20:37:41.0662 6364 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11 20:37:42.0301 6364 ============================================================ 20:37:42.0301 6364 Current date / time: 2012/07/17 20:37:42.0301 20:37:42.0301 6364 SystemInfo: 20:37:42.0301 6364 20:37:42.0301 6364 OS Version: 6.1.7600 ServicePack: 0.0 20:37:42.0301 6364 Product type: Workstation 20:37:42.0301 6364 ComputerName: JARED-PC 20:37:42.0301 6364 UserName: Jared 20:37:42.0301 6364 Windows directory: C:\Windows 20:37:42.0301 6364 System windows directory: C:\Windows 20:37:42.0301 6364 Running under WOW64 20:37:42.0301 6364 Processor architecture: Intel x64 20:37:42.0301 6364 Number of processors: 4 20:37:42.0301 6364 Page size: 0x1000 20:37:42.0301 6364 Boot type: Normal boot 20:37:42.0301 6364 ============================================================ 20:37:43.0518 6364 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 20:37:43.0518 6364 ============================================================ 20:37:43.0518 6364 \Device\Harddisk0\DR0: 20:37:43.0518 6364 MBR partitions: 20:37:43.0518 6364 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000 20:37:43.0518 6364 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x38625830 20:37:43.0518 6364 ============================================================ 20:37:43.0549 6364 C: <-> \Device\Harddisk0\DR0\Partition1 20:37:43.0549 6364 ============================================================ 20:37:43.0549 6364 Initialize success 20:37:43.0549 6364 ============================================================ 20:38:21.0270 6880 ============================================================ 20:38:21.0270 6880 Scan started 20:38:21.0270 6880 Mode: Manual; SigCheck; TDLFS; 20:38:21.0270 6880 ============================================================ 20:38:21.0957 6880 1394ohci (69aa89a20dee08bfa650aab6ce37bd10) C:\Windows\system32\DRIVERS\1394ohci.sys 20:38:22.0050 6880 1394ohci - ok 20:38:22.0082 6880 Acceler (c49c56b35bfc6cda8d1fdcad2885568f) C:\Windows\system32\DRIVERS\Acceler.sys 20:38:22.0097 6880 Acceler - ok 20:38:22.0128 6880 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 20:38:22.0144 6880 ACPI - ok 20:38:22.0160 6880 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 20:38:22.0206 6880 AcpiPmi - ok 20:38:22.0316 6880 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 20:38:22.0331 6880 AdobeFlashPlayerUpdateSvc - ok 20:38:22.0394 6880 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 20:38:22.0425 6880 adp94xx - ok 20:38:22.0440 6880 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 20:38:22.0472 6880 adpahci - ok 20:38:22.0487 6880 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 20:38:22.0518 6880 adpu320 - ok 20:38:22.0534 6880 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 20:38:22.0628 6880 AeLookupSvc - ok 20:38:22.0721 6880 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe 20:38:22.0846 6880 AESTFilters - ok 20:38:22.0908 6880 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys 20:38:22.0971 6880 AFD - ok 20:38:23.0002 6880 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 20:38:23.0018 6880 agp440 - ok 20:38:23.0049 6880 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 20:38:23.0080 6880 ALG - ok 20:38:23.0111 6880 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 20:38:23.0127 6880 aliide - ok 20:38:23.0127 6880 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 20:38:23.0142 6880 amdide - ok 20:38:23.0174 6880 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 20:38:23.0220 6880 AmdK8 - ok 20:38:23.0236 6880 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 20:38:23.0267 6880 AmdPPM - ok 20:38:23.0314 6880 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\DRIVERS\amdsata.sys 20:38:23.0330 6880 amdsata - ok 20:38:23.0345 6880 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 20:38:23.0361 6880 amdsbs - ok 20:38:23.0376 6880 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\DRIVERS\amdxata.sys 20:38:23.0392 6880 amdxata - ok 20:38:23.0423 6880 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 20:38:23.0486 6880 AppID - ok 20:38:23.0501 6880 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 20:38:23.0564 6880 AppIDSvc - ok 20:38:23.0595 6880 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll 20:38:23.0642 6880 Appinfo - ok 20:38:23.0657 6880 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 20:38:23.0673 6880 arc - ok 20:38:23.0688 6880 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 20:38:23.0704 6880 arcsas - ok 20:38:23.0720 6880 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 20:38:23.0782 6880 AsyncMac - ok 20:38:23.0798 6880 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 20:38:23.0813 6880 atapi - ok 20:38:23.0860 6880 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 20:38:23.0938 6880 AudioEndpointBuilder - ok 20:38:23.0938 6880 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 20:38:23.0985 6880 AudioSrv - ok 20:38:24.0016 6880 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll 20:38:24.0063 6880 AxInstSV - ok 20:38:24.0110 6880 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 20:38:24.0172 6880 b06bdrv - ok 20:38:24.0219 6880 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 20:38:24.0266 6880 b57nd60a - ok 20:38:24.0297 6880 BCM42RLY (5c0f919666954885d7760dffe4b29a25) C:\Windows\system32\drivers\BCM42RLY.sys 20:38:24.0312 6880 BCM42RLY - ok 20:38:24.0515 6880 BCM43XX (bab887a2b2786310a966881f074f4a99) C:\Windows\system32\DRIVERS\bcmwl664.sys 20:38:24.0609 6880 BCM43XX - ok 20:38:24.0718 6880 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 20:38:24.0765 6880 BDESVC - ok 20:38:24.0796 6880 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 20:38:24.0858 6880 Beep - ok 20:38:24.0936 6880 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll 20:38:25.0014 6880 BFE - ok 20:38:25.0077 6880 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll 20:38:25.0155 6880 BITS - ok 20:38:25.0202 6880 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 20:38:25.0233 6880 blbdrive - ok 20:38:25.0280 6880 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 20:38:25.0389 6880 bowser - ok 20:38:25.0498 6880 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:38:25.0545 6880 BrFiltLo - ok 20:38:25.0576 6880 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:38:25.0607 6880 BrFiltUp - ok 20:38:25.0638 6880 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll 20:38:25.0701 6880 Browser - ok 20:38:25.0732 6880 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 20:38:25.0763 6880 Brserid - ok 20:38:25.0794 6880 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 20:38:25.0826 6880 BrSerWdm - ok 20:38:25.0826 6880 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 20:38:25.0841 6880 BrUsbMdm - ok 20:38:25.0841 6880 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 20:38:25.0857 6880 BrUsbSer - ok 20:38:25.0888 6880 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 20:38:25.0919 6880 BTHMODEM - ok 20:38:25.0950 6880 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 20:38:25.0997 6880 bthserv - ok 20:38:26.0028 6880 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 20:38:26.0091 6880 cdfs - ok 20:38:26.0122 6880 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 20:38:26.0138 6880 cdrom - ok 20:38:26.0169 6880 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 20:38:26.0247 6880 CertPropSvc - ok 20:38:26.0325 6880 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys 20:38:26.0340 6880 cfwids - ok 20:38:26.0372 6880 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 20:38:26.0418 6880 circlass - ok 20:38:26.0465 6880 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 20:38:26.0496 6880 CLFS - ok 20:38:26.0543 6880 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:38:26.0574 6880 clr_optimization_v2.0.50727_32 - ok 20:38:26.0606 6880 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 20:38:26.0621 6880 clr_optimization_v2.0.50727_64 - ok 20:38:26.0699 6880 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:38:26.0730 6880 clr_optimization_v4.0.30319_32 - ok 20:38:26.0762 6880 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 20:38:26.0793 6880 clr_optimization_v4.0.30319_64 - ok 20:38:26.0824 6880 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 20:38:26.0855 6880 CmBatt - ok 20:38:26.0886 6880 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 20:38:26.0902 6880 cmdide - ok 20:38:26.0964 6880 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys 20:38:26.0996 6880 CNG - ok 20:38:27.0027 6880 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 20:38:27.0042 6880 Compbatt - ok 20:38:27.0058 6880 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 20:38:27.0105 6880 CompositeBus - ok 20:38:27.0120 6880 COMSysApp - ok 20:38:27.0120 6880 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 20:38:27.0136 6880 crcdisk - ok 20:38:27.0198 6880 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe 20:38:27.0276 6880 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning 20:38:27.0276 6880 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1) 20:38:27.0323 6880 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe 20:38:27.0417 6880 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning 20:38:27.0417 6880 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1) 20:38:27.0464 6880 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll 20:38:27.0557 6880 CryptSvc - ok 20:38:27.0604 6880 CTAudSvcService (07ba6d17e66879018b30b6c3f976ebed) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe 20:38:27.0760 6880 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning 20:38:27.0760 6880 CTAudSvcService - detected UnsignedFile.Multi.Generic (1) 20:38:27.0807 6880 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys 20:38:27.0854 6880 CtClsFlt - ok 20:38:27.0916 6880 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 20:38:27.0994 6880 DcomLaunch - ok 20:38:28.0056 6880 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 20:38:28.0134 6880 defragsvc - ok 20:38:28.0181 6880 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 20:38:28.0244 6880 DfsC - ok 20:38:28.0290 6880 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll 20:38:28.0353 6880 Dhcp - ok 20:38:28.0368 6880 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 20:38:28.0446 6880 discache - ok 20:38:28.0493 6880 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 20:38:28.0509 6880 Disk - ok 20:38:28.0556 6880 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll 20:38:28.0618 6880 Dnscache - ok 20:38:28.0680 6880 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe 20:38:28.0727 6880 DockLoginService ( UnsignedFile.Multi.Generic ) - warning 20:38:28.0727 6880 DockLoginService - detected UnsignedFile.Multi.Generic (1) 20:38:28.0774 6880 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll 20:38:28.0836 6880 dot3svc - ok 20:38:28.0868 6880 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll 20:38:28.0930 6880 DPS - ok 20:38:28.0961 6880 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 20:38:28.0992 6880 drmkaud - ok 20:38:29.0055 6880 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys 20:38:29.0102 6880 DXGKrnl - ok 20:38:29.0117 6880 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 20:38:29.0195 6880 EapHost - ok 20:38:29.0382 6880 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 20:38:29.0460 6880 ebdrv - ok 20:38:29.0570 6880 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe 20:38:29.0616 6880 EFS - ok 20:38:29.0710 6880 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe 20:38:29.0850 6880 ehRecvr - ok 20:38:29.0866 6880 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 20:38:29.0897 6880 ehSched - ok 20:38:29.0975 6880 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 20:38:30.0022 6880 elxstor - ok 20:38:30.0022 6880 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 20:38:30.0069 6880 ErrDev - ok 20:38:30.0116 6880 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 20:38:30.0209 6880 EventSystem - ok 20:38:30.0225 6880 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 20:38:30.0287 6880 exfat - ok 20:38:30.0318 6880 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 20:38:30.0396 6880 fastfat - ok 20:38:30.0459 6880 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe 20:38:30.0552 6880 Fax - ok 20:38:30.0584 6880 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 20:38:30.0615 6880 fdc - ok 20:38:30.0630 6880 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 20:38:30.0708 6880 fdPHost - ok 20:38:30.0724 6880 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 20:38:30.0771 6880 FDResPub - ok 20:38:30.0786 6880 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 20:38:30.0802 6880 FileInfo - ok 20:38:30.0802 6880 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 20:38:30.0864 6880 Filetrace - ok 20:38:30.0880 6880 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 20:38:30.0896 6880 flpydisk - ok 20:38:30.0927 6880 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 20:38:30.0942 6880 FltMgr - ok 20:38:31.0020 6880 FontCache (8ac4cb4ea61e41009fae9ae7b2b5da3a) C:\Windows\system32\FntCache.dll 20:38:31.0114 6880 FontCache - ok 20:38:31.0176 6880 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:38:31.0192 6880 FontCache3.0.0.0 - ok 20:38:31.0239 6880 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 20:38:31.0270 6880 FsDepends - ok 20:38:31.0286 6880 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys 20:38:31.0348 6880 Fs_Rec - ok 20:38:31.0395 6880 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 20:38:31.0442 6880 fvevol - ok 20:38:31.0488 6880 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 20:38:31.0520 6880 gagp30kx - ok 20:38:31.0566 6880 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe 20:38:31.0598 6880 GameConsoleService - ok 20:38:31.0629 6880 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe 20:38:31.0660 6880 GoToAssist - ok 20:38:31.0722 6880 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll 20:38:31.0785 6880 gpsvc - ok 20:38:31.0800 6880 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 20:38:31.0847 6880 hcw85cir - ok 20:38:31.0878 6880 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 20:38:31.0925 6880 HDAudBus - ok 20:38:31.0972 6880 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 20:38:31.0988 6880 HECIx64 - ok 20:38:32.0019 6880 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 20:38:32.0066 6880 HidBatt - ok 20:38:32.0081 6880 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 20:38:32.0128 6880 HidBth - ok 20:38:32.0144 6880 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 20:38:32.0190 6880 HidIr - ok 20:38:32.0206 6880 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 20:38:32.0284 6880 hidserv - ok 20:38:32.0300 6880 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 20:38:32.0315 6880 HidUsb - ok 20:38:32.0346 6880 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll 20:38:32.0409 6880 hkmsvc - ok 20:38:32.0440 6880 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll 20:38:32.0502 6880 HomeGroupListener - ok 20:38:32.0534 6880 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll 20:38:32.0565 6880 HomeGroupProvider - ok 20:38:32.0612 6880 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 20:38:32.0643 6880 HpSAMD - ok 20:38:32.0705 6880 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 20:38:32.0783 6880 HTTP - ok 20:38:32.0783 6880 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 20:38:32.0799 6880 hwpolicy - ok 20:38:32.0830 6880 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 20:38:32.0846 6880 i8042prt - ok 20:38:32.0908 6880 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\DRIVERS\iaStorV.sys 20:38:32.0939 6880 iaStorV - ok 20:38:33.0048 6880 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:38:33.0095 6880 idsvc - ok 20:38:33.0672 6880 igfx (09ce164afa8483e41808784d7fca154e) C:\Windows\system32\DRIVERS\igdkmd64.sys 20:38:33.0891 6880 igfx - ok 20:38:33.0984 6880 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 20:38:34.0016 6880 iirsp - ok 20:38:34.0094 6880 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll 20:38:34.0187 6880 IKEEXT - ok 20:38:34.0218 6880 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys 20:38:34.0281 6880 Impcd - ok 20:38:34.0312 6880 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys 20:38:34.0359 6880 IntcDAud - ok 20:38:34.0374 6880 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 20:38:34.0390 6880 intelide - ok 20:38:34.0421 6880 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 20:38:34.0452 6880 intelppm - ok 20:38:34.0484 6880 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 20:38:34.0562 6880 IPBusEnum - ok 20:38:34.0577 6880 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:38:34.0655 6880 IpFilterDriver - ok 20:38:34.0702 6880 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll 20:38:34.0764 6880 iphlpsvc - ok 20:38:34.0796 6880 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 20:38:34.0811 6880 IPMIDRV - ok 20:38:34.0827 6880 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 20:38:34.0889 6880 IPNAT - ok 20:38:34.0905 6880 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 20:38:34.0920 6880 IRENUM - ok 20:38:34.0936 6880 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 20:38:34.0952 6880 isapnp - ok 20:38:34.0967 6880 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 20:38:34.0998 6880 iScsiPrt - ok 20:38:35.0030 6880 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 20:38:35.0061 6880 kbdclass - ok 20:38:35.0092 6880 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 20:38:35.0123 6880 kbdhid - ok 20:38:35.0154 6880 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 20:38:35.0186 6880 KeyIso - ok 20:38:35.0217 6880 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys 20:38:35.0232 6880 KSecDD - ok 20:38:35.0264 6880 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys 20:38:35.0279 6880 KSecPkg - ok 20:38:35.0295 6880 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 20:38:35.0342 6880 ksthunk - ok 20:38:35.0388 6880 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 20:38:35.0451 6880 KtmRm - ok 20:38:35.0498 6880 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll 20:38:35.0560 6880 LanmanServer - ok 20:38:35.0763 6880 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll 20:38:35.0810 6880 LanmanWorkstation - ok 20:38:35.0841 6880 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 20:38:35.0888 6880 lltdio - ok 20:38:35.0934 6880 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 20:38:36.0012 6880 lltdsvc - ok 20:38:36.0028 6880 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 20:38:36.0075 6880 lmhosts - ok 20:38:36.0122 6880 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 20:38:36.0153 6880 LSI_FC - ok 20:38:36.0168 6880 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 20:38:36.0184 6880 LSI_SAS - ok 20:38:36.0184 6880 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:38:36.0200 6880 LSI_SAS2 - ok 20:38:36.0215 6880 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:38:36.0231 6880 LSI_SCSI - ok 20:38:36.0262 6880 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 20:38:36.0309 6880 luafv - ok 20:38:36.0356 6880 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys 20:38:36.0371 6880 MBAMProtector - ok 20:38:36.0480 6880 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 20:38:36.0512 6880 MBAMService - ok 20:38:36.0621 6880 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 20:38:36.0652 6880 McAfee SiteAdvisor Service - ok 20:38:36.0652 6880 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 20:38:36.0668 6880 McMPFSvc - ok 20:38:36.0699 6880 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 20:38:36.0714 6880 mcmscsvc - ok 20:38:36.0714 6880 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 20:38:36.0730 6880 McNaiAnn - ok 20:38:36.0746 6880 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 20:38:36.0761 6880 McNASvc - ok 20:38:36.0824 6880 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe 20:38:36.0855 6880 McODS - ok 20:38:36.0870 6880 McOobeSv (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 20:38:36.0886 6880 McOobeSv - ok 20:38:36.0902 6880 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 20:38:36.0902 6880 McProxy - ok 20:38:36.0948 6880 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe 20:38:37.0011 6880 McShield - ok 20:38:37.0104 6880 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll 20:38:37.0151 6880 Mcx2Svc - ok 20:38:37.0182 6880 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 20:38:37.0214 6880 megasas - ok 20:38:37.0245 6880 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 20:38:37.0276 6880 MegaSR - ok 20:38:37.0307 6880 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys 20:38:37.0323 6880 mfeapfk - ok 20:38:37.0401 6880 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys 20:38:37.0432 6880 mfeavfk - ok 20:38:37.0432 6880 mfeavfk01 - ok 20:38:37.0479 6880 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe 20:38:37.0557 6880 mfefire - ok 20:38:37.0588 6880 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys 20:38:37.0619 6880 mfefirek - ok 20:38:37.0682 6880 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys 20:38:37.0713 6880 mfehidk - ok 20:38:37.0728 6880 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys 20:38:37.0744 6880 mfenlfk - ok 20:38:37.0760 6880 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys 20:38:37.0775 6880 mferkdet - ok 20:38:37.0791 6880 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe 20:38:37.0806 6880 mfevtp - ok 20:38:37.0838 6880 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys 20:38:37.0853 6880 mfewfpk - ok 20:38:37.0869 6880 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 20:38:37.0962 6880 MMCSS - ok 20:38:37.0994 6880 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 20:38:38.0056 6880 Modem - ok 20:38:38.0087 6880 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 20:38:38.0118 6880 monitor - ok 20:38:38.0150 6880 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 20:38:38.0165 6880 mouclass - ok 20:38:38.0196 6880 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 20:38:38.0212 6880 mouhid - ok 20:38:38.0228 6880 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 20:38:38.0243 6880 mountmgr - ok 20:38:38.0337 6880 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe 20:38:38.0352 6880 MozillaMaintenance - ok 20:38:38.0384 6880 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 20:38:38.0399 6880 mpio - ok 20:38:38.0415 6880 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 20:38:38.0462 6880 mpsdrv - ok 20:38:38.0524 6880 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll 20:38:38.0586 6880 MpsSvc - ok 20:38:38.0618 6880 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 20:38:38.0649 6880 MRxDAV - ok 20:38:38.0680 6880 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:38:38.0727 6880 mrxsmb - ok 20:38:38.0758 6880 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:38:38.0789 6880 mrxsmb10 - ok 20:38:38.0820 6880 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:38:38.0852 6880 mrxsmb20 - ok 20:38:38.0867 6880 msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys 20:38:38.0898 6880 msahci - ok 20:38:38.0914 6880 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 20:38:38.0930 6880 msdsm - ok 20:38:38.0961 6880 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 20:38:38.0976 6880 MSDTC - ok 20:38:38.0992 6880 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 20:38:39.0039 6880 Msfs - ok 20:38:39.0054 6880 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 20:38:39.0101 6880 mshidkmdf - ok 20:38:39.0117 6880 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 20:38:39.0132 6880 msisadrv - ok 20:38:39.0179 6880 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 20:38:39.0257 6880 MSiSCSI - ok 20:38:39.0257 6880 msiserver - ok 20:38:39.0382 6880 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 20:38:39.0413 6880 MSK80Service - ok 20:38:39.0429 6880 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 20:38:39.0507 6880 MSKSSRV - ok 20:38:39.0507 6880 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 20:38:39.0554 6880 MSPCLOCK - ok 20:38:39.0554 6880 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 20:38:39.0600 6880 MSPQM - ok 20:38:39.0632 6880 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 20:38:39.0663 6880 MsRPC - ok 20:38:39.0678 6880 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 20:38:39.0694 6880 mssmbios - ok 20:38:39.0694 6880 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 20:38:39.0756 6880 MSTEE - ok 20:38:39.0772 6880 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 20:38:39.0803 6880 MTConfig - ok 20:38:39.0819 6880 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 20:38:39.0850 6880 Mup - ok 20:38:39.0897 6880 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll 20:38:39.0959 6880 napagent - ok 20:38:39.0990 6880 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 20:38:40.0053 6880 NativeWifiP - ok 20:38:40.0131 6880 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 20:38:40.0162 6880 NDIS - ok 20:38:40.0209 6880 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 20:38:40.0271 6880 NdisCap - ok 20:38:40.0302 6880 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 20:38:40.0334 6880 NdisTapi - ok 20:38:40.0349 6880 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 20:38:40.0396 6880 Ndisuio - ok 20:38:40.0427 6880 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 20:38:40.0474 6880 NdisWan - ok 20:38:40.0490 6880 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 20:38:40.0521 6880 NDProxy - ok 20:38:40.0536 6880 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 20:38:40.0583 6880 NetBIOS - ok 20:38:40.0630 6880 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 20:38:40.0692 6880 NetBT - ok 20:38:40.0724 6880 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 20:38:40.0755 6880 Netlogon - ok 20:38:40.0833 6880 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 20:38:40.0895 6880 Netman - ok 20:38:40.0926 6880 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 20:38:41.0004 6880 netprofm - ok 20:38:41.0067 6880 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 20:38:41.0098 6880 NetTcpPortSharing - ok 20:38:41.0145 6880 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 20:38:41.0176 6880 nfrd960 - ok 20:38:41.0207 6880 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll 20:38:41.0254 6880 NlaSvc - ok 20:38:41.0270 6880 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 20:38:41.0348 6880 Npfs - ok 20:38:41.0363 6880 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 20:38:41.0394 6880 nsi - ok 20:38:41.0410 6880 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 20:38:41.0457 6880 nsiproxy - ok 20:38:41.0582 6880 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 20:38:41.0628 6880 Ntfs - ok 20:38:41.0706 6880 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 20:38:41.0784 6880 Null - ok 20:38:41.0831 6880 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\DRIVERS\nvraid.sys 20:38:41.0862 6880 nvraid - ok 20:38:41.0894 6880 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\DRIVERS\nvstor.sys 20:38:41.0909 6880 nvstor - ok 20:38:41.0956 6880 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 20:38:41.0972 6880 nv_agp - ok 20:38:42.0018 6880 O2FLASH (d955d5de998db2476bf0892be3a96c26) C:\Windows\system32\DRIVERS\o2flash.exe 20:38:42.0065 6880 O2FLASH - ok 20:38:42.0081 6880 O2MDGRDR (8c2953537ca19dfaa67d612407e0f33e) C:\Windows\system32\DRIVERS\o2mdgx64.sys 20:38:42.0096 6880 O2MDGRDR - ok 20:38:42.0112 6880 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 20:38:42.0159 6880 ohci1394 - ok 20:38:42.0206 6880 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 20:38:42.0268 6880 p2pimsvc - ok 20:38:42.0315 6880 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 20:38:42.0362 6880 p2psvc - ok 20:38:42.0377 6880 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 20:38:42.0393 6880 Parport - ok 20:38:42.0424 6880 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys 20:38:42.0440 6880 partmgr - ok 20:38:42.0471 6880 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 20:38:42.0518 6880 PcaSvc - ok 20:38:42.0564 6880 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 20:38:42.0596 6880 pci - ok 20:38:42.0596 6880 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 20:38:42.0611 6880 pciide - ok 20:38:42.0642 6880 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 20:38:42.0658 6880 pcmcia - ok 20:38:42.0674 6880 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 20:38:42.0689 6880 pcw - ok 20:38:42.0736 6880 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 20:38:42.0814 6880 PEAUTH - ok 20:38:42.0892 6880 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 20:38:42.0923 6880 PerfHost - ok 20:38:43.0048 6880 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll 20:38:43.0126 6880 pla - ok 20:38:43.0188 6880 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll 20:38:43.0235 6880 PlugPlay - ok 20:38:43.0235 6880 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 20:38:43.0266 6880 PNRPAutoReg - ok 20:38:43.0313 6880 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 20:38:43.0344 6880 PNRPsvc - ok 20:38:43.0391 6880 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll 20:38:43.0485 6880 PolicyAgent - ok 20:38:43.0516 6880 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 20:38:43.0547 6880 Power - ok 20:38:43.0610 6880 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 20:38:43.0656 6880 PptpMiniport - ok 20:38:43.0672 6880 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 20:38:43.0703 6880 Processor - ok 20:38:43.0734 6880 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll 20:38:43.0797 6880 ProfSvc - ok 20:38:43.0828 6880 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 20:38:43.0844 6880 ProtectedStorage - ok 20:38:43.0875 6880 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 20:38:43.0937 6880 Psched - ok 20:38:43.0953 6880 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 20:38:43.0984 6880 PxHlpa64 - ok 20:38:44.0078 6880 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 20:38:44.0156 6880 ql2300 - ok 20:38:44.0280 6880 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 20:38:44.0296 6880 ql40xx - ok 20:38:44.0343 6880 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 20:38:44.0374 6880 QWAVE - ok 20:38:44.0374 6880 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 20:38:44.0421 6880 QWAVEdrv - ok 20:38:44.0421 6880 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 20:38:44.0468 6880 RasAcd - ok 20:38:44.0499 6880 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 20:38:44.0561 6880 RasAgileVpn - ok 20:38:44.0577 6880 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 20:38:44.0624 6880 RasAuto - ok 20:38:44.0655 6880 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:38:44.0686 6880 Rasl2tp - ok 20:38:44.0733 6880 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll 20:38:44.0826 6880 RasMan - ok 20:38:44.0842 6880 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 20:38:44.0920 6880 RasPppoe - ok 20:38:44.0936 6880 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 20:38:45.0014 6880 RasSstp - ok 20:38:45.0045 6880 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 20:38:45.0092 6880 rdbss - ok 20:38:45.0107 6880 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 20:38:45.0138 6880 rdpbus - ok 20:38:45.0154 6880 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:38:45.0185 6880 RDPCDD - ok 20:38:45.0216 6880 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 20:38:45.0248 6880 RDPENCDD - ok 20:38:45.0263 6880 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 20:38:45.0310 6880 RDPREFMP - ok 20:38:45.0357 6880 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys 20:38:45.0419 6880 RDPWD - ok 20:38:45.0450 6880 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 20:38:45.0466 6880 rdyboost - ok 20:38:45.0497 6880 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 20:38:45.0591 6880 RemoteAccess - ok 20:38:45.0638 6880 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 20:38:45.0684 6880 RemoteRegistry - ok 20:38:45.0716 6880 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 20:38:45.0762 6880 RpcEptMapper - ok 20:38:45.0794 6880 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 20:38:45.0840 6880 RpcLocator - ok 20:38:45.0887 6880 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 20:38:45.0934 6880 RpcSs - ok 20:38:45.0950 6880 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 20:38:46.0028 6880 rspndr - ok 20:38:46.0074 6880 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\Windows\system32\DRIVERS\Rt64win7.sys 20:38:46.0121 6880 RTL8167 - ok 20:38:46.0152 6880 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 20:38:46.0168 6880 SamSs - ok 20:38:46.0199 6880 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 20:38:46.0230 6880 sbp2port - ok 20:38:46.0262 6880 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 20:38:46.0340 6880 SCardSvr - ok 20:38:46.0371 6880 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 20:38:46.0418 6880 scfilter - ok 20:38:46.0511 6880 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll 20:38:46.0636 6880 Schedule - ok 20:38:46.0667 6880 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 20:38:46.0698 6880 SCPolicySvc - ok 20:38:46.0745 6880 sdbus (84e00908975faf79e91282ed8fb88c2f) C:\Windows\system32\DRIVERS\sdbus.sys 20:38:46.0776 6880 sdbus - ok 20:38:46.0792 6880 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll 20:38:46.0839 6880 SDRSVC - ok 20:38:46.0917 6880 SeaPort (d358e077a0a05d9b12da22d137ee8464) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 20:38:46.0932 6880 SeaPort - ok 20:38:46.0948 6880 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 20:38:47.0010 6880 secdrv - ok 20:38:47.0042 6880 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll 20:38:47.0120 6880 seclogon - ok 20:38:47.0151 6880 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 20:38:47.0198 6880 SENS - ok 20:38:47.0213 6880 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 20:38:47.0244 6880 SensrSvc - ok 20:38:47.0276 6880 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 20:38:47.0276 6880 Serenum - ok 20:38:47.0322 6880 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 20:38:47.0338 6880 Serial - ok 20:38:47.0338 6880 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 20:38:47.0369 6880 sermouse - ok 20:38:47.0400 6880 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll 20:38:47.0447 6880 SessionEnv - ok 20:38:47.0447 6880 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 20:38:47.0478 6880 sffdisk - ok 20:38:47.0494 6880 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 20:38:47.0541 6880 sffp_mmc - ok 20:38:47.0541 6880 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys 20:38:47.0556 6880 sffp_sd - ok 20:38:47.0556 6880 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 20:38:47.0572 6880 sfloppy - ok 20:38:47.0650 6880 SftService (38f88f0df46c4d42125ef721abd7f6b9) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE 20:38:47.0666 6880 SftService - ok 20:38:47.0697 6880 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 20:38:47.0775 6880 SharedAccess - ok 20:38:47.0806 6880 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll 20:38:47.0868 6880 ShellHWDetection - ok 20:38:47.0915 6880 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:38:47.0931 6880 SiSRaid2 - ok 20:38:47.0946 6880 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 20:38:47.0962 6880 SiSRaid4 - ok 20:38:47.0993 6880 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 20:38:48.0071 6880 Smb - ok 20:38:48.0102 6880 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 20:38:48.0134 6880 SNMPTRAP - ok 20:38:48.0212 6880 Sound Blaster X-Fi MB Licensing Service (9b24dca429f819db314f30ee4c6c80fd) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe 20:38:48.0274 6880 Sound Blaster X-Fi MB Licensing Service ( UnsignedFile.Multi.Generic ) - warning 20:38:48.0274 6880 Sound Blaster X-Fi MB Licensing Service - detected UnsignedFile.Multi.Generic (1) 20:38:48.0274 6880 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 20:38:48.0290 6880 spldr - ok 20:38:48.0336 6880 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe 20:38:48.0477 6880 Spooler - ok 20:38:48.0648 6880 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe 20:38:48.0695 6880 sppsvc - ok 20:38:48.0789 6880 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 20:38:48.0851 6880 sppuinotify - ok 20:38:48.0914 6880 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe 20:38:48.0929 6880 sprtsvc_DellSupportCenter - ok 20:38:48.0992 6880 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 20:38:49.0070 6880 srv - ok 20:38:49.0101 6880 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 20:38:49.0132 6880 srv2 - ok 20:38:49.0163 6880 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 20:38:49.0194 6880 srvnet - ok 20:38:49.0226 6880 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 20:38:49.0319 6880 SSDPSRV - ok 20:38:49.0335 6880 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 20:38:49.0382 6880 SstpSvc - ok 20:38:49.0475 6880 STacSV (da7702025dfd169b909c4da3126762cc) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe 20:38:49.0553 6880 STacSV - ok 20:38:49.0584 6880 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 20:38:49.0600 6880 stexstor - ok 20:38:49.0647 6880 STHDA (caf5a9708671b14b9670260735b22c4e) C:\Windows\system32\DRIVERS\stwrt64.sys 20:38:49.0678 6880 STHDA - ok 20:38:49.0740 6880 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll 20:38:49.0787 6880 stisvc - ok 20:38:49.0803 6880 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 20:38:49.0818 6880 swenum - ok 20:38:49.0865 6880 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 20:38:49.0928 6880 swprv - ok 20:38:49.0959 6880 SynTP (39d4b4343ba70e4b32c4531bd075b9f6) C:\Windows\system32\DRIVERS\SynTP.sys 20:38:49.0990 6880 SynTP - ok 20:38:50.0099 6880 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll 20:38:50.0162 6880 SysMain - ok 20:38:50.0240 6880 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll 20:38:50.0286 6880 TabletInputService - ok 20:38:50.0318 6880 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll 20:38:50.0396 6880 TapiSrv - ok 20:38:50.0411 6880 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 20:38:50.0474 6880 TBS - ok 20:38:50.0614 6880 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys 20:38:50.0676 6880 Tcpip - ok 20:38:50.0864 6880 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys 20:38:50.0910 6880 TCPIP6 - ok 20:38:51.0004 6880 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 20:38:51.0066 6880 tcpipreg - ok 20:38:51.0082 6880 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 20:38:51.0129 6880 TDPIPE - ok 20:38:51.0160 6880 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys 20:38:51.0222 6880 TDTCP - ok 20:38:51.0238 6880 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 20:38:51.0316 6880 tdx - ok 20:38:51.0332 6880 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 20:38:51.0347 6880 TermDD - ok 20:38:51.0410 6880 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll 20:38:51.0472 6880 TermService - ok 20:38:51.0488 6880 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 20:38:51.0503 6880 Themes - ok 20:38:51.0534 6880 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 20:38:51.0581 6880 THREADORDER - ok 20:38:51.0597 6880 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 20:38:51.0644 6880 TrkWks - ok 20:38:51.0690 6880 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe 20:38:51.0722 6880 TrustedInstaller - ok 20:38:51.0737 6880 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:38:51.0768 6880 tssecsrv - ok 20:38:51.0800 6880 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 20:38:51.0878 6880 tunnel - ok 20:38:51.0893 6880 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys 20:38:51.0909 6880 TurboB - ok 20:38:51.0924 6880 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 20:38:51.0940 6880 uagp35 - ok 20:38:51.0971 6880 udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys 20:38:52.0002 6880 udfs - ok 20:38:52.0034 6880 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 20:38:52.0065 6880 UI0Detect - ok 20:38:52.0080 6880 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 20:38:52.0096 6880 uliagpkx - ok 20:38:52.0127 6880 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 20:38:52.0158 6880 umbus - ok 20:38:52.0174 6880 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 20:38:52.0190 6880 UmPass - ok 20:38:52.0252 6880 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 20:38:52.0330 6880 upnphost - ok 20:38:52.0377 6880 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys 20:38:52.0408 6880 usbccgp - ok 20:38:52.0455 6880 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 20:38:52.0486 6880 usbcir - ok 20:38:52.0517 6880 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\DRIVERS\usbehci.sys 20:38:52.0548 6880 usbehci - ok 20:38:52.0580 6880 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys 20:38:52.0611 6880 usbhub - ok 20:38:52.0626 6880 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\DRIVERS\usbohci.sys 20:38:52.0658 6880 usbohci - ok 20:38:52.0673 6880 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 20:38:52.0720 6880 usbprint - ok 20:38:52.0751 6880 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:38:52.0814 6880 USBSTOR - ok 20:38:52.0829 6880 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\DRIVERS\usbuhci.sys 20:38:52.0845 6880 usbuhci - ok 20:38:52.0892 6880 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys 20:38:52.0938 6880 usbvideo - ok 20:38:52.0970 6880 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 20:38:53.0016 6880 UxSms - ok 20:38:53.0048 6880 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 20:38:53.0063 6880 VaultSvc - ok 20:38:53.0079 6880 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 20:38:53.0110 6880 vdrvroot - ok 20:38:53.0157 6880 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe 20:38:53.0172 6880 vds - ok 20:38:53.0188 6880 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 20:38:53.0204 6880 vga - ok 20:38:53.0219 6880 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 20:38:53.0282 6880 VgaSave - ok 20:38:53.0313 6880 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 20:38:53.0328 6880 vhdmp - ok 20:38:53.0344 6880 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 20:38:53.0360 6880 viaide - ok 20:38:53.0375 6880 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 20:38:53.0391 6880 volmgr - ok 20:38:53.0422 6880 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 20:38:53.0438 6880 volmgrx - ok 20:38:53.0500 6880 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 20:38:53.0516 6880 volsnap - ok 20:38:53.0547 6880 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 20:38:53.0562 6880 vsmraid - ok 20:38:53.0672 6880 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe 20:38:53.0734 6880 VSS - ok 20:38:53.0828 6880 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 20:38:53.0859 6880 vwifibus - ok 20:38:53.0874 6880 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 20:38:53.0890 6880 vwififlt - ok 20:38:53.0921 6880 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 20:38:53.0952 6880 vwifimp - ok 20:38:53.0984 6880 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 20:38:54.0046 6880 W32Time - ok 20:38:54.0077 6880 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 20:38:54.0093 6880 WacomPen - ok 20:38:54.0124 6880 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 20:38:54.0155 6880 WANARP - ok 20:38:54.0155 6880 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 20:38:54.0202 6880 Wanarpv6 - ok 20:38:54.0311 6880 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 20:38:54.0405 6880 WatAdminSvc - ok 20:38:54.0514 6880 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe 20:38:54.0608 6880 wbengine - ok 20:38:54.0701 6880 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 20:38:54.0748 6880 WbioSrvc - ok 20:38:54.0779 6880 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll 20:38:54.0857 6880 wcncsvc - ok 20:38:54.0873 6880 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 20:38:54.0920 6880 WcsPlugInService - ok 20:38:54.0951 6880 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 20:38:54.0982 6880 Wd - ok 20:38:55.0029 6880 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 20:38:55.0076 6880 Wdf01000 - ok 20:38:55.0091 6880 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 20:38:55.0122 6880 WdiServiceHost - ok 20:38:55.0122 6880 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 20:38:55.0154 6880 WdiSystemHost - ok 20:38:55.0185 6880 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll 20:38:55.0263 6880 WebClient - ok 20:38:55.0310 6880 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 20:38:55.0403 6880 Wecsvc - ok 20:38:55.0419 6880 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 20:38:55.0450 6880 wercplsupport - ok 20:38:55.0481 6880 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 20:38:55.0512 6880 WerSvc - ok 20:38:55.0575 6880 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 20:38:55.0653 6880 WfpLwf - ok 20:38:55.0684 6880 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys 20:38:55.0700 6880 WimFltr - ok 20:38:55.0715 6880 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 20:38:55.0731 6880 WIMMount - ok 20:38:55.0778 6880 WinDefend - ok 20:38:55.0778 6880 WinHttpAutoProxySvc - ok 20:38:55.0840 6880 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 20:38:55.0902 6880 Winmgmt - ok 20:38:56.0027 6880 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll 20:38:56.0121 6880 WinRM - ok 20:38:56.0246 6880 WinUsb (4d52c872018af7e18d078978dcc3f6f2) C:\Windows\system32\DRIVERS\WinUsb.sys 20:38:56.0277 6880 WinUsb - ok 20:38:56.0339 6880 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 20:38:56.0386 6880 Wlansvc - ok 20:38:56.0433 6880 wltrysvc (a96d6c0613dcf84f2d07faeb75663072) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE 20:38:56.0433 6880 wltrysvc ( UnsignedFile.Multi.Generic ) - warning 20:38:56.0433 6880 wltrysvc - detected UnsignedFile.Multi.Generic (1) 20:38:56.0464 6880 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 20:38:56.0480 6880 WmiAcpi - ok 20:38:56.0526 6880 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 20:38:56.0573 6880 wmiApSrv - ok 20:38:56.0604 6880 WMPNetworkSvc - ok 20:38:56.0636 6880 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 20:38:56.0667 6880 WPCSvc - ok 20:38:56.0698 6880 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll 20:38:56.0729 6880 WPDBusEnum - ok 20:38:56.0745 6880 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 20:38:56.0776 6880 ws2ifsl - ok 20:38:56.0807 6880 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll 20:38:56.0932 6880 wscsvc - ok 20:38:56.0932 6880 WSearch - ok 20:38:57.0088 6880 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 20:38:57.0150 6880 wuauserv - ok 20:38:57.0244 6880 WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys 20:38:57.0291 6880 WudfPf - ok 20:38:57.0322 6880 WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys 20:38:57.0353 6880 WUDFRd - ok 20:38:57.0400 6880 wudfsvc (27b9bee5aac00139e3a3af5d6227a0dc) C:\Windows\System32\WUDFSvc.dll 20:38:57.0462 6880 wudfsvc - ok 20:38:57.0478 6880 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 20:38:57.0525 6880 WwanSvc - ok 20:38:57.0572 6880 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 20:38:57.0587 6880 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected 20:38:57.0587 6880 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0) 20:38:58.0164 6880 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 20:38:58.0164 6880 \Device\Harddisk0\DR0 - detected TDSS File System (1) 20:38:58.0211 6880 Boot (0x1200) (47a2b6601a482770db82e6c7c1fb0314) \Device\Harddisk0\DR0\Partition0 20:38:58.0211 6880 \Device\Harddisk0\DR0\Partition0 - ok 20:38:58.0211 6880 Boot (0x1200) (55d86f776e8bcfec33b424e6fe457015) \Device\Harddisk0\DR0\Partition1 20:38:58.0211 6880 \Device\Harddisk0\DR0\Partition1 - ok 20:38:58.0227 6880 ============================================================ 20:38:58.0227 6880 Scan finished 20:38:58.0227 6880 ============================================================ 20:38:58.0242 6076 Detected object count: 8 20:38:58.0242 6076 Actual detected object count: 8 20:44:48.0474 6076 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 20:44:48.0474 6076 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:44:48.0474 6076 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 20:44:48.0474 6076 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:44:48.0484 6076 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user 20:44:48.0484 6076 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:44:48.0484 6076 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user 20:44:48.0484 6076 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:44:48.0484 6076 Sound Blaster X-Fi MB Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 20:44:48.0484 6076 Sound Blaster X-Fi MB Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:44:48.0484 6076 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:44:48.0484 6076 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:44:49.0364 6076 \Device\Harddisk0\DR0\# - copied to quarantine 20:44:49.0364 6076 \Device\Harddisk0\DR0 - copied to quarantine 20:44:49.0434 6076 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine 20:44:49.0564 6076 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine 20:44:49.0624 6076 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine 20:44:55.0474 6076 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine 20:44:55.0534 6076 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 20:45:00.0764 6076 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 20:45:00.0854 6076 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine 20:45:00.0944 6076 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine 20:45:00.0964 6076 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine 20:45:00.0984 6076 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 20:45:01.0114 6076 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 20:45:01.0174 6076 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine 20:45:01.0204 6076 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine 20:45:01.0204 6076 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine 20:45:01.0224 6076 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine 20:45:01.0344 6076 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot 20:45:01.0404 6076 \Device\Harddisk0\DR0 - ok 20:45:01.0744 6076 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure 20:45:01.0744 6076 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 20:45:01.0754 6076 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 20:45:19.0454 6692 Deinitialize success 2012/07/17 00:02:15 -0400 JARED-PC Jared IP-BLOCK 206.161.121.122 (Type: outgoing, Port: 60984, Process: svchost.exe) 2012/07/17 00:02:15 -0400 JARED-PC Jared IP-BLOCK 206.161.121.123 (Type: outgoing, Port: 60985, Process: svchost.exe) 2012/07/17 00:02:15 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 60986, Process: svchost.exe) 2012/07/17 00:02:15 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 60987, Process: svchost.exe) 2012/07/17 00:02:31 -0400 JARED-PC Jared IP-BLOCK 78.41.203.125 (Type: outgoing, Port: 60998, Process: svchost.exe) 2012/07/17 00:02:31 -0400 JARED-PC Jared IP-BLOCK 78.41.203.125 (Type: outgoing, Port: 61001, Process: svchost.exe) 2012/07/17 00:03:04 -0400 JARED-PC Jared IP-BLOCK 206.161.121.122 (Type: outgoing, Port: 61006, Process: svchost.exe) 2012/07/17 00:03:04 -0400 JARED-PC Jared IP-BLOCK 206.161.121.123 (Type: outgoing, Port: 61007, Process: svchost.exe) 2012/07/17 00:03:04 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 61008, Process: svchost.exe) 2012/07/17 00:03:04 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 61009, Process: svchost.exe) 2012/07/17 00:03:04 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 61011, Process: svchost.exe) 2012/07/17 00:03:04 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 61012, Process: svchost.exe) 2012/07/17 00:04:24 -0400 JARED-PC Jared IP-BLOCK 78.41.203.125 (Type: outgoing, Port: 61039, Process: svchost.exe) 2012/07/17 00:09:08 -0400 JARED-PC Jared IP-BLOCK 206.161.121.122 (Type: outgoing, Port: 61107, Process: svchost.exe) 2012/07/17 00:09:08 -0400 JARED-PC Jared IP-BLOCK 206.161.121.123 (Type: outgoing, Port: 61108, Process: svchost.exe) 2012/07/17 00:09:08 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 61109, Process: svchost.exe) 2012/07/17 00:09:08 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 61110, Process: svchost.exe) 2012/07/17 00:09:08 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 61112, Process: svchost.exe) 2012/07/17 00:09:08 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 61113, Process: svchost.exe) 2012/07/17 00:11:09 -0400 JARED-PC Jared IP-BLOCK 206.161.121.122 (Type: outgoing, Port: 61135, Process: svchost.exe) 2012/07/17 00:11:09 -0400 JARED-PC Jared IP-BLOCK 206.161.121.123 (Type: outgoing, Port: 61136, Process: svchost.exe) 2012/07/17 00:11:09 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 61137, Process: svchost.exe) 2012/07/17 00:11:09 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 61138, Process: svchost.exe) 2012/07/17 00:11:09 -0400 JARED-PC Jared IP-BLOCK 206.161.121.122 (Type: outgoing, Port: 61140, Process: svchost.exe) 2012/07/17 00:11:09 -0400 JARED-PC Jared IP-BLOCK 206.161.121.123 (Type: outgoing, Port: 61141, Process: svchost.exe) 2012/07/17 00:11:09 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 61142, Process: svchost.exe) 2012/07/17 00:11:09 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 61143, Process: svchost.exe) 2012/07/17 00:11:41 -0400 JARED-PC Jared IP-BLOCK 206.161.121.122 (Type: outgoing, Port: 61275, Process: svchost.exe) 2012/07/17 00:11:41 -0400 JARED-PC Jared IP-BLOCK 206.161.121.123 (Type: outgoing, Port: 61276, Process: svchost.exe) 2012/07/17 00:11:41 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 61277, Process: svchost.exe) 2012/07/17 00:11:41 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 61278, Process: svchost.exe) 2012/07/17 00:11:41 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 61280, Process: svchost.exe) 2012/07/17 00:11:41 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 61281, Process: svchost.exe) 2012/07/17 00:14:07 -0400 JARED-PC Jared IP-BLOCK 206.161.121.123 (Type: outgoing, Port: 61420, Process: svchost.exe) 2012/07/17 00:14:07 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 61421, Process: svchost.exe) 2012/07/17 00:14:07 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 61422, Process: svchost.exe) 2012/07/17 00:14:07 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 61424, Process: svchost.exe) 2012/07/17 00:14:07 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 61425, Process: svchost.exe) 2012/07/17 00:17:36 -0400 JARED-PC Jared MESSAGE Starting protection 2012/07/17 00:17:39 -0400 JARED-PC Jared MESSAGE Protection started successfully 2012/07/17 00:17:42 -0400 JARED-PC Jared MESSAGE Starting IP protection 2012/07/17 00:17:44 -0400 JARED-PC Jared MESSAGE IP Protection started successfully 2012/07/17 00:18:38 -0400 JARED-PC Jared IP-BLOCK 206.161.121.3 (Type: outgoing, Port: 49201, Process: svchost.exe) 2012/07/17 00:22:15 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 49225, Process: svchost.exe) 2012/07/17 00:22:15 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 49226, Process: svchost.exe) 2012/07/17 00:28:25 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 49451, Process: svchost.exe) 2012/07/17 00:28:25 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 49452, Process: svchost.exe) 2012/07/17 00:32:35 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 49642, Process: svchost.exe) 2012/07/17 00:32:35 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 49643, Process: svchost.exe) 2012/07/17 00:45:04 -0400 JARED-PC Jared IP-BLOCK 78.41.203.125 (Type: outgoing, Port: 49792, Process: svchost.exe) 2012/07/17 00:46:17 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 49806, Process: svchost.exe) 2012/07/17 00:46:17 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 49807, Process: svchost.exe) 2012/07/17 00:54:45 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 49968, Process: svchost.exe) 2012/07/17 05:52:47 -0400 JARED-PC Jared DETECTION C:\WINDOWS\svchost.exe Trojan.Agent QUARANTINE 2012/07/17 05:52:47 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 49969, Process: svchost.exe) 2012/07/17 05:52:47 -0400 JARED-PC Jared DETECTION C:\WINDOWS\svchost.exe Trojan.Agent DENY 2012/07/17 05:52:48 -0400 JARED-PC Jared ERROR Quarantine failed: DeleteFile failed with error code 5 2012/07/17 05:52:56 -0400 JARED-PC Jared IP-BLOCK 206.161.121.3 (Type: outgoing, Port: 49980, Process: svchost.exe) 2012/07/17 05:52:56 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 50005, Process: svchost.exe) 2012/07/17 05:52:56 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 50006, Process: svchost.exe) 2012/07/17 05:52:56 -0400 JARED-PC Jared IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 50015, Process: svchost.exe) 2012/07/17 05:52:56 -0400 JARED-PC Jared IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 50016, Process: svchost.exe) 2012/07/17 05:52:56 -0400 JARED-PC Jared IP-BLOCK 206.161.121.3 (Type: outgoing, Port: 50043, Process: svchost.exe) 2012/07/17 05:52:56 -0400 JARED-PC Jared IP-BLOCK 78.41.203.125 (Type: outgoing, Port: 50089, Process: svchost.exe) 2012/07/17 05:52:56 -0400 JARED-PC Jared IP-BLOCK 206.161.121.3 (Type: outgoing, Port: 50604, Process: svchost.exe) 2012/07/17 05:52:56 -0400 JARED-PC Jared IP-BLOCK 206.161.121.3 (Type: outgoing, Port: 50788, Process: svchost.exe) 2012/07/17 19:00:25 -0400 JARED-PC Jared MESSAGE Starting protection 2012/07/17 19:00:27 -0400 JARED-PC Jared MESSAGE Protection started successfully 2012/07/17 19:00:30 -0400 JARED-PC Jared MESSAGE Starting IP protection 2012/07/17 19:00:32 -0400 JARED-PC Jared MESSAGE IP Protection started successfully 2012/07/17 19:32:54 -0400 JARED-PC Jared IP-BLOCK 78.41.203.125 (Type: outgoing, Port: 53408, Process: svchost.exe) 2012/07/17 20:01:48 -0400 JARED-PC Jared IP-BLOCK 206.161.121.3 (Type: outgoing, Port: 55961, Process: svchost.exe) 2012/07/17 20:02:04 -0400 JARED-PC Jared IP-BLOCK 206.161.121.3 (Type: outgoing, Port: 56005, Process: svchost.exe) 2012/07/17 20:17:07 -0400 JARED-PC Jared IP-BLOCK 78.41.203.125 (Type: outgoing, Port: 56674, Process: svchost.exe) 2012/07/17 20:48:27 -0400 JARED-PC Jared MESSAGE Starting protection 2012/07/17 20:48:29 -0400 JARED-PC Jared MESSAGE Protection started successfully 2012/07/17 20:48:32 -0400 JARED-PC Jared MESSAGE Starting IP protection 2012/07/17 20:48:34 -0400 JARED-PC Jared MESSAGE IP Protection started successfully 2012/07/17 20:52:39 -0400 JARED-PC Jared DETECTION C:\WINDOWS\svchost.exe Trojan.Agent QUARANTINE 2012/07/17 20:52:40 -0400 JARED-PC Jared DETECTION c:\windows\svchost.exe Trojan.Agent DENY 2012/07/17 20:52:46 -0400 JARED-PC Jared MESSAGE Starting database refresh 2012/07/17 20:52:46 -0400 JARED-PC Jared MESSAGE Stopping IP protection 2012/07/17 20:54:46 -0400 JARED-PC Jared MESSAGE IP Protection stopped 2012/07/17 20:54:49 -0400 JARED-PC Jared MESSAGE Database refreshed successfully 2012/07/17 20:54:49 -0400 JARED-PC Jared MESSAGE Starting IP protection 2012/07/17 20:54:50 -0400 JARED-PC Jared MESSAGE IP Protection started successfully .