Jump to content

Please help trojan svc.exe cant get rid of it logs attached


Recommended Posts

I am not a computer expert but I ran Malware and have two trojan svc.exe detected I have attached DDS, ATTACH and Rogue Killers. I am desperate I work from home and in desperate help

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

DDS

DDS (Ver_2012-10-14.05) - NTFS_AMD64 NETWORK

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_32

Run by Luis at 15:32:03 on 2012-10-18

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3895.2767 [GMT -4:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\Explorer.EXE

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\system32\rundll32.exe

C:\Windows\system32\ctfmon.exe

C:\Users\Luis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Luis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Luis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Luis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Luis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Luis\Downloads\RogueKiller (1).exe

\\.\globalroot\systemroot\svchost.exe -netsvcs

C:\Windows\system32\conhost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

mWinlogon: Userinit = userinit.exe,

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [Google Update] "C:\Users\Luis\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [Desktop Software] "C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe" /ini "C:\Program Files (x86)\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden

uRun: [ComcastAntispyClient] "C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide

uRun: [Media Finder] "C:\Program Files (x86)\Media Finder\MF.exe" /opentotray

uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot

mRun: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{1F0184A2-B1A8-4EAB-BF2C-41A58597C6C9} : NameServer = 66.1.64.132 66.1.64.133

TCP: Interfaces\{62F5C3E3-4B41-4E85-AC88-D78C9576FA9F} : NameServer = 8.8.8.8,8.8.4.4

TCP: Interfaces\{B557AC97-7BC6-40E1-9EA9-CE4808F4A09E} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{B557AC97-7BC6-40E1-9EA9-CE4808F4A09E}\160747430383D27657563747 : DHCPNameServer = 192.168.3.1

TCP: Interfaces\{B557AC97-7BC6-40E1-9EA9-CE4808F4A09E}\77962756C6563737 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{B557AC97-7BC6-40E1-9EA9-CE4808F4A09E}\C43564C4F4255435 : DHCPNameServer = 10.0.0.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp

x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\ProgramData\konasys32\gska\belsys.exe,

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe

x64-Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray

x64-Run: [stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet

x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Luis\AppData\Roaming\Mozilla\Firefox\Profiles\d15i9m86.default\

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\Luis\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll

FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: !HIDDEN! 2011-06-26 16:44; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-3-10 55856]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-3-10 56344]

R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-3-18 7680512]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]

S0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]

S2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-3-10 89600]

S2 AntiSpywareService;Comcast AntiSpyware;C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-6-17 616408]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-13 136176]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-3-10 13336]

S2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 128456]

S2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-3-10 1692480]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-4-2 2271608]

S2 Tether;Tether;C:\Program Files (x86)\Tether\TBService.exe [2012-3-24 91584]

S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-3-10 2320920]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-25 250808]

S3 bcm;WiMAX Network Adapter;C:\Windows\System32\drivers\drxvi314_64.sys [2010-3-26 359040]

S3 bcmbusctr;WiMAX Bus Driver;C:\Windows\System32\drivers\BcmBusCtr_64.sys [2010-3-26 62976]

S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2011-3-10 53800]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-3-10 35104]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-3-10 172704]

S3 gpslc64;gpslc64;C:\Windows\System32\drivers\gpslc64.sys [2011-4-22 95872]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-13 136176]

S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-3-10 158976]

S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-3-10 289280]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 qrkis;Tether Miniport;C:\Windows\System32\drivers\qrkis.sys [2012-3-24 52640]

S3 rcmirror;rcmirror;C:\Windows\System32\drivers\rcmirror.sys [2010-1-18 4608]

S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-3-10 250984]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-10 325152]

S3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

S3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

S3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

S3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

S3 Svk2pl;GigawareX USB to Serial Driver;C:\Windows\System32\drivers\Svk2pl64.sys [2012-3-27 97280]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-26 59392]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-3 1255736]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-10-18 18:48:07 20480 ----a-w- C:\Windows\svchost.exe

2012-10-18 18:05:13 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{13A80102-3190-4CC2-BD98-CAAB00391B8D}\mpengine.dll

2012-10-18 15:59:06 -------- d-----w- C:\Users\Luis\AppData\Local\ID Vault

2012-10-18 15:59:06 -------- d-----w- C:\ProgramData\IsolatedStorage

2012-10-18 15:58:24 -------- d-----w- C:\Users\Luis\AppData\Roaming\ID Vault

2012-10-18 15:57:51 -------- d-----w- C:\Program Files (x86)\Constant Guard Protection Suite

2012-10-18 15:44:09 -------- d-----w- C:\ProgramData\White Sky, Inc

2012-10-17 00:34:47 5632 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\DB4D.tmp

2012-10-17 00:34:47 5632 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\DB3C.tmp

2012-10-10 23:58:06 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-10-10 02:21:47 220160 ----a-w- C:\Windows\System32\wintrust.dll

2012-10-10 02:21:46 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-10-10 02:21:41 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-10-10 02:21:41 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-10-10 02:21:34 715776 ----a-w- C:\Windows\System32\kerberos.dll

2012-10-10 02:21:34 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll

2012-10-10 02:21:29 1464320 ----a-w- C:\Windows\System32\crypt32.dll

2012-10-10 02:21:27 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-10-10 02:21:25 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-10-10 02:21:25 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-10-10 02:21:25 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-10-10 02:21:24 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-10-06 20:39:26 972192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5D8A3101-CA51-4C30-AF52-6A2F14F16162}\gapaengine.dll

2012-09-25 22:49:16 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe

2012-09-22 15:09:34 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2012-09-22 15:08:43 -------- d-----w- C:\Program Files\iPod

2012-09-22 15:08:42 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-09-22 15:08:42 -------- d-----w- C:\Program Files\iTunes

2012-09-22 15:08:42 -------- d-----w- C:\Program Files (x86)\iTunes

2012-09-22 15:05:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2012-09-22 15:05:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2012-09-22 15:05:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2012-09-22 15:05:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2012-09-22 15:05:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2012-09-22 15:05:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2012-09-22 15:05:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll

.

==================== Find3M ====================

.

2012-10-09 21:56:16 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-09 21:56:16 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-09-29 23:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2012-08-31 02:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys

2012-08-31 02:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys

2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-08-24 18:05:06 1188864 ----a-w- C:\Windows\System32\wininet.dll

2012-08-24 16:57:48 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-08-24 15:59:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2012-08-24 15:20:39 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys

2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys

2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

2012-08-21 17:01:20 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll

2012-08-21 17:01:20 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll

2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll

2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll

2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll

2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll

2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe

2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe

2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll

2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll

============= FINISH: 15:33:27.01 ===============

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Attach

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-10-14.05)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 4/2/2011 1:09:50 PM

System Uptime: 10/18/2012 2:57:43 PM (1 hours ago)

.

Motherboard: Dell Inc. | | 0WXY9J

Processor: Intel® Core i3 CPU M 380 @ 2.53GHz | CPU 1 | 2527/533mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 581 GiB total, 489.518 GiB free.

D: is CDROM (UDF)

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Tether Ethernet Adapter

Device ID: ROOT\ROOT&QRKIS\0000

Manufacturer: Tether

Name: Tether Ethernet Adapter

PNP Device ID: ROOT\ROOT&QRKIS\0000

Service: qrkis

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Security Processor Loader Driver

Device ID: ROOT\LEGACY_SPLDR\0000

Manufacturer:

Name: Security Processor Loader Driver

PNP Device ID: ROOT\LEGACY_SPLDR\0000

Service: spldr

.

==== System Restore Points ===================

.

RP242: 10/2/2012 6:03:21 PM - Windows Update

RP243: 10/6/2012 4:38:09 PM - Windows Update

RP244: 10/9/2012 5:59:32 PM - Windows Update

RP245: 10/9/2012 10:34:07 PM - Windows Update

RP246: 10/11/2012 3:00:40 AM - Windows Update

RP247: 10/14/2012 8:25:54 PM - Windows Update

RP248: 10/16/2012 9:00:17 PM - Windows Update

RP249: 10/18/2012 2:18:13 PM - Windows Update

.

==== Installed Programs ======================

.

64 Bit HP CIO Components Installer

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.2

Advanced Audio FX Engine

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Bing Rewards Client Installer

Bonjour

BufferChm

CA Pest Patrol Realtime Protection

Caterpillar Comm Adapter 3

Caterpillar Electronic Technician 2011B v1.0

CCleaner

CDBurnerXP

Comcast Desktop Software (v1.2.1)

Coupon Printer for Windows

Cozi

CutePDF Writer 2.8

D110

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Edoc Viewer

Dell Getting Started Guide

Dell Home Systems Service Agreement

Dell MusicStage

Dell Perks Webslice IE8

Dell PhotoStage

Dell Product Registration

Dell Stage

Dell Stage Remote

Dell Support Center

Dell VideoStage

Dell Webcam Central

Destinations

DeviceDiscovery

DirectX 9 Runtime

DVD43 Plug-in v1.0.0.5

eBay

Gigaware USB to Serial Cable Driver Installer

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

GoToAssist 8.0.0.514

GPBaseService2

Hewlett-Packard ACLM.NET v1.1.0.0

HP Customer Participation Program 14.0

HP Imaging Device Functions 14.0

HP Photo Creations

HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7

HP Product Detection

HP Smart Web Printing 4.60

HP Solution Center 14.0

HP Update

HPAppStudio

HPPhotoGadget

HPProductAssistant

HPSSupply

iCloud

IDT Audio

InstallVC90Support

Intel PROSet Wireless

Intel® Control Center

Intel® Graphics Media Accelerator Driver

Intel® Management Engine Components

Intel® PROSet/Wireless WiFi Software

Intel® Rapid Storage Technology

Internet Explorer

iTrail

iTunes

Java Auto Updater

Java 6 Update 23 (64-bit)

Java 6 Update 32

Junk Mail filter update

Live! Cam Avatar Creator

Malwarebytes Anti-Malware version 1.65.1.1000

MarketResearch

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office 2010

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft PowerPoint Viewer

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

MobileMe Control Panel

Mozilla Firefox 11.0 (x86 en-US)

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Network64

Norton Security Scan

OpenOffice.org 3.4

PhoneFile PRO

PhotoShowExpress

PS_AIO_07_D110_SW_Min

Quickset64

QuickTime

QuickTransfer

RBVirtualFolder64Inst

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek USB 2.0 Card Reader

RealUpgrade 1.1

Roxio Activation Module

Roxio BackOnTrack

Roxio Burn

Roxio Creator Starter

Roxio Express Labeler 3

Roxio File Backup

Safari

Scan

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition

Shop for HP Supplies

Skype Toolbars

Skype™ 5.10

SmartWebPrinting

SolutionCenter

Sonic CinePlayer Decoder Pack

Status

Synaptics Pointing Device Driver

TeamViewer 6

Tether 2.1.0.0

Toolbox

TrayApp

TrustedID

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

WebReg

WIDCOMM Bluetooth Software

WildTangent Games

Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (03/24/2010 6.3.0.2501)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

XFINITY Toolbar

.

==== Event Viewer Messages From Past Week ========

.

10/18/2012 3:29:30 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

10/18/2012 3:08:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.1778.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

10/18/2012 3:08:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

10/18/2012 2:58:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

10/18/2012 2:58:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

10/18/2012 2:58:38 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21

10/18/2012 2:58:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

10/18/2012 2:58:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

10/18/2012 2:58:19 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter NetworkX spldr Wanarpv6

10/18/2012 2:58:19 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.

10/18/2012 2:58:12 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800033da63a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101812-20358-01.

10/18/2012 2:48:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

10/18/2012 2:47:15 PM, Error: Service Control Manager [7000] - The PCSMHNT service failed to start due to the following error: This driver has been blocked from loading

10/18/2012 2:47:15 PM, Error: Service Control Manager [7000] - The PARCAII service failed to start due to the following error: This driver has been blocked from loading

10/18/2012 2:47:15 PM, Error: Service Control Manager [7000] - The J1939NT service failed to start due to the following error: This driver has been blocked from loading

10/18/2012 2:47:15 PM, Error: Service Control Manager [7000] - The J1708NT service failed to start due to the following error: This driver has been blocked from loading

10/18/2012 2:47:15 PM, Error: Service Control Manager [7000] - The DLASIPNT service failed to start due to the following error: This driver has been blocked from loading

10/18/2012 2:47:15 PM, Error: Service Control Manager [7000] - The DLADRVNT service failed to start due to the following error: This driver has been blocked from loading

10/18/2012 2:47:15 PM, Error: Service Control Manager [7000] - The CATLNKNT service failed to start due to the following error: This driver has been blocked from loading

10/18/2012 2:47:15 PM, Error: Service Control Manager [7000] - The CANNT service failed to start due to the following error: This driver has been blocked from loading

10/18/2012 2:47:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\PCSMHNT.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

10/18/2012 2:47:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\PARCAII.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

10/18/2012 2:47:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\J1939NT.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

10/18/2012 2:47:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\J1708NT.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

10/18/2012 2:47:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\DLASIPNT.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

10/18/2012 2:47:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\DLADRVNT.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

10/18/2012 2:47:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\CATLNKNT.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

10/18/2012 2:47:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\CANNT.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

10/18/2012 2:32:58 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.1778.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

10/18/2012 2:22:47 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000000000df, 0x0000000000000002, 0x0000000000000001, 0xfffff800030bd0c5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101812-19172-01.

10/18/2012 2:18:55 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll

10/18/2012 2:18:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.1778.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

10/18/2012 2:05:13 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 1.137.1778.0;1.137.1778.0 Engine version: 1.1.8800.0

10/18/2012 12:43:49 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8005faabb0, 0x0000000000000000, 0x000000007efa8000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101812-35162-01.

10/18/2012 12:35:10 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.1964.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

10/18/2012 12:24:43 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800033bd63a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101812-28735-01.

10/18/2012 12:22:04 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the CGPS Service service to connect.

10/18/2012 12:22:04 PM, Error: Service Control Manager [7000] - The CGPS Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

10/18/2012 12:18:13 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000279163a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101812-23306-01.

10/18/2012 12:03:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}

10/18/2012 11:58:46 AM, Error: Service Control Manager [7030] - The CGPS Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

10/18/2012 11:58:35 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.1964.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

10/18/2012 11:58:00 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

10/18/2012 11:40:41 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000338d63a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101812-22635-01.

10/18/2012 11:35:10 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800033d763a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101812-23696-01.

10/17/2012 6:47:31 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

10/17/2012 6:47:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

10/17/2012 6:47:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

10/17/2012 6:46:58 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000337f63a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101712-23961-01.

10/17/2012 6:46:56 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache MpFilter NetBIOS NetBT NetworkX nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf

10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

10/16/2012 8:44:15 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 1.137.1691.0;1.137.1691.0 Engine version: 1.1.8800.0

10/16/2012 10:38:31 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.1964.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x800704c7 Error description: The operation was canceled by the user.

10/15/2012 6:09:37 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

10/13/2012 1:45:04 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Tether service.

.

==== End Of File ===========================

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Rogue Killer

RogueKiller V8.1.1 [10/01/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website: http://tigzy.geekstogo.com/roguekiller.php

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Safe mode with network support

User : Luis [Admin rights]

Mode : Scan -- Date : 10/18/2012 15:29:04

¤¤¤ Bad processes : 2 ¤¤¤

[sUSP PATH] belsys.exe -- C:\ProgramData\konasys32\gska\belsys.exe -> KILLED [TermProc]

[sVCHOST] svchost.exe -- \\.\globalroot\systemroot\svchost.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 5 ¤¤¤

[sHELL][sUSP PATH] HKLM\[...]\Winlogon : Userinit (C:\Windows\system32\userinit.exe,C:\ProgramData\konasys32\gska\belsys.exe,) -> FOUND

[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{1F0184A2-B1A8-4EAB-BF2C-41A58597C6C9} : NameServer (66.1.64.132 66.1.64.133) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{1F0184A2-B1A8-4EAB-BF2C-41A58597C6C9} : NameServer (66.1.64.132 66.1.64.133) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9640320AS +++++

--- User ---

[MBR] e9cdd8ccce2b79834667594fa2b862cc

[bSP] 19142f98348fd2f171581937f599a92f : Windows 7 MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 595378 Mo

User != LL1 ... KO!

--- LL1 ---

[MBR] 743c545e542fa555971ec7df007e3f4d

[bSP] 19142f98348fd2f171581937f599a92f : Windows 7 MBR Code

Partition table:

1 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo

3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 595378 Mo

User != LL2 ... KO!

--- LL2 ---

[MBR] 743c545e542fa555971ec7df007e3f4d

[bSP] 19142f98348fd2f171581937f599a92f : Windows 7 MBR Code

Partition table:

1 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo

3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 595378 Mo

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites

Welcome to the forum.

Run RogueKiller again and click Scan

When the scan completes > click on the Registry tab

Put a check next to all of these and uncheck the rest: (if found)

[sHELL][sUSP PATH] HKLM\[...]\Winlogon : Userinit (C:\Windows\system32\userinit.exe,C:\ProgramData\konasys32\gska\belsys.exe,) -> FOUND

Now click Delete on the right hand column under Options

-------------

Next click on the Processes tab and put a check next to these and uncheck the rest. (if found)

[sUSP PATH] belsys.exe -- C:\ProgramData\konasys32\gska\belsys.exe -> KILLED [TermProc]

[sVCHOST] svchost.exe -- \\.\globalroot\systemroot\svchost.exe -> KILLED [TermProc]

Now click Delete on the right hand column under Options

~~~~~~~~~~~~~~~~~

Next...........

Please read the directions carefully so you don't end up deleting something that is good!!

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    clip.jpg
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
    Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose Skip.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here. There may be 3 logs > so post or attach all of them.
  • Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose Skip.

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

Link to post
Share on other sites

16:16:37.0886 3392 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47

16:16:38.0214 3392 ============================================================

16:16:38.0214 3392 Current date / time: 2012/10/18 16:16:38.0214

16:16:38.0214 3392 SystemInfo:

16:16:38.0214 3392

16:16:38.0214 3392 OS Version: 6.1.7601 ServicePack: 1.0

16:16:38.0214 3392 Product type: Workstation

16:16:38.0214 3392 ComputerName: LUIS-PC

16:16:38.0214 3392 UserName: Luis

16:16:38.0214 3392 Windows directory: C:\Windows

16:16:38.0214 3392 System windows directory: C:\Windows

16:16:38.0214 3392 Running under WOW64

16:16:38.0214 3392 Processor architecture: Intel x64

16:16:38.0214 3392 Number of processors: 4

16:16:38.0214 3392 Page size: 0x1000

16:16:38.0214 3392 Boot type: Normal boot

16:16:38.0214 3392 ============================================================

16:16:40.0023 3392 BG loaded

16:16:40.0476 3392 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:16:40.0476 3392 ============================================================

16:16:40.0476 3392 \Device\Harddisk0\DR0:

16:16:40.0476 3392 MBR partitions:

16:16:40.0476 3392 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000

16:16:40.0491 3392 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0

16:16:40.0491 3392 ============================================================

16:16:40.0585 3392 C: <-> \Device\Harddisk0\DR0\Partition2

16:16:40.0585 3392 ============================================================

16:16:40.0585 3392 Initialize success

16:16:40.0585 3392 ============================================================

16:16:45.0561 0916 ============================================================

16:16:45.0561 0916 Scan started

16:16:45.0561 0916 Mode: Manual;

16:16:45.0561 0916 ============================================================

16:16:56.0528 0916 ================ Scan system memory ========================

16:16:56.0528 0916 System memory - ok

16:16:56.0528 0916 ================ Scan services =============================

16:16:59.0454 0916 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

16:16:59.0469 0916 1394ohci - ok

16:17:01.0450 0916 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

16:17:01.0466 0916 ACPI - ok

16:17:03.0338 0916 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

16:17:03.0338 0916 AcpiPmi - ok

16:17:06.0801 0916 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

16:17:06.0832 0916 AdobeFlashPlayerUpdateSvc - ok

16:17:10.0327 0916 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

16:17:10.0342 0916 adp94xx - ok

16:17:12.0605 0916 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

16:17:12.0745 0916 adpahci - ok

16:17:13.0463 0916 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

16:17:13.0463 0916 adpu320 - ok

16:17:15.0072 0916 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

16:17:15.0296 0916 AeLookupSvc - ok

16:17:17.0269 0916 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe

16:17:17.0270 0916 AESTFilters - ok

16:17:19.0460 0916 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

16:17:19.0460 0916 AFD - ok

16:17:20.0724 0916 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

16:17:20.0724 0916 agp440 - ok

16:17:24.0259 0916 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

16:17:24.0263 0916 ALG - ok

16:17:25.0995 0916 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

16:17:26.0324 0916 aliide - ok

16:17:27.0851 0916 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

16:17:27.0854 0916 amdide - ok

16:17:29.0451 0916 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

16:17:29.0454 0916 AmdK8 - ok

16:17:29.0573 0916 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

16:17:29.0578 0916 AmdPPM - ok

16:17:31.0584 0916 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

16:17:31.0587 0916 amdsata - ok

16:17:31.0917 0916 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

16:17:31.0977 0916 amdsbs - ok

16:17:32.0033 0916 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

16:17:32.0036 0916 amdxata - ok

16:17:35.0061 0916 [ F9DAC844B1D370DA4C984D4C22F5E696 ] AntiSpywareService C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe

16:17:35.0064 0916 AntiSpywareService - ok

16:17:35.0123 0916 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

16:17:35.0135 0916 AppID - ok

16:17:35.0169 0916 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

16:17:35.0173 0916 AppIDSvc - ok

16:17:35.0411 0916 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

16:17:35.0411 0916 Appinfo - ok

16:17:35.0646 0916 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

16:17:35.0648 0916 Apple Mobile Device - ok

16:17:35.0824 0916 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

16:17:35.0832 0916 arc - ok

16:17:35.0844 0916 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

16:17:35.0846 0916 arcsas - ok

16:17:35.0897 0916 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

16:17:35.0905 0916 AsyncMac - ok

16:17:36.0073 0916 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

16:17:36.0093 0916 atapi - ok

16:17:36.0628 0916 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

16:17:36.0632 0916 AudioEndpointBuilder - ok

16:17:36.0681 0916 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

16:17:36.0685 0916 AudioSrv - ok

16:17:37.0531 0916 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

16:17:37.0540 0916 AxInstSV - ok

16:17:37.0734 0916 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

16:17:37.0753 0916 b06bdrv - ok

16:17:38.0707 0916 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

16:17:38.0766 0916 b57nd60a - ok

16:17:39.0476 0916 [ D1BA00D7CB6C1FBF29DC8935D8525D22 ] bcm C:\Windows\system32\DRIVERS\drxvi314_64.sys

16:17:39.0494 0916 bcm - ok

16:17:39.0647 0916 [ 5CCD19E7FA04DB87ADF171FA702A4169 ] bcmbusctr C:\Windows\system32\DRIVERS\BcmBusCtr_64.sys

16:17:39.0654 0916 bcmbusctr - ok

16:17:39.0878 0916 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

16:17:39.0890 0916 BDESVC - ok

16:17:40.0351 0916 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

16:17:40.0352 0916 Beep - ok

16:17:40.0988 0916 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

16:17:40.0993 0916 BFE - ok

16:17:41.0136 0916 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

16:17:41.0161 0916 BITS - ok

16:17:41.0284 0916 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

16:17:41.0285 0916 blbdrive - ok

16:17:41.0544 0916 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

16:17:41.0547 0916 Bonjour Service - ok

16:17:41.0620 0916 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

16:17:41.0621 0916 bowser - ok

16:17:41.0707 0916 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

16:17:41.0715 0916 BrFiltLo - ok

16:17:41.0764 0916 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

16:17:41.0766 0916 BrFiltUp - ok

16:17:41.0856 0916 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

16:17:41.0858 0916 Browser - ok

16:17:41.0934 0916 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

16:17:41.0995 0916 Brserid - ok

16:17:42.0029 0916 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

16:17:42.0032 0916 BrSerWdm - ok

16:17:42.0108 0916 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

16:17:42.0115 0916 BrUsbMdm - ok

16:17:42.0157 0916 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

16:17:42.0164 0916 BrUsbSer - ok

16:17:42.0263 0916 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

16:17:42.0264 0916 BthEnum - ok

16:17:42.0318 0916 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

16:17:42.0321 0916 BTHMODEM - ok

16:17:42.0381 0916 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

16:17:42.0382 0916 BthPan - ok

16:17:42.0656 0916 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys

16:17:42.0663 0916 BTHPORT - ok

16:17:42.0814 0916 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

16:17:42.0815 0916 bthserv - ok

16:17:42.0861 0916 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys

16:17:42.0862 0916 BTHUSB - ok

16:17:42.0981 0916 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys

16:17:42.0982 0916 btusbflt - ok

16:17:43.0020 0916 [ AF838D8029AE7C27470862D63FA54D24 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys

16:17:43.0022 0916 btwaudio - ok

16:17:43.0071 0916 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys

16:17:43.0072 0916 btwavdt - ok

16:17:43.0390 0916 [ 10FFB5FA51D5713D872B41A59DFC2213 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

16:17:43.0395 0916 btwdins - ok

16:17:43.0447 0916 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys

16:17:43.0448 0916 btwl2cap - ok

16:17:43.0457 0916 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys

16:17:43.0458 0916 btwrchid - ok

16:17:43.0524 0916 CANNT - ok

16:17:43.0531 0916 CATLNKNT - ok

16:17:43.0581 0916 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

16:17:43.0587 0916 cdfs - ok

16:17:43.0784 0916 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

16:17:43.0786 0916 cdrom - ok

16:17:43.0886 0916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

16:17:43.0892 0916 CertPropSvc - ok

16:17:43.0953 0916 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

16:17:43.0959 0916 circlass - ok

16:17:44.0036 0916 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

16:17:44.0041 0916 CLFS - ok

16:17:44.0270 0916 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:17:44.0279 0916 clr_optimization_v2.0.50727_32 - ok

16:17:44.0355 0916 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

16:17:44.0361 0916 clr_optimization_v2.0.50727_64 - ok

16:17:44.0586 0916 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

16:17:44.0644 0916 clr_optimization_v4.0.30319_32 - ok

16:17:44.0945 0916 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

16:17:44.0948 0916 clr_optimization_v4.0.30319_64 - ok

16:17:45.0010 0916 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

16:17:45.0011 0916 CmBatt - ok

16:17:45.0036 0916 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

16:17:45.0042 0916 cmdide - ok

16:17:45.0180 0916 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

16:17:45.0210 0916 CNG - ok

16:17:45.0336 0916 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

16:17:45.0339 0916 Compbatt - ok

16:17:45.0393 0916 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

16:17:45.0394 0916 CompositeBus - ok

16:17:45.0425 0916 COMSysApp - ok

16:17:45.0461 0916 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

16:17:45.0469 0916 crcdisk - ok

16:17:45.0564 0916 [ 2177A0F611584BCA1DFDD7EEB35C0224 ] CrypKey License C:\Windows\system32\crypserv.exe

16:17:45.0623 0916 CrypKey License - ok

16:17:45.0649 0916 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

16:17:45.0649 0916 CryptSvc - ok

16:17:45.0774 0916 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys

16:17:45.0774 0916 CtClsFlt - ok

16:17:46.0023 0916 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

16:17:46.0039 0916 cvhsvc - ok

16:17:46.0226 0916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

16:17:46.0226 0916 DcomLaunch - ok

16:17:46.0304 0916 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

16:17:46.0304 0916 defragsvc - ok

16:17:46.0413 0916 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

16:17:46.0413 0916 DfsC - ok

16:17:46.0549 0916 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

16:17:46.0553 0916 Dhcp - ok

16:17:46.0607 0916 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

16:17:46.0608 0916 discache - ok

16:17:46.0695 0916 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

16:17:46.0705 0916 Disk - ok

16:17:46.0948 0916 DLADRVNT - ok

16:17:46.0955 0916 DLASIPNT - ok

16:17:46.0977 0916 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

16:17:46.0978 0916 Dnscache - ok

16:17:47.0021 0916 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

16:17:47.0024 0916 dot3svc - ok

16:17:47.0091 0916 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys

16:17:47.0095 0916 Dot4 - ok

16:17:47.0187 0916 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys

16:17:47.0198 0916 Dot4Print - ok

16:17:47.0218 0916 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

16:17:47.0229 0916 dot4usb - ok

16:17:47.0352 0916 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

16:17:47.0354 0916 DPS - ok

16:17:47.0433 0916 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

16:17:47.0439 0916 drmkaud - ok

16:17:47.0734 0916 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

16:17:47.0749 0916 DXGKrnl - ok

16:17:47.0780 0916 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

16:17:47.0780 0916 EapHost - ok

16:17:47.0812 0916 easytether - ok

16:17:48.0155 0916 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

16:17:48.0233 0916 ebdrv - ok

16:17:48.0264 0916 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

16:17:48.0264 0916 EFS - ok

16:17:48.0513 0916 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

16:17:48.0554 0916 ehRecvr - ok

16:17:48.0589 0916 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

16:17:48.0594 0916 ehSched - ok

16:17:48.0796 0916 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

16:17:48.0820 0916 elxstor - ok

16:17:48.0856 0916 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

16:17:48.0861 0916 ErrDev - ok

16:17:48.0957 0916 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

16:17:48.0959 0916 EventSystem - ok

16:17:49.0369 0916 [ B56D9602DB5FE1C116B1CA5EFD8E2E50 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe

16:17:49.0377 0916 EvtEng - ok

16:17:49.0448 0916 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

16:17:49.0453 0916 exfat - ok

16:17:49.0495 0916 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

16:17:49.0497 0916 fastfat - ok

16:17:49.0720 0916 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

16:17:49.0728 0916 Fax - ok

16:17:49.0769 0916 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

16:17:49.0771 0916 fdc - ok

16:17:49.0832 0916 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

16:17:49.0835 0916 fdPHost - ok

16:17:49.0857 0916 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

16:17:49.0865 0916 FDResPub - ok

16:17:49.0906 0916 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

16:17:49.0908 0916 FileInfo - ok

16:17:49.0951 0916 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

16:17:49.0953 0916 Filetrace - ok

16:17:49.0969 0916 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

16:17:49.0974 0916 flpydisk - ok

16:17:50.0027 0916 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

16:17:50.0029 0916 FltMgr - ok

16:17:50.0324 0916 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

16:17:50.0369 0916 FontCache - ok

16:17:50.0473 0916 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

16:17:50.0479 0916 FontCache3.0.0.0 - ok

16:17:50.0531 0916 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

16:17:50.0536 0916 FsDepends - ok

16:17:50.0636 0916 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

16:17:50.0640 0916 Fs_Rec - ok

16:17:51.0025 0916 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

16:17:51.0030 0916 fvevol - ok

16:17:51.0364 0916 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

16:17:51.0366 0916 gagp30kx - ok

16:17:52.0047 0916 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe

16:17:52.0084 0916 GameConsoleService - ok

16:17:52.0287 0916 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

16:17:52.0288 0916 GEARAspiWDM - ok

16:17:53.0032 0916 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe

16:17:53.0042 0916 GoToAssist - ok

16:17:53.0474 0916 [ C981676A39997F469832A0D66F325FC5 ] gpslc64 C:\Windows\system32\Drivers\gpslc64.sys

16:17:53.0538 0916 gpslc64 - ok

16:17:53.0645 0916 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

16:17:53.0650 0916 gpsvc - ok

16:17:54.0277 0916 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:17:54.0279 0916 gupdate - ok

16:17:55.0868 0916 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:17:55.0868 0916 gupdatem - ok

16:17:56.0442 0916 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

16:17:56.0451 0916 gusvc - ok

16:17:56.0475 0916 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

16:17:56.0479 0916 hcw85cir - ok

16:17:56.0973 0916 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

16:17:57.0054 0916 HdAudAddService - ok

16:17:57.0170 0916 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

16:17:57.0173 0916 HDAudBus - ok

16:17:57.0289 0916 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

16:17:57.0290 0916 HECIx64 - ok

16:17:57.0329 0916 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

16:17:57.0336 0916 HidBatt - ok

16:17:57.0341 0916 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

16:17:57.0344 0916 HidBth - ok

16:17:57.0349 0916 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

16:17:57.0351 0916 HidIr - ok

16:17:57.0414 0916 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

16:17:57.0416 0916 hidserv - ok

16:17:57.0515 0916 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys

16:17:57.0516 0916 HidUsb - ok

16:17:57.0585 0916 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

16:17:57.0591 0916 hkmsvc - ok

16:17:57.0622 0916 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

16:17:57.0626 0916 HomeGroupListener - ok

16:17:57.0661 0916 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

16:17:57.0662 0916 HomeGroupProvider - ok

16:17:58.0022 0916 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

16:17:58.0026 0916 hpqcxs08 - ok

16:17:58.0136 0916 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

16:17:58.0137 0916 hpqddsvc - ok

16:17:58.0261 0916 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

16:17:58.0263 0916 HpSAMD - ok

16:17:58.0503 0916 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL

16:17:58.0513 0916 HPSLPSVC - ok

16:17:58.0700 0916 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

16:17:58.0704 0916 HTTP - ok

16:17:58.0838 0916 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

16:17:58.0840 0916 hwpolicy - ok

16:17:58.0965 0916 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

16:17:58.0966 0916 i8042prt - ok

16:17:59.0194 0916 [ 2064090C9FAAD92C090D77E50E735B2E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

16:17:59.0198 0916 iaStor - ok

16:17:59.0357 0916 [ A9BE186ABF28B3D3D698CB855EDF457E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

16:17:59.0363 0916 IAStorDataMgrSvc - ok

16:17:59.0491 0916 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

16:17:59.0514 0916 iaStorV - ok

16:17:59.0806 0916 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

16:17:59.0872 0916 idsvc - ok

16:18:01.0318 0916 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

16:18:01.0373 0916 igfx - ok

16:18:01.0437 0916 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

16:18:01.0445 0916 iirsp - ok

16:18:01.0541 0916 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

16:18:01.0553 0916 IKEEXT - ok

16:18:01.0646 0916 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys

16:18:01.0648 0916 Impcd - ok

16:18:01.0721 0916 [ C6C1F19205DA83C801BE7C25F4E2EE07 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys

16:18:01.0723 0916 IntcDAud - ok

16:18:01.0763 0916 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

16:18:01.0764 0916 intelide - ok

16:18:01.0895 0916 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

16:18:01.0896 0916 intelppm - ok

16:18:01.0929 0916 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

16:18:01.0941 0916 IPBusEnum - ok

16:18:02.0119 0916 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:18:02.0122 0916 IpFilterDriver - ok

16:18:02.0210 0916 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

16:18:02.0219 0916 iphlpsvc - ok

16:18:02.0261 0916 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

16:18:02.0269 0916 IPMIDRV - ok

16:18:02.0282 0916 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

16:18:02.0285 0916 IPNAT - ok

16:18:02.0515 0916 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

16:18:02.0524 0916 iPod Service - ok

16:18:02.0600 0916 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

16:18:02.0602 0916 IRENUM - ok

16:18:02.0615 0916 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

16:18:02.0618 0916 isapnp - ok

16:18:02.0653 0916 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

16:18:02.0660 0916 iScsiPrt - ok

16:18:02.0748 0916 [ 54F694C6CD3A1149BA3A8BDACC83BADC ] ITMRTSVC C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe

16:18:02.0752 0916 ITMRTSVC - ok

16:18:02.0759 0916 J1708NT - ok

16:18:02.0769 0916 J1939NT - ok

16:18:02.0814 0916 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

16:18:02.0814 0916 kbdclass - ok

16:18:02.0877 0916 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

16:18:02.0877 0916 kbdhid - ok

16:18:02.0923 0916 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

16:18:02.0923 0916 KeyIso - ok

16:18:02.0955 0916 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

16:18:02.0955 0916 KSecDD - ok

16:18:03.0017 0916 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

16:18:03.0017 0916 KSecPkg - ok

16:18:03.0079 0916 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

16:18:03.0079 0916 ksthunk - ok

16:18:03.0111 0916 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

16:18:03.0126 0916 KtmRm - ok

16:18:03.0189 0916 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

16:18:03.0204 0916 LanmanServer - ok

16:18:03.0235 0916 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

16:18:03.0235 0916 LanmanWorkstation - ok

16:18:03.0313 0916 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

16:18:03.0313 0916 lltdio - ok

16:18:03.0345 0916 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

16:18:03.0345 0916 lltdsvc - ok

16:18:03.0360 0916 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

16:18:03.0360 0916 lmhosts - ok

16:18:03.0454 0916 [ 23DE5B62B0445A6F874BE633C95B483E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

16:18:03.0454 0916 LMS - ok

16:18:03.0516 0916 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

16:18:03.0516 0916 LSI_FC - ok

16:18:03.0547 0916 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

16:18:03.0547 0916 LSI_SAS - ok

16:18:03.0563 0916 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

16:18:03.0563 0916 LSI_SAS2 - ok

16:18:03.0610 0916 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

16:18:03.0610 0916 LSI_SCSI - ok

16:18:03.0672 0916 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

16:18:03.0672 0916 luafv - ok

16:18:03.0766 0916 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

16:18:03.0766 0916 Mcx2Svc - ok

16:18:03.0828 0916 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

16:18:03.0828 0916 megasas - ok

16:18:03.0872 0916 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

16:18:03.0878 0916 MegaSR - ok

16:18:04.0038 0916 Microsoft SharePoint Workspace Audit Service - ok

16:18:04.0069 0916 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

16:18:04.0071 0916 MMCSS - ok

16:18:04.0091 0916 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

16:18:04.0094 0916 Modem - ok

16:18:04.0196 0916 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

16:18:04.0198 0916 monitor - ok

16:18:04.0257 0916 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys

16:18:04.0257 0916 mouclass - ok

16:18:04.0304 0916 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

16:18:04.0305 0916 mouhid - ok

16:18:04.0367 0916 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

16:18:04.0370 0916 mountmgr - ok

16:18:04.0478 0916 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

16:18:04.0482 0916 MpFilter - ok

16:18:04.0529 0916 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

16:18:04.0532 0916 mpio - ok

16:18:04.0563 0916 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

16:18:04.0564 0916 mpsdrv - ok

16:18:04.0637 0916 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

16:18:04.0649 0916 MpsSvc - ok

16:18:04.0686 0916 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

16:18:04.0694 0916 MRxDAV - ok

16:18:04.0748 0916 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

16:18:04.0751 0916 mrxsmb - ok

16:18:04.0798 0916 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:18:04.0800 0916 mrxsmb10 - ok

16:18:04.0833 0916 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:18:04.0833 0916 mrxsmb20 - ok

16:18:04.0879 0916 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

16:18:04.0879 0916 msahci - ok

16:18:04.0911 0916 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

16:18:04.0926 0916 msdsm - ok

16:18:04.0942 0916 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

16:18:04.0942 0916 MSDTC - ok

16:18:05.0004 0916 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

16:18:05.0004 0916 Msfs - ok

16:18:05.0020 0916 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

16:18:05.0020 0916 mshidkmdf - ok

16:18:05.0051 0916 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

16:18:05.0051 0916 msisadrv - ok

16:18:05.0082 0916 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

16:18:05.0098 0916 MSiSCSI - ok

16:18:05.0098 0916 msiserver - ok

16:18:05.0145 0916 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

16:18:05.0145 0916 MSKSSRV - ok

16:18:05.0269 0916 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

16:18:05.0269 0916 MsMpSvc - ok

16:18:05.0285 0916 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

16:18:05.0285 0916 MSPCLOCK - ok

16:18:05.0301 0916 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

16:18:05.0301 0916 MSPQM - ok

16:18:05.0379 0916 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

16:18:05.0394 0916 MsRPC - ok

16:18:05.0441 0916 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

16:18:05.0441 0916 mssmbios - ok

16:18:05.0488 0916 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

16:18:05.0488 0916 MSTEE - ok

16:18:05.0519 0916 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

16:18:05.0519 0916 MTConfig - ok

16:18:05.0535 0916 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

16:18:05.0550 0916 Mup - ok

16:18:05.0659 0916 [ A9BC2302FBDF52C8AF4E2FC966288D21 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

16:18:05.0722 0916 MyWiFiDHCPDNS - ok

16:18:05.0769 0916 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

16:18:05.0769 0916 napagent - ok

16:18:05.0847 0916 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

16:18:05.0847 0916 NativeWifiP - ok

16:18:06.0008 0916 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

16:18:06.0040 0916 NDIS - ok

16:18:06.0090 0916 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

16:18:06.0092 0916 NdisCap - ok

16:18:06.0148 0916 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

16:18:06.0149 0916 NdisTapi - ok

16:18:06.0209 0916 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

16:18:06.0210 0916 Ndisuio - ok

16:18:06.0270 0916 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

16:18:06.0272 0916 NdisWan - ok

16:18:06.0342 0916 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

16:18:06.0343 0916 NDProxy - ok

16:18:06.0419 0916 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

16:18:06.0420 0916 Net Driver HPZ12 - ok

16:18:06.0472 0916 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

16:18:06.0473 0916 NetBIOS - ok

16:18:06.0510 0916 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

16:18:06.0512 0916 NetBT - ok

16:18:06.0557 0916 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

16:18:06.0559 0916 Netlogon - ok

16:18:06.0596 0916 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

16:18:06.0602 0916 Netman - ok

16:18:06.0616 0916 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

16:18:06.0625 0916 netprofm - ok

16:18:06.0655 0916 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:18:06.0662 0916 NetTcpPortSharing - ok

16:18:07.0099 0916 [ 24F64343F14A119308456E1CA7507B26 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys

16:18:07.0146 0916 NETw5s64 - ok

16:18:07.0209 0916 [ A97D9B1C2EEB2E169D2593E7073BCD27 ] NetworkX C:\Windows\System32\ckldrv.sys

16:18:07.0240 0916 NetworkX - ok

16:18:07.0287 0916 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

16:18:07.0302 0916 nfrd960 - ok

16:18:07.0318 0916 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

16:18:07.0333 0916 NisDrv - ok

16:18:07.0396 0916 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe

16:18:07.0396 0916 NisSrv - ok

16:18:07.0458 0916 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

16:18:07.0458 0916 NlaSvc - ok

16:18:07.0677 0916 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

16:18:07.0692 0916 NOBU - ok

16:18:07.0770 0916 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

16:18:07.0786 0916 Npfs - ok

16:18:07.0801 0916 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

16:18:07.0801 0916 nsi - ok

16:18:07.0833 0916 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

16:18:07.0833 0916 nsiproxy - ok

16:18:07.0926 0916 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

16:18:07.0973 0916 Ntfs - ok

16:18:07.0989 0916 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

16:18:07.0989 0916 Null - ok

16:18:08.0035 0916 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

16:18:08.0035 0916 nvraid - ok

16:18:08.0051 0916 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

16:18:08.0067 0916 nvstor - ok

16:18:08.0098 0916 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

16:18:08.0098 0916 nv_agp - ok

16:18:08.0121 0916 [ F79633A8B7DB75CB5FAD53B02985A414 ] NWADI C:\Windows\system32\DRIVERS\NWADIenum.sys

16:18:08.0123 0916 NWADI - ok

16:18:08.0156 0916 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

16:18:08.0167 0916 ohci1394 - ok

16:18:08.0234 0916 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

16:18:08.0238 0916 ose - ok

16:18:08.0609 0916 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

16:18:08.0741 0916 osppsvc - ok

16:18:08.0780 0916 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

16:18:08.0787 0916 p2pimsvc - ok

16:18:08.0830 0916 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

16:18:08.0836 0916 p2psvc - ok

16:18:08.0963 0916 PARCAII - ok

16:18:09.0010 0916 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

16:18:09.0014 0916 Parport - ok

16:18:09.0053 0916 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

16:18:09.0055 0916 partmgr - ok

16:18:09.0077 0916 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

16:18:09.0080 0916 PcaSvc - ok

16:18:09.0108 0916 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

16:18:09.0111 0916 pci - ok

16:18:09.0151 0916 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

16:18:09.0155 0916 pciide - ok

16:18:09.0176 0916 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

16:18:09.0182 0916 pcmcia - ok

16:18:09.0188 0916 PCSMHNT - ok

16:18:09.0223 0916 PCTINDIS5X64 - ok

16:18:09.0269 0916 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

16:18:09.0285 0916 pcw - ok

16:18:09.0301 0916 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

16:18:09.0316 0916 PEAUTH - ok

16:18:09.0597 0916 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

16:18:09.0597 0916 PerfHost - ok

16:18:09.0815 0916 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

16:18:09.0847 0916 pla - ok

16:18:09.0940 0916 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

16:18:09.0940 0916 PlugPlay - ok

16:18:09.0987 0916 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

16:18:10.0003 0916 Pml Driver HPZ12 - ok

16:18:10.0018 0916 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

16:18:10.0018 0916 PNRPAutoReg - ok

16:18:10.0096 0916 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

16:18:10.0112 0916 PNRPsvc - ok

16:18:10.0190 0916 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

16:18:10.0205 0916 PolicyAgent - ok

16:18:10.0268 0916 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

16:18:10.0268 0916 Power - ok

16:18:10.0346 0916 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

16:18:10.0346 0916 PptpMiniport - ok

16:18:10.0393 0916 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

16:18:10.0393 0916 Processor - ok

16:18:10.0486 0916 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

16:18:10.0502 0916 ProfSvc - ok

16:18:10.0580 0916 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

16:18:10.0580 0916 ProtectedStorage - ok

16:18:10.0642 0916 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

16:18:10.0642 0916 Psched - ok

16:18:10.0705 0916 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

16:18:10.0705 0916 PxHlpa64 - ok

16:18:10.0767 0916 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

16:18:10.0814 0916 ql2300 - ok

16:18:10.0814 0916 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

16:18:10.0814 0916 ql40xx - ok

16:18:10.0845 0916 [ 19370F973CBEBE1680ECA9AE4A5AB7E1 ] qrkis C:\Windows\system32\DRIVERS\qrkis.sys

16:18:10.0861 0916 qrkis - ok

16:18:10.0892 0916 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

16:18:10.0892 0916 QWAVE - ok

16:18:10.0907 0916 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

16:18:10.0907 0916 QWAVEdrv - ok

16:18:10.0923 0916 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

16:18:10.0923 0916 RasAcd - ok

16:18:10.0985 0916 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

16:18:11.0001 0916 RasAgileVpn - ok

16:18:11.0032 0916 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

16:18:11.0032 0916 RasAuto - ok

16:18:11.0063 0916 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

16:18:11.0063 0916 Rasl2tp - ok

16:18:11.0126 0916 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

16:18:11.0141 0916 RasMan - ok

16:18:11.0204 0916 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

16:18:11.0204 0916 RasPppoe - ok

16:18:11.0251 0916 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

16:18:11.0266 0916 RasSstp - ok

16:18:11.0313 0916 [ 96597C96D5ACF4A3EF0B24D396853879 ] rcmirror C:\Windows\system32\DRIVERS\rcmirror.sys

16:18:11.0329 0916 rcmirror - ok

16:18:11.0375 0916 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

16:18:11.0375 0916 rdbss - ok

16:18:11.0407 0916 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

16:18:11.0407 0916 rdpbus - ok

16:18:11.0422 0916 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

16:18:11.0422 0916 RDPCDD - ok

16:18:11.0438 0916 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

16:18:11.0438 0916 RDPENCDD - ok

16:18:11.0453 0916 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

16:18:11.0453 0916 RDPREFMP - ok

16:18:11.0485 0916 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

16:18:11.0500 0916 RDPWD - ok

16:18:11.0563 0916 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

16:18:11.0578 0916 rdyboost - ok

16:18:11.0719 0916 [ 0AA473966357C4A41B5EB19649EB6E5E ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

16:18:11.0734 0916 RegSrvc - ok

16:18:11.0765 0916 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

16:18:11.0765 0916 RemoteAccess - ok

16:18:11.0875 0916 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

16:18:11.0890 0916 RemoteRegistry - ok

16:18:11.0953 0916 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

16:18:11.0953 0916 RFCOMM - ok

16:18:12.0155 0916 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe

16:18:12.0187 0916 RoxMediaDB12OEM - ok

16:18:12.0249 0916 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe

16:18:12.0265 0916 RoxWatch12 - ok

16:18:12.0280 0916 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

16:18:12.0296 0916 RpcEptMapper - ok

16:18:12.0327 0916 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

16:18:12.0327 0916 RpcLocator - ok

16:18:12.0374 0916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

16:18:12.0374 0916 RpcSs - ok

16:18:12.0436 0916 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

16:18:12.0436 0916 rspndr - ok

16:18:12.0530 0916 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys

16:18:12.0545 0916 RSUSBSTOR - ok

16:18:12.0608 0916 [ FD978B2BF8A9B2390DCBEF435E9C1F9F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

16:18:12.0608 0916 RTL8167 - ok

16:18:12.0623 0916 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

16:18:12.0623 0916 SamSs - ok

16:18:12.0670 0916 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

16:18:12.0670 0916 sbp2port - ok

16:18:12.0701 0916 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

16:18:12.0701 0916 SCardSvr - ok

16:18:12.0748 0916 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

16:18:12.0748 0916 scfilter - ok

16:18:12.0795 0916 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

16:18:12.0811 0916 Schedule - ok

16:18:12.0857 0916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

16:18:12.0857 0916 SCPolicySvc - ok

16:18:12.0873 0916 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

16:18:12.0873 0916 SDRSVC - ok

16:18:12.0904 0916 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

16:18:12.0904 0916 secdrv - ok

16:18:12.0935 0916 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

16:18:12.0935 0916 seclogon - ok

16:18:12.0967 0916 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

16:18:12.0967 0916 SENS - ok

16:18:12.0982 0916 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

16:18:12.0982 0916 SensrSvc - ok

16:18:13.0029 0916 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

16:18:13.0029 0916 Serenum - ok

16:18:13.0091 0916 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

16:18:13.0091 0916 Serial - ok

16:18:13.0123 0916 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

16:18:13.0123 0916 sermouse - ok

16:18:13.0201 0916 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

16:18:13.0216 0916 SessionEnv - ok

16:18:13.0247 0916 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

16:18:13.0263 0916 sffdisk - ok

16:18:13.0357 0916 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

16:18:13.0372 0916 sffp_mmc - ok

16:18:13.0388 0916 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

16:18:13.0388 0916 sffp_sd - ok

16:18:13.0419 0916 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

16:18:13.0419 0916 sfloppy - ok

16:18:13.0481 0916 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys

16:18:13.0513 0916 Sftfs - ok

16:18:13.0575 0916 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

16:18:13.0591 0916 sftlist - ok

16:18:13.0669 0916 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys

16:18:13.0669 0916 Sftplay - ok

16:18:13.0684 0916 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys

16:18:13.0684 0916 Sftredir - ok

16:18:13.0809 0916 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

16:18:13.0840 0916 SftService - ok

16:18:13.0856 0916 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys

16:18:13.0856 0916 Sftvol - ok

16:18:13.0871 0916 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

16:18:13.0871 0916 sftvsa - ok

16:18:13.0934 0916 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

16:18:13.0949 0916 SharedAccess - ok

16:18:13.0996 0916 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

16:18:13.0996 0916 ShellHWDetection - ok

16:18:14.0059 0916 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

16:18:14.0059 0916 SiSRaid2 - ok

16:18:14.0059 0916 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

16:18:14.0074 0916 SiSRaid4 - ok

16:18:14.0183 0916 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

16:18:14.0183 0916 SkypeUpdate - ok

16:18:14.0199 0916 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

16:18:14.0199 0916 Smb - ok

16:18:14.0277 0916 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

16:18:14.0277 0916 SNMPTRAP - ok

16:18:14.0277 0916 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

16:18:14.0277 0916 spldr - ok

16:18:14.0339 0916 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

16:18:14.0339 0916 Spooler - ok

16:18:14.0605 0916 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

16:18:14.0714 0916 sppsvc - ok

16:18:14.0745 0916 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

16:18:14.0745 0916 sppuinotify - ok

16:18:14.0776 0916 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

16:18:14.0792 0916 srv - ok

16:18:14.0807 0916 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

16:18:14.0823 0916 srv2 - ok

16:18:14.0839 0916 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

16:18:14.0839 0916 srvnet - ok

16:18:14.0885 0916 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

16:18:14.0901 0916 SSDPSRV - ok

16:18:14.0917 0916 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

16:18:14.0917 0916 SstpSvc - ok

16:18:14.0979 0916 [ 463E33B1EA7AF1E6EB87B66B831DB41A ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe

16:18:14.0979 0916 STacSV - ok

16:18:15.0010 0916 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

16:18:15.0010 0916 stexstor - ok

16:18:15.0073 0916 [ 4304B75094E106FB5423A290C95841E5 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys

16:18:15.0088 0916 STHDA - ok

16:18:15.0182 0916 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

16:18:15.0197 0916 stisvc - ok

16:18:15.0229 0916 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

16:18:15.0291 0916 stllssvr - ok

16:18:15.0353 0916 [ 3D120C97D6D047F33AC0C08D35F31103 ] Svk2pl C:\Windows\system32\DRIVERS\Svk2pl64.sys

16:18:15.0353 0916 Svk2pl - ok

16:18:15.0385 0916 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

16:18:15.0385 0916 swenum - ok

16:18:15.0463 0916 [ A8E9E76CC2F342F205273702969C84C9 ] swmx00 C:\Windows\system32\DRIVERS\swmx00.sys

16:18:15.0463 0916 swmx00 - ok

16:18:15.0494 0916 [ B053610BB36D9BD1BFF7102727427600 ] SWNC5E00 C:\Windows\system32\DRIVERS\SWNC5E00.sys

16:18:15.0572 0916 SWNC5E00 - ok

16:18:15.0619 0916 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

16:18:15.0619 0916 swprv - ok

16:18:15.0743 0916 [ 8A3FBCB3D6D4710730D27DA4392A4863 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

16:18:15.0743 0916 SynTP - ok

16:18:15.0806 0916 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

16:18:15.0821 0916 SysMain - ok

16:18:15.0868 0916 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

16:18:15.0868 0916 TabletInputService - ok

16:18:15.0915 0916 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

16:18:15.0915 0916 TapiSrv - ok

16:18:15.0946 0916 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

16:18:15.0946 0916 TBS - ok

16:18:16.0071 0916 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys

16:18:16.0118 0916 Tcpip - ok

16:18:16.0211 0916 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

16:18:16.0243 0916 TCPIP6 - ok

16:18:16.0289 0916 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

16:18:16.0289 0916 tcpipreg - ok

16:18:16.0352 0916 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

16:18:16.0352 0916 TDPIPE - ok

16:18:16.0383 0916 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

16:18:16.0383 0916 TDTCP - ok

16:18:16.0430 0916 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

16:18:16.0430 0916 tdx - ok

16:18:16.0601 0916 [ 7C2F4D20AF8267605607B483D88C8302 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

16:18:16.0617 0916 TeamViewer6 - ok

16:18:16.0679 0916 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

16:18:16.0679 0916 TermDD - ok

16:18:16.0773 0916 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

16:18:16.0789 0916 TermService - ok

16:18:16.0898 0916 [ 8998A2CF1E6EC2711D2AFA8EECAACE05 ] Tether C:\Program Files (x86)\Tether\TBService.exe

16:18:16.0898 0916 Tether - ok

16:18:16.0929 0916 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

16:18:16.0929 0916 Themes - ok

16:18:16.0960 0916 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

16:18:16.0960 0916 THREADORDER - ok

16:18:16.0976 0916 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

16:18:16.0976 0916 TrkWks - ok

16:18:17.0069 0916 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

16:18:17.0085 0916 TrustedInstaller - ok

16:18:17.0132 0916 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

16:18:17.0132 0916 tssecsrv - ok

16:18:17.0210 0916 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

16:18:17.0210 0916 TsUsbFlt - ok

16:18:17.0272 0916 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

16:18:17.0272 0916 tunnel - ok

16:18:17.0319 0916 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

16:18:17.0319 0916 uagp35 - ok

16:18:17.0350 0916 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

16:18:17.0366 0916 udfs - ok

16:18:17.0381 0916 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

16:18:17.0397 0916 UI0Detect - ok

16:18:17.0428 0916 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

16:18:17.0428 0916 uliagpkx - ok

16:18:17.0491 0916 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

16:18:17.0491 0916 umbus - ok

16:18:17.0522 0916 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

16:18:17.0537 0916 UmPass - ok

16:18:17.0912 0916 [ CC3775100ABA633984F73DFAE1F55CAE ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

16:18:18.0005 0916 UNS - ok

16:18:18.0052 0916 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

16:18:18.0052 0916 upnphost - ok

16:18:18.0130 0916 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

16:18:18.0146 0916 USBAAPL64 - ok

16:18:18.0177 0916 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

16:18:18.0177 0916 usbccgp - ok

16:18:18.0193 0916 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

16:18:18.0193 0916 usbcir - ok

16:18:18.0208 0916 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

16:18:18.0208 0916 usbehci - ok

16:18:18.0286 0916 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

16:18:18.0286 0916 usbhub - ok

16:18:18.0302 0916 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

16:18:18.0317 0916 usbohci - ok

16:18:18.0364 0916 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

16:18:18.0364 0916 usbprint - ok

16:18:18.0380 0916 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

16:18:18.0395 0916 usbscan - ok

16:18:18.0411 0916 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:18:18.0427 0916 USBSTOR - ok

16:18:18.0442 0916 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

16:18:18.0442 0916 usbuhci - ok

16:18:18.0505 0916 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

16:18:18.0520 0916 usbvideo - ok

16:18:18.0567 0916 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

16:18:18.0567 0916 UxSms - ok

16:18:18.0567 0916 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

16:18:18.0567 0916 VaultSvc - ok

16:18:18.0614 0916 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

16:18:18.0614 0916 vdrvroot - ok

16:18:18.0707 0916 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

16:18:18.0723 0916 vds - ok

16:18:18.0754 0916 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

16:18:18.0754 0916 vga - ok

16:18:18.0770 0916 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

16:18:18.0770 0916 VgaSave - ok

16:18:18.0817 0916 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

16:18:18.0832 0916 vhdmp - ok

16:18:18.0863 0916 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

16:18:18.0863 0916 viaide - ok

16:18:18.0895 0916 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

16:18:18.0895 0916 volmgr - ok

16:18:18.0926 0916 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

16:18:18.0926 0916 volmgrx - ok

16:18:18.0973 0916 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

16:18:18.0973 0916 volsnap - ok

16:18:19.0035 0916 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

16:18:19.0035 0916 vsmraid - ok

16:18:19.0129 0916 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

16:18:19.0160 0916 VSS - ok

16:18:19.0175 0916 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

16:18:19.0175 0916 vwifibus - ok

16:18:19.0222 0916 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

16:18:19.0222 0916 vwififlt - ok

16:18:19.0238 0916 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

16:18:19.0238 0916 vwifimp - ok

16:18:19.0316 0916 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

16:18:19.0331 0916 W32Time - ok

16:18:19.0347 0916 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

16:18:19.0347 0916 WacomPen - ok

16:18:19.0409 0916 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

16:18:19.0425 0916 WANARP - ok

16:18:19.0441 0916 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

16:18:19.0441 0916 Wanarpv6 - ok

16:18:19.0595 0916 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

16:18:19.0624 0916 WatAdminSvc - ok

16:18:19.0691 0916 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

16:18:19.0734 0916 wbengine - ok

16:18:19.0762 0916 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

16:18:19.0768 0916 WbioSrvc - ok

16:18:19.0828 0916 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

16:18:19.0909 0916 wcncsvc - ok

16:18:19.0928 0916 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

16:18:19.0932 0916 WcsPlugInService - ok

16:18:19.0961 0916 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

16:18:19.0964 0916 Wd - ok

16:18:19.0989 0916 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

16:18:20.0011 0916 Wdf01000 - ok

16:18:20.0025 0916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

16:18:20.0028 0916 WdiServiceHost - ok

16:18:20.0034 0916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

16:18:20.0036 0916 WdiSystemHost - ok

16:18:20.0083 0916 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

16:18:20.0092 0916 WebClient - ok

16:18:20.0113 0916 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

16:18:20.0119 0916 Wecsvc - ok

16:18:20.0137 0916 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

16:18:20.0141 0916 wercplsupport - ok

16:18:20.0155 0916 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

16:18:20.0159 0916 WerSvc - ok

16:18:20.0202 0916 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

16:18:20.0203 0916 WfpLwf - ok

16:18:20.0279 0916 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys

16:18:20.0283 0916 WimFltr - ok

16:18:20.0310 0916 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

16:18:20.0313 0916 WIMMount - ok

16:18:20.0334 0916 WinDefend - ok

16:18:20.0344 0916 WinHttpAutoProxySvc - ok

16:18:20.0398 0916 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

16:18:20.0400 0916 Winmgmt - ok

16:18:20.0590 0916 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

16:18:20.0700 0916 WinRM - ok

16:18:20.0824 0916 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

16:18:20.0824 0916 WinUsb - ok

16:18:20.0918 0916 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

16:18:20.0934 0916 Wlansvc - ok

16:18:21.0012 0916 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

16:18:21.0012 0916 wlcrasvc - ok

16:18:21.0339 0916 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

16:18:21.0355 0916 wlidsvc - ok

16:18:21.0464 0916 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

16:18:21.0464 0916 WmiAcpi - ok

16:18:21.0511 0916 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

16:18:21.0511 0916 wmiApSrv - ok

16:18:21.0589 0916 WMPNetworkSvc - ok

16:18:21.0636 0916 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

16:18:21.0636 0916 WPCSvc - ok

16:18:21.0667 0916 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

16:18:21.0667 0916 WPDBusEnum - ok

16:18:21.0745 0916 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

16:18:21.0745 0916 ws2ifsl - ok

16:18:21.0838 0916 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

16:18:21.0838 0916 wscsvc - ok

16:18:21.0838 0916 WSearch - ok

16:18:21.0916 0916 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

16:18:21.0994 0916 wuauserv - ok

16:18:22.0010 0916 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

16:18:22.0010 0916 WudfPf - ok

16:18:22.0072 0916 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

16:18:22.0088 0916 WUDFRd - ok

16:18:22.0119 0916 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

16:18:22.0119 0916 wudfsvc - ok

16:18:22.0150 0916 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

16:18:22.0150 0916 WwanSvc - ok

16:18:22.0197 0916 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys

16:18:22.0213 0916 yukonw7 - ok

16:18:22.0400 0916 ================ Scan global ===============================

16:18:22.0462 0916 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

16:18:22.0556 0916 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll

16:18:22.0899 0916 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll

16:18:22.0946 0916 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

16:18:23.0071 0916 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

16:18:23.0071 0916 [Global] - ok

16:18:23.0071 0916 ================ Scan MBR ==================================

16:18:23.0086 0916 [ C3220EB08ADD62E3ED9F72A1F4E4B1BB ] \Device\Harddisk0\DR0

16:18:25.0192 0916 \Device\Harddisk0\DR0 - ok

16:18:25.0192 0916 ================ Scan VBR ==================================

16:18:25.0270 0916 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1

16:18:25.0270 0916 \Device\Harddisk0\DR0\Partition1 - ok

16:18:25.0286 0916 [ 723FFEBDE086355CE5F5C8E20D4FDB4A ] \Device\Harddisk0\DR0\Partition2

16:18:25.0302 0916 \Device\Harddisk0\DR0\Partition2 - ok

16:18:25.0302 0916 ============================================================

16:18:25.0302 0916 Scan finished

16:18:25.0302 0916 ============================================================

16:18:25.0302 0412 Detected object count: 0

16:18:25.0302 0412 Actual detected object count: 0

16:18:46.0864 3240 Deinitialize success

Link to post
Share on other sites

Looks Good............

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Link to post
Share on other sites

  • 2 weeks later...

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.