Jump to content

kevindargie

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. TDSSKiller ================================================================ 12:28:33.0192 4616 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11 12:28:33.0614 4616 ============================================================ 12:28:33.0614 4616 Current date / time: 2012/07/19 12:28:33.0614 12:28:33.0614 4616 SystemInfo: 12:28:33.0614 4616 12:28:33.0614 4616 OS Version: 6.1.7601 ServicePack: 1.0 12:28:33.0614 4616 Product type: Workstation 12:28:33.0614 4616 ComputerName: USER-PC 12:28:33.0614 4616 UserName: user 12:28:33.0614 4616 Windows directory: C:\windows 12:28:33.0614 4616 System windows directory: C:\windows 12:28:33.0614 4616 Running under WOW64 12:28:33.0614 4616 Processor architecture: Intel x64 12:28:33.0614 4616 Number of processors: 4 12:28:33.0614 4616 Page size: 0x1000 12:28:33.0614 4616 Boot type: Normal boot 12:28:33.0614 4616 ============================================================ 12:28:34.0716 4616 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 12:28:34.0721 4616 ============================================================ 12:28:34.0721 4616 \Device\Harddisk0\DR0: 12:28:34.0722 4616 MBR partitions: 12:28:34.0722 4616 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000 12:28:34.0722 4616 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x38607030 12:28:34.0722 4616 ============================================================ 12:28:34.0959 4616 C: <-> \Device\Harddisk0\DR0\Partition1 12:28:34.0959 4616 ============================================================ 12:28:34.0959 4616 Initialize success 12:28:34.0959 4616 ============================================================ 12:28:41.0681 4884 ============================================================ 12:28:41.0681 4884 Scan started 12:28:41.0681 4884 Mode: Manual; 12:28:41.0681 4884 ============================================================ 12:28:44.0308 4884 .Net bCNGKeyLock (4be1bcc105c97583236553548b6e1b36) C:\windows\system32\bNETCommando.exe 12:28:44.0309 4884 Suspicious file (NoAccess): C:\windows\system32\bNETCommando.exe. md5: 4be1bcc105c97583236553548b6e1b36 12:28:44.0309 4884 .Net bCNGKeyLock ( LockedFile.Multi.Generic ) - warning 12:28:44.0309 4884 .Net bCNGKeyLock - detected LockedFile.Multi.Generic (1) 12:28:44.0340 4884 Suspicious service (NoAccess): .Net bKernelMain 12:28:45.0385 4884 .Net bKernelMain (458d5764982ecf5c623fda21b1e559c2) C:\windows\system32\bKernelMain.exe 12:28:45.0385 4884 Suspicious file (NoAccess): C:\windows\system32\bKernelMain.exe. md5: 458d5764982ecf5c623fda21b1e559c2 12:28:45.0401 4884 .Net bKernelMain ( LockedService.Multi.Generic ) - warning 12:28:45.0401 4884 .Net bKernelMain - detected LockedService.Multi.Generic (1) 12:28:46.0920 4884 .Net bKernelSecurity (f324b99ed72aac1cd99d4f89a1eae21b) C:\windows\system32\bKernelSecurity.exe 12:28:46.0921 4884 Suspicious file (NoAccess): C:\windows\system32\bKernelSecurity.exe. md5: f324b99ed72aac1cd99d4f89a1eae21b 12:28:46.0945 4884 .Net bKernelSecurity ( LockedFile.Multi.Generic ) - warning 12:28:46.0945 4884 .Net bKernelSecurity - detected LockedFile.Multi.Generic (1) 12:28:48.0220 4884 .Net bSecurityCrypt (0bf1f22e5aeda077b56041f55bc307e1) C:\windows\system32\bSecurityCrypt.exe 12:28:48.0220 4884 Suspicious file (NoAccess): C:\windows\system32\bSecurityCrypt.exe. md5: 0bf1f22e5aeda077b56041f55bc307e1 12:28:48.0244 4884 .Net bSecurityCrypt ( LockedFile.Multi.Generic ) - warning 12:28:48.0244 4884 .Net bSecurityCrypt - detected LockedFile.Multi.Generic (1) 12:28:48.0464 4884 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys 12:28:48.0484 4884 1394ohci - ok 12:28:48.0587 4884 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys 12:28:48.0591 4884 ACPI - ok 12:28:48.0611 4884 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys 12:28:48.0612 4884 AcpiPmi - ok 12:28:48.0814 4884 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 12:28:48.0816 4884 AdobeFlashPlayerUpdateSvc - ok 12:28:48.0927 4884 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys 12:28:48.0956 4884 adp94xx - ok 12:28:49.0004 4884 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys 12:28:49.0035 4884 adpahci - ok 12:28:49.0058 4884 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys 12:28:49.0061 4884 adpu320 - ok 12:28:49.0106 4884 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll 12:28:49.0107 4884 AeLookupSvc - ok 12:28:49.0289 4884 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe 12:28:49.0291 4884 AESTFilters - ok 12:28:49.0374 4884 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys 12:28:49.0379 4884 AFD - ok 12:28:49.0428 4884 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys 12:28:49.0429 4884 agp440 - ok 12:28:49.0466 4884 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe 12:28:49.0468 4884 ALG - ok 12:28:49.0503 4884 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys 12:28:49.0505 4884 aliide - ok 12:28:49.0522 4884 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys 12:28:49.0523 4884 amdide - ok 12:28:49.0544 4884 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys 12:28:49.0547 4884 AmdK8 - ok 12:28:49.0560 4884 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys 12:28:49.0561 4884 AmdPPM - ok 12:28:49.0654 4884 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys 12:28:49.0657 4884 amdsata - ok 12:28:49.0699 4884 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys 12:28:49.0702 4884 amdsbs - ok 12:28:49.0827 4884 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys 12:28:49.0828 4884 amdxata - ok 12:28:49.0990 4884 ApfiltrService (24ed0eb2b2558970176ecee680f8f806) C:\windows\system32\DRIVERS\Apfiltr.sys 12:28:49.0992 4884 ApfiltrService - ok 12:28:50.0034 4884 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys 12:28:50.0035 4884 AppID - ok 12:28:50.0066 4884 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll 12:28:50.0067 4884 AppIDSvc - ok 12:28:50.0109 4884 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll 12:28:50.0111 4884 Appinfo - ok 12:28:50.0233 4884 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 12:28:50.0235 4884 Apple Mobile Device - ok 12:28:50.0266 4884 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys 12:28:50.0268 4884 arc - ok 12:28:50.0289 4884 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys 12:28:50.0291 4884 arcsas - ok 12:28:50.0558 4884 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 12:28:50.0590 4884 aspnet_state - ok 12:28:50.0610 4884 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys 12:28:50.0611 4884 AsyncMac - ok 12:28:50.0635 4884 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys 12:28:50.0637 4884 atapi - ok 12:28:50.0723 4884 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll 12:28:50.0752 4884 AudioEndpointBuilder - ok 12:28:50.0761 4884 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll 12:28:50.0765 4884 AudioSrv - ok 12:28:51.0281 4884 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe 12:28:51.0364 4884 AVGIDSAgent - ok 12:28:51.0705 4884 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\windows\system32\DRIVERS\avgidsdrivera.sys 12:28:51.0707 4884 AVGIDSDriver - ok 12:28:51.0774 4884 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\windows\system32\DRIVERS\avgidsfiltera.sys 12:28:51.0775 4884 AVGIDSFilter - ok 12:28:51.0818 4884 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\windows\system32\DRIVERS\avgidsha.sys 12:28:51.0824 4884 AVGIDSHA - ok 12:28:51.0876 4884 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\windows\system32\DRIVERS\avgldx64.sys 12:28:51.0880 4884 Avgldx64 - ok 12:28:51.0961 4884 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\windows\system32\DRIVERS\avgmfx64.sys 12:28:51.0962 4884 Avgmfx64 - ok 12:28:52.0036 4884 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\windows\system32\DRIVERS\avgrkx64.sys 12:28:52.0037 4884 Avgrkx64 - ok 12:28:52.0095 4884 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\windows\system32\DRIVERS\avgtdia.sys 12:28:52.0098 4884 Avgtdia - ok 12:28:52.0131 4884 avgtp (3c8f504fa1df6a77b173bdbd0a79e334) C:\windows\system32\drivers\avgtpx64.sys 12:28:52.0132 4884 avgtp - ok 12:28:52.0352 4884 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 12:28:52.0354 4884 avgwd - ok 12:28:52.0440 4884 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll 12:28:52.0446 4884 AxInstSV - ok 12:28:52.0527 4884 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys 12:28:52.0544 4884 b06bdrv - ok 12:28:52.0623 4884 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys 12:28:52.0660 4884 b57nd60a - ok 12:28:52.0716 4884 bakerneldrv (eaeb6d36e2dae256ff265ba48e1ef41b) C:\windows\system32\Drivers\bakerneldrv64.sys 12:28:52.0716 4884 Suspicious file (NoAccess): C:\windows\system32\Drivers\bakerneldrv64.sys. md5: eaeb6d36e2dae256ff265ba48e1ef41b 12:28:52.0735 4884 bakerneldrv ( LockedFile.Multi.Generic ) - warning 12:28:52.0736 4884 bakerneldrv - detected LockedFile.Multi.Generic (1) 12:28:52.0754 4884 bapcmci (b29ccb1e0bcab156b7ece3603b42a059) C:\windows\system32\Drivers\bapcmci64.sys 12:28:52.0754 4884 Suspicious file (NoAccess): C:\windows\system32\Drivers\bapcmci64.sys. md5: b29ccb1e0bcab156b7ece3603b42a059 12:28:52.0755 4884 bapcmci ( LockedFile.Multi.Generic ) - warning 12:28:52.0755 4884 bapcmci - detected LockedFile.Multi.Generic (1) 12:28:52.0927 4884 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe 12:28:52.0929 4884 BBSvc - ok 12:28:53.0090 4884 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe 12:28:53.0148 4884 BBUpdate - ok 12:28:53.0177 4884 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll 12:28:53.0179 4884 BDESVC - ok 12:28:53.0200 4884 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys 12:28:53.0201 4884 Beep - ok 12:28:53.0291 4884 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll 12:28:53.0318 4884 BITS - ok 12:28:53.0358 4884 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys 12:28:53.0360 4884 blbdrive - ok 12:28:53.0577 4884 Bluetooth Device Monitor (093b1b419ef25b15d3a1ca6953f41afb) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 12:28:53.0615 4884 Bluetooth Device Monitor - ok 12:28:53.0858 4884 Bluetooth Media Service (03a7341e94acd92e0831336d4f3ace92) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe 12:28:53.0935 4884 Bluetooth Media Service - ok 12:28:54.0152 4884 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 12:28:54.0172 4884 Bonjour Service - ok 12:28:54.0458 4884 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys 12:28:54.0459 4884 bowser - ok 12:28:54.0492 4884 bpcrasys (888343846ce9e1457eb1e092176b972c) C:\windows\system32\Drivers\bpcrasys64.sys 12:28:54.0493 4884 Suspicious file (NoAccess): C:\windows\system32\Drivers\bpcrasys64.sys. md5: 888343846ce9e1457eb1e092176b972c 12:28:54.0493 4884 bpcrasys ( LockedFile.Multi.Generic ) - warning 12:28:54.0493 4884 bpcrasys - detected LockedFile.Multi.Generic (1) 12:28:54.0530 4884 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys 12:28:54.0532 4884 BrFiltLo - ok 12:28:54.0539 4884 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys 12:28:54.0559 4884 BrFiltUp - ok 12:28:54.0632 4884 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll 12:28:54.0642 4884 Browser - ok 12:28:54.0692 4884 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys 12:28:54.0715 4884 Brserid - ok 12:28:54.0726 4884 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys 12:28:54.0728 4884 BrSerWdm - ok 12:28:54.0735 4884 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys 12:28:54.0737 4884 BrUsbMdm - ok 12:28:54.0745 4884 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys 12:28:54.0746 4884 BrUsbSer - ok 12:28:54.0840 4884 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys 12:28:54.0842 4884 BthEnum - ok 12:28:54.0850 4884 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys 12:28:54.0852 4884 BTHMODEM - ok 12:28:54.0892 4884 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys 12:28:54.0896 4884 BthPan - ok 12:28:55.0005 4884 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys 12:28:55.0015 4884 BTHPORT - ok 12:28:55.0063 4884 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll 12:28:55.0065 4884 bthserv - ok 12:28:55.0112 4884 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys 12:28:55.0114 4884 BTHUSB - ok 12:28:55.0166 4884 btmaux (16c1bac9760c9fa85a30f3fa0fbb1b7a) C:\windows\system32\DRIVERS\btmaux.sys 12:28:55.0168 4884 btmaux - ok 12:28:55.0374 4884 btmhsf (0c468d8da95be16bfdd380bb9de88259) C:\windows\system32\DRIVERS\btmhsf.sys 12:28:55.0390 4884 btmhsf - ok 12:28:55.0437 4884 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys 12:28:55.0439 4884 cdfs - ok 12:28:55.0487 4884 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys 12:28:55.0496 4884 cdrom - ok 12:28:55.0541 4884 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll 12:28:55.0543 4884 CertPropSvc - ok 12:28:55.0561 4884 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys 12:28:55.0563 4884 circlass - ok 12:28:55.0606 4884 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys 12:28:55.0611 4884 CLFS - ok 12:28:55.0813 4884 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 12:28:55.0828 4884 clr_optimization_v2.0.50727_32 - ok 12:28:55.0942 4884 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 12:28:55.0959 4884 clr_optimization_v2.0.50727_64 - ok 12:28:56.0083 4884 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 12:28:56.0085 4884 clr_optimization_v4.0.30319_32 - ok 12:28:56.0147 4884 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 12:28:56.0150 4884 clr_optimization_v4.0.30319_64 - ok 12:28:56.0204 4884 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys 12:28:56.0206 4884 CmBatt - ok 12:28:56.0225 4884 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys 12:28:56.0227 4884 cmdide - ok 12:28:56.0310 4884 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys 12:28:56.0315 4884 CNG - ok 12:28:56.0354 4884 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys 12:28:56.0355 4884 Compbatt - ok 12:28:56.0539 4884 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys 12:28:56.0571 4884 CompositeBus - ok 12:28:56.0587 4884 COMSysApp - ok 12:28:56.0610 4884 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys 12:28:56.0612 4884 crcdisk - ok 12:28:56.0680 4884 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll 12:28:56.0683 4884 CryptSvc - ok 12:28:56.0751 4884 CtClsFlt (bc3d4f90978cd7c8eabd1baf3bf7873a) C:\windows\system32\DRIVERS\CtClsFlt.sys 12:28:56.0761 4884 CtClsFlt - ok 12:28:56.0861 4884 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll 12:28:56.0868 4884 DcomLaunch - ok 12:28:56.0932 4884 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll 12:28:56.0936 4884 defragsvc - ok 12:28:57.0021 4884 DellDigitalDelivery (5c2bf6f94afe6e585b632ee12f861949) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe 12:28:57.0031 4884 DellDigitalDelivery - ok 12:28:57.0080 4884 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys 12:28:57.0082 4884 DfsC - ok 12:28:57.0164 4884 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll 12:28:57.0168 4884 Dhcp - ok 12:28:57.0187 4884 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys 12:28:57.0188 4884 discache - ok 12:28:57.0221 4884 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys 12:28:57.0222 4884 Disk - ok 12:28:57.0267 4884 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll 12:28:57.0296 4884 Dnscache - ok 12:28:57.0372 4884 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll 12:28:57.0399 4884 dot3svc - ok 12:28:57.0457 4884 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll 12:28:57.0466 4884 DPS - ok 12:28:57.0510 4884 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys 12:28:57.0512 4884 drmkaud - ok 12:28:57.0614 4884 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys 12:28:57.0620 4884 DXGKrnl - ok 12:28:57.0664 4884 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll 12:28:57.0667 4884 EapHost - ok 12:28:58.0111 4884 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys 12:28:58.0177 4884 ebdrv - ok 12:28:58.0407 4884 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe 12:28:58.0408 4884 EFS - ok 12:28:58.0644 4884 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe 12:28:58.0656 4884 ehRecvr - ok 12:28:58.0691 4884 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe 12:28:58.0693 4884 ehSched - ok 12:28:58.0814 4884 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys 12:28:58.0830 4884 elxstor - ok 12:28:58.0838 4884 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys 12:28:58.0839 4884 ErrDev - ok 12:28:58.0904 4884 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll 12:28:58.0925 4884 EventSystem - ok 12:28:59.0312 4884 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 12:28:59.0344 4884 EvtEng - ok 12:28:59.0542 4884 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys 12:28:59.0550 4884 exfat - ok 12:28:59.0583 4884 fanio (e80421eaf15298955eadb850293fd6b1) C:\windows\system32\drivers\fanio.sys 12:28:59.0584 4884 fanio - ok 12:28:59.0703 4884 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys 12:28:59.0706 4884 fastfat - ok 12:28:59.0791 4884 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe 12:28:59.0816 4884 Fax - ok 12:28:59.0834 4884 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys 12:28:59.0836 4884 fdc - ok 12:28:59.0851 4884 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll 12:28:59.0853 4884 fdPHost - ok 12:28:59.0876 4884 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll 12:28:59.0878 4884 FDResPub - ok 12:28:59.0940 4884 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys 12:28:59.0941 4884 FileInfo - ok 12:28:59.0960 4884 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys 12:28:59.0962 4884 Filetrace - ok 12:29:00.0003 4884 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys 12:29:00.0008 4884 flpydisk - ok 12:29:00.0046 4884 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys 12:29:00.0049 4884 FltMgr - ok 12:29:00.0334 4884 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll 12:29:00.0347 4884 FontCache - ok 12:29:00.0570 4884 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 12:29:00.0692 4884 FontCache3.0.0.0 - ok 12:29:00.0965 4884 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys 12:29:01.0008 4884 FsDepends - ok 12:29:01.0073 4884 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys 12:29:01.0074 4884 Fs_Rec - ok 12:29:01.0120 4884 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys 12:29:01.0124 4884 fvevol - ok 12:29:01.0146 4884 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys 12:29:01.0148 4884 gagp30kx - ok 12:29:01.0314 4884 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys 12:29:01.0314 4884 GEARAspiWDM - ok 12:29:01.0511 4884 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe 12:29:01.0512 4884 GoToAssist - ok 12:29:01.0627 4884 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll 12:29:01.0645 4884 gpsvc - ok 12:29:01.0676 4884 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys 12:29:01.0677 4884 hcw85cir - ok 12:29:01.0729 4884 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys 12:29:01.0773 4884 HdAudAddService - ok 12:29:01.0810 4884 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys 12:29:01.0813 4884 HDAudBus - ok 12:29:01.0817 4884 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys 12:29:01.0818 4884 HidBatt - ok 12:29:01.0829 4884 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys 12:29:01.0831 4884 HidBth - ok 12:29:01.0837 4884 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys 12:29:01.0840 4884 HidIr - ok 12:29:01.0869 4884 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll 12:29:01.0871 4884 hidserv - ok 12:29:01.0910 4884 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys 12:29:01.0912 4884 HidUsb - ok 12:29:01.0943 4884 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll 12:29:01.0945 4884 hkmsvc - ok 12:29:01.0974 4884 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll 12:29:01.0993 4884 HomeGroupListener - ok 12:29:02.0037 4884 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll 12:29:02.0056 4884 HomeGroupProvider - ok 12:29:02.0088 4884 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys 12:29:02.0090 4884 HpSAMD - ok 12:29:02.0188 4884 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys 12:29:02.0198 4884 HTTP - ok 12:29:02.0276 4884 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys 12:29:02.0276 4884 hwpolicy - ok 12:29:02.0412 4884 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys 12:29:02.0438 4884 i8042prt - ok 12:29:02.0489 4884 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\windows\system32\DRIVERS\iaStor.sys 12:29:02.0492 4884 iaStor - ok 12:29:02.0785 4884 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 12:29:02.0787 4884 IAStorDataMgrSvc - ok 12:29:02.0857 4884 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys 12:29:02.0879 4884 iaStorV - ok 12:29:02.0917 4884 iBtFltCoex (fc85972037815fa7b413e790b426acb2) C:\windows\system32\DRIVERS\iBtFltCoex.sys 12:29:02.0918 4884 iBtFltCoex - ok 12:29:03.0204 4884 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 12:29:03.0216 4884 idsvc - ok 12:29:05.0195 4884 igfx (174bcac474de13b2650e444cf124828e) C:\windows\system32\DRIVERS\igdkmd64.sys 12:29:05.0421 4884 igfx - ok 12:29:05.0595 4884 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys 12:29:05.0596 4884 iirsp - ok 12:29:05.0699 4884 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll 12:29:05.0734 4884 IKEEXT - ok 12:29:05.0792 4884 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\windows\system32\drivers\intelaud.sys 12:29:05.0793 4884 intaud_WaveExtensible - ok 12:29:05.0864 4884 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys 12:29:05.0904 4884 IntcDAud - ok 12:29:05.0947 4884 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys 12:29:05.0949 4884 intelide - ok 12:29:05.0990 4884 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys 12:29:05.0992 4884 intelppm - ok 12:29:06.0017 4884 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll 12:29:06.0020 4884 IPBusEnum - ok 12:29:06.0047 4884 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys 12:29:06.0049 4884 IpFilterDriver - ok 12:29:06.0072 4884 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys 12:29:06.0075 4884 IPMIDRV - ok 12:29:06.0108 4884 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys 12:29:06.0111 4884 IPNAT - ok 12:29:06.0278 4884 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe 12:29:06.0284 4884 iPod Service - ok 12:29:06.0333 4884 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys 12:29:06.0335 4884 IRENUM - ok 12:29:06.0357 4884 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys 12:29:06.0358 4884 isapnp - ok 12:29:06.0395 4884 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys 12:29:06.0442 4884 iScsiPrt - ok 12:29:06.0530 4884 iwdbus (716f66336f10885d935b08174dc54242) C:\windows\system32\DRIVERS\iwdbus.sys 12:29:06.0531 4884 iwdbus - ok 12:29:06.0543 4884 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys 12:29:06.0544 4884 kbdclass - ok 12:29:06.0557 4884 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys 12:29:06.0559 4884 kbdhid - ok 12:29:06.0606 4884 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 12:29:06.0608 4884 KeyIso - ok 12:29:06.0650 4884 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys 12:29:06.0652 4884 KSecDD - ok 12:29:06.0716 4884 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys 12:29:06.0718 4884 KSecPkg - ok 12:29:06.0753 4884 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys 12:29:06.0754 4884 ksthunk - ok 12:29:06.0823 4884 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll 12:29:06.0872 4884 KtmRm - ok 12:29:06.0947 4884 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll 12:29:06.0975 4884 LanmanServer - ok 12:29:07.0031 4884 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll 12:29:07.0050 4884 LanmanWorkstation - ok 12:29:07.0090 4884 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys 12:29:07.0092 4884 lltdio - ok 12:29:07.0146 4884 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll 12:29:07.0189 4884 lltdsvc - ok 12:29:07.0218 4884 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll 12:29:07.0220 4884 lmhosts - ok 12:29:07.0324 4884 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 12:29:07.0353 4884 LMS - ok 12:29:07.0394 4884 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys 12:29:07.0396 4884 LSI_FC - ok 12:29:07.0430 4884 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys 12:29:07.0432 4884 LSI_SAS - ok 12:29:07.0450 4884 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys 12:29:07.0452 4884 LSI_SAS2 - ok 12:29:07.0482 4884 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys 12:29:07.0484 4884 LSI_SCSI - ok 12:29:07.0518 4884 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys 12:29:07.0521 4884 luafv - ok 12:29:07.0579 4884 Lycosa (e5ecf40e5fd459141e5f6685ffd51804) C:\windows\system32\drivers\Lycosa.sys 12:29:07.0580 4884 Lycosa - ok 12:29:07.0624 4884 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\windows\system32\drivers\mbam.sys 12:29:07.0625 4884 MBAMProtector - ok 12:29:07.0744 4884 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 12:29:07.0752 4884 MBAMService - ok 12:29:07.0801 4884 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll 12:29:07.0804 4884 Mcx2Svc - ok 12:29:07.0830 4884 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys 12:29:07.0832 4884 megasas - ok 12:29:07.0867 4884 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys 12:29:07.0871 4884 MegaSR - ok 12:29:07.0901 4884 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys 12:29:07.0902 4884 MEIx64 - ok 12:29:07.0944 4884 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll 12:29:07.0947 4884 MMCSS - ok 12:29:07.0955 4884 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys 12:29:07.0956 4884 Modem - ok 12:29:07.0979 4884 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys 12:29:07.0980 4884 monitor - ok 12:29:08.0008 4884 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys 12:29:08.0009 4884 mouclass - ok 12:29:08.0040 4884 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys 12:29:08.0072 4884 mouhid - ok 12:29:08.0092 4884 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys 12:29:08.0093 4884 mountmgr - ok 12:29:08.0237 4884 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 12:29:08.0263 4884 MozillaMaintenance - ok 12:29:08.0322 4884 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\windows\system32\DRIVERS\MpFilter.sys 12:29:08.0331 4884 MpFilter - ok 12:29:08.0401 4884 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys 12:29:08.0411 4884 mpio - ok 12:29:08.0432 4884 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys 12:29:08.0434 4884 mpsdrv - ok 12:29:08.0458 4884 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys 12:29:08.0469 4884 MRxDAV - ok 12:29:08.0505 4884 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys 12:29:08.0524 4884 mrxsmb - ok 12:29:08.0592 4884 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys 12:29:08.0604 4884 mrxsmb10 - ok 12:29:08.0636 4884 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys 12:29:08.0638 4884 mrxsmb20 - ok 12:29:08.0659 4884 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys 12:29:08.0660 4884 msahci - ok 12:29:08.0675 4884 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys 12:29:08.0678 4884 msdsm - ok 12:29:08.0722 4884 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe 12:29:08.0726 4884 MSDTC - ok 12:29:08.0766 4884 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys 12:29:08.0768 4884 Msfs - ok 12:29:08.0786 4884 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys 12:29:08.0788 4884 mshidkmdf - ok 12:29:08.0798 4884 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys 12:29:08.0799 4884 msisadrv - ok 12:29:08.0854 4884 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll 12:29:08.0865 4884 MSiSCSI - ok 12:29:08.0872 4884 msiserver - ok 12:29:08.0932 4884 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys 12:29:08.0935 4884 MSKSSRV - ok 12:29:08.0967 4884 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys 12:29:08.0968 4884 MSPCLOCK - ok 12:29:08.0987 4884 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys 12:29:08.0989 4884 MSPQM - ok 12:29:09.0040 4884 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys 12:29:09.0045 4884 MsRPC - ok 12:29:09.0082 4884 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys 12:29:09.0083 4884 mssmbios - ok 12:29:09.0088 4884 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys 12:29:09.0089 4884 MSTEE - ok 12:29:09.0096 4884 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys 12:29:09.0098 4884 MTConfig - ok 12:29:09.0125 4884 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys 12:29:09.0126 4884 Mup - ok 12:29:09.0506 4884 MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 12:29:09.0550 4884 MyWiFiDHCPDNS - ok 12:29:09.0752 4884 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll 12:29:09.0761 4884 napagent - ok 12:29:09.0856 4884 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys 12:29:09.0861 4884 NativeWifiP - ok 12:29:10.0011 4884 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\windows\system32\drivers\ndis.sys 12:29:10.0022 4884 NDIS - ok 12:29:10.0049 4884 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys 12:29:10.0051 4884 NdisCap - ok 12:29:10.0070 4884 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys 12:29:10.0071 4884 NdisTapi - ok 12:29:10.0089 4884 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys 12:29:10.0091 4884 Ndisuio - ok 12:29:10.0122 4884 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys 12:29:10.0129 4884 NdisWan - ok 12:29:10.0142 4884 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys 12:29:10.0145 4884 NDProxy - ok 12:29:10.0178 4884 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys 12:29:10.0180 4884 NetBIOS - ok 12:29:10.0211 4884 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys 12:29:10.0214 4884 NetBT - ok 12:29:10.0252 4884 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 12:29:10.0254 4884 Netlogon - ok 12:29:10.0342 4884 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll 12:29:10.0359 4884 Netman - ok 12:29:10.0461 4884 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 12:29:10.0464 4884 NetMsmqActivator - ok 12:29:10.0471 4884 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 12:29:10.0472 4884 NetPipeActivator - ok 12:29:10.0510 4884 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll 12:29:10.0515 4884 netprofm - ok 12:29:10.0519 4884 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 12:29:10.0521 4884 NetTcpActivator - ok 12:29:10.0526 4884 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 12:29:10.0527 4884 NetTcpPortSharing - ok 12:29:11.0143 4884 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\windows\system32\DRIVERS\NETwNs64.sys 12:29:11.0309 4884 NETwNs64 - ok 12:29:11.0442 4884 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys 12:29:11.0444 4884 nfrd960 - ok 12:29:11.0485 4884 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\windows\system32\DRIVERS\NisDrvWFP.sys 12:29:11.0489 4884 NisDrv - ok 12:29:11.0608 4884 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe 12:29:11.0638 4884 NisSrv - ok 12:29:11.0711 4884 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll 12:29:11.0715 4884 NlaSvc - ok 12:29:11.0962 4884 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe 12:29:12.0030 4884 NOBU - ok 12:29:12.0156 4884 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys 12:29:12.0158 4884 Npfs - ok 12:29:12.0181 4884 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll 12:29:12.0183 4884 nsi - ok 12:29:12.0197 4884 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys 12:29:12.0198 4884 nsiproxy - ok 12:29:12.0344 4884 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys 12:29:12.0376 4884 Ntfs - ok 12:29:12.0522 4884 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys 12:29:12.0523 4884 Null - ok 12:29:12.0567 4884 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\windows\system32\DRIVERS\nusb3hub.sys 12:29:12.0569 4884 nusb3hub - ok 12:29:12.0614 4884 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\windows\system32\DRIVERS\nusb3xhc.sys 12:29:12.0623 4884 nusb3xhc - ok 12:29:12.0691 4884 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys 12:29:12.0701 4884 nvraid - ok 12:29:12.0754 4884 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys 12:29:12.0763 4884 nvstor - ok 12:29:12.0813 4884 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys 12:29:12.0834 4884 nv_agp - ok 12:29:12.0845 4884 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys 12:29:12.0847 4884 ohci1394 - ok 12:29:12.0932 4884 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll 12:29:12.0941 4884 p2pimsvc - ok 12:29:13.0024 4884 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll 12:29:13.0039 4884 p2psvc - ok 12:29:13.0054 4884 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys 12:29:13.0056 4884 Parport - ok 12:29:13.0101 4884 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys 12:29:13.0102 4884 partmgr - ok 12:29:13.0131 4884 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll 12:29:13.0139 4884 PcaSvc - ok 12:29:13.0173 4884 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys 12:29:13.0175 4884 pci - ok 12:29:13.0197 4884 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys 12:29:13.0198 4884 pciide - ok 12:29:13.0221 4884 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys 12:29:13.0224 4884 pcmcia - ok 12:29:13.0244 4884 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys 12:29:13.0245 4884 pcw - ok 12:29:13.0312 4884 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys 12:29:13.0335 4884 PEAUTH - ok 12:29:13.0429 4884 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe 12:29:13.0434 4884 PerfHost - ok 12:29:13.0651 4884 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll 12:29:13.0683 4884 pla - ok 12:29:13.0752 4884 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll 12:29:13.0766 4884 PlugPlay - ok 12:29:13.0787 4884 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll 12:29:13.0789 4884 PNRPAutoReg - ok 12:29:13.0830 4884 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll 12:29:13.0833 4884 PNRPsvc - ok 12:29:13.0903 4884 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll 12:29:13.0910 4884 PolicyAgent - ok 12:29:13.0937 4884 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll 12:29:13.0940 4884 Power - ok 12:29:14.0039 4884 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys 12:29:14.0041 4884 PptpMiniport - ok 12:29:14.0059 4884 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys 12:29:14.0061 4884 Processor - ok 12:29:14.0115 4884 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll 12:29:14.0133 4884 ProfSvc - ok 12:29:14.0184 4884 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 12:29:14.0185 4884 ProtectedStorage - ok 12:29:14.0222 4884 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys 12:29:14.0224 4884 Psched - ok 12:29:14.0252 4884 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\windows\system32\Drivers\PxHlpa64.sys 12:29:14.0253 4884 PxHlpa64 - ok 12:29:14.0390 4884 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys 12:29:14.0437 4884 ql2300 - ok 12:29:14.0568 4884 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys 12:29:14.0587 4884 ql40xx - ok 12:29:14.0638 4884 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll 12:29:14.0652 4884 QWAVE - ok 12:29:14.0683 4884 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys 12:29:14.0684 4884 QWAVEdrv - ok 12:29:14.0692 4884 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys 12:29:14.0708 4884 RasAcd - ok 12:29:14.0752 4884 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys 12:29:14.0753 4884 RasAgileVpn - ok 12:29:14.0777 4884 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll 12:29:14.0780 4884 RasAuto - ok 12:29:14.0807 4884 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys 12:29:14.0810 4884 Rasl2tp - ok 12:29:14.0889 4884 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll 12:29:14.0908 4884 RasMan - ok 12:29:14.0926 4884 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys 12:29:14.0928 4884 RasPppoe - ok 12:29:14.0951 4884 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys 12:29:14.0953 4884 RasSstp - ok 12:29:14.0991 4884 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys 12:29:15.0002 4884 rdbss - ok 12:29:15.0025 4884 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys 12:29:15.0027 4884 rdpbus - ok 12:29:15.0043 4884 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys 12:29:15.0043 4884 RDPCDD - ok 12:29:15.0070 4884 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys 12:29:15.0071 4884 RDPENCDD - ok 12:29:15.0084 4884 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys 12:29:15.0085 4884 RDPREFMP - ok 12:29:15.0136 4884 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys 12:29:15.0138 4884 RDPWD - ok 12:29:15.0195 4884 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys 12:29:15.0201 4884 rdyboost - ok 12:29:15.0416 4884 RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 12:29:15.0437 4884 RegSrvc - ok 12:29:15.0496 4884 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll 12:29:15.0499 4884 RemoteAccess - ok 12:29:15.0546 4884 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll 12:29:15.0557 4884 RemoteRegistry - ok 12:29:15.0640 4884 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys 12:29:15.0648 4884 RFCOMM - ok 12:29:15.0850 4884 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 12:29:15.0870 4884 RoxMediaDB12OEM - ok 12:29:15.0918 4884 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe 12:29:15.0935 4884 RoxWatch12 - ok 12:29:16.0065 4884 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll 12:29:16.0071 4884 RpcEptMapper - ok 12:29:16.0095 4884 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe 12:29:16.0097 4884 RpcLocator - ok 12:29:16.0148 4884 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll 12:29:16.0152 4884 RpcSs - ok 12:29:16.0224 4884 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys 12:29:16.0226 4884 rspndr - ok 12:29:16.0286 4884 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\windows\system32\Drivers\RtsUStor.sys 12:29:16.0288 4884 RSUSBSTOR - ok 12:29:16.0366 4884 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\windows\system32\DRIVERS\Rt64win7.sys 12:29:16.0370 4884 RTL8167 - ok 12:29:16.0418 4884 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 12:29:16.0420 4884 SamSs - ok 12:29:16.0450 4884 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys 12:29:16.0454 4884 sbp2port - ok 12:29:16.0503 4884 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll 12:29:16.0521 4884 SCardSvr - ok 12:29:16.0564 4884 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys 12:29:16.0568 4884 scfilter - ok 12:29:16.0674 4884 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll 12:29:16.0691 4884 Schedule - ok 12:29:16.0730 4884 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll 12:29:16.0731 4884 SCPolicySvc - ok 12:29:16.0758 4884 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll 12:29:16.0767 4884 SDRSVC - ok 12:29:16.0827 4884 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys 12:29:16.0828 4884 secdrv - ok 12:29:16.0848 4884 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll 12:29:16.0850 4884 seclogon - ok 12:29:16.0866 4884 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll 12:29:16.0868 4884 SENS - ok 12:29:16.0882 4884 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll 12:29:16.0884 4884 SensrSvc - ok 12:29:16.0902 4884 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys 12:29:16.0903 4884 Serenum - ok 12:29:16.0930 4884 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys 12:29:16.0932 4884 Serial - ok 12:29:16.0940 4884 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys 12:29:16.0942 4884 sermouse - ok 12:29:17.0001 4884 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll 12:29:17.0024 4884 SessionEnv - ok 12:29:17.0037 4884 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys 12:29:17.0039 4884 sffdisk - ok 12:29:17.0063 4884 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys 12:29:17.0065 4884 sffp_mmc - ok 12:29:17.0077 4884 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys 12:29:17.0079 4884 sffp_sd - ok 12:29:17.0094 4884 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys 12:29:17.0096 4884 sfloppy - ok 12:29:17.0306 4884 SftService (6f36ee03af65de9aeb024809866d19b1) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE 12:29:17.0343 4884 SftService - ok 12:29:17.0518 4884 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll 12:29:17.0570 4884 ShellHWDetection - ok 12:29:17.0623 4884 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys 12:29:17.0625 4884 SiSRaid2 - ok 12:29:17.0649 4884 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys 12:29:17.0652 4884 SiSRaid4 - ok 12:29:17.0676 4884 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys 12:29:17.0678 4884 Smb - ok 12:29:17.0699 4884 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe 12:29:17.0702 4884 SNMPTRAP - ok 12:29:17.0811 4884 speedfan (12583af6cbe0050651eaf2723b3ad7b3) C:\windows\syswow64\speedfan.sys 12:29:17.0813 4884 speedfan - ok 12:29:17.0844 4884 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys 12:29:17.0845 4884 spldr - ok 12:29:17.0898 4884 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe 12:29:17.0902 4884 Spooler - ok 12:29:18.0121 4884 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe 12:29:18.0187 4884 sppsvc - ok 12:29:18.0292 4884 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll 12:29:18.0295 4884 sppuinotify - ok 12:29:18.0367 4884 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys 12:29:18.0380 4884 srv - ok 12:29:18.0434 4884 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys 12:29:18.0454 4884 srv2 - ok 12:29:18.0495 4884 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys 12:29:18.0502 4884 srvnet - ok 12:29:18.0541 4884 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll 12:29:18.0583 4884 SSDPSRV - ok 12:29:18.0609 4884 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll 12:29:18.0611 4884 SstpSvc - ok 12:29:18.0751 4884 STacSV (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe 12:29:18.0754 4884 STacSV - ok 12:29:18.0820 4884 Steam Client Service - ok 12:29:18.0857 4884 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys 12:29:18.0858 4884 stexstor - ok 12:29:18.0920 4884 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\windows\system32\DRIVERS\stwrt64.sys 12:29:18.0945 4884 STHDA - ok 12:29:19.0056 4884 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll 12:29:19.0075 4884 stisvc - ok 12:29:19.0125 4884 stllssvr (7731f46ec0d687a931cba063e8f90ef0) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 12:29:19.0127 4884 stllssvr - ok 12:29:19.0148 4884 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys 12:29:19.0149 4884 swenum - ok 12:29:19.0216 4884 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll 12:29:19.0223 4884 swprv - ok 12:29:19.0367 4884 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll 12:29:19.0413 4884 SysMain - ok 12:29:19.0554 4884 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll 12:29:19.0557 4884 TabletInputService - ok 12:29:19.0595 4884 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll 12:29:19.0603 4884 TapiSrv - ok 12:29:19.0623 4884 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll 12:29:19.0625 4884 TBS - ok 12:29:19.0805 4884 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys 12:29:19.0844 4884 Tcpip - ok 12:29:20.0046 4884 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys 12:29:20.0057 4884 TCPIP6 - ok 12:29:20.0139 4884 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys 12:29:20.0141 4884 tcpipreg - ok 12:29:20.0158 4884 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys 12:29:20.0160 4884 TDPIPE - ok 12:29:20.0187 4884 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys 12:29:20.0189 4884 TDTCP - ok 12:29:20.0220 4884 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys 12:29:20.0223 4884 tdx - ok 12:29:20.0568 4884 TeamViewer7 (74fc70ae64a7b7dabec9697ce0a1f4fa) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe 12:29:20.0585 4884 TeamViewer7 - ok 12:29:20.0733 4884 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys 12:29:20.0734 4884 TermDD - ok 12:29:20.0838 4884 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll 12:29:20.0875 4884 TermService - ok 12:29:20.0924 4884 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll 12:29:20.0926 4884 Themes - ok 12:29:20.0965 4884 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll 12:29:20.0967 4884 THREADORDER - ok 12:29:20.0990 4884 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll 12:29:21.0013 4884 TrkWks - ok 12:29:21.0070 4884 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe 12:29:21.0072 4884 TrustedInstaller - ok 12:29:21.0098 4884 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys 12:29:21.0100 4884 tssecsrv - ok 12:29:21.0124 4884 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys 12:29:21.0127 4884 TsUsbFlt - ok 12:29:21.0143 4884 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys 12:29:21.0145 4884 TsUsbGD - ok 12:29:21.0187 4884 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys 12:29:21.0213 4884 tunnel - ok 12:29:21.0237 4884 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys 12:29:21.0239 4884 uagp35 - ok 12:29:21.0281 4884 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys 12:29:21.0291 4884 udfs - ok 12:29:21.0351 4884 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe 12:29:21.0354 4884 UI0Detect - ok 12:29:21.0382 4884 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys 12:29:21.0384 4884 uliagpkx - ok 12:29:21.0417 4884 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys 12:29:21.0419 4884 umbus - ok 12:29:21.0426 4884 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys 12:29:21.0428 4884 UmPass - ok 12:29:21.0708 4884 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 12:29:21.0780 4884 UNS - ok 12:29:21.0914 4884 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll 12:29:21.0919 4884 upnphost - ok 12:29:21.0979 4884 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\windows\system32\Drivers\usbaapl64.sys 12:29:21.0980 4884 USBAAPL64 - ok 12:29:22.0047 4884 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\windows\system32\drivers\usbaudio.sys 12:29:22.0049 4884 usbaudio - ok 12:29:22.0083 4884 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\windows\system32\DRIVERS\usbccgp.sys 12:29:22.0084 4884 usbccgp - ok 12:29:22.0134 4884 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys 12:29:22.0136 4884 usbcir - ok 12:29:22.0160 4884 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys 12:29:22.0162 4884 usbehci - ok 12:29:22.0228 4884 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys 12:29:22.0241 4884 usbhub - ok 12:29:22.0285 4884 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\drivers\usbohci.sys 12:29:22.0288 4884 usbohci - ok 12:29:22.0327 4884 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\drivers\usbprint.sys 12:29:22.0329 4884 usbprint - ok 12:29:22.0367 4884 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS 12:29:22.0369 4884 USBSTOR - ok 12:29:22.0375 4884 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\drivers\usbuhci.sys 12:29:22.0377 4884 usbuhci - ok 12:29:22.0428 4884 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys 12:29:22.0436 4884 usbvideo - ok 12:29:22.0488 4884 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll 12:29:22.0519 4884 UxSms - ok 12:29:22.0562 4884 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 12:29:22.0563 4884 VaultSvc - ok 12:29:22.0599 4884 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys 12:29:22.0600 4884 vdrvroot - ok 12:29:22.0663 4884 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe 12:29:22.0679 4884 vds - ok 12:29:22.0710 4884 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys 12:29:22.0711 4884 vga - ok 12:29:22.0724 4884 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys 12:29:22.0726 4884 VgaSave - ok 12:29:22.0752 4884 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys 12:29:22.0757 4884 vhdmp - ok 12:29:22.0763 4884 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys 12:29:22.0766 4884 viaide - ok 12:29:22.0798 4884 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys 12:29:22.0800 4884 volmgr - ok 12:29:22.0844 4884 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys 12:29:22.0850 4884 volmgrx - ok 12:29:22.0910 4884 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys 12:29:22.0913 4884 volsnap - ok 12:29:22.0977 4884 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys 12:29:22.0986 4884 vsmraid - ok 12:29:23.0133 4884 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe 12:29:23.0168 4884 VSS - ok 12:29:23.0301 4884 vToolbarUpdater12.1.3 (f98a970d02b35870c8013b43736f7904) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.3\ToolbarUpdater.exe 12:29:23.0307 4884 vToolbarUpdater12.1.3 - ok 12:29:23.0447 4884 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys 12:29:23.0448 4884 vwifibus - ok 12:29:23.0500 4884 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys 12:29:23.0501 4884 vwififlt - ok 12:29:23.0533 4884 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys 12:29:23.0534 4884 vwifimp - ok 12:29:23.0591 4884 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll 12:29:23.0628 4884 W32Time - ok 12:29:23.0656 4884 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys 12:29:23.0656 4884 WacomPen - ok 12:29:23.0691 4884 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys 12:29:23.0693 4884 WANARP - ok 12:29:23.0698 4884 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys 12:29:23.0701 4884 Wanarpv6 - ok 12:29:23.0826 4884 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe 12:29:23.0843 4884 WatAdminSvc - ok 12:29:23.0962 4884 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe 12:29:24.0000 4884 wbengine - ok 12:29:24.0125 4884 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll 12:29:24.0140 4884 WbioSrvc - ok 12:29:24.0194 4884 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll 12:29:24.0212 4884 wcncsvc - ok 12:29:24.0242 4884 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll 12:29:24.0245 4884 WcsPlugInService - ok 12:29:24.0271 4884 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys 12:29:24.0272 4884 Wd - ok 12:29:24.0327 4884 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys 12:29:24.0335 4884 Wdf01000 - ok 12:29:24.0357 4884 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll 12:29:24.0360 4884 WdiServiceHost - ok 12:29:24.0364 4884 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll 12:29:24.0366 4884 WdiSystemHost - ok 12:29:24.0401 4884 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll 12:29:24.0418 4884 WebClient - ok 12:29:24.0451 4884 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll 12:29:24.0457 4884 Wecsvc - ok 12:29:24.0476 4884 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll 12:29:24.0478 4884 wercplsupport - ok 12:29:24.0521 4884 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll 12:29:24.0527 4884 WerSvc - ok 12:29:24.0614 4884 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys 12:29:24.0615 4884 WfpLwf - ok 12:29:24.0657 4884 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\windows\system32\DRIVERS\wimfltr.sys 12:29:24.0669 4884 WimFltr - ok 12:29:24.0713 4884 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys 12:29:24.0714 4884 WIMMount - ok 12:29:24.0723 4884 WinHttpAutoProxySvc - ok 12:29:24.0791 4884 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll 12:29:24.0797 4884 Winmgmt - ok 12:29:24.0997 4884 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll 12:29:25.0037 4884 WinRM - ok 12:29:25.0216 4884 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys 12:29:25.0217 4884 WinUsb - ok 12:29:25.0307 4884 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll 12:29:25.0317 4884 Wlansvc - ok 12:29:25.0385 4884 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 12:29:25.0389 4884 wlcrasvc - ok 12:29:25.0637 4884 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 12:29:25.0651 4884 wlidsvc - ok 12:29:25.0784 4884 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys 12:29:25.0786 4884 WmiAcpi - ok 12:29:25.0909 4884 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe 12:29:25.0917 4884 wmiApSrv - ok 12:29:25.0959 4884 WMPNetworkSvc - ok 12:29:25.0995 4884 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll 12:29:25.0997 4884 WPCSvc - ok 12:29:26.0025 4884 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll 12:29:26.0028 4884 WPDBusEnum - ok 12:29:26.0058 4884 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys 12:29:26.0059 4884 ws2ifsl - ok 12:29:26.0064 4884 WSearch - ok 12:29:26.0237 4884 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll 12:29:26.0288 4884 wuauserv - ok 12:29:26.0408 4884 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys 12:29:26.0410 4884 WudfPf - ok 12:29:26.0460 4884 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys 12:29:26.0469 4884 WUDFRd - ok 12:29:26.0496 4884 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll 12:29:26.0499 4884 wudfsvc - ok 12:29:26.0572 4884 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll 12:29:26.0610 4884 WwanSvc - ok 12:29:26.0647 4884 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 12:29:26.0675 4884 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected 12:29:26.0675 4884 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0) 12:29:26.0709 4884 Boot (0x1200) (17e6064b18aa88ed8319b3238fe06a25) \Device\Harddisk0\DR0\Partition0 12:29:26.0714 4884 \Device\Harddisk0\DR0\Partition0 - ok 12:29:26.0753 4884 Boot (0x1200) (9353cf31a6ec515e78353d1600509a2f) \Device\Harddisk0\DR0\Partition1 12:29:26.0756 4884 \Device\Harddisk0\DR0\Partition1 - ok 12:29:26.0757 4884 ============================================================ 12:29:26.0757 4884 Scan finished 12:29:26.0757 4884 ============================================================ 12:29:26.0765 3860 Detected object count: 8 12:29:26.0765 3860 Actual detected object count: 8 12:29:55.0867 3860 .Net bCNGKeyLock ( LockedFile.Multi.Generic ) - skipped by user 12:29:55.0867 3860 .Net bCNGKeyLock ( LockedFile.Multi.Generic ) - User select action: Skip 12:29:55.0867 3860 .Net bKernelMain ( LockedService.Multi.Generic ) - skipped by user 12:29:55.0867 3860 .Net bKernelMain ( LockedService.Multi.Generic ) - User select action: Skip 12:29:55.0869 3860 .Net bKernelSecurity ( LockedFile.Multi.Generic ) - skipped by user 12:29:55.0869 3860 .Net bKernelSecurity ( LockedFile.Multi.Generic ) - User select action: Skip 12:29:55.0870 3860 .Net bSecurityCrypt ( LockedFile.Multi.Generic ) - skipped by user 12:29:55.0870 3860 .Net bSecurityCrypt ( LockedFile.Multi.Generic ) - User select action: Skip 12:29:55.0872 3860 bakerneldrv ( LockedFile.Multi.Generic ) - skipped by user 12:29:55.0872 3860 bakerneldrv ( LockedFile.Multi.Generic ) - User select action: Skip 12:29:55.0873 3860 bapcmci ( LockedFile.Multi.Generic ) - skipped by user 12:29:55.0873 3860 bapcmci ( LockedFile.Multi.Generic ) - User select action: Skip 12:29:55.0874 3860 bpcrasys ( LockedFile.Multi.Generic ) - skipped by user 12:29:55.0874 3860 bpcrasys ( LockedFile.Multi.Generic ) - User select action: Skip 12:29:55.0876 3860 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user 12:29:55.0876 3860 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip 12:30:40.0517 1072 Deinitialize success
  2. DDS.txt =============================================== . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31 Run by user at 12:25:54 on 2012-07-19 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4003.2583 [GMT -4:00] . AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\bKernelMain.exe C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\bNETCommando.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe C:\windows\System32\svchost.exe -k LocalServiceNoNetwork C:\windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.3\ToolbarUpdater.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe C:\Program Files (x86)\AVG\AVG2012\avgemca.exe C:\windows\system32\svchost.exe -k bthsvcs C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe C:\windows\Explorer.EXE C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\windows\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\system32\wbem\wmiprvse.exe -netsvcs C:\windows\system32\conhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\windows\system32\sppsvc.exe C:\windows\system32\taskhost.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\windows\SysWOW64\cmd.exe C:\windows\system32\conhost.exe C:\windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Updater For Spam Free Search Bar: {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll BHO: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.20\AVG Secure Search_toolbar.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.20\AVG Secure Search_toolbar.dll {e7df6bff-55a5-4eb7-a673-4ed3e9456d39} uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED uRun: [Google Update] "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [<NO NAME>] mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll LSP: mswsock.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{19FFE6A5-BB6A-4A1B-B841-AF607848FA10} : DhcpNameServer = 192.168.1.254 TCP: Interfaces\{F21D68E5-3287-44E1-ACDF-B96053DD43D7} : DhcpNameServer = 192.168.1.254 TCP: Interfaces\{F21D68E5-3287-44E1-ACDF-B96053DD43D7}\373686D6964647 : DhcpNameServer = 192.168.0.1 Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.3\ViProtocol.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll IFEO: notepad.exe - "C:\Program Files\Notepad2\Notepad2.exe" /z BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Updater For Spam Free Search Bar: {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll BHO-X64: Updater For Spam Free Search Bar - No File BHO-X64: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll BHO-X64: Spam Free Search Bar - No File BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll BHO-X64: AVG Do Not Track - No File BHO-X64: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll BHO-X64: uTorrentControl2 - No File BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.20\AVG Secure Search_toolbar.dll BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll TB-X64: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.20\AVG Secure Search_toolbar.dll mRun-x64: [(Default)] mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray IFEO-X64: notepad.exe - "C:\Program Files\Notepad2\Notepad2.exe" /z . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\m8o4jobv.default\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q= FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.1.3\npsitesafety.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\user\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\m8o4jobv.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\plugins\np-mswmp.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\windows\system32\DRIVERS\avgidsha.sys --> C:\windows\system32\DRIVERS\avgidsha.sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\system32\DRIVERS\avgrkx64.sys --> C:\windows\system32\DRIVERS\avgrkx64.sys [?] R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\windows\system32\DRIVERS\avgldx64.sys --> C:\windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\system32\DRIVERS\avgmfx64.sys --> C:\windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\windows\system32\DRIVERS\avgtdia.sys --> C:\windows\system32\DRIVERS\avgtdia.sys [?] R1 avgtp;avgtp;\??\C:\windows\system32\drivers\avgtpx64.sys --> C:\windows\system32\drivers\avgtpx64.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?] R2 .Net bCNGKeyLock;CNG Key Isolation Service x2.0b;system32\bNETCommando.exe --> system32\bNETCommando.exe [?] R2 .Net bKernelMain;Microsoft.NET Framework KernelMain x2.0b;system32\bKernelMain.exe --> system32\bKernelMain.exe [?] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-7-4 5160568] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288] R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-18 655944] R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-2-27 2886528] R2 vToolbarUpdater12.1.3;vToolbarUpdater12.1.3;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.3\ToolbarUpdater.exe [2012-7-17 830048] R3 AVGIDSDriver;AVGIDSDriver;C:\windows\system32\DRIVERS\avgidsdrivera.sys --> C:\windows\system32\DRIVERS\avgidsdrivera.sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\windows\system32\DRIVERS\avgidsfiltera.sys --> C:\windows\system32\DRIVERS\avgidsfiltera.sys [?] R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\system32\DRIVERS\btmaux.sys --> C:\windows\system32\DRIVERS\btmaux.sys [?] R3 btmhsf;btmhsf;C:\windows\system32\DRIVERS\btmhsf.sys --> C:\windows\system32\DRIVERS\btmhsf.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\system32\DRIVERS\CtClsFlt.sys --> C:\windows\system32\DRIVERS\CtClsFlt.sys [?] R3 iBtFltCoex;iBtFltCoex;C:\windows\system32\DRIVERS\iBtFltCoex.sys --> C:\windows\system32\DRIVERS\iBtFltCoex.sys [?] R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?] R3 iwdbus;IWD Bus Enumerator;C:\windows\system32\DRIVERS\iwdbus.sys --> C:\windows\system32\DRIVERS\iwdbus.sys [?] R3 Lycosa;Lycosa Keyboard;C:\windows\system32\drivers\Lycosa.sys --> C:\windows\system32\drivers\Lycosa.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\system32\DRIVERS\nusb3hub.sys --> C:\windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\system32\DRIVERS\nusb3xhc.sys --> C:\windows\system32\DRIVERS\nusb3xhc.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?] S1 fanio;FanIO driver;C:\Windows\System32\drivers\fanio.sys [2012-2-24 14464] S2 .Net bKernelSecurity;Microsoft.NET Framework KernelSecurity x2.0b;system32\bKernelSecurity.exe --> system32\bKernelSecurity.exe [?] S2 .Net bSecurityCrypt;Microsoft.NET Framework SecurityCrypt x2.0b;system32\bSecurityCrypt.exe --> system32\bSecurityCrypt.exe [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-12 250056] S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\system32\drivers\intelaud.sys --> C:\windows\system32\drivers\intelaud.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-3 113120] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\NETwNs64.sys --> C:\windows\system32\DRIVERS\NETwNs64.sys [?] S3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?] S4 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-8-20 89600] S4 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088] S4 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-3 1298496] S4 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816] S4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-20 13336] S4 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?] S4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] S4 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000] S4 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] S4 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] S4 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-8-20 1688384] S4 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-20 2655768] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-07-18 23:08:05 20480 ----a-w- C:\windows\svchost.exe 2012-07-18 20:58:03 -------- d-----w- C:\Users\user\AppData\Roaming\Malwarebytes 2012-07-18 20:57:48 24904 ----a-w- C:\windows\System32\drivers\mbam.sys 2012-07-18 20:57:48 -------- d-----w- C:\ProgramData\Malwarebytes 2012-07-18 20:57:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-07-17 20:40:34 -------- d-sh--w- C:\windows\SysWow64\%APPDATA% 2012-07-17 20:24:01 -------- d-----w- C:\Users\user\AppData\Roaming\AVG2012 2012-07-17 20:23:37 -------- d-----w- C:\Users\user\AppData\Local\AVG Secure Search 2012-07-17 20:23:10 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AD116119-EF1B-473E-AE65-042F54A359B6}\mpengine.dll 2012-07-17 20:23:09 -------- d-----w- C:\ProgramData\AVG Secure Search 2012-07-17 20:23:01 30568 ----a-w- C:\windows\System32\drivers\avgtpx64.sys 2012-07-17 20:22:52 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search 2012-07-17 20:22:49 -------- d-----w- C:\Program Files (x86)\AVG Secure Search 2012-07-17 20:22:09 -------- d-----w- C:\windows\SysWow64\drivers\AVG 2012-07-17 20:21:36 -------- d--h--w- C:\$AVG 2012-07-17 20:21:35 -------- d-----w- C:\windows\System32\drivers\AVG 2012-07-17 20:21:35 -------- d-----w- C:\ProgramData\AVG2012 2012-07-17 20:20:31 -------- d-----w- C:\Program Files (x86)\AVG 2012-07-17 20:17:16 -------- d--h--w- C:\ProgramData\Common Files 2012-07-17 20:17:16 -------- d-----w- C:\ProgramData\MFAData 2012-07-16 22:19:28 -------- d-----w- C:\Program Files\Notepad2 2012-07-16 19:51:38 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-07-14 04:31:43 3148800 ----a-w- C:\windows\System32\win32k.sys 2012-07-11 14:05:40 2004480 ----a-w- C:\windows\System32\msxml6.dll 2012-07-04 04:22:42 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2A02CAAD-AEC4-45AD-B518-A7E66A4D0512}\gapaengine.dll . ==================== Find3M ==================== . 2012-07-14 05:37:35 70344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-14 05:37:35 426184 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2012-06-06 06:06:16 1881600 ----a-w- C:\windows\System32\msxml3.dll 2012-06-06 06:02:54 1133568 ----a-w- C:\windows\System32\cdosys.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\windows\SysWow64\cdosys.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\windows\System32\wudriver.dll 2012-06-02 19:19:42 186752 ----a-w- C:\windows\System32\wuwebv.dll 2012-06-02 19:15:12 36864 ----a-w- C:\windows\System32\wuapp.exe 2012-06-02 12:12:17 2311680 ----a-w- C:\windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\windows\System32\ieUnatt.exe 2012-06-02 11:57:08 2382848 ----a-w- C:\windows\System32\mshtml.tlb 2012-06-02 08:33:25 1800192 ----a-w- C:\windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb 2012-06-02 05:50:10 458704 ----a-w- C:\windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\windows\SysWow64\sspicli.dll 2012-05-04 11:06:22 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\windows\System32\profsvc.dll 2012-04-28 03:55:21 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe 2012-04-24 05:37:37 184320 ----a-w- C:\windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll 2011-10-14 15:25:46 405504 --sh--r- C:\windows\System32\vshadow.exe 2011-10-14 15:25:50 364032 --sh--r- C:\windows\System32\vshadowamd64.exe 2011-10-14 15:25:52 352256 --sh--r- C:\windows\System32\vshadowXP.exe . ============= FINISH: 12:27:39.37 =============== Attach.txt ================================================== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 10/28/2011 10:22:43 AM System Uptime: 7/19/2012 12:20:53 PM (0 hours ago) . Motherboard: Dell Inc. | | 034W60 Processor: Intel® Core™ i3-2310M CPU @ 2.10GHz | CPU 1 | 2100/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 451 GiB total, 310.234 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Intel® Centrino® Wireless-N 1030 Device ID: PCI\VEN_8086&DEV_008A&SUBSYS_53258086&REV_34\AC7289FFFF48C04C00 Manufacturer: Intel Corporation Name: Intel® Centrino® Wireless-N 1030 PNP Device ID: PCI\VEN_8086&DEV_008A&SUBSYS_53258086&REV_34\AC7289FFFF48C04C00 Service: NETwNs64 . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Bluetooth Device (Personal Area Network) Device ID: BTH\MS_BTHPAN\7&1C536469&0&2 Manufacturer: Microsoft Name: Bluetooth Device (Personal Area Network) PNP Device ID: BTH\MS_BTHPAN\7&1C536469&0&2 Service: BthPan . ==== System Restore Points =================== . RP90: 6/29/2012 11:51:26 AM - Windows Update RP91: 7/2/2012 1:18:05 PM - Windows Update RP92: 7/6/2012 1:25:19 AM - Windows Update RP93: 7/10/2012 9:49:54 AM - Windows Update RP94: 7/14/2012 12:26:03 AM - Windows Update RP95: 7/17/2012 4:19:01 PM - Windows Update RP96: 7/17/2012 4:19:32 PM - Installed AVG 2012 RP97: 7/17/2012 4:20:53 PM - Installed AVG 2012 . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X MUI Advanced Audio FX Engine Anti-phishing Domain Advisor Apple Application Support Apple Software Update Bing Bar Bing Rewards Client Installer Counter-Strike: Source Cozi D3DX10 Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Digital Delivery Dell Getting Started Guide Dell Home Systems Service Agreement Dell MusicStage Dell Perks Webslice IE8 Dell PhotoStage Dell Product Registration Dell Stage Dell VideoStage Dell Webcam Central DirectX 9 Runtime EA Download Manager eBay FileZilla Client 3.5.3 FINAL FANTASY XI GnuWin32: Bzip2-1.0.5 Google Chrome GoToAssist 8.0.0.514 Grand Theft Auto: San Andreas HLSW v1.4.0.2 IDT Audio iExplorer 2.2.1.3 Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Intel® WiDi Internet Explorer Java Auto Updater Java™ 6 Update 31 Junk Mail filter update Malwarebytes Anti-Malware version 1.62.0.1300 Mesh Runtime Microsoft Office 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft WSE 3.0 Runtime Might and Magic: Clash of Heroes Mozilla Firefox 13.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mumble 1.2.3 PhotoShowExpress Pidgin Portal QuickTime Razer Mamba Realtek Ethernet Controller Driver Realtek USB 2.0 Card Reader Renesas Electronics USB 3.0 Host Controller Driver Roxio Activation Module Roxio BackOnTrack Roxio Burn Roxio Creator Starter Roxio Express Labeler 3 Safari Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Skype Toolbars Skype™ 4.2 Sonic CinePlayer Decoder Pack Spam Free Search Bar SpeedFan (remove only) Star Wars: The Old Republic Steam System Requirements Lab CYRI Team Fortress 2 TeamViewer 7 The Sims™ 3 The Sims™ 3 High-End Loft Stuff The Sims™ 3 Late Night The Sims™ 3 World Adventures TrustedID Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) uTorrentControl2 Toolbar Visual Studio 2008 x64 Redistributables Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources World of Warcraft . ==== Event Viewer Messages From Past Week ======== . 7/19/2012 12:22:07 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 7/19/2012 12:22:07 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 7/19/2012 12:21:24 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 7/19/2012 12:21:24 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 7/19/2012 12:21:23 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. . ==== End Of File ===========================
  3. I've removed uTorrent and any p2p software I could find on this computer. I originally ran a full system scan with AVG Free and it found 2 major infections, both Trojans. AVG could not fix these issues even by forcing them so I ran Malwarebytes software on full system scan it proceeded to fix the problems and asked to restart, so I did. After doing this, I no longer get random computer reboots and I have yet to get any noisey sound ads and music in the background. The only thing that really bugs the crap out of me is that I keep getting threat detections with both Malwarebytes and AVG Free, and when I boot the computer up fresh and open my browser for the first time it forwards me to a weird URL Address. This will be my first time doing a virus removal, I'm use to reformatting when this happens. I heard you have excellent help here so I'm giving this a try as my last resort, and the fact that I saw a similar thread about the same issues on the forums already.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.