ShawnaN51 Posted October 18, 2012 ID:608584 Share Posted October 18, 2012 I am not a computer expert but I ran Malware and have two trojan svc.exe detected I have attached DDS, ATTACH and Rogue Killers. I am desperate I work from home and in desperate help~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~DDSDDS (Ver_2012-10-14.05) - NTFS_AMD64 NETWORKInternet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_32Run by Luis at 15:32:03 on 2012-10-18Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3895.2767 [GMT -4:00].AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\Explorer.EXEC:\Windows\SysWOW64\rundll32.exeC:\Windows\system32\rundll32.exeC:\Windows\system32\ctfmon.exeC:\Users\Luis\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Luis\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Luis\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Luis\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Luis\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Luis\Downloads\RogueKiller (1).exe\\.\globalroot\systemroot\svchost.exe -netsvcsC:\Windows\system32\conhost.exeC:\Windows\system32\conhost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.google.com/mWinlogon: Userinit = userinit.exe,BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dllBHO: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllBHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dlluRun: [Google Update] "C:\Users\Luis\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"uRun: [Desktop Software] "C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe" /ini "C:\Program Files (x86)\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthiddenuRun: [ComcastAntispyClient] "C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hideuRun: [Media Finder] "C:\Program Files (x86)\Media Finder\MF.exe" /opentotrayuRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exemRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exemRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /bootmRun: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exemRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exemRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startupmRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osbootmRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesmRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScriptmRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.htmlIE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllIE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmIE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllDPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CABDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cabTCP: NameServer = 192.168.1.1TCP: Interfaces\{1F0184A2-B1A8-4EAB-BF2C-41A58597C6C9} : NameServer = 66.1.64.132 66.1.64.133TCP: Interfaces\{62F5C3E3-4B41-4E85-AC88-D78C9576FA9F} : NameServer = 8.8.8.8,8.8.4.4TCP: Interfaces\{B557AC97-7BC6-40E1-9EA9-CE4808F4A09E} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{B557AC97-7BC6-40E1-9EA9-CE4808F4A09E}\160747430383D27657563747 : DHCPNameServer = 192.168.3.1TCP: Interfaces\{B557AC97-7BC6-40E1-9EA9-CE4808F4A09E}\77962756C6563737 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{B557AC97-7BC6-40E1-9EA9-CE4808F4A09E}\C43564C4F4255435 : DHCPNameServer = 10.0.0.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dllHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLLSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livesspx64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\ProgramData\konasys32\gska\belsys.exe,x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllx64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exex64-Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Trayx64-Run: [stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quietx64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startupx64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmx64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cabx64-DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cabx64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cabx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dllx64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Luis\AppData\Roaming\Mozilla\Firefox\Profiles\d15i9m86.default\FF - prefs.js: network.proxy.type - 0FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dllFF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dllFF - plugin: C:\Users\Luis\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dllFF - plugin: C:\Windows\SysWOW64\npdeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dllFF - ExtSQL: !HIDDEN! 2011-06-26 16:44; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3.============= SERVICES / DRIVERS ===============.R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-3-10 55856]R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-3-10 56344]R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-3-18 7680512]R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]S0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]S2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-3-10 89600]S2 AntiSpywareService;Comcast AntiSpyware;C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-6-17 616408]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-13 136176]S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-3-10 13336]S2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 128456]S2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-3-10 1692480]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]S2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-4-2 2271608]S2 Tether;Tether;C:\Program Files (x86)\Tether\TBService.exe [2012-3-24 91584]S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-3-10 2320920]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-25 250808]S3 bcm;WiMAX Network Adapter;C:\Windows\System32\drivers\drxvi314_64.sys [2010-3-26 359040]S3 bcmbusctr;WiMAX Bus Driver;C:\Windows\System32\drivers\BcmBusCtr_64.sys [2010-3-26 62976]S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2011-3-10 53800]S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-3-10 35104]S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-3-10 172704]S3 gpslc64;gpslc64;C:\Windows\System32\drivers\gpslc64.sys [2011-4-22 95872]S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-13 136176]S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-3-10 158976]S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-3-10 289280]S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]S3 qrkis;Tether Miniport;C:\Windows\System32\drivers\qrkis.sys [2012-3-24 52640]S3 rcmirror;rcmirror;C:\Windows\System32\drivers\rcmirror.sys [2010-1-18 4608]S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-3-10 250984]S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-10 325152]S3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]S3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]S3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]S3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]S3 Svk2pl;GigawareX USB to Serial Driver;C:\Windows\System32\drivers\Svk2pl64.sys [2012-3-27 97280]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-26 59392]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-3 1255736]S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2012-10-18 18:48:07 20480 ----a-w- C:\Windows\svchost.exe2012-10-18 18:05:13 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{13A80102-3190-4CC2-BD98-CAAB00391B8D}\mpengine.dll2012-10-18 15:59:06 -------- d-----w- C:\Users\Luis\AppData\Local\ID Vault2012-10-18 15:59:06 -------- d-----w- C:\ProgramData\IsolatedStorage2012-10-18 15:58:24 -------- d-----w- C:\Users\Luis\AppData\Roaming\ID Vault2012-10-18 15:57:51 -------- d-----w- C:\Program Files (x86)\Constant Guard Protection Suite2012-10-18 15:44:09 -------- d-----w- C:\ProgramData\White Sky, Inc2012-10-17 00:34:47 5632 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\DB4D.tmp2012-10-17 00:34:47 5632 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\DB3C.tmp2012-10-10 23:58:06 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2012-10-10 02:21:47 220160 ----a-w- C:\Windows\System32\wintrust.dll2012-10-10 02:21:46 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll2012-10-10 02:21:41 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2012-10-10 02:21:41 2048 ----a-w- C:\Windows\System32\tzres.dll2012-10-10 02:21:34 715776 ----a-w- C:\Windows\System32\kerberos.dll2012-10-10 02:21:34 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll2012-10-10 02:21:29 1464320 ----a-w- C:\Windows\System32\crypt32.dll2012-10-10 02:21:27 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll2012-10-10 02:21:25 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2012-10-10 02:21:25 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2012-10-10 02:21:25 140288 ----a-w- C:\Windows\System32\cryptnet.dll2012-10-10 02:21:24 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2012-10-06 20:39:26 972192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5D8A3101-CA51-4C30-AF52-6A2F14F16162}\gapaengine.dll2012-09-25 22:49:16 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe2012-09-22 15:09:34 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys2012-09-22 15:08:43 -------- d-----w- C:\Program Files\iPod2012-09-22 15:08:42 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692012-09-22 15:08:42 -------- d-----w- C:\Program Files\iTunes2012-09-22 15:08:42 -------- d-----w- C:\Program Files (x86)\iTunes2012-09-22 15:05:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll2012-09-22 15:05:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll2012-09-22 15:05:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll2012-09-22 15:05:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll2012-09-22 15:05:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll2012-09-22 15:05:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll2012-09-22 15:05:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll.==================== Find3M ====================.2012-10-09 21:56:16 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2012-10-09 21:56:16 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2012-09-29 23:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys2012-08-31 02:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys2012-08-31 02:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2012-08-24 18:05:06 1188864 ----a-w- C:\Windows\System32\wininet.dll2012-08-24 16:57:48 981504 ----a-w- C:\Windows\SysWow64\wininet.dll2012-08-24 15:59:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb2012-08-24 15:20:39 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS2012-08-21 17:01:20 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll2012-08-21 17:01:20 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll============= FINISH: 15:33:27.01 ===============~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Attach.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-10-14.05).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2Install Date: 4/2/2011 1:09:50 PMSystem Uptime: 10/18/2012 2:57:43 PM (1 hours ago).Motherboard: Dell Inc. | | 0WXY9JProcessor: Intel® Core i3 CPU M 380 @ 2.53GHz | CPU 1 | 2527/533mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 581 GiB total, 489.518 GiB free.D: is CDROM (UDF).==== Disabled Device Manager Items =============.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Tether Ethernet AdapterDevice ID: ROOT\ROOT&QRKIS\0000Manufacturer: TetherName: Tether Ethernet AdapterPNP Device ID: ROOT\ROOT&QRKIS\0000Service: qrkis.Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}Description: Security Processor Loader DriverDevice ID: ROOT\LEGACY_SPLDR\0000Manufacturer: Name: Security Processor Loader DriverPNP Device ID: ROOT\LEGACY_SPLDR\0000Service: spldr.==== System Restore Points ===================.RP242: 10/2/2012 6:03:21 PM - Windows UpdateRP243: 10/6/2012 4:38:09 PM - Windows UpdateRP244: 10/9/2012 5:59:32 PM - Windows UpdateRP245: 10/9/2012 10:34:07 PM - Windows UpdateRP246: 10/11/2012 3:00:40 AM - Windows UpdateRP247: 10/14/2012 8:25:54 PM - Windows UpdateRP248: 10/16/2012 9:00:17 PM - Windows UpdateRP249: 10/18/2012 2:18:13 PM - Windows Update.==== Installed Programs ======================.64 Bit HP CIO Components InstallerAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader 9.5.2Advanced Audio FX EngineApple Application SupportApple Mobile Device SupportApple Software UpdateBing Rewards Client InstallerBonjourBufferChmCA Pest Patrol Realtime ProtectionCaterpillar Comm Adapter 3Caterpillar Electronic Technician 2011B v1.0CCleanerCDBurnerXPComcast Desktop Software (v1.2.1)Coupon Printer for WindowsCoziCutePDF Writer 2.8D110D3DX10Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDell DataSafe Local BackupDell DataSafe Local Backup - Support SoftwareDell DataSafe OnlineDell Edoc ViewerDell Getting Started GuideDell Home Systems Service AgreementDell MusicStageDell Perks Webslice IE8Dell PhotoStageDell Product RegistrationDell StageDell Stage RemoteDell Support CenterDell VideoStageDell Webcam CentralDestinationsDeviceDiscoveryDirectX 9 RuntimeDVD43 Plug-in v1.0.0.5eBayGigaware USB to Serial Cable Driver InstallerGoogle ChromeGoogle Toolbar for Internet ExplorerGoogle Update HelperGoToAssist 8.0.0.514GPBaseService2Hewlett-Packard ACLM.NET v1.1.0.0HP Customer Participation Program 14.0HP Imaging Device Functions 14.0HP Photo CreationsHP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7HP Product DetectionHP Smart Web Printing 4.60HP Solution Center 14.0HP UpdateHPAppStudioHPPhotoGadgetHPProductAssistantHPSSupplyiCloudIDT AudioInstallVC90SupportIntel PROSet WirelessIntel® Control CenterIntel® Graphics Media Accelerator DriverIntel® Management Engine ComponentsIntel® PROSet/Wireless WiFi SoftwareIntel® Rapid Storage TechnologyInternet ExploreriTrailiTunesJava Auto UpdaterJava 6 Update 23 (64-bit)Java 6 Update 32Junk Mail filter updateLive! Cam Avatar CreatorMalwarebytes Anti-Malware version 1.65.1.1000MarketResearchMesh RuntimeMessenger CompanionMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2010Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Click-to-Run 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft PowerPoint ViewerMicrosoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319MobileMe Control PanelMozilla Firefox 11.0 (x86 en-US)MSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Network64Norton Security ScanOpenOffice.org 3.4PhoneFile PROPhotoShowExpressPS_AIO_07_D110_SW_MinQuickset64QuickTimeQuickTransferRBVirtualFolder64InstRealNetworks - Microsoft Visual C++ 2008 RuntimeRealPlayerRealtek USB 2.0 Card ReaderRealUpgrade 1.1Roxio Activation ModuleRoxio BackOnTrackRoxio BurnRoxio Creator StarterRoxio Express Labeler 3Roxio File BackupSafariScanSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553091)Security Update for Microsoft Office 2010 (KB2553096)Security Update for Microsoft Office 2010 (KB2553260) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553447) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589322) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2597986) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 32-Bit EditionSecurity Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit EditionSecurity Update for Microsoft SharePoint Workspace 2010 (KB2566445)Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit EditionSecurity Update for Microsoft Word 2010 (KB2553488) 32-Bit EditionShop for HP SuppliesSkype ToolbarsSkype™ 5.10SmartWebPrintingSolutionCenterSonic CinePlayer Decoder PackStatusSynaptics Pointing Device DriverTeamViewer 6Tether 2.1.0.0ToolboxTrayAppTrustedIDUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2473228)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553092)Update for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553270) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553272) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2598289) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2589345) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2553248) 32-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit EditionWebRegWIDCOMM Bluetooth SoftwareWildTangent GamesWindows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (03/24/2010 6.3.0.2501)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live Messenger Companion CoreWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesXFINITY Toolbar.==== Event Viewer Messages From Past Week ========.10/18/2012 3:29:30 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.10/18/2012 3:08:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.1778.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode 10/18/2012 3:08:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}10/18/2012 2:58:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}10/18/2012 2:58:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}10/18/2012 2:58:38 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 2110/18/2012 2:58:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}10/18/2012 2:58:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}10/18/2012 2:58:19 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter NetworkX spldr Wanarpv610/18/2012 2:58:19 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.10/18/2012 2:58:12 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800033da63a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101812-20358-01.10/18/2012 2:48:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.10/18/2012 2:47:15 PM, Error: Service Control Manager [7000] - The PCSMHNT service failed to start due to the following error: This driver has been blocked from loading10/18/2012 2:47:15 PM, Error: Service Control Manager [7000] - The PARCAII service failed to start due to the following error: This driver has been blocked from loading10/18/2012 2:47:15 PM, Error: Service Control Manager [7000] - The J1939NT service failed to start due to the following error: This driver has been blocked from loading10/18/2012 2:47:15 PM, Error: Service Control Manager [7000] - The J1708NT service failed to start due to the following error: This driver has been blocked from loading10/18/2012 2:47:15 PM, Error: Service Control Manager [7000] - The DLASIPNT service failed to start due to the following error: This driver has been blocked from loading10/18/2012 2:47:15 PM, Error: Service Control Manager [7000] - The DLADRVNT service failed to start due to the following error: This driver has been blocked from loading10/18/2012 2:47:15 PM, Error: Service Control Manager [7000] - The CATLNKNT service failed to start due to the following error: This driver has been blocked from loading10/18/2012 2:47:15 PM, Error: Service Control Manager [7000] - The CANNT service failed to start due to the following error: This driver has been blocked from loading10/18/2012 2:47:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\PCSMHNT.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.10/18/2012 2:47:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\PARCAII.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.10/18/2012 2:47:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\J1939NT.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.10/18/2012 2:47:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\J1708NT.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.10/18/2012 2:47:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\DLASIPNT.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.10/18/2012 2:47:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\DLADRVNT.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.10/18/2012 2:47:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\CATLNKNT.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.10/18/2012 2:47:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\CANNT.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.10/18/2012 2:32:58 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.1778.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode 10/18/2012 2:22:47 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000000000df, 0x0000000000000002, 0x0000000000000001, 0xfffff800030bd0c5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101812-19172-01.10/18/2012 2:18:55 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll10/18/2012 2:18:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.1778.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 10/18/2012 2:05:13 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 1.137.1778.0;1.137.1778.0 Engine version: 1.1.8800.010/18/2012 12:43:49 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8005faabb0, 0x0000000000000000, 0x000000007efa8000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101812-35162-01.10/18/2012 12:35:10 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.1964.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode 10/18/2012 12:24:43 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800033bd63a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101812-28735-01.10/18/2012 12:22:04 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the CGPS Service service to connect.10/18/2012 12:22:04 PM, Error: Service Control Manager [7000] - The CGPS Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.10/18/2012 12:18:13 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000279163a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101812-23306-01.10/18/2012 12:03:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}10/18/2012 11:58:46 AM, Error: Service Control Manager [7030] - The CGPS Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.10/18/2012 11:58:35 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.1964.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode 10/18/2012 11:58:00 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}10/18/2012 11:40:41 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000338d63a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101812-22635-01.10/18/2012 11:35:10 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800033d763a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101812-23696-01.10/17/2012 6:47:31 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.10/17/2012 6:47:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}10/17/2012 6:47:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}10/17/2012 6:46:58 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000337f63a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101712-23961-01.10/17/2012 6:46:56 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache MpFilter NetBIOS NetBT NetworkX nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.10/17/2012 6:46:56 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.10/16/2012 8:44:15 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 1.137.1691.0;1.137.1691.0 Engine version: 1.1.8800.010/16/2012 10:38:31 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.1964.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x800704c7 Error description: The operation was canceled by the user. 10/15/2012 6:09:37 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.10/13/2012 1:45:04 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Tether service..==== End Of File ===========================~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Rogue KillerRogueKiller V8.1.1 [10/01/2012] by Tigzymail: tigzyRK<at>gmail<dot>comFeedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/Website: http://tigzy.geekstogo.com/roguekiller.phpBlog: http://tigzyrk.blogspot.comOperating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Safe mode with network supportUser : Luis [Admin rights]Mode : Scan -- Date : 10/18/2012 15:29:04¤¤¤ Bad processes : 2 ¤¤¤[sUSP PATH] belsys.exe -- C:\ProgramData\konasys32\gska\belsys.exe -> KILLED [TermProc][sVCHOST] svchost.exe -- \\.\globalroot\systemroot\svchost.exe -> KILLED [TermProc]¤¤¤ Registry Entries : 5 ¤¤¤[sHELL][sUSP PATH] HKLM\[...]\Winlogon : Userinit (C:\Windows\system32\userinit.exe,C:\ProgramData\konasys32\gska\belsys.exe,) -> FOUND[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{1F0184A2-B1A8-4EAB-BF2C-41A58597C6C9} : NameServer (66.1.64.132 66.1.64.133) -> FOUND[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{1F0184A2-B1A8-4EAB-BF2C-41A58597C6C9} : NameServer (66.1.64.132 66.1.64.133) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [NOT LOADED] ¤¤¤¤¤¤ Infection : Root.MBR ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> C:\Windows\system32\drivers\etc\hosts¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: ST9640320AS +++++--- User ---[MBR] e9cdd8ccce2b79834667594fa2b862cc[bSP] 19142f98348fd2f171581937f599a92f : Windows 7 MBR CodePartition table:0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 595378 MoUser != LL1 ... KO!--- LL1 ---[MBR] 743c545e542fa555971ec7df007e3f4d[bSP] 19142f98348fd2f171581937f599a92f : Windows 7 MBR CodePartition table:1 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 595378 MoUser != LL2 ... KO!--- LL2 ---[MBR] 743c545e542fa555971ec7df007e3f4d[bSP] 19142f98348fd2f171581937f599a92f : Windows 7 MBR CodePartition table:1 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 595378 MoFinished : << RKreport[1].txt >>RKreport[1].txt Link to post Share on other sites More sharing options...
MrCharlie Posted October 18, 2012 ID:608587 Share Posted October 18, 2012 Welcome to the forum.Run RogueKiller again and click ScanWhen the scan completes > click on the Registry tabPut a check next to all of these and uncheck the rest: (if found)[sHELL][sUSP PATH] HKLM\[...]\Winlogon : Userinit (C:\Windows\system32\userinit.exe,C:\ProgramData\konasys32\gska\belsys.exe,) -> FOUNDNow click Delete on the right hand column under Options-------------Next click on the Processes tab and put a check next to these and uncheck the rest. (if found)[sUSP PATH] belsys.exe -- C:\ProgramData\konasys32\gska\belsys.exe -> KILLED [TermProc][sVCHOST] svchost.exe -- \\.\globalroot\systemroot\svchost.exe -> KILLED [TermProc]Now click Delete on the right hand column under Options~~~~~~~~~~~~~~~~~Next...........Please read the directions carefully so you don't end up deleting something that is good!!Please download the latest version of TDSSKiller from here and save it to your Desktop.Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.Put a checkmark beside loaded modules.A reboot will be needed to apply the changes. Do it.TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.Then click on Change parameters in TDSSKiller.Check all boxes then click OK.Click the Start Scan button.The scan should take no longer than 2 minutes.If a suspicious object is detected, the default action will be Skip, click on Continue.Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose Skip.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here. There may be 3 logs > so post or attach all of them.Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.Here's a summary of what to do if you would like to print it out:If a suspicious object is detected, the default action will be Skip, click on ContinueIf you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please chooseSkip and click on ContinueAny entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose Skip.If malicious objects are found, they will show in the Scan results and offer three (3) options.Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.MrC Link to post Share on other sites More sharing options...
ShawnaN51 Posted October 18, 2012 Author ID:608592 Share Posted October 18, 2012 for the tdsskiller, when I get to the following step I do not get a reboot message Link to post Share on other sites More sharing options...
ShawnaN51 Posted October 18, 2012 Author ID:608598 Share Posted October 18, 2012 This is what I received rootkit.boot.pihar.cPhysical drive:\Device\hardisko\droMalware object; high risk not sure to skip or cure it? Link to post Share on other sites More sharing options...
MrCharlie Posted October 18, 2012 ID:608599 Share Posted October 18, 2012 CURE!!! MrC Link to post Share on other sites More sharing options...
ShawnaN51 Posted October 18, 2012 Author ID:608605 Share Posted October 18, 2012 16:16:37.0886 3392 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:4716:16:38.0214 3392 ============================================================16:16:38.0214 3392 Current date / time: 2012/10/18 16:16:38.021416:16:38.0214 3392 SystemInfo:16:16:38.0214 3392 16:16:38.0214 3392 OS Version: 6.1.7601 ServicePack: 1.016:16:38.0214 3392 Product type: Workstation16:16:38.0214 3392 ComputerName: LUIS-PC16:16:38.0214 3392 UserName: Luis16:16:38.0214 3392 Windows directory: C:\Windows16:16:38.0214 3392 System windows directory: C:\Windows16:16:38.0214 3392 Running under WOW6416:16:38.0214 3392 Processor architecture: Intel x6416:16:38.0214 3392 Number of processors: 416:16:38.0214 3392 Page size: 0x100016:16:38.0214 3392 Boot type: Normal boot16:16:38.0214 3392 ============================================================16:16:40.0023 3392 BG loaded16:16:40.0476 3392 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004016:16:40.0476 3392 ============================================================16:16:40.0476 3392 \Device\Harddisk0\DR0:16:16:40.0476 3392 MBR partitions:16:16:40.0476 3392 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C00016:16:40.0491 3392 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B016:16:40.0491 3392 ============================================================16:16:40.0585 3392 C: <-> \Device\Harddisk0\DR0\Partition216:16:40.0585 3392 ============================================================16:16:40.0585 3392 Initialize success16:16:40.0585 3392 ============================================================16:16:45.0561 0916 ============================================================16:16:45.0561 0916 Scan started16:16:45.0561 0916 Mode: Manual; 16:16:45.0561 0916 ============================================================16:16:56.0528 0916 ================ Scan system memory ========================16:16:56.0528 0916 System memory - ok16:16:56.0528 0916 ================ Scan services =============================16:16:59.0454 0916 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys16:16:59.0469 0916 1394ohci - ok16:17:01.0450 0916 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys16:17:01.0466 0916 ACPI - ok16:17:03.0338 0916 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys16:17:03.0338 0916 AcpiPmi - ok16:17:06.0801 0916 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe16:17:06.0832 0916 AdobeFlashPlayerUpdateSvc - ok16:17:10.0327 0916 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys16:17:10.0342 0916 adp94xx - ok16:17:12.0605 0916 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys16:17:12.0745 0916 adpahci - ok16:17:13.0463 0916 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys16:17:13.0463 0916 adpu320 - ok16:17:15.0072 0916 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll16:17:15.0296 0916 AeLookupSvc - ok16:17:17.0269 0916 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe16:17:17.0270 0916 AESTFilters - ok16:17:19.0460 0916 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys16:17:19.0460 0916 AFD - ok16:17:20.0724 0916 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys16:17:20.0724 0916 agp440 - ok16:17:24.0259 0916 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe16:17:24.0263 0916 ALG - ok16:17:25.0995 0916 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys16:17:26.0324 0916 aliide - ok16:17:27.0851 0916 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys16:17:27.0854 0916 amdide - ok16:17:29.0451 0916 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys16:17:29.0454 0916 AmdK8 - ok16:17:29.0573 0916 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys16:17:29.0578 0916 AmdPPM - ok16:17:31.0584 0916 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys16:17:31.0587 0916 amdsata - ok16:17:31.0917 0916 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys16:17:31.0977 0916 amdsbs - ok16:17:32.0033 0916 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys16:17:32.0036 0916 amdxata - ok16:17:35.0061 0916 [ F9DAC844B1D370DA4C984D4C22F5E696 ] AntiSpywareService C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe16:17:35.0064 0916 AntiSpywareService - ok16:17:35.0123 0916 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys16:17:35.0135 0916 AppID - ok16:17:35.0169 0916 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll16:17:35.0173 0916 AppIDSvc - ok16:17:35.0411 0916 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll16:17:35.0411 0916 Appinfo - ok16:17:35.0646 0916 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe16:17:35.0648 0916 Apple Mobile Device - ok16:17:35.0824 0916 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys16:17:35.0832 0916 arc - ok16:17:35.0844 0916 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys16:17:35.0846 0916 arcsas - ok16:17:35.0897 0916 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys16:17:35.0905 0916 AsyncMac - ok16:17:36.0073 0916 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys16:17:36.0093 0916 atapi - ok16:17:36.0628 0916 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll16:17:36.0632 0916 AudioEndpointBuilder - ok16:17:36.0681 0916 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll16:17:36.0685 0916 AudioSrv - ok16:17:37.0531 0916 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll16:17:37.0540 0916 AxInstSV - ok16:17:37.0734 0916 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys16:17:37.0753 0916 b06bdrv - ok16:17:38.0707 0916 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys16:17:38.0766 0916 b57nd60a - ok16:17:39.0476 0916 [ D1BA00D7CB6C1FBF29DC8935D8525D22 ] bcm C:\Windows\system32\DRIVERS\drxvi314_64.sys16:17:39.0494 0916 bcm - ok16:17:39.0647 0916 [ 5CCD19E7FA04DB87ADF171FA702A4169 ] bcmbusctr C:\Windows\system32\DRIVERS\BcmBusCtr_64.sys16:17:39.0654 0916 bcmbusctr - ok16:17:39.0878 0916 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll16:17:39.0890 0916 BDESVC - ok16:17:40.0351 0916 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys16:17:40.0352 0916 Beep - ok16:17:40.0988 0916 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll16:17:40.0993 0916 BFE - ok16:17:41.0136 0916 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll16:17:41.0161 0916 BITS - ok16:17:41.0284 0916 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys16:17:41.0285 0916 blbdrive - ok16:17:41.0544 0916 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe16:17:41.0547 0916 Bonjour Service - ok16:17:41.0620 0916 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys16:17:41.0621 0916 bowser - ok16:17:41.0707 0916 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys16:17:41.0715 0916 BrFiltLo - ok16:17:41.0764 0916 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys16:17:41.0766 0916 BrFiltUp - ok16:17:41.0856 0916 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll16:17:41.0858 0916 Browser - ok16:17:41.0934 0916 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys16:17:41.0995 0916 Brserid - ok16:17:42.0029 0916 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys16:17:42.0032 0916 BrSerWdm - ok16:17:42.0108 0916 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys16:17:42.0115 0916 BrUsbMdm - ok16:17:42.0157 0916 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys16:17:42.0164 0916 BrUsbSer - ok16:17:42.0263 0916 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys16:17:42.0264 0916 BthEnum - ok16:17:42.0318 0916 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys16:17:42.0321 0916 BTHMODEM - ok16:17:42.0381 0916 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys16:17:42.0382 0916 BthPan - ok16:17:42.0656 0916 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys16:17:42.0663 0916 BTHPORT - ok16:17:42.0814 0916 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll16:17:42.0815 0916 bthserv - ok16:17:42.0861 0916 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys16:17:42.0862 0916 BTHUSB - ok16:17:42.0981 0916 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys16:17:42.0982 0916 btusbflt - ok16:17:43.0020 0916 [ AF838D8029AE7C27470862D63FA54D24 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys16:17:43.0022 0916 btwaudio - ok16:17:43.0071 0916 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys16:17:43.0072 0916 btwavdt - ok16:17:43.0390 0916 [ 10FFB5FA51D5713D872B41A59DFC2213 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe16:17:43.0395 0916 btwdins - ok16:17:43.0447 0916 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys16:17:43.0448 0916 btwl2cap - ok16:17:43.0457 0916 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys16:17:43.0458 0916 btwrchid - ok16:17:43.0524 0916 CANNT - ok16:17:43.0531 0916 CATLNKNT - ok16:17:43.0581 0916 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys16:17:43.0587 0916 cdfs - ok16:17:43.0784 0916 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys16:17:43.0786 0916 cdrom - ok16:17:43.0886 0916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll16:17:43.0892 0916 CertPropSvc - ok16:17:43.0953 0916 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys16:17:43.0959 0916 circlass - ok16:17:44.0036 0916 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys16:17:44.0041 0916 CLFS - ok16:17:44.0270 0916 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe16:17:44.0279 0916 clr_optimization_v2.0.50727_32 - ok16:17:44.0355 0916 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe16:17:44.0361 0916 clr_optimization_v2.0.50727_64 - ok16:17:44.0586 0916 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe16:17:44.0644 0916 clr_optimization_v4.0.30319_32 - ok16:17:44.0945 0916 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe16:17:44.0948 0916 clr_optimization_v4.0.30319_64 - ok16:17:45.0010 0916 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys16:17:45.0011 0916 CmBatt - ok16:17:45.0036 0916 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys16:17:45.0042 0916 cmdide - ok16:17:45.0180 0916 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys16:17:45.0210 0916 CNG - ok16:17:45.0336 0916 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys16:17:45.0339 0916 Compbatt - ok16:17:45.0393 0916 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys16:17:45.0394 0916 CompositeBus - ok16:17:45.0425 0916 COMSysApp - ok16:17:45.0461 0916 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys16:17:45.0469 0916 crcdisk - ok16:17:45.0564 0916 [ 2177A0F611584BCA1DFDD7EEB35C0224 ] CrypKey License C:\Windows\system32\crypserv.exe16:17:45.0623 0916 CrypKey License - ok16:17:45.0649 0916 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll16:17:45.0649 0916 CryptSvc - ok16:17:45.0774 0916 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys16:17:45.0774 0916 CtClsFlt - ok16:17:46.0023 0916 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE16:17:46.0039 0916 cvhsvc - ok16:17:46.0226 0916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll16:17:46.0226 0916 DcomLaunch - ok16:17:46.0304 0916 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll16:17:46.0304 0916 defragsvc - ok16:17:46.0413 0916 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys16:17:46.0413 0916 DfsC - ok16:17:46.0549 0916 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll16:17:46.0553 0916 Dhcp - ok16:17:46.0607 0916 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys16:17:46.0608 0916 discache - ok16:17:46.0695 0916 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys16:17:46.0705 0916 Disk - ok16:17:46.0948 0916 DLADRVNT - ok16:17:46.0955 0916 DLASIPNT - ok16:17:46.0977 0916 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll16:17:46.0978 0916 Dnscache - ok16:17:47.0021 0916 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll16:17:47.0024 0916 dot3svc - ok16:17:47.0091 0916 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys16:17:47.0095 0916 Dot4 - ok16:17:47.0187 0916 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys16:17:47.0198 0916 Dot4Print - ok16:17:47.0218 0916 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys16:17:47.0229 0916 dot4usb - ok16:17:47.0352 0916 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll16:17:47.0354 0916 DPS - ok16:17:47.0433 0916 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys16:17:47.0439 0916 drmkaud - ok16:17:47.0734 0916 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys16:17:47.0749 0916 DXGKrnl - ok16:17:47.0780 0916 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll16:17:47.0780 0916 EapHost - ok16:17:47.0812 0916 easytether - ok16:17:48.0155 0916 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys16:17:48.0233 0916 ebdrv - ok16:17:48.0264 0916 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe16:17:48.0264 0916 EFS - ok16:17:48.0513 0916 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe16:17:48.0554 0916 ehRecvr - ok16:17:48.0589 0916 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe16:17:48.0594 0916 ehSched - ok16:17:48.0796 0916 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys16:17:48.0820 0916 elxstor - ok16:17:48.0856 0916 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys16:17:48.0861 0916 ErrDev - ok16:17:48.0957 0916 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll16:17:48.0959 0916 EventSystem - ok16:17:49.0369 0916 [ B56D9602DB5FE1C116B1CA5EFD8E2E50 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe16:17:49.0377 0916 EvtEng - ok16:17:49.0448 0916 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys16:17:49.0453 0916 exfat - ok16:17:49.0495 0916 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys16:17:49.0497 0916 fastfat - ok16:17:49.0720 0916 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe16:17:49.0728 0916 Fax - ok16:17:49.0769 0916 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys16:17:49.0771 0916 fdc - ok16:17:49.0832 0916 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll16:17:49.0835 0916 fdPHost - ok16:17:49.0857 0916 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll16:17:49.0865 0916 FDResPub - ok16:17:49.0906 0916 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys16:17:49.0908 0916 FileInfo - ok16:17:49.0951 0916 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys16:17:49.0953 0916 Filetrace - ok16:17:49.0969 0916 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys16:17:49.0974 0916 flpydisk - ok16:17:50.0027 0916 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys16:17:50.0029 0916 FltMgr - ok16:17:50.0324 0916 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll16:17:50.0369 0916 FontCache - ok16:17:50.0473 0916 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe16:17:50.0479 0916 FontCache3.0.0.0 - ok16:17:50.0531 0916 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys16:17:50.0536 0916 FsDepends - ok16:17:50.0636 0916 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys16:17:50.0640 0916 Fs_Rec - ok16:17:51.0025 0916 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys16:17:51.0030 0916 fvevol - ok16:17:51.0364 0916 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys16:17:51.0366 0916 gagp30kx - ok16:17:52.0047 0916 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe16:17:52.0084 0916 GameConsoleService - ok16:17:52.0287 0916 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys16:17:52.0288 0916 GEARAspiWDM - ok16:17:53.0032 0916 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe16:17:53.0042 0916 GoToAssist - ok16:17:53.0474 0916 [ C981676A39997F469832A0D66F325FC5 ] gpslc64 C:\Windows\system32\Drivers\gpslc64.sys16:17:53.0538 0916 gpslc64 - ok16:17:53.0645 0916 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll16:17:53.0650 0916 gpsvc - ok16:17:54.0277 0916 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe16:17:54.0279 0916 gupdate - ok16:17:55.0868 0916 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe16:17:55.0868 0916 gupdatem - ok16:17:56.0442 0916 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe16:17:56.0451 0916 gusvc - ok16:17:56.0475 0916 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys16:17:56.0479 0916 hcw85cir - ok16:17:56.0973 0916 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys16:17:57.0054 0916 HdAudAddService - ok16:17:57.0170 0916 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys16:17:57.0173 0916 HDAudBus - ok16:17:57.0289 0916 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys16:17:57.0290 0916 HECIx64 - ok16:17:57.0329 0916 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys16:17:57.0336 0916 HidBatt - ok16:17:57.0341 0916 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys16:17:57.0344 0916 HidBth - ok16:17:57.0349 0916 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys16:17:57.0351 0916 HidIr - ok16:17:57.0414 0916 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll16:17:57.0416 0916 hidserv - ok16:17:57.0515 0916 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys16:17:57.0516 0916 HidUsb - ok16:17:57.0585 0916 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll16:17:57.0591 0916 hkmsvc - ok16:17:57.0622 0916 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll16:17:57.0626 0916 HomeGroupListener - ok16:17:57.0661 0916 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll16:17:57.0662 0916 HomeGroupProvider - ok16:17:58.0022 0916 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll16:17:58.0026 0916 hpqcxs08 - ok16:17:58.0136 0916 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll16:17:58.0137 0916 hpqddsvc - ok16:17:58.0261 0916 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys16:17:58.0263 0916 HpSAMD - ok16:17:58.0503 0916 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL16:17:58.0513 0916 HPSLPSVC - ok16:17:58.0700 0916 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys16:17:58.0704 0916 HTTP - ok16:17:58.0838 0916 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys16:17:58.0840 0916 hwpolicy - ok16:17:58.0965 0916 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys16:17:58.0966 0916 i8042prt - ok16:17:59.0194 0916 [ 2064090C9FAAD92C090D77E50E735B2E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys16:17:59.0198 0916 iaStor - ok16:17:59.0357 0916 [ A9BE186ABF28B3D3D698CB855EDF457E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe16:17:59.0363 0916 IAStorDataMgrSvc - ok16:17:59.0491 0916 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys16:17:59.0514 0916 iaStorV - ok16:17:59.0806 0916 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe16:17:59.0872 0916 idsvc - ok16:18:01.0318 0916 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys16:18:01.0373 0916 igfx - ok16:18:01.0437 0916 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys16:18:01.0445 0916 iirsp - ok16:18:01.0541 0916 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll16:18:01.0553 0916 IKEEXT - ok16:18:01.0646 0916 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys16:18:01.0648 0916 Impcd - ok16:18:01.0721 0916 [ C6C1F19205DA83C801BE7C25F4E2EE07 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys16:18:01.0723 0916 IntcDAud - ok16:18:01.0763 0916 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys16:18:01.0764 0916 intelide - ok16:18:01.0895 0916 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys16:18:01.0896 0916 intelppm - ok16:18:01.0929 0916 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll16:18:01.0941 0916 IPBusEnum - ok16:18:02.0119 0916 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys16:18:02.0122 0916 IpFilterDriver - ok16:18:02.0210 0916 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll16:18:02.0219 0916 iphlpsvc - ok16:18:02.0261 0916 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys16:18:02.0269 0916 IPMIDRV - ok16:18:02.0282 0916 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys16:18:02.0285 0916 IPNAT - ok16:18:02.0515 0916 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe16:18:02.0524 0916 iPod Service - ok16:18:02.0600 0916 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys16:18:02.0602 0916 IRENUM - ok16:18:02.0615 0916 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys16:18:02.0618 0916 isapnp - ok16:18:02.0653 0916 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys16:18:02.0660 0916 iScsiPrt - ok16:18:02.0748 0916 [ 54F694C6CD3A1149BA3A8BDACC83BADC ] ITMRTSVC C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe16:18:02.0752 0916 ITMRTSVC - ok16:18:02.0759 0916 J1708NT - ok16:18:02.0769 0916 J1939NT - ok16:18:02.0814 0916 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys16:18:02.0814 0916 kbdclass - ok16:18:02.0877 0916 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys16:18:02.0877 0916 kbdhid - ok16:18:02.0923 0916 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe16:18:02.0923 0916 KeyIso - ok16:18:02.0955 0916 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys16:18:02.0955 0916 KSecDD - ok16:18:03.0017 0916 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys16:18:03.0017 0916 KSecPkg - ok16:18:03.0079 0916 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys16:18:03.0079 0916 ksthunk - ok16:18:03.0111 0916 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll16:18:03.0126 0916 KtmRm - ok16:18:03.0189 0916 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll16:18:03.0204 0916 LanmanServer - ok16:18:03.0235 0916 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll16:18:03.0235 0916 LanmanWorkstation - ok16:18:03.0313 0916 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys16:18:03.0313 0916 lltdio - ok16:18:03.0345 0916 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll16:18:03.0345 0916 lltdsvc - ok16:18:03.0360 0916 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll16:18:03.0360 0916 lmhosts - ok16:18:03.0454 0916 [ 23DE5B62B0445A6F874BE633C95B483E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe16:18:03.0454 0916 LMS - ok16:18:03.0516 0916 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys16:18:03.0516 0916 LSI_FC - ok16:18:03.0547 0916 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys16:18:03.0547 0916 LSI_SAS - ok16:18:03.0563 0916 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys16:18:03.0563 0916 LSI_SAS2 - ok16:18:03.0610 0916 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys16:18:03.0610 0916 LSI_SCSI - ok16:18:03.0672 0916 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys16:18:03.0672 0916 luafv - ok16:18:03.0766 0916 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll16:18:03.0766 0916 Mcx2Svc - ok16:18:03.0828 0916 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys16:18:03.0828 0916 megasas - ok16:18:03.0872 0916 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys16:18:03.0878 0916 MegaSR - ok16:18:04.0038 0916 Microsoft SharePoint Workspace Audit Service - ok16:18:04.0069 0916 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll16:18:04.0071 0916 MMCSS - ok16:18:04.0091 0916 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys16:18:04.0094 0916 Modem - ok16:18:04.0196 0916 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys16:18:04.0198 0916 monitor - ok16:18:04.0257 0916 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys16:18:04.0257 0916 mouclass - ok16:18:04.0304 0916 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys16:18:04.0305 0916 mouhid - ok16:18:04.0367 0916 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys16:18:04.0370 0916 mountmgr - ok16:18:04.0478 0916 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys16:18:04.0482 0916 MpFilter - ok16:18:04.0529 0916 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys16:18:04.0532 0916 mpio - ok16:18:04.0563 0916 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys16:18:04.0564 0916 mpsdrv - ok16:18:04.0637 0916 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll16:18:04.0649 0916 MpsSvc - ok16:18:04.0686 0916 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys16:18:04.0694 0916 MRxDAV - ok16:18:04.0748 0916 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys16:18:04.0751 0916 mrxsmb - ok16:18:04.0798 0916 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys16:18:04.0800 0916 mrxsmb10 - ok16:18:04.0833 0916 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys16:18:04.0833 0916 mrxsmb20 - ok16:18:04.0879 0916 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys16:18:04.0879 0916 msahci - ok16:18:04.0911 0916 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys16:18:04.0926 0916 msdsm - ok16:18:04.0942 0916 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe16:18:04.0942 0916 MSDTC - ok16:18:05.0004 0916 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys16:18:05.0004 0916 Msfs - ok16:18:05.0020 0916 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys16:18:05.0020 0916 mshidkmdf - ok16:18:05.0051 0916 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys16:18:05.0051 0916 msisadrv - ok16:18:05.0082 0916 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll16:18:05.0098 0916 MSiSCSI - ok16:18:05.0098 0916 msiserver - ok16:18:05.0145 0916 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys16:18:05.0145 0916 MSKSSRV - ok16:18:05.0269 0916 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe16:18:05.0269 0916 MsMpSvc - ok16:18:05.0285 0916 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys16:18:05.0285 0916 MSPCLOCK - ok16:18:05.0301 0916 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys16:18:05.0301 0916 MSPQM - ok16:18:05.0379 0916 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys16:18:05.0394 0916 MsRPC - ok16:18:05.0441 0916 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys16:18:05.0441 0916 mssmbios - ok16:18:05.0488 0916 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys16:18:05.0488 0916 MSTEE - ok16:18:05.0519 0916 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys16:18:05.0519 0916 MTConfig - ok16:18:05.0535 0916 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys16:18:05.0550 0916 Mup - ok16:18:05.0659 0916 [ A9BC2302FBDF52C8AF4E2FC966288D21 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe16:18:05.0722 0916 MyWiFiDHCPDNS - ok16:18:05.0769 0916 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll16:18:05.0769 0916 napagent - ok16:18:05.0847 0916 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys16:18:05.0847 0916 NativeWifiP - ok16:18:06.0008 0916 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys16:18:06.0040 0916 NDIS - ok16:18:06.0090 0916 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys16:18:06.0092 0916 NdisCap - ok16:18:06.0148 0916 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys16:18:06.0149 0916 NdisTapi - ok16:18:06.0209 0916 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys16:18:06.0210 0916 Ndisuio - ok16:18:06.0270 0916 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys16:18:06.0272 0916 NdisWan - ok16:18:06.0342 0916 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys16:18:06.0343 0916 NDProxy - ok16:18:06.0419 0916 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll16:18:06.0420 0916 Net Driver HPZ12 - ok16:18:06.0472 0916 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys16:18:06.0473 0916 NetBIOS - ok16:18:06.0510 0916 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys16:18:06.0512 0916 NetBT - ok16:18:06.0557 0916 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe16:18:06.0559 0916 Netlogon - ok16:18:06.0596 0916 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll16:18:06.0602 0916 Netman - ok16:18:06.0616 0916 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll16:18:06.0625 0916 netprofm - ok16:18:06.0655 0916 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe16:18:06.0662 0916 NetTcpPortSharing - ok16:18:07.0099 0916 [ 24F64343F14A119308456E1CA7507B26 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys16:18:07.0146 0916 NETw5s64 - ok16:18:07.0209 0916 [ A97D9B1C2EEB2E169D2593E7073BCD27 ] NetworkX C:\Windows\System32\ckldrv.sys16:18:07.0240 0916 NetworkX - ok16:18:07.0287 0916 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys16:18:07.0302 0916 nfrd960 - ok16:18:07.0318 0916 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys16:18:07.0333 0916 NisDrv - ok16:18:07.0396 0916 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe16:18:07.0396 0916 NisSrv - ok16:18:07.0458 0916 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll16:18:07.0458 0916 NlaSvc - ok16:18:07.0677 0916 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe16:18:07.0692 0916 NOBU - ok16:18:07.0770 0916 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys16:18:07.0786 0916 Npfs - ok16:18:07.0801 0916 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll16:18:07.0801 0916 nsi - ok16:18:07.0833 0916 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys16:18:07.0833 0916 nsiproxy - ok16:18:07.0926 0916 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys16:18:07.0973 0916 Ntfs - ok16:18:07.0989 0916 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys16:18:07.0989 0916 Null - ok16:18:08.0035 0916 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys16:18:08.0035 0916 nvraid - ok16:18:08.0051 0916 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys16:18:08.0067 0916 nvstor - ok16:18:08.0098 0916 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys16:18:08.0098 0916 nv_agp - ok16:18:08.0121 0916 [ F79633A8B7DB75CB5FAD53B02985A414 ] NWADI C:\Windows\system32\DRIVERS\NWADIenum.sys16:18:08.0123 0916 NWADI - ok16:18:08.0156 0916 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys16:18:08.0167 0916 ohci1394 - ok16:18:08.0234 0916 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE16:18:08.0238 0916 ose - ok16:18:08.0609 0916 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE16:18:08.0741 0916 osppsvc - ok16:18:08.0780 0916 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll16:18:08.0787 0916 p2pimsvc - ok16:18:08.0830 0916 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll16:18:08.0836 0916 p2psvc - ok16:18:08.0963 0916 PARCAII - ok16:18:09.0010 0916 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys16:18:09.0014 0916 Parport - ok16:18:09.0053 0916 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys16:18:09.0055 0916 partmgr - ok16:18:09.0077 0916 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll16:18:09.0080 0916 PcaSvc - ok16:18:09.0108 0916 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys16:18:09.0111 0916 pci - ok16:18:09.0151 0916 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys16:18:09.0155 0916 pciide - ok16:18:09.0176 0916 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys16:18:09.0182 0916 pcmcia - ok16:18:09.0188 0916 PCSMHNT - ok16:18:09.0223 0916 PCTINDIS5X64 - ok16:18:09.0269 0916 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys16:18:09.0285 0916 pcw - ok16:18:09.0301 0916 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys16:18:09.0316 0916 PEAUTH - ok16:18:09.0597 0916 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe16:18:09.0597 0916 PerfHost - ok16:18:09.0815 0916 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll16:18:09.0847 0916 pla - ok16:18:09.0940 0916 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll16:18:09.0940 0916 PlugPlay - ok16:18:09.0987 0916 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll16:18:10.0003 0916 Pml Driver HPZ12 - ok16:18:10.0018 0916 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll16:18:10.0018 0916 PNRPAutoReg - ok16:18:10.0096 0916 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll16:18:10.0112 0916 PNRPsvc - ok16:18:10.0190 0916 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll16:18:10.0205 0916 PolicyAgent - ok16:18:10.0268 0916 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll16:18:10.0268 0916 Power - ok16:18:10.0346 0916 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys16:18:10.0346 0916 PptpMiniport - ok16:18:10.0393 0916 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys16:18:10.0393 0916 Processor - ok16:18:10.0486 0916 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll16:18:10.0502 0916 ProfSvc - ok16:18:10.0580 0916 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe16:18:10.0580 0916 ProtectedStorage - ok16:18:10.0642 0916 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys16:18:10.0642 0916 Psched - ok16:18:10.0705 0916 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys16:18:10.0705 0916 PxHlpa64 - ok16:18:10.0767 0916 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys16:18:10.0814 0916 ql2300 - ok16:18:10.0814 0916 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys16:18:10.0814 0916 ql40xx - ok16:18:10.0845 0916 [ 19370F973CBEBE1680ECA9AE4A5AB7E1 ] qrkis C:\Windows\system32\DRIVERS\qrkis.sys16:18:10.0861 0916 qrkis - ok16:18:10.0892 0916 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll16:18:10.0892 0916 QWAVE - ok16:18:10.0907 0916 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys16:18:10.0907 0916 QWAVEdrv - ok16:18:10.0923 0916 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys16:18:10.0923 0916 RasAcd - ok16:18:10.0985 0916 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys16:18:11.0001 0916 RasAgileVpn - ok16:18:11.0032 0916 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll16:18:11.0032 0916 RasAuto - ok16:18:11.0063 0916 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys16:18:11.0063 0916 Rasl2tp - ok16:18:11.0126 0916 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll16:18:11.0141 0916 RasMan - ok16:18:11.0204 0916 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys16:18:11.0204 0916 RasPppoe - ok16:18:11.0251 0916 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys16:18:11.0266 0916 RasSstp - ok16:18:11.0313 0916 [ 96597C96D5ACF4A3EF0B24D396853879 ] rcmirror C:\Windows\system32\DRIVERS\rcmirror.sys16:18:11.0329 0916 rcmirror - ok16:18:11.0375 0916 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys16:18:11.0375 0916 rdbss - ok16:18:11.0407 0916 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys16:18:11.0407 0916 rdpbus - ok16:18:11.0422 0916 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys16:18:11.0422 0916 RDPCDD - ok16:18:11.0438 0916 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys16:18:11.0438 0916 RDPENCDD - ok16:18:11.0453 0916 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys16:18:11.0453 0916 RDPREFMP - ok16:18:11.0485 0916 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys16:18:11.0500 0916 RDPWD - ok16:18:11.0563 0916 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys16:18:11.0578 0916 rdyboost - ok16:18:11.0719 0916 [ 0AA473966357C4A41B5EB19649EB6E5E ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe16:18:11.0734 0916 RegSrvc - ok16:18:11.0765 0916 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll16:18:11.0765 0916 RemoteAccess - ok16:18:11.0875 0916 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll16:18:11.0890 0916 RemoteRegistry - ok16:18:11.0953 0916 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys16:18:11.0953 0916 RFCOMM - ok16:18:12.0155 0916 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe16:18:12.0187 0916 RoxMediaDB12OEM - ok16:18:12.0249 0916 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe16:18:12.0265 0916 RoxWatch12 - ok16:18:12.0280 0916 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll16:18:12.0296 0916 RpcEptMapper - ok16:18:12.0327 0916 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe16:18:12.0327 0916 RpcLocator - ok16:18:12.0374 0916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll16:18:12.0374 0916 RpcSs - ok16:18:12.0436 0916 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys16:18:12.0436 0916 rspndr - ok16:18:12.0530 0916 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys16:18:12.0545 0916 RSUSBSTOR - ok16:18:12.0608 0916 [ FD978B2BF8A9B2390DCBEF435E9C1F9F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys16:18:12.0608 0916 RTL8167 - ok16:18:12.0623 0916 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe16:18:12.0623 0916 SamSs - ok16:18:12.0670 0916 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys16:18:12.0670 0916 sbp2port - ok16:18:12.0701 0916 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll16:18:12.0701 0916 SCardSvr - ok16:18:12.0748 0916 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys16:18:12.0748 0916 scfilter - ok16:18:12.0795 0916 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll16:18:12.0811 0916 Schedule - ok16:18:12.0857 0916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll16:18:12.0857 0916 SCPolicySvc - ok16:18:12.0873 0916 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll16:18:12.0873 0916 SDRSVC - ok16:18:12.0904 0916 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys16:18:12.0904 0916 secdrv - ok16:18:12.0935 0916 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll16:18:12.0935 0916 seclogon - ok16:18:12.0967 0916 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll16:18:12.0967 0916 SENS - ok16:18:12.0982 0916 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll16:18:12.0982 0916 SensrSvc - ok16:18:13.0029 0916 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys16:18:13.0029 0916 Serenum - ok16:18:13.0091 0916 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys16:18:13.0091 0916 Serial - ok16:18:13.0123 0916 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys16:18:13.0123 0916 sermouse - ok16:18:13.0201 0916 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll16:18:13.0216 0916 SessionEnv - ok16:18:13.0247 0916 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys16:18:13.0263 0916 sffdisk - ok16:18:13.0357 0916 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys16:18:13.0372 0916 sffp_mmc - ok16:18:13.0388 0916 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys16:18:13.0388 0916 sffp_sd - ok16:18:13.0419 0916 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys16:18:13.0419 0916 sfloppy - ok16:18:13.0481 0916 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys16:18:13.0513 0916 Sftfs - ok16:18:13.0575 0916 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe16:18:13.0591 0916 sftlist - ok16:18:13.0669 0916 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys16:18:13.0669 0916 Sftplay - ok16:18:13.0684 0916 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys16:18:13.0684 0916 Sftredir - ok16:18:13.0809 0916 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE16:18:13.0840 0916 SftService - ok16:18:13.0856 0916 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys16:18:13.0856 0916 Sftvol - ok16:18:13.0871 0916 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe16:18:13.0871 0916 sftvsa - ok16:18:13.0934 0916 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll16:18:13.0949 0916 SharedAccess - ok16:18:13.0996 0916 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll16:18:13.0996 0916 ShellHWDetection - ok16:18:14.0059 0916 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys16:18:14.0059 0916 SiSRaid2 - ok16:18:14.0059 0916 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys16:18:14.0074 0916 SiSRaid4 - ok16:18:14.0183 0916 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe16:18:14.0183 0916 SkypeUpdate - ok16:18:14.0199 0916 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys16:18:14.0199 0916 Smb - ok16:18:14.0277 0916 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe16:18:14.0277 0916 SNMPTRAP - ok16:18:14.0277 0916 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys16:18:14.0277 0916 spldr - ok16:18:14.0339 0916 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe16:18:14.0339 0916 Spooler - ok16:18:14.0605 0916 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe16:18:14.0714 0916 sppsvc - ok16:18:14.0745 0916 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll16:18:14.0745 0916 sppuinotify - ok16:18:14.0776 0916 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys16:18:14.0792 0916 srv - ok16:18:14.0807 0916 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys16:18:14.0823 0916 srv2 - ok16:18:14.0839 0916 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys16:18:14.0839 0916 srvnet - ok16:18:14.0885 0916 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll16:18:14.0901 0916 SSDPSRV - ok16:18:14.0917 0916 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll16:18:14.0917 0916 SstpSvc - ok16:18:14.0979 0916 [ 463E33B1EA7AF1E6EB87B66B831DB41A ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe16:18:14.0979 0916 STacSV - ok16:18:15.0010 0916 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys16:18:15.0010 0916 stexstor - ok16:18:15.0073 0916 [ 4304B75094E106FB5423A290C95841E5 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys16:18:15.0088 0916 STHDA - ok16:18:15.0182 0916 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll16:18:15.0197 0916 stisvc - ok16:18:15.0229 0916 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe16:18:15.0291 0916 stllssvr - ok16:18:15.0353 0916 [ 3D120C97D6D047F33AC0C08D35F31103 ] Svk2pl C:\Windows\system32\DRIVERS\Svk2pl64.sys16:18:15.0353 0916 Svk2pl - ok16:18:15.0385 0916 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys16:18:15.0385 0916 swenum - ok16:18:15.0463 0916 [ A8E9E76CC2F342F205273702969C84C9 ] swmx00 C:\Windows\system32\DRIVERS\swmx00.sys16:18:15.0463 0916 swmx00 - ok16:18:15.0494 0916 [ B053610BB36D9BD1BFF7102727427600 ] SWNC5E00 C:\Windows\system32\DRIVERS\SWNC5E00.sys16:18:15.0572 0916 SWNC5E00 - ok16:18:15.0619 0916 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll16:18:15.0619 0916 swprv - ok16:18:15.0743 0916 [ 8A3FBCB3D6D4710730D27DA4392A4863 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys16:18:15.0743 0916 SynTP - ok16:18:15.0806 0916 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll16:18:15.0821 0916 SysMain - ok16:18:15.0868 0916 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll16:18:15.0868 0916 TabletInputService - ok16:18:15.0915 0916 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll16:18:15.0915 0916 TapiSrv - ok16:18:15.0946 0916 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll16:18:15.0946 0916 TBS - ok16:18:16.0071 0916 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys16:18:16.0118 0916 Tcpip - ok16:18:16.0211 0916 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys16:18:16.0243 0916 TCPIP6 - ok16:18:16.0289 0916 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys16:18:16.0289 0916 tcpipreg - ok16:18:16.0352 0916 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys16:18:16.0352 0916 TDPIPE - ok16:18:16.0383 0916 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys16:18:16.0383 0916 TDTCP - ok16:18:16.0430 0916 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys16:18:16.0430 0916 tdx - ok16:18:16.0601 0916 [ 7C2F4D20AF8267605607B483D88C8302 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe16:18:16.0617 0916 TeamViewer6 - ok16:18:16.0679 0916 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys16:18:16.0679 0916 TermDD - ok16:18:16.0773 0916 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll16:18:16.0789 0916 TermService - ok16:18:16.0898 0916 [ 8998A2CF1E6EC2711D2AFA8EECAACE05 ] Tether C:\Program Files (x86)\Tether\TBService.exe16:18:16.0898 0916 Tether - ok16:18:16.0929 0916 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll16:18:16.0929 0916 Themes - ok16:18:16.0960 0916 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll16:18:16.0960 0916 THREADORDER - ok16:18:16.0976 0916 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll16:18:16.0976 0916 TrkWks - ok16:18:17.0069 0916 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe16:18:17.0085 0916 TrustedInstaller - ok16:18:17.0132 0916 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys16:18:17.0132 0916 tssecsrv - ok16:18:17.0210 0916 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys16:18:17.0210 0916 TsUsbFlt - ok16:18:17.0272 0916 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys16:18:17.0272 0916 tunnel - ok16:18:17.0319 0916 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys16:18:17.0319 0916 uagp35 - ok16:18:17.0350 0916 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys16:18:17.0366 0916 udfs - ok16:18:17.0381 0916 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe16:18:17.0397 0916 UI0Detect - ok16:18:17.0428 0916 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys16:18:17.0428 0916 uliagpkx - ok16:18:17.0491 0916 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys16:18:17.0491 0916 umbus - ok16:18:17.0522 0916 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys16:18:17.0537 0916 UmPass - ok16:18:17.0912 0916 [ CC3775100ABA633984F73DFAE1F55CAE ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe16:18:18.0005 0916 UNS - ok16:18:18.0052 0916 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll16:18:18.0052 0916 upnphost - ok16:18:18.0130 0916 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys16:18:18.0146 0916 USBAAPL64 - ok16:18:18.0177 0916 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys16:18:18.0177 0916 usbccgp - ok16:18:18.0193 0916 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys16:18:18.0193 0916 usbcir - ok16:18:18.0208 0916 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys16:18:18.0208 0916 usbehci - ok16:18:18.0286 0916 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys16:18:18.0286 0916 usbhub - ok16:18:18.0302 0916 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys16:18:18.0317 0916 usbohci - ok16:18:18.0364 0916 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys16:18:18.0364 0916 usbprint - ok16:18:18.0380 0916 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys16:18:18.0395 0916 usbscan - ok16:18:18.0411 0916 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS16:18:18.0427 0916 USBSTOR - ok16:18:18.0442 0916 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys16:18:18.0442 0916 usbuhci - ok16:18:18.0505 0916 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys16:18:18.0520 0916 usbvideo - ok16:18:18.0567 0916 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll16:18:18.0567 0916 UxSms - ok16:18:18.0567 0916 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe16:18:18.0567 0916 VaultSvc - ok16:18:18.0614 0916 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys16:18:18.0614 0916 vdrvroot - ok16:18:18.0707 0916 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe16:18:18.0723 0916 vds - ok16:18:18.0754 0916 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys16:18:18.0754 0916 vga - ok16:18:18.0770 0916 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys16:18:18.0770 0916 VgaSave - ok16:18:18.0817 0916 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys16:18:18.0832 0916 vhdmp - ok16:18:18.0863 0916 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys16:18:18.0863 0916 viaide - ok16:18:18.0895 0916 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys16:18:18.0895 0916 volmgr - ok16:18:18.0926 0916 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys16:18:18.0926 0916 volmgrx - ok16:18:18.0973 0916 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys16:18:18.0973 0916 volsnap - ok16:18:19.0035 0916 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys16:18:19.0035 0916 vsmraid - ok16:18:19.0129 0916 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe16:18:19.0160 0916 VSS - ok16:18:19.0175 0916 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys16:18:19.0175 0916 vwifibus - ok16:18:19.0222 0916 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys16:18:19.0222 0916 vwififlt - ok16:18:19.0238 0916 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys16:18:19.0238 0916 vwifimp - ok16:18:19.0316 0916 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll16:18:19.0331 0916 W32Time - ok16:18:19.0347 0916 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys16:18:19.0347 0916 WacomPen - ok16:18:19.0409 0916 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys16:18:19.0425 0916 WANARP - ok16:18:19.0441 0916 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys16:18:19.0441 0916 Wanarpv6 - ok16:18:19.0595 0916 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe16:18:19.0624 0916 WatAdminSvc - ok16:18:19.0691 0916 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe16:18:19.0734 0916 wbengine - ok16:18:19.0762 0916 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll16:18:19.0768 0916 WbioSrvc - ok16:18:19.0828 0916 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll16:18:19.0909 0916 wcncsvc - ok16:18:19.0928 0916 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll16:18:19.0932 0916 WcsPlugInService - ok16:18:19.0961 0916 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys16:18:19.0964 0916 Wd - ok16:18:19.0989 0916 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys16:18:20.0011 0916 Wdf01000 - ok16:18:20.0025 0916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll16:18:20.0028 0916 WdiServiceHost - ok16:18:20.0034 0916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll16:18:20.0036 0916 WdiSystemHost - ok16:18:20.0083 0916 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll16:18:20.0092 0916 WebClient - ok16:18:20.0113 0916 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll16:18:20.0119 0916 Wecsvc - ok16:18:20.0137 0916 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll16:18:20.0141 0916 wercplsupport - ok16:18:20.0155 0916 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll16:18:20.0159 0916 WerSvc - ok16:18:20.0202 0916 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys16:18:20.0203 0916 WfpLwf - ok16:18:20.0279 0916 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys16:18:20.0283 0916 WimFltr - ok16:18:20.0310 0916 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys16:18:20.0313 0916 WIMMount - ok16:18:20.0334 0916 WinDefend - ok16:18:20.0344 0916 WinHttpAutoProxySvc - ok16:18:20.0398 0916 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll16:18:20.0400 0916 Winmgmt - ok16:18:20.0590 0916 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll16:18:20.0700 0916 WinRM - ok16:18:20.0824 0916 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys16:18:20.0824 0916 WinUsb - ok16:18:20.0918 0916 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll16:18:20.0934 0916 Wlansvc - ok16:18:21.0012 0916 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe16:18:21.0012 0916 wlcrasvc - ok16:18:21.0339 0916 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE16:18:21.0355 0916 wlidsvc - ok16:18:21.0464 0916 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys16:18:21.0464 0916 WmiAcpi - ok16:18:21.0511 0916 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe16:18:21.0511 0916 wmiApSrv - ok16:18:21.0589 0916 WMPNetworkSvc - ok16:18:21.0636 0916 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll16:18:21.0636 0916 WPCSvc - ok16:18:21.0667 0916 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll16:18:21.0667 0916 WPDBusEnum - ok16:18:21.0745 0916 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys16:18:21.0745 0916 ws2ifsl - ok16:18:21.0838 0916 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll16:18:21.0838 0916 wscsvc - ok16:18:21.0838 0916 WSearch - ok16:18:21.0916 0916 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll16:18:21.0994 0916 wuauserv - ok16:18:22.0010 0916 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys16:18:22.0010 0916 WudfPf - ok16:18:22.0072 0916 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys16:18:22.0088 0916 WUDFRd - ok16:18:22.0119 0916 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll16:18:22.0119 0916 wudfsvc - ok16:18:22.0150 0916 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll16:18:22.0150 0916 WwanSvc - ok16:18:22.0197 0916 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys16:18:22.0213 0916 yukonw7 - ok16:18:22.0400 0916 ================ Scan global ===============================16:18:22.0462 0916 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll16:18:22.0556 0916 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll16:18:22.0899 0916 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll16:18:22.0946 0916 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll16:18:23.0071 0916 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe16:18:23.0071 0916 [Global] - ok16:18:23.0071 0916 ================ Scan MBR ==================================16:18:23.0086 0916 [ C3220EB08ADD62E3ED9F72A1F4E4B1BB ] \Device\Harddisk0\DR016:18:25.0192 0916 \Device\Harddisk0\DR0 - ok16:18:25.0192 0916 ================ Scan VBR ==================================16:18:25.0270 0916 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition116:18:25.0270 0916 \Device\Harddisk0\DR0\Partition1 - ok16:18:25.0286 0916 [ 723FFEBDE086355CE5F5C8E20D4FDB4A ] \Device\Harddisk0\DR0\Partition216:18:25.0302 0916 \Device\Harddisk0\DR0\Partition2 - ok16:18:25.0302 0916 ============================================================16:18:25.0302 0916 Scan finished16:18:25.0302 0916 ============================================================16:18:25.0302 0412 Detected object count: 016:18:25.0302 0412 Actual detected object count: 016:18:46.0864 3240 Deinitialize success Link to post Share on other sites More sharing options...
MrCharlie Posted October 18, 2012 ID:608607 Share Posted October 18, 2012 There should be more logs from TDSSKiller, can you post or attach them > MrCBottom right corner of the page.New window that comes up. Link to post Share on other sites More sharing options...
ShawnaN51 Posted October 18, 2012 Author ID:608613 Share Posted October 18, 2012 I may have closed that screen I got the log from my c drive how can I attach all of them? Link to post Share on other sites More sharing options...
ShawnaN51 Posted October 18, 2012 Author ID:608617 Share Posted October 18, 2012 I have attachedTDSSKiller.2.8.13.0_18.10.2012_16.16.37_log.txtTDSSKiller.2.8.13.0_18.10.2012_16.13.21_log.txtTDSSKiller.2.8.13.0_18.10.2012_15.58.04_log.txtTDSSKiller.2.8.13.0_18.10.2012_15.55.49_log.txtTDSSKiller.2.8.13.0_18.10.2012_15.50.53_log.txtTDSSKiller.2.8.13.0_18.10.2012_15.49.09_log.txt Link to post Share on other sites More sharing options...
MrCharlie Posted October 18, 2012 ID:608619 Share Posted October 18, 2012 Like this > go to......Bottom right corner of this page.New window that comes up. Link to post Share on other sites More sharing options...
MrCharlie Posted October 18, 2012 ID:608626 Share Posted October 18, 2012 Looks Good............Please download and run ComboFix.The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.Please visit this webpage for download links, and instructions for running ComboFixhttp://www.bleepingc...to-use-combofixEnsure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Information on disabling your malware programs can be found Here.Make sure you run ComboFix from your desktop. Give it at least 30-45 minutes to finish if needed.Please include the C:\ComboFix.txt in your next reply for further review.---------->NOTE<----------If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.MrC Link to post Share on other sites More sharing options...
ShawnaN51 Posted October 18, 2012 Author ID:608632 Share Posted October 18, 2012 Perfect Thank you I will do that now Link to post Share on other sites More sharing options...
LDTate Posted November 2, 2012 ID:608862 Share Posted November 2, 2012 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts