Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DomalQ


  • Please log in to reply
16 replies to this topic

#1 zookeeper9

zookeeper9

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 19 July 2013 - 08:41 AM

So one of my darling children got smart and hacked my admin account and disabled password protection for downloading programs.  Needless to say THAT has been taken care of on several levels, I have removed most of the issues but I am at a loss on how to get rid of the DomalQ program.  Thanks!

 

 

Donna

Mom of 9, with one on serious grounding from the computer.  :)



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 19 July 2013 - 09:14 AM

Hi Donna, first try to Uninstall it thru Control Panel Uninstall Programs..

if "Uninstall" works.
If not you can remove those entries from the list.
Download UnInstall Cleaner
Unzip downloaded file.
Double click on UIClean.exe to run the tool.
Click on leftover entry and click Delete button.



Now run these......

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by boopme, 19 July 2013 - 09:15 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 zookeeper9

zookeeper9
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 22 July 2013 - 09:07 AM

Thanks for the help.  I do they control panel uninstall does not work.

 

I am off to try your recommendations now and will post when I am completed.

 

 

 



#4 zookeeper9

zookeeper9
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 22 July 2013 - 09:58 AM

I can't get the Uninstall Cleaner to unzip.  I have downloaded 7-zip and when try to run the unzip it says is missing .dll file. 

 

I went ahead and ran the Mini Toolbox here is the log:

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Donna (administrator) on 22-07-2013 at 10:54:16
Running from "C:\Users\Donna\Desktop"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

========================= IP Configuration: ================================

802.11n Wireless LAN Card = Wi-Fi (Connected)
Qualcomm Atheros AR8161 PCI-E Gigabit Ethernet Controller (NDIS 6.30) = Ethernet (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Rhino
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 84-4B-F5-B6-6D-14
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Qualcomm Atheros AR8161 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
   Physical Address. . . . . . . . . : 50-46-5D-2E-2A-9A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : 802.11n Wireless LAN Card
   Physical Address. . . . . . . . . : 84-4B-F5-B6-6D-12
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::85c3:a309:81fe:a8be%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, July 22, 2013 10:23:22 AM
   Lease Expires . . . . . . . . . . : Tuesday, July 23, 2013 10:23:26 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 260328437
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-05-32-42-84-4B-F5-B6-6D-12
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:24:2ed1:3f57:fef9(Preferred)
   Link-local IPv6 Address . . . . . : fe80::24:2ed1:3f57:fef9%17(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4004:801::1008
   74.125.228.46
   74.125.228.34
   74.125.228.36
   74.125.228.32
   74.125.228.37
   74.125.228.38
   74.125.228.41
   74.125.228.35
   74.125.228.40
   74.125.228.33
   74.125.228.39

Pinging google.com [74.125.228.34] with 32 bytes of data:
Reply from 74.125.228.34: bytes=32 time=15ms TTL=250
Reply from 74.125.228.34: bytes=32 time=12ms TTL=250

Ping statistics for 74.125.228.34:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 12ms, Maximum = 15ms, Average = 13ms
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.139.183.24
   98.138.253.109
   206.190.36.45

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=71ms TTL=250
Reply from 98.138.253.109: bytes=32 time=48ms TTL=250

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 48ms, Maximum = 71ms, Average = 59ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...84 4b f5 b6 6d 14 ......Microsoft Wi-Fi Direct Virtual Adapter
 13...50 46 5d 2e 2a 9a ......Qualcomm Atheros AR8161 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
 12...84 4b f5 b6 6d 12 ......802.11n Wireless LAN Card
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 16...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.6     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.6    281
      192.168.1.6  255.255.255.255         On-link       192.168.1.6    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.6    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.6    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.6    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 17    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 17    306 2001::/32                On-link
 17    306 2001:0:5ef5:79fd:24:2ed1:3f57:fef9/128
                                    On-link
 12    281 fe80::/64                On-link
 17    306 fe80::/64                On-link
 17    306 fe80::24:2ed1:3f57:fef9/128
                                    On-link
 12    281 fe80::85c3:a309:81fe:a8be/128
                                    On-link
  1    306 ff00::/8                 On-link
 17    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [64000] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/22/2013 10:26:45 AM) (Source: Application Hang) (User: )
Description: The program WWAHost.exe version 6.2.9200.16420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 784

Start Time: 01ce86e771d03485

Termination Time: 4294967295

Application Path: C:\Windows\System32\WWAHost.exe

Report Id: ba4ab5f3-f2da-11e2-be93-50465d2e2a9a

Faulting package full name: winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: Windows.Store

Error: (07/22/2013 10:26:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: RHINO)
Description: App winstore_cw5n1h2txyewy!Windows.Store did not launch within its allotted time.

Error: (07/22/2013 10:20:57 AM) (Source: Application Hang) (User: )
Description: The program WWAHost.exe version 6.2.9200.16420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1b5c

Start Time: 01ce86e6a3aab6b8

Termination Time: 4294967295

Application Path: C:\Windows\System32\WWAHost.exe

Report Id: eafae48a-f2d9-11e2-be92-50465d2e2a9a

Faulting package full name: winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: Windows.Store

Error: (07/22/2013 10:20:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: RHINO)
Description: App winstore_cw5n1h2txyewy!Windows.Store did not launch within its allotted time.

Error: (07/21/2013 09:32:10 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15593

Error: (07/21/2013 09:32:10 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15593

Error: (07/21/2013 09:32:10 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/19/2013 11:38:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15594

Error: (07/19/2013 11:38:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15594

Error: (07/19/2013 11:38:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

System errors:
=============
Error: (07/19/2013 08:57:58 AM) (Source: DCOM) (User: RHINO)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (07/15/2013 04:54:29 PM) (Source: Service Control Manager) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error:
%%1053

Error: (07/15/2013 04:54:29 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.

Error: (07/10/2013 08:10:19 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/08/2013 02:51:50 PM) (Source: DCOM) (User: RHINO)
Description: {DC0C2640-1415-4644-875C-6F4D769839BA}

Error: (07/08/2013 02:30:36 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/17/2013 11:19:50 AM) (Source: DCOM) (User: RHINO)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (06/17/2013 09:57:38 AM) (Source: DCOM) (User: Rhino)
Description: {34ABA258-14C1-4290-B2EF-5787B6218996}

Error: (06/16/2013 11:39:22 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/15/2013 06:47:49 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).

Microsoft Office Sessions:
=========================
Error: (07/22/2013 10:26:45 AM) (Source: Application Hang)(User: )
Description: WWAHost.exe6.2.9200.1642078401ce86e771d034854294967295C:\Windows\System32\WWAHost.exeba4ab5f3-f2da-11e2-be93-50465d2e2a9awinstore_1.0.0.0_neutral_neutral_cw5n1h2txyewyWindows.Store

Error: (07/22/2013 10:26:40 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: RHINO)
Description: winstore_cw5n1h2txyewy!Windows.Store

Error: (07/22/2013 10:20:57 AM) (Source: Application Hang)(User: )
Description: WWAHost.exe6.2.9200.164201b5c01ce86e6a3aab6b84294967295C:\Windows\System32\WWAHost.exeeafae48a-f2d9-11e2-be92-50465d2e2a9awinstore_1.0.0.0_neutral_neutral_cw5n1h2txyewyWindows.Store

Error: (07/22/2013 10:20:54 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: RHINO)
Description: winstore_cw5n1h2txyewy!Windows.Store

Error: (07/21/2013 09:32:10 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15593

Error: (07/21/2013 09:32:10 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15593

Error: (07/21/2013 09:32:10 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/19/2013 11:38:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15594

Error: (07/19/2013 11:38:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15594

Error: (07/19/2013 11:38:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

=========================== Installed Programs ============================

7-Zip 9.20
ActiveLink Connect (Version: 5.6.0.16645)
Adobe Reader X (10.1.7) MUI (Version: 10.1.7)
Alcor Micro USB Card Reader (Version: 3.2.117.01506)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ASUS Instant Connect (Version: 1.2.8)
ASUS InstantOn (Version: 3.0.2)
ASUS LifeFrame3 (Version: 3.1.4)
ASUS Live Update (Version: 3.1.8)
ASUS Power4Gear Hybrid (Version: 2.0.3)
ASUS Smart Gesture (Version: 1.0.35)
ASUS Splendid Video Enhancement Technology (Version: 1.03.0002)
ASUS USB Charger Plus (Version: 2.1.4)
ASUS WebStorage Sync Agent (Version: 1.1.9.120)
ASUSDVD (Version: 10.0.4126.52)
AsusVibe2.0 (Version: 2.0.12.309)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 2.1.0.7)
ATK Package (Version: 1.0.0022)
Bonjour (Version: 3.0.0.10)
CDBurnerXP (Version: 4.5.1.4003)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
DomaIQ
DownloadTerms (Version: 1.0)
Flash Player Pro V5.4
Google Chrome (Version: 28.0.1500.72)
Google Update Helper (Version: 1.3.21.153)
HP LaserJet Professional P1100-P1560-P1600 Series
IHA_MessageCenter (Version: 1.8.70)
Intel® Manageability Engine Firmware Recovery Agent (Version: 1.0.0.36354)
Intel® Management Engine Components (Version: 8.1.0.1252)
Intel® Processor Graphics (Version: 9.17.10.2828)
Intel® SDK for OpenCL - CPU Only Runtime Package (Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Kaspersky Internet Security 2013 (Version: 13.0.1.4190)
Microsoft Office 365 Home Premium - en-us (Version: 15.0.4517.1005)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SkyDrive (Version: 17.0.2003.1112)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4517.1005)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4517.1005)
Office 15 Click-to-Run Localization Component (Version: 15.0.4517.1005)
Platform (Version: 1.39)
Ralink RT2860 Wireless LAN Card (Version: 1.2.0.40)
Shared C Run-time for x64 (Version: 10.0.0)
SUPERAntiSpyware (Version: 5.6.1020)
swMSM (Version: 12.0.0.1)
VIA Platform Device Manager (Version: 1.39)
WeatherBug (Version: 7.0.0.10)
Windows Driver Package - ASUS (ATP) Mouse  (10/29/2012 1.0.0.148) (Version: 10/29/2012 1.0.0.148)
WinFlash (Version: 2.41.1)
Yahoo! Messenger
Yahoo! Software Update

========================= Memory info: ===================================

Percentage of memory in use: 34%
Total physical RAM: 3981.81 MB
Available physical RAM: 2613.58 MB
Total Pagefile: 4749.81 MB
Available Pagefile: 2855.86 MB
Total Virtual: 4095.88 MB
Available Virtual: 3954.14 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:231.75 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:398.17 GB) (Free:398.02 GB) NTFS

========================= Users: ========================================

User accounts for \\RHINO

Administrator            Donna                    Guest                   
Liz                      The Kids                

**** End of log ****



#5 zookeeper9

zookeeper9
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 22 July 2013 - 10:03 AM

TDSSkiller log:

 

11:00:26.0605 0244  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
11:00:26.0605 0244  UEFI system
11:00:26.0855 0244  ============================================================
11:00:26.0855 0244  Current date / time: 2013/07/22 11:00:26.0855
11:00:26.0855 0244  SystemInfo:
11:00:26.0855 0244 
11:00:26.0855 0244  OS Version: 6.2.9200 ServicePack: 0.0
11:00:26.0855 0244  Product type: Workstation
11:00:26.0855 0244  ComputerName: RHINO
11:00:26.0855 0244  UserName: Donna
11:00:26.0855 0244  Windows directory: C:\Windows
11:00:26.0855 0244  System windows directory: C:\Windows
11:00:26.0855 0244  Running under WOW64
11:00:26.0855 0244  Processor architecture: Intel x64
11:00:26.0855 0244  Number of processors: 4
11:00:26.0855 0244  Page size: 0x1000
11:00:26.0855 0244  Boot type: Normal boot
11:00:26.0855 0244  ============================================================
11:00:27.0340 0244  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:00:27.0340 0244  ============================================================
11:00:27.0340 0244  \Device\Harddisk0\DR0:
11:00:27.0340 0244  GPT partitions:
11:00:27.0340 0244  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {272B1762-6388-4215-A727-17F846F78473}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
11:00:27.0340 0244  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F8CF9FDE-3933-44D4-A767-60219EF24FAE}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x12C000
11:00:27.0340 0244  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2F6E83B7-8A24-49EB-91CE-B79681B556AD}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
11:00:27.0340 0244  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3391D0DD-052C-4A3B-A442-302F0DD33563}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x22EE8800
11:00:27.0340 0244  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B9C9A4F1-FE1A-4C81-9561-0FF56562C8DF}, Name: Basic data partition, StartLBA 0x230EB000, BlocksNum 0x31C56000
11:00:27.0340 0244  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2EF8ACD1-833C-4056-AE4D-6B151FB7F7EE}, Name: Basic data partition, StartLBA 0x54D41000, BlocksNum 0x2805000
11:00:27.0340 0244  MBR partitions:
11:00:27.0340 0244  ============================================================
11:00:27.0371 0244  C: <-> \Device\Harddisk0\DR0\Partition4
11:00:27.0465 0244  D: <-> \Device\Harddisk0\DR0\Partition5
11:00:27.0465 0244  ============================================================
11:00:27.0465 0244  Initialize success
11:00:27.0465 0244  ============================================================
11:00:42.0966 4468  ============================================================
11:00:42.0966 4468  Scan started
11:00:42.0966 4468  Mode: Manual; TDLFS;
11:00:42.0966 4468  ============================================================
11:00:43.0997 4468  ================ Scan system memory ========================
11:00:43.0997 4468  System memory - ok
11:00:43.0997 4468  ================ Scan services =============================
11:00:44.0106 4468  [ ABDCD326E1DD1C62509ED94C278A7453 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
11:00:44.0106 4468  !SASCORE - ok
11:00:44.0294 4468  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
11:00:44.0294 4468  1394ohci - ok
11:00:44.0309 4468  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\Windows\system32\drivers\3ware.sys
11:00:44.0309 4468  3ware - ok
11:00:44.0356 4468  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:00:44.0356 4468  ACPI - ok
11:00:44.0387 4468  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
11:00:44.0387 4468  acpiex - ok
11:00:44.0419 4468  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
11:00:44.0419 4468  acpipagr - ok
11:00:44.0419 4468  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
11:00:44.0419 4468  AcpiPmi - ok
11:00:44.0434 4468  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
11:00:44.0434 4468  acpitime - ok
11:00:44.0575 4468  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:00:44.0575 4468  AdobeARMservice - ok
11:00:44.0591 4468  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:00:44.0591 4468  adp94xx - ok
11:00:44.0606 4468  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:00:44.0606 4468  adpahci - ok
11:00:44.0606 4468  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:00:44.0606 4468  adpu320 - ok
11:00:44.0637 4468  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:00:44.0637 4468  AeLookupSvc - ok
11:00:44.0716 4468  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             C:\Windows\system32\drivers\afd.sys
11:00:44.0716 4468  AFD - ok
11:00:44.0762 4468  [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
11:00:44.0762 4468  AgereSoftModem - ok
11:00:44.0778 4468  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:00:44.0778 4468  agp440 - ok
11:00:44.0794 4468  [ 16F6F6B7903B913AB41AB848C8BB5658 ] AiCharger       C:\Windows\system32\DRIVERS\AiCharger.sys
11:00:44.0794 4468  AiCharger - ok
11:00:44.0825 4468  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\Windows\System32\alg.exe
11:00:44.0825 4468  ALG - ok
11:00:44.0856 4468  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
11:00:44.0856 4468  AllUserInstallAgent - ok
11:00:44.0903 4468  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
11:00:44.0903 4468  AmdK8 - ok
11:00:44.0919 4468  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
11:00:44.0919 4468  AmdPPM - ok
11:00:44.0919 4468  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:00:44.0919 4468  amdsata - ok
11:00:44.0934 4468  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:00:44.0934 4468  amdsbs - ok
11:00:44.0934 4468  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:00:44.0934 4468  amdxata - ok
11:00:44.0934 4468  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\Windows\system32\drivers\appid.sys
11:00:44.0934 4468  AppID - ok
11:00:44.0950 4468  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:00:44.0950 4468  AppIDSvc - ok
11:00:44.0981 4468  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         C:\Windows\System32\appinfo.dll
11:00:44.0981 4468  Appinfo - ok
11:00:45.0106 4468  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:00:45.0106 4468  Apple Mobile Device - ok
11:00:45.0122 4468  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\Windows\system32\drivers\arc.sys
11:00:45.0122 4468  arc - ok
11:00:45.0138 4468  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:00:45.0153 4468  arcsas - ok
11:00:45.0294 4468  [ FA713019412C061385F09BD373BF747A ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
11:00:45.0294 4468  ASLDRService - ok
11:00:45.0325 4468  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
11:00:45.0325 4468  ASMMAP64 - ok
11:00:45.0388 4468  [ 6A122B4F0E5293CACFA8A5F2CBA9B356 ] ASUS InstantOn  C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
11:00:45.0388 4468  ASUS InstantOn - ok
11:00:45.0403 4468  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:00:45.0403 4468  AsyncMac - ok
11:00:45.0403 4468  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:00:45.0403 4468  atapi - ok
11:00:45.0466 4468  [ DECE3E2832F125A41A02FB59F4C54EEA ] athr            C:\Windows\system32\DRIVERS\athrx.sys
11:00:45.0481 4468  athr - ok
11:00:45.0497 4468  [ DBC598E47E7A382E60E2A4745D41FEF9 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
11:00:45.0497 4468  ATKGFNEXSrv - ok
11:00:45.0528 4468  [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
11:00:45.0528 4468  ATKWMIACPIIO - ok
11:00:45.0559 4468  [ 437EB91CB20144375DDE145149778405 ] ATP             C:\Windows\System32\drivers\AsusTP.sys
11:00:45.0559 4468  ATP - ok
11:00:45.0591 4468  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
11:00:45.0591 4468  AudioEndpointBuilder - ok
11:00:45.0763 4468  [ 599B3F685A263A114FFAF3BE29C49C75 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
11:00:45.0763 4468  Audiosrv - ok
11:00:45.0888 4468  [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
11:00:45.0888 4468  AVP - ok
11:00:45.0919 4468  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:00:45.0919 4468  AxInstSV - ok
11:00:45.0950 4468  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:00:45.0950 4468  b06bdrv - ok
11:00:45.0981 4468  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
11:00:45.0981 4468  BasicDisplay - ok
11:00:45.0997 4468  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
11:00:45.0997 4468  BasicRender - ok
11:00:46.0075 4468  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:00:46.0075 4468  BDESVC - ok
11:00:46.0091 4468  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:00:46.0091 4468  Beep - ok
11:00:46.0122 4468  [ 9E6A544F465C582AB42444A217CF04DC ] BFE             C:\Windows\System32\bfe.dll
11:00:46.0122 4468  BFE - ok
11:00:46.0153 4468  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\Windows\System32\qmgr.dll
11:00:46.0153 4468  BITS - ok
11:00:46.0184 4468  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:00:46.0184 4468  Bonjour Service - ok
11:00:46.0200 4468  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:00:46.0200 4468  bowser - ok
11:00:46.0263 4468  [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
11:00:46.0263 4468  BrokerInfrastructure - ok
11:00:46.0294 4468  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\Windows\System32\browser.dll
11:00:46.0294 4468  Browser - ok
11:00:46.0325 4468  [ 6695200F455E251F0BCC9CE4D0978D59 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
11:00:46.0325 4468  BthAvrcpTg - ok
11:00:46.0341 4468  [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
11:00:46.0341 4468  BthEnum - ok
11:00:46.0372 4468  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
11:00:46.0372 4468  BthHFEnum - ok
11:00:46.0403 4468  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
11:00:46.0403 4468  bthhfhid - ok
11:00:46.0434 4468  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
11:00:46.0434 4468  BTHMODEM - ok
11:00:46.0434 4468  [ 091BB978E9504D0AD14586929431A957 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
11:00:46.0434 4468  BthPan - ok
11:00:46.0481 4468  [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
11:00:46.0481 4468  BTHPORT - ok
11:00:46.0513 4468  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\Windows\system32\bthserv.dll
11:00:46.0513 4468  bthserv - ok
11:00:46.0528 4468  [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
11:00:46.0528 4468  BTHUSB - ok
11:00:46.0544 4468  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:00:46.0544 4468  cdfs - ok
11:00:46.0559 4468  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\Windows\System32\drivers\cdrom.sys
11:00:46.0575 4468  cdrom - ok
11:00:46.0606 4468  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:00:46.0606 4468  CertPropSvc - ok
11:00:46.0622 4468  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\Windows\System32\drivers\circlass.sys
11:00:46.0622 4468  circlass - ok
11:00:46.0622 4468  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
11:00:46.0622 4468  CLFS - ok
11:00:46.0638 4468  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
11:00:46.0638 4468  CmBatt - ok
11:00:46.0684 4468  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:00:46.0684 4468  CNG - ok
11:00:46.0700 4468  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
11:00:46.0700 4468  CompositeBus - ok
11:00:46.0700 4468  COMSysApp - ok
11:00:46.0700 4468  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\Windows\system32\drivers\condrv.sys
11:00:46.0700 4468  condrv - ok
11:00:46.0794 4468  [ 9F5AFC3EE57412798B1A559B620386A0 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:00:46.0794 4468  cphs - ok
11:00:46.0809 4468  [ AFA426B0E7975CEB21F8B6711EFA8945 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:00:46.0809 4468  CryptSvc - ok
11:00:46.0841 4468  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             C:\Windows\system32\drivers\dam.sys
11:00:46.0841 4468  dam - ok
11:00:46.0872 4468  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:00:46.0872 4468  DcomLaunch - ok
11:00:46.0981 4468  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:00:46.0981 4468  defragsvc - ok
11:00:47.0060 4468  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\Windows\system32\das.dll
11:00:47.0060 4468  DeviceAssociationService - ok
11:00:47.0122 4468  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
11:00:47.0122 4468  DeviceInstall - ok
11:00:47.0153 4468  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
11:00:47.0153 4468  Dfsc - ok
11:00:47.0247 4468  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:00:47.0247 4468  Dhcp - ok
11:00:47.0278 4468  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\Windows\system32\drivers\discache.sys
11:00:47.0278 4468  discache - ok
11:00:47.0294 4468  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\Windows\system32\drivers\disk.sys
11:00:47.0294 4468  disk - ok
11:00:47.0294 4468  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
11:00:47.0294 4468  dmvsc - ok
11:00:47.0325 4468  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:00:47.0325 4468  Dnscache - ok
11:00:47.0372 4468  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\Windows\System32\dot3svc.dll
11:00:47.0372 4468  dot3svc - ok
11:00:47.0419 4468  [ 27069CFFF29B7F04F4B1BB10154BE52B ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
11:00:47.0435 4468  dot4 - ok
11:00:47.0466 4468  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D ] Dot4Print       C:\Windows\System32\drivers\Dot4Prt.sys
11:00:47.0466 4468  Dot4Print - ok
11:00:47.0466 4468  [ B7D595F2F464F7B628AD53F06547792C ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
11:00:47.0466 4468  dot4usb - ok
11:00:47.0481 4468  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\Windows\system32\dps.dll
11:00:47.0497 4468  DPS - ok
11:00:47.0528 4468  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:00:47.0528 4468  drmkaud - ok
11:00:47.0591 4468  [ F87F4AAAF6664906248D11D5E579A53B ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
11:00:47.0591 4468  DsmSvc - ok
11:00:47.0638 4468  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:00:47.0638 4468  DXGKrnl - ok
11:00:47.0685 4468  [ 651FBD69A9713D623D456A240F96179C ] e1iexpress      C:\Windows\system32\DRIVERS\e1i63x64.sys
11:00:47.0685 4468  e1iexpress - ok
11:00:47.0716 4468  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\Windows\System32\eapsvc.dll
11:00:47.0716 4468  Eaphost - ok
11:00:47.0810 4468  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:00:47.0825 4468  ebdrv - ok
11:00:47.0856 4468  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\Windows\System32\lsass.exe
11:00:47.0856 4468  EFS - ok
11:00:47.0888 4468  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
11:00:47.0888 4468  EhStorClass - ok
11:00:47.0903 4468  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
11:00:47.0903 4468  EhStorTcgDrv - ok
11:00:47.0935 4468  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\Windows\System32\drivers\errdev.sys
11:00:47.0935 4468  ErrDev - ok
11:00:47.0981 4468  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\Windows\system32\es.dll
11:00:47.0981 4468  EventSystem - ok
11:00:47.0997 4468  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:00:48.0013 4468  exfat - ok
11:00:48.0013 4468  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:00:48.0013 4468  fastfat - ok
11:00:48.0075 4468  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\Windows\system32\fxssvc.exe
11:00:48.0075 4468  Fax - ok
11:00:48.0091 4468  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\Windows\System32\drivers\fdc.sys
11:00:48.0091 4468  fdc - ok
11:00:48.0091 4468  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\Windows\system32\fdPHost.dll
11:00:48.0091 4468  fdPHost - ok
11:00:48.0091 4468  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\Windows\system32\fdrespub.dll
11:00:48.0091 4468  FDResPub - ok
11:00:48.0122 4468  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\Windows\system32\fhsvc.dll
11:00:48.0122 4468  fhsvc - ok
11:00:48.0138 4468  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:00:48.0138 4468  FileInfo - ok
11:00:48.0153 4468  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:00:48.0153 4468  Filetrace - ok
11:00:48.0169 4468  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
11:00:48.0169 4468  flpydisk - ok
11:00:48.0185 4468  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:00:48.0185 4468  FltMgr - ok
11:00:48.0278 4468  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\Windows\system32\FntCache.dll
11:00:48.0278 4468  FontCache - ok
11:00:48.0356 4468  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:00:48.0356 4468  FontCache3.0.0.0 - ok
11:00:48.0388 4468  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:00:48.0388 4468  FsDepends - ok
11:00:48.0419 4468  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:00:48.0419 4468  Fs_Rec - ok
11:00:48.0481 4468  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:00:48.0481 4468  fvevol - ok
11:00:48.0513 4468  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
11:00:48.0513 4468  FxPPM - ok
11:00:48.0528 4468  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:00:48.0528 4468  gagp30kx - ok
11:00:48.0560 4468  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:00:48.0560 4468  GEARAspiWDM - ok
11:00:48.0606 4468  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
11:00:48.0606 4468  gencounter - ok
11:00:48.0653 4468  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
11:00:48.0653 4468  GPIOClx0101 - ok
11:00:48.0700 4468  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:00:48.0700 4468  gpsvc - ok
11:00:48.0778 4468  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:00:48.0778 4468  gupdate - ok
11:00:48.0794 4468  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:00:48.0794 4468  gupdatem - ok
11:00:48.0825 4468  [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:00:48.0825 4468  HdAudAddService - ok
11:00:48.0841 4468  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
11:00:48.0841 4468  HDAudBus - ok
11:00:48.0888 4468  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
11:00:48.0888 4468  HidBatt - ok
11:00:48.0935 4468  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
11:00:48.0935 4468  HidBth - ok
11:00:48.0997 4468  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
11:00:48.0997 4468  hidi2c - ok
11:00:49.0013 4468  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\Windows\System32\drivers\hidir.sys
11:00:49.0013 4468  HidIr - ok
11:00:49.0060 4468  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\Windows\system32\hidserv.dll
11:00:49.0060 4468  hidserv - ok
11:00:49.0091 4468  [ A9F2301B8D28BB4D887F5AEBB55ACB3A ] HIDSwitch       C:\Windows\System32\drivers\AsHIDSwitch64.sys
11:00:49.0091 4468  HIDSwitch - ok
11:00:49.0122 4468  [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
11:00:49.0122 4468  HidUsb - ok
11:00:49.0169 4468  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:00:49.0169 4468  hkmsvc - ok
11:00:49.0247 4468  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:00:49.0247 4468  HomeGroupListener - ok
11:00:49.0341 4468  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:00:49.0341 4468  HomeGroupProvider - ok
11:00:49.0372 4468  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:00:49.0372 4468  HpSAMD - ok
11:00:49.0419 4468  [ 1419D3D4FF7169380D76FACC0EE5F86F ] HPSIService     C:\Windows\system32\HPSIsvc.exe
11:00:49.0419 4468  HPSIService - ok
11:00:49.0560 4468  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:00:49.0560 4468  HTTP - ok
11:00:49.0560 4468  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:00:49.0560 4468  hwpolicy - ok
11:00:49.0591 4468  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
11:00:49.0607 4468  hyperkbd - ok
11:00:49.0622 4468  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
11:00:49.0622 4468  HyperVideo - ok
11:00:49.0638 4468  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
11:00:49.0653 4468  i8042prt - ok
11:00:49.0732 4468  [ 0FE66A51D81A25AACEAAE4C26308121D ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
11:00:49.0732 4468  iaStorA - ok
11:00:49.0763 4468  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:00:49.0763 4468  iaStorV - ok
11:00:49.0919 4468  [ 11A31FC2481BFE69B0507ED8C80215F4 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:00:49.0950 4468  igfx - ok
11:00:50.0060 4468  [ 23E1BCADABE423C35C19BBDFF10CCE6D ] IHA_MessageCenter C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
11:00:50.0060 4468  IHA_MessageCenter - ok
11:00:50.0075 4468  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:00:50.0075 4468  iirsp - ok
11:00:50.0122 4468  [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT          C:\Windows\System32\ikeext.dll
11:00:50.0138 4468  IKEEXT - ok
11:00:50.0169 4468  [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:00:50.0169 4468  IntcDAud - ok
11:00:50.0247 4468  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:00:50.0247 4468  Intel® Capability Licensing Service Interface - ok
11:00:50.0325 4468  [ 9656F8E29F6C3161A3E99BCD3A472FF9 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
11:00:50.0325 4468  Intel® ME Service - ok
11:00:50.0341 4468  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:00:50.0341 4468  intelide - ok
11:00:50.0357 4468  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\Windows\System32\drivers\intelppm.sys
11:00:50.0357 4468  intelppm - ok
11:00:50.0372 4468  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:00:50.0372 4468  IpFilterDriver - ok
11:00:50.0419 4468  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:00:50.0419 4468  iphlpsvc - ok
11:00:50.0435 4468  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
11:00:50.0435 4468  IPMIDRV - ok
11:00:50.0435 4468  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:00:50.0435 4468  IPNAT - ok
11:00:50.0528 4468  [ 0FF335D687C85097725A53458160E81E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:00:50.0528 4468  iPod Service - ok
11:00:50.0544 4468  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:00:50.0544 4468  IRENUM - ok
11:00:50.0560 4468  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:00:50.0560 4468  isapnp - ok
11:00:50.0591 4468  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
11:00:50.0591 4468  iScsiPrt - ok
11:00:50.0622 4468  [ 78ABBE558F57144047F10A0F50FE4B2F ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
11:00:50.0622 4468  jhi_service - ok
11:00:50.0638 4468  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
11:00:50.0638 4468  kbdclass - ok
11:00:50.0638 4468  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
11:00:50.0638 4468  kbdhid - ok
11:00:50.0669 4468  [ A8080BEBCDB7A16495CE1205921DCAC5 ] kbfiltr         C:\Windows\System32\drivers\kbfiltr.sys
11:00:50.0669 4468  kbfiltr - ok
11:00:50.0669 4468  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
11:00:50.0669 4468  kdnic - ok
11:00:50.0685 4468  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\Windows\system32\lsass.exe
11:00:50.0685 4468  KeyIso - ok
11:00:50.0716 4468  [ 8B5219318DF5895ABD230C373F2DF18A ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
11:00:50.0716 4468  kl1 - ok
11:00:50.0732 4468  [ F2EB9202FCCC81E0902D3C5A70037A44 ] klelam          C:\Windows\system32\DRIVERS\klelam.sys
11:00:50.0732 4468  klelam - ok
11:00:50.0778 4468  [ 1C1C504316F52184D2E6272F143035A3 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
11:00:50.0778 4468  KLIF - ok
11:00:50.0794 4468  [ 1B5B924D27399F41DECD1CC6D706429F ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
11:00:50.0794 4468  KLIM6 - ok
11:00:50.0794 4468  [ A0B1AE842D7C7F2FDF530A7049CB988D ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
11:00:50.0794 4468  klkbdflt - ok
11:00:50.0794 4468  [ A8FFD74947077D8BD9A80936EC24514D ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
11:00:50.0794 4468  klmouflt - ok
11:00:50.0810 4468  [ 781EFBB7BDE229C1615892E2A2D98721 ] klwfp           C:\Windows\system32\DRIVERS\klwfp.sys
11:00:50.0810 4468  klwfp - ok
11:00:50.0857 4468  [ 1FCB657B581CC4DF17FD6571F93602DE ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
11:00:50.0857 4468  kneps - ok
11:00:50.0903 4468  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:00:50.0903 4468  KSecDD - ok
11:00:50.0950 4468  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:00:50.0950 4468  KSecPkg - ok
11:00:50.0982 4468  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:00:50.0982 4468  ksthunk - ok
11:00:51.0075 4468  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:00:51.0075 4468  KtmRm - ok
11:00:51.0107 4468  [ CBD16721541EE334F6D623CE0B4003BF ] L1C             C:\Windows\system32\DRIVERS\L1C63x64.sys
11:00:51.0122 4468  L1C - ok
11:00:51.0169 4468  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:00:51.0185 4468  LanmanServer - ok
11:00:51.0216 4468  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:00:51.0216 4468  LanmanWorkstation - ok
11:00:51.0216 4468  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:00:51.0216 4468  lltdio - ok
11:00:51.0247 4468  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:00:51.0263 4468  lltdsvc - ok
11:00:51.0263 4468  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:00:51.0278 4468  lmhosts - ok
11:00:51.0341 4468  [ 2C24DC448DBE8DB9BE1441B824C57E79 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:00:51.0341 4468  LMS - ok
11:00:51.0388 4468  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:00:51.0388 4468  LSI_SAS - ok
11:00:51.0419 4468  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:00:51.0419 4468  LSI_SAS2 - ok
11:00:51.0435 4468  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:00:51.0435 4468  LSI_SCSI - ok
11:00:51.0466 4468  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
11:00:51.0466 4468  LSI_SSS - ok
11:00:51.0513 4468  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\Windows\System32\lsm.dll
11:00:51.0513 4468  LSM - ok
11:00:51.0544 4468  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:00:51.0544 4468  luafv - ok
11:00:51.0544 4468  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\Windows\system32\drivers\megasas.sys
11:00:51.0544 4468  megasas - ok
11:00:51.0622 4468  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:00:51.0622 4468  MegaSR - ok
11:00:51.0638 4468  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\Windows\System32\drivers\HECIx64.sys
11:00:51.0638 4468  MEIx64 - ok
11:00:51.0700 4468  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\Windows\system32\mmcss.dll
11:00:51.0700 4468  MMCSS - ok
11:00:51.0716 4468  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\Windows\system32\drivers\modem.sys
11:00:51.0716 4468  Modem - ok
11:00:51.0732 4468  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\Windows\System32\drivers\monitor.sys
11:00:51.0747 4468  monitor - ok
11:00:51.0747 4468  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\Windows\System32\drivers\mouclass.sys
11:00:51.0747 4468  mouclass - ok
11:00:51.0763 4468  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\Windows\System32\drivers\mouhid.sys
11:00:51.0763 4468  mouhid - ok
11:00:51.0778 4468  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:00:51.0778 4468  mountmgr - ok
11:00:51.0810 4468  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:00:51.0810 4468  mpsdrv - ok
11:00:51.0872 4468  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:00:51.0888 4468  MpsSvc - ok
11:00:51.0919 4468  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:00:51.0919 4468  MRxDAV - ok
11:00:51.0950 4468  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:00:51.0950 4468  mrxsmb - ok
11:00:51.0966 4468  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:00:51.0966 4468  mrxsmb10 - ok
11:00:52.0013 4468  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:00:52.0013 4468  mrxsmb20 - ok
11:00:52.0075 4468  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
11:00:52.0075 4468  MsBridge - ok
11:00:52.0107 4468  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\Windows\System32\msdtc.exe
11:00:52.0122 4468  MSDTC - ok
11:00:52.0138 4468  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:00:52.0138 4468  Msfs - ok
11:00:52.0153 4468  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
11:00:52.0153 4468  msgpiowin32 - ok
11:00:52.0169 4468  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:00:52.0185 4468  mshidkmdf - ok
11:00:52.0185 4468  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
11:00:52.0185 4468  mshidumdf - ok
11:00:52.0216 4468  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:00:52.0216 4468  msisadrv - ok
11:00:52.0294 4468  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:00:52.0294 4468  MSiSCSI - ok
11:00:52.0294 4468  msiserver - ok
11:00:52.0341 4468  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:00:52.0341 4468  MSKSSRV - ok
11:00:52.0357 4468  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
11:00:52.0357 4468  MsLldp - ok
11:00:52.0372 4468  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:00:52.0372 4468  MSPCLOCK - ok
11:00:52.0388 4468  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:00:52.0388 4468  MSPQM - ok
11:00:52.0482 4468  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:00:52.0497 4468  MsRPC - ok
11:00:52.0513 4468  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
11:00:52.0513 4468  mssmbios - ok
11:00:52.0513 4468  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:00:52.0528 4468  MSTEE - ok
11:00:52.0528 4468  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
11:00:52.0528 4468  MTConfig - ok
11:00:52.0544 4468  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:00:52.0544 4468  Mup - ok
11:00:52.0544 4468  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
11:00:52.0544 4468  mvumis - ok
11:00:52.0575 4468  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\Windows\system32\qagentRT.dll
11:00:52.0575 4468  napagent - ok
11:00:52.0622 4468  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:00:52.0622 4468  NativeWifiP - ok
11:00:52.0685 4468  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\Windows\System32\ncasvc.dll
11:00:52.0685 4468  NcaSvc - ok
11:00:52.0700 4468  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
11:00:52.0700 4468  NcdAutoSetup - ok
11:00:52.0763 4468  [ A10E176F3B2BF83EDE7B5C4658C93B66 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:00:52.0763 4468  NDIS - ok
11:00:52.0779 4468  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:00:52.0779 4468  NdisCap - ok
11:00:52.0794 4468  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
11:00:52.0794 4468  NdisImPlatform - ok
11:00:52.0794 4468  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:00:52.0794 4468  NdisTapi - ok
11:00:52.0825 4468  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:00:52.0825 4468  Ndisuio - ok
11:00:52.0872 4468  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:00:52.0872 4468  NdisWan - ok
11:00:52.0888 4468  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
11:00:52.0888 4468  NDISWANLEGACY - ok
11:00:52.0935 4468  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:00:52.0935 4468  NDProxy - ok
11:00:52.0950 4468  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
11:00:52.0950 4468  Ndu - ok
11:00:52.0982 4468  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:00:52.0982 4468  NetBIOS - ok
11:00:52.0982 4468  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:00:52.0982 4468  NetBT - ok
11:00:52.0997 4468  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\Windows\system32\lsass.exe
11:00:53.0013 4468  Netlogon - ok
11:00:53.0044 4468  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\Windows\System32\netman.dll
11:00:53.0044 4468  Netman - ok
11:00:53.0075 4468  [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm        C:\Windows\System32\netprofmsvc.dll
11:00:53.0075 4468  netprofm - ok
11:00:53.0138 4468  [ 080417AC9E51B2B29656EC26B62E87F1 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
11:00:53.0154 4468  netr28x - ok
11:00:53.0310 4468  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:00:53.0310 4468  NetTcpPortSharing - ok
11:00:53.0466 4468  [ 57B9C04D673F236D41FAB03842C8640B ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
11:00:53.0497 4468  NETwNs64 - ok
11:00:53.0513 4468  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:00:53.0513 4468  nfrd960 - ok
11:00:53.0544 4468  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:00:53.0544 4468  NlaSvc - ok
11:00:53.0560 4468  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:00:53.0560 4468  Npfs - ok
11:00:53.0560 4468  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
11:00:53.0560 4468  npsvctrig - ok
11:00:53.0591 4468  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\Windows\system32\nsisvc.dll
11:00:53.0591 4468  nsi - ok
11:00:53.0591 4468  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:00:53.0591 4468  nsiproxy - ok
11:00:53.0669 4468  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:00:53.0685 4468  Ntfs - ok
11:00:53.0700 4468  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\Windows\system32\drivers\Null.sys
11:00:53.0700 4468  Null - ok
11:00:53.0716 4468  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:00:53.0716 4468  nvraid - ok
11:00:53.0716 4468  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:00:53.0716 4468  nvstor - ok
11:00:53.0732 4468  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:00:53.0732 4468  nv_agp - ok
11:00:54.0013 4468  [ CE8AD6748DBA78A9D3CBB7094176D6C8 ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
11:00:54.0013 4468  OfficeSvc - ok
11:00:54.0075 4468  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:00:54.0075 4468  ose - ok
11:00:54.0091 4468  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:00:54.0091 4468  p2pimsvc - ok
11:00:54.0154 4468  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:00:54.0154 4468  p2psvc - ok
11:00:54.0185 4468  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\Windows\System32\drivers\parport.sys
11:00:54.0185 4468  Parport - ok
11:00:54.0216 4468  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:00:54.0216 4468  partmgr - ok
11:00:54.0247 4468  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:00:54.0247 4468  PcaSvc - ok
11:00:54.0263 4468  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\Windows\system32\drivers\pci.sys
11:00:54.0263 4468  pci - ok
11:00:54.0294 4468  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:00:54.0294 4468  pciide - ok
11:00:54.0310 4468  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:00:54.0310 4468  pcmcia - ok
11:00:54.0310 4468  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:00:54.0310 4468  pcw - ok
11:00:54.0325 4468  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\Windows\system32\drivers\pdc.sys
11:00:54.0325 4468  pdc - ok
11:00:54.0357 4468  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:00:54.0372 4468  PEAUTH - ok
11:00:54.0435 4468  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:00:54.0435 4468  PerfHost - ok
11:00:54.0513 4468  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\Windows\system32\pla.dll
11:00:54.0513 4468  pla - ok
11:00:54.0544 4468  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:00:54.0560 4468  PlugPlay - ok
11:00:54.0575 4468  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:00:54.0575 4468  PNRPAutoReg - ok
11:00:54.0607 4468  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:00:54.0607 4468  PNRPsvc - ok
11:00:54.0654 4468  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:00:54.0654 4468  PolicyAgent - ok
11:00:54.0701 4468  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\Windows\system32\umpo.dll
11:00:54.0701 4468  Power - ok
11:00:54.0747 4468  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:00:54.0747 4468  PptpMiniport - ok
11:00:54.0841 4468  [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
11:00:54.0841 4468  PrintNotify - ok
11:00:54.0904 4468  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\Windows\System32\drivers\processr.sys
11:00:54.0904 4468  Processor - ok
11:00:54.0966 4468  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\Windows\system32\profsvc.dll
11:00:54.0966 4468  ProfSvc - ok
11:00:54.0966 4468  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:00:54.0982 4468  Psched - ok
11:00:54.0997 4468  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\Windows\system32\qwave.dll
11:00:54.0997 4468  QWAVE - ok
11:00:55.0013 4468  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:00:55.0013 4468  QWAVEdrv - ok
11:00:55.0029 4468  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:00:55.0029 4468  RasAcd - ok
11:00:55.0060 4468  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:00:55.0060 4468  RasAgileVpn - ok
11:00:55.0122 4468  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\Windows\System32\rasauto.dll
11:00:55.0122 4468  RasAuto - ok
11:00:55.0138 4468  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:00:55.0138 4468  Rasl2tp - ok
11:00:55.0154 4468  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\Windows\System32\rasmans.dll
11:00:55.0154 4468  RasMan - ok
11:00:55.0169 4468  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:00:55.0169 4468  RasPppoe - ok
11:00:55.0185 4468  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:00:55.0185 4468  RasSstp - ok
11:00:55.0201 4468  [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:00:55.0216 4468  rdbss - ok
11:00:55.0216 4468  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
11:00:55.0216 4468  rdpbus - ok
11:00:55.0232 4468  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:00:55.0232 4468  RDPDR - ok
11:00:55.0279 4468  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:00:55.0279 4468  RdpVideoMiniport - ok
11:00:55.0310 4468  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:00:55.0326 4468  RDPWD - ok
11:00:55.0341 4468  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:00:55.0341 4468  rdyboost - ok
11:00:55.0357 4468  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:00:55.0372 4468  RemoteAccess - ok
11:00:55.0388 4468  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:00:55.0404 4468  RemoteRegistry - ok
11:00:55.0435 4468  [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
11:00:55.0435 4468  RFCOMM - ok
11:00:55.0466 4468  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:00:55.0466 4468  RpcEptMapper - ok
11:00:55.0497 4468  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\Windows\system32\locator.exe
11:00:55.0497 4468  RpcLocator - ok
11:00:55.0576 4468  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\Windows\system32\rpcss.dll
11:00:55.0591 4468  RpcSs - ok
11:00:55.0607 4468  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:00:55.0607 4468  rspndr - ok
11:00:55.0622 4468  [ 15923AA360F7675D3D43C9669316A0BA ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
11:00:55.0622 4468  RTL8168 - ok
11:00:55.0654 4468  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
11:00:55.0654 4468  s3cap - ok
11:00:55.0685 4468  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\Windows\system32\lsass.exe
11:00:55.0685 4468  SamSs - ok
11:00:55.0810 4468  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
11:00:55.0810 4468  SASDIFSV - ok
11:00:55.0841 4468  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
11:00:55.0841 4468  SASKUTIL - ok
11:00:55.0857 4468  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:00:55.0857 4468  sbp2port - ok
11:00:55.0919 4468  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:00:55.0919 4468  SCardSvr - ok
11:00:55.0935 4468  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:00:55.0935 4468  scfilter - ok
11:00:56.0107 4468  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        C:\Windows\system32\schedsvc.dll
11:00:56.0122 4468  Schedule - ok
11:00:56.0154 4468  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:00:56.0154 4468  SCPolicySvc - ok
11:00:56.0185 4468  [ 98636FB2973B8876A7F0BECD076CF109 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
11:00:56.0185 4468  sdbus - ok
11:00:56.0216 4468  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:00:56.0216 4468  SDRSVC - ok
11:00:56.0263 4468  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
11:00:56.0263 4468  sdstor - ok
11:00:56.0310 4468  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:00:56.0310 4468  secdrv - ok
11:00:56.0310 4468  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\Windows\system32\seclogon.dll
11:00:56.0310 4468  seclogon - ok
11:00:56.0326 4468  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\Windows\System32\sens.dll
11:00:56.0326 4468  SENS - ok
11:00:56.0341 4468  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:00:56.0341 4468  SensrSvc - ok
11:00:56.0357 4468  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\Windows\system32\drivers\SerCx.sys
11:00:56.0357 4468  SerCx - ok
11:00:56.0357 4468  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\Windows\System32\drivers\serenum.sys
11:00:56.0357 4468  Serenum - ok
11:00:56.0357 4468  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\Windows\System32\drivers\serial.sys
11:00:56.0357 4468  Serial - ok
11:00:56.0372 4468  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\Windows\System32\drivers\sermouse.sys
11:00:56.0372 4468  sermouse - ok
11:00:56.0404 4468  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\Windows\system32\sessenv.dll
11:00:56.0404 4468  SessionEnv - ok
11:00:56.0404 4468  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
11:00:56.0404 4468  sfloppy - ok
11:00:56.0513 4468  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:00:56.0529 4468  SharedAccess - ok
11:00:56.0622 4468  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:00:56.0622 4468  ShellHWDetection - ok
11:00:56.0622 4468  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:00:56.0622 4468  SiSRaid2 - ok
11:00:56.0654 4468  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:00:56.0654 4468  SiSRaid4 - ok
11:00:56.0685 4468  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:00:56.0685 4468  SNMPTRAP - ok
11:00:56.0716 4468  [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
11:00:56.0716 4468  spaceport - ok
11:00:56.0747 4468  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
11:00:56.0747 4468  SpbCx - ok
11:00:56.0779 4468  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\Windows\System32\spoolsv.exe
11:00:56.0779 4468  Spooler - ok
11:00:56.0857 4468  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:00:56.0872 4468  sppsvc - ok
11:00:56.0904 4468  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:00:56.0904 4468  srv - ok
11:00:56.0935 4468  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:00:56.0935 4468  srv2 - ok
11:00:56.0966 4468  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:00:56.0966 4468  srvnet - ok
11:00:56.0982 4468  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:00:56.0982 4468  SSDPSRV - ok
11:00:57.0013 4468  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:00:57.0013 4468  SstpSvc - ok
11:00:57.0044 4468  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:00:57.0044 4468  stexstor - ok
11:00:57.0076 4468  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\Windows\System32\wiaservc.dll
11:00:57.0076 4468  stisvc - ok
11:00:57.0091 4468  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\Windows\system32\drivers\storahci.sys
11:00:57.0091 4468  storahci - ok
11:00:57.0107 4468  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
11:00:57.0107 4468  storflt - ok
11:00:57.0122 4468  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\Windows\system32\storsvc.dll
11:00:57.0122 4468  StorSvc - ok
11:00:57.0138 4468  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:00:57.0138 4468  storvsc - ok
11:00:57.0154 4468  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\Windows\system32\svsvc.dll
11:00:57.0169 4468  svsvc - ok
11:00:57.0185 4468  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\Windows\System32\drivers\swenum.sys
11:00:57.0185 4468  swenum - ok
11:00:57.0247 4468  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\Windows\System32\swprv.dll
11:00:57.0247 4468  swprv - ok
11:00:57.0294 4468  [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain         C:\Windows\system32\sysmain.dll
11:00:57.0294 4468  SysMain - ok
11:00:57.0326 4468  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
11:00:57.0326 4468  SystemEventsBroker - ok
11:00:57.0341 4468  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\Windows\System32\TabSvc.dll
11:00:57.0341 4468  TabletInputService - ok
11:00:57.0357 4468  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:00:57.0357 4468  TapiSrv - ok
11:00:57.0451 4468  [ 0D05E0147C1329C53AAF97882DEDD96A ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:00:57.0466 4468  Tcpip - ok
11:00:57.0482 4468  [ 0D05E0147C1329C53AAF97882DEDD96A ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:00:57.0497 4468  TCPIP6 - ok
11:00:57.0513 4468  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:00:57.0513 4468  tcpipreg - ok
11:00:57.0529 4468  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:00:57.0529 4468  tdx - ok
11:00:57.0560 4468  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
11:00:57.0560 4468  terminpt - ok
11:00:57.0591 4468  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\Windows\System32\termsrv.dll
11:00:57.0591 4468  TermService - ok
11:00:57.0607 4468  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\Windows\system32\themeservice.dll
11:00:57.0607 4468  Themes - ok
11:00:57.0638 4468  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\Windows\system32\mmcss.dll
11:00:57.0638 4468  THREADORDER - ok
11:00:57.0654 4468  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
11:00:57.0654 4468  TimeBroker - ok
11:00:57.0732 4468  [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM             C:\Windows\system32\drivers\tpm.sys
11:00:57.0732 4468  TPM - ok
11:00:57.0748 4468  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\Windows\System32\trkwks.dll
11:00:57.0748 4468  TrkWks - ok
11:00:57.0810 4468  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:00:57.0810 4468  TrustedInstaller - ok
11:00:57.0857 4468  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:00:57.0857 4468  TsUsbFlt - ok
11:00:57.0857 4468  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
11:00:57.0857 4468  TsUsbGD - ok
11:00:57.0873 4468  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:00:57.0873 4468  tunnel - ok
11:00:57.0904 4468  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:00:57.0904 4468  uagp35 - ok
11:00:57.0919 4468  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
11:00:57.0919 4468  UASPStor - ok
11:00:57.0966 4468  [ 4834158B8D06A153FADAB6B85320FBBE ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
11:00:57.0966 4468  UCX01000 - ok
11:00:57.0982 4468  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:00:57.0982 4468  udfs - ok
11:00:58.0013 4468  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:00:58.0013 4468  UI0Detect - ok
11:00:58.0029 4468  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:00:58.0029 4468  uliagpkx - ok
11:00:58.0029 4468  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\Windows\System32\drivers\umbus.sys
11:00:58.0029 4468  umbus - ok
11:00:58.0044 4468  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\Windows\System32\drivers\umpass.sys
11:00:58.0044 4468  UmPass - ok
11:00:58.0060 4468  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\Windows\System32\umrdp.dll
11:00:58.0060 4468  UmRdpService - ok
11:00:58.0185 4468  [ E1A119AD21F5AFE22EB516C549306D3D ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:00:58.0185 4468  UNS - ok
11:00:58.0201 4468  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\Windows\System32\upnphost.dll
11:00:58.0201 4468  upnphost - ok
11:00:58.0263 4468  [ 3FBE0784E42E7BA93FCC5201D2BAFE23 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
11:00:58.0263 4468  usbaudio - ok
11:00:58.0279 4468  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
11:00:58.0279 4468  usbccgp - ok
11:00:58.0294 4468  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
11:00:58.0294 4468  usbcir - ok
11:00:58.0310 4468  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
11:00:58.0310 4468  usbehci - ok
11:00:58.0341 4468  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\Windows\System32\drivers\usbhub.sys
11:00:58.0341 4468  usbhub - ok
11:00:58.0388 4468  [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
11:00:58.0388 4468  USBHUB3 - ok
11:00:58.0404 4468  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\Windows\System32\drivers\usbohci.sys
11:00:58.0404 4468  usbohci - ok
11:00:58.0419 4468  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\Windows\System32\drivers\usbprint.sys
11:00:58.0419 4468  usbprint - ok
11:00:58.0451 4468  [ A9858597B6DB695F78A37F6755A6FF98 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:00:58.0451 4468  usbscan - ok
11:00:58.0466 4468  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
11:00:58.0466 4468  USBSTOR - ok
11:00:58.0498 4468  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
11:00:58.0498 4468  usbuhci - ok
11:00:58.0560 4468  [ 09799E701B4327097E9F63D3FE221083 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:00:58.0560 4468  usbvideo - ok
11:00:58.0591 4468  [ 1ADCF0A490C2845637B334626669CD6F ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
11:00:58.0591 4468  USBXHCI - ok
11:00:58.0607 4468  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\Windows\system32\lsass.exe
11:00:58.0607 4468  VaultSvc - ok
11:00:58.0623 4468  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:00:58.0623 4468  vdrvroot - ok
11:00:58.0669 4468  [ 1B4488988E5E7512E6C5CD1255E9E973 ] vds             C:\Windows\System32\vds.exe
11:00:58.0669 4468  vds - ok
11:00:58.0669 4468  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
11:00:58.0669 4468  VerifierExt - ok
11:00:58.0701 4468  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
11:00:58.0701 4468  vhdmp - ok
11:00:58.0857 4468  [ 6F8F0867B9936239D63D222054229425 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
11:00:58.0873 4468  VIAHdAudAddService - ok
11:00:58.0904 4468  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\Windows\system32\drivers\viaide.sys
11:00:58.0904 4468  viaide - ok
11:00:58.0904 4468  [ C3DBB625AD2214CED2303E71E5B39BCA ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
11:00:58.0919 4468  VIAKaraokeService - ok
11:00:58.0919 4468  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:00:58.0919 4468  vmbus - ok
11:00:58.0935 4468  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
11:00:58.0935 4468  VMBusHID - ok
11:00:58.0951 4468  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
11:00:58.0951 4468  vmicheartbeat - ok
11:00:58.0982 4468  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
11:00:58.0982 4468  vmickvpexchange - ok
11:00:58.0998 4468  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\Windows\System32\ICSvc.dll
11:00:58.0998 4468  vmicrdv - ok
11:00:58.0998 4468  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
11:00:58.0998 4468  vmicshutdown - ok
11:00:58.0998 4468  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\Windows\System32\ICSvc.dll
11:00:59.0013 4468  vmictimesync - ok
11:00:59.0013 4468  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\Windows\System32\ICSvc.dll
11:00:59.0013 4468  vmicvss - ok
11:00:59.0029 4468  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:00:59.0029 4468  volmgr - ok
11:00:59.0044 4468  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:00:59.0044 4468  volmgrx - ok
11:00:59.0076 4468  [ 78A5BBA3819FFFC62FFEC3E2220D102D ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:00:59.0076 4468  volsnap - ok
11:00:59.0091 4468  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\Windows\System32\drivers\vpci.sys
11:00:59.0091 4468  vpci - ok
11:00:59.0091 4468  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:00:59.0091 4468  vsmraid - ok
11:00:59.0263 4468  [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS             C:\Windows\system32\vssvc.exe
11:00:59.0263 4468  VSS - ok
11:00:59.0294 4468  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
11:00:59.0294 4468  VSTXRAID - ok
11:00:59.0310 4468  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:00:59.0310 4468  vwifibus - ok
11:00:59.0326 4468  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:00:59.0326 4468  vwififlt - ok
11:00:59.0326 4468  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:00:59.0326 4468  vwifimp - ok
11:00:59.0357 4468  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\Windows\system32\w32time.dll
11:00:59.0357 4468  W32Time - ok
11:00:59.0357 4468  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
11:00:59.0357 4468  WacomPen - ok
11:00:59.0388 4468  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
11:00:59.0388 4468  Wanarp - ok
11:00:59.0404 4468  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:00:59.0404 4468  Wanarpv6 - ok
11:00:59.0607 4468  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\Windows\system32\wbengine.exe
11:00:59.0607 4468  wbengine - ok
11:00:59.0669 4468  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:00:59.0669 4468  WbioSrvc - ok
11:00:59.0685 4468  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
11:00:59.0685 4468  Wcmsvc - ok
11:00:59.0763 4468  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:00:59.0763 4468  wcncsvc - ok
11:00:59.0779 4468  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:00:59.0779 4468  WcsPlugInService - ok
11:00:59.0810 4468  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\Windows\system32\drivers\wd.sys
11:00:59.0810 4468  Wd - ok
11:00:59.0841 4468  [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
11:00:59.0841 4468  WdBoot - ok
11:00:59.0951 4468  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:00:59.0951 4468  Wdf01000 - ok
11:00:59.0982 4468  [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
11:00:59.0982 4468  WdFilter - ok
11:00:59.0998 4468  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:00:59.0998 4468  WdiServiceHost - ok
11:01:00.0013 4468  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:01:00.0013 4468  WdiSystemHost - ok
11:01:00.0091 4468  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\Windows\System32\webclnt.dll
11:01:00.0091 4468  WebClient - ok
11:01:00.0138 4468  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:01:00.0138 4468  Wecsvc - ok
11:01:00.0170 4468  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:01:00.0170 4468  wercplsupport - ok
11:01:00.0216 4468  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:01:00.0216 4468  WerSvc - ok
11:01:00.0295 4468  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
11:01:00.0295 4468  WFPLWFS - ok
11:01:00.0326 4468  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\Windows\System32\wiarpc.dll
11:01:00.0341 4468  WiaRpc - ok
11:01:00.0357 4468  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:01:00.0357 4468  WIMMount - ok
11:01:00.0373 4468  WinDefend - ok
11:01:00.0420 4468  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
11:01:00.0420 4468  WinHttpAutoProxySvc - ok
11:01:00.0466 4468  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:01:00.0466 4468  Winmgmt - ok
11:01:00.0529 4468  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\Windows\system32\WsmSvc.dll
11:01:00.0545 4468  WinRM - ok
11:01:00.0591 4468  [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
11:01:00.0591 4468  WinUsb - ok
11:01:00.0748 4468  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\Windows\System32\wlansvc.dll
11:01:00.0763 4468  WlanSvc - ok
11:01:00.0810 4468  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\Windows\system32\wlidsvc.dll
11:01:00.0826 4468  wlidsvc - ok
11:01:00.0857 4468  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
11:01:00.0857 4468  WmiAcpi - ok
11:01:00.0888 4468  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:01:00.0888 4468  wmiApSrv - ok
11:01:00.0904 4468  WMPNetworkSvc - ok
11:01:00.0920 4468  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
11:01:00.0920 4468  wpcfltr - ok
11:01:00.0966 4468  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:01:00.0966 4468  WPCSvc - ok
11:01:00.0998 4468  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:01:00.0998 4468  WPDBusEnum - ok
11:01:01.0013 4468  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
11:01:01.0013 4468  WpdUpFltr - ok
11:01:01.0045 4468  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:01:01.0045 4468  ws2ifsl - ok
11:01:01.0076 4468  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          C:\Windows\System32\wscsvc.dll
11:01:01.0076 4468  wscsvc - ok
11:01:01.0107 4468  [ 74EFDA0526862C3D8D01A776182798EA ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
11:01:01.0107 4468  WSDPrintDevice - ok
11:01:01.0138 4468  [ FA07DF46070F0826139709EF4D31FB71 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
11:01:01.0138 4468  WSDScan - ok
11:01:01.0138 4468  WSearch - ok
11:01:01.0263 4468  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\Windows\System32\WSService.dll
11:01:01.0279 4468  WSService - ok
11:01:01.0357 4468  [ BE302BABE45EC05995F8DC66E37BBB3D ] wuauserv        C:\Windows\system32\wuaueng.dll
11:01:01.0373 4468  wuauserv - ok
11:01:01.0388 4468  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:01:01.0404 4468  WudfPf - ok
11:01:01.0404 4468  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
11:01:01.0404 4468  WUDFRd - ok
11:01:01.0435 4468  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:01:01.0435 4468  wudfsvc - ok
11:01:01.0451 4468  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
11:01:01.0451 4468  WUDFWpdFs - ok
11:01:01.0529 4468  [ FBB9B00D7A5756B0AA8E10BF7619E604 ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:01:01.0529 4468  WwanSvc - ok
11:01:01.0685 4468  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
11:01:01.0701 4468  YahooAUService - ok
11:01:01.0701 4468  ================ Scan global ===============================
11:01:01.0779 4468  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\system32\basesrv.dll
11:01:01.0841 4468  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\system32\winsrv.dll
11:01:01.0888 4468  [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\system32\sxssrv.dll
11:01:01.0966 4468  [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\system32\services.exe
11:01:01.0982 4468  [Global] - ok
11:01:01.0982 4468  ================ Scan MBR ==================================
11:01:01.0998 4468  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:01:02.0045 4468  \Device\Harddisk0\DR0 - ok
11:01:02.0045 4468  ================ Scan VBR ==================================
11:01:02.0076 4468  [ BE5BBF4272AB640A1BB3D95F2CCD0D2E ] \Device\Harddisk0\DR0\Partition1
11:01:02.0076 4468  \Device\Harddisk0\DR0\Partition1 - ok
11:01:02.0091 4468  [ 8CA20602F42E5559C352577228F49D89 ] \Device\Harddisk0\DR0\Partition2
11:01:02.0091 4468  \Device\Harddisk0\DR0\Partition2 - ok
11:01:02.0091 4468  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
11:01:02.0091 4468  \Device\Harddisk0\DR0\Partition3 - ok
11:01:02.0107 4468  [ 887E82FDD2E3959F365D37AF64D19B39 ] \Device\Harddisk0\DR0\Partition4
11:01:02.0107 4468  \Device\Harddisk0\DR0\Partition4 - ok
11:01:02.0154 4468  [ 6519FA870EED1557E894AD2D3EDC9ACC ] \Device\Harddisk0\DR0\Partition5
11:01:02.0170 4468  \Device\Harddisk0\DR0\Partition5 - ok
11:01:02.0185 4468  [ C290D5D67A75BCAD84ED7F362F2FB44D ] \Device\Harddisk0\DR0\Partition6
11:01:02.0201 4468  \Device\Harddisk0\DR0\Partition6 - ok
11:01:02.0201 4468  ============================================================
11:01:02.0201 4468  Scan finished
11:01:02.0201 4468  ============================================================
11:01:02.0201 7108  Detected object count: 0
11:01:02.0201 7108  Actual detected object count: 0
11:01:18.0046 4388  Deinitialize success
 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 22 July 2013 - 10:09 AM

Ok, try again after the other scans,if they do not pull it out.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 zookeeper9

zookeeper9
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 22 July 2013 - 10:10 AM

AdwCleaner Report:

 

# AdwCleaner v2.306 - Logfile created 07/22/2013 at 11:05:31
# Updated 19/07/2013 by Xplode
# Operating system : Windows 8  (64 bits)
# User : Donna - RHINO
# Boot Mode : Normal
# Running from : C:\Users\Donna\Desktop\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Deleted on reboot : C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim
File Deleted : C:\END
File Deleted : C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files\DomaIQ Uninstaller
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Donna\AppData\Local\Conduit
Folder Deleted : C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim
Folder Deleted : C:\Users\Donna\AppData\Local\PackageAware
Folder Deleted : C:\Users\Donna\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Donna\AppData\Local\Temp\AirInstaller
Folder Deleted : C:\Users\Donna\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Donna\AppData\Roaming\PerformerSoft

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Google\Chrome\Extensions\nemfjadlboooiffmcelkafilagddogim
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289663
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nemfjadlboooiffmcelkafilagddogim
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Google Chrome v28.0.1500.72

File : C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.2668] : homepage = "hxxp://search.conduit.com/?ctid=CT3289663&SearchSource=48&CUI=UN33917872202132623&UM[...]
Deleted [l.3045] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3289663&SearchSource=48&CUI[...]

File : C:\Users\The Kids\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Liz\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4532 octets] - [22/07/2013 11:05:20]
AdwCleaner[S1].txt - [4213 octets] - [22/07/2013 11:05:31]

########## EOF - C:\AdwCleaner[S1].txt - [4273 octets] ##########



#8 zookeeper9

zookeeper9
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 22 July 2013 - 10:30 AM

I cannot run ESET scanner.  It is looking for a proxy configuration.



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 22 July 2013 - 10:34 AM

Try this Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.
Now check if it is working again.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 zookeeper9

zookeeper9
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 22 July 2013 - 08:56 PM

Thanks.  I tried it and it is now running. I will post the log (if there is one) when it is completed,.



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 22 July 2013 - 09:04 PM

Malware changes that setting at times to protect itself from removal.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 zookeeper9

zookeeper9
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 22 July 2013 - 10:28 PM

Sneaky little devils!  Right now I am running ESET.  It is about half done.  I am going to let it finishing running tonight and I will post the log tomorrow tomorrow morning.  Thanks for your help so far.



#13 zookeeper9

zookeeper9
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 22 July 2013 - 10:46 PM

It actually finished the scan shortly after I last posted.  Here is the log:

 

C:\Users\Donna\AppData\Local\Temp\air45C1.exe a variant of Win32/Packed.VMDetector.A application cleaned by deleting - quarantined
C:\Users\Donna\AppData\Local\Temp\air95F3.exe a variant of Win32/AirAdInstaller.A application cleaned by deleting - quarantined
C:\Users\Donna\AppData\Local\Temp\setup.exe a variant of Win32/AirAdInstaller.A application cleaned by deleting - quarantined
C:\Users\Donna\AppData\Local\Temp\nsbB91E.tmp\AskInstaller.exe a variant of Win32/Bundled.Toolbar.Ask.D application cleaned by deleting - quarantined
C:\Users\Donna\AppData\Local\Temp\nsmC40F.tmp\AskInstaller.exe a variant of Win32/Bundled.Toolbar.Ask.D application cleaned by deleting - quarantined
C:\Users\Donna\Desktop\bundleSetup.exe a variant of Win32/InstallBrain.AC application cleaned by deleting - quarantined
C:\Users\Donna\Downloads\BitZipper2013TrialSetupEn.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\Donna\Downloads\mp3rocket.exe a variant of Win32/Bundled.Toolbar.Ask.D application cleaned by deleting - quarantined
C:\Users\Donna\Downloads\setup.exe.exe a variant of Win32/AirAdInstaller.A application cleaned by deleting - quarantined
C:\Users\The Kids\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W3WGA18T\WeatherBugSetup.msi a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantined
C:\Users\The Kids\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WGVR0LTT\GamingWonderland.exe Win32/AdInstaller application cleaned by deleting - quarantined
C:\Users\The Kids\AppData\Local\Temp\ApnIC.dll a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Users\The Kids\AppData\Local\Temp\cltmng.exe a variant of Win32/Conduit.SearchProtect.B application cleaned by deleting - quarantined
C:\Windows\Installer\521223f.msi a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantined
C:\Windows\Installer\f2b938.msi a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantined



#14 zookeeper9

zookeeper9
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 22 July 2013 - 10:47 PM

And DomalQ is gone!

 

Thank you for all of your help!



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 23 July 2013 - 12:11 PM

You're welcome!! Now Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
You're good to go.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users