Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Got pop up window behind chrome browser: redirect.cpvrdr.com


  • Please log in to reply
14 replies to this topic

#1 mds_11

mds_11

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:11:22 AM

Posted 31 July 2013 - 10:38 PM

Hi,

 

I have a laptop running Windows 8. Chrome is my default browser. Whenever I used Chrome to access internet, behind the browser an IE window always popped up with an address like: http://redirect.cpvrdr.com/redirect.php?ID=9196550&KEY=4277, and the IE browser showed "This page cannot be displayed". I ran Malwarebytes Anti-Malware and McAfee. Both found malware and tried to fix it. But until now the redirected window still pops up. Could you help to clean up my computer?

 

--mds

 

 

 

 



BC AdBot (Login to Remove)

 


#2 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:22 PM

Posted 01 August 2013 - 06:18 AM

:welcome:

 

Let's have a look..

 

:step1:  Install and run MBAM

 

:step2:    Running TDSSKiller to obtain log

 

Note: Don't cure or delete a threat, but choose skip for all instead.

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters

tds2.jpg

  • In the Additional options: Check Detect TDLFS file system
  • Click Start Scan and allow the scan process to run

tds4-1.jpg

  • Choose for all threats to Skip for all of them.
  • Click Continue
  • Please post the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)

===================================================

 

:step2:  ESET Online Scanner

==================

Note: If your AV is blocking Eset online scanner, please temporarily disable your AV.

 

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and » UNCHECK "Remove found threats" <== Important
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. (If no malware was found you will not be presented with a log).
  • Click the Back button.
  • Click the Finish button.

===================================================


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#3 mds_11

mds_11
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:11:22 AM

Posted 01 August 2013 - 11:38 AM

It took a while to finish the scans. Here are the three log files:

 

MBAM log

============

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.01.05

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16635
Michelle :: MICHELLE-ULTRA [administrator]

Protection: Disabled

8/1/2013 9:29:00 AM
mbam-log-2013-08-01 (09-29-00).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 434864
Time elapsed: 50 minute(s), 44 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

 

TDSSKiller Log:

==============

10:30:43.0831 9448  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:30:43.0831 9448  UEFI system
10:30:45.0836 9448  ============================================================
10:30:45.0836 9448  Current date / time: 2013/08/01 10:30:45.0836
10:30:45.0837 9448  SystemInfo:
10:30:45.0837 9448 
10:30:45.0837 9448  OS Version: 6.2.9200 ServicePack: 0.0
10:30:45.0837 9448  Product type: Workstation
10:30:45.0837 9448  ComputerName: MICHELLE-ULTRA
10:30:45.0837 9448  UserName: Michelle
10:30:45.0837 9448  Windows directory: C:\Windows
10:30:45.0837 9448  System windows directory: C:\Windows
10:30:45.0837 9448  Running under WOW64
10:30:45.0837 9448  Processor architecture: Intel x64
10:30:45.0837 9448  Number of processors: 4
10:30:45.0837 9448  Page size: 0x1000
10:30:45.0838 9448  Boot type: Normal boot
10:30:45.0838 9448  ============================================================
10:30:46.0405 9448  Drive \Device\Harddisk0\DR0 - Size: 0x74709D0E00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:30:46.0405 9448  Drive \Device\Harddisk1\DR1 - Size: 0x200000000 (8.00 Gb), SectorSize: 0x200, Cylinders: 0x414, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:30:46.0407 9448  ============================================================
10:30:46.0407 9448  \Device\Harddisk0\DR0:
10:30:46.0408 9448  GPT partitions:
10:30:46.0409 9448  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {71ACBA2B-A953-470B-90D9-DF34521CE60E}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000
10:30:46.0409 9448  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {796BADD3-6BBF-4D9F-B631-466EB71A4965}, UniqueGUID: {2974EAA5-A942-43E9-9BA7-81D9485129D5}, Name: Basic data partition, StartLBA 0xFA800, BlocksNum 0x14000
10:30:46.0409 9448  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {BD1BF1D3-04EC-412A-B24F-EF749F5EB0FD}, Name: Microsoft reserved partition, StartLBA 0x10E800, BlocksNum 0x40000
10:30:46.0409 9448  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9DBAD8F1-114D-451A-BA53-0F1ACC1A2A1A}, Name: Basic data partition, StartLBA 0x14E800, BlocksNum 0xFA000
10:30:46.0409 9448  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E32BF64C-E8CE-41DA-B858-B21B6763B0AD}, Name: Basic data partition, StartLBA 0x248800, BlocksNum 0x38EC5000
10:30:46.0409 9448  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {01EA2E47-3F43-4AAD-A245-A204586109F0}, Name: Microsoft recovery partition, StartLBA 0x3910D800, BlocksNum 0x1276E87
10:30:46.0409 9448  MBR partitions:
10:30:46.0409 9448  \Device\Harddisk1\DR1:
10:30:46.0409 9448  GPT partitions:
10:30:46.0409 9448  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {D3BFE2DE-3DAF-11DF-BA40-E3A556D89593}, UniqueGUID: {2ABD90FF-71BB-46A8-B0A5-9A0E322FBFFB}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFFF000
10:30:46.0409 9448  MBR partitions:
10:30:46.0409 9448  ============================================================
10:30:46.0411 9448  C: <-> \Device\Harddisk0\DR0\Partition5
10:30:46.0411 9448  ============================================================
10:30:46.0411 9448  Initialize success
10:30:46.0411 9448  ============================================================
10:32:15.0825 3928  ============================================================
10:32:15.0825 3928  Scan started
10:32:15.0825 3928  Mode: Manual;
10:32:15.0825 3928  ============================================================
10:32:16.0181 3928  ================ Scan system memory ========================
10:32:16.0181 3928  System memory - ok
10:32:16.0181 3928  ================ Scan services =============================
10:32:16.0306 3928  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
10:32:16.0373 3928  1394ohci - ok
10:32:16.0377 3928  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\Windows\system32\drivers\3ware.sys
10:32:16.0417 3928  3ware - ok
10:32:16.0432 3928  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:32:16.0437 3928  ACPI - ok
10:32:16.0441 3928  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
10:32:16.0443 3928  acpiex - ok
10:32:16.0447 3928  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
10:32:16.0483 3928  acpipagr - ok
10:32:16.0486 3928  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
10:32:16.0522 3928  AcpiPmi - ok
10:32:16.0525 3928  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
10:32:16.0560 3928  acpitime - ok
10:32:16.0593 3928  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:32:16.0638 3928  adp94xx - ok
10:32:16.0646 3928  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:32:16.0690 3928  adpahci - ok
10:32:16.0695 3928  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:32:16.0734 3928  adpu320 - ok
10:32:16.0741 3928  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:32:16.0743 3928  AeLookupSvc - ok
10:32:16.0753 3928  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             C:\Windows\system32\drivers\afd.sys
10:32:16.0757 3928  AFD - ok
10:32:16.0761 3928  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:32:16.0800 3928  agp440 - ok
10:32:16.0810 3928  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\Windows\System32\alg.exe
10:32:16.0812 3928  ALG - ok
10:32:16.0816 3928  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
10:32:16.0825 3928  AllUserInstallAgent - ok
10:32:16.0839 3928  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
10:32:16.0875 3928  AmdK8 - ok
10:32:16.0898 3928  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
10:32:16.0934 3928  AmdPPM - ok
10:32:16.0955 3928  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:32:16.0992 3928  amdsata - ok
10:32:16.0998 3928  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:32:17.0040 3928  amdsbs - ok
10:32:17.0043 3928  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:32:17.0081 3928  amdxata - ok
10:32:17.0087 3928  [ 0C3D62CB6B8F2B3CC42369BAC0F58AD5 ] AMPPAL          C:\Windows\System32\drivers\AMPPAL.sys
10:32:17.0127 3928  AMPPAL - ok
10:32:17.0131 3928  [ 0C3D62CB6B8F2B3CC42369BAC0F58AD5 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
10:32:17.0132 3928  AMPPALP - ok
10:32:17.0144 3928  [ 11DA9AEDEDE229C6BDF6889298E91FDD ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
10:32:17.0194 3928  AMPPALR3 - ok
10:32:17.0198 3928  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\Windows\system32\drivers\appid.sys
10:32:17.0200 3928  AppID - ok
10:32:17.0211 3928  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:32:17.0212 3928  AppIDSvc - ok
10:32:17.0216 3928  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         C:\Windows\System32\appinfo.dll
10:32:17.0218 3928  Appinfo - ok
10:32:17.0222 3928  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\Windows\system32\drivers\arc.sys
10:32:17.0260 3928  arc - ok
10:32:17.0264 3928  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:32:17.0302 3928  arcsas - ok
10:32:17.0306 3928  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:32:17.0345 3928  AsyncMac - ok
10:32:17.0348 3928  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:32:17.0385 3928  atapi - ok
10:32:17.0390 3928  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
10:32:17.0393 3928  AudioEndpointBuilder - ok
10:32:17.0405 3928  [ 810F30FF8490ED5ED510621DF10DE320 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
10:32:17.0412 3928  Audiosrv - ok
10:32:17.0423 3928  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:32:17.0424 3928  AxInstSV - ok
10:32:17.0452 3928  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
10:32:17.0497 3928  b06bdrv - ok
10:32:17.0501 3928  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
10:32:17.0538 3928  BasicDisplay - ok
10:32:17.0542 3928  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
10:32:17.0580 3928  BasicRender - ok
10:32:17.0595 3928  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:32:17.0598 3928  BDESVC - ok
10:32:17.0601 3928  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:32:17.0636 3928  Beep - ok
10:32:17.0647 3928  [ 7253B5371136DAF5D38AFB2C42D2B78F ] BFE             C:\Windows\System32\bfe.dll
10:32:17.0653 3928  BFE - ok
10:32:17.0678 3928  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\Windows\System32\qmgr.dll
10:32:17.0748 3928  BITS - ok
10:32:17.0779 3928  [ BAE8683BE3463B25E51875B380AB695A ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
10:32:17.0788 3928  Bluetooth Device Monitor - ok
10:32:17.0821 3928  [ AF06006C7A8B6CE409ABD351867A9544 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
10:32:17.0840 3928  Bluetooth OBEX Service - ok
10:32:17.0848 3928  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:32:17.0850 3928  bowser - ok
10:32:17.0858 3928  [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
10:32:17.0861 3928  BrokerInfrastructure - ok
10:32:17.0868 3928  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\Windows\System32\browser.dll
10:32:17.0870 3928  Browser - ok
10:32:17.0882 3928  [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
10:32:17.0918 3928  BthAvrcpTg - ok
10:32:17.0922 3928  [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
10:32:17.0959 3928  BthEnum - ok
10:32:17.0977 3928  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
10:32:18.0013 3928  BthHFEnum - ok
10:32:18.0031 3928  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
10:32:18.0132 3928  bthhfhid - ok
10:32:18.0137 3928  [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
10:32:18.0175 3928  BthLEEnum - ok
10:32:18.0179 3928  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
10:32:18.0216 3928  BTHMODEM - ok
10:32:18.0220 3928  [ 091BB978E9504D0AD14586929431A957 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
10:32:18.0260 3928  BthPan - ok
10:32:18.0276 3928  [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
10:32:18.0312 3928  BTHPORT - ok
10:32:18.0316 3928  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\Windows\system32\bthserv.dll
10:32:18.0317 3928  bthserv - ok
10:32:18.0321 3928  [ 53ECA72327243009C4D49BF934134A1B ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
10:32:18.0323 3928  BTHSSecurityMgr - ok
10:32:18.0327 3928  [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
10:32:18.0364 3928  BTHUSB - ok
10:32:18.0369 3928  [ 8F5E4E166C19A1B60F508057CF2FF96E ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
10:32:18.0408 3928  btmaux - ok
10:32:18.0425 3928  [ FD6DCB9E986D4B88655370C7F3976F78 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
10:32:18.0483 3928  btmhsf - ok
10:32:18.0488 3928  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:32:18.0525 3928  cdfs - ok
10:32:18.0542 3928  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\Windows\System32\drivers\cdrom.sys
10:32:18.0580 3928  cdrom - ok
10:32:18.0597 3928  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:32:18.0599 3928  CertPropSvc - ok
10:32:18.0614 3928  [ D2B3252AD4EB499C935A56467997AA3C ] cfwids          C:\Windows\system32\drivers\cfwids.sys
10:32:18.0671 3928  cfwids - ok
10:32:18.0684 3928  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\Windows\System32\drivers\circlass.sys
10:32:18.0721 3928  circlass - ok
10:32:18.0737 3928  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
10:32:18.0741 3928  CLFS - ok
10:32:18.0751 3928  [ 075CCE75090786F124573A788C8656E6 ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
10:32:18.0790 3928  CLVirtualDrive - ok
10:32:18.0793 3928  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
10:32:18.0832 3928  CmBatt - ok
10:32:18.0841 3928  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\Windows\system32\Drivers\cng.sys
10:32:18.0845 3928  CNG - ok
10:32:18.0850 3928  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
10:32:18.0888 3928  CompositeBus - ok
10:32:18.0890 3928  COMSysApp - ok
10:32:18.0894 3928  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\Windows\system32\drivers\condrv.sys
10:32:18.0896 3928  condrv - ok
10:32:18.0947 3928  [ BAC3B9819BFD603290AC0A2C87D605D3 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
10:32:18.0950 3928  cphs - ok
10:32:18.0963 3928  [ AFA426B0E7975CEB21F8B6711EFA8945 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:32:18.0966 3928  CryptSvc - ok
10:32:18.0975 3928  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             C:\Windows\system32\drivers\dam.sys
10:32:19.0015 3928  dam - ok
10:32:19.0030 3928  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:32:19.0038 3928  DcomLaunch - ok
10:32:19.0045 3928  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:32:19.0049 3928  defragsvc - ok
10:32:19.0054 3928  [ 4C0419368943D1CF20A9FCEEC50D9846 ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
10:32:19.0056 3928  DellDigitalDelivery - ok
10:32:19.0075 3928  [ DC253191A553DACA7684CFB5B03A4268 ] DellRbtn        C:\Windows\System32\drivers\DellRbtn.sys
10:32:19.0111 3928  DellRbtn - ok
10:32:19.0118 3928  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\Windows\system32\das.dll
10:32:19.0122 3928  DeviceAssociationService - ok
10:32:19.0127 3928  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
10:32:19.0130 3928  DeviceInstall - ok
10:32:19.0134 3928  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
10:32:19.0170 3928  Dfsc - ok
10:32:19.0176 3928  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:32:19.0207 3928  Dhcp - ok
10:32:19.0210 3928  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\Windows\system32\drivers\discache.sys
10:32:19.0248 3928  discache - ok
10:32:19.0252 3928  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\Windows\system32\drivers\disk.sys
10:32:19.0254 3928  disk - ok
10:32:19.0258 3928  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
10:32:19.0297 3928  dmvsc - ok
10:32:19.0302 3928  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:32:19.0305 3928  Dnscache - ok
10:32:19.0322 3928  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\Windows\System32\dot3svc.dll
10:32:19.0324 3928  dot3svc - ok
10:32:19.0329 3928  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\Windows\system32\dps.dll
10:32:19.0331 3928  DPS - ok
10:32:19.0343 3928  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:32:19.0377 3928  drmkaud - ok
10:32:19.0382 3928  [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
10:32:19.0385 3928  DsmSvc - ok
10:32:19.0404 3928  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:32:19.0416 3928  DXGKrnl - ok
10:32:19.0429 3928  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\Windows\System32\eapsvc.dll
10:32:19.0431 3928  Eaphost - ok
10:32:19.0486 3928  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
10:32:19.0586 3928  ebdrv - ok
10:32:19.0591 3928  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\Windows\System32\lsass.exe
10:32:19.0593 3928  EFS - ok
10:32:19.0605 3928  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
10:32:19.0607 3928  EhStorClass - ok
10:32:19.0621 3928  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
10:32:19.0660 3928  EhStorTcgDrv - ok
10:32:19.0663 3928  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\Windows\System32\drivers\errdev.sys
10:32:19.0699 3928  ErrDev - ok
10:32:19.0709 3928  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\Windows\system32\es.dll
10:32:19.0738 3928  EventSystem - ok
10:32:19.0749 3928  [ 933723A47E9B7B22208F79F0F40A249A ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:32:19.0755 3928  EvtEng - ok
10:32:19.0764 3928  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:32:19.0767 3928  exfat - ok
10:32:19.0772 3928  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:32:19.0775 3928  fastfat - ok
10:32:19.0798 3928  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\Windows\system32\fxssvc.exe
10:32:19.0842 3928  Fax - ok
10:32:19.0845 3928  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\Windows\System32\drivers\fdc.sys
10:32:19.0883 3928  fdc - ok
10:32:19.0887 3928  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\Windows\system32\fdPHost.dll
10:32:19.0916 3928  fdPHost - ok
10:32:19.0919 3928  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\Windows\system32\fdrespub.dll
10:32:19.0947 3928  FDResPub - ok
10:32:19.0952 3928  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\Windows\system32\fhsvc.dll
10:32:19.0954 3928  fhsvc - ok
10:32:19.0964 3928  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:32:19.0965 3928  FileInfo - ok
10:32:19.0968 3928  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:32:19.0970 3928  Filetrace - ok
10:32:19.0980 3928  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
10:32:20.0015 3928  flpydisk - ok
10:32:20.0023 3928  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:32:20.0054 3928  FltMgr - ok
10:32:20.0073 3928  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\Windows\system32\FntCache.dll
10:32:20.0085 3928  FontCache - ok
10:32:20.0090 3928  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:32:20.0092 3928  FontCache3.0.0.0 - ok
10:32:20.0095 3928  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:32:20.0097 3928  FsDepends - ok
10:32:20.0111 3928  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:32:20.0112 3928  Fs_Rec - ok
10:32:20.0135 3928  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:32:20.0179 3928  fvevol - ok
10:32:20.0195 3928  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
10:32:20.0231 3928  FxPPM - ok
10:32:20.0250 3928  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:32:20.0287 3928  gagp30kx - ok
10:32:20.0293 3928  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
10:32:20.0332 3928  gencounter - ok
10:32:20.0342 3928  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
10:32:20.0345 3928  GPIOClx0101 - ok
10:32:20.0364 3928  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:32:20.0404 3928  gpsvc - ok
10:32:20.0409 3928  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:32:20.0454 3928  gupdate - ok
10:32:20.0457 3928  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:32:20.0459 3928  gupdatem - ok
10:32:20.0463 3928  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
10:32:20.0500 3928  HDAudBus - ok
10:32:20.0512 3928  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
10:32:20.0549 3928  HidBatt - ok
10:32:20.0560 3928  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
10:32:20.0599 3928  HidBth - ok
10:32:20.0617 3928  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
10:32:20.0654 3928  hidi2c - ok
10:32:20.0663 3928  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\Windows\System32\drivers\hidir.sys
10:32:20.0700 3928  HidIr - ok
10:32:20.0722 3928  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\Windows\system32\hidserv.dll
10:32:20.0723 3928  hidserv - ok
10:32:20.0737 3928  [ 012C354B4AB48E9A7A657DF39E3A2073 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
10:32:20.0774 3928  HidUsb - ok
10:32:20.0785 3928  [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
10:32:20.0824 3928  HipShieldK - ok
10:32:20.0840 3928  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:32:20.0885 3928  hkmsvc - ok
10:32:20.0910 3928  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:32:20.0913 3928  HomeGroupListener - ok
10:32:20.0920 3928  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:32:20.0925 3928  HomeGroupProvider - ok
10:32:20.0943 3928  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:32:20.0981 3928  HpSAMD - ok
10:32:20.0994 3928  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:32:21.0037 3928  HTTP - ok
10:32:21.0053 3928  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:32:21.0080 3928  hwpolicy - ok
10:32:21.0083 3928  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
10:32:21.0119 3928  hyperkbd - ok
10:32:21.0122 3928  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
10:32:21.0160 3928  HyperVideo - ok
10:32:21.0164 3928  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
10:32:21.0208 3928  i8042prt - ok
10:32:21.0221 3928  [ 459016E8A4FA6426EDB5A9456A6E5E58 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
10:32:21.0225 3928  iaStorA - ok
10:32:21.0230 3928  [ 584068E03829BC5C63F54B05E6244E97 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
10:32:21.0231 3928  IAStorDataMgrSvc - ok
10:32:21.0251 3928  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:32:21.0313 3928  iaStorV - ok
10:32:21.0317 3928  [ C430482AC892D52CED021EDDD4D368A2 ] ibtfltcoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
10:32:21.0357 3928  ibtfltcoex - ok
10:32:21.0397 3928  [ 829EA5ECCAA623279D94EAEE3B5AD140 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
10:32:21.0455 3928  IconMan_R - ok
10:32:21.0552 3928  [ 87B67C33144BE5A68D20D9BE4D528E43 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:32:21.0649 3928  igfx - ok
10:32:21.0654 3928  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:32:21.0692 3928  iirsp - ok
10:32:21.0707 3928  [ A8FE84361B11953F651DFDF1B9A36F88 ] IKEEXT          C:\Windows\System32\ikeext.dll
10:32:21.0716 3928  IKEEXT - ok
10:32:21.0729 3928  [ FD2032D2EAE8D7F3381EBA5FA3E7FEEA ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
10:32:21.0767 3928  intaud_WaveExtensible - ok
10:32:21.0775 3928  [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
10:32:21.0814 3928  IntcDAud - ok
10:32:21.0825 3928  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
10:32:21.0872 3928  Intel® Capability Licensing Service Interface - ok
10:32:21.0884 3928  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:32:21.0921 3928  intelide - ok
10:32:21.0925 3928  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\Windows\System32\drivers\intelppm.sys
10:32:21.0960 3928  intelppm - ok
10:32:21.0964 3928  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:32:22.0002 3928  IpFilterDriver - ok
10:32:22.0016 3928  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:32:22.0025 3928  iphlpsvc - ok
10:32:22.0029 3928  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
10:32:22.0065 3928  IPMIDRV - ok
10:32:22.0069 3928  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:32:22.0071 3928  IPNAT - ok
10:32:22.0080 3928  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:32:22.0116 3928  IRENUM - ok
10:32:22.0120 3928  [ 4D9B9A794F22415B8C3E0CCFBE61BC7A ] irstrtdv        C:\Windows\System32\drivers\irstrtdv.sys
10:32:22.0159 3928  irstrtdv - ok
10:32:22.0207 3928  [ E145E934392E7A49FDC6775AC3A347F8 ] irstrtsv        C:\Windows\SysWOW64\irstrtsv.exe
10:32:22.0211 3928  irstrtsv - ok
10:32:22.0214 3928  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:32:22.0251 3928  isapnp - ok
10:32:22.0272 3928  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
10:32:22.0313 3928  iScsiPrt - ok
10:32:22.0316 3928  [ C59B9CE2855E667809F9E63C20FC44A5 ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
10:32:22.0355 3928  iwdbus - ok
10:32:22.0360 3928  [ 78ABBE558F57144047F10A0F50FE4B2F ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
10:32:22.0404 3928  jhi_service - ok
10:32:22.0408 3928  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
10:32:22.0448 3928  kbdclass - ok
10:32:22.0460 3928  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
10:32:22.0496 3928  kbdhid - ok
10:32:22.0499 3928  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
10:32:22.0538 3928  kdnic - ok
10:32:22.0552 3928  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\Windows\system32\lsass.exe
10:32:22.0553 3928  KeyIso - ok
10:32:22.0557 3928  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:32:22.0559 3928  KSecDD - ok
10:32:22.0564 3928  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:32:22.0614 3928  KSecPkg - ok
10:32:22.0618 3928  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:32:22.0619 3928  ksthunk - ok
10:32:22.0638 3928  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:32:22.0642 3928  KtmRm - ok
10:32:22.0646 3928  [ E8394F7CA5107A61A60729CEA7A21FF6 ] L1C             C:\Windows\system32\DRIVERS\L1C63x64.sys
10:32:22.0685 3928  L1C - ok
10:32:22.0693 3928  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:32:22.0697 3928  LanmanServer - ok
10:32:22.0702 3928  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:32:22.0706 3928  LanmanWorkstation - ok
10:32:22.0711 3928  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:32:22.0712 3928  lltdio - ok
10:32:22.0732 3928  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:32:22.0736 3928  lltdsvc - ok
10:32:22.0740 3928  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:32:22.0741 3928  lmhosts - ok
10:32:22.0747 3928  [ 2C24DC448DBE8DB9BE1441B824C57E79 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:32:22.0749 3928  LMS - ok
10:32:22.0762 3928  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:32:22.0800 3928  LSI_SAS - ok
10:32:22.0804 3928  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:32:22.0844 3928  LSI_SAS2 - ok
10:32:22.0848 3928  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:32:22.0887 3928  LSI_SCSI - ok
10:32:22.0891 3928  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
10:32:22.0929 3928  LSI_SSS - ok
10:32:22.0936 3928  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\Windows\System32\lsm.dll
10:32:22.0969 3928  LSM - ok
10:32:22.0974 3928  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:32:22.0976 3928  luafv - ok
10:32:22.0986 3928  [ 1E3AF124A3405EEE594BB9FFD4640F48 ] McAWFwk         c:\PROGRA~1\mcafee\msc\mcawfwk.exe
10:32:22.0989 3928  McAWFwk - ok
10:32:22.0995 3928  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
10:32:23.0037 3928  McMPFSvc - ok
10:32:23.0041 3928  [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
10:32:23.0042 3928  mcmscsvc - ok
10:32:23.0046 3928  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
10:32:23.0047 3928  McNaiAnn - ok
10:32:23.0052 3928  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
10:32:23.0053 3928  McNASvc - ok
10:32:23.0061 3928  [ 5D57D4B57CCC07450F97C4E929D0483F ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
10:32:23.0107 3928  McODS - ok
10:32:23.0112 3928  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
10:32:23.0113 3928  McOobeSv - ok
10:32:23.0118 3928  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
10:32:23.0119 3928  McProxy - ok
10:32:23.0125 3928  [ 21F81090A00932C5E96700EDF2977582 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
10:32:23.0164 3928  McShield - ok
10:32:23.0167 3928  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\Windows\system32\drivers\megasas.sys
10:32:23.0206 3928  megasas - ok
10:32:23.0213 3928  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
10:32:23.0256 3928  MegaSR - ok
10:32:23.0260 3928  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\Windows\System32\drivers\HECIx64.sys
10:32:23.0298 3928  MEIx64 - ok
10:32:23.0303 3928  [ B1720E97FABBDF7D30B36DAF19C3DEE8 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
10:32:23.0343 3928  mfeapfk - ok
10:32:23.0363 3928  [ 113F1534B80D65DFDCA660F19967A3B7 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
10:32:23.0404 3928  mfeavfk - ok
10:32:23.0430 3928  mfeavfk01 - ok
10:32:23.0436 3928  [ AF83010055E18126067D0560069BF11A ] mfeelamk        C:\Windows\system32\drivers\mfeelamk.sys
10:32:23.0475 3928  mfeelamk - ok
10:32:23.0484 3928  [ C4F521310E40327BBC8E8E71DA344F48 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
10:32:23.0488 3928  mfefire - ok
10:32:23.0502 3928  [ CECC9841D036EE008091825272D91331 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
10:32:23.0546 3928  mfefirek - ok
10:32:23.0584 3928  [ EF0F85EDBDF6C0AB467E88E0CEE2B346 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
10:32:23.0639 3928  mfehidk - ok
10:32:23.0652 3928  [ 6E3A46BF6CBB80450CC24F80FE03ED5A ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys
10:32:23.0689 3928  mferkdet - ok
10:32:23.0694 3928  [ 341BFCAA3A55C08E8C9ECB1654ACA905 ] mfevtp          C:\Windows\system32\mfevtps.exe
10:32:23.0734 3928  mfevtp - ok
10:32:23.0749 3928  [ 2802D09F1B6ED502237539563F3C4992 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
10:32:23.0753 3928  mfewfpk - ok
10:32:23.0762 3928  Microsoft SharePoint Workspace Audit Service - ok
10:32:23.0766 3928  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\Windows\system32\mmcss.dll
10:32:23.0767 3928  MMCSS - ok
10:32:23.0777 3928  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\Windows\system32\drivers\modem.sys
10:32:23.0813 3928  Modem - ok
10:32:23.0817 3928  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\Windows\System32\drivers\monitor.sys
10:32:23.0855 3928  monitor - ok
10:32:23.0859 3928  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\Windows\System32\drivers\mouclass.sys
10:32:23.0900 3928  mouclass - ok
10:32:23.0917 3928  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\Windows\System32\drivers\mouhid.sys
10:32:23.0954 3928  mouhid - ok
10:32:23.0958 3928  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:32:23.0959 3928  mountmgr - ok
10:32:23.0964 3928  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:32:23.0965 3928  mpsdrv - ok
10:32:23.0978 3928  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:32:23.0987 3928  MpsSvc - ok
10:32:24.0018 3928  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:32:24.0020 3928  MRxDAV - ok
10:32:24.0028 3928  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:32:24.0069 3928  mrxsmb - ok
10:32:24.0078 3928  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:32:24.0117 3928  mrxsmb10 - ok
10:32:24.0123 3928  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:32:24.0126 3928  mrxsmb20 - ok
10:32:24.0142 3928  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
10:32:24.0144 3928  MsBridge - ok
10:32:24.0159 3928  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\Windows\System32\msdtc.exe
10:32:24.0161 3928  MSDTC - ok
10:32:24.0169 3928  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:32:24.0170 3928  Msfs - ok
10:32:24.0179 3928  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
10:32:24.0217 3928  msgpiowin32 - ok
10:32:24.0220 3928  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:32:24.0258 3928  mshidkmdf - ok
10:32:24.0261 3928  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
10:32:24.0262 3928  mshidumdf - ok
10:32:24.0266 3928  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:32:24.0303 3928  msisadrv - ok
10:32:24.0314 3928  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:32:24.0317 3928  MSiSCSI - ok
10:32:24.0320 3928  msiserver - ok
10:32:24.0325 3928  [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
10:32:24.0327 3928  MSK80Service - ok
10:32:24.0336 3928  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:32:24.0337 3928  MSKSSRV - ok
10:32:24.0345 3928  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
10:32:24.0347 3928  MsLldp - ok
10:32:24.0350 3928  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:32:24.0351 3928  MSPCLOCK - ok
10:32:24.0354 3928  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:32:24.0355 3928  MSPQM - ok
10:32:24.0362 3928  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:32:24.0366 3928  MsRPC - ok
10:32:24.0371 3928  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
10:32:24.0410 3928  mssmbios - ok
10:32:24.0413 3928  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:32:24.0450 3928  MSTEE - ok
10:32:24.0467 3928  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
10:32:24.0503 3928  MTConfig - ok
10:32:24.0508 3928  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:32:24.0509 3928  Mup - ok
10:32:24.0514 3928  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
10:32:24.0551 3928  mvumis - ok
10:32:24.0560 3928  [ D8C1FE237762249C879760E7F3ABFC1F ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:32:24.0601 3928  MyWiFiDHCPDNS - ok
10:32:24.0610 3928  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\Windows\system32\qagentRT.dll
10:32:24.0615 3928  napagent - ok
10:32:24.0623 3928  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:32:24.0627 3928  NativeWifiP - ok
10:32:24.0649 3928  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\Windows\System32\ncasvc.dll
10:32:24.0652 3928  NcaSvc - ok
10:32:24.0657 3928  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
10:32:24.0659 3928  NcdAutoSetup - ok
10:32:24.0694 3928  [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:32:24.0705 3928  NDIS - ok
10:32:24.0718 3928  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:32:24.0755 3928  NdisCap - ok
10:32:24.0760 3928  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
10:32:24.0762 3928  NdisImPlatform - ok
10:32:24.0766 3928  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:32:24.0767 3928  NdisTapi - ok
10:32:24.0771 3928  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:32:24.0773 3928  Ndisuio - ok
10:32:24.0780 3928  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:32:24.0782 3928  NdisWan - ok
10:32:24.0786 3928  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
10:32:24.0787 3928  NDISWANLEGACY - ok
10:32:24.0791 3928  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:32:24.0792 3928  NDProxy - ok
10:32:24.0796 3928  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
10:32:24.0798 3928  Ndu - ok
10:32:24.0802 3928  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:32:24.0803 3928  NetBIOS - ok
10:32:24.0810 3928  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:32:24.0851 3928  NetBT - ok
10:32:24.0854 3928  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\Windows\system32\lsass.exe
10:32:24.0856 3928  Netlogon - ok
10:32:24.0863 3928  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\Windows\System32\netman.dll
10:32:24.0893 3928  Netman - ok
10:32:24.0900 3928  [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm        C:\Windows\System32\netprofmsvc.dll
10:32:24.0906 3928  netprofm - ok
10:32:24.0915 3928  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:32:24.0917 3928  NetTcpPortSharing - ok
10:32:24.0964 3928  [ 8CEF52F56EE6E9C4DDD374CE8E2E3DC6 ] NETwNe64        C:\Windows\system32\DRIVERS\NETwew00.sys
10:32:25.0039 3928  NETwNe64 - ok
10:32:25.0055 3928  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:32:25.0093 3928  nfrd960 - ok
10:32:25.0101 3928  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:32:25.0105 3928  NlaSvc - ok
10:32:25.0109 3928  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:32:25.0110 3928  Npfs - ok
10:32:25.0114 3928  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
10:32:25.0150 3928  npsvctrig - ok
10:32:25.0153 3928  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\Windows\system32\nsisvc.dll
10:32:25.0156 3928  nsi - ok
10:32:25.0160 3928  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:32:25.0161 3928  nsiproxy - ok
10:32:25.0215 3928  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:32:25.0244 3928  Ntfs - ok
10:32:25.0252 3928  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\Windows\system32\drivers\Null.sys
10:32:25.0273 3928  Null - ok
10:32:25.0297 3928  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:32:25.0362 3928  nvraid - ok
10:32:25.0367 3928  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:32:25.0407 3928  nvstor - ok
10:32:25.0411 3928  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:32:25.0453 3928  nv_agp - ok
10:32:25.0466 3928  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:32:25.0468 3928  ose - ok
10:32:25.0546 3928  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:32:25.0584 3928  osppsvc - ok
10:32:25.0596 3928  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:32:25.0600 3928  p2pimsvc - ok
10:32:25.0608 3928  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:32:25.0613 3928  p2psvc - ok
10:32:25.0632 3928  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\Windows\System32\drivers\parport.sys
10:32:25.0668 3928  Parport - ok
10:32:25.0672 3928  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:32:25.0674 3928  partmgr - ok
10:32:25.0682 3928  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:32:25.0688 3928  PcaSvc - ok
10:32:25.0701 3928  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\Windows\system32\drivers\pci.sys
10:32:25.0741 3928  pci - ok
10:32:25.0744 3928  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:32:25.0781 3928  pciide - ok
10:32:25.0785 3928  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:32:25.0826 3928  pcmcia - ok
10:32:25.0829 3928  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:32:25.0869 3928  pcw - ok
10:32:25.0872 3928  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\Windows\system32\drivers\pdc.sys
10:32:25.0912 3928  pdc - ok
10:32:25.0924 3928  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:32:25.0930 3928  PEAUTH - ok
10:32:25.0979 3928  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:32:25.0980 3928  PerfHost - ok
10:32:26.0018 3928  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\Windows\system32\pla.dll
10:32:26.0030 3928  pla - ok
10:32:26.0035 3928  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:32:26.0037 3928  PlugPlay - ok
10:32:26.0052 3928  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:32:26.0054 3928  PNRPAutoReg - ok
10:32:26.0061 3928  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:32:26.0064 3928  PNRPsvc - ok
10:32:26.0074 3928  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:32:26.0078 3928  PolicyAgent - ok
10:32:26.0084 3928  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\Windows\system32\umpo.dll
10:32:26.0086 3928  Power - ok
10:32:26.0091 3928  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:32:26.0092 3928  PptpMiniport - ok
10:32:26.0156 3928  [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
10:32:26.0206 3928  PrintNotify - ok
10:32:26.0227 3928  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\Windows\System32\drivers\processr.sys
10:32:26.0286 3928  Processor - ok
10:32:26.0293 3928  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\Windows\system32\profsvc.dll
10:32:26.0296 3928  ProfSvc - ok
10:32:26.0300 3928  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:32:26.0303 3928  Psched - ok
10:32:26.0321 3928  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\Windows\system32\qwave.dll
10:32:26.0323 3928  QWAVE - ok
10:32:26.0341 3928  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:32:26.0343 3928  QWAVEdrv - ok
10:32:26.0365 3928  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:32:26.0367 3928  RasAcd - ok
10:32:26.0378 3928  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:32:26.0381 3928  RasAgileVpn - ok
10:32:26.0407 3928  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\Windows\System32\rasauto.dll
10:32:26.0414 3928  RasAuto - ok
10:32:26.0425 3928  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:32:26.0430 3928  Rasl2tp - ok
10:32:26.0458 3928  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\Windows\System32\rasmans.dll
10:32:26.0469 3928  RasMan - ok
10:32:26.0479 3928  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:32:26.0482 3928  RasPppoe - ok
10:32:26.0490 3928  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:32:26.0493 3928  RasSstp - ok
10:32:26.0506 3928  [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:32:26.0511 3928  rdbss - ok
10:32:26.0518 3928  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
10:32:26.0555 3928  rdpbus - ok
10:32:26.0568 3928  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
10:32:26.0570 3928  RDPDR - ok
10:32:26.0594 3928  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:32:26.0595 3928  RdpVideoMiniport - ok
10:32:26.0617 3928  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:32:26.0643 3928  RDPWD - ok
10:32:26.0654 3928  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:32:26.0658 3928  rdyboost - ok
10:32:26.0667 3928  [ 695C4AC7D0B5002040C7540364C43940 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:32:26.0721 3928  RegSrvc - ok
10:32:26.0738 3928  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:32:26.0740 3928  RemoteAccess - ok
10:32:26.0751 3928  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:32:26.0755 3928  RemoteRegistry - ok
10:32:26.0760 3928  [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
10:32:26.0800 3928  RFCOMM - ok
10:32:26.0817 3928  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
10:32:26.0873 3928  RichVideo - ok
10:32:26.0877 3928  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:32:26.0879 3928  RpcEptMapper - ok
10:32:26.0883 3928  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\Windows\system32\locator.exe
10:32:26.0885 3928  RpcLocator - ok
10:32:26.0898 3928  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\Windows\system32\rpcss.dll
10:32:26.0903 3928  RpcSs - ok
10:32:26.0907 3928  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:32:26.0945 3928  rspndr - ok
10:32:26.0952 3928  [ 46726EB52FDC7A141DE6780B09F3F729 ] RSUSBVSTOR      C:\Windows\System32\Drivers\RtsUVStor.sys
10:32:26.0999 3928  RSUSBVSTOR - ok
10:32:27.0003 3928  [ 3208C73AE8E3B032DF1235B8F820CBBC ] rtcrfilt64      C:\Windows\system32\drivers\rtcrfilt64.sys
10:32:27.0004 3928  rtcrfilt64 - ok
10:32:27.0017 3928  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
10:32:27.0052 3928  s3cap - ok
10:32:27.0055 3928  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\Windows\system32\lsass.exe
10:32:27.0057 3928  SamSs - ok
10:32:27.0067 3928  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:32:27.0106 3928  sbp2port - ok
10:32:27.0121 3928  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:32:27.0125 3928  SCardSvr - ok
10:32:27.0134 3928  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:32:27.0171 3928  scfilter - ok
10:32:27.0189 3928  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        C:\Windows\system32\schedsvc.dll
10:32:27.0200 3928  Schedule - ok
10:32:27.0206 3928  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:32:27.0207 3928  SCPolicySvc - ok
10:32:27.0225 3928  [ 047315E75392CEA447ACC86257824C16 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
10:32:27.0265 3928  sdbus - ok
10:32:27.0285 3928  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:32:27.0288 3928  SDRSVC - ok
10:32:27.0305 3928  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
10:32:27.0343 3928  sdstor - ok
10:32:27.0347 3928  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:32:27.0350 3928  secdrv - ok
10:32:27.0354 3928  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\Windows\system32\seclogon.dll
10:32:27.0355 3928  seclogon - ok
10:32:27.0359 3928  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\Windows\System32\sens.dll
10:32:27.0361 3928  SENS - ok
10:32:27.0382 3928  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:32:27.0385 3928  SensrSvc - ok
10:32:27.0398 3928  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\Windows\system32\drivers\SerCx.sys
10:32:27.0399 3928  SerCx - ok
10:32:27.0403 3928  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\Windows\System32\drivers\serenum.sys
10:32:27.0439 3928  Serenum - ok
10:32:27.0443 3928  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\Windows\System32\drivers\serial.sys
10:32:27.0479 3928  Serial - ok
10:32:27.0482 3928  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\Windows\System32\drivers\sermouse.sys
10:32:27.0521 3928  sermouse - ok
10:32:27.0545 3928  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\Windows\system32\sessenv.dll
10:32:27.0549 3928  SessionEnv - ok
10:32:27.0552 3928  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
10:32:27.0588 3928  sfloppy - ok
10:32:27.0623 3928  [ 820368BFF0E36FF72A7DE2C20833FFEE ] SftService      C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
10:32:27.0689 3928  SftService - ok
10:32:27.0713 3928  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:32:27.0722 3928  SharedAccess - ok
10:32:27.0752 3928  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:32:27.0763 3928  ShellHWDetection - ok
10:32:27.0778 3928  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:32:27.0818 3928  SiSRaid2 - ok
10:32:27.0821 3928  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:32:27.0860 3928  SiSRaid4 - ok
10:32:27.0873 3928  [ A7CD1B0E0452B2E9C650EFDB466D40E7 ] SmbDrv          C:\Windows\System32\drivers\Smb_driver_AMDASF.sys
10:32:27.0911 3928  SmbDrv - ok
10:32:27.0914 3928  [ D79951652C8C22C01996E6C2E29AD390 ] SmbDrvI         C:\Windows\System32\drivers\Smb_driver_Intel.sys
10:32:27.0953 3928  SmbDrvI - ok
10:32:27.0969 3928  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:32:27.0971 3928  SNMPTRAP - ok
10:32:28.0008 3928  [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
10:32:28.0050 3928  spaceport - ok
10:32:28.0064 3928  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
10:32:28.0101 3928  SpbCx - ok
10:32:28.0145 3928  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\Windows\System32\spoolsv.exe
10:32:28.0158 3928  Spooler - ok
10:32:28.0282 3928  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:32:28.0331 3928  sppsvc - ok
10:32:28.0340 3928  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:32:28.0344 3928  srv - ok
10:32:28.0355 3928  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:32:28.0360 3928  srv2 - ok
10:32:28.0367 3928  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:32:28.0369 3928  srvnet - ok
10:32:28.0381 3928  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:32:28.0384 3928  SSDPSRV - ok
10:32:28.0403 3928  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:32:28.0406 3928  SstpSvc - ok
10:32:28.0420 3928  [ 97F839E8AEC48EE271509BF4BC764C24 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
10:32:28.0461 3928  STacSV - ok
10:32:28.0477 3928  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:32:28.0515 3928  stexstor - ok
10:32:28.0523 3928  [ 7E89F65EB250463EE8665CFE19566FC3 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
10:32:28.0564 3928  STHDA - ok
10:32:28.0574 3928  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\Windows\System32\wiaservc.dll
10:32:28.0608 3928  stisvc - ok
10:32:28.0623 3928  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\Windows\system32\drivers\storahci.sys
10:32:28.0662 3928  storahci - ok
10:32:28.0673 3928  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
10:32:28.0711 3928  storflt - ok
10:32:28.0732 3928  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\Windows\system32\storsvc.dll
10:32:28.0733 3928  StorSvc - ok
10:32:28.0748 3928  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
10:32:28.0786 3928  storvsc - ok
10:32:28.0790 3928  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\Windows\system32\svsvc.dll
10:32:28.0792 3928  svsvc - ok
10:32:28.0796 3928  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\Windows\System32\drivers\swenum.sys
10:32:28.0846 3928  swenum - ok
10:32:28.0854 3928  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\Windows\System32\swprv.dll
10:32:28.0887 3928  swprv - ok
10:32:28.0897 3928  [ 276C0D79A6C62944B02A5502DB260AAF ] SynTP           C:\Windows\System32\drivers\SynTP.sys
10:32:28.0941 3928  SynTP - ok
10:32:28.0960 3928  [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain         C:\Windows\system32\sysmain.dll
10:32:28.0971 3928  SysMain - ok
10:32:28.0977 3928  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
10:32:29.0006 3928  SystemEventsBroker - ok
10:32:29.0022 3928  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\Windows\System32\TabSvc.dll
10:32:29.0025 3928  TabletInputService - ok
10:32:29.0040 3928  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:32:29.0044 3928  TapiSrv - ok
10:32:29.0118 3928  [ D750CE2A52F1B95E654CF2904C88EF1F ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:32:29.0135 3928  Tcpip - ok
10:32:29.0160 3928  [ D750CE2A52F1B95E654CF2904C88EF1F ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:32:29.0171 3928  TCPIP6 - ok
10:32:29.0177 3928  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:32:29.0178 3928  tcpipreg - ok
10:32:29.0185 3928  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:32:29.0186 3928  tdx - ok
10:32:29.0235 3928  [ 402794A75A899E296AB3EDEC4ECCB9A8 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
10:32:29.0268 3928  TeamViewer8 - ok
10:32:29.0283 3928  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
10:32:29.0321 3928  terminpt - ok
10:32:29.0383 3928  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\Windows\System32\termsrv.dll
10:32:29.0432 3928  TermService - ok
10:32:29.0437 3928  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\Windows\system32\themeservice.dll
10:32:29.0439 3928  Themes - ok
10:32:29.0443 3928  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\Windows\system32\mmcss.dll
10:32:29.0444 3928  THREADORDER - ok
10:32:29.0451 3928  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
10:32:29.0454 3928  TimeBroker - ok
10:32:29.0466 3928  [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM             C:\Windows\system32\drivers\tpm.sys
10:32:29.0506 3928  TPM - ok
10:32:29.0510 3928  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\Windows\System32\trkwks.dll
10:32:29.0539 3928  TrkWks - ok
10:32:29.0544 3928  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:32:29.0545 3928  TrustedInstaller - ok
10:32:29.0554 3928  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:32:29.0592 3928  TsUsbFlt - ok
10:32:29.0595 3928  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
10:32:29.0633 3928  TsUsbGD - ok
10:32:29.0637 3928  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:32:29.0674 3928  tunnel - ok
10:32:29.0678 3928  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:32:29.0717 3928  uagp35 - ok
10:32:29.0721 3928  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
10:32:29.0760 3928  UASPStor - ok
10:32:29.0766 3928  [ 7C33D8B8A5EA2321B84A1B6653CBD0DB ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
10:32:29.0808 3928  UCX01000 - ok
10:32:29.0814 3928  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:32:29.0868 3928  udfs - ok
10:32:29.0893 3928  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:32:29.0895 3928  UI0Detect - ok
10:32:29.0899 3928  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:32:29.0939 3928  uliagpkx - ok
10:32:29.0942 3928  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\Windows\System32\drivers\umbus.sys
10:32:29.0980 3928  umbus - ok
10:32:29.0983 3928  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\Windows\System32\drivers\umpass.sys
10:32:30.0020 3928  UmPass - ok
10:32:30.0033 3928  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\Windows\System32\umrdp.dll
10:32:30.0038 3928  UmRdpService - ok
10:32:30.0046 3928  [ E1A119AD21F5AFE22EB516C549306D3D ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:32:30.0099 3928  UNS - ok
10:32:30.0108 3928  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\Windows\System32\upnphost.dll
10:32:30.0114 3928  upnphost - ok
10:32:30.0118 3928  [ 8047D8AFA070A4C3B9FCBDBF77A84C45 ] usb3Hub         C:\Windows\System32\drivers\usb3Hub.sys
10:32:30.0157 3928  usb3Hub - ok
10:32:30.0162 3928  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
10:32:30.0199 3928  usbccgp - ok
10:32:30.0219 3928  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
10:32:30.0256 3928  usbcir - ok
10:32:30.0261 3928  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
10:32:30.0299 3928  usbehci - ok
10:32:30.0308 3928  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\Windows\System32\drivers\usbhub.sys
10:32:30.0354 3928  usbhub - ok
10:32:30.0363 3928  [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
10:32:30.0407 3928  USBHUB3 - ok
10:32:30.0418 3928  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\Windows\System32\drivers\usbohci.sys
10:32:30.0457 3928  usbohci - ok
10:32:30.0469 3928  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\Windows\System32\drivers\usbprint.sys
10:32:30.0505 3928  usbprint - ok
10:32:30.0510 3928  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
10:32:30.0547 3928  USBSTOR - ok
10:32:30.0567 3928  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
10:32:30.0604 3928  usbuhci - ok
10:32:30.0609 3928  [ 09799E701B4327097E9F63D3FE221083 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:32:30.0649 3928  usbvideo - ok
10:32:30.0657 3928  [ 11C0CF143D246E2F0E9BDBF17A0CC70B ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
10:32:30.0700 3928  USBXHCI - ok
10:32:30.0704 3928  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\Windows\system32\lsass.exe
10:32:30.0705 3928  VaultSvc - ok
10:32:30.0709 3928  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:32:30.0753 3928  vdrvroot - ok
10:32:30.0772 3928  [ 00FBA165A1167738802DA5D0EE78EF10 ] vds             C:\Windows\System32\vds.exe
10:32:30.0782 3928  vds - ok
10:32:30.0795 3928  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
10:32:30.0797 3928  VerifierExt - ok
10:32:30.0818 3928  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
10:32:30.0863 3928  vhdmp - ok
10:32:30.0877 3928  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\Windows\system32\drivers\viaide.sys
10:32:30.0926 3928  viaide - ok
10:32:30.0931 3928  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
10:32:30.0974 3928  vmbus - ok
10:32:30.0978 3928  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
10:32:31.0014 3928  VMBusHID - ok
10:32:31.0039 3928  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
10:32:31.0069 3928  vmicheartbeat - ok
10:32:31.0074 3928  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
10:32:31.0076 3928  vmickvpexchange - ok
10:32:31.0082 3928  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\Windows\System32\ICSvc.dll
10:32:31.0084 3928  vmicrdv - ok
10:32:31.0089 3928  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
10:32:31.0092 3928  vmicshutdown - ok
10:32:31.0097 3928  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\Windows\System32\ICSvc.dll
10:32:31.0100 3928  vmictimesync - ok
10:32:31.0105 3928  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\Windows\System32\ICSvc.dll
10:32:31.0108 3928  vmicvss - ok
10:32:31.0118 3928  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:32:31.0157 3928  volmgr - ok
10:32:31.0163 3928  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:32:31.0167 3928  volmgrx - ok
10:32:31.0174 3928  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:32:31.0215 3928  volsnap - ok
10:32:31.0233 3928  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\Windows\System32\drivers\vpci.sys
10:32:31.0270 3928  vpci - ok
10:32:31.0276 3928  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:32:31.0316 3928  vsmraid - ok
10:32:31.0339 3928  [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS             C:\Windows\system32\vssvc.exe
10:32:31.0353 3928  VSS - ok
10:32:31.0359 3928  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
10:32:31.0402 3928  VSTXRAID - ok
10:32:31.0406 3928  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
10:32:31.0407 3928  vwifibus - ok
10:32:31.0411 3928  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:32:31.0412 3928  vwififlt - ok
10:32:31.0415 3928  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
10:32:31.0416 3928  vwifimp - ok
10:32:31.0424 3928  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\Windows\system32\w32time.dll
10:32:31.0429 3928  W32Time - ok
10:32:31.0433 3928  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
10:32:31.0471 3928  WacomPen - ok
10:32:31.0475 3928  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
10:32:31.0476 3928  Wanarp - ok
10:32:31.0479 3928  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:32:31.0480 3928  Wanarpv6 - ok
10:32:31.0484 3928  WatGorp - ok
10:32:31.0518 3928  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\Windows\system32\wbengine.exe
10:32:31.0534 3928  wbengine - ok
10:32:31.0541 3928  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:32:31.0546 3928  WbioSrvc - ok
10:32:31.0552 3928  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
10:32:31.0556 3928  Wcmsvc - ok
10:32:31.0565 3928  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:32:31.0570 3928  wcncsvc - ok
10:32:31.0578 3928  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:32:31.0580 3928  WcsPlugInService - ok
10:32:31.0590 3928  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\Windows\system32\drivers\wd.sys
10:32:31.0627 3928  Wd - ok
10:32:31.0647 3928  [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
10:32:31.0648 3928  WdBoot - ok
10:32:31.0661 3928  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:32:31.0667 3928  Wdf01000 - ok
10:32:31.0686 3928  [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
10:32:31.0727 3928  WdFilter - ok
10:32:31.0731 3928  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:32:31.0734 3928  WdiServiceHost - ok
10:32:31.0737 3928  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:32:31.0740 3928  WdiSystemHost - ok
10:32:31.0759 3928  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\Windows\System32\webclnt.dll
10:32:31.0763 3928  WebClient - ok
10:32:31.0768 3928  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:32:31.0773 3928  Wecsvc - ok
10:32:31.0777 3928  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:32:31.0806 3928  wercplsupport - ok
10:32:31.0814 3928  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:32:31.0817 3928  WerSvc - ok
10:32:31.0822 3928  [ F09BB0754A64733F04707B0395391911 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
10:32:31.0824 3928  WFPLWFS - ok
10:32:31.0828 3928  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\Windows\System32\wiarpc.dll
10:32:31.0830 3928  WiaRpc - ok
10:32:31.0849 3928  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:32:31.0851 3928  WIMMount - ok
10:32:31.0853 3928  WinDefend - ok
10:32:31.0870 3928  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
10:32:31.0878 3928  WinHttpAutoProxySvc - ok
10:32:31.0890 3928  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:32:31.0892 3928  Winmgmt - ok
10:32:31.0956 3928  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\Windows\system32\WsmSvc.dll
10:32:31.0982 3928  WinRM - ok
10:32:32.0013 3928  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\Windows\System32\wlansvc.dll
10:32:32.0026 3928  WlanSvc - ok
10:32:32.0049 3928  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\Windows\system32\wlidsvc.dll
10:32:32.0066 3928  wlidsvc - ok
10:32:32.0070 3928  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
10:32:32.0120 3928  WmiAcpi - ok
10:32:32.0127 3928  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:32:32.0130 3928  wmiApSrv - ok
10:32:32.0134 3928  WMPNetworkSvc - ok
10:32:32.0152 3928  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
10:32:32.0190 3928  wpcfltr - ok
10:32:32.0195 3928  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:32:32.0224 3928  WPCSvc - ok
10:32:32.0229 3928  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:32:32.0232 3928  WPDBusEnum - ok
10:32:32.0235 3928  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
10:32:32.0237 3928  WpdUpFltr - ok
10:32:32.0257 3928  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:32:32.0258 3928  ws2ifsl - ok
10:32:32.0263 3928  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          C:\Windows\System32\wscsvc.dll
10:32:32.0265 3928  wscsvc - ok
10:32:32.0269 3928  [ 74EFDA0526862C3D8D01A776182798EA ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
10:32:32.0307 3928  WSDPrintDevice - ok
10:32:32.0310 3928  WSearch - ok
10:32:32.0360 3928  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\Windows\System32\WSService.dll
10:32:32.0381 3928  WSService - ok
10:32:32.0447 3928  [ BE302BABE45EC05995F8DC66E37BBB3D ] wuauserv        C:\Windows\system32\wuaueng.dll
10:32:32.0474 3928  wuauserv - ok
10:32:32.0493 3928  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:32:32.0494 3928  WudfPf - ok
10:32:32.0499 3928  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
10:32:32.0537 3928  WUDFRd - ok
10:32:32.0542 3928  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
10:32:32.0544 3928  WUDFSensorLP - ok
10:32:32.0548 3928  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:32:32.0577 3928  wudfsvc - ok
10:32:32.0582 3928  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
10:32:32.0583 3928  WUDFWpdFs - ok
10:32:32.0605 3928  [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:32:32.0611 3928  WwanSvc - ok
10:32:32.0617 3928  [ 24E57041608ED6A9D7FDAD0D9EC214E2 ] XHCIPort        C:\Windows\System32\drivers\XHCIPort.sys
10:32:32.0657 3928  XHCIPort - ok
10:32:32.0676 3928  [ 7055B389BD0DA0B19236BF43CDDF0E1A ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
10:32:32.0722 3928  ZeroConfigService - ok
10:32:32.0729 3928  ================ Scan global ===============================
10:32:32.0745 3928  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\system32\basesrv.dll
10:32:32.0751 3928  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\system32\winsrv.dll
10:32:32.0757 3928  [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\system32\sxssrv.dll
10:32:32.0766 3928  [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\system32\services.exe
10:32:32.0772 3928  [Global] - ok
10:32:32.0772 3928  ================ Scan MBR ==================================
10:32:32.0785 3928  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
10:32:32.0789 3928  \Device\Harddisk0\DR0 - ok
10:32:32.0792 3928  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
10:32:33.0485 3928  \Device\Harddisk1\DR1 - ok
10:32:33.0486 3928  ================ Scan VBR ==================================
10:32:33.0488 3928  [ D0312D4F83F330C3A33DEE444B8B9DB1 ] \Device\Harddisk0\DR0\Partition1
10:32:33.0488 3928  \Device\Harddisk0\DR0\Partition1 - ok
10:32:33.0491 3928  [ C4F46A9164A3CE8E7149CE0543E93CF3 ] \Device\Harddisk0\DR0\Partition2
10:32:33.0492 3928  \Device\Harddisk0\DR0\Partition2 - ok
10:32:33.0495 3928  [ 98F1CAAAF087166BE89EE5727ABDDC5C ] \Device\Harddisk0\DR0\Partition3
10:32:33.0495 3928  \Device\Harddisk0\DR0\Partition3 - ok
10:32:33.0498 3928  [ 6DE5312E486A1C959ABEEE18E889ACC3 ] \Device\Harddisk0\DR0\Partition4
10:32:33.0500 3928  \Device\Harddisk0\DR0\Partition4 - ok
10:32:33.0502 3928  [ D97A6888F4FDF914E498915733F382C8 ] \Device\Harddisk0\DR0\Partition5
10:32:33.0503 3928  \Device\Harddisk0\DR0\Partition5 - ok
10:32:33.0506 3928  [ 5B525A3773C192AC3A6C95B8F3B2D138 ] \Device\Harddisk0\DR0\Partition6
10:32:33.0507 3928  \Device\Harddisk0\DR0\Partition6 - ok
10:32:33.0509 3928  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
10:32:33.0509 3928  \Device\Harddisk1\DR1\Partition1 - ok
10:32:33.0511 3928  ============================================================
10:32:33.0511 3928  Scan finished
10:32:33.0511 3928  ============================================================
10:32:33.0517 9164  Detected object count: 0
10:32:33.0517 9164  Actual detected object count: 0
10:35:07.0099 6244  Deinitialize success
 

ESET Log:

================

C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\hstart.exe a variant of Win32/HiddenStart.A application
C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHQ4DZJO\optin[1].php Win32/SpeedUpMyPC application
C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SYO47IH9\WebCakesetup[1].exe multiple threats
C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9ASK50ZJ\metrics[1].htm HTML/Iframe.B.Gen virus
C:\Users\Michelle\AppData\Local\Temp\6893509B-BAB0-7891-9441-33A7591DA20C\Latest\BExternal.dll a variant of Win32/Toolbar.Babylon.C application
C:\Users\Michelle\AppData\Local\Temp\6893509B-BAB0-7891-9441-33A7591DA20C\Latest\IEHelper.dll Win32/Toolbar.Babylon.E application
 

 



#4 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:22 PM

Posted 01 August 2013 - 11:51 AM

:step1: Remove the following infections by running Disk Cleanup

 

C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHQ4DZJO\optin[1].php Win32/SpeedUpMyPC application
C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SYO47IH9\WebCakesetup[1].exe multiple threats
C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9ASK50ZJ\metrics[1].htm HTML/Iframe.B.Gen virus

 

To run Disk Cleanup:

  1. Press the Windows Key to go to the Start Screen
  2. Open the Charms Bar
  3. Click Search
  4. Type cleanmgr in the box
  5. Click the cleanmgr icon

Disk_Cleanup_03.png

 

Reboot the computer. Is the issue still occurring? 


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#5 mds_11

mds_11
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:11:22 AM

Posted 01 August 2013 - 12:09 PM

I ran the disk clean up, reboot the computer, then fired up Chrome.... the issue was still there. :-(



#6 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:22 PM

Posted 01 August 2013 - 12:46 PM

:step1: Use AdwCleaner 

 

       http://www.bleepingcomputer.com/download/adwcleaner/

       

    Note: Please note that Antivir Webguard uses ASK Toolbar as part of its web security. If you remove ASK by using Adwcleaner, Antivir Webguard will no longer work properly. Therefore, if you use this program please use the instructions below to access the options screen where you should enable/DisableAskDetections before using AdwCleaner.

 

  • Using AdwCleaner is very simple. Simply download the program and run it.  You will then be presented with a screen that contains a Search and Delete button.  The Search button will cause AdwCleaner to search your computer for unwanted programs and then display a log showing the various files, folders, and registry entries used by these programs.
     
  • To delete these unwanted programs simply click on the Delete button, which will cause AdwCleaner to reboot your computer and remove the files and registry entries associated with the various adware that you are removing.  On reboot, AdwCleaner will display a log showing the files, folders, and registry entries that were removed.

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#7 mds_11

mds_11
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:11:22 AM

Posted 01 August 2013 - 01:37 PM

AdwCleanr was run and the computer rebooted. Fired up Chrome... it said that my browser preference is corrupted. Acknowledged the message... then sign in to Google... behind the Chrome IE popup again showing the redirected page!

 

Here are the AdwCleaner logs:

 

1. AdwCleaner [R1] .txt

=======================

 

# AdwCleaner v2.306 - Logfile created 08/01/2013 at 14:08:16
# Updated 19/07/2013 by Xplode
# Operating system : Windows 8  (64 bits)
# User : Michelle - MICHELLE-ULTRA
# Boot Mode : Normal
# Running from : C:\Users\Michelle\Downloads\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\Users\Michelle\AppData\LocalLow\delta
Folder Found : C:\Users\Michelle\AppData\Roaming\delta
 
***** [Registry] *****
 
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\Delta
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Found : HKLM\Software\Delta
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Found : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Found : HKLM\SOFTWARE\Tarma Installer
Key Found : HKU\S-1-5-21-2271554272-1330283948-2838850625-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v10.0.9200.16537
 
[OK] Registry is clean.
 
-\\ Google Chrome v28.0.1500.95
 
File : C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
File : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [5676 octets] - [01/08/2013 14:08:16]
 
########## EOF - C:\AdwCleaner[R1].txt - [5736 octets] ##########
 

 

2. AdwCleaner [S1].txt

===================

 

# AdwCleaner v2.306 - Logfile created 08/01/2013 at 14:15:21
# Updated 19/07/2013 by Xplode
# Operating system : Windows 8  (64 bits)
# User : Michelle - MICHELLE-ULTRA
# Boot Mode : Normal
# Running from : C:\Users\Michelle\Downloads\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\Michelle\AppData\LocalLow\delta
Folder Deleted : C:\Users\Michelle\AppData\Roaming\delta
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v10.0.9200.16537
 
[OK] Registry is clean.
 
-\\ Google Chrome v28.0.1500.95
 
File : C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
File : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [5775 octets] - [01/08/2013 14:08:16]
AdwCleaner[S1].txt - [5701 octets] - [01/08/2013 14:15:21]
 
########## EOF - C:\AdwCleaner[S1].txt - [5761 octets] ##########


#8 mds_11

mds_11
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:11:22 AM

Posted 01 August 2013 - 08:07 PM

Even all the malware cleaners reported no more problem, the symptom still exists. Seems this malware is very stubborn. Any further suggestion?



#9 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:22 PM

Posted 02 August 2013 - 02:45 AM

:step1: Remove Chrome then reinstall it. Is the issue also behaving in other browsers? So If you have IE is also giving the same symptoms as in Chrome?


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#10 mds_11

mds_11
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:11:22 AM

Posted 02 August 2013 - 08:27 AM

Just uninstalled and re-installed Chrome and so far have not seen the popup IE window. I will see if it can work well for the whole day. 



#11 mds_11

mds_11
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:11:22 AM

Posted 03 August 2013 - 11:00 PM

So far have not seen the redirected popup window any more. Seems the problem is gone.



#12 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:22 PM

Posted 04 August 2013 - 02:11 AM

:thumbup2:

 

==

 

:step1: My advice is to keep your computer up to date with Windows Updates, Java and Adobe Reader and Flash Player.

 

:step2: Use WOT to inspect sites if they are safe or not :http://www.mywot.com/

 

:step3: A good working AntiVirus is also important. I personally advice Avast free or Avira. MSE it's detection is not so great.

 

:step4: Let's check how good your security is:

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#13 mds_11

mds_11
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:11:22 AM

Posted 06 August 2013 - 08:55 PM

No more popup window from IE up to now! Since I have McAfee Site Advisor and McAfee-as-a-service, I just downloaded SecurityCheck and ran it. Here is the content of the checkup.txt:

 

 Results of screen317's Security Check version 0.99.71  
   x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Disabled!  
McAfeer Security-as-a-Service   
Windows Defender                
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 McAfee Virus and Spyware Protection Service 
 McAfee SiteAdvisor Enterprise   
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Google Chrome 28.0.1500.95  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 McAfee Managed VirusScan Agent myAgtSvc.exe 
 McAfee Managed VirusScan DesktopUI XTray.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 


#14 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:22 PM

Posted 07 August 2013 - 02:25 AM

:thumbup2: Looks good.


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#15 mds_11

mds_11
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:11:22 AM

Posted 07 August 2013 - 09:40 AM

Thank you for the great help so I don't have to re-install the OS!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users