcw85cir - ok
17:41:34.0251 2036 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:41:34.0251 2036 HdAudAddService - ok
17:41:34.0267 2036 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
17:41:34.0267 2036 HDAudBus - ok
17:41:34.0641 2036 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
17:41:34.0641 2036 HECIx64 - ok
17:41:34.0641 2036 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
17:41:34.0641 2036 HidBatt - ok
17:41:34.0641 2036 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
17:41:34.0641 2036 HidBth - ok
17:41:34.0657 2036 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
17:41:34.0657 2036 HidIr - ok
17:41:34.0672 2036 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
17:41:34.0672 2036 hidserv - ok
17:41:34.0719 2036 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
17:41:34.0719 2036 HidUsb - ok
17:41:34.0735 2036 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\windows\system32\kmsvc.dll
17:41:34.0735 2036 hkmsvc - ok
17:41:34.0750 2036 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:41:34.0766 2036 HomeGroupListener - ok
17:41:34.0781 2036 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:41:34.0781 2036 HomeGroupProvider - ok
17:41:34.0781 2036 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
17:41:34.0781 2036 HpSAMD - ok
17:41:34.0813 2036 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:41:34.0828 2036 HTTP - ok
17:41:34.0844 2036 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:41:34.0844 2036 hwpolicy - ok
17:41:34.0875 2036 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
17:41:34.0875 2036 i8042prt - ok
17:41:34.0922 2036 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
17:41:34.0922 2036 iaStor - ok
17:41:35.0000 2036 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:41:35.0000 2036 IAStorDataMgrSvc - ok
17:41:35.0031 2036 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:41:35.0031 2036 iaStorV - ok
17:41:35.0093 2036 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:41:35.0109 2036 idsvc - ok
17:41:35.0359 2036 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
17:41:35.0577 2036 igfx - ok
17:41:35.0608 2036 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
17:41:35.0608 2036 iirsp - ok
17:41:35.0655 2036 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\windows\System32\ikeext.dll
17:41:35.0671 2036 IKEEXT - ok
17:41:35.0702 2036 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
17:41:35.0717 2036 Impcd - ok
17:41:35.0733 2036 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\DRIVERS\intelide.sys
17:41:35.0733 2036 intelide - ok
17:41:35.0764 2036 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:41:35.0764 2036 intelppm - ok
17:41:35.0780 2036 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:41:35.0780 2036 IPBusEnum - ok
17:41:35.0795 2036 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:41:35.0795 2036 IpFilterDriver - ok
17:41:35.0827 2036 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
17:41:35.0842 2036 iphlpsvc - ok
17:41:35.0842 2036 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
17:41:35.0842 2036 IPMIDRV - ok
17:41:35.0842 2036 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:41:35.0842 2036 IPNAT - ok
17:41:35.0858 2036 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
17:41:35.0858 2036 IRENUM - ok
17:41:35.0858 2036 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
17:41:35.0858 2036 isapnp - ok
17:41:35.0889 2036 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
17:41:35.0889 2036 iScsiPrt - ok
17:41:35.0920 2036 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
17:41:35.0920 2036 kbdclass - ok
17:41:35.0936 2036 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
17:41:35.0951 2036 kbdhid - ok
17:41:35.0967 2036 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\windows\system32\lsass.exe
17:41:35.0967 2036 KeyIso - ok
17:41:35.0967 2036 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:41:35.0983 2036 KSecDD - ok
17:41:36.0014 2036 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:41:36.0014 2036 KSecPkg - ok
17:41:36.0014 2036 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
17:41:36.0014 2036 ksthunk - ok
17:41:36.0061 2036 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
17:41:36.0061 2036 KtmRm - ok
17:41:36.0076 2036 [ 9DDC68B87A9B837736A2B193EE14A4A5 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
17:41:36.0076 2036 L1C - ok
17:41:36.0123 2036 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\windows\system32\srvsvc.dll
17:41:36.0139 2036 LanmanServer - ok
17:41:36.0170 2036 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:41:36.0170 2036 LanmanWorkstation - ok
17:41:36.0248 2036 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:41:36.0248 2036 lltdio - ok
17:41:36.0279 2036 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
17:41:36.0279 2036 lltdsvc - ok
17:41:36.0341 2036 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
17:41:36.0341 2036 lmhosts - ok
17:41:36.0404 2036 [ 23DE5B62B0445A6F874BE633C95B483E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:41:36.0404 2036 LMS - ok
17:41:36.0482 2036 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
17:41:36.0482 2036 LSI_FC - ok
17:41:36.0529 2036 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
17:41:36.0529 2036 LSI_SAS - ok
17:41:36.0529 2036 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
17:41:36.0529 2036 LSI_SAS2 - ok
17:41:36.0544 2036 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
17:41:36.0560 2036 LSI_SCSI - ok
17:41:36.0575 2036 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
17:41:36.0575 2036 luafv - ok
17:41:36.0622 2036 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:41:36.0622 2036 Mcx2Svc - ok
17:41:36.0622 2036 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
17:41:36.0622 2036 megasas - ok
17:41:36.0669 2036 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
17:41:36.0669 2036 MegaSR - ok
17:41:36.0731 2036 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
17:41:36.0731 2036 MMCSS - ok
17:41:36.0731 2036 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
17:41:36.0731 2036 Modem - ok
17:41:36.0763 2036 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:41:36.0763 2036 monitor - ok
17:41:36.0778 2036 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:41:36.0778 2036 mouclass - ok
17:41:36.0809 2036 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:41:36.0809 2036 mouhid - ok
17:41:36.0825 2036 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:41:36.0825 2036 mountmgr - ok
17:41:36.0887 2036 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:41:36.0887 2036 MozillaMaintenance - ok
17:41:36.0950 2036 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
17:41:36.0965 2036 MpFilter - ok
17:41:36.0981 2036 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\windows\system32\DRIVERS\mpio.sys
17:41:36.0981 2036 mpio - ok
17:41:36.0997 2036 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:41:36.0997 2036 mpsdrv - ok
17:41:37.0043 2036 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\windows\system32\mpssvc.dll
17:41:37.0059 2036 MpsSvc - ok
17:41:37.0059 2036 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:41:37.0059 2036 MRxDAV - ok
17:41:37.0106 2036 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:41:37.0106 2036 mrxsmb - ok
17:41:37.0137 2036 [ A8C2D7673C8A010569390C826A0EFAF4 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:41:37.0153 2036 mrxsmb10 - ok
17:41:37.0153 2036 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:41:37.0168 2036 mrxsmb20 - ok
17:41:37.0184 2036 [ BCCF16D5FB1109162380E3E28DC9E4E5 ] msahci C:\windows\system32\DRIVERS\msahci.sys
17:41:37.0184 2036 msahci - ok
17:41:37.0199 2036 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
17:41:37.0215 2036 msdsm - ok
17:41:37.0231 2036 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
17:41:37.0231 2036 MSDTC - ok
17:41:37.0246 2036 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:41:37.0246 2036 Msfs - ok
17:41:37.0277 2036 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:41:37.0277 2036 mshidkmdf - ok
17:41:37.0277 2036 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
17:41:37.0277 2036 msisadrv - ok
17:41:37.0309 2036 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:41:37.0309 2036 MSiSCSI - ok
17:41:37.0309 2036 msiserver - ok
17:41:37.0324 2036 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:41:37.0324 2036 MSKSSRV - ok
17:41:37.0433 2036 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:41:37.0433 2036 MsMpSvc - ok
17:41:37.0449 2036 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:41:37.0465 2036 MSPCLOCK - ok
17:41:37.0465 2036 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:41:37.0465 2036 MSPQM - ok
17:41:37.0480 2036 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:41:37.0496 2036 MsRPC - ok
17:41:37.0496 2036 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
17:41:37.0496 2036 mssmbios - ok
17:41:37.0511 2036 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:41:37.0511 2036 MSTEE - ok
17:41:37.0527 2036 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
17:41:37.0527 2036 MTConfig - ok
17:41:37.0527 2036 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
17:41:37.0527 2036 Mup - ok
17:41:37.0558 2036 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\windows\system32\qagentRT.dll
17:41:37.0574 2036 napagent - ok
17:41:37.0605 2036 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:41:37.0605 2036 NativeWifiP - ok
17:41:37.0636 2036 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\windows\system32\drivers\ndis.sys
17:41:37.0667 2036 NDIS - ok
17:41:37.0683 2036 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:41:37.0683 2036 NdisCap - ok
17:41:37.0699 2036 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:41:37.0699 2036 NdisTapi - ok
17:41:37.0714 2036 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:41:37.0714 2036 Ndisuio - ok
17:41:37.0730 2036 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:41:37.0730 2036 NdisWan - ok
17:41:37.0745 2036 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:41:37.0745 2036 NDProxy - ok
17:41:37.0761 2036 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:41:37.0761 2036 NetBIOS - ok
17:41:37.0792 2036 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:41:37.0792 2036 NetBT - ok
17:41:37.0808 2036 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\windows\system32\lsass.exe
17:41:37.0808 2036 Netlogon - ok
17:41:37.0839 2036 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
17:41:37.0839 2036 Netman - ok
17:41:37.0855 2036 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
17:41:37.0870 2036 netprofm - ok
17:41:37.0886 2036 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:41:37.0886 2036 NetTcpPortSharing - ok
17:41:37.0901 2036 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
17:41:37.0901 2036 nfrd960 - ok
17:41:37.0948 2036 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
17:41:37.0948 2036 NisDrv - ok
17:41:37.0995 2036 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
17:41:37.0995 2036 NisSrv - ok
17:41:38.0011 2036 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\windows\System32\nlasvc.dll
17:41:38.0011 2036 NlaSvc - ok
17:41:38.0120 2036 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
17:41:38.0182 2036 NOBU - ok
17:41:38.0198 2036 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
17:41:38.0198 2036 Npfs - ok
17:41:38.0198 2036 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
17:41:38.0198 2036 nsi - ok
17:41:38.0229 2036 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:41:38.0229 2036 nsiproxy - ok
17:41:38.0291 2036 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:41:38.0338 2036 Ntfs - ok
17:41:38.0354 2036 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
17:41:38.0354 2036 Null - ok
17:41:38.0385 2036 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\windows\system32\drivers\nvraid.sys
17:41:38.0385 2036 nvraid - ok
17:41:38.0416 2036 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\windows\system32\drivers\nvstor.sys
17:41:38.0416 2036 nvstor - ok
17:41:38.0432 2036 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
17:41:38.0432 2036 nv_agp - ok
17:41:38.0463 2036 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
17:41:38.0463 2036 ohci1394 - ok
17:41:38.0494 2036 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:41:38.0494 2036 ose - ok
17:41:38.0635 2036 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:41:38.0759 2036 osppsvc - ok
17:41:38.0806 2036 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:41:38.0822 2036 p2pimsvc - ok
17:41:38.0837 2036 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
17:41:38.0837 2036 p2psvc - ok
17:41:38.0900 2036 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
17:41:38.0900 2036 Parport - ok
17:41:38.0915 2036 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\windows\system32\drivers\partmgr.sys
17:41:38.0915 2036 partmgr - ok
17:41:38.0962 2036 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
17:41:38.0962 2036 PcaSvc - ok
17:41:38.0978 2036 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\windows\system32\DRIVERS\pci.sys
17:41:38.0978 2036 pci - ok
17:41:39.0009 2036 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
17:41:39.0009 2036 pciide - ok
17:41:39.0025 2036 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
17:41:39.0025 2036 pcmcia - ok
17:41:39.0056 2036 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
17:41:39.0056 2036 pcw - ok
17:41:39.0087 2036 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:41:39.0103 2036 PEAUTH - ok
17:41:39.0212 2036 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
17:41:39.0212 2036 PerfHost - ok
17:41:39.0259 2036 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\windows\system32\pla.dll
17:41:39.0290 2036 pla - ok
17:41:39.0352 2036 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:41:39.0352 2036 PlugPlay - ok
17:41:39.0383 2036 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:41:39.0383 2036 PNRPAutoReg - ok
17:41:39.0399 2036 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:41:39.0399 2036 PNRPsvc - ok
17:41:39.0430 2036 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:41:39.0446 2036 PolicyAgent - ok
17:41:39.0461 2036 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
17:41:39.0461 2036 Power - ok
17:41:39.0493 2036 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:41:39.0508 2036 PptpMiniport - ok
17:41:39.0508 2036 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
17:41:39.0508 2036 Processor - ok
17:41:39.0539 2036 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\windows\system32\profsvc.dll
17:41:39.0539 2036 ProfSvc - ok
17:41:39.0555 2036 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\windows\system32\lsass.exe
17:41:39.0555 2036 ProtectedStorage - ok
17:41:39.0586 2036 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:41:39.0586 2036 Psched - ok
17:41:39.0602 2036 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
17:41:39.0602 2036 PxHlpa64 - ok
17:41:39.0633 2036 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
17:41:39.0680 2036 ql2300 - ok
17:41:39.0680 2036 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
17:41:39.0680 2036 ql40xx - ok
17:41:39.0711 2036 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
17:41:39.0711 2036 QWAVE - ok
17:41:39.0727 2036 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:41:39.0727 2036 QWAVEdrv - ok
17:41:39.0727 2036 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:41:39.0727 2036 RasAcd - ok
17:41:39.0758 2036 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:41:39.0758 2036 RasAgileVpn - ok
17:41:39.0773 2036 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
17:41:39.0773 2036 RasAuto - ok
17:41:39.0789 2036 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:41:39.0789 2036 Rasl2tp - ok
17:41:39.0820 2036 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\windows\System32\rasmans.dll
17:41:39.0820 2036 RasMan - ok
17:41:39.0836 2036 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:41:39.0836 2036 RasPppoe - ok
17:41:39.0836 2036 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:41:39.0836 2036 RasSstp - ok
17:41:39.0851 2036 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:41:39.0867 2036 rdbss - ok
17:41:39.0883 2036 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
17:41:39.0883 2036 rdpbus - ok
17:41:39.0898 2036 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:41:39.0898 2036 RDPCDD - ok
17:41:39.0914 2036 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:41:39.0914 2036 RDPENCDD - ok
17:41:39.0914 2036 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:41:39.0914 2036 RDPREFMP - ok
17:41:39.0914 2036 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:41:39.0929 2036 RDPWD - ok
17:41:39.0945 2036 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:41:39.0945 2036 rdyboost - ok
17:41:39.0976 2036 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
17:41:39.0976 2036 RemoteAccess - ok
17:41:40.0007 2036 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:41:40.0007 2036 RemoteRegistry - ok
17:41:40.0039 2036 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:41:40.0039 2036 RpcEptMapper - ok
17:41:40.0054 2036 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
17:41:40.0054 2036 RpcLocator - ok
17:41:40.0085 2036 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\windows\system32\rpcss.dll
17:41:40.0085 2036 RpcSs - ok
17:41:40.0117 2036 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:41:40.0117 2036 rspndr - ok
17:41:40.0148 2036 [ 30F463768D5143BFD7B2DF822B53CF4D ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
17:41:40.0148 2036 RSUSBSTOR - ok
17:41:40.0163 2036 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\windows\system32\lsass.exe
17:41:40.0163 2036 SamSs - ok
17:41:40.0195 2036 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
17:41:40.0195 2036 sbp2port - ok
17:41:40.0210 2036 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
17:41:40.0226 2036 SCardSvr - ok
17:41:40.0241 2036 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:41:40.0241 2036 scfilter - ok
17:41:40.0273 2036 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\windows\system32\schedsvc.dll
17:41:40.0304 2036 Schedule - ok
17:41:40.0335 2036 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\windows\System32\certprop.dll
17:41:40.0335 2036 SCPolicySvc - ok
17:41:40.0366 2036 [ 490B0B68BB938D5C628EC4A67277BE75 ] ScreamBAudioSvc C:\windows\system32\drivers\ScreamingBAudio64.sys
17:41:40.0366 2036 ScreamBAudioSvc - ok
17:41:40.0382 2036 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:41:40.0382 2036 SDRSVC - ok
17:41:40.0460 2036 [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
17:41:40.0460 2036 SeaPort - ok
17:41:40.0475 2036 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
17:41:40.0491 2036 secdrv - ok
17:41:40.0491 2036 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\windows\system32\seclogon.dll
17:41:40.0491 2036 seclogon - ok
17:41:40.0507 2036 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
17:41:40.0507 2036 SENS - ok
17:41:40.0553 2036 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
17:41:40.0553 2036 SensrSvc - ok
17:41:40.0569 2036 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
17:41:40.0569 2036 Serenum - ok
17:41:40.0585 2036 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
17:41:40.0600 2036 Serial - ok
17:41:40.0600 2036 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
17:41:40.0600 2036 sermouse - ok
17:41:40.0616 2036 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\windows\system32\sessenv.dll
17:41:40.0631 2036 SessionEnv - ok
17:41:40.0647 2036 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys
17:41:40.0647 2036 sffdisk - ok
17:41:40.0663 2036 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys
17:41:40.0663 2036 sffp_mmc - ok
17:41:40.0678 2036 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys
17:41:40.0678 2036 sffp_sd - ok
17:41:40.0678 2036 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
17:41:40.0678 2036 sfloppy - ok
17:41:40.0725 2036 [ 72CD52403EFC137290CB5A328510EBCA ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
17:41:40.0756 2036 Sftfs - ok
17:41:40.0834 2036 [ F821B6C5D3FD23E11CBB613F61C94C98 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:41:40.0834 2036 sftlist - ok
17:41:40.0865 2036 [ 31A36EF71AF36EABCC4B4F8AB8F76465 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
17:41:40.0865 2036 Sftplay - ok
17:41:40.0881 2036 [ 2D969194FCC8EB41ED1D52863BFE7F52 ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
17:41:40.0881 2036 Sftredir - ok
17:41:40.0912 2036 [ 08B36D2F63AF3CA2248458A4280C0C50 ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
17:41:40.0912 2036 Sftvol - ok
17:41:40.0943 2036 [ DB7213FCB2BC1B4F0C5CC5AF344ABCD0 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:41:40.0943 2036 sftvsa - ok
17:41:40.0975 2036 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
17:41:40.0975 2036 SharedAccess - ok
17:41:41.0006 2036 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:41:41.0021 2036 ShellHWDetection - ok
17:41:41.0021 2036 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
17:41:41.0021 2036 SiSRaid2 - ok
17:41:41.0037 2036 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
17:41:41.0037 2036 SiSRaid4 - ok
17:41:41.0177 2036 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:41:41.0271 2036 Skype C2C Service - ok
17:41:41.0318 2036 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:41:41.0318 2036 SkypeUpdate - ok
17:41:41.0333 2036 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
17:41:41.0349 2036 Smb - ok
17:41:41.0380 2036 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:41:41.0380 2036 SNMPTRAP - ok
17:41:41.0411 2036 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
17:41:41.0411 2036 spldr - ok
17:41:41.0443 2036 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\windows\System32\spoolsv.exe
17:41:41.0458 2036 Spooler - ok
17:41:41.0567 2036 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\windows\system32\sppsvc.exe
17:41:41.0645 2036 sppsvc - ok
17:41:41.0661 2036 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:41:41.0661 2036 sppuinotify - ok
17:41:41.0708 2036 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\windows\system32\DRIVERS\srv.sys
17:41:41.0708 2036 srv - ok
17:41:41.0739 2036 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:41:41.0739 2036 srv2 - ok
17:41:41.0770 2036 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:41:41.0770 2036 srvnet - ok
17:41:41.0801 2036 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:41:41.0801 2036 SSDPSRV - ok
17:41:41.0801 2036 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
17:41:41.0817 2036 SstpSvc - ok
17:41:41.0895 2036 [ DA7702025DFD169B909C4DA3126762CC ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\STacSV64.exe
17:41:41.0895 2036 STacSV - ok
17:41:41.0926 2036 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
17:41:41.0926 2036 stexstor - ok
17:41:41.0973 2036 [ CAF5A9708671B14B9670260735B22C4E ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
17:41:41.0973 2036 STHDA - ok
17:41:42.0020 2036 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\windows\System32\wiaservc.dll
17:41:42.0035 2036 stisvc - ok
17:41:42.0051 2036 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
17:41:42.0051 2036 swenum - ok
17:41:42.0082 2036 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
17:41:42.0082 2036 swprv - ok
17:41:42.0129 2036 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\windows\system32\sysmain.dll
17:41:42.0176 2036 SysMain - ok
17:41:42.0191 2036 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\windows\System32\TabSvc.dll
17:41:42.0191 2036 TabletInputService - ok
17:41:42.0223 2036 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\windows\System32\tapisrv.dll
17:41:42.0223 2036 TapiSrv - ok
17:41:42.0238 2036 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
17:41:42.0238 2036 TBS - ok
17:41:42.0316 2036 [ 61DC720BB065D607D5823F13D2A64321 ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:41:42.0363 2036 Tcpip - ok
17:41:42.0410 2036 [ 61DC720BB065D607D5823F13D2A64321 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:41:42.0425 2036 TCPIP6 - ok
17:41:42.0441 2036 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:41:42.0441 2036 tcpipreg - ok
17:41:42.0457 2036 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:41:42.0472 2036 TDPIPE - ok
17:41:42.0472 2036 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:41:42.0472 2036 TDTCP - ok
17:41:42.0503 2036 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:41:42.0503 2036 tdx - ok
17:41:42.0503 2036 [ C448651339196C0E869A355171875522 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
17:41:42.0503 2036 TermDD - ok
17:41:42.0550 2036 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\windows\System32\termsrv.dll
17:41:42.0566 2036 TermService - ok
17:41:42.0581 2036 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
17:41:42.0581 2036 Themes - ok
17:41:42.0613 2036 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
17:41:42.0613 2036 THREADORDER - ok
17:41:42.0628 2036 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
17:41:42.0628 2036 TrkWks - ok
17:41:42.0691 2036 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:41:42.0691 2036 TrustedInstaller - ok
17:41:42.0691 2036 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:41:42.0691 2036 tssecsrv - ok
17:41:42.0753 2036 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:41:42.0753 2036 tunnel - ok
17:41:42.0769 2036 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
17:41:42.0769 2036 uagp35 - ok
17:41:42.0800 2036 [ 31BA4A33AFAB6A69EA092B18017F737F ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:41:42.0800 2036 udfs - ok
17:41:42.0831 2036 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
17:41:42.0831 2036 UI0Detect - ok
17:41:42.0847 2036 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
17:41:42.0847 2036 uliagpkx - ok
17:41:42.0878 2036 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\windows\system32\DRIVERS\umbus.sys
17:41:42.0878 2036 umbus - ok
17:41:42.0878 2036 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
17:41:42.0878 2036 UmPass - ok
17:41:42.0987 2036 [ CC3775100ABA633984F73DFAE1F55CAE ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:41:43.0049 2036 UNS - ok
17:41:43.0049 2036 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
17:41:43.0065 2036 upnphost - ok
17:41:43.0081 2036 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:41:43.0081 2036 usbccgp - ok
17:41:43.0127 2036 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
17:41:43.0127 2036 usbcir - ok
17:41:43.0143 2036 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\windows\system32\drivers\usbehci.sys
17:41:43.0159 2036 usbehci - ok
17:41:43.0190 2036 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:41:43.0190 2036 usbhub - ok
17:41:43.0221 2036 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\windows\system32\drivers\usbohci.sys
17:41:43.0221 2036 usbohci - ok
17:41:43.0237 2036 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
17:41:43.0237 2036 usbprint - ok
17:41:43.0268 2036 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:41:43.0268 2036 USBSTOR - ok
17:41:43.0283 2036 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
17:41:43.0283 2036 usbuhci - ok
17:41:43.0330 2036 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
17:41:43.0346 2036 usbvideo - ok
17:41:43.0361 2036 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
17:41:43.0377 2036 UxSms - ok
17:41:43.0377 2036 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\windows\system32\lsass.exe
17:41:43.0377 2036 VaultSvc - ok
17:41:43.0408 2036 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
17:41:43.0408 2036 vdrvroot - ok
17:41:43.0424 2036 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\windows\System32\vds.exe
17:41:43.0455 2036 vds - ok
17:41:43.0455 2036 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:41:43.0455 2036 vga - ok
17:41:43.0471 2036 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
17:41:43.0471 2036 VgaSave - ok
17:41:43.0471 2036 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
17:41:43.0471 2036 vhdmp - ok
17:41:43.0502 2036 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\DRIVERS\viaide.sys
17:41:43.0502 2036 viaide - ok
17:41:43.0517 2036 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
17:41:43.0517 2036 volmgr - ok
17:41:43.0549 2036 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:41:43.0549 2036 volmgrx - ok
17:41:43.0564 2036 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\windows\system32\DRIVERS\volsnap.sys
17:41:43.0564 2036 volsnap - ok
17:41:43.0580 2036 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
17:41:43.0580 2036 vsmraid - ok
17:41:43.0627 2036 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\windows\system32\vssvc.exe
17:41:43.0673 2036 VSS - ok
17:41:43.0673 2036 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
17:41:43.0689 2036 vwifibus - ok
17:41:43.0705 2036 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
17:41:43.0705 2036 vwififlt - ok
17:41:43.0736 2036 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
17:41:43.0736 2036 vwifimp - ok
17:41:43.0751 2036 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
17:41:43.0751 2036 W32Time - ok
17:41:43.0751 2036 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
17:41:43.0751 2036 WacomPen - ok
17:41:43.0798 2036 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:41:43.0798 2036 WANARP - ok
17:41:43.0814 2036 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:41:43.0814 2036 Wanarpv6 - ok
17:41:43.0861 2036 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
17:41:43.0907 2036 WatAdminSvc - ok
17:41:43.0939 2036 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\windows\system32\wbengine.exe
17:41:43.0985 2036 wbengine - ok
17:41:44.0001 2036 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:41:44.0001 2036 WbioSrvc - ok
17:41:44.0032 2036 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\windows\System32\wcncsvc.dll
17:41:44.0032 2036 wcncsvc - ok
17:41:44.0048 2036 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:41:44.0063 2036 WcsPlugInService - ok
17:41:44.0079 2036 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
17:41:44.0079 2036 Wd - ok
17:41:44.0110 2036 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:41:44.0126 2036 Wdf01000 - ok
17:41:44.0141 2036 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
17:41:44.0141 2036 WdiServiceHost - ok
17:41:44.0141 2036 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
17:41:44.0141 2036 WdiSystemHost - ok
17:41:44.0235 2036 [ DFE18C278C75525AA00AB0314955F6EF ] Web Assistant Updater C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
17:41:44.0235 2036 Web Assistant Updater - ok
17:41:44.0266 2036 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\windows\System32\webclnt.dll
17:41:44.0282 2036 WebClient - ok
17:41:44.0297 2036 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
17:41:44.0297 2036 Wecsvc - ok
17:41:44.0313 2036 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
17:41:44.0313 2036 wercplsupport - ok
17:41:44.0344 2036 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
17:41:44.0344 2036 WerSvc - ok
17:41:44.0375 2036 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:41:44.0375 2036 WfpLwf - ok
17:41:44.0375 2036 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:41:44.0391 2036 WIMMount - ok
17:41:44.0391 2036 WinDefend - ok
17:41:44.0391 2036 WinHttpAutoProxySvc - ok
17:41:44.0438 2036 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:41:44.0438 2036 Winmgmt - ok
17:41:44.0500 2036 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\windows\system32\WsmSvc.dll
17:41:44.0563 2036 WinRM - ok
17:41:44.0625 2036 [ 4D52C872018AF7E18D078978DCC3F6F2 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
17:41:44.0625 2036 WinUsb - ok
17:41:44.0672 2036 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
17:41:44.0687 2036 Wlansvc - ok
17:41:44.0734 2036 [ A96D6C0613DCF84F2D07FAEB75663072 ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
17:41:44.0734 2036 wltrysvc - ok
17:41:44.0750 2036 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
17:41:44.0750 2036 WmiAcpi - ok
17:41:44.0781 2036 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:41:44.0781 2036 wmiApSrv - ok
17:41:44.0812 2036 WMPNetworkSvc - ok
17:41:44.0828 2036 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
17:41:44.0828 2036 WPCSvc - ok
17:41:44.0843 2036 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:41:44.0843 2036 WPDBusEnum - ok
17:41:44.0875 2036 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:41:44.0875 2036 ws2ifsl - ok
17:41:44.0921 2036 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\windows\System32\wscsvc.dll
17:41:44.0937 2036 wscsvc - ok
17:41:44.0937 2036 WSearch - ok
17:41:45.0015 2036 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
17:41:45.0062 2036 wuauserv - ok
17:41:45.0093 2036 [ C63907207B837A5C05CF6D1606AA0008 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:41:45.0093 2036 WudfPf - ok
17:41:45.0124 2036 [ D885A873D733020F8B9B9FF4B1666158 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:41:45.0124 2036 WUDFRd - ok
17:41:45.0140 2036 [ 27B9BEE5AAC00139E3A3AF5D6227A0DC ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:41:45.0140 2036 wudfsvc - ok
17:41:45.0155 2036 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
17:41:45.0155 2036 WwanSvc - ok
17:41:45.0187 2036 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\windows\system32\DRIVERS\yk62x64.sys
17:41:45.0202 2036 yukonw7 - ok
17:41:45.0202 2036 ================ Scan global ===============================
17:41:45.0233 2036 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
17:41:45.0265 2036 [ B200DECA2186858595A97FBE63E896CC ] C:\windows\system32\winsrv.dll
17:41:45.0280 2036 [ B200DECA2186858595A97FBE63E896CC ] C:\windows\system32\winsrv.dll
17:41:45.0311 2036 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
17:41:45.0343 2036 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
17:41:45.0358 2036 [Global] - ok
17:41:45.0358 2036 ================ Scan MBR ==================================
17:41:45.0358 2036 [ C3220EB08ADD62E3ED9F72A1F4E4B1BB ] \Device\Harddisk0\DR0
17:41:45.0655 2036 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:41:45.0655 2036 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:41:45.0655 2036 ================ Scan VBR ==================================
17:41:45.0655 2036 [ DE4CFC9A6BCEAC4DB23F9F39B2598578 ] \Device\Harddisk0\DR0\Partition1
17:41:45.0655 2036 \Device\Harddisk0\DR0\Partition1 - ok
17:41:45.0686 2036 [ 42830D70BBEF9B5EC0B23BAAE40FA686 ] \Device\Harddisk0\DR0\Partition2
17:41:45.0686 2036 \Device\Harddisk0\DR0\Partition2 - ok
17:41:45.0686 2036 ============================================================
17:41:45.0686 2036 Scan finished
17:41:45.0686 2036 ============================================================
17:41:45.0686 1216 Detected object count: 1
17:41:45.0686 1216 Actual detected object count: 1
17:43:22.0312 1216 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
17:43:22.0312 1216 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
17:43:22.0328 1216 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
17:43:22.0344 1216 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
17:43:22.0344 1216 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
17:43:22.0344 1216 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
17:43:22.0344 1216 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
17:43:22.0344 1216 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
17:43:22.0344 1216 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
17:43:22.0344 1216 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
17:43:22.0344 1216 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
17:43:22.0344 1216 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
17:43:22.0344 1216 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine
17:44:27.0910 0936 ============================================================
17:44:27.0910 0936 Scan started
17:44:27.0910 0936 Mode: Manual; TDLFS;
17:44:27.0910 0936 ============================================================
17:44:28.0004 0936 ================ Scan system memory ========================
17:44:28.0004 0936 System memory - ok
17:44:28.0004 0936 ================ Scan services =============================
17:44:28.0113 0936 [ 969C91060CBB5D17CB8440B5F78B4C51 ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
17:44:28.0129 0936 1394ohci - ok
17:44:28.0144 0936 [ 794FF35015209B9D44F1360C42C9776D ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
17:44:28.0144 0936 ACPI - ok
17:44:28.0207 0936 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
17:44:28.0207 0936 AcpiPmi - ok
17:44:28.0300 0936 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:44:28.0300 0936 AdobeARMservice - ok
17:44:28.0332 0936 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
17:44:28.0332 0936 adp94xx - ok
17:44:28.0347 0936 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
17:44:28.0347 0936 adpahci - ok
17:44:28.0363 0936 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
17:44:28.0363 0936 adpu320 - ok
17:44:28.0425 0936 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:44:28.0425 0936 AeLookupSvc - ok
17:44:28.0519 0936 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\AESTSr64.exe
17:44:28.0519 0936 AESTFilters - ok
17:44:28.0566 0936 [ 6EF20DDF3172E97D69F596FB90602F29 ] AFD C:\windows\system32\drivers\afd.sys
17:44:28.0566 0936 AFD - ok
17:44:28.0612 0936 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\DRIVERS\agp440.sys
17:44:28.0612 0936 agp440 - ok
17:44:28.0628 0936 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
17:44:28.0628 0936 ALG - ok
17:44:28.0675 0936 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\DRIVERS\aliide.sys
17:44:28.0675 0936 aliide - ok
17:44:28.0690 0936 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\DRIVERS\amdide.sys
17:44:28.0690 0936 amdide - ok
17:44:28.0690 0936 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
17:44:28.0690 0936 AmdK8 - ok
17:44:28.0690 0936 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
17:44:28.0706 0936 AmdPPM - ok
17:44:28.0737 0936 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\windows\system32\drivers\amdsata.sys
17:44:28.0737 0936 amdsata - ok
17:44:28.0753 0936 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
17:44:28.0753 0936 amdsbs - ok
17:44:28.0800 0936 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\windows\system32\drivers\amdxata.sys
17:44:28.0800 0936 amdxata - ok
17:44:28.0846 0936 [ 98449A2957778A6F025C418438A380F4 ] ApfiltrService C:\windows\system32\DRIVERS\Apfiltr.sys
17:44:28.0846 0936 ApfiltrService - ok
17:44:28.0862 0936 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\windows\system32\drivers\appid.sys
17:44:28.0862 0936 AppID - ok
17:44:28.0878 0936 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:44:28.0878 0936 AppIDSvc - ok
17:44:28.0893 0936 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\windows\System32\appinfo.dll
17:44:28.0893 0936 Appinfo - ok
17:44:28.0909 0936 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
17:44:28.0909 0936 arc - ok
17:44:28.0924 0936 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
17:44:28.0924 0936 arcsas - ok
17:44:28.0940 0936 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:44:28.0940 0936 AsyncMac - ok
17:44:28.0956 0936 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\DRIVERS\atapi.sys
17:44:28.0956 0936 atapi - ok
17:44:28.0987 0936 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:44:29.0002 0936 AudioEndpointBuilder - ok
17:44:29.0018 0936 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\windows\System32\Audiosrv.dll
17:44:29.0034 0936 AudioSrv - ok
17:44:29.0049 0936 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\windows\System32\AxInstSV.dll
17:44:29.0049 0936 AxInstSV - ok
17:44:29.0080 0936 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
17:44:29.0080 0936 b06bdrv - ok
17:44:29.0096 0936 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
17:44:29.0096 0936 b57nd60a - ok
17:44:29.0127 0936 [ 5C0F919666954885D7760DFFE4B29A25 ] BCM42RLY C:\windows\system32\drivers\BCM42RLY.sys
17:44:29.0127 0936 BCM42RLY - ok
17:44:29.0205 0936 [ BAB887A2B2786310A966881F074F4A99 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys
17:44:29.0221 0936 BCM43XX - ok
17:44:29.0236 0936 [ D98F22C21D2969DAD4F1FAAD8CD4FAAC ] BcmVWL C:\windows\system32\DRIVERS\bcmvwl64.sys
17:44:29.0236 0936 BcmVWL - ok
17:44:29.0252 0936 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
17:44:29.0252 0936 BDESVC - ok
17:44:29.0268 0936 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
17:44:29.0268 0936 Beep - ok
17:44:29.0299 0936 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\windows\System32\bfe.dll
17:44:29.0299 0936 BFE - ok
17:44:29.0346 0936 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\windows\System32\qmgr.dll
17:44:29.0346 0936 BITS - ok
17:44:29.0377 0936 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:44:29.0377 0936 blbdrive - ok
17:44:29.0408 0936 [ 19D20159708E152267E53B66677A4995 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:44:29.0408 0936 bowser - ok
17:44:29.0424 0936 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
17:44:29.0424 0936 BrFiltLo - ok
17:44:29.0439 0936 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
17:44:29.0439 0936 BrFiltUp - ok
17:44:29.0455 0936 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\windows\System32\browser.dll
17:44:29.0455 0936 Browser - ok
17:44:29.0486 0936 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:44:29.0486 0936 Brserid - ok
17:44:29.0502 0936 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:44:29.0502 0936 BrSerWdm - ok
17:44:29.0502 0936 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:44:29.0502 0936 BrUsbMdm - ok
17:44:29.0502 0936 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:44:29.0502 0936 BrUsbSer - ok
17:44:29.0517 0936 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
17:44:29.0517 0936 BTHMODEM - ok
17:44:29.0533 0936 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
17:44:29.0533 0936 bthserv - ok
17:44:29.0548 0936 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:44:29.0548 0936 cdfs - ok
17:44:29.0564 0936 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
17:44:29.0564 0936 cdrom - ok
17:44:29.0580 0936 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\windows\System32\certprop.dll
17:44:29.0580 0936 CertPropSvc - ok
17:44:29.0595 0936 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
17:44:29.0595 0936 circlass - ok
17:44:29.0611 0936 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
17:44:29.0611 0936 CLFS - ok
17:44:29.0673 0936 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:44:29.0673 0936 clr_optimization_v2.0.50727_32 - ok
17:44:29.0720 0936 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:44:29.0720 0936 clr_optimization_v2.0.50727_64 - ok
17:44:29.0782 0936 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:44:29.0798 0936 clr_optimization_v4.0.30319_32 - ok
17:44:29.0845 0936 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:44:29.0845 0936 clr_optimization_v4.0.30319_64 - ok
17:44:29.0892 0936 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:44:29.0892 0936 CmBatt - ok
17:44:29.0907 0936 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
17:44:29.0907 0936 cmdide - ok
17:44:29.0923 0936 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\windows\system32\Drivers\cng.sys
17:44:29.0923 0936 CNG - ok
17:44:29.0938 0936 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
17:44:29.0938 0936 Compbatt - ok
17:44:29.0954 0936 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
17:44:29.0954 0936 CompositeBus - ok
17:44:29.0954 0936 COMSysApp - ok
17:44:30.0048 0936 cpuz135 - ok
17:44:30.0063 0936 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
17:44:30.0063 0936 crcdisk - ok
17:44:30.0094 0936 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\windows\system32\cryptsvc.dll
17:44:30.0110 0936 CryptSvc - ok
17:44:30.0126 0936 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\windows\system32\DRIVERS\CtClsFlt.sys
17:44:30.0126 0936 CtClsFlt - ok
17:44:30.0235 0936 [ 61A86809B62769643892BC0812B204AA ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:44:30.0235 0936 cvhsvc - ok
17:44:30.0282 0936 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\windows\system32\rpcss.dll
17:44:30.0282 0936 DcomLaunch - ok
17:44:30.0328 0936 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
17:44:30.0328 0936 defragsvc - ok
17:44:30.0360 0936 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:44:30.0360 0936 DfsC - ok
17:44:30.0391 0936 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\windows\system32\dhcpcore.dll
17:44:30.0391 0936 Dhcp - ok
17:44:30.0422 0936 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
17:44:30.0422 0936 discache - ok
17:44:30.0469 0936 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
17:44:30.0469 0936 Disk - ok
17:44:30.0500 0936 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\windows\System32\dnsrslvr.dll
17:44:30.0500 0936 Dnscache - ok
17:44:30.0516 0936 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\windows\System32\dot3svc.dll
17:44:30.0516 0936 dot3svc - ok
17:44:30.0547 0936 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\windows\system32\dps.dll
17:44:30.0547 0936 DPS - ok
17:44:30.0578 0936 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:44:30.0578 0936 drmkaud - ok
17:44:30.0625 0936 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:44:30.0625 0936 DXGKrnl - ok
17:44:30.0656 0936 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
17:44:30.0656 0936 EapHost - ok
17:44:30.0750 0936 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
17:44:30.0765 0936 ebdrv - ok
17:44:30.0796 0936 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\windows\System32\lsass.exe
17:44:30.0796 0936 EFS - ok
17:44:30.0859 0936 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:44:30.0859 0936 ehRecvr - ok
17:44:30.0906 0936 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
17:44:30.0906 0936 ehSched - ok
17:44:30.0937 0936 [ 4778EEECB75C6FB419745BEED3530B9D ] ElRawDisk C:\windows\system32\drivers\rsdrvx64.sys
17:44:30.0937 0936 ElRawDisk - ok
17:44:30.0968 0936 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
17:44:30.0984 0936 elxstor - ok
17:44:30.0999 0936 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
17:44:30.0999 0936 ErrDev - ok
17:44:31.0046 0936 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
17:44:31.0046 0936 EventSystem - ok
17:44:31.0062 0936 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
17:44:31.0077 0936 exfat - ok
17:44:31.0108 0936 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
17:44:31.0108 0936 fastfat - ok
17:44:31.0155 0936 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\windows\system32\fxssvc.exe
17:44:31.0155 0936 Fax - ok
17:44:31.0155 0936 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
17:44:31.0155 0936 fdc - ok
17:44:31.0171 0936 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
17:44:31.0171 0936 fdPHost - ok
17:44:31.0186 0936 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
17:44:31.0186 0936 FDResPub - ok
17:44:31.0186 0936 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:44:31.0186 0936 FileInfo - ok
17:44:31.0202 0936 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:44:31.0202 0936 Filetrace - ok
17:44:31.0218 0936 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
17:44:31.0218 0936 flpydisk - ok
17:44:31.0233 0936 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:44:31.0233 0936 FltMgr - ok
17:44:31.0296 0936 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\windows\system32\FntCache.dll
17:44:31.0296 0936 FontCache - ok
17:44:31.0342 0936 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:44:31.0342 0936 FontCache3.0.0.0 - ok
17:44:31.0342 0936 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:44:31.0342 0936 FsDepends - ok
17:44:31.0374 0936 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:44:31.0374 0936 Fs_Rec - ok
17:44:31.0405 0936 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:44:31.0405 0936 fvevol - ok
17:44:31.0436 0936 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
17:44:31.0436 0936 gagp30kx - ok
17:44:31.0498 0936 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
17:44:31.0498 0936 GameConsoleService - ok
17:44:31.0530 0936 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
17:44:31.0530 0936 GoToAssist - ok
17:44:31.0561 0936 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\windows\System32\gpsvc.dll
17:44:31.0576 0936 gpsvc - ok
17:44:31.0639 0936 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:44:31.0639 0936 gupdate - ok
17:44:31.0670 0936 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:44:31.0670 0936 gupdatem - ok
17:44:31.0686 0936 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:44:31.0686 0936 hcw85cir - ok
17:44:31.0701 0936 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:44:31.0701 0936 HdAudAddService - ok
17:44:31.0717 0936 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
17:44:31.0717 0936 HDAudBus - ok
17:44:31.0748 0936 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
17:44:31.0748 0936 HECIx64 - ok
17:44:31.0764 0936 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
17:44:31.0764 0936 HidBatt - ok
17:44:31.0764 0936 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
17:44:31.0764 0936 HidBth - ok
17:44:31.0764 0936 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
17:44:31.0764 0936 HidIr - ok
17:44:31.0779 0936 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
17:44:31.0795 0936 hidserv - ok
17:44:31.0826 0936 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
17:44:31.0826 0936 HidUsb - ok
17:44:31.0857 0936 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\windows\system32\kmsvc.dll
17:44:31.0857 0936 hkmsvc - ok
17:44:31.0888 0936 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:44:31.0888 0936 HomeGroupListener - ok
17:44:31.0904 0936 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:44:31.0904 0936 HomeGroupProvider - ok
17:44:31.0920 0936 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
17:44:31.0920 0936 HpSAMD - ok
17:44:31.0951 0936 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:44:31.0951 0936 HTTP - ok
17:44:31.0982 0936 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:44:31.0982 0936 hwpolicy - ok
17:44:31.0982 0936 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
17:44:31.0982 0936 i8042prt - ok
17:44:32.0029 0936 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
17:44:32.0029 0936 iaStor - ok
17:44:32.0091 0936 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:44:32.0091 0936 IAStorDataMgrSvc - ok
17:44:32.0138 0936 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:44:32.0138 0936 iaStorV - ok
17:44:32.0185 0936 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:44:32.0200 0936 idsvc - ok
17:44:32.0434 0936 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
17:44:32.0481 0936 igfx - ok
17:44:32.0606 0936 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
17:44:32.0606 0936 iirsp - ok
17:44:32.0653 0936 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\windows\System32\ikeext.dll
17:44:32.0653 0936 IKEEXT - ok
17:44:32.0684 0936 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
17:44:32.0684 0936 Impcd - ok
17:44:32.0715 0936 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\DRIVERS\intelide.sys
17:44:32.0715 0936 intelide - ok
17:44:32.0731 0936 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:44:32.0731 0936 intelppm - ok
17:44:32.0762 0936 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:44:32.0762 0936 IPBusEnum - ok
17:44:32.0762 0936 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:44:32.0762 0936 IpFilterDriver - ok
17:44:32.0793 0936 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
17:44:32.0793 0936 iphlpsvc - ok
17:44:32.0809 0936 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
17:44:32.0809 0936 IPMIDRV - ok
17:44:32.0824 0936 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:44:32.0824 0936 IPNAT - ok
17:44:32.0824 0936 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
17:44:32.0824 0936 IRENUM - ok
17:44:32.0840 0936 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
17:44:32.0840 0936 isapnp - ok
17:44:32.0856 0936 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
17:44:32.0856 0936 iScsiPrt - ok
17:44:32.0856 0936 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
17:44:32.0871 0936 kbdclass - ok
17:44:32.0887 0936 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
17:44:32.0887 0936 kbdhid - ok
17:44:32.0918 0936 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\windows\system32\lsass.exe
17:44:32.0918 0936 KeyIso - ok
17:44:32.0934 0936 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:44:32.0934 0936 KSecDD - ok
17:44:32.0965 0936 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:44:32.0965 0936 KSecPkg - ok
17:44:32.0980 0936 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
17:44:32.0980 0936 ksthunk - ok
17:44:33.0012 0936 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
17:44:33.0012 0936 KtmRm - ok
17:44:33.0058 0936 [ 9DDC68B87A9B837736A2B193EE14A4A5 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
17:44:33.0058 0936 L1C - ok
17:44:33.0074 0936 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\windows\system32\srvsvc.dll
17:44:33.0074 0936 LanmanServer - ok
17:44:33.0121 0936 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:44:33.0121 0936 LanmanWorkstation - ok
17:44:33.0152 0936 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:44:33.0152 0936 lltdio - ok
17:44:33.0168 0936 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
17:44:33.0168 0936 lltdsvc - ok
17:44:33.0199 0936 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
17:44:33.0199 0936 lmhosts - ok
17:44:33.0230 0936 [ 23DE5B62B0445A6F874BE633C95B483E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:44:33.0230 0936 LMS - ok
17:44:33.0261 0936 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
17:44:33.0261 0936 LSI_FC - ok
17:44:33.0277 0936 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
17:44:33.0277 0936 LSI_SAS - ok
17:44:33.0308 0936 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
17:44:33.0308 0936 LSI_SAS2 - ok
17:44:33.0324 0936 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
17:44:33.0324 0936 LSI_SCSI - ok
17:44:33.0339 0936 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
17:44:33.0339 0936 luafv - ok
17:44:33.0370 0936 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:44:33.0370 0936 Mcx2Svc - ok
17:44:33.0386 0936 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
17:44:33.0386 0936 megasas - ok
17:44:33.0402 0936 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
17:44:33.0402 0936 MegaSR - ok
17:44:33.0433 0936 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
17:44:33.0433 0936 MMCSS - ok
17:44:33.0433 0936 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
17:44:33.0433 0936 Modem - ok
17:44:33.0448 0936 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:44:33.0448 0936 monitor - ok
17:44:33.0480 0936 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:44:33.0480 0936 mouclass - ok
17:44:33.0495 0936 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:44:33.0495 0936 mouhid - ok
17:44:33.0511 0936 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:44:33.0511 0936 mountmgr - ok
17:44:33.0589 0936 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:44:33.0589 0936 MozillaMaintenance - ok
17:44:33.0620 0936 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
17:44:33.0620 0936 MpFilter - ok
17:44:33.0682 0936 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\windows\system32\DRIVERS\mpio.sys
17:44:33.0682 0936 mpio - ok
17:44:33.0698 0936 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:44:33.0698 0936 mpsdrv - ok
17:44:33.0745 0936 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\windows\system32\mpssvc.dll
17:44:33.0745 0936 MpsSvc - ok
17:44:33.0760 0936 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:44:33.0760 0936 MRxDAV - ok
17:44:33.0792 0936 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:44:33.0792 0936 mrxsmb - ok
17:44:33.0838 0936 [ A8C2D7673C8A010569390C826A0EFAF4 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:44:33.0838 0936 mrxsmb10 - ok
17:44:33.0854 0936 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:44:33.0854 0936 mrxsmb20 - ok
17:44:33.0870 0936 [ BCCF16D5FB1109162380E3E28DC9E4E5 ] msahci C:\windows\system32\DRIVERS\msahci.sys
17:44:33.0870 0936 msahci - ok
17:44:33.0901 0936 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
17:44:33.0901 0936 msdsm - ok
17:44:33.0916 0936 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
17:44:33.0932 0936 MSDTC - ok
17:44:33.0932 0936 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:44:33.0932 0936 Msfs - ok
17:44:33.0948 0936 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:44:33.0948 0936 mshidkmdf - ok
17:44:33.0979 0936 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
17:44:33.0979 0936 msisadrv - ok
17:44:33.0994 0936 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:44:33.0994 0936 MSiSCSI - ok
17:44:34.0026 0936 msiserver - ok
17:44:34.0072 0936 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:44:34.0072 0936 MSKSSRV - ok
17:44:34.0135 0936 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:44:34.0135 0936 MsMpSvc - ok
17:44:34.0150 0936 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:44:34.0150 0936 MSPCLOCK - ok
17:44:34.0150 0936 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:44:34.0150 0936 MSPQM - ok
17:44:34.0197 0936 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:44:34.0197 0936 MsRPC - ok
17:44:34.0213 0936 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
17:44:34.0213 0936 mssmbios - ok
17:44:34.0228 0936 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:44:34.0228 0936 MSTEE - ok
17:44:34.0228 0936 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
17:44:34.0244 0936 MTConfig - ok
17:44:34.0275 0936 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
17:44:34.0275 0936 Mup - ok
17:44:34.0306 0936 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\windows\system32\qagentRT.dll
17:44:34.0306 0936 napagent - ok
17:44:34.0322 0936 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:44:34.0322 0936 NativeWifiP - ok
17:44:34.0369 0936 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\windows\system32\drivers\ndis.sys
17:44:34.0369 0936 NDIS - ok
17:44:34.0384 0936 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:44:34.0384 0936 NdisCap - ok
17:44:34.0400 0936 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:44:34.0400 0936 NdisTapi - ok
17:44:34.0416 0936 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:44:34.0416 0936 Ndisuio - ok
17:44:34.0447 0936 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:44:34.0447 0936 NdisWan - ok
17:44:34.0462 0936 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:44:34.0462 0936 NDProxy - ok
17:44:34.0478 0936 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:44:34.0478 0936 NetBIOS - ok
17:44:34.0509 0936 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:44:34.0509 0936 NetBT - ok
17:44:34.0525 0936 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\windows\system32\lsass.exe
17:44:34.0525 0936 Netlogon - ok
17:44:34.0556 0936 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
17:44:34.0556 0936 Netman - ok
17:44:34.0572 0936 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
17:44:34.0572 0936 netprofm - ok
17:44:34.0587 0936 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:44:34.0587 0936 NetTcpPortSharing - ok
17:44:34.0603 0936 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
17:44:34.0603 0936 nfrd960 - ok
17:44:34.0634 0936 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
17:44:34.0634 0936 NisDrv - ok
17:44:34.0665 0936 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
17:44:34.0665 0936 NisSrv - ok
17:44:34.0696 0936 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\windows\System32\nlasvc.dll
17:44:34.0696 0936 NlaSvc - ok
17:44:34.0790 0936 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
17:44:34.0806 0936 NOBU - ok
17:44:34.0821 0936 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
17:44:34.0821 0936 Npfs - ok
17:44:34.0821 0936 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
17:44:34.0837 0936 nsi - ok
17:44:34.0852 0936 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:44:34.0852 0936 nsiproxy - ok
17:44:34.0930 0936 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:44:34.0930 0936 Ntfs - ok
17:44:34.0946 0936 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
17:44:34.0946 0936 Null - ok
17:44:34.0977 0936 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\windows\system32\drivers\nvraid.sys
17:44:34.0977 0936 nvraid - ok
17:44:35.0024 0936 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\windows\system32\drivers\nvstor.sys
17:44:35.0024 0936 nvstor - ok
17:44:35.0040 0936 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
17:44:35.0040 0936 nv_agp - ok
17:44:35.0071 0936 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
17:44:35.0071 0936 ohci1394 - ok
17:44:35.0102 0936 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:44:35.0102 0936 ose - ok
17:44:35.0258 0936 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:44:35.0274 0936 osppsvc - ok
17:44:35.0320 0936 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:44:35.0320 0936 p2pimsvc - ok
17:44:35.0352 0936 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
17:44:35.0352 0936 p2psvc - ok
17:44:35.0383 0936 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
17:44:35.0383 0936 Parport - ok
17:44:35.0398 0936 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\windows\system32\drivers\partmgr.sys
17:44:35.0398 0936 partmgr - ok
17:44:35.0414 0936 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
17:44:35.0414 0936 PcaSvc - ok
17:44:35.0445 0936 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\windows\system32\DRIVERS\pci.sys
17:44:35.0445 0936 pci - ok
17:44:35.0461 0936 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
17:44:35.0461 0936 pciide - ok
17:44:35.0492 0936 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
17:44:35.0492 0936 pcmcia - ok
17:44:35.0492 0936 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
17:44:35.0508 0936 pcw - ok
17:44:35.0523 0936 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:44:35.0523 0936 PEAUTH - ok
17:44:35.0617 0936 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
17:44:35.0617 0936 PerfHost - ok
17:44:35.0679 0936 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\windows\system32\pla.dll
17:44:35.0695 0936 pla - ok
17:44:35.0726 0936 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:44:35.0742 0936 PlugPlay - ok
17:44:35.0757 0936 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:44:35.0757 0936 PNRPAutoReg - ok
17:44:35.0773 0936 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:44:35.0773 0936 PNRPsvc - ok
17:44:35.0804 0936 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:44:35.0804 0936 PolicyAgent - ok
17:44:35.0851 0936 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
17:44:35.0851 0936 Power - ok
17:44:35.0866 0936 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:44:35.0866 0936 PptpMiniport - ok
17:44:35.0882 0936 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
17:44:35.0882 0936 Processor - ok
17:44:35.0913 0936 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\windows\system32\profsvc.dll
17:44:35.0913 0936 ProfSvc - ok
17:44:35.0929 0936 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\windows\system32\lsass.exe
17:44:35.0929 0936 ProtectedStorage - ok
17:44:35.0944 0936 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:44:35.0944 0936 Psched - ok
17:44:35.0976 0936 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
17:44:35.0976 0936 PxHlpa64 - ok
17:44:36.0022 0936 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
17:44:36.0038 0936 ql2300 - ok
17:44:36.0038 0936 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
17:44:36.0038 0936 ql40xx - ok
17:44:36.0069 0936 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
17:44:36.0069 0936 QWAVE - ok
17:44:36.0085 0936 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:44:36.0085 0936 QWAVEdrv - ok
17:44:36.0085 0936 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:44:36.0085 0936 RasAcd - ok
17:44:36.0116 0936 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:44:36.0116 0936 RasAgileVpn - ok
17:44:36.0116 0936 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
17:44:36.0116 0936 RasAuto - ok
17:44:36.0132 0936 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:44:36.0132 0936 Rasl2tp - ok
17:44:36.0163 0936 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\windows\System32\rasmans.dll
17:44:36.0163 0936 RasMan - ok
17:44:36.0194 0936 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:44:36.0194 0936 RasPppoe - ok
17:44:36.0194 0936 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:44:36.0194 0936 RasSstp - ok
17:44:36.0225 0936 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:44:36.0225 0936 rdbss - ok
17:44:36.0256 0936 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
17:44:36.0256 0936 rdpbus - ok
17:44:36.0272 0936 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:44:36.0272 0936 RDPCDD - ok
17:44:36.0288 0936 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:44:36.0288 0936 RDPENCDD - ok
17:44:36.0288 0936 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:44:36.0288 0936 RDPREFMP - ok
17:44:36.0288 0936 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:44:36.0303 0936 RDPWD - ok
17:44:36.0334 0936 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:44:36.0334 0936 rdyboost - ok
17:44:36.0350 0936 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
17:44:36.0350 0936 RemoteAccess - ok
17:44:36.0428 0936 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:44:36.0428 0936 RemoteRegistry - ok
17:44:36.0459 0936 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:44:36.0459 0936 RpcEptMapper - ok
17:44:36.0475 0936 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
17:44:36.0475 0936 RpcLocator - ok
17:44:36.0506 0936 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\windows\system32\rpcss.dll
17:44:36.0506 0936 RpcSs - ok
17:44:36.0522 0936 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:44:36.0522 0936 rspndr - ok
17:44:36.0553 0936 [ 30F463768D5143BFD7B2DF822B53CF4D ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
17:44:36.0553 0936 RSUSBSTOR - ok
17:44:36.0568 0936 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\windows\system32\lsass.exe
17:44:36.0568 0936 SamSs - ok
17:44:36.0584 0936 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
17:44:36.0600 0936 sbp2port - ok
17:44:36.0600 0936 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
17:44:36.0615 0936 SCardSvr - ok
17:44:36.0615 0936 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:44:36.0615 0936 scfilter - ok
17:44:36.0662 0936 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\windows\system32\schedsvc.dll
17:44:36.0662 0936 Schedule - ok
17:44:36.0693 0936 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\windows\System32\certprop.dll
17:44:36.0693 0936 SCPolicySvc - ok
17:44:36.0724 0936 [ 490B0B68BB938D5C628EC4A67277BE75 ] ScreamBAudioSvc C:\windows\system32\drivers\ScreamingBAudio64.sys
17:44:36.0724 0936 ScreamBAudioSvc - ok
17:44:36.0771 0936 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:44:36.0771 0936 SDRSVC - ok
17:44:36.0818 0936 [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
17:44:36.0818 0936 SeaPort - ok
17:44:36.0849 0936 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
17:44:36.0849 0936 secdrv - ok
17:44:36.0849 0936 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\windows\system32\seclogon.dll
17:44:36.0849 0936 seclogon - ok
17:44:36.0880 0936 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
17:44:36.0880 0936 SENS - ok
17:44:36.0912 0936 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
17:44:36.0912 0936 SensrSvc - ok
17:44:36.0927 0936 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
17:44:36.0927 0936 Serenum - ok
17:44:36.0943 0936 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
17:44:36.0943 0936 Serial - ok
17:44:36.0943 0936 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
17:44:36.0943 0936 sermouse - ok
17:44:36.0958 0936 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\windows\system32\sessenv.dll
17:44:36.0958 0936 SessionEnv - ok
17:44:36.0974 0936 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys
17:44:36.0974 0936 sffdisk - ok
17:44:36.0990 0936 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys
17:44:36.0990 0936 sffp_mmc - ok
17:44:37.0005 0936 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys
17:44:37.0005 0936 sffp_sd - ok
17:44:37.0021 0936 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
17:44:37.0021 0936 sfloppy - ok
17:44:37.0052 0936 [ 72CD52403EFC137290CB5A328510EBCA ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
17:44:37.0068 0936 Sftfs - ok
17:44:37.0146 0936 [ F821B6C5D3FD23E11CBB613F61C94C98 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:44:37.0146 0936 sftlist - ok
17:44:37.0192 0936 [ 31A36EF71AF36EABCC4B4F8AB8F76465 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
17:44:37.0192 0936 Sftplay - ok
17:44:37.0192 0936 [ 2D969194FCC8EB41ED1D52863BFE7F52 ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
17:44:37.0208 0936 Sftredir - ok
17:44:37.0255 0936 [ 08B36D2F63AF3CA2248458A4280C0C50 ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
17:44:37.0255 0936 Sftvol - ok
17:44:37.0270 0936 [ DB7213FCB2BC1B4F0C5CC5AF344ABCD0 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:44:37.0286 0936 sftvsa - ok
17:44:37.0317 0936 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
17:44:37.0317 0936 SharedAccess - ok
17:44:37.0348 0936 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:44:37.0348 0936 ShellHWDetection - ok
17:44:37.0364 0936 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
17:44:37.0364 0936 SiSRaid2 - ok
17:44:37.0380 0936 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
17:44:37.0395 0936 SiSRaid4 - ok
17:44:37.0520 0936 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:44:37.0536 0936 Skype C2C Service - ok
17:44:37.0567 0936 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:44:37.0567 0936 SkypeUpdate - ok
17:44:37.0567 0936 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
17:44:37.0567 0936 Smb - ok
17:44:37.0598 0936 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:44:37.0598 0936 SNMPTRAP - ok
17:44:37.0614 0936 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
17:44:37.0614 0936 spldr - ok
17:44:37.0660 0936 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\windows\System32\spoolsv.exe
17:44:37.0676 0936 Spooler - ok
17:44:37.0754 0936 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\windows\system32\sppsvc.exe
17:44:37.0770 0936 sppsvc - ok
17:44:37.0785 0936 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:44:37.0785 0936 sppuinotify - ok
17:44:37.0832 0936 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\windows\system32\DRIVERS\srv.sys
17:44:37.0832 0936 srv - ok
17:44:37.0863 0936 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:44:37.0863 0936 srv2 - ok
17:44:37.0894 0936 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:44:37.0894 0936 srvnet - ok
17:44:37.0926 0936 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:44:37.0926 0936 SSDPSRV - ok
17:44:37.0941 0936 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
17:44:37.0941 0936 SstpSvc - ok
17:44:38.0019 0936 [ DA7702025DFD169B909C4DA3126762CC ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\STacSV64.exe
17:44:38.0019 0936 STacSV - ok
17:44:38.0050 0936 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
17:44:38.0050 0936 stexstor - ok
17:44:38.0113 0936 [ CAF5A9708671B14B9670260735B22C4E ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
17:44:38.0113 0936 STHDA - ok
17:44:38.0160 0936 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\windows\System32\wiaservc.dll
17:44:38.0160 0936 stisvc - ok
17:44:38.0175 0936 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
17:44:38.0175 0936 swenum - ok
17:44:38.0206 0936 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
17:44:38.0206 0936 swprv - ok
17:44:38.0253 0936 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\windows\system32\sysmain.dll
17:44:38.0269 0936 SysMain - ok
17:44:38.0284 0936 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\windows\System32\TabSvc.dll
17:44:38.0284 0936 TabletInputService - ok
17:44:38.0316 0936 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\windows\System32\tapisrv.dll
17:44:38.0316 0936 TapiSrv - ok
17:44:38.0331 0936 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
17:44:38.0331 0936 TBS - ok
17:44:38.0409 0936 [ 61DC720BB065D607D5823F13D2A64321 ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:44:38.0425 0936 Tcpip - ok
17:44:38.0472 0936 [ 61DC720BB065D607D5823F13D2A64321 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:44:38.0487 0936 TCPIP6 - ok
17:44:38.0518 0936 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:44:38.0518 0936 tcpipreg - ok
17:44:38.0518 0936 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:44:38.0518 0936 TDPIPE - ok
17:44:38.0534 0936 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:44:38.0534 0936 TDTCP - ok
17:44:38.0565 0936 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:44:38.0565 0936 tdx - ok
17:44:38.0596 0936 [ C448651339196C0E869A355171875522 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
17:44:38.0596 0936 TermDD - ok
17:44:38.0596 0936 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\windows\System32\termsrv.dll
17:44:38.0612 0936 TermService - ok
17:44:38.0628 0936 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
17:44:38.0628 0936 Themes - ok
17:44:38.0659 0936 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
17:44:38.0659 0936 THREADORDER - ok
17:44:38.0674 0936 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
17:44:38.0674 0936 TrkWks - ok
17:44:38.0737 0936 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:44:38.0737 0936 TrustedInstaller - ok
17:44:38.0752 0936 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:44:38.0752 0936 tssecsrv - ok
17:44:38.0784 0936 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:44:38.0784 0936 tunnel - ok
17:44:38.0815 0936 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
17:44:38.0815 0936 uagp35 - ok
17:44:38.0846 0936 [ 31BA4A33AFAB6A69EA092B18017F737F ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:44:38.0846 0936 udfs - ok
17:44:38.0893 0936 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
17:44:38.0893 0936 UI0Detect - ok
17:44:38.0908 0936 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
17:44:38.0908 0936 uliagpkx - ok
17:44:38.0924 0936 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\windows\system32\DRIVERS\umbus.sys
17:44:38.0924 0936 umbus - ok
17:44:38.0940 0936 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
17:44:38.0940 0936 UmPass - ok
17:44:39.0033 0936 [ CC3775100ABA633984F73DFAE1F55CAE ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:44:39.0049 0936 UNS - ok
17:44:39.0064 0936 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
17:44:39.0080 0936 upnphost - ok
17:44:39.0127 0936 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:44:39.0127 0936 usbccgp - ok
17:44:39.0142 0936 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
17:44:39.0142 0936 usbcir - ok
17:44:39.0158 0936 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\windows\system32\drivers\usbehci.sys
17:44:39.0174 0936 usbehci - ok
17:44:39.0189 0936 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:44:39.0189 0936 usbhub - ok
17:44:39.0220 0936 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\windows\system32\drivers\usbohci.sys
17:44:39.0220 0936 usbohci - ok
17:44:39.0252 0936 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
17:44:39.0252 0936 usbprint - ok
17:44:39.0283 0936 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:44:39.0298 0936 USBSTOR - ok
17:44:39.0330 0936 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
17:44:39.0330 0936 usbuhci - ok
17:44:39.0361 0936 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
17:44:39.0361 0936 usbvideo - ok
17:44:39.0423 0936 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
17:44:39.0423 0936 UxSms - ok
17:44:39.0439 0936 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\windows\system32\lsass.exe
17:44:39.0439 0936 VaultSvc - ok
17:44:39.0454 0936 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
17:44:39.0454 0936 vdrvroot - ok
17:44:39.0486 0936 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\windows\System32\vds.exe
17:44:39.0486 0936 vds - ok
17:44:39.0486 0936 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:44:39.0486 0936 vga - ok
17:44:39.0486 0936 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
17:44:39.0486 0936 VgaSave - ok
17:44:39.0532 0936 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
17:44:39.0532 0936 vhdmp - ok
17:44:39.0548 0936 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\DRIVERS\viaide.sys
17:44:39.0548 0936 viaide - ok
17:44:39.0595 0936 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
17:44:39.0595 0936 volmgr - ok
17:44:39.0626 0936 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:44:39.0626 0936 volmgrx - ok
17:44:39.0657 0936 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\windows\system32\DRIVERS\volsnap.sys
17:44:39.0657 0936 volsnap - ok
17:44:39.0673 0936 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
17:44:39.0673 0936 vsmraid - ok
17:44:39.0735 0936 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\windows\system32\vssvc.exe
17:44:39.0735 0936 VSS - ok
17:44:39.0751 0936 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
17:44:39.0751 0936 vwifibus - ok
17:44:39.0766 0936 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
17:44:39.0766 0936 vwififlt - ok
17:44:39.0782 0936 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
17:44:39.0782 0936 vwifimp - ok
17:44:39.0798 0936 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
17:44:39.0798 0936 W32Time - ok
17:44:39.0798 0936 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
17:44:39.0798 0936 WacomPen - ok
17:44:39.0813 0936 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:44:39.0813 0936 WANARP - ok
17:44:39.0829 0936 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:44:39.0829 0936 Wanarpv6 - ok
17:44:39.0891 0936 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
17:44:39.0907 0936 WatAdminSvc - ok
17:44:39.0969 0936 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\windows\system32\wbengine.exe
17:44:39.0985 0936 wbengine - ok
17:44:40.0016 0936 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:44:40.0016 0936 WbioSrvc - ok
17:44:40.0047 0936 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\windows\System32\wcncsvc.dll
17:44:40.0047 0936 wcncsvc - ok
17:44:40.0078 0936 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:44:40.0078 0936 WcsPlugInService - ok
17:44:40.0078 0936 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
17:44:40.0078 0936 Wd - ok
17:44:40.0110 0936 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:44:40.0125 0936 Wdf01000 - ok
17:44:40.0156 0936 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
17:44:40.0156 0936 WdiServiceHost - ok
17:44:40.0156 0936 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
17:44:40.0156 0936 WdiSystemHost - ok
17:44:40.0203 0936 [ DFE18C278C75525AA00AB0314955F6EF ] Web Assistant Updater C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
17:44:40.0203 0936 Web Assistant Updater - ok
17:44:40.0234 0936 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\windows\System32\webclnt.dll
17:44:40.0250 0936 WebClient - ok
17:44:40.0281 0936 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
17:44:40.0281 0936 Wecsvc - ok
17:44:40.0297 0936 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
17:44:40.0297 0936 wercplsupport - ok
17:44:40.0312 0936 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
17:44:40.0312 0936 WerSvc - ok
17:44:40.0344 0936 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:44:40.0344 0936 WfpLwf - ok
17:44:40.0359 0936 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:44:40.0359 0936 WIMMount - ok
17:44:40.0359 0936 WinDefend - ok
17:44:40.0359 0936 WinHttpAutoProxySvc - ok
17:44:40.0422 0936 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:44:40.0422 0936 Winmgmt - ok
17:44:40.0484 0936 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\windows\system32\WsmSvc.dll
17:44:40.0500 0936 WinRM - ok
17:44:40.0515 0936 [ 4D52C872018AF7E18D078978DCC3F6F2 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
17:44:40.0515 0936 WinUsb - ok
17:44:40.0562 0936 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
17:44:40.0562 0936 Wlansvc - ok
17:44:40.0609 0936 [ A96D6C0613DCF84F2D07FAEB75663072 ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
17:44:40.0609 0936 wltrysvc - ok
17:44:40.0624 0936 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
17:44:40.0624 0936 WmiAcpi - ok
17:44:40.0656 0936 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:44:40.0656 0936 wmiApSrv - ok
17:44:40.0687 0936 WMPNetworkSvc - ok
17:44:40.0702 0936 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
17:44:40.0702 0936 WPCSvc - ok
17:44:40.0734 0936 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:44:40.0734 0936 WPDBusEnum - ok
17:44:40.0749 0936 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:44:40.0749 0936 ws2ifsl - ok
17:44:40.0827 0936 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\windows\System32\wscsvc.dll
17:44:40.0827 0936 wscsvc - ok
17:44:40.0843 0936 WSearch - ok
17:44:40.0936 0936 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
17:44:40.0952 0936 wuauserv - ok
17:44:40.0983 0936 [ C63907207B837A5C05CF6D1606AA0008 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:44:40.0983 0936 WudfPf - ok
17:44:40.0999 0936 [ D885A873D733020F8B9B9FF4B1666158 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:44:40.0999 0936 WUDFRd - ok
17:44:41.0030 0936 [ 27B9BEE5AAC00139E3A3AF5D6227A0DC ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:44:41.0030 0936 wudfsvc - ok
17:44:41.0046 0936 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
17:44:41.0046 0936 WwanSvc - ok
17:44:41.0077 0936 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\windows\system32\DRIVERS\yk62x64.sys
17:44:41.0077 0936 yukonw7 - ok
17:44:41.0092 0936 ================ Scan global ===============================
17:44:41.0108 0936 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
17:44:41.0155 0936 [ B200DECA2186858595A97FBE63E896CC ] C:\windows\system32\winsrv.dll
17:44:41.0186 0936 [ B200DECA2186858595A97FBE63E896CC ] C:\windows\system32\winsrv.dll
17:44:41.0233 0936 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
17:44:41.0280 0936 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
17:44:41.0280 0936 [Global] - ok
17:44:41.0280 0936 ================ Scan MBR ==================================
17:44:41.0295 0936 [ C3220EB08ADD62E3ED9F72A1F4E4B1BB ] \Device\Harddisk0\DR0
17:44:41.0592 0936 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:44:41.0592 0936 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:44:41.0592 0936 ================ Scan VBR ==================================
17:44:41.0592 0936 [ DE4CFC9A6BCEAC4DB23F9F39B2598578 ] \Device\Harddisk0\DR0\Partition1
17:44:41.0592 0936 \Device\Harddisk0\DR0\Partition1 - ok
17:44:41.0623 0936 [ 42830D70BBEF9B5EC0B23BAAE40FA686 ] \Device\Harddisk0\DR0\Partition2
17:44:41.0623 0936 \Device\Harddisk0\DR0\Partition2 - ok
17:44:41.0623 0936 ============================================================
17:44:41.0623 0936 Scan finished
17:44:41.0623 0936 ============================================================
17:44:41.0623 1884 Detected object count: 1
17:44:41.0623 1884 Actual detected object count: 1
17:44:55.0210 1884 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
17:44:55.0210 1884 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
17:44:55.0226 1884 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
17:44:55.0273 1884 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
17:44:55.0273 1884 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
17:44:55.0273 1884 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
17:44:55.0273 1884 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
17:44:55.0273 1884 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
17:44:55.0273 1884 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
17:44:55.0273 1884 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
17:44:55.0273 1884 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
17:44:55.0273 1884 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
17:44:55.0273 1884 \Device\Harddisk0\DR0\TDLFS - deleted
17:44:55.0273 1884 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
17:46:26.0923 2040 Deinitialize success

#4 luvs2surf

luvs2surf
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:27 PM

Posted 30 November 2012 - 07:08 PM

Then I ran the ASWMBR.exe and this is the log results :

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-30 17:47:24
-----------------------------
17:47:24.659 OS Version: Windows x64 6.1.7600
17:47:24.659 Number of processors: 2 586 0x2505
17:47:24.659 ComputerName: CRICKET-PC UserName: cricket
17:47:25.470 Initialize success
17:51:27.052 AVAST engine defs: 12113001
17:51:29.158 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:51:29.158 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
17:51:29.158 Disk 0 MBR read successfully
17:51:29.189 Disk 0 MBR scan
17:51:29.189 Disk 0 Windows 7 default MBR code
17:51:29.205 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
17:51:29.205 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
17:51:29.220 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290143 MB offset 30926848
17:51:29.252 Disk 0 scanning C:\windows\system32\drivers
17:51:37.457 Service scanning
17:51:56.302 Modules scanning
17:51:56.302 Disk 0 trace - called modules:
17:51:56.349 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:51:56.349 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a14060]
17:51:56.380 3 CLASSPNP.SYS[fffff880011cc43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80048f0050]
17:51:57.425 AVAST engine scan C:\windows
17:51:59.703 AVAST engine scan C:\windows\system32
17:53:59.995 AVAST engine scan C:\windows\system32\drivers
17:54:09.737 AVAST engine scan C:\Users\cricket
17:57:24.888 Disk 0 MBR has been saved successfully to "C:\Users\cricket\Desktop\MBR.dat"
17:57:24.888 The log file has been saved successfully to "C:\Users\cricket\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-30 17:47:24
-----------------------------
17:47:24.659 OS Version: Windows x64 6.1.7600
17:47:24.659 Number of processors: 2 586 0x2505
17:47:24.659 ComputerName: CRICKET-PC UserName: cricket
17:47:25.470 Initialize success
17:51:27.052 AVAST engine defs: 12113001
17:51:29.158 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:51:29.158 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
17:51:29.158 Disk 0 MBR read successfully
17:51:29.189 Disk 0 MBR scan
17:51:29.189 Disk 0 Windows 7 default MBR code
17:51:29.205 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
17:51:29.205 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
17:51:29.220 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290143 MB offset 30926848
17:51:29.252 Disk 0 scanning C:\windows\system32\drivers
17:51:37.457 Service scanning
17:51:56.302 Modules scanning
17:51:56.302 Disk 0 trace - called modules:
17:51:56.349 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:51:56.349 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a14060]
17:51:56.380 3 CLASSPNP.SYS[fffff880011cc43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80048f0050]
17:51:57.425 AVAST engine scan C:\windows
17:51:59.703 AVAST engine scan C:\windows\system32
17:53:59.995 AVAST engine scan C:\windows\system32\drivers
17:54:09.737 AVAST engine scan C:\Users\cricket
17:57:24.888 Disk 0 MBR has been saved successfully to "C:\Users\cricket\Desktop\MBR.dat"
17:57:24.888 The log file has been saved successfully to "C:\Users\cricket\Desktop\aswMBR.txt"
17:57:57.352 Disk 0 MBR has been saved successfully to "C:\Users\cricket\Desktop\MBR.dat"
17:57:57.383 The log file has been saved successfully to "C:\Users\cricket\Desktop\aswMBR.txt"

#5 luvs2surf

luvs2surf
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:27 PM

Posted 30 November 2012 - 07:53 PM

Then I ran the ESET scanner and this is what it found :

C:\TDSSKiller_Quarantine\30.11.2012_17.41.08\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.11.2012_17.41.08\tdlfs0000\tsk0001.dta a variant of Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.11.2012_17.41.08\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.QM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.11.2012_17.41.08\tdlfs0000\tsk0003.dta Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.11.2012_17.41.08\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.11.2012_17.41.08\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.11.2012_17.41.08\tdlfs0001\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.11.2012_17.41.08\tdlfs0001\tsk0001.dta a variant of Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.11.2012_17.41.08\tdlfs0001\tsk0002.dta a variant of Win32/Rootkit.Kryptik.QM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.11.2012_17.41.08\tdlfs0001\tsk0003.dta Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.11.2012_17.41.08\tdlfs0001\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.11.2012_17.41.08\tdlfs0001\tsk0008.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\Users\cricket\Downloads\7zip_installer_d793026.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2USVF4MZ\categories[2].txt HTML/Iframe.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIF7MX4H\37824-15[2].js HTML/ScrInject.B.Gen virus deleted - quarantined

#6 luvs2surf

luvs2surf
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:27 PM

Posted 30 November 2012 - 07:55 PM

What do I do now?
I am not sure if my computer is virus free yet. But the Microsoft Security Essentials has definitely not been been much help.

Thank you for your patience and help. I am truly thankful and await your reply.

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:27 PM

Posted 30 November 2012 - 08:52 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#8 luvs2surf

luvs2surf
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:27 PM

Posted 01 December 2012 - 12:33 AM

Wow! Thanks sooo much!!!

After running the Eset scanner, I was later asked if I wanted to try their computer security.

It seems to have done the trick! I've re-run the scans and nothing comes up plus my we browser is working faster than ever.

It also installed several Windows Updates/Drivers saying the computer was risk from being outdated.

Thanks for all of your help. I truly appreciate it! ^_^

Hope you have a great day!

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:27 PM

Posted 01 December 2012 - 07:39 AM

Can you post the logs?

We need to make sure there are no traces left

#10 luvs2surf

luvs2surf
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:27 PM

Posted 01 December 2012 - 11:33 PM

My computer is being contrary right now. Malwarebytes etc doesn't want to download/run.

So far, was able to run the Farbar scanner and here are the results :

Farbar scanner :
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

Internet re-directed me to scour.com?! I take it this is a new variety of browser hijacker?

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:27 PM

Posted 02 December 2012 - 11:18 AM

Other logs?

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#12 luvs2surf

luvs2surf
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:27 PM

Posted 02 December 2012 - 09:00 PM

These are the programs I have been able to run :

Rkill results -

Backup Registry file created at:
C:\Users\cricket\Desktop\rkill\rkill-12-02-2012-07-54-16.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
* HKCU\SOFTWARE\Classes\.exe has been deleted!
* HKCU\SOFTWARE\Classes\exefile has been deleted!


Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

Program finished at: 12/02/2012 07:54:24 PM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)


AutoRun Results :

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Apoint" "Alps Pointing-device Driver" "Alps Electric Co., Ltd." "c:\program files\delltpad\apoint.exe"
+ "Broadcom Wireless Manager UI" "DW WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\program files\dell\dw wlan card\wltray.exe"
+ "CanonSolutionMenu" "CNSLMAIN" "CANON INC." "c:\program files (x86)\canon\solutionmenu\cnslmain.exe"
+ "egui" "ESET GUI" "ESET" "c:\program files\eset\eset smart security\egui.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Dell DataSafe Online" "Dell DataSafe Online Service" "Dell, Inc." "c:\program files (x86)\dell\dell datasafe online\nobuclient.exe"
+ "Dell Registration" "System Registration" "Dell, Inc." "c:\program files (x86)\system registration\prodreg.exe"
+ "Dell Webcam Central" "WebcamDell2.exe" "Creative Technology Ltd" "c:\program files (x86)\dell webcam\dell webcam central\webcamdell2.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "ROC_roc_ssl_v12" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Internet Explorer" "" "" "File not found: start"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Animated Wallpaper" "" "" "File not found: C:\Program Files (x86)\DesktopAnimated\Sunshine Clouds Animated Wallpaper\Sunshine Clouds.exe"
+ "DW7" "" "" "File not found: C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
+ "Google" "" "" "File not found: xidpwooedd.exe"
+ "Skype" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "SmileboxTray" "Smilebox Tray" "Smilebox, Inc." "c:\users\cricket\appdata\roaming\smilebox\smileboxtray.exe"
+ "SpybotSD TeaTimer" "" "" "File not found: C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset smart security\shellext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset smart security\x86\shellext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DiskInternals_cd_recovery" "" "" "File not found: C:\PROGRA~2\DISKIN~1\CDANDD~1\contmenu.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset smart security\shellext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset smart security\x86\shellext.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Canon Easy-WebPrint EX BHO" "Easy-WebPrint EX" "CANON INC." "c:\program files (x86)\canon\easy-webprint ex\ewpexbho.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Search Helper" "Microsoft Search Helper Extention" "Microsoft Corp." "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Toolbar Helper" "Windows Live Toolbar Core" "Microsoft Corporation" "c:\program files (x86)\windows live\toolbar\wltcore.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "&Windows Live Toolbar" "Windows Live Toolbar Core" "Microsoft Corporation" "c:\program files (x86)\windows live\toolbar\wltcore.dll"
+ "Canon Easy-WebPrint EX" "Easy-WebPrint EX" "CANON INC." "c:\program files (x86)\canon\easy-webprint ex\ewpexhlp.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
"Task Scheduler" "" "" ""
+ "\Driver Performer" "" "" "File not found: C:\Users\cricket\AppData\Local\Temp\Driver Performer93242.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\HP Photo Creations Communicator" "" "" "c:\programdata\hp photo creations\messagecheck.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "" "" "File not found: c:\Program Files\Microsoft Security Client\MpCmdRun.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Defender\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-1138084273-2424075153-3596568193-1001" "" "" "File not found: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-1138084273-2424075153-3596568193-1001" "" "" "File not found: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe"
+ "\{20D95FAD-5607-4E67-92F5-D26E5FFB221C}" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbam.exe"
+ "\{2F706511-6E02-460E-9081-742E539A5119}" "" "" "File not found: C:\Users\cricket\Desktop\Miku\ssp.exe"
+ "\{43940AED-5C01-40DB-9CF9-CCFD36396570}" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbam.exe"
+ "\{F5725768-FE94-4498-929D-323A8F8DC4FD}" "" "" "c:\myservice\myservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "ekrn" "ESET Service" "ESET" "c:\program files\eset\eset smart security\x86\ekrn.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly." "Microsoft Corp." "c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM42RLY" "Broadcom iLine10™ PCI Network Adapter Proxy Protocol Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm42rly.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BcmVWL" "Broadcom 802.11 Network Adapter Virtual Wireless Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmvwl64.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "cpuz135" "" "" "File not found: C:\Users\cricket\AppData\Local\Temp\cpuz135\cpuz135_x64.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys"
+ "eamonm" "Eset file on-access scanner" "ESET" "c:\windows\system32\drivers\eamonm.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "ehdrv" "Eset Helper driver" "ESET" "c:\windows\system32\drivers\ehdrv.sys"
+ "ElRawDisk" "RawDisk Driver. Allows write access to files and raw disk sectors for user mode applications in Windows 2000, XP, 2003, Vista, 2008." "EldoS Corporation" "c:\windows\system32\drivers\rsdrvx64.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "epfw" "EPFW Filter Driver" "ESET" "c:\windows\system32\drivers\epfw.sys"
+ "EpfwLWF" "Epfw NDIS LightWeight Filter" "ESET" "c:\windows\system32\drivers\epfwlwf.sys"
+ "epfwwfp" "EPFW Filter Driver" "ESET" "c:\windows\system32\drivers\epfwwfp.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "ScreamBAudioSvc" "Screaming Bee Audio Driver" "Screaming Bee LLC" "c:\windows\system32\drivers\screamingbaudio64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "yukonw7" "Miniport Driver for Marvell Yukon Ethernet Controller." "Marvell" "c:\windows\system32\drivers\yk62x64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Haali Matroska Muxer" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.x64.ax"
+ "Haali Media Splitter" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.x64.ax"
+ "Haali Media Splitter (AR)" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.x64.ax"
+ "Haali Simple Media Splitter" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.x64.ax"
+ "Haali Video Renderer" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\dxr.x64.dll"
+ "Haali Video Sink" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.x64.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\syswow64\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "" "" "File not found: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll"
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ Language Monitor MP560 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlma0.dll"
+ "Canon BJNP Port" "Canon IJ Network 64bit comm Module" "CANON INC." "c:\windows\system32\cnmn6ppm.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "BCMLogon" "DW WLAN Card Logon Provider" "Dell Inc." "c:\windows\system32\bcmlogon.dll"

#13 luvs2surf

luvs2surf
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:27 PM

Posted 02 December 2012 - 09:02 PM

I'm having problems with some programs/downloads.

Still getting re-routed to scour.com and some other sites...These things are really stubborn.

#14 luvs2surf

luvs2surf
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:27 PM

Posted 02 December 2012 - 09:27 PM

Finally got some cooperation :

Adware cleaner results -

# AdwCleaner v2.011 - Logfile created 12/02/2012 at 20:20:28
# Updated 02/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : cricket - CRICKET-PC
# Boot Mode : Normal
# Running from : C:\Users\cricket\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Users\cricket\AppData\Roaming\Mozilla\Firefox\Profiles\nhkwgjrr.default\searchplugins\Conduit.xml
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Web Assistant
Folder Deleted : C:\Users\cricket\AppData\Roaming\Mozilla\Firefox\Profiles\nhkwgjrr.default\ConduitCommon

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2559647
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2956065
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Web Assistant
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default
File : C:\Users\cricket\AppData\Roaming\Mozilla\Firefox\Profiles\nhkwgjrr.default\prefs.js

C:\Users\cricket\AppData\Roaming\Mozilla\Firefox\Profiles\nhkwgjrr.default\user.js ... Deleted !

Deleted : user_pref("CT380344..clientLogIsEnabled", false);
Deleted : user_pref("CT380344..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT380344..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT380344.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT380344.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT380344.BrowserCompStateIsOpen_1000515", true);
Deleted : user_pref("CT380344.CT380344", "CT380344");
Deleted : user_pref("CT380344.CurrentServerDate", "25-11-2012");
Deleted : user_pref("CT380344.DSChangedManually", true);
Deleted : user_pref("CT380344.DSInstall", true);
Deleted : user_pref("CT380344.DialogsAlignMode", "LTR");
Deleted : user_pref("CT380344.DialogsGetterLastCheckTime", "Thu Nov 22 2012 23:00:31 GMT-0600 (Central Standar[...]
Deleted : user_pref("CT380344.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Banne[...]
Deleted : user_pref("CT380344.EMailNotifierPollDate", "Fri Aug 24 2012 21:11:33 GMT-0500 (Central Daylight Tim[...]
Deleted : user_pref("CT380344.EnableClickToSearchBox", false);
Deleted : user_pref("CT380344.EnableSearchHistory", false);
Deleted : user_pref("CT380344.EnableSearchSuggest", false);
Deleted : user_pref("CT380344.FeedLastCount127978308413438421", 10);
Deleted : user_pref("CT380344.FeedPollDate127978308413438421", "Fri Aug 24 2012 21:11:19 GMT-0500 (Central Day[...]
Deleted : user_pref("CT380344.FirstServerDate", "25-8-2012");
Deleted : user_pref("CT380344.FirstTime", true);
Deleted : user_pref("CT380344.FirstTimeFF3", true);
Deleted : user_pref("CT380344.FirstTimeHiddenVer", true);
Deleted : user_pref("CT380344.FixPageNotFoundErrors", true);
Deleted : user_pref("CT380344.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT380344.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT380344.HPInstall", true);
Deleted : user_pref("CT380344.HasUserGlobalKeys", true);
Deleted : user_pref("CT380344.HomePageProtectorEnabled", false);
Deleted : user_pref("CT380344.HomepageBeforeUnload", "hxxp://www.google.com");
Deleted : user_pref("CT380344.Initialize", true);
Deleted : user_pref("CT380344.InitializeCommonPrefs", true);
Deleted : user_pref("CT380344.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT380344.InstallationType", "DirectDownload");
Deleted : user_pref("CT380344.InstalledDate", "Fri Aug 24 2012 21:11:22 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT380344.InvalidateCache", false);
Deleted : user_pref("CT380344.IsAlertDBUpdated", true);
Deleted : user_pref("CT380344.IsGrouping", false);
Deleted : user_pref("CT380344.IsInitSetupIni", true);
Deleted : user_pref("CT380344.IsMulticommunity", false);
Deleted : user_pref("CT380344.IsOpenThankYouPage", true);
Deleted : user_pref("CT380344.IsOpenUninstallPage", true);
Deleted : user_pref("CT380344.IsProtectorsInit", true);
Deleted : user_pref("CT380344.LanguagePackLastCheckTime", "Fri Nov 23 2012 21:16:58 GMT-0600 (Central Standard[...]
Deleted : user_pref("CT380344.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT380344.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx"[...]
Deleted : user_pref("CT380344.LastLogin_3.14.1.0", "Sun Aug 26 2012 19:23:37 GMT-0500 (Central Daylight Time)"[...]
Deleted : user_pref("CT380344.LastLogin_3.15.1.0", "Mon Nov 12 2012 16:24:27 GMT-0600 (Central Standard Time)"[...]
Deleted : user_pref("CT380344.LastLogin_3.16.0.3", "Sat Nov 24 2012 15:05:41 GMT-0600 (Central Standard Time)"[...]
Deleted : user_pref("CT380344.LatestVersion", "3.16.0.3");
Deleted : user_pref("CT380344.Locale", "en-us");
Deleted : user_pref("CT380344.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT380344.MCDetectTooltipShow", false);
Deleted : user_pref("CT380344.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT380344.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT380344.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT380344.OriginalFirstVersion", "3.14.1.0");
Deleted : user_pref("CT380344.RadioIsPodcast", false);
Deleted : user_pref("CT380344.RadioLastCheckTime", "Fri Aug 24 2012 21:11:21 GMT-0500 (Central Daylight Time)"[...]
Deleted : user_pref("CT380344.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT380344.RadioLastUpdateServer", "128929877726170000");
Deleted : user_pref("CT380344.RadioMediaID", "7708179");
Deleted : user_pref("CT380344.RadioMediaType", "Media Player");
Deleted : user_pref("CT380344.RadioMenuSelectedID", "EBRadioMenu_CT3803447708179");
Deleted : user_pref("CT380344.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT380344.RadioStationName", "WSM-AM%20650%20Nashville%20(Country)");
Deleted : user_pref("CT380344.RadioStationURL", "hxxp://wm-eon.vitalstreamcdn.com/live_eonwmss_vitalstream_com[...]
Deleted : user_pref("CT380344.SavedHomepage", "hxxp://www.google.com/");
Deleted : user_pref("CT380344.SearchBackToDefaultEngine", false);
Deleted : user_pref("CT380344.SearchBoxWidth", 150);
Deleted : user_pref("CT380344.SearchCaption", "Keeper Of Hope Customized Web Search");
Deleted : user_pref("CT380344.SearchEngine", "Dictionary||hxxp://www.thefreedictionary.com/_/search.aspx?Word=[...]
Deleted : user_pref("CT380344.SearchEngineBeforeUnload", "google");
Deleted : user_pref("CT380344.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT380344.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3803[...]
Deleted : user_pref("CT380344.SearchInNewTabEnabled", true);
Deleted : user_pref("CT380344.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT380344.SearchInNewTabLastCheckTime", "Fri Nov 23 2012 21:38:25 GMT-0600 (Central Standa[...]
Deleted : user_pref("CT380344.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TO[...]
Deleted : user_pref("CT380344.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT380344.SearchProtectorEnabled", false);
Deleted : user_pref("CT380344.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT380344.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT380344.ServiceMapLastCheckTime", "Fri Nov 23 2012 21:22:10 GMT-0600 (Central Standard T[...]
Deleted : user_pref("CT380344.SettingsLastCheckTime", "Sat Nov 24 2012 15:05:39 GMT-0600 (Central Standard Tim[...]
Deleted : user_pref("CT380344.SettingsLastUpdate", "1352140971");
Deleted : user_pref("CT380344.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT380344&SearchSource=13");
Deleted : user_pref("CT380344.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT380344.ThirdPartyComponentsLastCheck", "Sun Nov 18 2012 20:12:18 GMT-0600 (Central Stan[...]
Deleted : user_pref("CT380344.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT380344.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT380344.TrusteLinkUrl", "hxxp://trust.conduit.com/CT380344");
Deleted : user_pref("CT380344.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client[...]
Deleted : user_pref("CT380344.UserID", "UN39635132706921106");
Deleted : user_pref("CT380344.ValidationData_Search", 2);
Deleted : user_pref("CT380344.ValidationData_Toolbar", 1);
Deleted : user_pref("CT380344.WeatherNetwork", "");
Deleted : user_pref("CT380344.WeatherPollDate", "Sat Nov 24 2012 15:05:41 GMT-0600 (Central Standard Time)");
Deleted : user_pref("CT380344.WeatherUnit", "F");
Deleted : user_pref("CT380344.alertChannelId", "3242");
Deleted : user_pref("CT380344.approveUntrustedApps", false);
Deleted : user_pref("CT380344.components.1000034", false);
Deleted : user_pref("CT380344.components.1000082", false);
Deleted : user_pref("CT380344.components.1000515", false);
Deleted : user_pref("CT380344.components.127978299133282223", false);
Deleted : user_pref("CT380344.components.127978300730469724", false);
Deleted : user_pref("CT380344.components.127978301665781740", false);
Deleted : user_pref("CT380344.components.127978303098594276", false);
Deleted : user_pref("CT380344.components.127978308413438421", false);
Deleted : user_pref("CT380344.components.127978310734375107", false);
Deleted : user_pref("CT380344.components.127981117909287606", false);
Deleted : user_pref("CT380344.components.127981119284600274", false);
Deleted : user_pref("CT380344.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.co[...]
Deleted : user_pref("CT380344.globalFirstTimeInfoLastCheckTime", "Sat Nov 17 2012 13:00:46 GMT-0600 (Central S[...]
Deleted : user_pref("CT380344.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT380344.initDone", true);
Deleted : user_pref("CT380344.isAppTrackingManagerOn", true);
Deleted : user_pref("CT380344.isFirstRadioInstallation", false);
Deleted : user_pref("CT380344.myStuffEnabled", true);
Deleted : user_pref("CT380344.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT380344.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOri[...]
Deleted : user_pref("CT380344.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT380344.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Com[...]
Deleted : user_pref("CT380344.navigateToUrlOnSearch", false);
Deleted : user_pref("CT380344.oldAppsList", "128332480172788349,127978251099219226,1000048,111,127978301665781[...]
Deleted : user_pref("CT380344.revertSettingsEnabled", false);
Deleted : user_pref("CT380344.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT380344.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT380344.testingCtid", "");
Deleted : user_pref("CT380344.toolbarAppMetaDataLastCheckTime", "Fri Nov 23 2012 21:38:26 GMT-0600 (Central St[...]
Deleted : user_pref("CT380344.toolbarContextMenuLastCheckTime", "Sun Nov 18 2012 20:12:19 GMT-0600 (Central St[...]
Deleted : user_pref("CT380344.usageEnabled", false);
Deleted : user_pref("CT380344.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT380344&SearchS[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "Keeper Of Hope Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT380344/CT380344",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/3242/3242/US", "\"0\"");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT380344", "[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT380344", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\cricket\\AppData\\Roaming\\Mozilla\[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.16.0.3");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?ie=UTF-8&oe[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT380344");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT380344");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT380344");
Deleted : user_pref("CommunityToolbar.globalUserId", "c16611ca-6cf7-47d4-baf4-07bbf4126363");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Nov 19 2012 18:50:1[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Nov 23 2012 21:38:34 GMT-060[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Nov 24 2012 11:10:41 GMT-0600 (C[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "fc072303-36c9-4989-8834-4db56573f431");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.com/");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "google");
Deleted : user_pref("browser.babylon.HPOnNewTab", "hxxp://www.google.com/");
Deleted : user_pref("browser.search.defaultthis.engineName", "Keeper Of Hope Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT380344&Sear[...]
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID= 112050");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "7c4e86d4000000000000c0cb382da960");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "7c4e86d4000000000000c0cb382da960");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15460");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1723:18:53");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.toolbar.mindspark._5mMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Deleted : user_pref("extensions.toolbar.mindspark._64Members_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]

Profile name : default
File : C:\Users\cricket246\AppData\Roaming\Mozilla\Firefox\Profiles\l2eephix.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\cricket\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [20177 octets] - [02/12/2012 20:20:07]
AdwCleaner[S1].txt - [20445 octets] - [02/12/2012 20:20:28]

########## EOF - C:\AdwCleaner[S1].txt - [20506 octets] ##########

#15 luvs2surf

luvs2surf
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:27 PM

Posted 02 December 2012 - 09:34 PM

Here are the results from the Junkware removal tool :

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.7.5 (12.02.2012:2)
OS: Windows 7 Home Premium x64
Ran by cricket on Sun 12/02/2012 at 20:27:11.89
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{51dd3535-abea-484a-b1cf-06ab7b092c0c}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Users\cricket\AppData\Roaming\mozilla\firefox\profiles\nhkwgjrr.default\extensions\plsmcjshqm@plsmcjshqm.org.xpi [Tracur]
Successfully deleted the following from C:\Users\cricket\AppData\Roaming\mozilla\firefox\profiles\nhkwgjrr.default\prefs.js

user_pref("extensions.toolbar.mindspark._5mMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._5mMembers_.installation.installDate", "2012070523");
user_pref("extensions.toolbar.mindspark._5mMembers_.installation.partnerId", "ZUxdm582YYus");
user_pref("extensions.toolbar.mindspark._5mMembers_.installation.partnerSubId", "47446");
user_pref("extensions.toolbar.mindspark._5mMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._5mMembers_.installation.toolbarId", "DFD66BA6-9915-496A-91AA-87E12BA32B36");
user_pref("extensions.toolbar.mindspark._5mMembers_.lastActivePing", "1341549969459");
user_pref("extensions.toolbar.mindspark._64Members_.initialized", true);
user_pref("extensions.toolbar.mindspark._64Members_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._64Members_.installation.installDate", "2012080913");
user_pref("extensions.toolbar.mindspark._64Members_.installation.partnerId", "^XP^xdm002^S02131^us");
user_pref("extensions.toolbar.mindspark._64Members_.installation.partnerSubId", "CNzm7tiR27ECFUdntgod0GMA9g");
user_pref("extensions.toolbar.mindspark._64Members_.installation.success", true);
user_pref("extensions.toolbar.mindspark._64Members_.installation.toolbarId", "53C251CD-2EC7-4F92-8967-78BAC14E17CC");
user_pref("extensions.toolbar.mindspark._64Members_.lastActivePing", "1344535745086");
user_pref("extensions.toolbar.mindspark._64Members_.options.defaultSearch", false);
user_pref("extensions.toolbar.mindspark._64Members_.options.homePageEnabled", false);
user_pref("extensions.toolbar.mindspark._64Members_.options.keywordEnabled", false);
user_pref("extensions.toolbar.mindspark._64Members_.options.tabEnabled", false);
user_pref("extensions.toolbar.mindspark._64Members_.weather.location", "45201");
user_pref("extensions.toolbar.mindspark.lastInstalled", "televisionfanatic@mindspark.com");



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 12/02/2012 at 20:32:17.54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users