Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Retail site redirect to forward.rewardsfind.com


  • Please log in to reply
6 replies to this topic

#1 Bugaroo

Bugaroo

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:41 AM

Posted 01 September 2013 - 07:31 PM

Not sure if this is from a virus or some other oddity - when I try to go to Amazon (in both FF and Chrome - have not tried IE), there is an intermediary redirect to forward.rewardsfind.com before loading Amazon. It's showing up in the URL with a "ref=" value, which I guess indicates a referral source from an Amazon affiliate program member, perhaps? I have cleared all of my browser data and flushed my DNS cache, all to no avail. Running Microsoft Security Essentials scan now and it is showing sirefef!cfg detected & quarantined yesterday. Do these two sound related? Or just coincidence?


Edited by Bugaroo, 01 September 2013 - 07:35 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:41 AM

Posted 01 September 2013 - 08:27 PM

Welcome bugaroo

Please do these next and see how it is after.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
Do not change the default options on scan results.


Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • >>>
  • Last run ESET.
    • Hold down Control and click on this link to open ESET OnlineScan in a new window.
    • Click the esetonlinebtn.png button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
    • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Bugaroo

Bugaroo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:41 AM

Posted 01 September 2013 - 09:34 PM

****MINITOOLBOX RESULT.TXT CONTENTS****
 
MiniToolBox by Farbar  Version: 22-07-2012
Ran by SarahT (administrator) on 01-09-2013 at 22:16:43
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.type", 0
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
::1 localhost
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global
 

popd
# End of IPv4 configuration
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Redheads
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Waitsfield.gateway
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : Waitsfield.gateway
   Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection
   Physical Address. . . . . . . . . : 00-1A-A0-90-47-AF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5452:bea7:647b:767f%9(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, September 01, 2013 9:14:56 AM
   Lease Expires . . . . . . . . . . : Monday, September 02, 2013 9:14:54 PM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 201333408
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0E-A5-46-41-00-1A-A0-90-47-AF
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Local Area Connection* 6:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:c3c:3301:3f57:fe99(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::c3c:3301:3f57:fe99%8(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter Local Area Connection* 9:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Waitsfield.gateway
   Description . . . . . . . . . . . : isatap.Waitsfield.gateway
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  Waitsfield.gateway
Address:  192.168.1.254
 
Name:    google.com
Addresses:  2607:f8b0:4006:803::1003
 173.194.43.46
 173.194.43.32
 173.194.43.33
 173.194.43.34
 173.194.43.35
 173.194.43.36
 173.194.43.37
 173.194.43.38
 173.194.43.39
 173.194.43.40
 173.194.43.41
 
 
 
Pinging google.com [173.194.43.46] with 32 bytes of data:
 
Reply from 173.194.43.46: bytes=32 time=49ms TTL=52
 
Reply from 173.194.43.46: bytes=32 time=49ms TTL=52
 
 
 
Ping statistics for 173.194.43.46:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 49ms, Maximum = 49ms, Average = 49ms
 
Server:  Waitsfield.gateway
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
 
Reply from 206.190.36.45: bytes=32 time=127ms TTL=45
 
Reply from 206.190.36.45: bytes=32 time=126ms TTL=45
 
 
 
Ping statistics for 206.190.36.45:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 126ms, Maximum = 127ms, Average = 126ms
 
Server:  Waitsfield.gateway
Address:  192.168.1.254
 
Name:    bleepingcomputer.com
Address:  208.43.87.2
 
 
 
Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
 
Reply from 208.43.87.2: Destination host unreachable.
 
Reply from 208.43.87.2: Destination host unreachable.
 
 
 
Ping statistics for 208.43.87.2:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
  9 ...00 1a a0 90 47 af ...... Intel® 82562V-2 10/100 Network Connection
  1 ........................... Software Loopback Interface 1
  8 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 12 ...00 00 00 00 00 00 00 e0  isatap.Waitsfield.gateway
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.102     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.102    276
    192.168.1.102  255.255.255.255         On-link     192.168.1.102    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.102    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.102    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.102    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  8     18 ::/0                     On-link
  1    306 ::1/128                  On-link
  8     18 2001::/32                On-link
  8    266 2001:0:4137:9e76:c3c:3301:3f57:fe99/128
                                    On-link
  9    276 fe80::/64                On-link
  8    266 fe80::/64                On-link
  8    266 fe80::c3c:3301:3f57:fe99/128
                                    On-link
  9    276 fe80::5452:bea7:647b:767f/128
                                    On-link
  1    306 ff00::/8                 On-link
  8    266 ff00::/8                 On-link
  9    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (09/01/2013 10:16:27 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1600) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (09/01/2013 10:16:27 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1600) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (09/01/2013 10:16:27 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1600) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (09/01/2013 10:16:27 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1600) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (09/01/2013 10:11:42 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1600) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (09/01/2013 10:11:42 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1600) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (09/01/2013 10:11:38 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1600) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (09/01/2013 10:11:38 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1600) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (09/01/2013 09:46:27 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1600) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (09/01/2013 09:46:27 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1600) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
 
System errors:
=============
Error: (09/01/2013 09:30:45 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.157.549.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.0.1526.00
 
Source Path: 4.0.1526.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (09/01/2013 09:23:24 AM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon
 
Error: (09/01/2013 09:15:52 AM) (Source: Service Control Manager) (User: )
Description: SupportSoft Sprocket Service (dellsupportcenter)%%2
 
Error: (09/01/2013 09:15:06 AM) (Source: Print) (User: NT AUTHORITY)
Description: The print spooler failed to share printer Essential Fax with shared resource name Essential Fax. Error 2114. The printer cannot be used by others on the network.
 
Error: (09/01/2013 09:15:06 AM) (Source: Print) (User: NT AUTHORITY)
Description: The print spooler failed to share printer hp deskjet 940c with shared resource name hp deskjet 940c. Error 2114. The printer cannot be used by others on the network.
 
Error: (09/01/2013 07:54:41 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.157.549.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.0.1526.00
 
Source Path: 4.0.1526.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (09/01/2013 07:54:16 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.157.549.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.0.1526.00
 
Source Path: 4.0.1526.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (08/31/2013 07:52:35 PM) (Source: DCOM) (User: )
Description: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D}
 
Error: (08/31/2013 07:34:05 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.157.549.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.0.1526.00
 
Source Path: 4.0.1526.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (08/31/2013 07:30:24 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.157.549.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.0.1526.00
 
Source Path: 4.0.1526.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
 
Microsoft Office Sessions:
=========================
Error: (05/28/2011 09:08:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 47289 seconds with 1140 seconds of active time.  This session ended with a crash.
 
Error: (04/01/2011 09:31:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 27655 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (02/28/2008 09:37:57 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 28611 seconds with 120 seconds of active time.  This session ended with a crash.
 
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.3.1.29988)
Adobe AIR (Version: 2.0.3.13070)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Dreamweaver CS3 (Version: 9)
Adobe Dreamweaver CS3 (Version: 9.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0.2)
Adobe Extension Manager CS3 (Version: 1.8)
Adobe Fireworks CS3 (Version: 9.0)
Adobe Flash Player 10 ActiveX (Version: 10.1.85.3)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Help Viewer CS3 (Version: 1)
Adobe PDF Library Files (Version: 8.0)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Setup (Version: 1.0)
Adobe Shockwave Player 11.5 (Version: 11.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe XMP Panels CS3 (Version: 1.0)
Amazon Games & Software Downloader (Version: 2.0.2.0)
Amazon MP3 Downloader 1.0.10
AnswerWorks 4.0 Runtime - English (Version: 4.0.101)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Camera Suite
ArcSoft PhotoStudio 5.5
Bonjour (Version: 3.0.0.10)
Browser Address Error Redirector (Version: 1.00.0000)
CameraHelperMsi (Version: 13.31.1038.0)
Canon CanoScan 4400F User Registration
Canon CanoScan Toolbox 5.0
Catalina Savings Printer (Version: 1.0.0)
CDDRV_Installer (Version: 4.60)
Conexant D850 PCI V.92 Modem
Data Lifeguard Diagnostic for Windows 1.24
Dell DataSafe Online (Version: 1.0.15)
Dell Support Center (Version: 3.1.5907.23)
Dell System Customization Wizard (Version: 1.00.0000)
DellSupport (Version: 6.0.3075)
Digital Line Detect (Version: 1.21)
Drivers Install For Linksys Easylink Advisor (Version: 2.0.9)
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
EssentialFax (Version: 4.0)
FileZilla Client 3.0.11.1 (Version: 3.0.11.1)
Fitbit Connect (Version: 1.0.0.2578)
Games, Music, & Photos Launcher (Version: 1.00.0000)
Google Chrome (Version: 29.0.1547.62)
Google Earth Plug-in (Version: 7.1.1.1888)
Google Talk (remove only)
Google Talk Plugin (Version: 4.5.3.14917)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.153)
Google Updater (Version: 2.4.2432.1652)
Google Video Uploader
HandBrake 0.9.9.1 (Version: 0.9.9.1)
iCloud (Version: 2.1.2.8)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections 12.1.11.0 (Version: )
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
iTunes (Version: 11.0.5.5)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
JavaFX 2.1.1 (Version: 2.1.1)
KhalInstallWrapper (Version: 4.60.122)
Linksys EasyLink Advisor 1.6 (0032)
Logitech SetPoint (Version: 4.60)
Logitech Webcam Software (Version: 2.30)
Logitech Webcam Software Driver Package (Version: 12.10.1110)
LWS Facebook (Version: 13.31.1038.0)
LWS Gallery (Version: 13.31.1038.0)
LWS Help_main (Version: 13.31.1044.0)
LWS Launcher (Version: 13.31.1038.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.31.1038.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Works (Version: 08.05.0818)
Modem Diagnostic Tool (Version: 1.0.17.8)
Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Netflix Movie Viewer (Version: 1.2.211)
NetWaiting (Version: 2.5.44)
NVIDIA 3D Vision Controller Driver 296.10 (Version: 296.10)
NVIDIA 3D Vision Driver 296.10 (Version: 296.10)
NVIDIA Control Panel 296.10 (Version: 296.10)
NVIDIA Graphics Driver 296.10 (Version: 296.10)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9610)
NVIDIA Update 1.7.11 (Version: 1.7.11)
NVIDIA Update Components (Version: 1.7.11)
Octoshape add-in for Adobe Flash Player
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Picasa 3 (Version: 3.9)
Product Documentation Launcher (Version: 1.00.0000)
Quicken 2013 (Version: 22.1.11.31)
QuickTime (Version: 7.74.80.86)
Rapport (Version: 3.5.1302.58)
Realtek High Definition Audio Driver
Rhapsody Player Engine (Version: 1.1.0)
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator BDAV Plugin (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator DE (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio Express Labeler (Version: 2.1.0)
Roxio MyDVD DE (Version: 9.0.116)
Roxio Update Manager (Version: 3.0.0)
ScanSoft OmniPage SE 4.0 (Version: 15.00.0020)
Seagate DiscWizard (Version: 13.0.14387)
SketchUp 8 (Version: 3.0.15158)
Skype™ 6.6 (Version: 6.6.106)
Sonic Activation Module (Version: 1.0)
StuffIt 11 (Version: 11.2.0)
System Requirements Lab for Intel (Version: 4.4.24.0)
TBS WMP Plug-in (Version: 1.00.676)
Trusteer Endpoint Protection (Version: 3.5.1302.58)
TurboTax 2012 (Version: 2012.0)
TurboTax 2012 WinPerFedFormset (Version: 012.000.2114)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0451)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0179)
TurboTax 2012 wrapper (Version: 012.000.0127)
TurboTax 2012 wvtiper (Version: 012.000.1373)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
User's Guides
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinZip 12.0 (Version: 12.0.8252)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 51%
Total physical RAM: 2036.45 MB
Available physical RAM: 991.37 MB
Total Pagefile: 4316.18 MB
Available Pagefile: 2683.81 MB
Total Virtual: 2047.88 MB
Available Virtual: 1945.81 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:900.1 GB) (Free:667.53 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:31.25 GB) (Free:25.24 GB) NTFS
4 Drive f: (OS) (Fixed) (Total:288.04 GB) (Free:287.94 GB) NTFS
5 Drive g: (RECOVERY) (Fixed) (Total:10 GB) (Free:2.42 GB) NTFS
6 Drive h: (New Volume) (Fixed) (Total:1397.26 GB) (Free:1111.07 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\REDHEADS
 
Administrator            Guest                    SarahT                   
UpdatusUser              
 
 
**** End of log ****
 

****TDSSKILLER LOG CONTENST****
 
22:19:51.0086 0x16a0  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
22:19:51.0550 0x16a0  ============================================================
22:19:51.0551 0x16a0  Current date / time: 2013/09/01 22:19:51.0550
22:19:51.0551 0x16a0  SystemInfo:
22:19:51.0551 0x16a0  
22:19:51.0551 0x16a0  OS Version: 6.0.6002 ServicePack: 2.0
22:19:51.0551 0x16a0  Product type: Workstation
22:19:51.0551 0x16a0  ComputerName: REDHEADS
22:19:51.0551 0x16a0  UserName: SarahT
22:19:51.0551 0x16a0  Windows directory: C:\Windows
22:19:51.0551 0x16a0  System windows directory: C:\Windows
22:19:51.0551 0x16a0  Processor architecture: Intel x86
22:19:51.0551 0x16a0  Number of processors: 2
22:19:51.0551 0x16a0  Page size: 0x1000
22:19:51.0552 0x16a0  Boot type: Normal boot
22:19:51.0552 0x16a0  ============================================================
22:19:54.0455 0x16a0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:20:00.0077 0x16a0  Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:20:00.0499 0x16a0  Drive \Device\Harddisk2\DR2 - Size: 0x15D50D00000 (1397.26 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:20:00.0500 0x16a0  ============================================================
22:20:00.0500 0x16a0  \Device\Harddisk0\DR0:
22:20:00.0512 0x16a0  MBR partitions:
22:20:00.0512 0x16a0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x53000, BlocksNum 0x3E7E800
22:20:00.0513 0x16a0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3ED1800, BlocksNum 0x70835000
22:20:00.0513 0x16a0  \Device\Harddisk1\DR1:
22:20:00.0513 0x16a0  MBR partitions:
22:20:00.0513 0x16a0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000
22:20:00.0513 0x16a0  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x24012800
22:20:00.0514 0x16a0  \Device\Harddisk2\DR2:
22:20:00.0514 0x16a0  MBR partitions:
22:20:00.0514 0x16a0  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86000
22:20:00.0514 0x16a0  ============================================================
22:20:00.0553 0x16a0  C: <-> \Device\Harddisk0\DR0\Partition2
22:20:00.0568 0x16a0  D: <-> \Device\Harddisk0\DR0\Partition1
22:20:00.0622 0x16a0  F: <-> \Device\Harddisk1\DR1\Partition2
22:20:00.0666 0x16a0  G: <-> \Device\Harddisk1\DR1\Partition1
22:20:00.0708 0x16a0  H: <-> \Device\Harddisk2\DR2\Partition1
22:20:00.0720 0x16a0  ============================================================
22:20:00.0720 0x16a0  Initialize success
22:20:00.0720 0x16a0  ============================================================
22:20:27.0367 0x1680  ============================================================
22:20:27.0367 0x1680  Scan started
22:20:27.0367 0x1680  Mode: Manual; TDLFS; 
22:20:27.0367 0x1680  ============================================================
22:20:33.0291 0x1680  ================ Scan system memory ========================
22:20:33.0292 0x1680  System memory - ok
22:20:33.0292 0x1680  ================ Scan services =============================
22:20:33.0395 0x1680  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
22:20:33.0401 0x1680  ACPI - ok
22:20:33.0471 0x1680  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:20:33.0474 0x1680  AdobeARMservice - ok
22:20:33.0503 0x1680  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:20:33.0510 0x1680  adp94xx - ok
22:20:33.0525 0x1680  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:20:33.0530 0x1680  adpahci - ok
22:20:33.0550 0x1680  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
22:20:33.0553 0x1680  adpu160m - ok
22:20:33.0567 0x1680  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:20:33.0571 0x1680  adpu320 - ok
22:20:33.0596 0x1680  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:20:33.0597 0x1680  AeLookupSvc - ok
22:20:33.0619 0x1680  [ 330A1E4DF07C2E29949ED8631CD8828E ] AERTFilters     C:\Windows\system32\AERTSrv.exe
22:20:33.0622 0x1680  AERTFilters - ok
22:20:33.0657 0x1680  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
22:20:33.0662 0x1680  AFD - ok
22:20:33.0678 0x1680  [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:20:33.0681 0x1680  agp440 - ok
22:20:33.0695 0x1680  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
22:20:33.0698 0x1680  aic78xx - ok
22:20:33.0721 0x1680  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
22:20:33.0724 0x1680  ALG - ok
22:20:33.0738 0x1680  [ DC67A153FDB8105B25D05334B5E1D8E2 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:20:33.0740 0x1680  aliide - ok
22:20:33.0773 0x1680  [ FF6F0F6A2D72065AE4300426FA414693 ] Amazon Download Agent C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
22:20:33.0781 0x1680  Amazon Download Agent - ok
22:20:33.0798 0x1680  [ 848F27E5B27C1C253F6CEFDC1A5D8F21 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
22:20:33.0801 0x1680  amdagp - ok
22:20:33.0812 0x1680  [ 835C4C3355088298A5EBD818FA31430F ] amdide          C:\Windows\system32\drivers\amdide.sys
22:20:33.0814 0x1680  amdide - ok
22:20:33.0830 0x1680  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
22:20:33.0833 0x1680  AmdK7 - ok
22:20:33.0843 0x1680  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:20:33.0845 0x1680  AmdK8 - ok
22:20:33.0867 0x1680  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
22:20:33.0869 0x1680  Appinfo - ok
22:20:33.0930 0x1680  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:20:33.0933 0x1680  Apple Mobile Device - ok
22:20:33.0947 0x1680  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
22:20:33.0950 0x1680  arc - ok
22:20:33.0959 0x1680  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:20:33.0962 0x1680  arcsas - ok
22:20:33.0987 0x1680  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:20:33.0989 0x1680  AsyncMac - ok
22:20:34.0009 0x1680  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:20:34.0010 0x1680  atapi - ok
22:20:34.0031 0x1680  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:20:34.0037 0x1680  AudioEndpointBuilder - ok
22:20:34.0046 0x1680  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:20:34.0051 0x1680  Audiosrv - ok
22:20:34.0075 0x1680  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:20:34.0077 0x1680  Beep - ok
22:20:34.0106 0x1680  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
22:20:34.0112 0x1680  BFE - ok
22:20:34.0131 0x1680  blbdrive - ok
22:20:34.0195 0x1680  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:20:34.0202 0x1680  Bonjour Service - ok
22:20:34.0229 0x1680  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:20:34.0232 0x1680  bowser - ok
22:20:34.0242 0x1680  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
22:20:34.0244 0x1680  BrFiltLo - ok
22:20:34.0258 0x1680  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
22:20:34.0260 0x1680  BrFiltUp - ok
22:20:34.0280 0x1680  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
22:20:34.0282 0x1680  Browser - ok
22:20:34.0301 0x1680  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
22:20:34.0303 0x1680  Brserid - ok
22:20:34.0314 0x1680  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
22:20:34.0316 0x1680  BrSerWdm - ok
22:20:34.0334 0x1680  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
22:20:34.0337 0x1680  BrUsbMdm - ok
22:20:34.0353 0x1680  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
22:20:34.0355 0x1680  BrUsbSer - ok
22:20:34.0370 0x1680  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:20:34.0372 0x1680  BTHMODEM - ok
22:20:34.0387 0x1680  catchme - ok
22:20:34.0399 0x1680  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:20:34.0402 0x1680  cdfs - ok
22:20:34.0435 0x1680  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:20:34.0438 0x1680  cdrom - ok
22:20:34.0464 0x1680  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:20:34.0475 0x1680  CertPropSvc - ok
22:20:34.0491 0x1680  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
22:20:34.0493 0x1680  circlass - ok
22:20:34.0513 0x1680  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
22:20:34.0518 0x1680  CLFS - ok
22:20:34.0554 0x1680  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:20:34.0558 0x1680  clr_optimization_v2.0.50727_32 - ok
22:20:34.0584 0x1680  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:20:34.0591 0x1680  clr_optimization_v4.0.30319_32 - ok
22:20:34.0603 0x1680  [ E79CBB2195E965F6E3256E2C1B23FD1C ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:20:34.0605 0x1680  cmdide - ok
22:20:34.0618 0x1680  [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
22:20:34.0620 0x1680  Compbatt - ok
22:20:34.0627 0x1680  COMSysApp - ok
22:20:34.0677 0x1680  [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv          C:\Program Files\SystemRequirementsLab\cpudrv.sys
22:20:34.0679 0x1680  cpudrv - ok
22:20:34.0696 0x1680  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:20:34.0699 0x1680  crcdisk - ok
22:20:34.0711 0x1680  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
22:20:34.0713 0x1680  Crusoe - ok
22:20:34.0750 0x1680  [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:20:34.0754 0x1680  CryptSvc - ok
22:20:34.0792 0x1680  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:20:34.0804 0x1680  DcomLaunch - ok
22:20:34.0833 0x1680  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:20:34.0836 0x1680  DfsC - ok
22:20:34.0895 0x1680  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
22:20:34.0932 0x1680  DFSR - ok
22:20:34.0965 0x1680  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
22:20:34.0970 0x1680  Dhcp - ok
22:20:34.0984 0x1680  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
22:20:34.0987 0x1680  disk - ok
22:20:35.0005 0x1680  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:20:35.0009 0x1680  Dnscache - ok
22:20:35.0036 0x1680  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:20:35.0041 0x1680  dot3svc - ok
22:20:35.0065 0x1680  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
22:20:35.0069 0x1680  DPS - ok
22:20:35.0103 0x1680  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:20:35.0105 0x1680  drmkaud - ok
22:20:35.0142 0x1680  [ 245F62A2AA67F4A61F10174BF1017327 ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
22:20:35.0144 0x1680  DSBrokerService - ok
22:20:35.0166 0x1680  [ 413F2D5F9D802688242C23B38F767ECB ] DSproct         C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
22:20:35.0168 0x1680  DSproct - ok
22:20:35.0182 0x1680  [ DFEABB7CFFFADEA4A912AB95BDC3177A ] dsunidrv        C:\Windows\system32\DRIVERS\dsunidrv.sys
22:20:35.0184 0x1680  dsunidrv - ok
22:20:35.0216 0x1680  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:20:35.0228 0x1680  DXGKrnl - ok
22:20:35.0262 0x1680  [ 04944F4FC4F0477185F5D26AE0DDB90E ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
22:20:35.0266 0x1680  e1express - ok
22:20:35.0281 0x1680  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
22:20:35.0284 0x1680  E1G60 - ok
22:20:35.0313 0x1680  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
22:20:35.0317 0x1680  EapHost - ok
22:20:35.0362 0x1680  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
22:20:35.0366 0x1680  Ecache - ok
22:20:35.0402 0x1680  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:20:35.0408 0x1680  ehRecvr - ok
22:20:35.0431 0x1680  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
22:20:35.0435 0x1680  ehSched - ok
22:20:35.0450 0x1680  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
22:20:35.0451 0x1680  ehstart - ok
22:20:35.0472 0x1680  [ 7EC42EC12A4BAC14BCCA99FB06F2D125 ] elagopro        C:\Windows\system32\DRIVERS\elagopro.sys
22:20:35.0475 0x1680  elagopro - ok
22:20:35.0490 0x1680  [ DFEABB7CFFFADEA4A912AB95BDC3177A ] elaunidr        C:\Windows\system32\DRIVERS\elaunidr.sys
22:20:35.0492 0x1680  elaunidr - ok
22:20:35.0514 0x1680  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:20:35.0520 0x1680  elxstor - ok
22:20:35.0546 0x1680  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
22:20:35.0556 0x1680  EMDMgmt - ok
22:20:35.0584 0x1680  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
22:20:35.0592 0x1680  EventSystem - ok
22:20:35.0615 0x1680  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
22:20:35.0619 0x1680  exfat - ok
22:20:35.0628 0x1680  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:20:35.0632 0x1680  fastfat - ok
22:20:35.0641 0x1680  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:20:35.0643 0x1680  fdc - ok
22:20:35.0658 0x1680  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
22:20:35.0661 0x1680  fdPHost - ok
22:20:35.0684 0x1680  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:20:35.0687 0x1680  FDResPub - ok
22:20:35.0703 0x1680  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:20:35.0705 0x1680  FileInfo - ok
22:20:35.0729 0x1680  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:20:35.0731 0x1680  Filetrace - ok
22:20:35.0781 0x1680  [ 74CA3E6AD08389B78939EA0F1A2A0789 ] Fitbit Connect  C:\Program Files\Fitbit Connect\FitbitConnectService.exe
22:20:35.0808 0x1680  Fitbit Connect - ok
22:20:35.0858 0x1680  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:20:35.0869 0x1680  FLEXnet Licensing Service - ok
22:20:35.0898 0x1680  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:20:35.0900 0x1680  flpydisk - ok
22:20:35.0924 0x1680  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:20:35.0928 0x1680  FltMgr - ok
22:20:35.0976 0x1680  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
22:20:35.0990 0x1680  FontCache - ok
22:20:36.0023 0x1680  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:20:36.0027 0x1680  FontCache3.0.0.0 - ok
22:20:36.0055 0x1680  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:20:36.0058 0x1680  Fs_Rec - ok
22:20:36.0082 0x1680  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:20:36.0084 0x1680  gagp30kx - ok
22:20:36.0111 0x1680  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:20:36.0114 0x1680  GEARAspiWDM - ok
22:20:36.0142 0x1680  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:20:36.0153 0x1680  gpsvc - ok
22:20:36.0199 0x1680  [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c98fdb9b2368ba C:\Program Files\Google\Update\GoogleUpdate.exe
22:20:36.0201 0x1680  gupdate1c98fdb9b2368ba - ok
22:20:36.0214 0x1680  [ 626A24ED1228580B9518C01930936DF9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
22:20:36.0216 0x1680  gupdatem - ok
22:20:36.0240 0x1680  [ 408DDD80EEDE47175F6844817B90213E ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:20:36.0244 0x1680  gusvc - ok
22:20:36.0276 0x1680  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:20:36.0286 0x1680  HDAudBus - ok
22:20:36.0304 0x1680  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:20:36.0307 0x1680  HidBth - ok
22:20:36.0319 0x1680  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:20:36.0322 0x1680  HidIr - ok
22:20:36.0337 0x1680  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\System32\hidserv.dll
22:20:36.0340 0x1680  hidserv - ok
22:20:36.0348 0x1680  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:20:36.0350 0x1680  HidUsb - ok
22:20:36.0380 0x1680  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:20:36.0384 0x1680  hkmsvc - ok
22:20:36.0399 0x1680  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
22:20:36.0402 0x1680  HpCISSs - ok
22:20:36.0442 0x1680  [ 53229DCF431D76434816CD29251168A0 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
22:20:36.0459 0x1680  HSF_DPV - ok
22:20:36.0489 0x1680  [ ED98350ECD4A5A9C9F1E641C09872BB2 ] HSXHWBS2        C:\Windows\system32\DRIVERS\HSXHWBS2.sys
22:20:36.0495 0x1680  HSXHWBS2 - ok
22:20:36.0526 0x1680  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:20:36.0533 0x1680  HTTP - ok
22:20:36.0543 0x1680  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
22:20:36.0545 0x1680  i2omp - ok
22:20:36.0578 0x1680  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:20:36.0581 0x1680  i8042prt - ok
22:20:36.0612 0x1680  [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor          C:\Windows\system32\drivers\iastor.sys
22:20:36.0617 0x1680  iaStor - ok
22:20:36.0637 0x1680  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
22:20:36.0642 0x1680  iaStorV - ok
22:20:36.0683 0x1680  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:20:36.0686 0x1680  IDriverT - ok
22:20:36.0729 0x1680  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:20:36.0745 0x1680  idsvc - ok
22:20:36.0843 0x1680  [ A9221D13D8F1F772010EE293BA9BAEB7 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
22:20:36.0919 0x1680  igfx - ok
22:20:36.0943 0x1680  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:20:36.0953 0x1680  iirsp - ok
22:20:36.0978 0x1680  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
22:20:36.0987 0x1680  IKEEXT - ok
22:20:37.0052 0x1680  [ F8F53C5449F15B23D4C61D51D2701DA8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:20:37.0089 0x1680  IntcAzAudAddService - ok
22:20:37.0098 0x1680  [ 0084046C084D68E494F8CF36BCF08186 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
22:20:37.0101 0x1680  intelide - ok
22:20:37.0121 0x1680  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:20:37.0123 0x1680  intelppm - ok
22:20:37.0181 0x1680  [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
22:20:37.0183 0x1680  IntuitUpdateServiceV4 - ok
22:20:37.0205 0x1680  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:20:37.0210 0x1680  IPBusEnum - ok
22:20:37.0230 0x1680  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:20:37.0232 0x1680  IpFilterDriver - ok
22:20:37.0265 0x1680  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:20:37.0270 0x1680  iphlpsvc - ok
22:20:37.0277 0x1680  IpInIp - ok
22:20:37.0292 0x1680  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
22:20:37.0294 0x1680  IPMIDRV - ok
22:20:37.0320 0x1680  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
22:20:37.0324 0x1680  IPNAT - ok
22:20:37.0360 0x1680  [ D8B8B5A8FE57CF4F307A540D9A153C23 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:20:37.0369 0x1680  iPod Service - ok
22:20:37.0395 0x1680  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:20:37.0397 0x1680  IRENUM - ok
22:20:37.0408 0x1680  [ 2F8ECE2699E7E2070545E9B0960A8ED2 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:20:37.0411 0x1680  isapnp - ok
22:20:37.0432 0x1680  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
22:20:37.0437 0x1680  iScsiPrt - ok
22:20:37.0449 0x1680  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
22:20:37.0451 0x1680  iteatapi - ok
22:20:37.0467 0x1680  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
22:20:37.0470 0x1680  iteraid - ok
22:20:37.0492 0x1680  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:20:37.0494 0x1680  kbdclass - ok
22:20:37.0510 0x1680  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:20:37.0512 0x1680  kbdhid - ok
22:20:37.0538 0x1680  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
22:20:37.0542 0x1680  KeyIso - ok
22:20:37.0562 0x1680  [ 2B2F1638466E8CB091400C9019CC730E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:20:37.0570 0x1680  KSecDD - ok
22:20:37.0599 0x1680  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:20:37.0607 0x1680  KtmRm - ok
22:20:37.0629 0x1680  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\System32\srvsvc.dll
22:20:37.0635 0x1680  LanmanServer - ok
22:20:37.0680 0x1680  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:20:37.0688 0x1680  LanmanWorkstation - ok
22:20:37.0765 0x1680  [ A0F7DC0080E4F97DC97DE08B699E231B ] LBTServ         C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
22:20:37.0769 0x1680  LBTServ - ok
22:20:37.0815 0x1680  [ 24E0DDB99AECCF86BB37702611761459 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
22:20:37.0820 0x1680  LHidFilt - ok
22:20:37.0838 0x1680  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:20:37.0841 0x1680  lltdio - ok
22:20:37.0876 0x1680  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:20:37.0882 0x1680  lltdsvc - ok
22:20:37.0907 0x1680  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:20:37.0910 0x1680  lmhosts - ok
22:20:37.0931 0x1680  [ D58B330D318361A66A9FE60D7C9B4951 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
22:20:37.0933 0x1680  LMouFilt - ok
22:20:37.0950 0x1680  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:20:37.0953 0x1680  LSI_FC - ok
22:20:37.0964 0x1680  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:20:37.0968 0x1680  LSI_SAS - ok
22:20:37.0983 0x1680  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:20:37.0986 0x1680  LSI_SCSI - ok
22:20:38.0005 0x1680  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
22:20:38.0008 0x1680  luafv - ok
22:20:38.0035 0x1680  [ 144011D14BD35F4E36136AE057B1AADD ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys
22:20:38.0038 0x1680  LUsbFilt - ok
22:20:38.0061 0x1680  [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon        C:\Windows\system32\Drivers\LVPr2Mon.sys
22:20:38.0063 0x1680  LVPr2Mon - ok
22:20:38.0086 0x1680  [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS            C:\Windows\system32\DRIVERS\lvrs.sys
22:20:38.0092 0x1680  LVRS - ok
22:20:38.0100 0x1680  LVUSBSta - ok
22:20:38.0186 0x1680  [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC           C:\Windows\system32\DRIVERS\lvuvc.sys
22:20:38.0261 0x1680  LVUVC - ok
22:20:38.0287 0x1680  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
22:20:38.0290 0x1680  MBAMProtector - ok
22:20:38.0340 0x1680  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:20:38.0347 0x1680  MBAMScheduler - ok
22:20:38.0377 0x1680  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:20:38.0389 0x1680  MBAMService - ok
22:20:38.0411 0x1680  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:20:38.0416 0x1680  Mcx2Svc - ok
22:20:38.0428 0x1680  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
22:20:38.0431 0x1680  mdmxsdk - ok
22:20:38.0445 0x1680  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
22:20:38.0448 0x1680  megasas - ok
22:20:38.0468 0x1680  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
22:20:38.0473 0x1680  MMCSS - ok
22:20:38.0487 0x1680  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
22:20:38.0489 0x1680  Modem - ok
22:20:38.0511 0x1680  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:20:38.0514 0x1680  monitor - ok
22:20:38.0543 0x1680  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:20:38.0546 0x1680  mouclass - ok
22:20:38.0561 0x1680  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:20:38.0564 0x1680  mouhid - ok
22:20:38.0573 0x1680  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
22:20:38.0575 0x1680  MountMgr - ok
22:20:38.0619 0x1680  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:20:38.0623 0x1680  MozillaMaintenance - ok
22:20:38.0656 0x1680  [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
22:20:38.0660 0x1680  MpFilter - ok
22:20:38.0676 0x1680  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:20:38.0680 0x1680  mpio - ok
22:20:38.0773 0x1680  [ A69630D039C38018689190234F866D77 ] MpKsle8031607   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FADA6FFA-65EE-4D24-91CF-C7D09B660F0E}\MpKsle8031607.sys
22:20:38.0775 0x1680  MpKsle8031607 - ok
22:20:38.0788 0x1680  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:20:38.0791 0x1680  mpsdrv - ok
22:20:38.0826 0x1680  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:20:38.0835 0x1680  MpsSvc - ok
22:20:38.0846 0x1680  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
22:20:38.0848 0x1680  Mraid35x - ok
22:20:38.0857 0x1680  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:20:38.0861 0x1680  MRxDAV - ok
22:20:38.0886 0x1680  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:20:38.0890 0x1680  mrxsmb - ok
22:20:38.0911 0x1680  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:20:38.0916 0x1680  mrxsmb10 - ok
22:20:38.0931 0x1680  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:20:38.0935 0x1680  mrxsmb20 - ok
22:20:38.0951 0x1680  [ D420BC42A637AC3CC4F411220549C0DC ] msahci          C:\Windows\system32\drivers\msahci.sys
22:20:38.0954 0x1680  msahci - ok
22:20:38.0971 0x1680  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:20:38.0975 0x1680  msdsm - ok
22:20:39.0003 0x1680  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
22:20:39.0009 0x1680  MSDTC - ok
22:20:39.0036 0x1680  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:20:39.0038 0x1680  Msfs - ok
22:20:39.0055 0x1680  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:20:39.0057 0x1680  msisadrv - ok
22:20:39.0084 0x1680  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:20:39.0089 0x1680  MSiSCSI - ok
22:20:39.0097 0x1680  msiserver - ok
22:20:39.0115 0x1680  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:20:39.0117 0x1680  MSKSSRV - ok
22:20:39.0166 0x1680  [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:20:39.0168 0x1680  MsMpSvc - ok
22:20:39.0193 0x1680  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:20:39.0196 0x1680  MSPCLOCK - ok
22:20:39.0207 0x1680  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:20:39.0210 0x1680  MSPQM - ok
22:20:39.0230 0x1680  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:20:39.0234 0x1680  MsRPC - ok
22:20:39.0250 0x1680  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:20:39.0252 0x1680  mssmbios - ok
22:20:39.0265 0x1680  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:20:39.0267 0x1680  MSTEE - ok
22:20:39.0276 0x1680  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
22:20:39.0279 0x1680  Mup - ok
22:20:39.0298 0x1680  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
22:20:39.0307 0x1680  napagent - ok
22:20:39.0346 0x1680  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:20:39.0350 0x1680  NativeWifiP - ok
22:20:39.0379 0x1680  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:20:39.0388 0x1680  NDIS - ok
22:20:39.0411 0x1680  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:20:39.0413 0x1680  NdisTapi - ok
22:20:39.0439 0x1680  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:20:39.0441 0x1680  Ndisuio - ok
22:20:39.0458 0x1680  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:20:39.0462 0x1680  NdisWan - ok
22:20:39.0477 0x1680  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:20:39.0480 0x1680  NDProxy - ok
22:20:39.0493 0x1680  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:20:39.0495 0x1680  NetBIOS - ok
22:20:39.0513 0x1680  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
22:20:39.0517 0x1680  netbt - ok
22:20:39.0530 0x1680  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
22:20:39.0533 0x1680  Netlogon - ok
22:20:39.0563 0x1680  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
22:20:39.0571 0x1680  Netman - ok
22:20:39.0589 0x1680  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
22:20:39.0595 0x1680  netprofm - ok
22:20:39.0608 0x1680  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:20:39.0613 0x1680  NetTcpPortSharing - ok
22:20:39.0639 0x1680  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:20:39.0641 0x1680  nfrd960 - ok
22:20:39.0672 0x1680  [ B52F26BADE7D7E4A79706E3FD91834CD ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:20:39.0675 0x1680  NisDrv - ok
22:20:39.0689 0x1680  [ 290C0D4C4889398797F8DF3BE00B9698 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
22:20:39.0693 0x1680  NisSrv - ok
22:20:39.0704 0x1680  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:20:39.0711 0x1680  NlaSvc - ok
22:20:39.0719 0x1680  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:20:39.0722 0x1680  Npfs - ok
22:20:39.0740 0x1680  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
22:20:39.0745 0x1680  nsi - ok
22:20:39.0753 0x1680  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:20:39.0755 0x1680  nsiproxy - ok
22:20:39.0787 0x1680  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:20:39.0814 0x1680  Ntfs - ok
22:20:39.0829 0x1680  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
22:20:39.0831 0x1680  ntrigdigi - ok
22:20:39.0856 0x1680  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
22:20:39.0859 0x1680  Null - ok
22:20:40.0076 0x1680  [ E891B3979F0CF2740C1B073F834221FE ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:20:40.0252 0x1680  nvlddmkm - ok
22:20:40.0278 0x1680  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:20:40.0282 0x1680  nvraid - ok
22:20:40.0295 0x1680  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:20:40.0298 0x1680  nvstor - ok
22:20:40.0336 0x1680  [ AE2DE8E165DCB93A66B21748E6F913DF ] nvsvc           C:\Windows\system32\nvvsvc.exe
22:20:40.0349 0x1680  nvsvc - ok
22:20:40.0429 0x1680  [ C78581C14699C46FE0F0817416383134 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:20:40.0475 0x1680  nvUpdatusService - ok
22:20:40.0501 0x1680  [ 055081FD5076401C1EE1BCAB08D81911 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:20:40.0505 0x1680  nv_agp - ok
22:20:40.0513 0x1680  NwlnkFlt - ok
22:20:40.0523 0x1680  NwlnkFwd - ok
22:20:40.0586 0x1680  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:20:40.0594 0x1680  odserv - ok
22:20:40.0614 0x1680  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:20:40.0618 0x1680  ohci1394 - ok
22:20:40.0645 0x1680  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:20:40.0649 0x1680  ose - ok
22:20:40.0675 0x1680  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
22:20:40.0689 0x1680  p2pimsvc - ok
22:20:40.0703 0x1680  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:20:40.0713 0x1680  p2psvc - ok
22:20:40.0736 0x1680  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
22:20:40.0740 0x1680  Parport - ok
22:20:40.0762 0x1680  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:20:40.0765 0x1680  partmgr - ok
22:20:40.0784 0x1680  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
22:20:40.0786 0x1680  Parvdm - ok
22:20:40.0809 0x1680  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:20:40.0814 0x1680  PcaSvc - ok
22:20:40.0840 0x1680  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
22:20:40.0844 0x1680  pci - ok
22:20:40.0862 0x1680  [ 1636D43F10416AEB483BC6001097B26C ] pciide          C:\Windows\system32\drivers\pciide.sys
22:20:40.0864 0x1680  pciide - ok
22:20:40.0880 0x1680  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:20:40.0884 0x1680  pcmcia - ok
22:20:40.0916 0x1680  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:20:40.0930 0x1680  PEAUTH - ok
22:20:40.0967 0x1680  [ B20F958B207E6AAAC5F70D04DD2C30D8 ] pepifilter      C:\Windows\system32\DRIVERS\lv302af.sys
22:20:40.0975 0x1680  pepifilter - ok
22:20:41.0053 0x1680  [ DD184D9ADFE2A8A21741DBDFE9E22F5C ] PID_PEPI        C:\Windows\system32\DRIVERS\LV302V32.SYS
22:20:41.0099 0x1680  PID_PEPI - ok
22:20:41.0144 0x1680  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
22:20:41.0172 0x1680  pla - ok
22:20:41.0194 0x1680  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:20:41.0202 0x1680  PlugPlay - ok
22:20:41.0220 0x1680  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
22:20:41.0231 0x1680  PNRPAutoReg - ok
22:20:41.0246 0x1680  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
22:20:41.0256 0x1680  PNRPsvc - ok
22:20:41.0276 0x1680  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:20:41.0284 0x1680  PolicyAgent - ok
22:20:41.0301 0x1680  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:20:41.0304 0x1680  PptpMiniport - ok
22:20:41.0322 0x1680  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
22:20:41.0324 0x1680  Processor - ok
22:20:41.0349 0x1680  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:20:41.0355 0x1680  ProfSvc - ok
22:20:41.0371 0x1680  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:20:41.0375 0x1680  ProtectedStorage - ok
22:20:41.0394 0x1680  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
22:20:41.0397 0x1680  PSched - ok
22:20:41.0416 0x1680  [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
22:20:41.0419 0x1680  PxHelp20 - ok
22:20:41.0463 0x1680  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:20:41.0478 0x1680  ql2300 - ok
22:20:41.0494 0x1680  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:20:41.0498 0x1680  ql40xx - ok
22:20:41.0531 0x1680  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
22:20:41.0538 0x1680  QWAVE - ok
22:20:41.0565 0x1680  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:20:41.0568 0x1680  QWAVEdrv - ok
22:20:41.0619 0x1680  [ E642B131FB74CAF4BB8A014F31113142 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
22:20:41.0654 0x1680  R300 - ok
22:20:41.0758 0x1680  [ B5909D985716A9CD8B75C12D6581426D ] RapportCerberus_56758 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_56758.sys
22:20:41.0764 0x1680  RapportCerberus_56758 - ok
22:20:41.0819 0x1680  [ D84FC19D43E4107BC782150D2764BFBD ] RapportEI       C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
22:20:41.0822 0x1680  RapportEI - ok
22:20:41.0851 0x1680  [ 653BFBD9732C75E78CF7C12C355B107A ] RapportKELL     C:\Windows\system32\Drivers\RapportKELL.sys
22:20:41.0854 0x1680  RapportKELL - ok
22:20:41.0907 0x1680  [ AAFF338D1D3A76440A1BD998BF5E8841 ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
22:20:41.0933 0x1680  RapportMgmtService - ok
22:20:41.0964 0x1680  [ 22BA6D9BD295A7BD4E3EB0E48FB88512 ] RapportPG       C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
22:20:41.0968 0x1680  RapportPG - ok
22:20:41.0984 0x1680  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:20:41.0986 0x1680  RasAcd - ok
22:20:42.0005 0x1680  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
22:20:42.0011 0x1680  RasAuto - ok
22:20:42.0036 0x1680  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:20:42.0039 0x1680  Rasl2tp - ok
22:20:42.0056 0x1680  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
22:20:42.0064 0x1680  RasMan - ok
22:20:42.0083 0x1680  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:20:42.0086 0x1680  RasPppoe - ok
22:20:42.0113 0x1680  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:20:42.0117 0x1680  RasSstp - ok
22:20:42.0133 0x1680  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:20:42.0138 0x1680  rdbss - ok
22:20:42.0149 0x1680  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:20:42.0151 0x1680  RDPCDD - ok
22:20:42.0178 0x1680  [ 0245418224CFA77BF4B41C2FE0622258 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
22:20:42.0184 0x1680  rdpdr - ok
22:20:42.0192 0x1680  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:20:42.0194 0x1680  RDPENCDD - ok
22:20:42.0236 0x1680  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:20:42.0240 0x1680  RDPWD - ok
22:20:42.0259 0x1680  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:20:42.0264 0x1680  RemoteAccess - ok
22:20:42.0294 0x1680  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:20:42.0301 0x1680  RemoteRegistry - ok
22:20:42.0349 0x1680  [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9     C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
22:20:42.0365 0x1680  RoxMediaDB9 - ok
22:20:42.0385 0x1680  [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9       C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
22:20:42.0389 0x1680  RoxWatch9 - ok
22:20:42.0402 0x1680  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
22:20:42.0405 0x1680  RpcLocator - ok
22:20:42.0432 0x1680  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
22:20:42.0442 0x1680  RpcSs - ok
22:20:42.0461 0x1680  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:20:42.0464 0x1680  rspndr - ok
22:20:42.0472 0x1680  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
22:20:42.0475 0x1680  SamSs - ok
22:20:42.0494 0x1680  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:20:42.0497 0x1680  sbp2port - ok
22:20:42.0543 0x1680  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:20:42.0549 0x1680  SCardSvr - ok
22:20:42.0585 0x1680  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
22:20:42.0598 0x1680  Schedule - ok
22:20:42.0613 0x1680  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:20:42.0616 0x1680  SCPolicySvc - ok
22:20:42.0629 0x1680  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:20:42.0636 0x1680  SDRSVC - ok
22:20:42.0651 0x1680  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:20:42.0653 0x1680  secdrv - ok
22:20:42.0674 0x1680  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
22:20:42.0679 0x1680  seclogon - ok
22:20:42.0687 0x1680  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\system32\sens.dll
22:20:42.0692 0x1680  SENS - ok
22:20:42.0714 0x1680  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:20:42.0717 0x1680  Serenum - ok
22:20:42.0733 0x1680  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
22:20:42.0737 0x1680  Serial - ok
22:20:42.0768 0x1680  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:20:42.0771 0x1680  sermouse - ok
22:20:42.0808 0x1680  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:20:42.0815 0x1680  SessionEnv - ok
22:20:42.0829 0x1680  [ 51CF56AA8BCC241F134B420B8F850406 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:20:42.0831 0x1680  sffdisk - ok
22:20:42.0847 0x1680  [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:20:42.0849 0x1680  sffp_mmc - ok
22:20:42.0863 0x1680  [ 8B08CAB1267B2C377883FC9E56981F90 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:20:42.0866 0x1680  sffp_sd - ok
22:20:42.0881 0x1680  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:20:42.0883 0x1680  sfloppy - ok
22:20:42.0941 0x1680  [ C950D0381B42A54541CD55ADCCF3D75B ] SgtSch2Svc      C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
22:20:42.0952 0x1680  SgtSch2Svc - ok
22:20:42.0974 0x1680  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:20:42.0981 0x1680  SharedAccess - ok
22:20:43.0008 0x1680  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:20:43.0016 0x1680  ShellHWDetection - ok
22:20:43.0040 0x1680  [ 08072B2FB92477FC813271A84B3A8698 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
22:20:43.0043 0x1680  sisagp - ok
22:20:43.0061 0x1680  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
22:20:43.0064 0x1680  SiSRaid2 - ok
22:20:43.0077 0x1680  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:20:43.0081 0x1680  SiSRaid4 - ok
22:20:43.0122 0x1680  [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
22:20:43.0126 0x1680  SkypeUpdate - ok
22:20:43.0203 0x1680  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
22:20:43.0266 0x1680  slsvc - ok
22:20:43.0302 0x1680  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
22:20:43.0308 0x1680  SLUINotify - ok
22:20:43.0317 0x1680  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:20:43.0320 0x1680  Smb - ok
22:20:43.0364 0x1680  [ 98B44C15B4EED76AA8DCCB64A4CA11AF ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
22:20:43.0367 0x1680  snapman - ok
22:20:43.0388 0x1680  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:20:43.0394 0x1680  SNMPTRAP - ok
22:20:43.0412 0x1680  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
22:20:43.0415 0x1680  spldr - ok
22:20:43.0442 0x1680  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
22:20:43.0449 0x1680  Spooler - ok
22:20:43.0489 0x1680  sprtsvc_dellsupportcenter - ok
22:20:43.0515 0x1680  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:20:43.0521 0x1680  srv - ok
22:20:43.0552 0x1680  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:20:43.0556 0x1680  srv2 - ok
22:20:43.0566 0x1680  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:20:43.0569 0x1680  srvnet - ok
22:20:43.0584 0x1680  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:20:43.0591 0x1680  SSDPSRV - ok
22:20:43.0625 0x1680  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:20:43.0632 0x1680  SstpSvc - ok
22:20:43.0672 0x1680  [ FC0A58529A02B1EED55DDC58696B7908 ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:20:43.0678 0x1680  Stereo Service - ok
22:20:43.0707 0x1680  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
22:20:43.0719 0x1680  stisvc - ok
22:20:43.0749 0x1680  [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
22:20:43.0752 0x1680  stllssvr - ok
22:20:43.0791 0x1680  [ 4666F2D9CC023EE22A16DB0E8A1C91BE ] Stuffit Archive Name Service C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe
22:20:43.0795 0x1680  Stuffit Archive Name Service - ok
22:20:43.0825 0x1680  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:20:43.0827 0x1680  swenum - ok
22:20:43.0846 0x1680  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
22:20:43.0855 0x1680  swprv - ok
22:20:43.0879 0x1680  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
22:20:43.0881 0x1680  Symc8xx - ok
22:20:43.0897 0x1680  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
22:20:43.0900 0x1680  Sym_hi - ok
22:20:43.0920 0x1680  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
22:20:43.0923 0x1680  Sym_u3 - ok
22:20:43.0960 0x1680  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
22:20:43.0973 0x1680  SysMain - ok
22:20:43.0999 0x1680  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:20:44.0006 0x1680  TabletInputService - ok
22:20:44.0035 0x1680  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:20:44.0043 0x1680  TapiSrv - ok
22:20:44.0056 0x1680  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
22:20:44.0063 0x1680  TBS - ok
22:20:44.0102 0x1680  [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:20:44.0117 0x1680  Tcpip - ok
22:20:44.0139 0x1680  [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
22:20:44.0149 0x1680  Tcpip6 - ok
22:20:44.0175 0x1680  [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:20:44.0178 0x1680  tcpipreg - ok
22:20:44.0210 0x1680  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:20:44.0213 0x1680  TDPIPE - ok
22:20:44.0226 0x1680  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:20:44.0228 0x1680  TDTCP - ok
22:20:44.0249 0x1680  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:20:44.0252 0x1680  tdx - ok
22:20:44.0277 0x1680  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:20:44.0280 0x1680  TermDD - ok
22:20:44.0299 0x1680  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
22:20:44.0309 0x1680  TermService - ok
22:20:44.0325 0x1680  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
22:20:44.0331 0x1680  Themes - ok
22:20:44.0343 0x1680  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
22:20:44.0347 0x1680  THREADORDER - ok
22:20:44.0373 0x1680  [ D8A96D0E25D43FDAC3BED09ADF39FDE9 ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
22:20:44.0384 0x1680  timounter - ok
22:20:44.0399 0x1680  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
22:20:44.0406 0x1680  TrkWks - ok
22:20:44.0433 0x1680  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:20:44.0436 0x1680  TrustedInstaller - ok
22:20:44.0456 0x1680  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:20:44.0458 0x1680  tssecsrv - ok
22:20:44.0478 0x1680  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
22:20:44.0480 0x1680  tunmp - ok
22:20:44.0502 0x1680  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:20:44.0505 0x1680  tunnel - ok
22:20:44.0522 0x1680  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:20:44.0524 0x1680  uagp35 - ok
22:20:44.0541 0x1680  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:20:44.0545 0x1680  udfs - ok
22:20:44.0572 0x1680  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:20:44.0577 0x1680  UI0Detect - ok
22:20:44.0600 0x1680  [ 6D72EF05921ABDF59FC45C7EBFE7E8DD ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:20:44.0602 0x1680  uliagpkx - ok
22:20:44.0628 0x1680  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
22:20:44.0633 0x1680  uliahci - ok
22:20:44.0653 0x1680  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
22:20:44.0657 0x1680  UlSata - ok
22:20:44.0682 0x1680  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
22:20:44.0686 0x1680  ulsata2 - ok
22:20:44.0709 0x1680  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:20:44.0712 0x1680  umbus - ok
22:20:44.0770 0x1680  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
22:20:44.0777 0x1680  UMVPFSrv - ok
22:20:44.0794 0x1680  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
22:20:44.0803 0x1680  upnphost - ok
22:20:44.0832 0x1680  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
22:20:44.0835 0x1680  USBAAPL - ok
22:20:44.0868 0x1680  [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:20:44.0871 0x1680  usbaudio - ok
22:20:44.0897 0x1680  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:20:44.0901 0x1680  usbccgp - ok
22:20:44.0923 0x1680  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:20:44.0929 0x1680  usbcir - ok
22:20:44.0954 0x1680  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:20:44.0957 0x1680  usbehci - ok
22:20:44.0972 0x1680  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:20:44.0976 0x1680  usbhub - ok
22:20:44.0994 0x1680  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:20:44.0997 0x1680  usbohci - ok
22:20:45.0018 0x1680  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:20:45.0021 0x1680  usbprint - ok
22:20:45.0059 0x1680  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:20:45.0062 0x1680  usbscan - ok
22:20:45.0079 0x1680  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:20:45.0082 0x1680  USBSTOR - ok
22:20:45.0099 0x1680  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
22:20:45.0102 0x1680  usbuhci - ok
22:20:45.0132 0x1680  [ 0A6B81F01BC86399482E27E6FDA7B33B ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
22:20:45.0136 0x1680  usbvideo - ok
22:20:45.0146 0x1680  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
22:20:45.0151 0x1680  UxSms - ok
22:20:45.0186 0x1680  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
22:20:45.0197 0x1680  vds - ok
22:20:45.0228 0x1680  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:20:45.0230 0x1680  vga - ok
22:20:45.0255 0x1680  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:20:45.0258 0x1680  VgaSave - ok
22:20:45.0274 0x1680  [ D5929A28BDFF4367A12CAF06AF901971 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
22:20:45.0277 0x1680  viaagp - ok
22:20:45.0296 0x1680  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
22:20:45.0299 0x1680  ViaC7 - ok
22:20:45.0321 0x1680  [ F3B4762EB85A2AFF4999401F14C3262B ] viaide          C:\Windows\system32\drivers\viaide.sys
22:20:45.0324 0x1680  viaide - ok
22:20:45.0360 0x1680  [ 149EC3E217F9D11E9CA6C54CE3D70C73 ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
22:20:45.0365 0x1680  vididr - ok
22:20:45.0378 0x1680  [ E31E9CD40677B84B3ADAA7A0D80DC439 ] vidsflt53       C:\Windows\system32\DRIVERS\vsflt53.sys
22:20:45.0382 0x1680  vidsflt53 - ok
22:20:45.0391 0x1680  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:20:45.0394 0x1680  volmgr - ok
22:20:45.0411 0x1680  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:20:45.0417 0x1680  volmgrx - ok
22:20:45.0436 0x1680  [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:20:45.0441 0x1680  volsnap - ok
22:20:45.0464 0x1680  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:20:45.0468 0x1680  vsmraid - ok
22:20:45.0502 0x1680  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
22:20:45.0529 0x1680  VSS - ok
22:20:45.0552 0x1680  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
22:20:45.0561 0x1680  W32Time - ok
22:20:45.0587 0x1680  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:20:45.0590 0x1680  WacomPen - ok
22:20:45.0618 0x1680  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
22:20:45.0621 0x1680  Wanarp - ok
22:20:45.0628 0x1680  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:20:45.0630 0x1680  Wanarpv6 - ok
22:20:45.0657 0x1680  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:20:45.0668 0x1680  wcncsvc - ok
22:20:45.0688 0x1680  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:20:45.0695 0x1680  WcsPlugInService - ok
22:20:45.0717 0x1680  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
22:20:45.0719 0x1680  Wd - ok
22:20:45.0742 0x1680  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:20:45.0752 0x1680  Wdf01000 - ok
22:20:45.0773 0x1680  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:20:45.0780 0x1680  WdiServiceHost - ok
22:20:45.0787 0x1680  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:20:45.0793 0x1680  WdiSystemHost - ok
22:20:45.0824 0x1680  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
22:20:45.0832 0x1680  WebClient - ok
22:20:45.0866 0x1680  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:20:45.0873 0x1680  Wecsvc - ok
22:20:45.0883 0x1680  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:20:45.0889 0x1680  wercplsupport - ok
22:20:45.0902 0x1680  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:20:45.0909 0x1680  WerSvc - ok
22:20:45.0947 0x1680  [ 6D2350BB6E77E800FC4BE4E5B7A2E89A ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
22:20:45.0958 0x1680  winachsf - ok
22:20:45.0996 0x1680  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
22:20:46.0002 0x1680  WinDefend - ok
22:20:46.0013 0x1680  WinHttpAutoProxySvc - ok
22:20:46.0050 0x1680  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:20:46.0054 0x1680  Winmgmt - ok
22:20:46.0098 0x1680  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:20:46.0125 0x1680  WinRM - ok
22:20:46.0165 0x1680  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:20:46.0178 0x1680  Wlansvc - ok
22:20:46.0196 0x1680  [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:20:46.0199 0x1680  WmiAcpi - ok
22:20:46.0237 0x1680  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:20:46.0241 0x1680  wmiApSrv - ok
22:20:46.0278 0x1680  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
22:20:46.0293 0x1680  WMPNetworkSvc - ok
22:20:46.0305 0x1680  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:20:46.0313 0x1680  WPCSvc - ok
22:20:46.0334 0x1680  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:20:46.0341 0x1680  WPDBusEnum - ok
22:20:46.0366 0x1680  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
22:20:46.0369 0x1680  WpdUsb - ok
22:20:46.0435 0x1680  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:20:46.0450 0x1680  WPFFontCache_v0400 - ok
22:20:46.0474 0x1680  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:20:46.0476 0x1680  ws2ifsl - ok
22:20:46.0500 0x1680  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\system32\wscsvc.dll
22:20:46.0507 0x1680  wscsvc - ok
22:20:46.0515 0x1680  WSearch - ok
22:20:46.0578 0x1680  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
22:20:46.0614 0x1680  wuauserv - ok
22:20:46.0645 0x1680  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:20:46.0648 0x1680  WUDFRd - ok
22:20:46.0670 0x1680  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:20:46.0677 0x1680  wudfsvc - ok
22:20:46.0690 0x1680  [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
22:20:46.0692 0x1680  XAudio - ok
22:20:46.0709 0x1680  [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
22:20:46.0716 0x1680  XAudioService - ok
22:20:46.0728 0x1680  ================ Scan global ===============================
22:20:46.0736 0x1680  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
22:20:46.0769 0x1680  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:20:46.0789 0x1680  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:20:46.0823 0x1680  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
22:20:46.0832 0x1680  [Global] - ok
22:20:46.0832 0x1680  ================ Scan MBR ==================================
22:20:46.0847 0x1680  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
22:20:47.0117 0x1680  \Device\Harddisk0\DR0 - ok
22:20:47.0135 0x1680  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
22:20:48.0254 0x1680  \Device\Harddisk1\DR1 - ok
22:20:48.0259 0x1680  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
22:20:48.0861 0x1680  \Device\Harddisk2\DR2 - ok
22:20:48.0862 0x1680  ================ Scan VBR ==================================
22:20:48.0878 0x1680  [ 5C6DEEBF1BF3DCA987229CA7A57F0C23 ] \Device\Harddisk0\DR0\Partition1
22:20:48.0881 0x1680  \Device\Harddisk0\DR0\Partition1 - ok
22:20:48.0886 0x1680  [ 56DC308277C2225B43E95E3946C029C6 ] \Device\Harddisk0\DR0\Partition2
22:20:48.0889 0x1680  \Device\Harddisk0\DR0\Partition2 - ok
22:20:48.0938 0x1680  [ 003DB5E00D1D7F8239CF874AB3025742 ] \Device\Harddisk1\DR1\Partition1
22:20:48.0940 0x1680  \Device\Harddisk1\DR1\Partition1 - ok
22:20:48.0945 0x1680  [ D3B472C7FE21BB3FFAA66DE0F0FA7952 ] \Device\Harddisk1\DR1\Partition2
22:20:48.0947 0x1680  \Device\Harddisk1\DR1\Partition2 - ok
22:20:48.0954 0x1680  [ D6E85924853561E0760BCE69EDE56572 ] \Device\Harddisk2\DR2\Partition1
22:20:48.0958 0x1680  \Device\Harddisk2\DR2\Partition1 - ok
22:20:48.0962 0x1680  ============================================================
22:20:48.0962 0x1680  Scan finished
22:20:48.0962 0x1680  ============================================================
22:20:48.0985 0x10f4  Detected object count: 0
22:20:48.0985 0x10f4  Actual detected object count: 0
22:21:51.0810 0x0540  Deinitialize success
 
 
****ADWCLEANER RESULTS CONTENTS****
((i don't understand the contents so I don't know if I want to keep anything here, per your instructions))
 
# AdwCleaner v3.002 - Report created 01/09/2013 at 22:22:35
# Updated 01/09/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : SarahT - REDHEADS
# Running from : C:\Users\SarahT\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found C:\Users\SarahT\AppData\Local\PackageAware
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\Software\TENCENT
Product Found : Google Update Helper
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16446
 
 
-\\ Mozilla Firefox v23.0.1 (en-US)
 
[ File : C:\Users\SarahT\AppData\Roaming\Mozilla\Firefox\Profiles\b5hbgrmu.default\prefs.js ]
 
 
-\\ Google Chrome v29.0.1547.62
 
[ File : C:\Users\SarahT\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1112 octets] - [01/09/2013 22:22:35]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1172 octets] ##########
 
 
 
((running ESET online scanner now, expect it will take several hours. Will add results once it has completed or in the morning))

Edited by Bugaroo, 01 September 2013 - 09:37 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:41 AM

Posted 01 September 2013 - 10:35 PM

Ok when that's done ..
Double click on AdwCleaner.exe to run the tool again.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Let me know about the redirects.

Edited by boopme, 01 September 2013 - 10:39 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Bugaroo

Bugaroo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:41 AM

Posted 02 September 2013 - 07:05 AM

******ADWCLEANER RESULTS*******

# AdwCleaner v3.002 - Report created 02/09/2013 at 07:38:26
# Updated 01/09/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : SarahT - REDHEADS
# Running from : C:\Users\SarahT\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\SarahT\AppData\Local\PackageAware

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\TENCENT
Product Deleted : Google Update Helper

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16446


-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\SarahT\AppData\Roaming\Mozilla\Firefox\Profiles\b5hbgrmu.default\prefs.js ]


-\\ Google Chrome v29.0.1547.62

[ File : C:\Users\SarahT\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1252 octets] - [01/09/2013 22:22:35]
AdwCleaner[R1].txt - [1312 octets] - [02/09/2013 07:37:05]
AdwCleaner[S0].txt - [1247 octets] - [02/09/2013 07:38:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1307 octets] ##########


Just tried Chrome - redirect still present. FF appeared to be ok. I am going to run ESET again, though - ran for 9:50 then said user stopped - I hit spacebar to wake up the monitor this morning and think it may have stopped it. Sorry.

 

ETA:

FF is still a problem, too. ESET still running for the 2nd time, I will not interrupt it this time.


Edited by Bugaroo, 02 September 2013 - 08:05 AM.


#6 Bugaroo

Bugaroo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:41 AM

Posted 02 September 2013 - 02:54 PM

Hi Boopme - ESET is still running, but it is finishing up with my backup drive and has found nothing yet. Is it possible that this is a DNS issue? I've found reference to switching to openDNS or google to solve this particular problem, but that seems more like a workaround than an actual solving of the problem.

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:41 AM

Posted 02 September 2013 - 07:14 PM

OK, we flushed the DNS with Minitoolbox..

In FireFox it may be the Add ons/Plugins. First look for those sites and disable. Or
Try disabling the add ons one at a time and see which one was at fault.

How to disable extensions and plugins

Keeping your third-party plugins up to date

You may also need to do it for Chrome....
Disabling Plugins in Google Chrome


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users