Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mandiant US Cyber Security Help?


  • Please log in to reply
13 replies to this topic

#1 Rickvv

Rickvv

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 03 August 2013 - 02:35 PM

We've got the Mandiant US Cyber Security Malware. But I can't even boot into Safe Mode...the PC restarts into Regular Windows as it gets going into Safe mode.

We have Win7 Home Premium.

 

Can anyone offer some help, please?

Thanks,

Rickvv

 



BC AdBot (Login to Remove)

 


#2 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:56 AM

Posted 03 August 2013 - 02:37 PM

:welcome:

 

Let's try something.

 

  1. Power off the infected machine.
  2. Remove the LAN-cable (so it doesn't get internet) from the infected machine.
  3. Power on the infected machine, try to start it normally. 

     


Edited by GodfatherKing, 03 August 2013 - 02:38 PM.

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#3 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 03 August 2013 - 02:55 PM

Nope, still get the warning screen. I believe that I've got the wifi 'off', too...but that's an "F" key, and I can't tell if it's disabled or not.



#4 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 03 August 2013 - 02:57 PM

Also, I tried to make a HitManPro kickstart USB, but the process failed every time. I need to find another flash drive if I'm going to use that method again...



#5 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 03 August 2013 - 05:57 PM

I used Windows System Restore, from the Recovery Menu.

F8>RepairComputer>System Restore.

During the process, Windows said it had an error an couldn't restore...but after the ReStart, windows announced that it was successful.

FBI warning was gone, and lots of updates were ready.

Ran MalwareBytes full scan, and found one or two infected items.

 

Not sure why SystemRestore had a problem, but it seems OK now.

 

Thanks for your attempt, GodatherKing.

Rickvv 



#6 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:56 AM

Posted 04 August 2013 - 01:58 AM

Post the MBAM log.


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#7 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 04 August 2013 - 07:40 AM

The log from the full scan is below.

The item it found is in quarantine, but not in the log.

Trojan.Agent.rfz (in AppData\Roaming\data.dat)

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.20.03

Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
Internet Explorer 10.0.9200.16635
Mary :: MARY-DELL [administrator]

8/3/2013 5:02:09 PM
mbam-log-2013-08-03 (17-02-09).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 24843
Time elapsed: 1 minute(s), 43 second(s) [aborted]

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#8 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:56 AM

Posted 04 August 2013 - 07:41 AM

Run also these:

 

:step1: Running TDSSKiller to obtain log

 

Note: Don't cure or delete a threat, but choose skip for all instead.

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters

tds2.jpg

  • In the Additional options: Check Detect TDLFS file system
  • Click Start Scan and allow the scan process to run

tds4-1.jpg

  • Choose for all threats to Skip for all of them.
  • Click Continue
  • Please post the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)

===================================================

 

:step2:  ESET Online Scanner

==================

Note: If your AV is blocking Eset online scanner, please temporarily disable your AV.

 

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and » UNCHECK "Remove found threats" <== Important
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. (If no malware was found you will not be presented with a log).
  • Click the Back button.
  • Click the Finish button.

===================================================


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#9 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 04 August 2013 - 07:46 AM

Will do ESET next.

07:44:20.0099 2624  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
07:44:21.0549 2624  ============================================================
07:44:21.0549 2624  Current date / time: 2013/08/04 07:44:21.0549
07:44:21.0549 2624  SystemInfo:
07:44:21.0549 2624 
07:44:21.0549 2624  OS Version: 6.1.7601 ServicePack: 1.0
07:44:21.0549 2624  Product type: Workstation
07:44:21.0549 2624  ComputerName: MARY-DELL
07:44:21.0549 2624  UserName: Mary
07:44:21.0549 2624  Windows directory: C:\windows
07:44:21.0549 2624  System windows directory: C:\windows
07:44:21.0549 2624  Running under WOW64
07:44:21.0549 2624  Processor architecture: Intel x64
07:44:21.0549 2624  Number of processors: 4
07:44:21.0549 2624  Page size: 0x1000
07:44:21.0549 2624  Boot type: Normal boot
07:44:21.0549 2624  ============================================================
07:44:22.0329 2624  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:44:22.0329 2624  ============================================================
07:44:22.0329 2624  \Device\Harddisk0\DR0:
07:44:22.0329 2624  MBR partitions:
07:44:22.0329 2624  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
07:44:22.0329 2624  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x38607030
07:44:22.0329 2624  ============================================================
07:44:22.0361 2624  C: <-> \Device\Harddisk0\DR0\Partition2
07:44:22.0361 2624  ============================================================
07:44:22.0361 2624  Initialize success
07:44:22.0361 2624  ============================================================
07:44:33.0686 4164  ============================================================
07:44:33.0686 4164  Scan started
07:44:33.0686 4164  Mode: Manual; TDLFS;
07:44:33.0686 4164  ============================================================
07:44:34.0217 4164  ================ Scan system memory ========================
07:44:34.0217 4164  System memory - ok
07:44:34.0217 4164  ================ Scan services =============================
07:44:34.0544 4164  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
07:44:34.0544 4164  1394ohci - ok
07:44:34.0607 4164  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\windows\system32\drivers\ACPI.sys
07:44:34.0607 4164  ACPI - ok
07:44:34.0669 4164  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
07:44:34.0669 4164  AcpiPmi - ok
07:44:34.0872 4164  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:44:34.0887 4164  AdobeARMservice - ok
07:44:34.0965 4164  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
07:44:34.0965 4164  adp94xx - ok
07:44:35.0028 4164  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\windows\system32\drivers\adpahci.sys
07:44:35.0043 4164  adpahci - ok
07:44:35.0059 4164  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\windows\system32\drivers\adpu320.sys
07:44:35.0059 4164  adpu320 - ok
07:44:35.0090 4164  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
07:44:35.0090 4164  AeLookupSvc - ok
07:44:35.0199 4164  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
07:44:35.0199 4164  AESTFilters - ok
07:44:35.0324 4164  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\windows\system32\drivers\afd.sys
07:44:35.0340 4164  AFD - ok
07:44:35.0402 4164  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\windows\system32\drivers\agp440.sys
07:44:35.0402 4164  agp440 - ok
07:44:35.0465 4164  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\windows\System32\alg.exe
07:44:35.0465 4164  ALG - ok
07:44:35.0527 4164  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\windows\system32\drivers\aliide.sys
07:44:35.0527 4164  aliide - ok
07:44:35.0589 4164  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\windows\system32\drivers\amdide.sys
07:44:35.0589 4164  amdide - ok
07:44:35.0605 4164  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
07:44:35.0605 4164  AmdK8 - ok
07:44:35.0621 4164  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
07:44:35.0636 4164  AmdPPM - ok
07:44:35.0683 4164  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\windows\system32\drivers\amdsata.sys
07:44:35.0683 4164  amdsata - ok
07:44:35.0745 4164  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
07:44:35.0745 4164  amdsbs - ok
07:44:35.0761 4164  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\windows\system32\drivers\amdxata.sys
07:44:35.0761 4164  amdxata - ok
07:44:35.0839 4164  [ 37E2F56F1165AA040DB25FA04DB0A3D8 ] AmFSM           C:\windows\system32\DRIVERS\amm6460.sys
07:44:35.0855 4164  AmFSM - ok
07:44:35.0917 4164  [ 6690E42CED5D067233ABAD42DA141213 ] ApfiltrService  C:\windows\system32\DRIVERS\Apfiltr.sys
07:44:35.0933 4164  ApfiltrService - ok
07:44:35.0995 4164  [ B1A935537BE5C168C223946572E2EDD1 ] APPFLT          C:\windows\system32\Drivers\APPFLT64.SYS
07:44:35.0995 4164  APPFLT - ok
07:44:36.0057 4164  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\windows\system32\drivers\appid.sys
07:44:36.0073 4164  AppID - ok
07:44:36.0089 4164  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\windows\System32\appidsvc.dll
07:44:36.0089 4164  AppIDSvc - ok
07:44:36.0120 4164  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\windows\System32\appinfo.dll
07:44:36.0120 4164  Appinfo - ok
07:44:36.0198 4164  [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:44:36.0213 4164  Apple Mobile Device - ok
07:44:36.0260 4164  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\windows\system32\drivers\arc.sys
07:44:36.0260 4164  arc - ok
07:44:36.0291 4164  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\windows\system32\drivers\arcsas.sys
07:44:36.0291 4164  arcsas - ok
07:44:36.0447 4164  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
07:44:36.0447 4164  aspnet_state - ok
07:44:36.0479 4164  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
07:44:36.0479 4164  AsyncMac - ok
07:44:36.0525 4164  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\windows\system32\drivers\atapi.sys
07:44:36.0525 4164  atapi - ok
07:44:36.0650 4164  [ 5493ED5D300AFC7A9A0A87FCA08E5381 ] athr            C:\windows\system32\DRIVERS\athrx.sys
07:44:36.0744 4164  athr - ok
07:44:36.0837 4164  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
07:44:36.0853 4164  AudioEndpointBuilder - ok
07:44:36.0900 4164  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\windows\System32\Audiosrv.dll
07:44:36.0900 4164  AudioSrv - ok
07:44:36.0962 4164  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\windows\System32\AxInstSV.dll
07:44:36.0962 4164  AxInstSV - ok
07:44:37.0025 4164  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
07:44:37.0040 4164  b06bdrv - ok
07:44:37.0118 4164  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
07:44:37.0118 4164  b57nd60a - ok
07:44:37.0259 4164  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
07:44:37.0305 4164  BBSvc - ok
07:44:37.0352 4164  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
07:44:37.0399 4164  BBUpdate - ok
07:44:37.0446 4164  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\windows\System32\bdesvc.dll
07:44:37.0461 4164  BDESVC - ok
07:44:37.0524 4164  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\windows\system32\drivers\Beep.sys
07:44:37.0524 4164  Beep - ok
07:44:37.0617 4164  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\windows\System32\bfe.dll
07:44:37.0633 4164  BFE - ok
07:44:37.0680 4164  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\windows\System32\qmgr.dll
07:44:37.0711 4164  BITS - ok
07:44:37.0758 4164  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
07:44:37.0758 4164  blbdrive - ok
07:44:37.0820 4164  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
07:44:38.0117 4164  Bonjour Service - ok
07:44:38.0179 4164  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
07:44:38.0195 4164  bowser - ok
07:44:38.0241 4164  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
07:44:38.0241 4164  BrFiltLo - ok
07:44:38.0257 4164  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
07:44:38.0257 4164  BrFiltUp - ok
07:44:38.0288 4164  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\windows\System32\browser.dll
07:44:38.0288 4164  Browser - ok
07:44:38.0304 4164  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\windows\System32\Drivers\Brserid.sys
07:44:38.0319 4164  Brserid - ok
07:44:38.0335 4164  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
07:44:38.0335 4164  BrSerWdm - ok
07:44:38.0351 4164  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
07:44:38.0366 4164  BrUsbMdm - ok
07:44:38.0382 4164  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
07:44:38.0382 4164  BrUsbSer - ok
07:44:38.0460 4164  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
07:44:38.0460 4164  BthEnum - ok
07:44:38.0475 4164  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
07:44:38.0475 4164  BTHMODEM - ok
07:44:38.0522 4164  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
07:44:38.0522 4164  BthPan - ok
07:44:38.0600 4164  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
07:44:38.0631 4164  BTHPORT - ok
07:44:38.0694 4164  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\windows\system32\bthserv.dll
07:44:38.0694 4164  bthserv - ok
07:44:38.0756 4164  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
07:44:38.0756 4164  BTHUSB - ok
07:44:38.0819 4164  [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64     C:\windows\system32\drivers\BVRPMPR5a64.SYS
07:44:38.0819 4164  BVRPMPR5a64 - ok
07:44:38.0850 4164  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
07:44:38.0850 4164  cdfs - ok
07:44:38.0912 4164  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
07:44:38.0928 4164  cdrom - ok
07:44:38.0975 4164  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\windows\System32\certprop.dll
07:44:38.0975 4164  CertPropSvc - ok
07:44:39.0037 4164  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\windows\system32\drivers\circlass.sys
07:44:39.0037 4164  circlass - ok
07:44:39.0053 4164  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\windows\system32\CLFS.sys
07:44:39.0068 4164  CLFS - ok
07:44:39.0162 4164  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:44:39.0162 4164  clr_optimization_v2.0.50727_32 - ok
07:44:39.0193 4164  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:44:39.0209 4164  clr_optimization_v2.0.50727_64 - ok
07:44:39.0287 4164  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:44:39.0287 4164  clr_optimization_v4.0.30319_32 - ok
07:44:39.0318 4164  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:44:39.0318 4164  clr_optimization_v4.0.30319_64 - ok
07:44:39.0380 4164  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
07:44:39.0380 4164  CmBatt - ok
07:44:39.0396 4164  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\windows\system32\drivers\cmdide.sys
07:44:39.0396 4164  cmdide - ok
07:44:39.0443 4164  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\windows\system32\Drivers\cng.sys
07:44:39.0458 4164  CNG - ok
07:44:39.0505 4164  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
07:44:39.0505 4164  Compbatt - ok
07:44:39.0521 4164  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
07:44:39.0521 4164  CompositeBus - ok
07:44:39.0552 4164  COMSysApp - ok
07:44:39.0583 4164  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
07:44:39.0599 4164  crcdisk - ok
07:44:39.0661 4164  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\windows\system32\cryptsvc.dll
07:44:39.0677 4164  CryptSvc - ok
07:44:39.0755 4164  [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt        C:\windows\system32\DRIVERS\CtClsFlt.sys
07:44:39.0770 4164  CtClsFlt - ok
07:44:39.0833 4164  [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm         C:\windows\system32\DRIVERS\ctxusbm.sys
07:44:39.0833 4164  ctxusbm - ok
07:44:39.0973 4164  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
07:44:40.0613 4164  cvhsvc - ok
07:44:40.0691 4164  [ 1CA90212A99DB6975C344826D11055C9 ] dc3d            C:\windows\system32\DRIVERS\dc3d.sys
07:44:40.0691 4164  dc3d - ok
07:44:40.0753 4164  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\windows\system32\rpcss.dll
07:44:40.0769 4164  DcomLaunch - ok
07:44:40.0800 4164  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\windows\System32\defragsvc.dll
07:44:40.0815 4164  defragsvc - ok
07:44:40.0862 4164  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
07:44:40.0862 4164  DfsC - ok
07:44:40.0925 4164  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\windows\system32\dhcpcore.dll
07:44:40.0925 4164  Dhcp - ok
07:44:40.0956 4164  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\windows\system32\drivers\discache.sys
07:44:40.0956 4164  discache - ok
07:44:41.0034 4164  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\windows\system32\drivers\disk.sys
07:44:41.0034 4164  Disk - ok
07:44:41.0049 4164  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\windows\System32\dnsrslvr.dll
07:44:41.0065 4164  Dnscache - ok
07:44:41.0081 4164  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\windows\System32\dot3svc.dll
07:44:41.0096 4164  dot3svc - ok
07:44:41.0112 4164  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\windows\system32\dps.dll
07:44:41.0112 4164  DPS - ok
07:44:41.0190 4164  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
07:44:41.0190 4164  drmkaud - ok
07:44:41.0221 4164  [ 64648B677D5005749F2FE412254512B7 ] DSAFLT          C:\windows\system32\Drivers\DSAFLT64.SYS
07:44:41.0221 4164  DSAFLT - ok
07:44:41.0283 4164  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
07:44:41.0315 4164  DXGKrnl - ok
07:44:41.0361 4164  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\windows\System32\eapsvc.dll
07:44:41.0361 4164  EapHost - ok
07:44:41.0455 4164  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\windows\system32\drivers\evbda.sys
07:44:41.0549 4164  ebdrv - ok
07:44:41.0611 4164  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\windows\System32\lsass.exe
07:44:41.0611 4164  EFS - ok
07:44:41.0705 4164  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
07:44:41.0720 4164  ehRecvr - ok
07:44:41.0736 4164  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\windows\ehome\ehsched.exe
07:44:41.0751 4164  ehSched - ok
07:44:41.0814 4164  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\windows\system32\drivers\elxstor.sys
07:44:41.0829 4164  elxstor - ok
07:44:41.0861 4164  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\windows\system32\drivers\errdev.sys
07:44:41.0861 4164  ErrDev - ok
07:44:41.0923 4164  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\windows\system32\es.dll
07:44:41.0939 4164  EventSystem - ok
07:44:41.0954 4164  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\windows\system32\drivers\exfat.sys
07:44:41.0954 4164  exfat - ok
07:44:41.0985 4164  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\windows\system32\drivers\fastfat.sys
07:44:42.0001 4164  fastfat - ok
07:44:42.0063 4164  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\windows\system32\fxssvc.exe
07:44:42.0079 4164  Fax - ok
07:44:42.0095 4164  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\windows\system32\drivers\fdc.sys
07:44:42.0095 4164  fdc - ok
07:44:42.0110 4164  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\windows\system32\fdPHost.dll
07:44:42.0110 4164  fdPHost - ok
07:44:42.0126 4164  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\windows\system32\fdrespub.dll
07:44:42.0126 4164  FDResPub - ok
07:44:42.0173 4164  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
07:44:42.0173 4164  FileInfo - ok
07:44:42.0188 4164  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
07:44:42.0188 4164  Filetrace - ok
07:44:42.0204 4164  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
07:44:42.0204 4164  flpydisk - ok
07:44:42.0235 4164  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
07:44:42.0235 4164  FltMgr - ok
07:44:42.0297 4164  [ 50C6C310A98108A94E985FD46B4E150C ] FNETMON         C:\windows\system32\Drivers\fnetm64.SYS
07:44:42.0297 4164  FNETMON - ok
07:44:42.0407 4164  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\windows\system32\FntCache.dll
07:44:42.0438 4164  FontCache - ok
07:44:42.0500 4164  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:44:42.0500 4164  FontCache3.0.0.0 - ok
07:44:42.0531 4164  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
07:44:42.0531 4164  FsDepends - ok
07:44:42.0594 4164  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
07:44:42.0594 4164  Fs_Rec - ok
07:44:42.0687 4164  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
07:44:42.0703 4164  fvevol - ok
07:44:42.0703 4164  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
07:44:42.0719 4164  gagp30kx - ok
07:44:42.0797 4164  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
07:44:43.0077 4164  GamesAppService - ok
07:44:43.0140 4164  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
07:44:43.0140 4164  GEARAspiWDM - ok
07:44:43.0202 4164  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\windows\System32\gpsvc.dll
07:44:43.0233 4164  gpsvc - ok
07:44:43.0280 4164  [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb         C:\windows\system32\drivers\grmnusb.sys
07:44:43.0296 4164  grmnusb - ok
07:44:43.0311 4164  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
07:44:43.0327 4164  hcw85cir - ok
07:44:43.0374 4164  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
07:44:43.0374 4164  HdAudAddService - ok
07:44:43.0389 4164  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
07:44:43.0389 4164  HDAudBus - ok
07:44:43.0421 4164  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\windows\system32\DRIVERS\HECIx64.sys
07:44:43.0436 4164  HECIx64 - ok
07:44:43.0436 4164  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
07:44:43.0436 4164  HidBatt - ok
07:44:43.0452 4164  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\windows\system32\drivers\hidbth.sys
07:44:43.0452 4164  HidBth - ok
07:44:43.0499 4164  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\windows\system32\drivers\hidir.sys
07:44:43.0499 4164  HidIr - ok
07:44:43.0530 4164  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\windows\system32\hidserv.dll
07:44:43.0530 4164  hidserv - ok
07:44:43.0577 4164  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
07:44:43.0592 4164  HidUsb - ok
07:44:43.0623 4164  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\windows\system32\kmsvc.dll
07:44:43.0623 4164  hkmsvc - ok
07:44:43.0670 4164  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
07:44:43.0686 4164  HomeGroupListener - ok
07:44:43.0717 4164  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
07:44:43.0717 4164  HomeGroupProvider - ok
07:44:43.0764 4164  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
07:44:43.0764 4164  HpSAMD - ok
07:44:43.0842 4164  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\windows\system32\drivers\HTTP.sys
07:44:43.0857 4164  HTTP - ok
07:44:43.0920 4164  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
07:44:43.0920 4164  hwpolicy - ok
07:44:43.0967 4164  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
07:44:43.0967 4164  i8042prt - ok
07:44:44.0045 4164  [ D469B77687E12FE43E344806740B624D ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
07:44:44.0060 4164  iaStor - ok
07:44:44.0107 4164  [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
07:44:44.0123 4164  IAStorDataMgrSvc - ok
07:44:44.0169 4164  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
07:44:44.0185 4164  iaStorV - ok
07:44:44.0232 4164  [ E3FC339DAC4DDF4A12188313DC4DA94F ] IDSFLT          C:\windows\system32\Drivers\IDSFLT64.SYS
07:44:44.0247 4164  IDSFLT - ok
07:44:44.0310 4164  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:44:44.0341 4164  idsvc - ok
07:44:44.0903 4164  [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
07:44:45.0137 4164  igfx - ok
07:44:45.0183 4164  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\windows\system32\drivers\iirsp.sys
07:44:45.0183 4164  iirsp - ok
07:44:45.0230 4164  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\windows\System32\ikeext.dll
07:44:45.0261 4164  IKEEXT - ok
07:44:45.0324 4164  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\windows\system32\DRIVERS\Impcd.sys
07:44:45.0324 4164  Impcd - ok
07:44:45.0386 4164  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
07:44:45.0402 4164  IntcDAud - ok
07:44:45.0417 4164  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\windows\system32\drivers\intelide.sys
07:44:45.0417 4164  intelide - ok
07:44:45.0480 4164  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
07:44:45.0480 4164  intelppm - ok
07:44:45.0605 4164  [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
07:44:45.0605 4164  IntuitUpdateServiceV4 - ok
07:44:45.0620 4164  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\windows\system32\ipbusenum.dll
07:44:45.0620 4164  IPBusEnum - ok
07:44:45.0636 4164  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
07:44:45.0636 4164  IpFilterDriver - ok
07:44:45.0714 4164  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
07:44:45.0729 4164  iphlpsvc - ok
07:44:45.0745 4164  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
07:44:45.0745 4164  IPMIDRV - ok
07:44:45.0776 4164  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
07:44:45.0776 4164  IPNAT - ok
07:44:45.0854 4164  [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
07:44:45.0948 4164  iPod Service - ok
07:44:45.0979 4164  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\windows\system32\drivers\irenum.sys
07:44:45.0995 4164  IRENUM - ok
07:44:46.0026 4164  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\windows\system32\drivers\isapnp.sys
07:44:46.0026 4164  isapnp - ok
07:44:46.0057 4164  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
07:44:46.0073 4164  iScsiPrt - ok
07:44:46.0104 4164  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
07:44:46.0104 4164  kbdclass - ok
07:44:46.0119 4164  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
07:44:46.0119 4164  kbdhid - ok
07:44:46.0135 4164  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\windows\system32\lsass.exe
07:44:46.0135 4164  KeyIso - ok
07:44:46.0166 4164  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
07:44:46.0166 4164  KSecDD - ok
07:44:46.0182 4164  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
07:44:46.0197 4164  KSecPkg - ok
07:44:46.0213 4164  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
07:44:46.0213 4164  ksthunk - ok
07:44:46.0244 4164  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\windows\system32\msdtckrm.dll
07:44:46.0260 4164  KtmRm - ok
07:44:46.0322 4164  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\windows\system32\srvsvc.dll
07:44:46.0338 4164  LanmanServer - ok
07:44:46.0353 4164  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
07:44:46.0369 4164  LanmanWorkstation - ok
07:44:46.0416 4164  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
07:44:46.0431 4164  lltdio - ok
07:44:46.0478 4164  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\windows\System32\lltdsvc.dll
07:44:46.0494 4164  lltdsvc - ok
07:44:46.0541 4164  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\windows\System32\lmhsvc.dll
07:44:46.0541 4164  lmhosts - ok
07:44:46.0665 4164  [ 8F2CFF01F12955477450DA5E572D4001 ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
07:44:46.0697 4164  LMIGuardianSvc - ok
07:44:46.0743 4164  [ 0F28935ECF1FBDEC22BAF720A5A94564 ] LMIInfo         C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
07:44:46.0759 4164  LMIInfo - ok
07:44:46.0790 4164  [ CA86C7042E406070B905AE6CA45D22EA ] LMIMaint        C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
07:44:47.0024 4164  LMIMaint - ok
07:44:47.0071 4164  [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr         C:\windows\system32\DRIVERS\lmimirr.sys
07:44:47.0071 4164  lmimirr - ok
07:44:47.0102 4164  LMIRfsClientNP - ok
07:44:47.0133 4164  [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver    C:\windows\system32\drivers\LMIRfsDriver.sys
07:44:47.0133 4164  LMIRfsDriver - ok
07:44:47.0211 4164  [ 23D990150D56B670A62B21B9ABDD45EE ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
07:44:47.0258 4164  LMS - ok
07:44:47.0321 4164  [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn         C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
07:44:47.0336 4164  LogMeIn - ok
07:44:47.0399 4164  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
07:44:47.0399 4164  LSI_FC - ok
07:44:47.0414 4164  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
07:44:47.0414 4164  LSI_SAS - ok
07:44:47.0430 4164  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
07:44:47.0430 4164  LSI_SAS2 - ok
07:44:47.0445 4164  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
07:44:47.0445 4164  LSI_SCSI - ok
07:44:47.0461 4164  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\windows\system32\drivers\luafv.sys
07:44:47.0461 4164  luafv - ok
07:44:47.0539 4164  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
07:44:47.0539 4164  Mcx2Svc - ok
07:44:47.0555 4164  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\windows\system32\drivers\megasas.sys
07:44:47.0570 4164  megasas - ok
07:44:47.0601 4164  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
07:44:47.0601 4164  MegaSR - ok
07:44:47.0664 4164  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\windows\system32\mmcss.dll
07:44:47.0664 4164  MMCSS - ok
07:44:47.0664 4164  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\windows\system32\drivers\modem.sys
07:44:47.0679 4164  Modem - ok
07:44:47.0695 4164  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\windows\system32\DRIVERS\monitor.sys
07:44:47.0695 4164  monitor - ok
07:44:47.0711 4164  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
07:44:47.0711 4164  mouclass - ok
07:44:47.0757 4164  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
07:44:47.0773 4164  mouhid - ok
07:44:47.0773 4164  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
07:44:47.0773 4164  mountmgr - ok
07:44:47.0882 4164  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
07:44:48.0007 4164  MozillaMaintenance - ok
07:44:48.0038 4164  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\windows\system32\drivers\mpio.sys
07:44:48.0038 4164  mpio - ok
07:44:48.0054 4164  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
07:44:48.0069 4164  mpsdrv - ok
07:44:48.0116 4164  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\windows\system32\mpssvc.dll
07:44:48.0147 4164  MpsSvc - ok
07:44:48.0163 4164  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
07:44:48.0163 4164  MRxDAV - ok
07:44:48.0179 4164  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
07:44:48.0194 4164  mrxsmb - ok
07:44:48.0210 4164  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
07:44:48.0210 4164  mrxsmb10 - ok
07:44:48.0225 4164  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
07:44:48.0225 4164  mrxsmb20 - ok
07:44:48.0241 4164  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\windows\system32\drivers\msahci.sys
07:44:48.0241 4164  msahci - ok
07:44:48.0257 4164  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\windows\system32\drivers\msdsm.sys
07:44:48.0272 4164  msdsm - ok
07:44:48.0272 4164  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\windows\System32\msdtc.exe
07:44:48.0272 4164  MSDTC - ok
07:44:48.0319 4164  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\windows\system32\drivers\Msfs.sys
07:44:48.0335 4164  Msfs - ok
07:44:48.0335 4164  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
07:44:48.0350 4164  mshidkmdf - ok
07:44:48.0366 4164  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
07:44:48.0366 4164  msisadrv - ok
07:44:48.0413 4164  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
07:44:48.0428 4164  MSiSCSI - ok
07:44:48.0428 4164  msiserver - ok
07:44:48.0444 4164  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
07:44:48.0459 4164  MSKSSRV - ok
07:44:48.0475 4164  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
07:44:48.0475 4164  MSPCLOCK - ok
07:44:48.0475 4164  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
07:44:48.0475 4164  MSPQM - ok
07:44:48.0522 4164  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
07:44:48.0522 4164  MsRPC - ok
07:44:48.0537 4164  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
07:44:48.0553 4164  mssmbios - ok
07:44:48.0569 4164  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
07:44:48.0569 4164  MSTEE - ok
07:44:48.0569 4164  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
07:44:48.0569 4164  MTConfig - ok
07:44:48.0584 4164  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\windows\system32\Drivers\mup.sys
07:44:48.0600 4164  Mup - ok
07:44:48.0631 4164  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\windows\system32\qagentRT.dll
07:44:48.0647 4164  napagent - ok
07:44:48.0693 4164  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
07:44:48.0709 4164  NativeWifiP - ok
07:44:48.0803 4164  [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
07:44:48.0818 4164  NAUpdate - ok
07:44:48.0865 4164  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\windows\system32\drivers\ndis.sys
07:44:48.0881 4164  NDIS - ok
07:44:48.0943 4164  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
07:44:48.0943 4164  NdisCap - ok
07:44:48.0990 4164  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
07:44:48.0990 4164  NdisTapi - ok
07:44:49.0037 4164  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
07:44:49.0052 4164  Ndisuio - ok
07:44:49.0068 4164  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
07:44:49.0068 4164  NdisWan - ok
07:44:49.0083 4164  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
07:44:49.0083 4164  NDProxy - ok
07:44:49.0099 4164  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
07:44:49.0099 4164  NetBIOS - ok
07:44:49.0130 4164  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
07:44:49.0130 4164  NetBT - ok
07:44:49.0208 4164  [ BA99A34A9B5EB737CE54BC0A7C596609 ] NETFLTDI        C:\windows\system32\Drivers\NETTDI64.SYS
07:44:49.0208 4164  NETFLTDI - ok
07:44:49.0286 4164  [ DDD0C4A3D4F810255CE67B85E8E266F1 ] NETIMFLT01060044 C:\windows\system32\DRIVERS\n64i1644.sys
07:44:49.0302 4164  NETIMFLT01060044 - ok
07:44:49.0317 4164  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\windows\system32\lsass.exe
07:44:49.0317 4164  Netlogon - ok
07:44:49.0473 4164  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\windows\System32\netman.dll
07:44:49.0505 4164  Netman - ok
07:44:49.0536 4164  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:44:49.0551 4164  NetMsmqActivator - ok
07:44:49.0583 4164  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:44:49.0583 4164  NetPipeActivator - ok
07:44:49.0661 4164  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\windows\System32\netprofm.dll
07:44:49.0661 4164  netprofm - ok
07:44:49.0676 4164  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:44:49.0676 4164  NetTcpActivator - ok
07:44:49.0676 4164  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:44:49.0692 4164  NetTcpPortSharing - ok
07:44:49.0754 4164  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
07:44:49.0754 4164  nfrd960 - ok
07:44:49.0801 4164  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\windows\System32\nlasvc.dll
07:44:49.0817 4164  NlaSvc - ok
07:44:49.0973 4164  [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
07:44:50.0035 4164  NOBU - ok
07:44:50.0051 4164  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\windows\system32\drivers\Npfs.sys
07:44:50.0051 4164  Npfs - ok
07:44:50.0113 4164  [ F2BB446F301FA0CA1B66871B6BB9F442 ] nsfim           C:\windows\system32\Drivers\NSFIM64.SYS
07:44:50.0113 4164  nsfim - ok
07:44:50.0129 4164  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\windows\system32\nsisvc.dll
07:44:50.0144 4164  nsi - ok
07:44:50.0160 4164  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
07:44:50.0175 4164  nsiproxy - ok
07:44:50.0238 4164  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
07:44:50.0285 4164  Ntfs - ok
07:44:50.0300 4164  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\windows\system32\drivers\Null.sys
07:44:50.0300 4164  Null - ok
07:44:50.0347 4164  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\windows\system32\drivers\nvraid.sys
07:44:50.0363 4164  nvraid - ok
07:44:50.0378 4164  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\windows\system32\drivers\nvstor.sys
07:44:50.0378 4164  nvstor - ok
07:44:50.0409 4164  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
07:44:50.0409 4164  nv_agp - ok
07:44:50.0409 4164  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
07:44:50.0425 4164  ohci1394 - ok
07:44:50.0487 4164  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:44:50.0643 4164  ose - ok
07:44:50.0893 4164  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:44:51.0127 4164  osppsvc - ok
07:44:51.0174 4164  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
07:44:51.0189 4164  p2pimsvc - ok
07:44:51.0236 4164  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\windows\system32\p2psvc.dll
07:44:51.0252 4164  p2psvc - ok
07:44:51.0470 4164  [ C27ABB21DE311A0FC6F3114B7E44D3F2 ] Panda Software Controller C:\Program Files (x86)\Panda Security\WAC\PsCtrlS.exe
07:44:51.0486 4164  Panda Software Controller - ok
07:44:51.0501 4164  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\windows\system32\drivers\parport.sys
07:44:51.0517 4164  Parport - ok
07:44:51.0548 4164  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\windows\system32\drivers\partmgr.sys
07:44:51.0548 4164  partmgr - ok
07:44:51.0673 4164  [ F99F2FD72A396FCF12E526EEBF3D275B ] PavAt3Scheduler C:\Program Files (x86)\Panda Security\WaAgent\Scheduler\PavSched.exe
07:44:51.0704 4164  PavAt3Scheduler - ok
07:44:51.0767 4164  [ 035B941B6542909562021966B2864646 ] PavFnSvr        C:\Program Files (x86)\Panda Security\WAC\pavFnSvr.exe
07:44:51.0782 4164  PavFnSvr - ok
07:44:51.0876 4164  [ B380167242F8B498D59999F324E4A89C ] PavSrv          C:\Program Files (x86)\Panda Security\WAC\pavsrvx86.exe
07:44:52.0141 4164  PavSrv - ok
07:44:52.0250 4164  [ BA08ABA4E99CDBBCCBEF4E80D178019D ] PavWASLpMng     C:\Program Files (x86)\Panda Security\WaAgent\WasLpMng\WASLPMNG.exe
07:44:52.0266 4164  PavWASLpMng - ok
07:44:52.0281 4164  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\windows\System32\pcasvc.dll
07:44:52.0281 4164  PcaSvc - ok
07:44:52.0313 4164  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\windows\system32\drivers\pci.sys
07:44:52.0328 4164  pci - ok
07:44:52.0344 4164  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\windows\system32\drivers\pciide.sys
07:44:52.0344 4164  pciide - ok
07:44:52.0375 4164  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
07:44:52.0375 4164  pcmcia - ok
07:44:52.0391 4164  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\windows\system32\drivers\pcw.sys
07:44:52.0391 4164  pcw - ok
07:44:52.0422 4164  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\windows\system32\drivers\peauth.sys
07:44:52.0453 4164  PEAUTH - ok
07:44:52.0562 4164  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\windows\SysWow64\perfhost.exe
07:44:52.0562 4164  PerfHost - ok
07:44:52.0625 4164  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\windows\system32\pla.dll
07:44:52.0671 4164  pla - ok
07:44:52.0734 4164  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
07:44:52.0765 4164  PlugPlay - ok
07:44:52.0781 4164  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
07:44:52.0796 4164  PNRPAutoReg - ok
07:44:52.0812 4164  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
07:44:52.0812 4164  PNRPsvc - ok
07:44:52.0874 4164  [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64         C:\windows\system32\DRIVERS\point64.sys
07:44:52.0874 4164  Point64 - ok
07:44:52.0905 4164  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
07:44:52.0921 4164  PolicyAgent - ok
07:44:52.0937 4164  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power           C:\windows\system32\umpo.dll
07:44:52.0937 4164  Power - ok
07:44:52.0999 4164  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
07:44:52.0999 4164  PptpMiniport - ok
07:44:53.0030 4164  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\windows\system32\drivers\processr.sys
07:44:53.0030 4164  Processor - ok
07:44:53.0061 4164  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\windows\system32\profsvc.dll
07:44:53.0077 4164  ProfSvc - ok
07:44:53.0108 4164  Prot6Flt - ok
07:44:53.0139 4164  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
07:44:53.0139 4164  ProtectedStorage - ok
07:44:53.0202 4164  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\windows\system32\DRIVERS\pacer.sys
07:44:53.0202 4164  Psched - ok
07:44:53.0264 4164  [ 532053E8E3BB8FA7166AB4E7685FDDCC ] PSHost          C:\Program Files (x86)\Panda Security\WAC\PSHost.exe
07:44:53.0280 4164  PSHost - ok
07:44:53.0358 4164  [ DD3FD48D69F5FBBB21D46D1514C1C2DB ] PSI             C:\windows\system32\DRIVERS\psi_mf_amd64.sys
07:44:53.0373 4164  PSI - ok
07:44:53.0405 4164  [ 935581107FD5B40B61D3908CAE0C4E53 ] PSImSvc         C:\Program Files (x86)\Panda Security\WAC\PSIMSVC.EXE
07:44:53.0685 4164  PSImSvc - ok
07:44:53.0748 4164  [ 7F0F38BC0236FBB9469281E0826D862E ] PskSvc          C:\Program Files (x86)\Panda Security\WAC\psksvc.exe
07:44:53.0748 4164  PskSvc - ok
07:44:53.0810 4164  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys
07:44:53.0826 4164  PxHlpa64 - ok
07:44:53.0951 4164  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\windows\system32\drivers\ql2300.sys
07:44:53.0997 4164  ql2300 - ok
07:44:54.0013 4164  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
07:44:54.0013 4164  ql40xx - ok
07:44:54.0044 4164  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\windows\system32\qwave.dll
07:44:54.0044 4164  QWAVE - ok
07:44:54.0060 4164  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
07:44:54.0075 4164  QWAVEdrv - ok
07:44:54.0075 4164  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
07:44:54.0075 4164  RasAcd - ok
07:44:54.0138 4164  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
07:44:54.0138 4164  RasAgileVpn - ok
07:44:54.0153 4164  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\windows\System32\rasauto.dll
07:44:54.0169 4164  RasAuto - ok
07:44:54.0185 4164  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
07:44:54.0185 4164  Rasl2tp - ok
07:44:54.0216 4164  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\windows\System32\rasmans.dll
07:44:54.0216 4164  RasMan - ok
07:44:54.0231 4164  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
07:44:54.0247 4164  RasPppoe - ok
07:44:54.0263 4164  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
07:44:54.0263 4164  RasSstp - ok
07:44:54.0278 4164  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
07:44:54.0294 4164  rdbss - ok
07:44:54.0309 4164  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
07:44:54.0309 4164  rdpbus - ok
07:44:54.0341 4164  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
07:44:54.0341 4164  RDPCDD - ok
07:44:54.0372 4164  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
07:44:54.0372 4164  RDPENCDD - ok
07:44:54.0372 4164  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
07:44:54.0387 4164  RDPREFMP - ok
07:44:54.0419 4164  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
07:44:54.0419 4164  RDPWD - ok
07:44:54.0465 4164  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
07:44:54.0465 4164  rdyboost - ok
07:44:54.0481 4164  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\windows\System32\mprdim.dll
07:44:54.0497 4164  RemoteAccess - ok
07:44:54.0528 4164  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\windows\system32\regsvc.dll
07:44:54.0528 4164  RemoteRegistry - ok
07:44:54.0590 4164  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
07:44:54.0606 4164  RFCOMM - ok
07:44:54.0715 4164  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
07:44:54.0824 4164  RoxMediaDB12OEM - ok
07:44:54.0855 4164  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
07:44:54.0887 4164  RoxWatch12 - ok
07:44:54.0933 4164  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
07:44:54.0949 4164  RpcEptMapper - ok
07:44:54.0965 4164  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\windows\system32\locator.exe
07:44:54.0980 4164  RpcLocator - ok
07:44:54.0996 4164  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\windows\system32\rpcss.dll
07:44:54.0996 4164  RpcSs - ok
07:44:55.0058 4164  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
07:44:55.0058 4164  rspndr - ok
07:44:55.0121 4164  [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
07:44:55.0136 4164  RSUSBSTOR - ok
07:44:55.0167 4164  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
07:44:55.0183 4164  RTL8167 - ok
07:44:55.0199 4164  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\windows\system32\lsass.exe
07:44:55.0199 4164  SamSs - ok
07:44:55.0214 4164  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
07:44:55.0230 4164  sbp2port - ok
07:44:55.0261 4164  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\windows\System32\SCardSvr.dll
07:44:55.0261 4164  SCardSvr - ok
07:44:55.0277 4164  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
07:44:55.0277 4164  scfilter - ok
07:44:55.0323 4164  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\windows\system32\schedsvc.dll
07:44:55.0355 4164  Schedule - ok
07:44:55.0386 4164  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\windows\System32\certprop.dll
07:44:55.0386 4164  SCPolicySvc - ok
07:44:55.0401 4164  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\windows\System32\SDRSVC.dll
07:44:55.0401 4164  SDRSVC - ok
07:44:55.0464 4164  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
07:44:55.0464 4164  secdrv - ok
07:44:55.0479 4164  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\windows\system32\seclogon.dll
07:44:55.0479 4164  seclogon - ok
07:44:55.0589 4164  [ E43C0D32FF2D9A72F2D975B83B916964 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
07:44:55.0651 4164  Secunia PSI Agent - ok
07:44:55.0729 4164  [ CB2D183E27D1443F7D4CF10665B2BDED ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
07:44:55.0760 4164  Secunia Update Agent - ok
07:44:55.0791 4164  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\windows\System32\sens.dll
07:44:55.0791 4164  SENS - ok
07:44:55.0838 4164  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\windows\system32\sensrsvc.dll
07:44:55.0854 4164  SensrSvc - ok
07:44:55.0869 4164  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\windows\system32\drivers\serenum.sys
07:44:55.0869 4164  Serenum - ok
07:44:55.0901 4164  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\windows\system32\drivers\serial.sys
07:44:55.0901 4164  Serial - ok
07:44:55.0947 4164  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\windows\system32\drivers\sermouse.sys
07:44:55.0947 4164  sermouse - ok
07:44:55.0979 4164  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\windows\system32\sessenv.dll
07:44:55.0979 4164  SessionEnv - ok
07:44:55.0994 4164  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
07:44:55.0994 4164  sffdisk - ok
07:44:56.0010 4164  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
07:44:56.0010 4164  sffp_mmc - ok
07:44:56.0025 4164  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
07:44:56.0025 4164  sffp_sd - ok
07:44:56.0041 4164  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
07:44:56.0041 4164  sfloppy - ok
07:44:56.0135 4164  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\windows\system32\DRIVERS\Sftfslh.sys
07:44:56.0150 4164  Sftfs - ok
07:44:56.0244 4164  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
07:44:56.0306 4164  sftlist - ok
07:44:56.0353 4164  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\windows\system32\DRIVERS\Sftplaylh.sys
07:44:56.0369 4164  Sftplay - ok
07:44:56.0415 4164  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\windows\system32\DRIVERS\Sftredirlh.sys
07:44:56.0415 4164  Sftredir - ok
07:44:56.0509 4164  [ 74EC60E20516AAA573BE74F31175270F ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
07:44:57.0039 4164  SftService - ok
07:44:57.0055 4164  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\windows\system32\DRIVERS\Sftvollh.sys
07:44:57.0055 4164  Sftvol - ok
07:44:57.0086 4164  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
07:44:57.0117 4164  sftvsa - ok
07:44:57.0149 4164  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\windows\System32\ipnathlp.dll
07:44:57.0149 4164  SharedAccess - ok
07:44:57.0195 4164  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
07:44:57.0195 4164  ShellHWDetection - ok
07:44:57.0258 4164  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
07:44:57.0258 4164  SiSRaid2 - ok
07:44:57.0273 4164  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
07:44:57.0289 4164  SiSRaid4 - ok
07:44:57.0367 4164  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
07:44:58.0163 4164  SkypeUpdate - ok
07:44:58.0194 4164  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\windows\system32\DRIVERS\smb.sys
07:44:58.0194 4164  Smb - ok
07:44:58.0256 4164  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\windows\System32\snmptrap.exe
07:44:58.0256 4164  SNMPTRAP - ok
07:44:58.0287 4164  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\windows\system32\drivers\spldr.sys
07:44:58.0287 4164  spldr - ok
07:44:58.0350 4164  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\windows\System32\spoolsv.exe
07:44:58.0365 4164  Spooler - ok
07:44:58.0475 4164  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\windows\system32\sppsvc.exe
07:44:58.0568 4164  sppsvc - ok
07:44:58.0568 4164  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\windows\system32\sppuinotify.dll
07:44:58.0584 4164  sppuinotify - ok
07:44:58.0599 4164  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\windows\system32\DRIVERS\srv.sys
07:44:58.0615 4164  srv - ok
07:44:58.0631 4164  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
07:44:58.0631 4164  srv2 - ok
07:44:58.0662 4164  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
07:44:58.0662 4164  srvnet - ok
07:44:58.0724 4164  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
07:44:58.0724 4164  SSDPSRV - ok
07:44:58.0755 4164  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\windows\system32\sstpsvc.dll
07:44:58.0755 4164  SstpSvc - ok
07:44:58.0802 4164  [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
07:44:58.0818 4164  STacSV - ok
07:44:58.0833 4164  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\windows\system32\drivers\stexstor.sys
07:44:58.0833 4164  stexstor - ok
07:44:58.0896 4164  [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA           C:\windows\system32\DRIVERS\stwrt64.sys
07:44:58.0927 4164  STHDA - ok
07:44:58.0974 4164  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\windows\System32\wiaservc.dll
07:44:58.0989 4164  stisvc - ok
07:44:59.0036 4164  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
07:44:59.0052 4164  stllssvr - ok
07:44:59.0099 4164  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
07:44:59.0114 4164  swenum - ok
07:44:59.0145 4164  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\windows\System32\swprv.dll
07:44:59.0177 4164  swprv - ok
07:44:59.0223 4164  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\windows\system32\sysmain.dll
07:44:59.0317 4164  SysMain - ok
07:44:59.0348 4164  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
07:44:59.0364 4164  TabletInputService - ok
07:44:59.0379 4164  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\windows\System32\tapisrv.dll
07:44:59.0379 4164  TapiSrv - ok
07:44:59.0411 4164  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\windows\System32\tbssvc.dll
07:44:59.0411 4164  TBS - ok
07:44:59.0535 4164  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\windows\system32\drivers\tcpip.sys
07:44:59.0582 4164  Tcpip - ok
07:44:59.0723 4164  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
07:44:59.0738 4164  TCPIP6 - ok
07:44:59.0754 4164  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
07:44:59.0769 4164  tcpipreg - ok
07:44:59.0801 4164  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
07:44:59.0801 4164  TDPIPE - ok
07:44:59.0816 4164  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
07:44:59.0816 4164  TDTCP - ok
07:44:59.0863 4164  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
07:44:59.0879 4164  tdx - ok
07:44:59.0894 4164  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
07:44:59.0894 4164  TermDD - ok
07:44:59.0941 4164  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\windows\System32\termsrv.dll
07:44:59.0972 4164  TermService - ok
07:44:59.0988 4164  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\windows\system32\themeservice.dll
07:44:59.0988 4164  Themes - ok
07:45:00.0019 4164  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\windows\system32\mmcss.dll
07:45:00.0019 4164  THREADORDER - ok
07:45:00.0035 4164  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\windows\System32\trkwks.dll
07:45:00.0050 4164  TrkWks - ok
07:45:00.0097 4164  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
07:45:00.0113 4164  TrustedInstaller - ok
07:45:00.0128 4164  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
07:45:00.0128 4164  tssecsrv - ok
07:45:00.0175 4164  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
07:45:00.0175 4164  TsUsbFlt - ok
07:45:00.0191 4164  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
07:45:00.0191 4164  TsUsbGD - ok
07:45:00.0237 4164  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
07:45:00.0237 4164  tunnel - ok
07:45:00.0253 4164  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\windows\system32\drivers\uagp35.sys
07:45:00.0253 4164  uagp35 - ok
07:45:00.0300 4164  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
07:45:00.0315 4164  udfs - ok
07:45:00.0362 4164  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\windows\system32\UI0Detect.exe
07:45:00.0362 4164  UI0Detect - ok
07:45:00.0393 4164  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
07:45:00.0409 4164  uliagpkx - ok
07:45:00.0456 4164  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\windows\system32\DRIVERS\umbus.sys
07:45:00.0456 4164  umbus - ok
07:45:00.0503 4164  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\windows\system32\drivers\umpass.sys
07:45:00.0503 4164  UmPass - ok
07:45:00.0612 4164  [ CBDEE152D73200EE49031A26310B9D3E ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
07:45:00.0799 4164  UNS - ok
07:45:00.0830 4164  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\windows\System32\upnphost.dll
07:45:00.0830 4164  upnphost - ok
07:45:00.0908 4164  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
07:45:00.0908 4164  USBAAPL64 - ok
07:45:00.0939 4164  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
07:45:00.0939 4164  usbccgp - ok
07:45:01.0002 4164  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\windows\system32\drivers\usbcir.sys
07:45:01.0002 4164  usbcir - ok
07:45:01.0017 4164  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
07:45:01.0017 4164  usbehci - ok
07:45:01.0095 4164  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
07:45:01.0111 4164  usbhub - ok
07:45:01.0127 4164  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\windows\system32\drivers\usbohci.sys
07:45:01.0127 4164  usbohci - ok
07:45:01.0127 4164  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\windows\system32\drivers\usbprint.sys
07:45:01.0127 4164  usbprint - ok
07:45:01.0173 4164  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
07:45:01.0173 4164  USBSTOR - ok
07:45:01.0189 4164  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
07:45:01.0189 4164  usbuhci - ok
07:45:01.0236 4164  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys
07:45:01.0251 4164  usbvideo - ok
07:45:01.0267 4164  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\windows\System32\uxsms.dll
07:45:01.0283 4164  UxSms - ok
07:45:01.0314 4164  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\windows\system32\lsass.exe
07:45:01.0329 4164  VaultSvc - ok
07:45:01.0376 4164  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
07:45:01.0392 4164  vdrvroot - ok
07:45:01.0423 4164  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\windows\System32\vds.exe
07:45:01.0423 4164  vds - ok
07:45:01.0439 4164  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
07:45:01.0439 4164  vga - ok
07:45:01.0454 4164  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\windows\System32\drivers\vga.sys
07:45:01.0454 4164  VgaSave - ok
07:45:01.0470 4164  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
07:45:01.0485 4164  vhdmp - ok
07:45:01.0485 4164  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\windows\system32\drivers\viaide.sys
07:45:01.0485 4164  viaide - ok
07:45:01.0501 4164  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\windows\system32\drivers\volmgr.sys
07:45:01.0501 4164  volmgr - ok
07:45:01.0532 4164  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
07:45:01.0532 4164  volmgrx - ok
07:45:01.0563 4164  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\windows\system32\drivers\volsnap.sys
07:45:01.0563 4164  volsnap - ok
07:45:01.0626 4164  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
07:45:01.0626 4164  vsmraid - ok
07:45:01.0688 4164  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\windows\system32\vssvc.exe
07:45:01.0735 4164  VSS - ok
07:45:01.0766 4164  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
07:45:01.0766 4164  vwifibus - ok
07:45:01.0797 4164  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
07:45:01.0813 4164  vwififlt - ok
07:45:01.0829 4164  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\windows\system32\w32time.dll
07:45:01.0844 4164  W32Time - ok
07:45:01.0844 4164  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\windows\system32\drivers\wacompen.sys
07:45:01.0860 4164  WacomPen - ok
07:45:01.0907 4164  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
07:45:01.0922 4164  WANARP - ok
07:45:01.0938 4164  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
07:45:01.0938 4164  Wanarpv6 - ok
07:45:02.0031 4164  [ 7E1EE41CC193E9F69BA30B79E669A228 ] WASAgent        C:\Program Files (x86)\Panda Security\WaAgent\WasAgent\WasAgent.exe
07:45:02.0063 4164  WASAgent - ok
07:45:02.0125 4164  [ 41C54A08D91EED6A15F60AF01D6CA126 ] WASWD           C:\Program Files (x86)\Panda Security\WaAgent\WasWD\WasWD.exe
07:45:02.0156 4164  WASWD - ok
07:45:02.0281 4164  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
07:45:02.0312 4164  WatAdminSvc - ok
07:45:02.0375 4164  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\windows\system32\wbengine.exe
07:45:02.0421 4164  wbengine - ok
07:45:02.0468 4164  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
07:45:02.0484 4164  WbioSrvc - ok
07:45:02.0499 4164  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\windows\System32\wcncsvc.dll
07:45:02.0515 4164  wcncsvc - ok
07:45:02.0531 4164  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
07:45:02.0531 4164  WcsPlugInService - ok
07:45:02.0546 4164  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\windows\system32\drivers\wd.sys
07:45:02.0562 4164  Wd - ok
07:45:02.0593 4164  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
07:45:02.0609 4164  Wdf01000 - ok
07:45:02.0624 4164  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\windows\system32\wdi.dll
07:45:02.0624 4164  WdiServiceHost - ok
07:45:02.0640 4164  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\windows\system32\wdi.dll
07:45:02.0640 4164  WdiSystemHost - ok
07:45:02.0655 4164  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\windows\System32\webclnt.dll
07:45:02.0671 4164  WebClient - ok
07:45:02.0687 4164  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\windows\system32\wecsvc.dll
07:45:02.0702 4164  Wecsvc - ok
07:45:02.0718 4164  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\windows\System32\wercplsupport.dll
07:45:02.0718 4164  wercplsupport - ok
07:45:02.0749 4164  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\windows\System32\WerSvc.dll
07:45:02.0765 4164  WerSvc - ok
07:45:02.0811 4164  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
07:45:02.0811 4164  WfpLwf - ok
07:45:02.0874 4164  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\windows\system32\DRIVERS\wimfltr.sys
07:45:02.0874 4164  WimFltr - ok
07:45:02.0889 4164  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys
07:45:02.0889 4164  WIMMount - ok
07:45:02.0921 4164  WinDefend - ok
07:45:02.0967 4164  WinHttpAutoProxySvc - ok
07:45:03.0061 4164  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
07:45:03.0061 4164  Winmgmt - ok
07:45:03.0139 4164  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\windows\system32\WsmSvc.dll
07:45:03.0201 4164  WinRM - ok
07:45:03.0279 4164  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
07:45:03.0279 4164  WinUsb - ok
07:45:03.0311 4164  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\windows\System32\wlansvc.dll
07:45:03.0357 4164  Wlansvc - ok
07:45:03.0420 4164  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
07:45:03.0420 4164  wlcrasvc - ok
07:45:03.0545 4164  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:45:03.0654 4164  wlidsvc - ok
07:45:03.0732 4164  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys
07:45:03.0732 4164  WmiAcpi - ok
07:45:03.0763 4164  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
07:45:03.0763 4164  wmiApSrv - ok
07:45:03.0794 4164  WMPNetworkSvc - ok
07:45:03.0841 4164  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\windows\System32\wpcsvc.dll
07:45:03.0841 4164  WPCSvc - ok
07:45:03.0857 4164  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
07:45:03.0857 4164  WPDBusEnum - ok
07:45:03.0872 4164  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
07:45:03.0872 4164  ws2ifsl - ok
07:45:03.0888 4164  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\windows\System32\wscsvc.dll
07:45:03.0888 4164  wscsvc - ok
07:45:03.0888 4164  WSearch - ok
07:45:04.0013 4164  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\windows\system32\wuaueng.dll
07:45:04.0075 4164  wuauserv - ok
07:45:04.0091 4164  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
07:45:04.0106 4164  WudfPf - ok
07:45:04.0153 4164  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
07:45:04.0169 4164  WUDFRd - ok
07:45:04.0200 4164  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
07:45:04.0200 4164  wudfsvc - ok
07:45:04.0231 4164  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\windows\System32\wwansvc.dll
07:45:04.0247 4164  WwanSvc - ok
07:45:04.0278 4164  ================ Scan global ===============================
07:45:04.0309 4164  [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
07:45:04.0356 4164  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
07:45:04.0371 4164  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
07:45:04.0418 4164  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
07:45:04.0449 4164  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
07:45:04.0465 4164  [Global] - ok
07:45:04.0465 4164  ================ Scan MBR ==================================
07:45:04.0481 4164  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
07:45:04.0949 4164  \Device\Harddisk0\DR0 - ok
07:45:04.0964 4164  ================ Scan VBR ==================================
07:45:04.0964 4164  [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
07:45:04.0964 4164  \Device\Harddisk0\DR0\Partition1 - ok
07:45:05.0011 4164  [ 9353CF31A6EC515E78353D1600509A2F ] \Device\Harddisk0\DR0\Partition2
07:45:05.0011 4164  \Device\Harddisk0\DR0\Partition2 - ok
07:45:05.0011 4164  ============================================================
07:45:05.0011 4164  Scan finished
07:45:05.0011 4164  ============================================================
07:45:05.0042 4324  Detected object count: 0
07:45:05.0042 4324  Actual detected object count: 0
 



#10 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 04 August 2013 - 09:26 AM

And the ESET results:

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application
C:\Users\Mary\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0G8J82P5\needs-avoiding-discusses[1].htm JS/Kryptik.AKP.Gen trojan
 

(Clicked Back, and then Finish)



#11 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:56 AM

Posted 04 August 2013 - 10:41 AM

:step1: Download Malwarebytes Anti-Rootkit from HERE to your Desktop.

  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#12 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 04 August 2013 - 07:03 PM

systemLog-

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16635

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.526000 GHz
Memory total: 4083871744, free: 2049974272

Downloaded database version: v2013.08.04.05
Downloaded database version: v2013.07.29.01
Initializing...
------------ Kernel report ------------
     08/04/2013 17:04:49
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ctxusbm.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\Apfiltr.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\Impcd.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\lmimirr.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\n64i1644.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\CtClsFlt.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\amm6460.sys
\SystemRoot\system32\DRIVERS\Sftvollh.sys
\??\C:\windows\system32\drivers\BVRPMPR5a64.SYS
\??\C:\windows\system32\Drivers\NETTDI64.SYS
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\windows\system32\Drivers\APPFLT64.SYS
\??\C:\windows\system32\Drivers\DSAFLT64.SYS
\??\C:\windows\system32\Drivers\fnetm64.SYS
\??\C:\windows\system32\Drivers\IDSFLT64.SYS
\??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
\??\C:\windows\system32\drivers\LMIRfsDriver.sys
\??\C:\windows\system32\Drivers\NSFIM64.SYS
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\system32\DRIVERS\Sftfslh.sys
\SystemRoot\system32\DRIVERS\Sftplaylh.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\psi_mf_amd64.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\system32\DRIVERS\Sftredirlh.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\08083017.sys
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8004bcc060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa800497d050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8004bcc060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8004bccb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8004bcc060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800497d050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: FCF6199

Partition information:

    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 206848  Numsec = 30720000
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 30926848  Numsec = 945844272

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Scan finished
=======================================

Removal queue found; removal started
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_1_206848_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removal finished



Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org

Database version: v2013.08.04.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Mary :: MARY-DELL [administrator]

8/4/2013 5:04:53 PM
mbar-log-2013-08-04 (17-04-53).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 269711
Time elapsed: 16 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)



#13 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:56 AM

Posted 05 August 2013 - 02:39 PM

It does look clean now? Still having issues?


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#14 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 05 August 2013 - 03:21 PM

Things do seem resolved, and the scans I sent you looked OK?

no more FBI...

Thanks,

rickvv






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users