Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

McAfee Firewall Won't Stay On


  • Please log in to reply
24 replies to this topic

#1 debrasusan

debrasusan

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 29 January 2013 - 07:18 PM

I have scanned my computer with Malware Bytes, Windows Defender and now stinger and it cannot find any files on my computer that are corrupt. Am I infected with something and if so what can I do to fix this? The firewall can be turned on, but then turns off within a few seconds.

Edited by debrasusan, 29 January 2013 - 07:19 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:47 AM

Posted 29 January 2013 - 07:27 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 debrasusan

debrasusan
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 02 February 2013 - 10:08 PM

TDSSKiller Log

19:51:39.0750 3740 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:51:40.0485 3740 ============================================================
19:51:40.0486 3740 Current date / time: 2013/02/02 19:51:40.0485
19:51:40.0486 3740 SystemInfo:
19:51:40.0486 3740
19:51:40.0486 3740 OS Version: 6.1.7601 ServicePack: 1.0
19:51:40.0486 3740 Product type: Workstation
19:51:40.0486 3740 ComputerName: DEBRASUSAN-PC
19:51:40.0487 3740 UserName: Debrasusan
19:51:40.0487 3740 Windows directory: C:\Windows
19:51:40.0487 3740 System windows directory: C:\Windows
19:51:40.0487 3740 Running under WOW64
19:51:40.0487 3740 Processor architecture: Intel x64
19:51:40.0487 3740 Number of processors: 4
19:51:40.0487 3740 Page size: 0x1000
19:51:40.0487 3740 Boot type: Normal boot
19:51:40.0487 3740 ============================================================
19:51:52.0543 3740 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:51:52.0557 3740 ============================================================
19:51:52.0557 3740 \Device\Harddisk0\DR0:
19:51:52.0557 3740 MBR partitions:
19:51:52.0558 3740 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
19:51:52.0558 3740 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x236CE8EB
19:51:52.0558 3740 ============================================================
19:51:52.0797 3740 C: <-> \Device\Harddisk0\DR0\Partition2
19:51:52.0797 3740 ============================================================
19:51:52.0797 3740 Initialize success
19:51:52.0797 3740 ============================================================
19:52:00.0554 5144 ============================================================
19:52:00.0554 5144 Scan started
19:52:00.0554 5144 Mode: Manual;
19:52:00.0554 5144 ============================================================
19:52:04.0488 5144 ================ Scan system memory ========================
19:52:04.0488 5144 System memory - ok
19:52:04.0493 5144 ================ Scan services =============================
19:52:06.0649 5144 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:52:06.0728 5144 1394ohci - ok
19:52:06.0826 5144 [ C49C56B35BFC6CDA8D1FDCAD2885568F ] Acceler C:\Windows\system32\DRIVERS\Acceler.sys
19:52:06.0906 5144 Acceler - ok
19:52:06.0991 5144 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:52:07.0120 5144 ACPI - ok
19:52:07.0246 5144 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:52:07.0323 5144 AcpiPmi - ok
19:52:07.0735 5144 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:52:07.0818 5144 AdobeARMservice - ok
19:52:08.0763 5144 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:52:08.0867 5144 AdobeFlashPlayerUpdateSvc - ok
19:52:08.0929 5144 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:52:08.0964 5144 adp94xx - ok
19:52:09.0099 5144 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:52:09.0165 5144 adpahci - ok
19:52:09.0201 5144 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:52:09.0209 5144 adpu320 - ok
19:52:09.0290 5144 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:52:09.0303 5144 AeLookupSvc - ok
19:52:09.0993 5144 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\AESTSr64.exe
19:52:10.0048 5144 AESTFilters - ok
19:52:10.0122 5144 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:52:10.0189 5144 AFD - ok
19:52:10.0241 5144 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:52:10.0251 5144 agp440 - ok
19:52:10.0287 5144 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:52:10.0297 5144 ALG - ok
19:52:10.0329 5144 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:52:10.0337 5144 aliide - ok
19:52:10.0355 5144 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:52:10.0359 5144 amdide - ok
19:52:10.0396 5144 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:52:10.0401 5144 AmdK8 - ok
19:52:10.0411 5144 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:52:10.0417 5144 AmdPPM - ok
19:52:10.0449 5144 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:52:10.0507 5144 amdsata - ok
19:52:10.0529 5144 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:52:10.0546 5144 amdsbs - ok
19:52:10.0556 5144 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:52:10.0616 5144 amdxata - ok
19:52:10.0769 5144 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:52:10.0843 5144 AppID - ok
19:52:10.0873 5144 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:52:10.0879 5144 AppIDSvc - ok
19:52:10.0924 5144 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:52:10.0967 5144 Appinfo - ok
19:52:11.0128 5144 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:52:11.0208 5144 Apple Mobile Device - ok
19:52:11.0266 5144 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:52:11.0271 5144 arc - ok
19:52:11.0306 5144 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:52:11.0320 5144 arcsas - ok
19:52:11.0378 5144 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:52:11.0389 5144 AsyncMac - ok
19:52:11.0432 5144 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:52:11.0433 5144 atapi - ok
19:52:11.0490 5144 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:52:11.0544 5144 AudioEndpointBuilder - ok
19:52:11.0556 5144 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:52:11.0561 5144 AudioSrv - ok
19:52:11.0613 5144 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:52:11.0653 5144 AxInstSV - ok
19:52:11.0680 5144 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:52:11.0693 5144 b06bdrv - ok
19:52:11.0727 5144 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:52:11.0737 5144 b57nd60a - ok
19:52:11.0837 5144 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:52:11.0927 5144 BBSvc - ok
19:52:11.0963 5144 [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
19:52:12.0019 5144 BCM42RLY - ok
19:52:12.0116 5144 [ 37394D3553E220FB732C21E217E1BD8B ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
19:52:12.0185 5144 BCM43XX - ok
19:52:12.0259 5144 [ 2E552B658273B90251E0441631DE2CA3 ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
19:52:12.0329 5144 BcmSqlStartupSvc - ok
19:52:12.0504 5144 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:52:12.0516 5144 BDESVC - ok
19:52:12.0656 5144 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:52:12.0665 5144 Beep - ok
19:52:12.0964 5144 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:52:13.0044 5144 BFE - ok
19:52:13.0133 5144 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:52:13.0241 5144 BITS - ok
19:52:13.0277 5144 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:52:13.0283 5144 blbdrive - ok
19:52:13.0443 5144 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:52:13.0561 5144 Bonjour Service - ok
19:52:13.0626 5144 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:52:13.0693 5144 bowser - ok
19:52:13.0721 5144 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:52:13.0733 5144 BrFiltLo - ok
19:52:13.0746 5144 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:52:13.0759 5144 BrFiltUp - ok
19:52:13.0805 5144 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:52:13.0862 5144 Browser - ok
19:52:13.0900 5144 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:52:13.0919 5144 Brserid - ok
19:52:13.0939 5144 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:52:13.0961 5144 BrSerWdm - ok
19:52:13.0977 5144 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:52:13.0985 5144 BrUsbMdm - ok
19:52:14.0009 5144 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:52:14.0015 5144 BrUsbSer - ok
19:52:14.0032 5144 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:52:14.0038 5144 BTHMODEM - ok
19:52:14.0083 5144 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:52:14.0089 5144 bthserv - ok
19:52:14.0134 5144 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:52:14.0148 5144 cdfs - ok
19:52:14.0200 5144 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:52:14.0253 5144 cdrom - ok
19:52:14.0311 5144 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:52:14.0363 5144 CertPropSvc - ok
19:52:14.0437 5144 [ DF8D07059E7237E0BE9C1421EF5F9482 ] cfwids C:\Windows\system32\drivers\cfwids.sys
19:52:14.0524 5144 cfwids - ok
19:52:14.0597 5144 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:52:14.0607 5144 circlass - ok
19:52:14.0657 5144 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:52:14.0670 5144 CLFS - ok
19:52:14.0872 5144 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:52:14.0881 5144 clr_optimization_v2.0.50727_32 - ok
19:52:15.0052 5144 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:52:15.0064 5144 clr_optimization_v2.0.50727_64 - ok
19:52:15.0169 5144 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:52:15.0241 5144 clr_optimization_v4.0.30319_32 - ok
19:52:15.0287 5144 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:52:15.0358 5144 clr_optimization_v4.0.30319_64 - ok
19:52:15.0388 5144 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:52:15.0393 5144 CmBatt - ok
19:52:15.0422 5144 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:52:15.0429 5144 cmdide - ok
19:52:15.0475 5144 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
19:52:15.0532 5144 CNG - ok
19:52:15.0557 5144 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:52:15.0561 5144 Compbatt - ok
19:52:15.0619 5144 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:52:15.0684 5144 CompositeBus - ok
19:52:15.0719 5144 COMSysApp - ok
19:52:15.0740 5144 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:52:15.0748 5144 crcdisk - ok
19:52:15.0803 5144 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
19:52:15.0893 5144 Creative ALchemy AL6 Licensing Service - ok
19:52:15.0991 5144 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
19:52:16.0064 5144 Creative Audio Engine Licensing Service - ok
19:52:16.0100 5144 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:52:16.0146 5144 CryptSvc - ok
19:52:16.0213 5144 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
19:52:16.0330 5144 CTAudSvcService - ok
19:52:16.0368 5144 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:52:16.0436 5144 CtClsFlt - ok
19:52:16.0499 5144 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:52:16.0504 5144 DcomLaunch - ok
19:52:16.0542 5144 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:52:16.0553 5144 defragsvc - ok
19:52:16.0587 5144 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:52:16.0641 5144 DfsC - ok
19:52:16.0679 5144 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:52:16.0737 5144 Dhcp - ok
19:52:16.0773 5144 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:52:16.0774 5144 discache - ok
19:52:16.0801 5144 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:52:16.0807 5144 Disk - ok
19:52:16.0833 5144 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:52:16.0875 5144 Dnscache - ok
19:52:16.0991 5144 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
19:52:17.0073 5144 DockLoginService - ok
19:52:17.0111 5144 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:52:17.0162 5144 dot3svc - ok
19:52:17.0215 5144 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
19:52:17.0220 5144 Dot4 - ok
19:52:17.0266 5144 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:52:17.0335 5144 Dot4Print - ok
19:52:17.0361 5144 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
19:52:17.0371 5144 dot4usb - ok
19:52:17.0398 5144 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:52:17.0449 5144 DPS - ok
19:52:17.0475 5144 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:52:17.0482 5144 drmkaud - ok
19:52:17.0534 5144 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:52:17.0612 5144 DXGKrnl - ok
19:52:17.0663 5144 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:52:17.0668 5144 EapHost - ok
19:52:17.0768 5144 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:52:17.0873 5144 ebdrv - ok
19:52:17.0903 5144 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:52:17.0977 5144 EFS - ok
19:52:18.0055 5144 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:52:18.0157 5144 ehRecvr - ok
19:52:18.0225 5144 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:52:18.0235 5144 ehSched - ok
19:52:18.0307 5144 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:52:18.0366 5144 elxstor - ok
19:52:18.0409 5144 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:52:18.0417 5144 ErrDev - ok
19:52:18.0498 5144 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:52:18.0519 5144 EventSystem - ok
19:52:18.0547 5144 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:52:18.0556 5144 exfat - ok
19:52:18.0587 5144 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:52:18.0600 5144 fastfat - ok
19:52:18.0687 5144 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:52:18.0811 5144 Fax - ok
19:52:18.0836 5144 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:52:18.0844 5144 fdc - ok
19:52:18.0863 5144 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:52:18.0869 5144 fdPHost - ok
19:52:18.0882 5144 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:52:18.0885 5144 FDResPub - ok
19:52:18.0896 5144 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:52:18.0901 5144 FileInfo - ok
19:52:18.0916 5144 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:52:18.0922 5144 Filetrace - ok
19:52:18.0938 5144 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:52:18.0944 5144 flpydisk - ok
19:52:18.0981 5144 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:52:19.0027 5144 FltMgr - ok
19:52:19.0096 5144 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:52:19.0152 5144 FontCache - ok
19:52:19.0248 5144 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:52:19.0335 5144 FontCache3.0.0.0 - ok
19:52:19.0428 5144 [ 81B4A2C6C9BD17FFB6031A0A61C09764 ] FreeAgentGoNext Service C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
19:52:19.0551 5144 FreeAgentGoNext Service - ok
19:52:19.0608 5144 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:52:19.0617 5144 FsDepends - ok
19:52:19.0655 5144 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:52:19.0725 5144 fssfltr - ok
19:52:19.0806 5144 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:52:19.0998 5144 fsssvc - ok
19:52:20.0035 5144 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:52:20.0089 5144 Fs_Rec - ok
19:52:20.0167 5144 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:52:20.0169 5144 fvevol - ok
19:52:20.0187 5144 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:52:20.0194 5144 gagp30kx - ok
19:52:20.0264 5144 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
19:52:20.0339 5144 GameConsoleService - ok
19:52:20.0379 5144 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:52:20.0431 5144 GEARAspiWDM - ok
19:52:20.0485 5144 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
19:52:20.0548 5144 GoToAssist - ok
19:52:20.0621 5144 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:52:20.0684 5144 gpsvc - ok
19:52:20.0776 5144 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:52:20.0858 5144 gupdate - ok
19:52:20.0930 5144 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:52:20.0933 5144 gupdatem - ok
19:52:21.0032 5144 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:52:21.0113 5144 gusvc - ok
19:52:21.0201 5144 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:52:21.0208 5144 hcw85cir - ok
19:52:21.0384 5144 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:52:21.0443 5144 HdAudAddService - ok
19:52:21.0506 5144 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:52:21.0573 5144 HDAudBus - ok
19:52:21.0618 5144 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:52:21.0676 5144 HECIx64 - ok
19:52:21.0717 5144 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:52:21.0726 5144 HidBatt - ok
19:52:21.0760 5144 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:52:21.0771 5144 HidBth - ok
19:52:21.0803 5144 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:52:21.0809 5144 HidIr - ok
19:52:21.0844 5144 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:52:21.0854 5144 hidserv - ok
19:52:21.0911 5144 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:52:21.0974 5144 HidUsb - ok
19:52:22.0085 5144 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
19:52:22.0147 5144 HipShieldK - ok
19:52:22.0179 5144 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:52:22.0228 5144 hkmsvc - ok
19:52:22.0281 5144 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:52:22.0346 5144 HomeGroupListener - ok
19:52:22.0404 5144 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:52:22.0443 5144 HomeGroupProvider - ok
19:52:22.0480 5144 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:52:22.0566 5144 HpSAMD - ok
19:52:22.0861 5144 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:52:22.0871 5144 HTTP - ok
19:52:22.0907 5144 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:52:22.0908 5144 hwpolicy - ok
19:52:22.0976 5144 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:52:22.0988 5144 i8042prt - ok
19:52:23.0077 5144 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:52:23.0176 5144 iaStorV - ok
19:52:23.0307 5144 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:52:23.0320 5144 IDriverT - ok
19:52:23.0516 5144 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:52:23.0715 5144 idsvc - ok
19:52:24.0662 5144 [ 90AFAB2B5962B1CD5BB23320675D6174 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:52:24.0745 5144 igfx - ok
19:52:24.0788 5144 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:52:24.0799 5144 iirsp - ok
19:52:24.0957 5144 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:52:25.0107 5144 IKEEXT - ok
19:52:25.0244 5144 [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
19:52:25.0298 5144 Impcd - ok
19:52:25.0368 5144 [ FD5EF1D0210CB9C0773BBA7CA360D762 ] InstallFilterService C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
19:52:25.0432 5144 InstallFilterService - ok
19:52:25.0455 5144 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:52:25.0463 5144 intelide - ok
19:52:25.0590 5144 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:52:25.0596 5144 intelppm - ok
19:52:25.0691 5144 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:52:25.0699 5144 IPBusEnum - ok
19:52:25.0756 5144 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:52:25.0818 5144 IpFilterDriver - ok
19:52:25.0966 5144 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:52:26.0036 5144 iphlpsvc - ok
19:52:26.0094 5144 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:52:26.0158 5144 IPMIDRV - ok
19:52:26.0182 5144 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:52:26.0194 5144 IPNAT - ok
19:52:26.0829 5144 [ B474C756C13960793C7583B766F904C4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:52:26.0897 5144 iPod Service - ok
19:52:26.0934 5144 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:52:26.0947 5144 IRENUM - ok
19:52:27.0006 5144 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:52:27.0011 5144 isapnp - ok
19:52:27.0119 5144 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:52:27.0383 5144 iScsiPrt - ok
19:52:27.0446 5144 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:52:27.0451 5144 kbdclass - ok
19:52:27.0475 5144 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:52:27.0551 5144 kbdhid - ok
19:52:27.0639 5144 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:52:27.0641 5144 KeyIso - ok
19:52:27.0774 5144 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:52:27.0822 5144 KSecDD - ok
19:52:27.0876 5144 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:52:27.0934 5144 KSecPkg - ok
19:52:28.0089 5144 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:52:28.0098 5144 ksthunk - ok
19:52:28.0220 5144 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:52:28.0234 5144 KtmRm - ok
19:52:28.0350 5144 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:52:28.0391 5144 LanmanServer - ok
19:52:28.0446 5144 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:52:28.0500 5144 LanmanWorkstation - ok
19:52:28.0727 5144 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:52:28.0731 5144 lltdio - ok
19:52:28.0768 5144 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:52:28.0781 5144 lltdsvc - ok
19:52:28.0849 5144 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:52:28.0858 5144 lmhosts - ok
19:52:28.0918 5144 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:52:28.0932 5144 LSI_FC - ok
19:52:28.0959 5144 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:52:28.0967 5144 LSI_SAS - ok
19:52:28.0999 5144 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:52:29.0004 5144 LSI_SAS2 - ok
19:52:29.0050 5144 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:52:29.0060 5144 LSI_SCSI - ok
19:52:29.0080 5144 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:52:29.0086 5144 luafv - ok
19:52:29.0186 5144 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:52:29.0241 5144 MBAMProtector - ok
19:52:29.0384 5144 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:52:29.0491 5144 MBAMScheduler - ok
19:52:29.0709 5144 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:52:29.0889 5144 MBAMService - ok
19:52:30.0577 5144 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:52:30.0579 5144 McAfee SiteAdvisor Service - ok
19:52:30.0717 5144 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:52:30.0719 5144 McMPFSvc - ok
19:52:30.0759 5144 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:52:30.0760 5144 mcmscsvc - ok
19:52:30.0839 5144 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:52:30.0840 5144 McNaiAnn - ok
19:52:30.0909 5144 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:52:30.0910 5144 McNASvc - ok
19:52:31.0092 5144 [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
19:52:31.0161 5144 McODS - ok
19:52:31.0303 5144 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:52:31.0305 5144 McProxy - ok
19:52:31.0445 5144 [ 9BBCECBE3FE5AF5958A770DC512D0473 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
19:52:31.0505 5144 McShield - ok
19:52:31.0561 5144 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:52:31.0609 5144 Mcx2Svc - ok
19:52:31.0634 5144 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:52:31.0646 5144 megasas - ok
19:52:31.0726 5144 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:52:31.0765 5144 MegaSR - ok
19:52:31.0967 5144 [ 2D53234C24B0103FDE0BE06782AA6F80 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
19:52:32.0046 5144 mfeapfk - ok
19:52:32.0204 5144 [ C0EAF4F2367C44157E1DE4817238FEC2 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
19:52:32.0272 5144 mfeavfk - ok
19:52:32.0308 5144 mfeavfk01 - ok
19:52:32.0379 5144 [ DD7B52227DA36F2718306C98E474B51B ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
19:52:32.0453 5144 mfebopk - ok
19:52:32.0544 5144 [ 05248F2E6E1AFA6972D058C36199DEB7 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
19:52:32.0604 5144 mfefire - ok
19:52:32.0652 5144 [ 6856931F9F5B757E9D09369CC35096B9 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
19:52:32.0716 5144 mfefirek - ok
19:52:32.0925 5144 [ 62E4C929A4DB48616B1B90143B48C948 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
19:52:33.0097 5144 mfehidk - ok
19:52:33.0134 5144 [ B5B96149BE124092F577DE54EC7D4D65 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
19:52:33.0203 5144 mferkdet - ok
19:52:33.0242 5144 [ 624D717B11E5004F68442B5740F17F21 ] mferkdk C:\Windows\system32\drivers\mferkdk.sys
19:52:33.0305 5144 mferkdk - ok
19:52:33.0370 5144 [ 0CD9DE7B96735F33F078C4EA044E8B34 ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys
19:52:33.0426 5144 mfesmfk - ok
19:52:33.0552 5144 [ DC5483CAD90D95D65B618E35C66E28DF ] mfevtp C:\Windows\system32\mfevtps.exe
19:52:33.0612 5144 mfevtp - ok
19:52:33.0726 5144 [ E18162EA85F1531964F8222CC9E25E26 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
19:52:33.0948 5144 mfewfpk - ok
19:52:34.0093 5144 Microsoft SharePoint Workspace Audit Service - ok
19:52:34.0125 5144 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:52:34.0131 5144 MMCSS - ok
19:52:34.0167 5144 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:52:34.0171 5144 Modem - ok
19:52:34.0232 5144 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:52:34.0239 5144 monitor - ok
19:52:34.0282 5144 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
19:52:34.0295 5144 mouclass - ok
19:52:34.0334 5144 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:52:34.0342 5144 mouhid - ok
19:52:34.0386 5144 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:52:34.0388 5144 mountmgr - ok
19:52:34.0674 5144 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:52:34.0759 5144 MozillaMaintenance - ok
19:52:34.0819 5144 [ DFED96E61756C67533BAE6B7D5F8CCA3 ] MPFP C:\Windows\system32\Drivers\Mpfp.sys
19:52:34.0900 5144 MPFP - ok
19:52:34.0951 5144 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:52:35.0026 5144 mpio - ok
19:52:35.0048 5144 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:52:35.0054 5144 mpsdrv - ok
19:52:35.0142 5144 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:52:35.0241 5144 MpsSvc - ok
19:52:35.0293 5144 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:52:35.0365 5144 MRxDAV - ok
19:52:35.0403 5144 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:52:35.0482 5144 mrxsmb - ok
19:52:35.0530 5144 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:52:35.0616 5144 mrxsmb10 - ok
19:52:35.0644 5144 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:52:35.0715 5144 mrxsmb20 - ok
19:52:35.0762 5144 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:52:35.0840 5144 msahci - ok
19:52:35.0892 5144 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:52:35.0973 5144 msdsm - ok
19:52:36.0181 5144 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:52:36.0189 5144 MSDTC - ok
19:52:36.0231 5144 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:52:36.0241 5144 Msfs - ok
19:52:36.0292 5144 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:52:36.0305 5144 mshidkmdf - ok
19:52:36.0344 5144 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:52:36.0351 5144 msisadrv - ok
19:52:36.0405 5144 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:52:36.0413 5144 MSiSCSI - ok
19:52:36.0417 5144 msiserver - ok
19:52:36.0576 5144 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:52:36.0581 5144 MSK80Service - ok
19:52:36.0633 5144 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:52:36.0649 5144 MSKSSRV - ok
19:52:36.0708 5144 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:52:36.0720 5144 MSPCLOCK - ok
19:52:36.0741 5144 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:52:36.0749 5144 MSPQM - ok
19:52:36.0788 5144 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:52:36.0861 5144 MsRPC - ok
19:52:36.0900 5144 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:52:36.0911 5144 mssmbios - ok
19:52:37.0023 5144 MSSQL$MSSMLBIZ - ok
19:52:37.0120 5144 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:52:37.0193 5144 MSSQLServerADHelper100 - ok
19:52:37.0236 5144 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:52:37.0246 5144 MSTEE - ok
19:52:37.0282 5144 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:52:37.0290 5144 MTConfig - ok
19:52:37.0314 5144 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:52:37.0325 5144 Mup - ok
19:52:37.0394 5144 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:52:37.0463 5144 napagent - ok
19:52:37.0546 5144 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:52:37.0562 5144 NativeWifiP - ok
19:52:37.0713 5144 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:52:37.0727 5144 NDIS - ok
19:52:37.0775 5144 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:52:37.0786 5144 NdisCap - ok
19:52:37.0810 5144 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:52:37.0814 5144 NdisTapi - ok
19:52:37.0841 5144 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:52:37.0906 5144 Ndisuio - ok
19:52:38.0296 5144 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:52:38.0358 5144 NdisWan - ok
19:52:38.0554 5144 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:52:38.0622 5144 NDProxy - ok
19:52:38.0703 5144 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:52:38.0760 5144 Net Driver HPZ12 - ok
19:52:38.0859 5144 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:52:38.0868 5144 NetBIOS - ok
19:52:38.0921 5144 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:52:38.0925 5144 NetBT - ok
19:52:38.0957 5144 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:52:38.0960 5144 Netlogon - ok
19:52:39.0089 5144 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:52:39.0107 5144 Netman - ok
19:52:39.0163 5144 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:52:39.0179 5144 netprofm - ok
19:52:39.0298 5144 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:52:39.0360 5144 NetTcpPortSharing - ok
19:52:39.0538 5144 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:52:39.0626 5144 nfrd960 - ok
19:52:39.0851 5144 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:52:39.0905 5144 NlaSvc - ok
19:52:39.0935 5144 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:52:39.0942 5144 Npfs - ok
19:52:39.0984 5144 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:52:39.0990 5144 nsi - ok
19:52:40.0022 5144 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:52:40.0023 5144 nsiproxy - ok
19:52:40.0243 5144 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:52:40.0563 5144 Ntfs - ok
19:52:40.0586 5144 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:52:40.0594 5144 Null - ok
19:52:40.0709 5144 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:52:40.0772 5144 nvraid - ok
19:52:40.0802 5144 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:52:40.0899 5144 nvstor - ok
19:52:40.0921 5144 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:52:40.0928 5144 nv_agp - ok
19:52:40.0979 5144 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:52:40.0993 5144 ohci1394 - ok
19:52:41.0088 5144 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:52:41.0173 5144 ose - ok
19:52:41.0799 5144 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:52:42.0288 5144 osppsvc - ok
19:52:42.0381 5144 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:52:42.0405 5144 p2pimsvc - ok
19:52:42.0567 5144 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:52:42.0625 5144 p2psvc - ok
19:52:42.0661 5144 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:52:42.0671 5144 Parport - ok
19:52:42.0733 5144 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:52:42.0818 5144 partmgr - ok
19:52:42.0854 5144 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:52:42.0862 5144 PcaSvc - ok
19:52:42.0972 5144 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:52:43.0052 5144 pci - ok
19:52:43.0108 5144 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:52:43.0122 5144 pciide - ok
19:52:43.0180 5144 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:52:43.0194 5144 pcmcia - ok
19:52:43.0216 5144 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:52:43.0222 5144 pcw - ok
19:52:43.0303 5144 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:52:43.0314 5144 PEAUTH - ok
19:52:43.0833 5144 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:52:43.0880 5144 PerfHost - ok
19:52:44.0023 5144 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:52:44.0237 5144 pla - ok
19:52:44.0719 5144 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:52:44.0908 5144 PlugPlay - ok
19:52:45.0244 5144 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:52:45.0300 5144 Pml Driver HPZ12 - ok
19:52:45.0391 5144 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:52:45.0403 5144 PNRPAutoReg - ok
19:52:45.0480 5144 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:52:45.0486 5144 PNRPsvc - ok
19:52:45.0588 5144 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:52:45.0863 5144 PolicyAgent - ok
19:52:45.0905 5144 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:52:45.0917 5144 Power - ok
19:52:45.0977 5144 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:52:46.0045 5144 PptpMiniport - ok
19:52:46.0088 5144 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:52:46.0094 5144 Processor - ok
19:52:46.0156 5144 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:52:46.0222 5144 ProfSvc - ok
19:52:46.0260 5144 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:52:46.0261 5144 ProtectedStorage - ok
19:52:46.0342 5144 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:52:46.0344 5144 Psched - ok
19:52:46.0519 5144 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
19:52:46.0599 5144 PxHlpa64 - ok
19:52:46.0813 5144 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:52:46.0957 5144 ql2300 - ok
19:52:46.0996 5144 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:52:47.0000 5144 ql40xx - ok
19:52:47.0049 5144 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:52:47.0063 5144 QWAVE - ok
19:52:47.0097 5144 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:52:47.0110 5144 QWAVEdrv - ok
19:52:47.0129 5144 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:52:47.0135 5144 RasAcd - ok
19:52:47.0339 5144 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:52:47.0344 5144 RasAgileVpn - ok
19:52:47.0380 5144 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:52:47.0388 5144 RasAuto - ok
19:52:47.0419 5144 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:52:47.0472 5144 Rasl2tp - ok
19:52:47.0491 5144 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:52:47.0538 5144 RasMan - ok
19:52:47.0573 5144 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:52:47.0579 5144 RasPppoe - ok
19:52:47.0596 5144 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:52:47.0603 5144 RasSstp - ok
19:52:47.0640 5144 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:52:47.0713 5144 rdbss - ok
19:52:47.0737 5144 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:52:47.0745 5144 rdpbus - ok
19:52:47.0766 5144 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:52:47.0767 5144 RDPCDD - ok
19:52:47.0802 5144 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:52:47.0803 5144 RDPENCDD - ok
19:52:47.0818 5144 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:52:47.0819 5144 RDPREFMP - ok
19:52:47.0864 5144 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:52:47.0920 5144 RdpVideoMiniport - ok
19:52:47.0955 5144 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:52:48.0015 5144 RDPWD - ok
19:52:48.0056 5144 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:52:48.0118 5144 rdyboost - ok
19:52:48.0154 5144 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:52:48.0167 5144 RemoteAccess - ok
19:52:48.0195 5144 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:52:48.0202 5144 RemoteRegistry - ok
19:52:48.0231 5144 [ 6FAF5B04BEDC66D300D9D233B2D222F0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
19:52:48.0305 5144 rimmptsk - ok
19:52:48.0327 5144 [ E20B1907FC72A3664ECE21E3C20FC63D ] rimspci C:\Windows\system32\DRIVERS\rimspe64.sys
19:52:48.0383 5144 rimspci - ok
19:52:48.0403 5144 [ 67F50C31713106FD1B0F286F86AA2B2E ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
19:52:48.0463 5144 rimsptsk - ok
19:52:48.0491 5144 RimUsb - ok
19:52:48.0517 5144 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
19:52:48.0575 5144 RimVSerPort - ok
19:52:48.0612 5144 [ A6DA2B0C8F5BB3F9F5423CFF8D6A02D9 ] risdpcie C:\Windows\system32\DRIVERS\risdpe64.sys
19:52:48.0668 5144 risdpcie - ok
19:52:48.0675 5144 [ 4D7EF3D46346EC4C58784DB964B365DE ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
19:52:48.0733 5144 rismxdp - ok
19:52:48.0772 5144 [ 6A1CD4674505E6791390A1AB71DA1FBE ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe64.sys
19:52:48.0828 5144 rixdpcie - ok
19:52:48.0852 5144 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
19:52:48.0861 5144 ROOTMODEM - ok
19:52:48.0882 5144 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:52:48.0895 5144 RpcEptMapper - ok
19:52:48.0919 5144 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:52:48.0930 5144 RpcLocator - ok
19:52:48.0976 5144 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:52:48.0985 5144 RpcSs - ok
19:52:49.0010 5144 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:52:49.0016 5144 rspndr - ok
19:52:49.0064 5144 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:52:49.0153 5144 RTL8167 - ok
19:52:49.0172 5144 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:52:49.0174 5144 SamSs - ok
19:52:49.0225 5144 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:52:49.0301 5144 sbp2port - ok
19:52:49.0324 5144 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:52:49.0333 5144 SCardSvr - ok
19:52:49.0356 5144 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:52:49.0417 5144 scfilter - ok
19:52:49.0450 5144 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:52:49.0555 5144 Schedule - ok
19:52:49.0590 5144 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:52:49.0591 5144 SCPolicySvc - ok
19:52:49.0628 5144 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:52:49.0681 5144 SDRSVC - ok
19:52:49.0754 5144 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:52:49.0847 5144 SeaPort - ok
19:52:49.0918 5144 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:52:49.0923 5144 secdrv - ok
19:52:49.0930 5144 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:52:49.0979 5144 seclogon - ok
19:52:50.0017 5144 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:52:50.0028 5144 SENS - ok
19:52:50.0045 5144 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:52:50.0052 5144 SensrSvc - ok
19:52:50.0064 5144 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:52:50.0070 5144 Serenum - ok
19:52:50.0077 5144 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:52:50.0081 5144 Serial - ok
19:52:50.0118 5144 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:52:50.0123 5144 sermouse - ok
19:52:50.0163 5144 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:52:50.0218 5144 SessionEnv - ok
19:52:50.0264 5144 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:52:50.0352 5144 sffdisk - ok
19:52:50.0369 5144 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:52:50.0378 5144 sffp_mmc - ok
19:52:50.0387 5144 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:52:50.0448 5144 sffp_sd - ok
19:52:50.0465 5144 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:52:50.0470 5144 sfloppy - ok
19:52:50.0569 5144 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
19:52:50.0786 5144 SftService - ok
19:52:50.0823 5144 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:52:50.0842 5144 SharedAccess - ok
19:52:50.0886 5144 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:52:50.0959 5144 ShellHWDetection - ok
19:52:50.0963 5144 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:52:50.0969 5144 SiSRaid2 - ok
19:52:50.0987 5144 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:52:50.0994 5144 SiSRaid4 - ok
19:52:51.0012 5144 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:52:51.0025 5144 Smb - ok
19:52:51.0057 5144 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:52:51.0066 5144 SNMPTRAP - ok
19:52:51.0159 5144 [ 9B24DCA429F819DB314F30EE4C6C80FD ] Sound Blaster X-Fi MB Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
19:52:51.0249 5144 Sound Blaster X-Fi MB Licensing Service - ok
19:52:51.0273 5144 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:52:51.0284 5144 spldr - ok
19:52:51.0327 5144 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:52:51.0407 5144 Spooler - ok
19:52:51.0633 5144 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:52:51.0654 5144 sppsvc - ok
19:52:51.0687 5144 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:52:51.0694 5144 sppuinotify - ok
19:52:51.0759 5144 [ A892134C28777978ECDE8283DC57AC0F ] SQLAgent$MSSMLBIZ C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE
19:52:51.0892 5144 SQLAgent$MSSMLBIZ - ok
19:52:51.0929 5144 [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:52:52.0008 5144 SQLBrowser - ok
19:52:52.0066 5144 [ F92E5F93BE572B512DA3C016B675EDE0 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:52:52.0130 5144 SQLWriter - ok
19:52:52.0166 5144 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:52:52.0222 5144 srv - ok
19:52:52.0281 5144 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:52:52.0397 5144 srv2 - ok
19:52:52.0445 5144 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:52:52.0514 5144 srvnet - ok
19:52:52.0668 5144 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:52:52.0681 5144 SSDPSRV - ok
19:52:52.0720 5144 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:52:52.0730 5144 SstpSvc - ok
19:52:52.0989 5144 [ 7AA12DB4BB2CB414C3525E1C02DA911F ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\STacSV64.exe
19:52:53.0057 5144 STacSV - ok
19:52:53.0105 5144 [ C48E0745D33897C7A73394214F2B9B4F ] stdflt C:\Windows\system32\DRIVERS\stdflt.sys
19:52:53.0176 5144 stdflt - ok
19:52:53.0204 5144 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:52:53.0208 5144 stexstor - ok
19:52:53.0255 5144 [ 2D7C3CA0FDB0F438671C89FA1804674F ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
19:52:53.0325 5144 STHDA - ok
19:52:53.0384 5144 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
19:52:53.0389 5144 StillCam - ok
19:52:53.0436 5144 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:52:53.0520 5144 stisvc - ok
19:52:53.0558 5144 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:52:53.0568 5144 swenum - ok
19:52:53.0613 5144 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:52:53.0652 5144 swprv - ok
19:52:53.0692 5144 [ 639B57DC871BE4B86283027FAF1F4E30 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:52:53.0752 5144 SynTP - ok
19:52:53.0873 5144 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:52:54.0091 5144 SysMain - ok
19:52:54.0122 5144 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:52:54.0174 5144 TabletInputService - ok
19:52:54.0250 5144 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:52:54.0341 5144 TapiSrv - ok
19:52:54.0401 5144 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:52:54.0407 5144 TBS - ok
19:52:54.0469 5144 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:52:55.0020 5144 Tcpip - ok
19:52:55.0841 5144 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:52:55.0853 5144 TCPIP6 - ok
19:52:55.0961 5144 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:52:56.0015 5144 tcpipreg - ok
19:52:56.0143 5144 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:52:56.0156 5144 TDPIPE - ok
19:52:56.0423 5144 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:52:56.0500 5144 TDTCP - ok
19:52:56.0537 5144 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:52:56.0593 5144 tdx - ok
19:52:56.0625 5144 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:52:56.0674 5144 TermDD - ok
19:52:56.0820 5144 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:52:56.0971 5144 TermService - ok
19:52:57.0061 5144 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:52:57.0074 5144 Themes - ok
19:52:57.0110 5144 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:52:57.0113 5144 THREADORDER - ok
19:52:57.0134 5144 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:52:57.0147 5144 TrkWks - ok
19:52:57.0211 5144 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:52:57.0213 5144 TrustedInstaller - ok
19:52:57.0252 5144 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:52:57.0335 5144 tssecsrv - ok
19:52:57.0421 5144 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:52:57.0507 5144 TsUsbFlt - ok
19:52:57.0561 5144 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:52:57.0634 5144 tunnel - ok
19:52:57.0687 5144 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:52:57.0699 5144 uagp35 - ok
19:52:57.0723 5144 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:52:57.0794 5144 udfs - ok
19:52:57.0825 5144 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:52:57.0832 5144 UI0Detect - ok
19:52:57.0850 5144 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:52:57.0860 5144 uliagpkx - ok
19:52:57.0905 5144 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:52:57.0983 5144 umbus - ok
19:52:58.0016 5144 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:52:58.0020 5144 UmPass - ok
19:52:58.0044 5144 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:52:58.0058 5144 upnphost - ok
19:52:58.0104 5144 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:52:58.0178 5144 USBAAPL64 - ok
19:52:58.0229 5144 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:52:58.0301 5144 usbccgp - ok
19:52:58.0334 5144 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:52:58.0417 5144 usbcir - ok
19:52:58.0456 5144 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:52:58.0520 5144 usbehci - ok
19:52:58.0554 5144 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:52:58.0630 5144 usbhub - ok
19:52:58.0681 5144 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:52:58.0754 5144 usbohci - ok
19:52:58.0785 5144 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:52:58.0793 5144 usbprint - ok
19:52:58.0840 5144 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:52:58.0846 5144 usbscan - ok
19:52:58.0871 5144 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:52:58.0934 5144 USBSTOR - ok
19:52:58.0959 5144 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:52:59.0014 5144 usbuhci - ok
19:52:59.0056 5144 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:52:59.0136 5144 usbvideo - ok
19:52:59.0166 5144 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:52:59.0171 5144 UxSms - ok
19:52:59.0187 5144 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:52:59.0189 5144 VaultSvc - ok
19:52:59.0210 5144 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:52:59.0217 5144 vdrvroot - ok
19:52:59.0267 5144 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:52:59.0357 5144 vds - ok
19:52:59.0389 5144 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:52:59.0394 5144 vga - ok
19:52:59.0407 5144 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:52:59.0416 5144 VgaSave - ok
19:52:59.0444 5144 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:52:59.0525 5144 vhdmp - ok
19:52:59.0544 5144 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:52:59.0550 5144 viaide - ok
19:52:59.0567 5144 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:52:59.0627 5144 volmgr - ok
19:52:59.0695 5144 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:52:59.0700 5144 volmgrx - ok
19:52:59.0762 5144 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:52:59.0863 5144 volsnap - ok
19:52:59.0884 5144 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:52:59.0893 5144 vsmraid - ok
19:52:59.0965 5144 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:53:00.0114 5144 VSS - ok
19:53:00.0130 5144 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:53:00.0133 5144 vwifibus - ok
19:53:00.0159 5144 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:53:00.0170 5144 vwififlt - ok
19:53:00.0191 5144 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:53:00.0200 5144 vwifimp - ok
19:53:00.0283 5144 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:53:00.0334 5144 W32Time - ok
19:53:00.0349 5144 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:53:00.0362 5144 WacomPen - ok
19:53:00.0472 5144 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:53:00.0543 5144 WANARP - ok
19:53:00.0557 5144 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:53:00.0558 5144 Wanarpv6 - ok
19:53:00.0789 5144 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:53:01.0223 5144 WatAdminSvc - ok
19:53:01.0330 5144 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:53:01.0473 5144 wbengine - ok
19:53:01.0503 5144 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:53:01.0513 5144 WbioSrvc - ok
19:53:01.0552 5144 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:53:01.0617 5144 wcncsvc - ok
19:53:01.0688 5144 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:53:01.0695 5144 WcsPlugInService - ok
19:53:01.0763 5144 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:53:01.0773 5144 Wd - ok
19:53:01.0868 5144 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:53:02.0001 5144 Wdf01000 - ok
19:53:02.0035 5144 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:53:02.0043 5144 WdiServiceHost - ok
19:53:02.0048 5144 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:53:02.0051 5144 WdiSystemHost - ok
19:53:02.0105 5144 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:53:02.0158 5144 WebClient - ok
19:53:02.0200 5144 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:53:02.0211 5144 Wecsvc - ok
19:53:02.0236 5144 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:53:02.0243 5144 wercplsupport - ok
19:53:02.0390 5144 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:53:02.0432 5144 WerSvc - ok
19:53:02.0540 5144 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:53:02.0545 5144 WfpLwf - ok
19:53:02.0647 5144 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
19:53:02.0721 5144 WimFltr - ok
19:53:02.0761 5144 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:53:02.0798 5144 WIMMount - ok
19:53:02.0823 5144 WinDefend - ok
19:53:02.0834 5144 WinHttpAutoProxySvc - ok
19:53:03.0081 5144 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:53:03.0121 5144 Winmgmt - ok
19:53:03.0220 5144 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:53:03.0354 5144 WinRM - ok
19:53:03.0413 5144 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:53:03.0489 5144 WinUsb - ok
19:53:03.0594 5144 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:53:03.0737 5144 Wlansvc - ok
19:53:03.0820 5144 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:53:03.0886 5144 wlcrasvc - ok
19:53:04.0000 5144 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:53:04.0177 5144 wlidsvc - ok
19:53:04.0228 5144 [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
19:53:04.0301 5144 wltrysvc - ok
19:53:04.0352 5144 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:53:04.0360 5144 WmiAcpi - ok
19:53:04.0407 5144 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:53:04.0423 5144 wmiApSrv - ok
19:53:04.0505 5144 WMPNetworkSvc - ok
19:53:04.0571 5144 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:53:04.0586 5144 WPCSvc - ok
19:53:04.0635 5144 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:53:04.0680 5144 WPDBusEnum - ok
19:53:04.0740 5144 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:53:04.0748 5144 ws2ifsl - ok
19:53:04.0784 5144 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:53:04.0789 5144 wscsvc - ok
19:53:04.0792 5144 WSearch - ok
19:53:04.0977 5144 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:53:04.0992 5144 wuauserv - ok
19:53:05.0089 5144 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:53:05.0173 5144 WudfPf - ok
19:53:05.0218 5144 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:53:05.0278 5144 WUDFRd - ok
19:53:05.0314 5144 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:53:05.0361 5144 wudfsvc - ok
19:53:05.0420 5144 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:53:05.0439 5144 WwanSvc - ok
19:53:05.0480 5144 ================ Scan global ===============================
19:53:05.0510 5144 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:53:05.0560 5144 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
19:53:05.0619 5144 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
19:53:05.0646 5144 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:53:05.0671 5144 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:53:05.0684 5144 [Global] - ok
19:53:05.0684 5144 ================ Scan MBR ==================================
19:53:05.0697 5144 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:53:07.0558 5144 \Device\Harddisk0\DR0 - ok
19:53:07.0559 5144 ================ Scan VBR ==================================
19:53:07.0570 5144 [ F80BA36281B72AE08C1E05F0B21BA570 ] \Device\Harddisk0\DR0\Partition1
19:53:07.0573 5144 \Device\Harddisk0\DR0\Partition1 - ok
19:53:07.0587 5144 [ 3FC1FE9CDCAEB99286666FBFB940C826 ] \Device\Harddisk0\DR0\Partition2
19:53:07.0596 5144 \Device\Harddisk0\DR0\Partition2 - ok
19:53:07.0597 5144 ============================================================
19:53:07.0597 5144 Scan finished
19:53:07.0597 5144 ============================================================
19:53:07.0617 4436 Detected object count: 0
19:53:07.0617 4436 Actual detected object count: 0

#4 debrasusan

debrasusan
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 03 February 2013 - 01:21 AM

ESET online scanner
No LIST of found threats

The scan ran for over two hours and did not find any threats. Working on last scan now.

#5 debrasusan

debrasusan
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 03 February 2013 - 12:22 PM

aswMBR cannot complete on my computer. I tried running it in safe mode with networking and I still get the following message.
avast! Antirookit has stopped working

A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available.

Here is the log I got before it stopped running.

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-02 19:56:26
-----------------------------
19:56:26.893 OS Version: Windows x64 6.1.7601 Service Pack 1
19:56:26.893 Number of processors: 4 586 0x2502
19:56:26.894 ComputerName: DEBRASUSAN-PC UserName: Debrasusan
19:56:39.791 Initialize success
19:58:07.841 AVAST engine defs: 13020201
19:58:38.253 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:58:38.256 Disk 0 Vendor: ST9320423AS 0004SDM1 Size: 305245MB BusType: 11
19:58:38.273 Disk 0 MBR read successfully
19:58:38.275 Disk 0 MBR scan
19:58:38.280 Disk 0 Windows VISTA default MBR code
19:58:38.283 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
19:58:38.289 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
19:58:38.306 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290205 MB offset 30800325
19:58:38.337 Disk 0 scanning C:\Windows\system32\drivers
19:59:03.769 Service scanning
19:59:38.175 Modules scanning
19:59:38.191 Disk 0 trace - called modules:
19:59:38.227 ntoskrnl.exe CLASSPNP.SYS disk.sys stdflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
19:59:38.239 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005221060]
19:59:38.250 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa80050adb20]
19:59:38.256 5 stdflt.sys[fffff88001b1ea4a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004f21680]
19:59:42.093 AVAST engine scan C:\Windows
19:59:45.707 AVAST engine scan C:\Windows\system32
20:10:41.892 AVAST engine scan C:\Windows\system32\drivers
20:10:59.184 AVAST engine scan C:\Users\Debrasusan
20:21:48.125 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
20:21:48.142 The log file has been saved successfully to "C:\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-03 09:35:44
-----------------------------
09:35:44.366 OS Version: Windows x64 6.1.7601 Service Pack 1
09:35:44.366 Number of processors: 4 586 0x2502
09:35:44.368 ComputerName: DEBRASUSAN-PC UserName: Debrasusan
09:35:53.180 Initialize success
09:36:05.890 AVAST engine defs: 13020201
09:36:12.631 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:36:12.634 Disk 0 Vendor: ST9320423AS 0004SDM1 Size: 305245MB BusType: 11
09:36:12.661 Disk 0 MBR read successfully
09:36:12.664 Disk 0 MBR scan
09:36:12.670 Disk 0 Windows VISTA default MBR code
09:36:12.673 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:36:12.696 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
09:36:12.722 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290205 MB offset 30800325
09:36:12.764 Disk 0 scanning C:\Windows\system32\drivers
09:36:38.563 Service scanning
09:37:22.956 Modules scanning
09:37:22.957 Disk 0 trace - called modules:
09:37:22.974 ntoskrnl.exe CLASSPNP.SYS disk.sys stdflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
09:37:22.976 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80051b7060]
09:37:22.978 3 CLASSPNP.SYS[fffff88001bc843f] -> nt!IofCallDriver -> [0xfffffa80050a8b20]
09:37:22.978 5 stdflt.sys[fffff88001b13a4a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004f35060]
09:37:30.461 AVAST engine scan C:\Windows
09:37:33.852 AVAST engine scan C:\Windows\system32
09:47:51.872 AVAST engine scan C:\Windows\system32\drivers
09:48:14.212 AVAST engine scan C:\Users\Debrasusan
10:10:29.563 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:10:29.598 The log file has been saved successfully to "C:\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-03 09:35:44
-----------------------------
09:35:44.366 OS Version: Windows x64 6.1.7601 Service Pack 1
09:35:44.366 Number of processors: 4 586 0x2502
09:35:44.368 ComputerName: DEBRASUSAN-PC UserName: Debrasusan
09:35:53.180 Initialize success
09:36:05.890 AVAST engine defs: 13020201
09:36:12.631 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:36:12.634 Disk 0 Vendor: ST9320423AS 0004SDM1 Size: 305245MB BusType: 11
09:36:12.661 Disk 0 MBR read successfully
09:36:12.664 Disk 0 MBR scan
09:36:12.670 Disk 0 Windows VISTA default MBR code
09:36:12.673 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:36:12.696 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
09:36:12.722 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290205 MB offset 30800325
09:36:12.764 Disk 0 scanning C:\Windows\system32\drivers
09:36:38.563 Service scanning
09:37:22.956 Modules scanning
09:37:22.957 Disk 0 trace - called modules:
09:37:22.974 ntoskrnl.exe CLASSPNP.SYS disk.sys stdflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
09:37:22.976 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80051b7060]
09:37:22.978 3 CLASSPNP.SYS[fffff88001bc843f] -> nt!IofCallDriver -> [0xfffffa80050a8b20]
09:37:22.978 5 stdflt.sys[fffff88001b13a4a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004f35060]
09:37:30.461 AVAST engine scan C:\Windows
09:37:33.852 AVAST engine scan C:\Windows\system32
09:47:51.872 AVAST engine scan C:\Windows\system32\drivers
09:48:14.212 AVAST engine scan C:\Users\Debrasusan
10:10:29.563 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:10:29.598 The log file has been saved successfully to "C:\aswMBR.txt"
10:10:57.268 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:10:57.276 The log file has been saved successfully to "C:\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-03 09:35:44
-----------------------------
09:35:44.366 OS Version: Windows x64 6.1.7601 Service Pack 1
09:35:44.366 Number of processors: 4 586 0x2502
09:35:44.368 ComputerName: DEBRASUSAN-PC UserName: Debrasusan
09:35:53.180 Initialize success
09:36:05.890 AVAST engine defs: 13020201
09:36:12.631 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:36:12.634 Disk 0 Vendor: ST9320423AS 0004SDM1 Size: 305245MB BusType: 11
09:36:12.661 Disk 0 MBR read successfully
09:36:12.664 Disk 0 MBR scan
09:36:12.670 Disk 0 Windows VISTA default MBR code
09:36:12.673 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:36:12.696 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
09:36:12.722 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290205 MB offset 30800325
09:36:12.764 Disk 0 scanning C:\Windows\system32\drivers
09:36:38.563 Service scanning
09:37:22.956 Modules scanning
09:37:22.957 Disk 0 trace - called modules:
09:37:22.974 ntoskrnl.exe CLASSPNP.SYS disk.sys stdflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
09:37:22.976 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80051b7060]
09:37:22.978 3 CLASSPNP.SYS[fffff88001bc843f] -> nt!IofCallDriver -> [0xfffffa80050a8b20]
09:37:22.978 5 stdflt.sys[fffff88001b13a4a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004f35060]
09:37:30.461 AVAST engine scan C:\Windows
09:37:33.852 AVAST engine scan C:\Windows\system32
09:47:51.872 AVAST engine scan C:\Windows\system32\drivers
09:48:14.212 AVAST engine scan C:\Users\Debrasusan
10:10:29.563 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:10:29.598 The log file has been saved successfully to "C:\aswMBR.txt"
10:10:57.268 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:10:57.276 The log file has been saved successfully to "C:\aswMBR.txt"
10:11:36.395 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:11:36.406 The log file has been saved successfully to "C:\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-03 09:35:44
-----------------------------
09:35:44.366 OS Version: Windows x64 6.1.7601 Service Pack 1
09:35:44.366 Number of processors: 4 586 0x2502
09:35:44.368 ComputerName: DEBRASUSAN-PC UserName: Debrasusan
09:35:53.180 Initialize success
09:36:05.890 AVAST engine defs: 13020201
09:36:12.631 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:36:12.634 Disk 0 Vendor: ST9320423AS 0004SDM1 Size: 305245MB BusType: 11
09:36:12.661 Disk 0 MBR read successfully
09:36:12.664 Disk 0 MBR scan
09:36:12.670 Disk 0 Windows VISTA default MBR code
09:36:12.673 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:36:12.696 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
09:36:12.722 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290205 MB offset 30800325
09:36:12.764 Disk 0 scanning C:\Windows\system32\drivers
09:36:38.563 Service scanning
09:37:22.956 Modules scanning
09:37:22.957 Disk 0 trace - called modules:
09:37:22.974 ntoskrnl.exe CLASSPNP.SYS disk.sys stdflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
09:37:22.976 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80051b7060]
09:37:22.978 3 CLASSPNP.SYS[fffff88001bc843f] -> nt!IofCallDriver -> [0xfffffa80050a8b20]
09:37:22.978 5 stdflt.sys[fffff88001b13a4a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004f35060]
09:37:30.461 AVAST engine scan C:\Windows
09:37:33.852 AVAST engine scan C:\Windows\system32
09:47:51.872 AVAST engine scan C:\Windows\system32\drivers
09:48:14.212 AVAST engine scan C:\Users\Debrasusan
10:10:29.563 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:10:29.598 The log file has been saved successfully to "C:\aswMBR.txt"
10:10:57.268 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:10:57.276 The log file has been saved successfully to "C:\aswMBR.txt"
10:11:36.395 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:11:36.406 The log file has been saved successfully to "C:\aswMBR.txt"
10:12:11.137 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:12:11.147 The log file has been saved successfully to "C:\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-03 09:35:44
-----------------------------
09:35:44.366 OS Version: Windows x64 6.1.7601 Service Pack 1
09:35:44.366 Number of processors: 4 586 0x2502
09:35:44.368 ComputerName: DEBRASUSAN-PC UserName: Debrasusan
09:35:53.180 Initialize success
09:36:05.890 AVAST engine defs: 13020201
09:36:12.631 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:36:12.634 Disk 0 Vendor: ST9320423AS 0004SDM1 Size: 305245MB BusType: 11
09:36:12.661 Disk 0 MBR read successfully
09:36:12.664 Disk 0 MBR scan
09:36:12.670 Disk 0 Windows VISTA default MBR code
09:36:12.673 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:36:12.696 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
09:36:12.722 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290205 MB offset 30800325
09:36:12.764 Disk 0 scanning C:\Windows\system32\drivers
09:36:38.563 Service scanning
09:37:22.956 Modules scanning
09:37:22.957 Disk 0 trace - called modules:
09:37:22.974 ntoskrnl.exe CLASSPNP.SYS disk.sys stdflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
09:37:22.976 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80051b7060]
09:37:22.978 3 CLASSPNP.SYS[fffff88001bc843f] -> nt!IofCallDriver -> [0xfffffa80050a8b20]
09:37:22.978 5 stdflt.sys[fffff88001b13a4a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004f35060]
09:37:30.461 AVAST engine scan C:\Windows
09:37:33.852 AVAST engine scan C:\Windows\system32
09:47:51.872 AVAST engine scan C:\Windows\system32\drivers
09:48:14.212 AVAST engine scan C:\Users\Debrasusan
10:10:29.563 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:10:29.598 The log file has been saved successfully to "C:\aswMBR.txt"
10:10:57.268 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:10:57.276 The log file has been saved successfully to "C:\aswMBR.txt"
10:11:36.395 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:11:36.406 The log file has been saved successfully to "C:\aswMBR.txt"
10:12:11.137 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:12:11.147 The log file has been saved successfully to "C:\aswMBR.txt"
10:12:57.315 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:12:57.325 The log file has been saved successfully to "C:\aswMBR.txt"



from the MBR.dat file
3ÀŽÐ¼ |ŽÀŽØ¾ |¿ ¹ üó¤PhËû¹ ½¾€~ | …ƒÅâñ͈V UÆFÆF ´A»ªUÍ]rûUªu ÷Á tþFf`€~ t&fh fÿvh h |h h ´BŠV ‹ôÍŸƒÄžë¸» |ŠV ŠvŠNŠnÍfasþN… €~ €„Š ²€ë‚U2äŠV Í]ëœ>þ}Uªunÿv èŠ … °Ñædè °ßæ`èx °ÿædèq ¸ »Íf#Àu;fûTCPAu2ùr,fh» fh  fh fSfSfUfh fh | fah ÍZ2öê | Í ·ë ¶ë µ2ä ‹ð¬< tü» ´Íëò+Éädë $àø$ÃInvalid partition table Error loading operating system Missing operating system bz™¹’*Š  Þþ?? †9 € þÿÿÅ9 ÀÔ þÿÿþÿÿÅùÕëèl# Uª

Edited by debrasusan, 03 February 2013 - 12:22 PM.


#6 debrasusan

debrasusan
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 03 February 2013 - 12:23 PM

So what now?

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:47 AM

Posted 03 February 2013 - 01:52 PM

ESET log?

#8 debrasusan

debrasusan
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 04 February 2013 - 12:09 AM

There was no log.
No LIST of found threats

The scan ran for over two hours and did not find any threats

Do you want me to run it again?

#9 debrasusan

debrasusan
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 04 February 2013 - 12:22 AM

From yesterday. Running it again as well.
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6889
# api_version=3.0.2
# EOSSerial=220422ceb5d0ed4cb939aac52d956153
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-02-03 06:14:33
# local_time=2013-02-02 11:14:33 (-0700, Mountain Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5122 16777213 100 90 0 107704269 0 0
# compatibility_mode=5893 16776573 100 94 0 111415523 0 0
# scanned=286244
# found=0
# cleaned=0
# scan_time=9238
ESETSmartInstaller@High as downloader log:
all ok

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:47 AM

Posted 04 February 2013 - 07:09 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

Edited by narenxp, 04 February 2013 - 09:17 PM.


#11 debrasusan

debrasusan
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 04 February 2013 - 08:53 PM

This is from the ESET scan I ran this morning. But I will continue with the above as well.

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Users\Debrasusan\AppData\Local\Temp\setup.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Users\Debrasusan\Documents\Seagate Backup\DEBRASUSAN-PC\C\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Users\Debrasusan\Documents\Seagate Backup\DEBRASUSAN-PC\C\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined

Do I delete the quarantined files?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:47 AM

Posted 04 February 2013 - 09:17 PM

Not needed.

Move to next scan

#13 debrasusan

debrasusan
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 04 February 2013 - 09:18 PM

ESET Log from 2/4/2013.
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6889
# api_version=3.0.2
# EOSSerial=220422ceb5d0ed4cb939aac52d956153
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-02-03 06:14:33
# local_time=2013-02-02 11:14:33 (-0700, Mountain Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5122 16777213 100 90 0 107704269 0 0
# compatibility_mode=5893 16776573 100 94 0 111415523 0 0
# scanned=286244
# found=0
# cleaned=0
# scan_time=9238
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6889
# api_version=3.0.2
# EOSSerial=220422ceb5d0ed4cb939aac52d956153
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-02-04 03:55:25
# local_time=2013-02-04 08:55:25 (-0700, Mountain Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5122 16777213 100 90 0 107825521 0 0
# compatibility_mode=5893 16776573 100 94 0 111536775 0 0
# scanned=290525
# found=5
# cleaned=5
# scan_time=38599
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application (cleaned by deleting - quarantined) 3963D8A5B82F5DD540BB1DDEE8BA5B8D9098C549 C
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application (cleaned by deleting - quarantined) BD3C685B5F9C5FDDBCF46DAF1C89E094C69F87B0 C
C:\Users\Debrasusan\AppData\Local\Temp\setup.exe a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined) 4C7EE04176DA399A5A80402FBBCCBA8C58E5F383 C
C:\Users\Debrasusan\Documents\Seagate Backup\DEBRASUSAN-PC\C\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application (cleaned by deleting - quarantined) 41C99D9CBEF02CD1445CC51D0EAACC9417671F16 C
C:\Users\Debrasusan\Documents\Seagate Backup\DEBRASUSAN-PC\C\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application (cleaned by deleting - quarantined) 7FAEB0EB32349D06F9CE188F9683A27DF27DEB21 C

#14 debrasusan

debrasusan
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 04 February 2013 - 09:21 PM

What is not needed?

Currently running scans.

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:47 AM

Posted 04 February 2013 - 09:23 PM

Do not delete the Quarantined items.They are not malicious.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users