Infected with mydomainadvisor.com

dah1877 · July 4, 2012

Hello, I'm working on resolving a problem with my girlfriends laptop she recently began encountering. I don't know what she downloaded but now a lot of pages fail to load, load oddly, or present her with a partner37.mydomainadviser.com page, which as i researched i found to be redirect malware and I just can't figure out how to remove it. Here are the logs from the dds program

I've also fully updates malwarebytes anti malware software and preformed a quick scan which found nothing.

DDS.txt

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Jennifer at 11:17:38 on 2012-07-04

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3032.1064 [GMT -4:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE

C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k apphost

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Secunia\PSI\PSIA.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k iissvcs

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Windows\system32\conhost.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe

C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Vuze\Azureus.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\Windows Media Player\wmprph.exe

C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\chrome.exe

c:\windows\system32\inetsrv\w3wp.exe

C:\Windows\notepad.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.searchnu.com/414

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

uURLSearchHooks: H - No File

mURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll

BHO: DataMngr: {9d717f81-9148-4f12-8568-69135f087db0} - C:\PROGRA~2\WIA6EB~1\Datamngr\BROWSE~1.DLL

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

uRun: [Google Update] "C:\Users\Jennifer\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10zb_ActiveX.exe -update activex

mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"

mRun: [DATAMNGR] C:\PROGRA~2\WIA6EB~1\Datamngr\DATAMN~1.EXE

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRunOnce: [sTToasterLauncher] C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxps://support.dell.com/systemprofiler/SysProExe.CAB

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{7171B83C-C100-49A9-939C-CF1DB4216E0E} : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{7171B83C-C100-49A9-939C-CF1DB4216E0E}\279647 : DhcpNameServer = 129.21.3.17 129.21.4.18

TCP: Interfaces\{7171B83C-C100-49A9-939C-CF1DB4216E0E}\4427F69646 : DhcpNameServer = 192.168.2.254

TCP: Interfaces\{C3EA5883-F021-4A87-B79F-99545F5541BB} : DhcpNameServer = 192.168.2.1

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

AppInit_DLLs: C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll

BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll

BHO-X64: Searchqu Toolbar - No File

BHO-X64: DataMngr: {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WIA6EB~1\Datamngr\BROWSE~1.DLL

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB-X64: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll

TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

TB-X64: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun-x64: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"

mRun-x64: [DATAMNGR] C:\PROGRA~2\WIA6EB~1\Datamngr\DATAMN~1.EXE

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRunOnce-x64: [sTToasterLauncher] C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe

AppInit_DLLs-X64: C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]

R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-10-14 994360]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2009-12-1 656624]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]

R3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-1-31 158856]

S3 mfebopk;McAfee Inc. mfebopk;C:\Windows\system32\drivers\mfebopk.sys --> C:\Windows\system32\drivers\mfebopk.sys [?]

S3 mferkdk;McAfee Inc. mferkdk;C:\Windows\system32\drivers\mferkdk.sys --> C:\Windows\system32\drivers\mferkdk.sys [?]

S3 mfesmfk;McAfee Inc. mfesmfk;C:\Windows\system32\drivers\mfesmfk.sys --> C:\Windows\system32\drivers\mfesmfk.sys [?]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]

S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-07-04 14:34:48 927800 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EB6754B5-25CF-4AF4-B522-8BB9E7AE58C1}\gapaengine.dll

2012-07-04 14:34:26 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E2F05C38-0817-4DA5-9937-5BD89CA5C047}\mpengine.dll

2012-07-03 13:07:05 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-07-02 15:54:22 -------- d-----w- C:\Program Files\iPod

2012-07-02 15:54:20 -------- d-----w- C:\Program Files\iTunes

2012-07-02 15:54:20 -------- d-----w- C:\Program Files (x86)\iTunes

2012-06-27 15:22:19 -------- d-----w- C:\ProgramData\boost_interprocess

2012-06-27 01:14:08 -------- d-----w- C:\Program Files (x86)\Windows Searchqu Toolbar

2012-06-27 01:13:57 -------- d-----w- C:\Users\Jennifer\AppData\Roaming\FreeVideoConverter

2012-06-27 01:13:57 -------- d-----w- C:\Program Files (x86)\Free Video Converter

2012-06-27 01:13:12 -------- d-----w- C:\ProgramData\blekko toolbars

2012-06-27 01:12:58 -------- d-----w- C:\Users\Jennifer\AppData\Local\blekkotb_031

2012-06-27 01:12:53 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor

2012-06-14 18:01:30 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-06-14 18:01:30 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-06-14 18:01:30 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-06-14 18:01:23 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-06-14 18:01:23 1462272 ----a-w- C:\Windows\System32\crypt32.dll

2012-06-14 18:01:23 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-06-14 18:01:23 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-06-14 18:01:22 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-06-14 18:01:22 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-06-14 18:01:13 3146752 ----a-w- C:\Windows\System32\win32k.sys

2012-06-14 18:00:58 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-06-14 18:00:47 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-06-14 18:00:45 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-06-14 18:00:43 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-06-14 18:00:42 3216384 ----a-w- C:\Windows\System32\msi.dll

2012-06-14 18:00:41 2342400 ----a-w- C:\Windows\SysWow64\msi.dll

2012-06-14 18:00:01 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-06-12 23:04:31 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2B242532-F34A-4A0E-87F0-2A1D0166C939}\gapaengine.dll

2012-06-08 23:13:02 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-08 23:12:55 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-08 23:12:41 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-08 23:12:41 186752 ----a-w- C:\Windows\System32\wuwebv.dll

.

==================== Find3M ====================

.

2012-06-01 01:20:34 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-06-01 00:38:43 637848 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll

2012-06-01 00:38:43 567696 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-04-19 00:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2012-04-19 00:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

2010-06-13 23:10:00 2734688 ----a-w- C:\Program Files (x86)\tbZyng.dll

2002-07-26 21:02:06 153088 ----a-w- C:\Program Files (x86)\UNWISE.EXE

.

============= FINISH: 11:19:10.56 ===============

Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 12/18/2009 8:00:38 PM

System Uptime: 7/2/2012 10:22:08 AM (49 hours ago)

.

Motherboard: Dell Inc. | | 0G848F

Processor: Pentium® Dual-Core CPU T4300 @ 2.10GHz | Microprocessor | 2100/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 218 GiB total, 14.816 GiB free.

D: is CDROM (UDF)

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP255: 6/28/2012 8:19:05 PM - Windows Update

RP256: 7/1/2012 10:00:44 PM - Removed ActiveState Komodo Edit 6.1.3

RP257: 7/2/2012 11:51:17 AM - Installed iTunes

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Adobe AIR

Adobe Community Help

Adobe Download Assistant

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.5.1

Advanced Audio FX Engine

Anti-phishing Domain Advisor

Apple Application Support

Apple Software Update

Banctec Service Agreement

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Compatibility Pack for the 2007 Office system

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Getting Started Guide

Dell Webcam Central

DirectXInstallService

EMC 10 Content

Google Chrome

GoToAssist 8.0.0.514

Intel® Rapid Storage Technology

Java Auto Updater

Java 7 Update 3

Junk Mail filter update

Live! Cam Avatar Creator

LoJack Factory Installer

Malwarebytes Anti-Malware version 1.61.0.1400

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Works

Microsoft WSE 3.0 Runtime

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Origin

PowerDVD DX

QuickTime

Roxio Activation Module

Roxio BackOnTrack

Roxio Burn

Roxio Central Audio

Roxio Central Copy

Roxio Central Core

Roxio Central Data

Roxio Central Tools

Roxio Easy CD and DVD Burning

Roxio Express Labeler 3

Roxio Update Manager

Secunia PSI (2.0.0.4003)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Skype Click to Call

Skype™ 5.8

Sonic CinePlayer Decoder Pack

Spelling Dictionaries Support For Adobe Reader 9

The Sims™ 3

The Sims™ 3 Ambitions

The Sims™ 3 High-End Loft Stuff

The Sims™ 3 Late Night

The Sims™ 3 Pets

The Sims™ 3 World Adventures

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VLC media player 2.0.1

Vuze

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

Windows Searchqu Toolbar

Yahoo! Detect

Zynga Toolbar

.

==== Event Viewer Messages From Past Week ========

.

7/2/2012 3:10:09 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ASPI32 RxFilter

7/2/2012 3:09:37 AM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

7/2/2012 11:51:11 AM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

6/30/2012 9:35:48 PM, Error: Service Control Manager [7031] - The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

6/27/2012 11:14:27 AM, Error: Service Control Manager [7031] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

6/27/2012 1:43:21 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

.

==== End Of File ===========================

Maniac · July 5, 2012

Hello dah1877 and :welcome: ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

If you are a paying customer, you have the privilege to contact the help desk at Consumer Support or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
Make sure you read all of the instructions and fixes thoroughly before continuing with them.
Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

BACKDOOR WARNING

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

Step 1

Please uninstsall the following applications:

Vuze

Windows Searchqu Toolbar

Zynga Toolbar

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3

Launch Malwarebytes' Anti-Malware
Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
Go to Scanner tab and select Perform Quick Scan, then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

TDSSKiller log
Malwarebytes' Anti-Malware log

dah1877 · July 5, 2012

Okay I will do this, it may take me up to a day to reply just as a heads up. Thank you for your help

dah1877 · July 5, 2012

I've removed the programs.

Here's the TDSSKiller log

10:14:20.0894 1420 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08

10:14:21.0441 1420 ============================================================

10:14:21.0441 1420 Current date / time: 2012/07/05 10:14:21.0441

10:14:21.0441 1420 SystemInfo:

10:14:21.0441 1420

10:14:21.0441 1420 OS Version: 6.1.7601 ServicePack: 1.0

10:14:21.0441 1420 Product type: Workstation

10:14:21.0442 1420 ComputerName: JENNIFER-PC

10:14:21.0442 1420 UserName: Jennifer

10:14:21.0442 1420 Windows directory: C:\Windows

10:14:21.0442 1420 System windows directory: C:\Windows

10:14:21.0442 1420 Running under WOW64

10:14:21.0442 1420 Processor architecture: Intel x64

10:14:21.0442 1420 Number of processors: 2

10:14:21.0442 1420 Page size: 0x1000

10:14:21.0442 1420 Boot type: Normal boot

10:14:21.0442 1420 ============================================================

10:14:22.0617 1420 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

10:14:22.0628 1420 ============================================================

10:14:22.0628 1420 \Device\Harddisk0\DR0:

10:14:22.0628 1420 MBR partitions:

10:14:22.0628 1420 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000

10:14:22.0628 1420 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170

10:14:22.0628 1420 ============================================================

10:14:22.0657 1420 C: <-> \Device\Harddisk0\DR0\Partition1

10:14:22.0657 1420 ============================================================

10:14:22.0657 1420 Initialize success

10:14:22.0657 1420 ============================================================

10:14:37.0128 3988 ============================================================

10:14:37.0128 3988 Scan started

10:14:37.0128 3988 Mode: Manual; SigCheck; TDLFS;

10:14:37.0128 3988 ============================================================

10:14:37.0519 3988 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

10:14:37.0718 3988 1394ohci - ok

10:14:37.0770 3988 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

10:14:37.0824 3988 ACPI - ok

10:14:37.0887 3988 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

10:14:37.0986 3988 AcpiPmi - ok

10:14:38.0087 3988 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

10:14:38.0150 3988 adp94xx - ok

10:14:38.0216 3988 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

10:14:38.0277 3988 adpahci - ok

10:14:38.0325 3988 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

10:14:38.0359 3988 adpu320 - ok

10:14:38.0400 3988 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

10:14:38.0563 3988 AeLookupSvc - ok

10:14:38.0676 3988 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

10:14:38.0755 3988 AFD - ok

10:14:38.0815 3988 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

10:14:38.0842 3988 agp440 - ok

10:14:38.0885 3988 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

10:14:38.0935 3988 ALG - ok

10:14:38.0976 3988 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

10:14:38.0993 3988 aliide - ok

10:14:38.0999 3988 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

10:14:39.0015 3988 amdide - ok

10:14:39.0057 3988 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

10:14:39.0115 3988 AmdK8 - ok

10:14:39.0140 3988 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

10:14:39.0173 3988 AmdPPM - ok

10:14:39.0229 3988 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

10:14:39.0252 3988 amdsata - ok

10:14:39.0294 3988 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

10:14:39.0332 3988 amdsbs - ok

10:14:39.0353 3988 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

10:14:39.0372 3988 amdxata - ok

10:14:39.0443 3988 ApfiltrService (1412e9a88fe1f7e35ce6058a2ef03664) C:\Windows\system32\DRIVERS\Apfiltr.sys

10:14:39.0511 3988 ApfiltrService - ok

10:14:39.0610 3988 AppHostSvc (59d01fa91962c9c1e9b4022b2d3b46db) C:\Windows\system32\inetsrv\apphostsvc.dll

10:14:39.0689 3988 AppHostSvc - ok

10:14:39.0738 3988 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

10:14:39.0930 3988 AppID - ok

10:14:39.0964 3988 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

10:14:40.0069 3988 AppIDSvc - ok

10:14:40.0125 3988 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

10:14:40.0213 3988 Appinfo - ok

10:14:40.0327 3988 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

10:14:40.0350 3988 Apple Mobile Device - ok

10:14:40.0398 3988 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

10:14:40.0430 3988 arc - ok

10:14:40.0448 3988 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

10:14:40.0466 3988 arcsas - ok

10:14:40.0556 3988 asdrm (ada0d290c6211451556794e53ca2d05f) C:\Windows\system32\DRIVERS\asdrm.sys

10:14:40.0579 3988 asdrm - ok

10:14:40.0610 3988 asdrs (3ab9b00edef84a56958d979268d4bc49) C:\Windows\system32\DRIVERS\asdrs.sys

10:14:40.0622 3988 asdrs - ok

10:14:40.0737 3988 asdsrv (20f4d34a82ab872ba592cfca6e25e7e7) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe

10:14:40.0764 3988 asdsrv - ok

10:14:40.0801 3988 ASPI32 - ok

10:14:40.0842 3988 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

10:14:40.0917 3988 AsyncMac - ok

10:14:40.0956 3988 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

10:14:40.0981 3988 atapi - ok

10:14:41.0088 3988 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

10:14:41.0177 3988 AudioEndpointBuilder - ok

10:14:41.0186 3988 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

10:14:41.0245 3988 AudioSrv - ok

10:14:41.0306 3988 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

10:14:41.0407 3988 AxInstSV - ok

10:14:41.0487 3988 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

10:14:41.0605 3988 b06bdrv - ok

10:14:41.0650 3988 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

10:14:41.0732 3988 b57nd60a - ok

10:14:41.0787 3988 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys

10:14:41.0801 3988 BCM42RLY - ok

10:14:42.0087 3988 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys

10:14:42.0189 3988 BCM43XX - ok

10:14:42.0321 3988 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

10:14:42.0449 3988 BDESVC - ok

10:14:42.0495 3988 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

10:14:42.0564 3988 Beep - ok

10:14:42.0726 3988 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

10:14:42.0807 3988 BFE - ok

10:14:42.0894 3988 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

10:14:43.0006 3988 BITS - ok

10:14:43.0068 3988 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

10:14:43.0123 3988 blbdrive - ok

10:14:43.0240 3988 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

10:14:43.0296 3988 Bonjour Service - ok

10:14:43.0346 3988 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

10:14:43.0403 3988 bowser - ok

10:14:43.0439 3988 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

10:14:43.0543 3988 BrFiltLo - ok

10:14:43.0561 3988 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

10:14:43.0593 3988 BrFiltUp - ok

10:14:43.0639 3988 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

10:14:43.0730 3988 Browser - ok

10:14:43.0796 3988 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

10:14:43.0862 3988 Brserid - ok

10:14:43.0881 3988 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

10:14:43.0926 3988 BrSerWdm - ok

10:14:43.0954 3988 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

10:14:44.0022 3988 BrUsbMdm - ok

10:14:44.0041 3988 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

10:14:44.0072 3988 BrUsbSer - ok

10:14:44.0115 3988 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

10:14:44.0162 3988 BTHMODEM - ok

10:14:44.0231 3988 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

10:14:44.0291 3988 bthserv - ok

10:14:44.0327 3988 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

10:14:44.0387 3988 cdfs - ok

10:14:44.0551 3988 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

10:14:44.0624 3988 cdrom - ok

10:14:44.0794 3988 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

10:14:44.0899 3988 CertPropSvc - ok

10:14:45.0014 3988 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

10:14:45.0104 3988 circlass - ok

10:14:45.0180 3988 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

10:14:45.0272 3988 CLFS - ok

10:14:45.0472 3988 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

10:14:45.0499 3988 clr_optimization_v2.0.50727_32 - ok

10:14:45.0572 3988 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

10:14:45.0589 3988 clr_optimization_v2.0.50727_64 - ok

10:14:45.0741 3988 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

10:14:45.0813 3988 clr_optimization_v4.0.30319_32 - ok

10:14:45.0865 3988 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

10:14:45.0884 3988 clr_optimization_v4.0.30319_64 - ok

10:14:45.0911 3988 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

10:14:45.0959 3988 CmBatt - ok

10:14:45.0996 3988 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

10:14:46.0021 3988 cmdide - ok

10:14:46.0078 3988 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

10:14:46.0169 3988 CNG - ok

10:14:46.0206 3988 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

10:14:46.0231 3988 Compbatt - ok

10:14:46.0287 3988 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

10:14:46.0343 3988 CompositeBus - ok

10:14:46.0363 3988 COMSysApp - ok

10:14:46.0388 3988 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

10:14:46.0413 3988 crcdisk - ok

10:14:46.0484 3988 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll

10:14:46.0611 3988 CryptSvc - ok

10:14:46.0668 3988 CtClsFlt (580033e37beb30e7176caf46d8c282f3) C:\Windows\system32\DRIVERS\CtClsFlt.sys

10:14:46.0753 3988 CtClsFlt - ok

10:14:46.0845 3988 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

10:14:46.0927 3988 DcomLaunch - ok

10:14:47.0020 3988 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

10:14:47.0110 3988 defragsvc - ok

10:14:47.0244 3988 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

10:14:47.0318 3988 DfsC - ok

10:14:47.0496 3988 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

10:14:47.0604 3988 Dhcp - ok

10:14:47.0641 3988 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

10:14:47.0700 3988 discache - ok

10:14:47.0749 3988 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

10:14:47.0770 3988 Disk - ok

10:14:47.0858 3988 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

10:14:48.0016 3988 Dnscache - ok

10:14:48.0142 3988 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe

10:14:48.0200 3988 DockLoginService ( UnsignedFile.Multi.Generic ) - warning

10:14:48.0200 3988 DockLoginService - detected UnsignedFile.Multi.Generic (1)

10:14:48.0273 3988 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

10:14:48.0355 3988 dot3svc - ok

10:14:48.0392 3988 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

10:14:48.0476 3988 DPS - ok

10:14:48.0512 3988 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

10:14:48.0560 3988 drmkaud - ok

10:14:48.0678 3988 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

10:14:48.0744 3988 DXGKrnl - ok

10:14:48.0793 3988 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

10:14:48.0865 3988 EapHost - ok

10:14:49.0132 3988 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

10:14:49.0293 3988 ebdrv - ok

10:14:49.0412 3988 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

10:14:49.0495 3988 EFS - ok

10:14:49.0625 3988 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

10:14:49.0714 3988 ehRecvr - ok

10:14:49.0743 3988 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

10:14:49.0813 3988 ehSched - ok

10:14:49.0914 3988 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

10:14:49.0965 3988 elxstor - ok

10:14:50.0033 3988 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

10:14:50.0074 3988 ErrDev - ok

10:14:50.0264 3988 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

10:14:50.0386 3988 EventSystem - ok

10:14:50.0476 3988 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

10:14:50.0575 3988 exfat - ok

10:14:50.0602 3988 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

10:14:50.0676 3988 fastfat - ok

10:14:50.0804 3988 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

10:14:50.0894 3988 Fax - ok

10:14:50.0932 3988 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

10:14:50.0979 3988 fdc - ok

10:14:51.0005 3988 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

10:14:51.0083 3988 fdPHost - ok

10:14:51.0105 3988 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

10:14:51.0168 3988 FDResPub - ok

10:14:51.0196 3988 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

10:14:51.0213 3988 FileInfo - ok

10:14:51.0234 3988 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

10:14:51.0318 3988 Filetrace - ok

10:14:51.0345 3988 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

10:14:51.0362 3988 flpydisk - ok

10:14:51.0427 3988 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

10:14:51.0464 3988 FltMgr - ok

10:14:51.0568 3988 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

10:14:51.0668 3988 FontCache - ok

10:14:51.0746 3988 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

10:14:51.0768 3988 FontCache3.0.0.0 - ok

10:14:51.0806 3988 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

10:14:51.0826 3988 FsDepends - ok

10:14:51.0847 3988 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

10:14:51.0863 3988 Fs_Rec - ok

10:14:51.0918 3988 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

10:14:51.0963 3988 fvevol - ok

10:14:52.0017 3988 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

10:14:52.0034 3988 gagp30kx - ok

10:14:52.0078 3988 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

10:14:52.0092 3988 GEARAspiWDM - ok

10:14:52.0187 3988 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe

10:14:52.0207 3988 GoToAssist - ok

10:14:52.0309 3988 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

10:14:52.0403 3988 gpsvc - ok

10:14:52.0435 3988 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

10:14:52.0508 3988 hcw85cir - ok

10:14:52.0558 3988 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

10:14:52.0592 3988 HDAudBus - ok

10:14:52.0612 3988 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

10:14:52.0654 3988 HidBatt - ok

10:14:52.0689 3988 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

10:14:52.0738 3988 HidBth - ok

10:14:52.0762 3988 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

10:14:52.0809 3988 HidIr - ok

10:14:52.0844 3988 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

10:14:52.0928 3988 hidserv - ok

10:14:52.0991 3988 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

10:14:53.0017 3988 HidUsb - ok

10:14:53.0052 3988 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

10:14:53.0146 3988 hkmsvc - ok

10:14:53.0192 3988 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

10:14:53.0299 3988 HomeGroupListener - ok

10:14:53.0368 3988 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

10:14:53.0428 3988 HomeGroupProvider - ok

10:14:53.0491 3988 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

10:14:53.0507 3988 HpSAMD - ok

10:14:53.0598 3988 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

10:14:53.0678 3988 HTTP - ok

10:14:53.0716 3988 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

10:14:53.0731 3988 hwpolicy - ok

10:14:53.0749 3988 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

10:14:53.0768 3988 i8042prt - ok

10:14:53.0866 3988 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

10:14:53.0907 3988 IAANTMON - ok

10:14:53.0983 3988 iaStor (4f6fb2cdbdeefc47e7d2066e78254580) C:\Windows\system32\DRIVERS\iaStor.sys

10:14:54.0012 3988 iaStor - ok

10:14:54.0085 3988 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

10:14:54.0128 3988 iaStorV - ok

10:14:54.0279 3988 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

10:14:54.0320 3988 idsvc - ok

10:14:54.0864 3988 igfx (babd5f9b2bcc82ce556a0baf1ae208a7) C:\Windows\system32\DRIVERS\igdkmd64.sys

10:14:55.0142 3988 igfx - ok

10:14:55.0298 3988 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

10:14:55.0324 3988 iirsp - ok

10:14:55.0437 3988 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

10:14:55.0543 3988 IKEEXT - ok

10:14:55.0582 3988 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

10:14:55.0599 3988 intelide - ok

10:14:55.0637 3988 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

10:14:55.0676 3988 intelppm - ok

10:14:55.0733 3988 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

10:14:55.0812 3988 IPBusEnum - ok

10:14:55.0844 3988 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

10:14:55.0911 3988 IpFilterDriver - ok

10:14:55.0970 3988 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

10:14:56.0063 3988 iphlpsvc - ok

10:14:56.0102 3988 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

10:14:56.0141 3988 IPMIDRV - ok

10:14:56.0181 3988 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

10:14:56.0246 3988 IPNAT - ok

10:14:56.0390 3988 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe

10:14:56.0440 3988 iPod Service - ok

10:14:56.0464 3988 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

10:14:56.0563 3988 IRENUM - ok

10:14:56.0594 3988 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

10:14:56.0617 3988 isapnp - ok

10:14:56.0684 3988 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

10:14:56.0713 3988 iScsiPrt - ok

10:14:56.0758 3988 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

10:14:56.0780 3988 kbdclass - ok

10:14:56.0863 3988 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

10:14:56.0891 3988 kbdhid - ok

10:14:56.0927 3988 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

10:14:56.0954 3988 KeyIso - ok

10:14:56.0974 3988 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

10:14:56.0991 3988 KSecDD - ok

10:14:57.0023 3988 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

10:14:57.0065 3988 KSecPkg - ok

10:14:57.0099 3988 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

10:14:57.0169 3988 ksthunk - ok

10:14:57.0219 3988 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

10:14:57.0299 3988 KtmRm - ok

10:14:57.0408 3988 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

10:14:57.0500 3988 LanmanServer - ok

10:14:57.0554 3988 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

10:14:57.0676 3988 LanmanWorkstation - ok

10:14:57.0707 3988 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

10:14:57.0802 3988 lltdio - ok

10:14:57.0851 3988 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

10:14:57.0923 3988 lltdsvc - ok

10:14:57.0948 3988 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

10:14:57.0990 3988 lmhosts - ok

10:14:58.0018 3988 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

10:14:58.0035 3988 LSI_FC - ok

10:14:58.0072 3988 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

10:14:58.0089 3988 LSI_SAS - ok

10:14:58.0103 3988 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

10:14:58.0120 3988 LSI_SAS2 - ok

10:14:58.0139 3988 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

10:14:58.0157 3988 LSI_SCSI - ok

10:14:58.0192 3988 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

10:14:58.0274 3988 luafv - ok

10:14:58.0313 3988 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

10:14:58.0358 3988 Mcx2Svc - ok

10:14:58.0399 3988 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

10:14:58.0424 3988 megasas - ok

10:14:58.0456 3988 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

10:14:58.0481 3988 MegaSR - ok

10:14:58.0516 3988 mfebopk (dd7b52227da36f2718306c98e474b51b) C:\Windows\system32\drivers\mfebopk.sys

10:14:58.0536 3988 mfebopk - ok

10:14:58.0564 3988 mferkdk (624d717b11e5004f68442b5740f17f21) C:\Windows\system32\drivers\mferkdk.sys

10:14:58.0587 3988 mferkdk - ok

10:14:58.0615 3988 mfesmfk (0cd9de7b96735f33f078c4ea044e8b34) C:\Windows\system32\drivers\mfesmfk.sys

10:14:58.0628 3988 mfesmfk - ok

10:14:58.0676 3988 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

10:14:58.0766 3988 MMCSS - ok

10:14:58.0785 3988 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

10:14:58.0856 3988 Modem - ok

10:14:58.0899 3988 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

10:14:58.0953 3988 monitor - ok

10:14:59.0012 3988 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

10:14:59.0038 3988 mouclass - ok

10:14:59.0078 3988 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

10:14:59.0105 3988 mouhid - ok

10:14:59.0147 3988 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

10:14:59.0174 3988 mountmgr - ok

10:14:59.0247 3988 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys

10:14:59.0286 3988 MpFilter - ok

10:14:59.0329 3988 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

10:14:59.0369 3988 mpio - ok

10:14:59.0408 3988 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

10:14:59.0458 3988 mpsdrv - ok

10:14:59.0556 3988 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

10:14:59.0645 3988 MpsSvc - ok

10:14:59.0684 3988 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

10:14:59.0756 3988 MRxDAV - ok

10:14:59.0809 3988 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

10:14:59.0950 3988 mrxsmb - ok

10:15:00.0013 3988 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

10:15:00.0069 3988 mrxsmb10 - ok

10:15:00.0129 3988 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

10:15:00.0161 3988 mrxsmb20 - ok

10:15:00.0206 3988 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

10:15:00.0231 3988 msahci - ok

10:15:00.0278 3988 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

10:15:00.0322 3988 msdsm - ok

10:15:00.0358 3988 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

10:15:00.0422 3988 MSDTC - ok

10:15:00.0501 3988 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

10:15:00.0543 3988 Msfs - ok

10:15:00.0559 3988 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

10:15:00.0600 3988 mshidkmdf - ok

10:15:00.0636 3988 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

10:15:00.0652 3988 msisadrv - ok

10:15:00.0699 3988 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

10:15:00.0778 3988 MSiSCSI - ok

10:15:00.0786 3988 msiserver - ok

10:15:00.0827 3988 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

10:15:00.0916 3988 MSKSSRV - ok

10:15:01.0036 3988 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe

10:15:01.0063 3988 MsMpSvc - ok

10:15:01.0100 3988 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

10:15:01.0166 3988 MSPCLOCK - ok

10:15:01.0190 3988 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

10:15:01.0268 3988 MSPQM - ok

10:15:01.0317 3988 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

10:15:01.0361 3988 MsRPC - ok

10:15:01.0403 3988 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

10:15:01.0418 3988 mssmbios - ok

10:15:01.0450 3988 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

10:15:01.0520 3988 MSTEE - ok

10:15:01.0543 3988 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

10:15:01.0586 3988 MTConfig - ok

10:15:01.0616 3988 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

10:15:01.0632 3988 Mup - ok

10:15:01.0722 3988 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

10:15:01.0814 3988 napagent - ok

10:15:01.0871 3988 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

10:15:01.0932 3988 NativeWifiP - ok

10:15:02.0028 3988 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

10:15:02.0108 3988 NDIS - ok

10:15:02.0146 3988 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

10:15:02.0194 3988 NdisCap - ok

10:15:02.0222 3988 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

10:15:02.0275 3988 NdisTapi - ok

10:15:02.0334 3988 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

10:15:02.0397 3988 Ndisuio - ok

10:15:02.0443 3988 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

10:15:02.0541 3988 NdisWan - ok

10:15:02.0570 3988 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

10:15:02.0622 3988 NDProxy - ok

10:15:02.0643 3988 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

10:15:02.0700 3988 NetBIOS - ok

10:15:02.0737 3988 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

10:15:02.0829 3988 NetBT - ok

10:15:02.0863 3988 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

10:15:02.0880 3988 Netlogon - ok

10:15:02.0942 3988 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

10:15:03.0029 3988 Netman - ok

10:15:03.0114 3988 NetMsmqActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

10:15:03.0137 3988 NetMsmqActivator - ok

10:15:03.0144 3988 NetPipeActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

10:15:03.0162 3988 NetPipeActivator - ok

10:15:03.0203 3988 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

10:15:03.0318 3988 netprofm - ok

10:15:03.0324 3988 NetTcpActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

10:15:03.0337 3988 NetTcpActivator - ok

10:15:03.0342 3988 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

10:15:03.0356 3988 NetTcpPortSharing - ok

10:15:03.0408 3988 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

10:15:03.0435 3988 nfrd960 - ok

10:15:03.0500 3988 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

10:15:03.0523 3988 NisDrv - ok

10:15:03.0641 3988 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe

10:15:03.0681 3988 NisSrv - ok

10:15:03.0752 3988 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

10:15:03.0850 3988 NlaSvc - ok

10:15:03.0872 3988 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

10:15:03.0913 3988 Npfs - ok

10:15:03.0950 3988 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

10:15:04.0023 3988 nsi - ok

10:15:04.0057 3988 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

10:15:04.0132 3988 nsiproxy - ok

10:15:04.0286 3988 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

10:15:04.0365 3988 Ntfs - ok

10:15:04.0474 3988 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

10:15:04.0526 3988 Null - ok

10:15:04.0561 3988 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

10:15:04.0602 3988 nvraid - ok

10:15:04.0634 3988 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

10:15:04.0670 3988 nvstor - ok

10:15:04.0726 3988 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

10:15:04.0768 3988 nv_agp - ok

10:15:04.0890 3988 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

10:15:04.0927 3988 odserv - ok

10:15:04.0965 3988 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

10:15:05.0000 3988 ohci1394 - ok

10:15:05.0044 3988 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

10:15:05.0085 3988 ose - ok

10:15:05.0143 3988 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

10:15:05.0250 3988 p2pimsvc - ok

10:15:05.0316 3988 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

10:15:05.0364 3988 p2psvc - ok

10:15:05.0399 3988 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

10:15:05.0427 3988 Parport - ok

10:15:05.0464 3988 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

10:15:05.0491 3988 partmgr - ok

10:15:05.0517 3988 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

10:15:05.0586 3988 PcaSvc - ok

10:15:05.0619 3988 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

10:15:05.0659 3988 pci - ok

10:15:05.0679 3988 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

10:15:05.0694 3988 pciide - ok

10:15:05.0724 3988 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

10:15:05.0763 3988 pcmcia - ok

10:15:05.0777 3988 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

10:15:05.0793 3988 pcw - ok

10:15:05.0847 3988 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

10:15:05.0948 3988 PEAUTH - ok

10:15:06.0033 3988 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

10:15:06.0079 3988 PerfHost - ok

10:15:06.0223 3988 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

10:15:06.0346 3988 pla - ok

10:15:06.0423 3988 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

10:15:06.0515 3988 PlugPlay - ok

10:15:06.0552 3988 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

10:15:06.0579 3988 PNRPAutoReg - ok

10:15:06.0623 3988 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

10:15:06.0656 3988 PNRPsvc - ok

10:15:06.0725 3988 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

10:15:06.0916 3988 PolicyAgent - ok

10:15:06.0969 3988 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

10:15:07.0096 3988 Power - ok

10:15:07.0185 3988 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

10:15:07.0260 3988 PptpMiniport - ok

10:15:07.0304 3988 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

10:15:07.0360 3988 Processor - ok

10:15:07.0423 3988 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll

10:15:07.0540 3988 ProfSvc - ok

10:15:07.0578 3988 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

10:15:07.0594 3988 ProtectedStorage - ok

10:15:07.0692 3988 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

10:15:07.0766 3988 Psched - ok

10:15:07.0809 3988 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys

10:15:07.0823 3988 PSI - ok

10:15:07.0863 3988 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

10:15:07.0876 3988 PxHlpa64 - ok

10:15:07.0997 3988 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

10:15:08.0092 3988 ql2300 - ok

10:15:08.0247 3988 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

10:15:08.0273 3988 ql40xx - ok

10:15:08.0330 3988 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

10:15:08.0387 3988 QWAVE - ok

10:15:08.0434 3988 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

10:15:08.0472 3988 QWAVEdrv - ok

10:15:08.0490 3988 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

10:15:08.0580 3988 RasAcd - ok

10:15:08.0641 3988 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

10:15:08.0748 3988 RasAgileVpn - ok

10:15:08.0818 3988 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

10:15:08.0914 3988 RasAuto - ok

10:15:08.0964 3988 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

10:15:09.0036 3988 Rasl2tp - ok

10:15:09.0100 3988 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

10:15:09.0228 3988 RasMan - ok

10:15:09.0308 3988 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

10:15:09.0389 3988 RasPppoe - ok

10:15:09.0501 3988 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

10:15:09.0592 3988 RasSstp - ok

10:15:09.0742 3988 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

10:15:09.0825 3988 rdbss - ok

10:15:09.0855 3988 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

10:15:09.0919 3988 rdpbus - ok

10:15:09.0945 3988 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

10:15:10.0027 3988 RDPCDD - ok

10:15:10.0060 3988 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

10:15:10.0118 3988 RDPENCDD - ok

10:15:10.0142 3988 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

10:15:10.0192 3988 RDPREFMP - ok

10:15:10.0243 3988 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys

10:15:10.0397 3988 RDPWD - ok

10:15:10.0546 3988 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

10:15:10.0566 3988 rdyboost - ok

10:15:10.0729 3988 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

10:15:10.0840 3988 RemoteAccess - ok

10:15:10.0892 3988 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

10:15:11.0016 3988 RemoteRegistry - ok

10:15:11.0521 3988 RoxMediaDB10 (05fc44d32a144925eae45570029fd6e1) c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

10:15:11.0656 3988 RoxMediaDB10 - ok

10:15:11.0698 3988 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

10:15:11.0809 3988 RpcEptMapper - ok

10:15:11.0838 3988 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

10:15:11.0930 3988 RpcLocator - ok

10:15:11.0989 3988 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

10:15:12.0062 3988 RpcSs - ok

10:15:12.0105 3988 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

10:15:12.0259 3988 rspndr - ok

10:15:12.0315 3988 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys

10:15:12.0523 3988 RSUSBSTOR - ok

10:15:12.0537 3988 RxFilter - ok

10:15:12.0570 3988 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

10:15:12.0587 3988 SamSs - ok

10:15:12.0629 3988 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

10:15:12.0655 3988 sbp2port - ok

10:15:12.0701 3988 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

10:15:12.0820 3988 SCardSvr - ok

10:15:12.0862 3988 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

10:15:13.0064 3988 scfilter - ok

10:15:13.0173 3988 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

10:15:13.0295 3988 Schedule - ok

10:15:13.0332 3988 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

10:15:13.0380 3988 SCPolicySvc - ok

10:15:13.0429 3988 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

10:15:13.0567 3988 SDRSVC - ok

10:15:13.0627 3988 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

10:15:13.0687 3988 secdrv - ok

10:15:13.0729 3988 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

10:15:13.0818 3988 seclogon - ok

10:15:14.0046 3988 Secunia PSI Agent (5b66db4877bbac9f7493aa8d84421e49) C:\Program Files (x86)\Secunia\PSI\PSIA.exe

10:15:14.0144 3988 Secunia PSI Agent - ok

10:15:14.0195 3988 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

10:15:14.0266 3988 SENS - ok

10:15:14.0301 3988 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

10:15:14.0481 3988 SensrSvc - ok

10:15:14.0527 3988 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

10:15:14.0621 3988 Serenum - ok

10:15:14.0644 3988 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

10:15:14.0758 3988 Serial - ok

10:15:14.0791 3988 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

10:15:14.0937 3988 sermouse - ok

10:15:14.0990 3988 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

10:15:15.0098 3988 SessionEnv - ok

10:15:15.0131 3988 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

10:15:15.0307 3988 sffdisk - ok

10:15:15.0376 3988 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

10:15:15.0458 3988 sffp_mmc - ok

10:15:15.0480 3988 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

10:15:15.0515 3988 sffp_sd - ok

10:15:15.0556 3988 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

10:15:15.0595 3988 sfloppy - ok

10:15:15.0719 3988 SftService (7f475425582163602ef1589c0071e521) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

10:15:15.0758 3988 SftService - ok

10:15:15.0820 3988 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

10:15:15.0891 3988 SharedAccess - ok

10:15:15.0954 3988 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

10:15:16.0105 3988 ShellHWDetection - ok

10:15:16.0194 3988 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

10:15:16.0210 3988 SiSRaid2 - ok

10:15:16.0270 3988 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

10:15:16.0305 3988 SiSRaid4 - ok

10:15:16.0397 3988 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe

10:15:16.0450 3988 SkypeUpdate - ok

10:15:16.0538 3988 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

10:15:16.0654 3988 Smb - ok

10:15:16.0721 3988 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

10:15:16.0774 3988 SNMPTRAP - ok

10:15:16.0798 3988 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

10:15:16.0814 3988 spldr - ok

10:15:16.0887 3988 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

10:15:16.0959 3988 Spooler - ok

10:15:17.0262 3988 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

10:15:17.0507 3988 sppsvc - ok

10:15:17.0655 3988 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

10:15:17.0716 3988 sppuinotify - ok

10:15:17.0799 3988 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

10:15:17.0882 3988 srv - ok

10:15:17.0933 3988 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

10:15:17.0967 3988 srv2 - ok

10:15:17.0999 3988 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

10:15:18.0053 3988 srvnet - ok

10:15:18.0109 3988 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

10:15:18.0206 3988 SSDPSRV - ok

10:15:18.0223 3988 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

10:15:18.0269 3988 SstpSvc - ok

10:15:18.0393 3988 STacSV (444109453a2b87e6c16bcda5953e81a9) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe

10:15:18.0461 3988 STacSV - ok

10:15:18.0556 3988 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

10:15:18.0573 3988 stexstor - ok

10:15:18.0628 3988 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys

10:15:18.0688 3988 STHDA - ok

10:15:18.0822 3988 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

10:15:18.0965 3988 stisvc - ok

10:15:19.0084 3988 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

10:15:19.0145 3988 stllssvr - ok

10:15:19.0208 3988 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

10:15:19.0233 3988 swenum - ok

10:15:19.0418 3988 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

10:15:19.0521 3988 swprv - ok

10:15:19.0696 3988 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

10:15:19.0798 3988 SysMain - ok

10:15:19.0941 3988 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

10:15:20.0069 3988 TabletInputService - ok

10:15:20.0147 3988 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

10:15:20.0248 3988 TapiSrv - ok

10:15:20.0361 3988 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

10:15:20.0438 3988 TBS - ok

10:15:20.0941 3988 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

10:15:21.0048 3988 Tcpip - ok

10:15:22.0431 3988 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

10:15:22.0488 3988 TCPIP6 - ok

10:15:22.0937 3988 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

10:15:23.0374 3988 tcpipreg - ok

10:15:23.0750 3988 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

10:15:24.0107 3988 TDPIPE - ok

10:15:24.0283 3988 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

10:15:24.0327 3988 TDTCP - ok

10:15:24.0501 3988 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

10:15:24.0625 3988 tdx - ok

10:15:24.0666 3988 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

10:15:24.0694 3988 TermDD - ok

10:15:24.0938 3988 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

10:15:25.0177 3988 TermService - ok

10:15:25.0358 3988 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

10:15:25.0405 3988 Themes - ok

10:15:25.0495 3988 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

10:15:25.0552 3988 THREADORDER - ok

10:15:25.0607 3988 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

10:15:25.0697 3988 TrkWks - ok

10:15:25.0818 3988 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

10:15:26.0128 3988 TrustedInstaller - ok

10:15:26.0221 3988 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

10:15:26.0298 3988 tssecsrv - ok

10:15:26.0383 3988 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

10:15:26.0427 3988 TsUsbFlt - ok

10:15:26.0500 3988 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

10:15:26.0630 3988 tunnel - ok

10:15:26.0700 3988 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

10:15:26.0734 3988 uagp35 - ok

10:15:27.0082 3988 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

10:15:27.0232 3988 udfs - ok

10:15:27.0309 3988 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

10:15:27.0338 3988 UI0Detect - ok

10:15:27.0490 3988 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

10:15:27.0507 3988 uliagpkx - ok

10:15:28.0180 3988 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

10:15:28.0352 3988 umbus - ok

10:15:28.0396 3988 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

10:15:28.0458 3988 UmPass - ok

10:15:28.0541 3988 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

10:15:28.0636 3988 upnphost - ok

10:15:28.0762 3988 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys

10:15:28.0919 3988 USBAAPL64 - ok

10:15:28.0985 3988 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

10:15:29.0083 3988 usbccgp - ok

10:15:29.0140 3988 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

10:15:29.0173 3988 usbcir - ok

10:15:29.0203 3988 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

10:15:29.0255 3988 usbehci - ok

10:15:29.0329 3988 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

10:15:29.0406 3988 usbhub - ok

10:15:29.0441 3988 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys

10:15:29.0468 3988 usbohci - ok

10:15:29.0499 3988 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

10:15:29.0548 3988 usbprint - ok

10:15:29.0611 3988 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

10:15:29.0681 3988 USBSTOR - ok

10:15:29.0764 3988 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys

10:15:29.0812 3988 usbuhci - ok

10:15:29.0964 3988 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

10:15:30.0075 3988 usbvideo - ok

10:15:30.0427 3988 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

10:15:30.0524 3988 UxSms - ok

10:15:30.0571 3988 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

10:15:30.0597 3988 VaultSvc - ok

10:15:30.0646 3988 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

10:15:30.0672 3988 vdrvroot - ok

10:15:30.0749 3988 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

10:15:30.0840 3988 vds - ok

10:15:30.0890 3988 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

10:15:30.0914 3988 vga - ok

10:15:30.0942 3988 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

10:15:31.0000 3988 VgaSave - ok

10:15:31.0052 3988 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

10:15:31.0089 3988 vhdmp - ok

10:15:31.0119 3988 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

10:15:31.0135 3988 viaide - ok

10:15:31.0169 3988 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

10:15:31.0194 3988 volmgr - ok

10:15:31.0281 3988 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

10:15:31.0365 3988 volmgrx - ok

10:15:31.0426 3988 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

10:15:31.0473 3988 volsnap - ok

10:15:31.0552 3988 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

10:15:31.0627 3988 vsmraid - ok

10:15:31.0804 3988 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

10:15:31.0997 3988 VSS - ok

10:15:32.0163 3988 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

10:15:32.0211 3988 vwifibus - ok

10:15:32.0244 3988 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

10:15:32.0286 3988 vwififlt - ok

10:15:32.0346 3988 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

10:15:32.0378 3988 vwifimp - ok

10:15:32.0423 3988 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

10:15:32.0493 3988 W32Time - ok

10:15:32.0694 3988 W3SVC (b32009db1972e7f2c227499289c4384a) C:\Windows\system32\inetsrv\iisw3adm.dll

10:15:32.0777 3988 W3SVC - ok

10:15:32.0833 3988 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

10:15:32.0872 3988 WacomPen - ok

10:15:32.0932 3988 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

10:15:33.0016 3988 WANARP - ok

10:15:33.0020 3988 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

10:15:33.0061 3988 Wanarpv6 - ok

10:15:33.0117 3988 WAS (b32009db1972e7f2c227499289c4384a) C:\Windows\system32\inetsrv\iisw3adm.dll

10:15:33.0151 3988 WAS - ok

10:15:33.0314 3988 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

10:15:33.0416 3988 WatAdminSvc - ok

10:15:33.0573 3988 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

10:15:33.0667 3988 wbengine - ok

10:15:33.0800 3988 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

10:15:33.0877 3988 WbioSrvc - ok

10:15:33.0928 3988 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

10:15:33.0996 3988 wcncsvc - ok

10:15:34.0019 3988 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

10:15:34.0086 3988 WcsPlugInService - ok

10:15:34.0166 3988 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

10:15:34.0191 3988 Wd - ok

10:15:34.0258 3988 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

10:15:34.0300 3988 Wdf01000 - ok

10:15:34.0319 3988 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

10:15:34.0423 3988 WdiServiceHost - ok

10:15:34.0428 3988 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

10:15:34.0457 3988 WdiSystemHost - ok

10:15:34.0521 3988 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

10:15:34.0598 3988 WebClient - ok

10:15:34.0654 3988 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

10:15:34.0780 3988 Wecsvc - ok

10:15:34.0802 3988 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

10:15:34.0860 3988 wercplsupport - ok

10:15:34.0927 3988 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

10:15:34.0980 3988 WerSvc - ok

10:15:35.0040 3988 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

10:15:35.0093 3988 WfpLwf - ok

10:15:35.0134 3988 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

10:15:35.0172 3988 WimFltr - ok

10:15:35.0193 3988 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

10:15:35.0212 3988 WIMMount - ok

10:15:35.0256 3988 WinDefend - ok

10:15:35.0276 3988 WinHttpAutoProxySvc - ok

10:15:35.0362 3988 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

10:15:35.0451 3988 Winmgmt - ok

10:15:35.0670 3988 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

10:15:35.0861 3988 WinRM - ok

10:15:36.0051 3988 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

10:15:36.0099 3988 WinUsb - ok

10:15:36.0188 3988 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

10:15:36.0254 3988 Wlansvc - ok

10:15:36.0319 3988 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE

10:15:36.0343 3988 wltrysvc ( UnsignedFile.Multi.Generic ) - warning

10:15:36.0343 3988 wltrysvc - detected UnsignedFile.Multi.Generic (1)

10:15:36.0406 3988 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

10:15:36.0448 3988 WmiAcpi - ok

10:15:36.0534 3988 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

10:15:36.0595 3988 wmiApSrv - ok

10:15:36.0632 3988 WMPNetworkSvc - ok

10:15:36.0673 3988 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

10:15:36.0733 3988 WPCSvc - ok

10:15:36.0771 3988 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

10:15:36.0871 3988 WPDBusEnum - ok

10:15:36.0909 3988 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

10:15:36.0959 3988 ws2ifsl - ok

10:15:37.0029 3988 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

10:15:37.0078 3988 wscsvc - ok

10:15:37.0085 3988 WSearch - ok

10:15:37.0307 3988 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll

10:15:37.0411 3988 wuauserv - ok

10:15:37.0561 3988 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

10:15:37.0642 3988 WudfPf - ok

10:15:37.0683 3988 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

10:15:37.0813 3988 WUDFRd - ok

10:15:37.0846 3988 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

10:15:37.0891 3988 wudfsvc - ok

10:15:37.0925 3988 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

10:15:37.0975 3988 WwanSvc - ok

10:15:38.0097 3988 yukonw7 (79d9ce9614c955dd31aa2556b4014662) C:\Windows\system32\DRIVERS\yk62x64.sys

10:15:38.0166 3988 yukonw7 - ok

10:15:38.0207 3988 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0

10:15:38.0561 3988 \Device\Harddisk0\DR0 - ok

10:15:38.0566 3988 Boot (0x1200) (ce1660b4a78827026eab557be1bfe095) \Device\Harddisk0\DR0\Partition0

10:15:38.0568 3988 \Device\Harddisk0\DR0\Partition0 - ok

10:15:38.0606 3988 Boot (0x1200) (3f759e083daa0bfc53855744e15a6d5a) \Device\Harddisk0\DR0\Partition1

10:15:38.0608 3988 \Device\Harddisk0\DR0\Partition1 - ok

10:15:38.0609 3988 ============================================================

10:15:38.0609 3988 Scan finished

10:15:38.0609 3988 ============================================================

10:15:38.0629 0360 Detected object count: 2

10:15:38.0629 0360 Actual detected object count: 2

10:15:51.0119 0360 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user

10:15:51.0119 0360 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:15:51.0120 0360 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user

10:15:51.0120 0360 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:15:54.0080 2468 Deinitialize success

Malwarebytes anti malware log

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.07.05.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Jennifer :: JENNIFER-PC [administrator]

7/5/2012 10:16:39 AM

mbam-log-2012-07-05 (10-16-39).txt

Scan type: Quick scan

Scan options disabled: P2P

Objects scanned: 287668

Time elapsed: 7 minute(s), 49 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Maniac · July 5, 2012

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

screen317 · July 9, 2012

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

LDTate · July 13, 2012

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Sign In

Infected with mydomainadvisor.com

Recommended Posts

dah1877

Link to post

Share on other sites

Maniac

Link to post

Share on other sites

dah1877

Link to post

Share on other sites

dah1877

Link to post

Share on other sites

Maniac

Link to post

Share on other sites

screen317

Link to post

Share on other sites

LDTate

Link to post

Share on other sites

Recently Browsing 0 members

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information