Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think I have been DNS hijacked


  • Please log in to reply
17 replies to this topic

#1 mudbunny

mudbunny

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 23 April 2013 - 10:31 PM

A subscription service I am wanting to try out involves me using their DNS addresses as opposed to having one assigned to me automatically.

 

I followed their instructions carefully (See http://support.unblock-us.com/customer/portal/articles/291524) and was told by their support staff that my DNS has been hijacked and thus, I cannot use their service until I resolve this hijacking.

 

I ran MalwareBytes as a starting point and it found and removed a couple of files. (I have the log and can post it in the appropriate location if asked) I then ran a full Microsoft Security Essentials can on my PC with the most up-to-date data, and it came back as clean.

 

Despite this, the service still does not work.

 

I do not know if this is related, but every now and then, and I have been noticing this for about a month or so, I will try to get to a webpage that I *know* is functioning (like GMail), and all of the browsers on my PC tell me that it is not reachable. I do not remember the exact wording of the error, it happens infrequently enough that the last time was about 2 or 3 weeks ago, so I do not recall what the wording of the error is.

 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 67,796 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:42 AM

Posted 23 April 2013 - 10:56 PM

Hello mudbunny
Please do these next and we will see what is going on.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:

Link 1
Link 2
Link 3
Link 4

•In order for Rkill to run properly you must disable your anti-malware software. Please refer to this page if you are not sure how.
•Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)?Note: You may have to run Rkill a few times before it is successful. You may also have to download Rkill from a different link which will save it as a different file name.

•A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
•An Rkill.log will appear. Please copy and paste the contents in your reply (file also located at c:\rkill.log)
•Do not reboot your computer after running Rkill as the malware programs will start again. If your computer reboots, run Rkill again before continuing on to the next step.
•If nothing happens or if the tool does not run, please let me know in your next reply.

>>>>>


Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 mudbunny

mudbunny
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 23 April 2013 - 11:22 PM

I ran all of the programs above and had no problems. Here are the log files. I am not sure of the character limit for each post, so I will be putting each logfile in a separate entry.

 

MiniToolbox:

 

 

MiniToolBox by Farbar  Version:21-04-2013
Ran by Marcel (administrator) on 24-04-2013 at 00:04:19
Running from "C:\Users\Marcel\Downloads"
Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Marcel-Netbook
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
   Physical Address. . . . . . . . . : 00-26-4D-39-58-6E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::11c0:a2d5:d5f9:a8f6%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.104(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, April 23, 2013 10:53:36 PM
   Lease Expires . . . . . . . . . . : Wednesday, April 24, 2013 11:11:42 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
   Physical Address. . . . . . . . . : 70-5A-B6-74-2A-FB
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{25E38415-7AFC-4CB9-8A90-8DE844F76A07}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2ce0:3c91:39ab:79f(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::2ce0:3c91:39ab:79f%13(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{30C568D8-D429-4CCE-97DE-57F82F509A3C}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dlinkrouter
Address:  192.168.0.1
 
Name:    google.com
Addresses:  2607:f8b0:400b:807::1000
 173.194.43.99
 173.194.43.105
 173.194.43.101
 173.194.43.110
 173.194.43.100
 173.194.43.104
 173.194.43.103
 173.194.43.102
 173.194.43.96
 173.194.43.98
 173.194.43.97
 
 
Pinging google.com [173.194.43.97] with 32 bytes of data:
Reply from 173.194.43.97: bytes=32 time=31ms TTL=54
Reply from 173.194.43.97: bytes=32 time=30ms TTL=54
 
Ping statistics for 173.194.43.97:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 30ms, Maximum = 31ms, Average = 30ms
Server:  dlinkrouter
Address:  192.168.0.1
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=176ms TTL=49
Reply from 98.138.253.109: bytes=32 time=218ms TTL=49
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 176ms, Maximum = 218ms, Average = 197ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...00 26 4d 39 58 6e ......Atheros AR9285 Wireless Network Adapter
 11...70 5a b6 74 2a fb ......Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.104     26
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.104    281
    192.168.0.104  255.255.255.255         On-link     192.168.0.104    281
    192.168.0.255  255.255.255.255         On-link     192.168.0.104    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.104    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.104    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:4137:9e76:2ce0:3c91:39ab:79f/128
                                    On-link
 13    306 fe80::/64                On-link
 12    281 fe80::/64                On-link
 12    281 fe80::11c0:a2d5:d5f9:a8f6/128
                                    On-link
 13    306 fe80::2ce0:3c91:39ab:79f/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/23/2013 11:36:54 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003
 
Error: (04/23/2013 10:55:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/23/2013 09:59:08 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
 
Error: (04/23/2013 09:59:08 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
 
Error: (04/23/2013 09:59:08 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
 
Error: (04/23/2013 09:59:08 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
 
Error: (04/23/2013 09:59:08 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
 
Error: (04/23/2013 09:59:08 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
 
Error: (04/23/2013 09:59:08 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
 
Error: (04/23/2013 09:59:08 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
 
 
System errors:
=============
Error: (04/23/2013 10:53:30 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:51:37 PM on ?4/?23/?2013 was unexpected.
 
Error: (04/23/2013 10:42:48 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (04/23/2013 10:31:51 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (04/21/2013 09:00:22 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer JCP
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{25E38415-7AFC-4CB9-8A90-8DE844F76A07}.
The master browser is stopping or an election is being forced.
 
Error: (04/20/2013 11:08:11 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:05:14 PM on ?4/?20/?2013 was unexpected.
 
Error: (04/20/2013 10:11:00 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:09:30 PM on ?4/?20/?2013 was unexpected.
 
Error: (04/15/2013 00:06:19 AM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (04/15/2013 00:06:19 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (04/03/2013 09:03:34 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:02:22 PM on ?4/?3/?2013 was unexpected.
 
Error: (04/03/2013 09:01:19 PM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
 
Microsoft Office Sessions:
=========================
Error: (04/23/2013 11:36:54 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003 
mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
 
Error: (04/23/2013 10:55:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/23/2013 09:59:08 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
 
Error: (04/23/2013 09:59:08 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
 
Error: (04/23/2013 09:59:08 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
 
Error: (04/23/2013 09:59:08 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
 
Error: (04/23/2013 09:59:08 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
 
Error: (04/23/2013 09:59:08 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
 
Error: (04/23/2013 09:59:08 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
 
Error: (04/23/2013 09:59:08 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-02-15 17:38:11.001
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ShortKeys 3\shkhook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-15 17:38:10.820
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ShortKeys 3\shkhook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-13 18:32:55.031
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ShortKeys 3\shkhook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-13 18:32:54.664
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ShortKeys 3\shkhook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-13 18:31:11.839
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ShortKeys 3\shkhook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-13 18:31:11.616
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ShortKeys 3\shkhook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-12 16:26:20.181
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ShortKeys 3\shkhook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-12 16:26:20.006
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ShortKeys 3\shkhook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-12 16:24:40.783
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ShortKeys 3\shkhook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-12 16:24:40.668
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ShortKeys 3\shkhook.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.2.2.28500)
Adobe Digital Editions 2.0 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.169)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Reader X (10.1.6) (Version: 10.1.6)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Audacity 2.0.2 (Version: 2.0.2)
Bonjour (Version: 3.0.0.10)
calibre (Version: 0.8.70)
EPSON Scan
EPSON WorkForce 845 Series Printer Uninstall
FTL: Faster Than Light
Google Chrome (Version: 26.0.1410.64)
Google Drive (Version: 1.8.4357.4863)
Google Update Helper (Version: 1.3.21.135)
HandBrake 0.9.8 (Version: 0.9.8)
iCloud (Version: 2.1.2.8)
Intel® Graphics Media Accelerator Driver (Version: 8.14.10.2117)
iTunes (Version: 11.0.2.26)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Kobo (Version: 3.2.0)
LAME v3.99.3 (for Windows)
LastPass (uninstall only)
LibreOffice 3.6 (Version: 3.6.1.2)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MetroTwit (Version: 1.0.1.0)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Mouse and Keyboard Center (Version: 2.0.162.0)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
OpenAL
Planescape Torment (Version: 2.0.0.8)
QuickTime (Version: 7.73.80.64)
Realtek High Definition Audio Driver (Version: 6.0.1.6088)
ShortKeys 3 (Version: 3.2.2.1)
Skype™ 6.3 (Version: 6.3.105)
Star Wars: Knights of the Old Republic
Steam (Version: 1.0.0.0)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
System Requirements Lab CYRI (Version: 5.0.6.0)
System Shock 2 (Version: 2.0.0.9)
TOSHIBA Web Camera Application (Version: 1.1.1.16)
VLC media player 2.0.4 (Version: 2.0.4)
Vuze (Version: 4.7)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
Xilisoft Download YouTube Video (Version: 3.3.3.20120810)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 48%
Total physical RAM: 2037.42 MB
Available physical RAM: 1040.16 MB
Total Pagefile: 4074.84 MB
Available Pagefile: 2739.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1940.16 MB
 
========================= Partitions: =====================================
 
1 Drive c: (S3A9014D003) (Fixed) (Total:210.8 GB) (Free:44.24 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\MARCEL-NETBOOK
 
Administrator            Guest                    Marcel                   
 
 
**** End of log ****


RKill results log

 

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 04/24/2013 12:08:46 AM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 04/24/2013 12:09:13 AM
Execution time: 0 hours(s), 0 minute(s), and 27 seconds(s)


#4 mudbunny

mudbunny
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 23 April 2013 - 11:24 PM

TDSSkiller log

 

 

00:10:00.0466 4000  TDSS rootkit removing tool 2.8.17.0 Apr 11 2013 11:56:34
00:10:01.0370 4000  ============================================================
00:10:01.0370 4000  Current date / time: 2013/04/24 00:10:01.0370
00:10:01.0371 4000  SystemInfo:
00:10:01.0371 4000  
00:10:01.0371 4000  OS Version: 6.1.7601 ServicePack: 1.0
00:10:01.0371 4000  Product type: Workstation
00:10:01.0371 4000  ComputerName: MARCEL-NETBOOK
00:10:01.0372 4000  UserName: Marcel
00:10:01.0372 4000  Windows directory: C:\Windows
00:10:01.0372 4000  System windows directory: C:\Windows
00:10:01.0372 4000  Processor architecture: Intel x86
00:10:01.0372 4000  Number of processors: 2
00:10:01.0372 4000  Page size: 0x1000
00:10:01.0372 4000  Boot type: Normal boot
00:10:01.0372 4000  ============================================================
00:10:05.0225 4000  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:10:05.0611 4000  ============================================================
00:10:05.0611 4000  \Device\Harddisk0\DR0:
00:10:05.0611 4000  MBR partitions:
00:10:05.0611 4000  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1A59C000
00:10:05.0611 4000  ============================================================
00:10:05.0681 4000  C: <-> \Device\Harddisk0\DR0\Partition1
00:10:05.0681 4000  ============================================================
00:10:05.0682 4000  Initialize success
00:10:05.0682 4000  ============================================================
00:10:17.0331 0280  ============================================================
00:10:17.0332 0280  Scan started
00:10:17.0332 0280  Mode: Manual; TDLFS; 
00:10:17.0332 0280  ============================================================
00:10:18.0326 0280  ================ Scan system memory ========================
00:10:18.0326 0280  System memory - ok
00:10:18.0333 0280  ================ Scan services =============================
00:10:18.0611 0280  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
00:10:18.0617 0280  1394ohci - ok
00:10:18.0671 0280  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
00:10:18.0679 0280  ACPI - ok
00:10:18.0741 0280  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
00:10:18.0744 0280  AcpiPmi - ok
00:10:18.0903 0280  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
00:10:18.0906 0280  AdobeARMservice - ok
00:10:18.0970 0280  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
00:10:18.0979 0280  adp94xx - ok
00:10:19.0034 0280  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
00:10:19.0041 0280  adpahci - ok
00:10:19.0094 0280  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
00:10:19.0099 0280  adpu320 - ok
00:10:19.0167 0280  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
00:10:19.0170 0280  AeLookupSvc - ok
00:10:19.0252 0280  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
00:10:19.0258 0280  AFD - ok
00:10:19.0321 0280  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
00:10:19.0323 0280  agp440 - ok
00:10:19.0375 0280  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
00:10:19.0379 0280  aic78xx - ok
00:10:19.0466 0280  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
00:10:19.0470 0280  ALG - ok
00:10:19.0541 0280  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
00:10:19.0543 0280  aliide - ok
00:10:19.0592 0280  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
00:10:19.0596 0280  amdagp - ok
00:10:19.0628 0280  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
00:10:19.0631 0280  amdide - ok
00:10:19.0660 0280  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
00:10:19.0664 0280  AmdK8 - ok
00:10:19.0717 0280  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
00:10:19.0720 0280  AmdPPM - ok
00:10:19.0789 0280  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
00:10:19.0792 0280  amdsata - ok
00:10:19.0827 0280  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
00:10:19.0849 0280  amdsbs - ok
00:10:19.0887 0280  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
00:10:19.0891 0280  amdxata - ok
00:10:19.0935 0280  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
00:10:19.0960 0280  AppID - ok
00:10:20.0013 0280  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
00:10:20.0016 0280  AppIDSvc - ok
00:10:20.0059 0280  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
00:10:20.0061 0280  Appinfo - ok
00:10:20.0207 0280  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:10:20.0213 0280  Apple Mobile Device - ok
00:10:20.0286 0280  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
00:10:20.0290 0280  AppMgmt - ok
00:10:20.0341 0280  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\drivers\arc.sys
00:10:20.0347 0280  arc - ok
00:10:20.0406 0280  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
00:10:20.0415 0280  arcsas - ok
00:10:20.0607 0280  [ 2FE0D5DB69014980A970D3BF9A85D2B1 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:10:20.0664 0280  aspnet_state - ok
00:10:20.0698 0280  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
00:10:20.0700 0280  AsyncMac - ok
00:10:20.0735 0280  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
00:10:20.0737 0280  atapi - ok
00:10:20.0808 0280  [ AC4ADAC154563AB41CC79B0257BC685A ] athr            C:\Windows\system32\DRIVERS\athr.sys
00:10:20.0829 0280  athr - ok
00:10:20.0902 0280  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:10:20.0911 0280  AudioEndpointBuilder - ok
00:10:20.0931 0280  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
00:10:20.0938 0280  Audiosrv - ok
00:10:20.0974 0280  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
00:10:20.0979 0280  AxInstSV - ok
00:10:21.0056 0280  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
00:10:21.0069 0280  b06bdrv - ok
00:10:21.0124 0280  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
00:10:21.0131 0280  b57nd60x - ok
00:10:21.0227 0280  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
00:10:21.0230 0280  BDESVC - ok
00:10:21.0293 0280  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
00:10:21.0294 0280  Beep - ok
00:10:21.0340 0280  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
00:10:21.0351 0280  BFE - ok
00:10:21.0436 0280  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\system32\qmgr.dll
00:10:21.0457 0280  BITS - ok
00:10:21.0484 0280  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
00:10:21.0487 0280  blbdrive - ok
00:10:21.0574 0280  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:10:21.0584 0280  Bonjour Service - ok
00:10:21.0663 0280  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
00:10:21.0666 0280  bowser - ok
00:10:21.0779 0280  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
00:10:21.0835 0280  BrFiltLo - ok
00:10:21.0901 0280  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
00:10:21.0951 0280  BrFiltUp - ok
00:10:22.0060 0280  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
00:10:22.0062 0280  BridgeMP - ok
00:10:22.0120 0280  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
00:10:22.0123 0280  Browser - ok
00:10:22.0147 0280  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
00:10:22.0155 0280  Brserid - ok
00:10:22.0179 0280  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
00:10:22.0183 0280  BrSerWdm - ok
00:10:22.0203 0280  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
00:10:22.0207 0280  BrUsbMdm - ok
00:10:22.0229 0280  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
00:10:22.0233 0280  BrUsbSer - ok
00:10:22.0252 0280  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
00:10:22.0257 0280  BTHMODEM - ok
00:10:22.0342 0280  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
00:10:22.0346 0280  bthserv - ok
00:10:22.0475 0280  catchme - ok
00:10:22.0520 0280  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
00:10:22.0523 0280  cdfs - ok
00:10:22.0589 0280  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
00:10:22.0591 0280  cdrom - ok
00:10:22.0660 0280  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
00:10:22.0663 0280  CertPropSvc - ok
00:10:22.0693 0280  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\drivers\circlass.sys
00:10:22.0695 0280  circlass - ok
00:10:22.0728 0280  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
00:10:22.0734 0280  CLFS - ok
00:10:22.0816 0280  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:10:22.0821 0280  clr_optimization_v2.0.50727_32 - ok
00:10:22.0895 0280  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:10:22.0900 0280  clr_optimization_v4.0.30319_32 - ok
00:10:22.0980 0280  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
00:10:22.0981 0280  CmBatt - ok
00:10:23.0016 0280  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
00:10:23.0019 0280  cmdide - ok
00:10:23.0081 0280  [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG             C:\Windows\system32\Drivers\cng.sys
00:10:23.0089 0280  CNG - ok
00:10:23.0159 0280  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
00:10:23.0161 0280  Compbatt - ok
00:10:23.0181 0280  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
00:10:23.0185 0280  CompositeBus - ok
00:10:23.0202 0280  COMSysApp - ok
00:10:23.0264 0280  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
00:10:23.0267 0280  crcdisk - ok
00:10:23.0404 0280  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
00:10:23.0414 0280  CryptSvc - ok
00:10:23.0490 0280  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC             C:\Windows\system32\drivers\csc.sys
00:10:23.0499 0280  CSC - ok
00:10:23.0534 0280  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
00:10:23.0545 0280  CscService - ok
00:10:23.0609 0280  [ 0C527B30712D735D8CB61B5187C36587 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
00:10:23.0613 0280  dc3d - ok
00:10:23.0694 0280  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
00:10:23.0705 0280  DcomLaunch - ok
00:10:23.0761 0280  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
00:10:23.0768 0280  defragsvc - ok
00:10:23.0821 0280  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
00:10:23.0826 0280  DfsC - ok
00:10:23.0902 0280  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
00:10:23.0909 0280  Dhcp - ok
00:10:23.0979 0280  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
00:10:23.0981 0280  discache - ok
00:10:24.0027 0280  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\drivers\disk.sys
00:10:24.0029 0280  Disk - ok
00:10:24.0075 0280  [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
00:10:24.0078 0280  dmvsc - ok
00:10:24.0131 0280  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
00:10:24.0136 0280  Dnscache - ok
00:10:24.0200 0280  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
00:10:24.0207 0280  dot3svc - ok
00:10:24.0237 0280  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
00:10:24.0245 0280  DPS - ok
00:10:24.0315 0280  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
00:10:24.0316 0280  drmkaud - ok
00:10:24.0392 0280  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
00:10:24.0406 0280  DXGKrnl - ok
00:10:24.0476 0280  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
00:10:24.0481 0280  EapHost - ok
00:10:24.0644 0280  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
00:10:24.0741 0280  ebdrv - ok
00:10:24.0817 0280  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
00:10:24.0825 0280  EFS - ok
00:10:24.0953 0280  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
00:10:24.0968 0280  ehRecvr - ok
00:10:24.0995 0280  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
00:10:24.0998 0280  ehSched - ok
00:10:25.0079 0280  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\drivers\elxstor.sys
00:10:25.0091 0280  elxstor - ok
00:10:25.0178 0280  [ CEF06A8DF4BA42673F3297759FD62E80 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
00:10:25.0182 0280  EPSON_PM_RPCV4_05 - ok
00:10:25.0216 0280  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
00:10:25.0218 0280  ErrDev - ok
00:10:25.0315 0280  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
00:10:25.0322 0280  EventSystem - ok
00:10:25.0353 0280  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
00:10:25.0359 0280  exfat - ok
00:10:25.0405 0280  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
00:10:25.0408 0280  fastfat - ok
00:10:25.0496 0280  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
00:10:25.0508 0280  Fax - ok
00:10:25.0568 0280  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\drivers\fdc.sys
00:10:25.0570 0280  fdc - ok
00:10:25.0632 0280  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
00:10:25.0636 0280  fdPHost - ok
00:10:25.0663 0280  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
00:10:25.0668 0280  FDResPub - ok
00:10:25.0694 0280  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
00:10:25.0697 0280  FileInfo - ok
00:10:25.0757 0280  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
00:10:25.0760 0280  Filetrace - ok
00:10:25.0804 0280  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
00:10:25.0806 0280  flpydisk - ok
00:10:25.0842 0280  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
00:10:25.0846 0280  FltMgr - ok
00:10:25.0970 0280  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
00:10:25.0988 0280  FontCache - ok
00:10:26.0106 0280  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:10:26.0111 0280  FontCache3.0.0.0 - ok
00:10:26.0153 0280  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
00:10:26.0158 0280  FsDepends - ok
00:10:26.0209 0280  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
00:10:26.0211 0280  Fs_Rec - ok
00:10:26.0275 0280  [ E306A24D9694C724FA2491278BF50FDB ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
00:10:26.0279 0280  fvevol - ok
00:10:26.0349 0280  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
00:10:26.0355 0280  gagp30kx - ok
00:10:26.0424 0280  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:10:26.0427 0280  GEARAspiWDM - ok
00:10:26.0503 0280  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
00:10:26.0516 0280  gpsvc - ok
00:10:26.0613 0280  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
00:10:26.0618 0280  gupdate - ok
00:10:26.0651 0280  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
00:10:26.0654 0280  gupdatem - ok
00:10:26.0718 0280  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
00:10:26.0721 0280  hcw85cir - ok
00:10:26.0800 0280  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:10:26.0808 0280  HdAudAddService - ok
00:10:26.0876 0280  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
00:10:26.0879 0280  HDAudBus - ok
00:10:26.0910 0280  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
00:10:26.0913 0280  HidBatt - ok
00:10:26.0928 0280  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
00:10:26.0933 0280  HidBth - ok
00:10:26.0951 0280  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\drivers\hidir.sys
00:10:26.0958 0280  HidIr - ok
00:10:27.0067 0280  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
00:10:27.0073 0280  hidserv - ok
00:10:27.0146 0280  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
00:10:27.0148 0280  HidUsb - ok
00:10:27.0210 0280  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
00:10:27.0217 0280  hkmsvc - ok
00:10:27.0247 0280  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:10:27.0257 0280  HomeGroupListener - ok
00:10:27.0329 0280  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:10:27.0339 0280  HomeGroupProvider - ok
00:10:27.0381 0280  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
00:10:27.0384 0280  HpSAMD - ok
00:10:27.0438 0280  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
00:10:27.0447 0280  HTTP - ok
00:10:27.0514 0280  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
00:10:27.0516 0280  hwpolicy - ok
00:10:27.0560 0280  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
00:10:27.0562 0280  i8042prt - ok
00:10:27.0613 0280  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
00:10:27.0623 0280  iaStorV - ok
00:10:27.0740 0280  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:10:27.0758 0280  idsvc - ok
00:10:27.0951 0280  [ D0074897C6BC132F3980EA4654BF7FB9 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
00:10:28.0113 0280  igfx - ok
00:10:28.0186 0280  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
00:10:28.0189 0280  iirsp - ok
00:10:28.0259 0280  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
00:10:28.0274 0280  IKEEXT - ok
00:10:28.0449 0280  [ C4B1D45FE135286155B9E6AA0DB4E4D3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
00:10:28.0597 0280  IntcAzAudAddService - ok
00:10:28.0662 0280  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
00:10:28.0664 0280  intelide - ok
00:10:28.0712 0280  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
00:10:28.0714 0280  intelppm - ok
00:10:28.0798 0280  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
00:10:28.0804 0280  IPBusEnum - ok
00:10:28.0856 0280  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:10:28.0858 0280  IpFilterDriver - ok
00:10:28.0950 0280  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
00:10:28.0966 0280  iphlpsvc - ok
00:10:29.0001 0280  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
00:10:29.0007 0280  IPMIDRV - ok
00:10:29.0038 0280  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
00:10:29.0040 0280  IPNAT - ok
00:10:29.0142 0280  [ E46B17060D3962A384AE484094614788 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
00:10:29.0153 0280  iPod Service - ok
00:10:29.0213 0280  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
00:10:29.0215 0280  IRENUM - ok
00:10:29.0250 0280  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
00:10:29.0252 0280  isapnp - ok
00:10:29.0287 0280  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
00:10:29.0295 0280  iScsiPrt - ok
00:10:29.0358 0280  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
00:10:29.0360 0280  kbdclass - ok
00:10:29.0399 0280  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
00:10:29.0406 0280  kbdhid - ok
00:10:29.0439 0280  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
00:10:29.0444 0280  KeyIso - ok
00:10:29.0500 0280  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
00:10:29.0503 0280  KSecDD - ok
00:10:29.0573 0280  [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
00:10:29.0578 0280  KSecPkg - ok
00:10:29.0646 0280  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
00:10:29.0662 0280  KtmRm - ok
00:10:29.0741 0280  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\System32\srvsvc.dll
00:10:29.0752 0280  LanmanServer - ok
00:10:29.0820 0280  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:10:29.0836 0280  LanmanWorkstation - ok
00:10:29.0924 0280  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
00:10:29.0929 0280  lltdio - ok
00:10:29.0996 0280  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
00:10:30.0007 0280  lltdsvc - ok
00:10:30.0045 0280  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
00:10:30.0051 0280  lmhosts - ok
00:10:30.0078 0280  lmimirr - ok
00:10:30.0159 0280  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
00:10:30.0165 0280  LSI_FC - ok
00:10:30.0198 0280  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
00:10:30.0205 0280  LSI_SAS - ok
00:10:30.0250 0280  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
00:10:30.0255 0280  LSI_SAS2 - ok
00:10:30.0313 0280  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
00:10:30.0317 0280  LSI_SCSI - ok
00:10:30.0359 0280  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
00:10:30.0363 0280  luafv - ok
00:10:30.0416 0280  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
00:10:30.0423 0280  Mcx2Svc - ok
00:10:30.0487 0280  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\drivers\megasas.sys
00:10:30.0490 0280  megasas - ok
00:10:30.0526 0280  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
00:10:30.0532 0280  MegaSR - ok
00:10:30.0581 0280  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
00:10:30.0588 0280  MMCSS - ok
00:10:30.0621 0280  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
00:10:30.0623 0280  Modem - ok
00:10:30.0698 0280  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
00:10:30.0750 0280  monitor - ok
00:10:30.0793 0280  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
00:10:30.0795 0280  mouclass - ok
00:10:30.0859 0280  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
00:10:30.0860 0280  mouhid - ok
00:10:30.0888 0280  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
00:10:30.0891 0280  mountmgr - ok
00:10:30.0983 0280  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:10:30.0989 0280  MozillaMaintenance - ok
00:10:31.0071 0280  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
00:10:31.0076 0280  MpFilter - ok
00:10:31.0134 0280  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
00:10:31.0139 0280  mpio - ok
00:10:31.0269 0280  MpKsl6c5761a4 - ok
00:10:31.0306 0280  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
00:10:31.0311 0280  mpsdrv - ok
00:10:31.0390 0280  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
00:10:31.0412 0280  MpsSvc - ok
00:10:31.0467 0280  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
00:10:31.0470 0280  MRxDAV - ok
00:10:31.0523 0280  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
00:10:31.0525 0280  mrxsmb - ok
00:10:31.0559 0280  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:10:31.0565 0280  mrxsmb10 - ok
00:10:31.0592 0280  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:10:31.0597 0280  mrxsmb20 - ok
00:10:31.0664 0280  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
00:10:31.0668 0280  msahci - ok
00:10:31.0708 0280  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
00:10:31.0713 0280  msdsm - ok
00:10:31.0763 0280  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
00:10:31.0771 0280  MSDTC - ok
00:10:31.0858 0280  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
00:10:31.0859 0280  Msfs - ok
00:10:31.0916 0280  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
00:10:31.0920 0280  mshidkmdf - ok
00:10:31.0939 0280  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
00:10:31.0943 0280  msisadrv - ok
00:10:32.0020 0280  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
00:10:32.0031 0280  MSiSCSI - ok
00:10:32.0048 0280  msiserver - ok
00:10:32.0132 0280  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
00:10:32.0135 0280  MSKSSRV - ok
00:10:32.0256 0280  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
00:10:32.0258 0280  MsMpSvc - ok
00:10:32.0307 0280  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
00:10:32.0309 0280  MSPCLOCK - ok
00:10:32.0363 0280  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
00:10:32.0365 0280  MSPQM - ok
00:10:32.0392 0280  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
00:10:32.0398 0280  MsRPC - ok
00:10:32.0428 0280  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
00:10:32.0430 0280  mssmbios - ok
00:10:32.0476 0280  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
00:10:32.0478 0280  MSTEE - ok
00:10:32.0524 0280  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
00:10:32.0527 0280  MTConfig - ok
00:10:32.0548 0280  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
00:10:32.0550 0280  Mup - ok
00:10:32.0621 0280  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
00:10:32.0633 0280  napagent - ok
00:10:32.0712 0280  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
00:10:32.0722 0280  NativeWifiP - ok
00:10:32.0807 0280  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
00:10:32.0822 0280  NDIS - ok
00:10:32.0878 0280  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
00:10:32.0881 0280  NdisCap - ok
00:10:32.0923 0280  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
00:10:32.0925 0280  NdisTapi - ok
00:10:32.0959 0280  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
00:10:32.0961 0280  Ndisuio - ok
00:10:33.0015 0280  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
00:10:33.0018 0280  NdisWan - ok
00:10:33.0050 0280  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
00:10:33.0053 0280  NDProxy - ok
00:10:33.0091 0280  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
00:10:33.0094 0280  NetBIOS - ok
00:10:33.0164 0280  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
00:10:33.0169 0280  NetBT - ok
00:10:33.0206 0280  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
00:10:33.0211 0280  Netlogon - ok
00:10:33.0284 0280  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
00:10:33.0298 0280  Netman - ok
00:10:33.0362 0280  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:10:33.0450 0280  NetMsmqActivator - ok
00:10:33.0462 0280  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:10:33.0472 0280  NetPipeActivator - ok
00:10:33.0540 0280  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
00:10:33.0552 0280  netprofm - ok
00:10:33.0617 0280  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:10:33.0621 0280  NetTcpActivator - ok
00:10:33.0639 0280  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:10:33.0645 0280  NetTcpPortSharing - ok
00:10:33.0716 0280  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
00:10:33.0720 0280  nfrd960 - ok
00:10:33.0801 0280  [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
00:10:33.0805 0280  NisDrv - ok
00:10:33.0888 0280  [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
00:10:33.0895 0280  NisSrv - ok
00:10:33.0963 0280  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:10:33.0979 0280  NlaSvc - ok
00:10:34.0034 0280  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:10:34.0036 0280  Npfs - ok
00:10:34.0093 0280  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
00:10:34.0104 0280  nsi - ok
00:10:34.0155 0280  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:10:34.0156 0280  nsiproxy - ok
00:10:34.0263 0280  [ 9CDAEBE5160B9AF02AE17C62BDB6C4B5 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:10:34.0283 0280  Ntfs - ok
00:10:34.0349 0280  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
00:10:34.0351 0280  Null - ok
00:10:34.0422 0280  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:10:34.0429 0280  nvraid - ok
00:10:34.0458 0280  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:10:34.0464 0280  nvstor - ok
00:10:34.0508 0280  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
00:10:34.0512 0280  nv_agp - ok
00:10:34.0532 0280  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
00:10:34.0539 0280  ohci1394 - ok
00:10:34.0618 0280  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
00:10:34.0629 0280  p2pimsvc - ok
00:10:34.0702 0280  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
00:10:34.0719 0280  p2psvc - ok
00:10:34.0780 0280  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\drivers\parport.sys
00:10:34.0783 0280  Parport - ok
00:10:34.0851 0280  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:10:34.0854 0280  partmgr - ok
00:10:34.0896 0280  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
00:10:34.0900 0280  Parvdm - ok
00:10:35.0002 0280  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:10:35.0011 0280  PcaSvc - ok
00:10:35.0074 0280  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
00:10:35.0079 0280  pci - ok
00:10:35.0117 0280  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
00:10:35.0121 0280  pciide - ok
00:10:35.0145 0280  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
00:10:35.0149 0280  pcmcia - ok
00:10:35.0185 0280  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
00:10:35.0189 0280  pcw - ok
00:10:35.0264 0280  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:10:35.0277 0280  PEAUTH - ok
00:10:35.0358 0280  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
00:10:35.0385 0280  PeerDistSvc - ok
00:10:35.0493 0280  [ 1B5011DD8D57F53AED31FF0F7D635802 ] PGEffect        C:\Windows\system32\DRIVERS\pgeffect.sys
00:10:35.0498 0280  PGEffect - ok
00:10:35.0625 0280  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
00:10:35.0657 0280  pla - ok
00:10:35.0737 0280  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:10:35.0761 0280  PlugPlay - ok
00:10:35.0811 0280  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
00:10:35.0821 0280  PNRPAutoReg - ok
00:10:35.0862 0280  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
00:10:35.0873 0280  PNRPsvc - ok
00:10:35.0940 0280  [ 0648C9DB881557749039CFEE5E97E1A3 ] Point32         C:\Windows\system32\DRIVERS\point32.sys
00:10:35.0943 0280  Point32 - ok
00:10:36.0016 0280  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:10:36.0024 0280  PolicyAgent - ok
00:10:36.0099 0280  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
00:10:36.0113 0280  Power - ok
00:10:36.0193 0280  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:10:36.0197 0280  PptpMiniport - ok
00:10:36.0230 0280  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\drivers\processr.sys
00:10:36.0234 0280  Processor - ok
00:10:36.0302 0280  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
00:10:36.0320 0280  ProfSvc - ok
00:10:36.0350 0280  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:10:36.0357 0280  ProtectedStorage - ok
00:10:36.0434 0280  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
00:10:36.0438 0280  Psched - ok
00:10:36.0512 0280  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
00:10:36.0574 0280  ql2300 - ok
00:10:36.0608 0280  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
00:10:36.0613 0280  ql40xx - ok
00:10:36.0684 0280  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
00:10:36.0695 0280  QWAVE - ok
00:10:36.0727 0280  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:10:36.0730 0280  QWAVEdrv - ok
00:10:36.0770 0280  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:10:36.0771 0280  RasAcd - ok
00:10:36.0840 0280  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
00:10:36.0844 0280  RasAgileVpn - ok
00:10:36.0914 0280  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
00:10:36.0923 0280  RasAuto - ok
00:10:37.0002 0280  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:10:37.0005 0280  Rasl2tp - ok
00:10:37.0074 0280  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
00:10:37.0086 0280  RasMan - ok
00:10:37.0122 0280  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:10:37.0126 0280  RasPppoe - ok
00:10:37.0188 0280  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:10:37.0192 0280  RasSstp - ok
00:10:37.0210 0280  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:10:37.0216 0280  rdbss - ok
00:10:37.0245 0280  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
00:10:37.0248 0280  rdpbus - ok
00:10:37.0269 0280  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
00:10:37.0272 0280  RDPCDD - ok
00:10:37.0350 0280  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
00:10:37.0354 0280  RDPDR - ok
00:10:37.0408 0280  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
00:10:37.0411 0280  RDPENCDD - ok
00:10:37.0490 0280  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
00:10:37.0492 0280  RDPREFMP - ok
00:10:37.0559 0280  [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:10:37.0564 0280  RdpVideoMiniport - ok
00:10:37.0634 0280  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:10:37.0641 0280  RDPWD - ok
00:10:37.0689 0280  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
00:10:37.0694 0280  rdyboost - ok
00:10:37.0750 0280  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:10:37.0760 0280  RemoteAccess - ok
00:10:37.0826 0280  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
00:10:37.0835 0280  RemoteRegistry - ok
00:10:37.0874 0280  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
00:10:37.0887 0280  RpcEptMapper - ok
00:10:37.0952 0280  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
00:10:37.0962 0280  RpcLocator - ok
00:10:38.0006 0280  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
00:10:38.0018 0280  RpcSs - ok
00:10:38.0086 0280  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:10:38.0090 0280  rspndr - ok
00:10:38.0165 0280  [ 3983CEA05BB855351D75F5482B6C42CE ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
00:10:38.0170 0280  RTL8167 - ok
00:10:38.0224 0280  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
00:10:38.0227 0280  s3cap - ok
00:10:38.0262 0280  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
00:10:38.0267 0280  SamSs - ok
00:10:38.0345 0280  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
00:10:38.0351 0280  sbp2port - ok
00:10:38.0423 0280  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:10:38.0433 0280  SCardSvr - ok
00:10:38.0457 0280  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
00:10:38.0460 0280  scfilter - ok
00:10:38.0518 0280  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
00:10:38.0535 0280  Schedule - ok
00:10:38.0561 0280  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:10:38.0564 0280  SCPolicySvc - ok
00:10:38.0651 0280  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:10:38.0661 0280  SDRSVC - ok
00:10:38.0739 0280  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
00:10:38.0743 0280  secdrv - ok
00:10:38.0812 0280  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
00:10:38.0820 0280  seclogon - ok
00:10:38.0857 0280  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
00:10:38.0865 0280  SENS - ok
00:10:38.0931 0280  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
00:10:38.0941 0280  SensrSvc - ok
00:10:38.0979 0280  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\drivers\serenum.sys
00:10:38.0981 0280  Serenum - ok
00:10:39.0021 0280  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\drivers\serial.sys
00:10:39.0024 0280  Serial - ok
00:10:39.0057 0280  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
00:10:39.0062 0280  sermouse - ok
00:10:39.0160 0280  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
00:10:39.0169 0280  SessionEnv - ok
00:10:39.0195 0280  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
00:10:39.0198 0280  sffdisk - ok
00:10:39.0259 0280  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
00:10:39.0262 0280  sffp_mmc - ok
00:10:39.0276 0280  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
00:10:39.0278 0280  sffp_sd - ok
00:10:39.0296 0280  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
00:10:39.0299 0280  sfloppy - ok
00:10:39.0380 0280  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
00:10:39.0394 0280  SharedAccess - ok
00:10:39.0476 0280  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:10:39.0487 0280  ShellHWDetection - ok
00:10:39.0529 0280  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
00:10:39.0534 0280  sisagp - ok
00:10:39.0591 0280  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
00:10:39.0594 0280  SiSRaid2 - ok
00:10:39.0634 0280  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
00:10:39.0638 0280  SiSRaid4 - ok
00:10:39.0759 0280  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
00:10:39.0765 0280  SkypeUpdate - ok
00:10:39.0836 0280  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
00:10:39.0840 0280  Smb - ok
00:10:39.0935 0280  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:10:39.0943 0280  SNMPTRAP - ok
00:10:39.0999 0280  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
00:10:40.0004 0280  spldr - ok
00:10:40.0074 0280  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
00:10:40.0085 0280  Spooler - ok
00:10:40.0240 0280  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
00:10:40.0343 0280  sppsvc - ok
00:10:40.0411 0280  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
00:10:40.0424 0280  sppuinotify - ok
00:10:40.0489 0280  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:10:40.0498 0280  srv - ok
00:10:40.0535 0280  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:10:40.0543 0280  srv2 - ok
00:10:40.0578 0280  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:10:40.0583 0280  srvnet - ok
00:10:40.0678 0280  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:10:40.0690 0280  SSDPSRV - ok
00:10:40.0715 0280  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:10:40.0726 0280  SstpSvc - ok
00:10:40.0786 0280  Steam Client Service - ok
00:10:40.0846 0280  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\drivers\stexstor.sys
00:10:40.0852 0280  stexstor - ok
00:10:40.0951 0280  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
00:10:40.0965 0280  StiSvc - ok
00:10:41.0007 0280  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
00:10:41.0010 0280  storflt - ok
00:10:41.0050 0280  [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc         C:\Windows\system32\storsvc.dll
00:10:41.0059 0280  StorSvc - ok
00:10:41.0084 0280  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
00:10:41.0108 0280  storvsc - ok
00:10:41.0152 0280  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
00:10:41.0154 0280  swenum - ok
00:10:41.0230 0280  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
00:10:41.0250 0280  swprv - ok
00:10:41.0332 0280  [ 9A28F1C47CE0C8BBC02AAF5941AB44CD ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
00:10:41.0339 0280  SynTP - ok
00:10:41.0427 0280  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
00:10:41.0464 0280  SysMain - ok
00:10:41.0489 0280  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:10:41.0504 0280  TabletInputService - ok
00:10:41.0566 0280  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:10:41.0583 0280  TapiSrv - ok
00:10:41.0621 0280  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
00:10:41.0631 0280  TBS - ok
00:10:41.0731 0280  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:10:41.0748 0280  Tcpip - ok
00:10:41.0801 0280  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
00:10:41.0819 0280  TCPIP6 - ok
00:10:41.0887 0280  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:10:41.0893 0280  tcpipreg - ok
00:10:41.0961 0280  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
00:10:41.0964 0280  TDPIPE - ok
00:10:42.0015 0280  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
00:10:42.0017 0280  TDTCP - ok
00:10:42.0048 0280  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:10:42.0052 0280  tdx - ok
00:10:42.0111 0280  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
00:10:42.0113 0280  TermDD - ok
00:10:42.0189 0280  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
00:10:42.0218 0280  TermService - ok
00:10:42.0249 0280  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
00:10:42.0259 0280  Themes - ok
00:10:42.0329 0280  [ E17DCDE74FF00CA802643B4A9A4A4A5C ] Thpevm          C:\Windows\system32\DRIVERS\Thpevm.SYS
00:10:42.0332 0280  Thpevm - ok
00:10:42.0372 0280  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
00:10:42.0377 0280  THREADORDER - ok
00:10:42.0438 0280  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
00:10:42.0449 0280  TrkWks - ok
00:10:42.0558 0280  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:10:42.0566 0280  TrustedInstaller - ok
00:10:42.0648 0280  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
00:10:42.0651 0280  tssecsrv - ok
00:10:42.0707 0280  [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
00:10:42.0711 0280  TsUsbFlt - ok
00:10:42.0770 0280  [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
00:10:42.0773 0280  TsUsbGD - ok
00:10:42.0858 0280  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:10:42.0862 0280  tunnel - ok
00:10:42.0948 0280  [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
00:10:42.0953 0280  TVALZ - ok
00:10:43.0012 0280  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
00:10:43.0016 0280  uagp35 - ok
00:10:43.0051 0280  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:10:43.0056 0280  udfs - ok
00:10:43.0147 0280  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:10:43.0166 0280  UI0Detect - ok
00:10:43.0229 0280  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
00:10:43.0234 0280  uliagpkx - ok
00:10:43.0276 0280  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
00:10:43.0280 0280  umbus - ok
00:10:43.0314 0280  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\drivers\umpass.sys
00:10:43.0319 0280  UmPass - ok
00:10:43.0395 0280  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\Windows\System32\umrdp.dll
00:10:43.0412 0280  UmRdpService - ok
00:10:43.0491 0280  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
00:10:43.0510 0280  upnphost - ok
00:10:43.0586 0280  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
00:10:43.0589 0280  USBAAPL - ok
00:10:43.0667 0280  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
00:10:43.0673 0280  usbaudio - ok
00:10:43.0741 0280  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
00:10:43.0744 0280  usbccgp - ok
00:10:43.0809 0280  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
00:10:43.0814 0280  usbcir - ok
00:10:43.0848 0280  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
00:10:43.0851 0280  usbehci - ok
00:10:43.0922 0280  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
00:10:43.0929 0280  usbhub - ok
00:10:43.0969 0280  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
00:10:43.0972 0280  usbohci - ok
00:10:44.0041 0280  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
00:10:44.0045 0280  usbprint - ok
00:10:44.0125 0280  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
00:10:44.0129 0280  usbscan - ok
00:10:44.0190 0280  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:10:44.0193 0280  USBSTOR - ok
00:10:44.0220 0280  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
00:10:44.0222 0280  usbuhci - ok
00:10:44.0292 0280  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
00:10:44.0298 0280  usbvideo - ok
00:10:44.0355 0280  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
00:10:44.0364 0280  UxSms - ok
00:10:44.0385 0280  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
00:10:44.0391 0280  VaultSvc - ok
00:10:44.0469 0280  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
00:10:44.0474 0280  vdrvroot - ok
00:10:44.0562 0280  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
00:10:44.0586 0280  vds - ok
00:10:44.0658 0280  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
00:10:44.0661 0280  vga - ok
00:10:44.0699 0280  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
00:10:44.0701 0280  VgaSave - ok
00:10:44.0736 0280  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
00:10:44.0742 0280  vhdmp - ok
00:10:44.0802 0280  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
00:10:44.0806 0280  viaagp - ok
00:10:44.0820 0280  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
00:10:44.0825 0280  ViaC7 - ok
00:10:44.0867 0280  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
00:10:44.0870 0280  viaide - ok
00:10:44.0932 0280  [ C2F2911156FDC7817C52829C86DA494E ] vmbus           C:\Windows\system32\drivers\vmbus.sys
00:10:44.0938 0280  vmbus - ok
00:10:44.0964 0280  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
00:10:44.0968 0280  VMBusHID - ok
00:10:45.0033 0280  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
00:10:45.0037 0280  volmgr - ok
00:10:45.0069 0280  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:10:45.0075 0280  volmgrx - ok
00:10:45.0103 0280  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
00:10:45.0107 0280  volsnap - ok
00:10:45.0162 0280  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
00:10:45.0170 0280  vsmraid - ok
00:10:45.0255 0280  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
00:10:45.0291 0280  VSS - ok
00:10:45.0318 0280  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
00:10:45.0321 0280  vwifibus - ok
00:10:45.0352 0280  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
00:10:45.0356 0280  vwififlt - ok
00:10:45.0431 0280  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
00:10:45.0454 0280  W32Time - ok
00:10:45.0518 0280  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
00:10:45.0522 0280  WacomPen - ok
00:10:45.0573 0280  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
00:10:45.0576 0280  WANARP - ok
00:10:45.0586 0280  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:10:45.0590 0280  Wanarpv6 - ok
00:10:45.0706 0280  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
00:10:45.0734 0280  WatAdminSvc - ok
00:10:45.0872 0280  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
00:10:45.0905 0280  wbengine - ok
00:10:45.0930 0280  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
00:10:45.0944 0280  WbioSrvc - ok
00:10:46.0012 0280  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:10:46.0025 0280  wcncsvc - ok
00:10:46.0049 0280  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:10:46.0060 0280  WcsPlugInService - ok
00:10:46.0136 0280  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\drivers\wd.sys
00:10:46.0139 0280  Wd - ok
00:10:46.0213 0280  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:10:46.0229 0280  Wdf01000 - ok
00:10:46.0290 0280  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
00:10:46.0304 0280  WdiServiceHost - ok
00:10:46.0319 0280  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:10:46.0333 0280  WdiSystemHost - ok
00:10:46.0373 0280  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
00:10:46.0385 0280  WebClient - ok
00:10:46.0417 0280  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:10:46.0431 0280  Wecsvc - ok
00:10:46.0490 0280  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:10:46.0500 0280  wercplsupport - ok
00:10:46.0541 0280  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:10:46.0558 0280  WerSvc - ok
00:10:46.0640 0280  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
00:10:46.0644 0280  WfpLwf - ok
00:10:46.0685 0280  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
00:10:46.0689 0280  WIMMount - ok
00:10:46.0797 0280  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
00:10:46.0817 0280  WinDefend - ok
00:10:46.0857 0280  WinHttpAutoProxySvc - ok
00:10:46.0983 0280  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:10:46.0988 0280  Winmgmt - ok
00:10:47.0084 0280  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
00:10:47.0112 0280  WinRM - ok
00:10:47.0208 0280  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
00:10:47.0210 0280  WinUsb - ok
00:10:47.0302 0280  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
00:10:47.0330 0280  Wlansvc - ok
00:10:47.0385 0280  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
00:10:47.0388 0280  WmiAcpi - ok
00:10:47.0456 0280  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:10:47.0460 0280  wmiApSrv - ok
00:10:47.0586 0280  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
00:10:47.0606 0280  WMPNetworkSvc - ok
00:10:47.0677 0280  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:10:47.0693 0280  WPCSvc - ok
00:10:47.0725 0280  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:10:47.0738 0280  WPDBusEnum - ok
00:10:47.0801 0280  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:10:47.0804 0280  ws2ifsl - ok
00:10:47.0875 0280  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\system32\wscsvc.dll
00:10:47.0885 0280  wscsvc - ok
00:10:47.0903 0280  WSearch - ok
00:10:48.0041 0280  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
00:10:48.0086 0280  wuauserv - ok
00:10:48.0156 0280  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
00:10:48.0161 0280  WudfPf - ok
00:10:48.0208 0280  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
00:10:48.0214 0280  WUDFRd - ok
00:10:48.0294 0280  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:10:48.0304 0280  wudfsvc - ok
00:10:48.0364 0280  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
00:10:48.0377 0280  WwanSvc - ok
00:10:48.0417 0280  ================ Scan global ===============================
00:10:48.0490 0280  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
00:10:48.0556 0280  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
00:10:48.0578 0280  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
00:10:48.0651 0280  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
00:10:48.0715 0280  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
00:10:48.0725 0280  [Global] - ok
00:10:48.0726 0280  ================ Scan MBR ==================================
00:10:48.0750 0280  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:10:50.0272 0280  \Device\Harddisk0\DR0 - ok
00:10:50.0273 0280  ================ Scan VBR ==================================
00:10:50.0309 0280  [ 199DBBA1123E84F2D48E1E94FE5497D8 ] \Device\Harddisk0\DR0\Partition1
00:10:50.0314 0280  \Device\Harddisk0\DR0\Partition1 - ok
00:10:50.0315 0280  ============================================================
00:10:50.0315 0280  Scan finished
00:10:50.0315 0280  ============================================================
00:10:50.0351 6100  Detected object count: 0
00:10:50.0352 6100  Actual detected object count: 0


AdwCleaner results log

 

 

# AdwCleaner v2.202 - Logfile created 04/24/2013 at 00:13:40
# Updated 23/04/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : Marcel - MARCEL-NETBOOK
# Boot Mode : Normal
# Running from : C:\Users\Marcel\Downloads\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
 
***** [Registry] *****
 
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v10.0.9200.16537
 
[OK] Registry is clean.
 
-\\ Mozilla Firefox v20.0.1 (en-US)
 
File : C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ehrgngyv.default\prefs.js
 
[OK] File is clean.
 
-\\ Google Chrome v26.0.1410.64
 
File : C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[S1].txt - [957 octets] - [24/04/2013 00:13:40]
 
########## EOF - C:\AdwCleaner[S1].txt - [1016 octets] ##########


#5 mudbunny

mudbunny
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 23 April 2013 - 11:25 PM

Note that it is now almost 12:30am my time, so i will be going to bed in a couple of minutes. So I may not reply until tomorrow afternoon/evening.

 

Thanks for all your help, it is much appreciated.



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 67,796 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:42 AM

Posted 24 April 2013 - 09:22 AM

LOL, I fell asleep.

We flushed the DNS and it looks clean. Try again. If you still fail we will need to take a deeper look,

Edited by boopme, 24 April 2013 - 09:22 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 mudbunny

mudbunny
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 24 April 2013 - 11:02 AM

Well, it looks like it works now. Thanks!!

 

One other thing it might have been...a friend recommended checking out the settings in my router (a DLink 655) and looking to see if Advanced DNS was enabled and, if it was, to disable it.

 

In any case, it works, so I m very, very happy.

 

Thanks again!!



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 67,796 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:42 AM

Posted 24 April 2013 - 02:55 PM

You're welcome!!

Now you should Create a New Restore Point (alternate method) to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > All Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
Then use Disk Cleanup to remove all but the newly created Restore Point.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 GMComputers

GMComputers

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 27 April 2014 - 07:38 PM

Can we still talk about this little problem ?



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 67,796 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:42 AM

Posted 28 April 2014 - 11:53 AM

What to talk about??
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 GMComputers

GMComputers

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 28 April 2014 - 05:04 PM

I have ran all the programs that you have listed and this computer will not automatically assign an ip. But I can manually assign an ip address and it will connect and get updates that is it ... any web browser that I use does nothing..... Any ideas... other than wipe & fresh install?



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 67,796 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:42 AM

Posted 28 April 2014 - 06:44 PM

@GMC
Run this next and see....

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

p22004342.gif


Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22004343.gif


Go to Step 4 and under "System Restore" click on Create button:

p22004346.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22004347.gif

Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 GMComputers

GMComputers

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 28 April 2014 - 07:38 PM

in safe mode?



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 67,796 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:42 AM

Posted 28 April 2014 - 09:34 PM

not needed
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 GMComputers

GMComputers

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 29 April 2014 - 05:36 PM

This little Program is Cool ... And thank you a Mill!!! It fixed little problem TY TY TY !!!!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users