blocking malicious IPs

[gettheman]

99% certain comp is fine just keep getting MBAM blocking malicious site so someone on here suggested I submit logs

gracias

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16470

Run by Chris at 7:31:14 on 2013-04-09

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3060.1440 [GMT 1:00]

.

AV: Bitdefender Antivirus *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Bitdefender Antispyware *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

FW: Bitdefender Firewall *Enabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\AERTSrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe

C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\rundll32.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\igfxpers.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\System32\mspaint.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Bitdefender\Bitdefender 2013\seccenter.exe

C:\Program Files\Bitdefender\Bitdefender 2013\IntegratedSupport.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll

TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe

mRun: [bdagent] c:\program files\bitdefender\bitdefender 2013\bdagent.exe

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: NameServer = 192.168.0.1

TCP: Interfaces\{24808C3F-DF8E-4DBB-B40F-D7DB39A51B71} : DHCPNameServer = 192.168.0.203

TCP: Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F} : DHCPNameServer = 192.168.0.1

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

Notify: igfxcui - igfxdev.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\chris\appdata\roaming\mozilla\firefox\profiles\q908vuqn.default-1364514302772\

FF - prefs.js: network.proxy.type - 4

FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll

FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll

FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll

FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll

FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll

FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1200112.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll

FF - ExtSQL: 2013-03-18 13:42; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\programdata\realnetworks\realdownloader\browserplugins\firefox\Ext

FF - ExtSQL: 2013-03-28 21:56; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; c:\program files\mcafee\SiteAdvisor

.

============= SERVICES / DRIVERS ===============

.

R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2013-4-8 625128]

R0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2013-4-8 162976]

R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2013-4-8 77192]

R1 BDVEDISK;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [2013-4-8 72704]

R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-3-23 398184]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-3-23 682344]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2012-8-29 95232]

R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]

R2 SafeBox;SafeBox;c:\program files\bitdefender\bitdefender safebox\safeboxservice.exe [2013-4-8 82824]

R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2013\updatesrv.exe [2013-4-8 55984]

R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [2013-4-8 242504]

R3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2013-4-8 482928]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-3-23 21104]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2013-4-8 66392]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-3-18 83168]

S3 MOSUMAC;USB-Ethernet Driver;c:\windows\system32\drivers\MOSUMAC.SYS [2010-11-19 43520]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-3-18 181344]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\bitdefender\bitdefender 2013\bdparentalservice.exe [2013-4-8 62688]

.

=============== Created Last 30 ================

.

2013-04-09 03:39:29 -------- d-----w- c:\programdata\Dumps

2013-04-08 21:13:48 600128 ----a-w- c:\programdata\1365455016.bdinstall.bin

2013-04-08 21:10:22 -------- d-----w- c:\programdata\BDLogging

2013-04-08 21:10:11 72704 ----a-w- c:\windows\system32\drivers\bdvedisk.sys

2013-04-08 21:10:10 77192 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys

2013-04-08 21:10:10 66392 ----a-w- c:\windows\system32\drivers\bdsandbox.sys

2013-04-08 21:10:10 511328 ----a-w- c:\windows\capicom.dll

2013-04-08 21:10:08 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll

2013-04-08 21:10:04 242504 ----a-w- c:\windows\system32\drivers\avchv.sys

2013-04-08 21:10:03 625128 ----a-w- c:\windows\system32\drivers\avc3.sys

2013-04-08 21:10:03 482928 ----a-w- c:\windows\system32\drivers\avckf.sys

2013-04-08 21:05:11 -------- d-----w- c:\users\chris\appdata\roaming\Bitdefender

2013-04-08 21:05:07 -------- d-----w- c:\programdata\Bitdefender

2013-04-08 21:04:11 -------- d-----w- c:\users\chris\appdata\roaming\QuickScan

2013-04-08 21:03:50 162976 ----a-w- c:\windows\system32\drivers\gzflt.sys

2013-04-08 21:03:47 343456 ----a-w- c:\windows\system32\drivers\trufos.sys

2013-04-08 21:03:47 -------- d-----w- c:\program files\Bitdefender

2013-04-08 21:03:21 -------- d-----w- c:\program files\common files\Bitdefender

2013-03-29 21:19:51 -------- d-sh--w- C:\$RECYCLE.BIN

2013-03-29 21:19:49 -------- d-----w- c:\users\chris\appdata\local\temp

2013-03-22 23:05:30 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-22 23:05:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-03-22 19:27:27 -------- d-----w- c:\program files\ESET

2013-03-20 17:46:14 -------- d-----w- c:\program files\Emsisoft Anti-Malware

2013-03-18 21:09:17 83168 ----a-w- c:\windows\system32\drivers\ssudbus.sys

2013-03-18 21:09:17 181344 ----a-w- c:\windows\system32\drivers\ssudmdm.sys

2013-03-18 21:02:20 821824 ----a-w- c:\windows\system32\dgderapi.dll

2013-03-18 21:02:20 319456 ----a-w- c:\windows\system32\DIFxAPI.dll

2013-03-18 21:02:20 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys

2013-03-18 13:42:27 -------- d-----w- c:\program files\RealNetworks

2013-03-18 13:42:26 -------- d-----w- c:\programdata\RealNetworks

2013-03-18 13:41:46 -------- d-----w- c:\program files\common files\xing shared

2013-03-17 23:23:05 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-03-16 15:41:33 -------- d-----w- c:\program files\TunnelBear

.

==================== Find3M ====================

.

2013-03-22 22:23:38 861088 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-03-22 22:23:38 782240 ----a-w- c:\windows\system32\deployJava1.dll

2013-03-15 22:58:55 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-03-15 22:58:55 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-03-03 19:50:21 499712 ----a-w- c:\windows\system32\msvcp71.dll

2013-02-05 17:53:34 4659712 ----a-w- c:\windows\system32\Redemption.dll

2013-02-05 17:52:54 90112 ----a-w- c:\windows\MAMCityDownload.ocx

2013-02-05 17:52:54 330240 ----a-w- c:\windows\MASetupCaller.dll

2013-02-05 17:52:54 30568 ----a-w- c:\windows\MusiccityDownload.exe

2013-02-02 03:38:35 1800704 ----a-w- c:\windows\system32\jscript9.dll

2013-02-02 03:30:32 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2013-02-02 03:30:21 1129472 ----a-w- c:\windows\system32\wininet.dll

2013-02-02 03:26:47 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2013-02-02 03:26:21 420864 ----a-w- c:\windows\system32\vbscript.dll

2013-02-02 03:23:28 2382848 ----a-w- c:\windows\system32\mshtml.tlb

.

============= FINISH: 7:31:46.65 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 04/02/2011 10:32:19

System Uptime: 09/04/2013 03:17:24 (4 hours ago)

.

Motherboard: Dell Inc. | | 0K216C

Processor: Intel® Core2 Duo CPU E6750 @ 2.66GHz | Socket 775 | 1998/333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 288 GiB total, 174.07 GiB free.

D: is FIXED (NTFS) - 10 GiB total, 3.888 GiB free.

E: is CDROM (UDF)

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: GoTrusted TAP Adapter

Device ID: ROOT\NET\0000

Manufacturer: GoTrusted TAP Provider

Name: GoTrusted TAP Adapter

PNP Device ID: ROOT\NET\0000

Service: gttap1

.

==== System Restore Points ===================

.

RP549: 07/03/2013 00:23:24 - Scheduled Checkpoint

RP550: 08/03/2013 14:35:52 - Scheduled Checkpoint

RP551: 09/03/2013 14:19:02 - Removed Java 7 Update 17

RP552: 09/03/2013 14:21:49 - Installed Java 7 Update 17

RP553: 10/03/2013 10:40:40 - Scheduled Checkpoint

RP554: 13/03/2013 22:25:54 - Device Driver Package Install: TAP-Win32 Provider V9 Network adapters

RP555: 13/03/2013 22:34:11 - Windows Update

RP556: 15/03/2013 00:29:51 - Scheduled Checkpoint

RP557: 15/03/2013 22:30:10 - Removed Ask Toolbar

RP558: 16/03/2013 13:14:35 - Scheduled Checkpoint

RP559: 16/03/2013 15:42:43 - Device Driver Package Install: TAP-Win32 Provider V9 Network adapters

RP560: 17/03/2013 23:23:09 - Windows Update

RP561: 18/03/2013 12:13:19 - Removed Samsung Kies

RP562: 18/03/2013 21:00:42 - Installed Samsung Kies

RP563: 20/03/2013 00:03:28 - Scheduled Checkpoint

RP564: 21/03/2013 01:21:00 - Scheduled Checkpoint

RP565: 21/03/2013 13:31:38 - Scheduled Checkpoint

RP566: 22/03/2013 13:35:05 - Scheduled Checkpoint

RP567: 22/03/2013 22:20:00 - Removed Java 7 Update 17

RP568: 22/03/2013 22:23:00 - Installed Java 7 Update 17

RP570: 22/03/2013 22:31:47 - Revo Uninstaller's restore point - Java 7 Update 17

RP571: 22/03/2013 22:31:57 - Removed Java 7 Update 17

RP573: 22/03/2013 22:53:33 - Revo Uninstaller's restore point - Java 7 Update 17

RP574: 23/03/2013 13:20:36 - Windows Update

RP575: 24/03/2013 01:43:33 - Scheduled Checkpoint

RP576: 29/03/2013 01:15:00 - Scheduled Checkpoint

RP577: 29/03/2013 21:53:11 - Scheduled Checkpoint

RP578: 31/03/2013 02:09:13 - Scheduled Checkpoint

RP579: 03/04/2013 21:16:38 - 4tha

RP580: 03/04/2013 21:18:12 - OTL Restore Point - 03/04/2013 21:18:12

RP581: 03/04/2013 21:18:41 - OTL Restore Point - 03/04/2013 21:18:40

RP582: 04/04/2013 19:32:07 - OTL Restore Point - 04/04/2013 19:32:07

RP583: 04/04/2013 19:32:42 - OTL Restore Point - 04/04/2013 19:32:42

RP584: 06/04/2013 03:24:14 - Scheduled Checkpoint

RP585: 07/04/2013 00:00:06 - Scheduled Checkpoint

RP586: 08/04/2013 21:59:04 - avast! Internet Security Setup

RP587: 08/04/2013 22:10:33 - Device Driver Package Install: BITDEFENDER S.R.L. System devices

RP588: 08/04/2013 22:11:17 - Device Driver Package Install: BitDefender LLC Network Service

RP589: 09/04/2013 03:00:11 - Windows Update

.

==== Installed Programs ======================

.

Leawo Video Converter version 5.1.0.0

Adobe AIR

Adobe Community Help

Adobe Download Assistant

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader XI (11.0.02)

Adobe Shockwave Player 12.0

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Bitdefender Total Security 2013

CCleaner

ConvertXtoDVD 4.0.9.322

D3DX10

EasyBCD 1.7

ESET Online Scanner v3

ffdshow [rev 2180] [2008-10-04]

FileHippo.com Update Checker

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)

Intel® Graphics Media Accelerator Driver

K-Lite Codec Pack 7.0.0 (Standard)

Malwarebytes Anti-Malware version 1.70.0.1100

McAfee SiteAdvisor

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office Excel Viewer 2003

Microsoft Office Word Viewer 2003

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

Mozilla Firefox 20.0 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

MSXML 4.0 SP3 Parser (KB973685)

MyFreeCodec

Nero 7 Lite 7.10.1.2

Opera 12.15

QuickTime

RealDownloader

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealNetworks - Microsoft Visual C++ 2010 Runtime

RealPlayer

Realtek High Definition Audio Driver

RealUpgrade 1.1

Revo Uninstaller 1.94

Samsung Kies

SAMSUNG USB Driver for Mobile Phones

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Segoe UI

Skitch

swMSM

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

VLC media player 2.0.5

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Messenger

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Media Player Firefox Plugin

WinRAR 4.20 (32-bit)

YouTube Downloader App 3.00

.

==== Event Viewer Messages From Past Week ========

.

03/04/2013 21:22:21, Error: EventLog [6008] - The previous system shutdown at 21:20:54 on 03/04/2013 was unexpected.

.

==== End Of File ===========================

[Maurice Naggar]

Hello gettheman,

Keep in mind what my colleagues mentioned on IP blocks on the general mbam sub-forum.

Also, if all your browsers are closed, & with no instant messenger app running, & your system being clean, normally one would not expect an "outbound ip block".

With that all said, did you just recently switch from Avast to BitDefender? what was the sequence you used to switch? and did you do a restart just before installing the new security app?

It is quite possible you have adwares or unwanted add-ons on your system that would be the source for the "issue at hand".

As I help you and we go along, please do not run other tools on your own.

I need for you to follow my guidance.

If my instructions are not clear, please stop and ask. Read all instructions before diving in.

Also, as you report back, let me know in each reply whether the ip blocks happen again, with detail on the ip number & whether Outbound.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT by doing a Right-Click on it & select Run As Admisnistrator

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

Show all files:

• Click the Start button, and then click Computer.
  
• On the Organize menu, click Folder and Search Options.
  
• Click the View tab.
  
• Locate and uncheck Hide file extensions for known file types.
  
• Locate and uncheck Hide protected operating system files (Recommended).
  
• Locate and click Show hidden files and folders.
  
• Click Apply > OK.

Step 3

Close any open work documents, if any, saving your work.

Make sure to close any other programs that you started before.

Please download Junkware Removal Tool by Thisisu to your Desktop.

• Please close your security software to avoid potential conflicts.
  
• Run the tool by double-clicking it. If you are using Windows Vista or 7 or 8, right-mouse click JRT.exe and select Run as administrator.
  
• The tool will open and display information and disclaimer in a Command prompt window.
  
• I'd suggest you close all internet browsers at this point.
  
• Press a key on keyboard to start scanning your system.
  
• Please be very patient as this will take several minutes to complete, depending on your system's specifications.
  
• There are approximatly 12 phases or so in this tool. You will see each phase listed in the Command prompt window.
  
• On completion, a log (JRT.txt) is saved to your Desktop and will automatically open. And the command prompt will have been closed.
  
• Please post the contents of JRT.txt into a new reply.
  
• Re-enable your security software.

Step 4

• Download & SAVE to your Desktop Tigzy's RogueKiller >> from here << or
  >> from here <<
  
• Quit all programs that you may have started.
  
• Please disconnect any USB or external drives from the computer before you run this scan!
  
• For Vista or Windows 7 / 8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
  For Windows XP, double-click to start.
  
• Wait until Prescan has finished ...
  
• Then Click on Scan button at upper right of screen.
  
• Wait until the Status box shows "Scan Finished"
  
• Click on Report and copy/paste the content of the Notepad into your next reply.
  
• The log should be found in RKreport[1].txt on your Desktop
  
• Do NOT press any Fix button.
  
• Exit/Close RogueKiller

Step 5

Please download AdwCleaner © Xplode from >>here<< and save it on your Desktop.

If your are running Windows XP, double click adwcleaner.exe to start it.

Otherwise, Right-click on adwcleaner.exe and select Run As Administrator to launch the application.

Now click on the Search tab.

Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\AdwCleaner[XX].txt where XX Denotes the number of times the application has been ran, so in this should be something like R1.

[gettheman]

yes I swictehd but got rid of one before using the other. just tried to load erunt and got the error Server not found

Firefox can't find the server at dundats.mvps.org. then I click again and it works but getting the problem loading page alot no matter what firewall

I keep getting errors about malicious outbound. next time will try and screensave it--logs to follow

[gettheman]

junkware removal tool was running for 1 hour but still deep scanning registry?

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version

Started in : Normal mode

User : Chris [Admin rights]

Mode : Scan -- Date : 04/09/2013 23:48:14

| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤

[sUSP PATH] JRT.exe -- C:\Users\Chris\Desktop\JRT.exe [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 2 ¤¤¤

[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND

[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Extern Hives: ¤¤¤

-> D:\windows\system32\config\SOFTWARE

-> D:\windows\system32\config\SYSTEM

-> D:\Users\Default\NTUSER.DAT

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3320613AS ATA Device +++++

--- User ---

[MBR] 75cea1566f37ed5202eeca8f75d9ee40

[bSP] f9ca80c0c038cea0eeca3eb48d6e0ec9 : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 295243 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 604659712 | Size: 10000 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[2]_S_04092013_02d2348.txt >>

RKreport[1]_S_04092013_02d2346.txt ; RKreport[2]_S_04092013_02d2348.txt

# AdwCleaner v2.200 - Logfile created 04/09/2013 at 23:50:01

# Updated 02/04/2013 by Xplode

# Operating system : Windows Vista Home Premium Service Pack 2 (32 bits)

# User : Chris - DELL-530

# Boot Mode : Normal

# Running from : C:\Users\Chris\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0 (en-US)

File : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\q908vuqn.default-1364514302772\prefs.js

[OK] File is clean.

-\\ Google Chrome v [unable to get version]

File : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.15.1748.0

File : C:\Users\Chris\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R10].txt - [1502 octets] - [22/02/2013 03:07:42]

AdwCleaner[R11].txt - [1563 octets] - [22/02/2013 20:46:31]

AdwCleaner[R12].txt - [1870 octets] - [23/02/2013 23:49:59]

AdwCleaner[R13].txt - [1637 octets] - [08/03/2013 14:33:48]

AdwCleaner[R14].txt - [1700 octets] - [09/03/2013 00:09:37]

AdwCleaner[R15].txt - [1761 octets] - [09/03/2013 00:10:20]

AdwCleaner[R16].txt - [1971 octets] - [16/03/2013 13:12:19]

AdwCleaner[R17].txt - [1388 octets] - [09/04/2013 23:50:01]

AdwCleaner[R5].txt - [1168 octets] - [04/02/2013 19:31:11]

AdwCleaner[R6].txt - [1226 octets] - [04/02/2013 21:57:28]

AdwCleaner[R7].txt - [1322 octets] - [18/02/2013 15:12:49]

AdwCleaner[R8].txt - [1382 octets] - [18/02/2013 15:24:20]

AdwCleaner[R9].txt - [1442 octets] - [18/02/2013 17:01:01]

AdwCleaner[s10].txt - [2314 octets] - [21/03/2013 13:49:17]

AdwCleaner[s6].txt - [1075 octets] - [13/01/2013 22:52:33]

AdwCleaner[s7].txt - [1626 octets] - [22/02/2013 20:46:40]

AdwCleaner[s8].txt - [1935 octets] - [23/02/2013 23:52:01]

AdwCleaner[s9].txt - [1820 octets] - [09/03/2013 00:10:27]

########## EOF - C:\AdwCleaner[R17].txt - [2050 octets] ##########

[gettheman]

managed to get it done eventually

after 5 hours

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.8.3 (04.05.2013:1)

OS: Windows Vista Home Premium x86

Ran by Chris on 09/04/2013 at 23:50:49.74

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Emptied folder: C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\q908vuqn.default-1364514302772\minidumps [3 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 10/04/2013 at 4:07:21.80

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Maurice Naggar]

Curious as to why Adwcleaner was run so many times ?

btw, if an outbound IP block shows up, just write down (document) the IP address & report that in a reply.

We'll continue with running other tools.

Task 1

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.

Link 2
Link 3
Link 4
Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.
If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL

IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

When all done, rkill.txt log file will be on your desktop. Copy & Paste contents of Rkill.txt into a reply.

More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html

Task 2

1. Download Malwarebytes Anti-Rootkit from http://www.malwarebytes.org/products/mbar/

2. Unzip the contents to a folder in a convenient location.

3. Open the folder where the contents were unzipped and run mbar.exe

4. Follow the instructions in the wizard to update and allow the program to scan your computer for threats.

5. Click on the Cleanup button to remove any threats and reboot if prompted to do so.

6. Wait while the system shuts down and the cleanup process is performed.

7. Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.

[gettheman]

Rkill 2.4.7 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2013 BleepingComputer.com

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/10/2013 04:35:43 PM in x86 mode.

Windows Version: Windows Vista Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.

Startup Type set to: Manual

[Maurice Naggar]

I can't tell if you have proceeded forward or not.

However, in any event, you should proceed to Task 2 & do the mbar procedure.

[gettheman]

no threats with mbar

[gettheman]

I can't tell if you have proceeded forward or not. However, in any event, you should proceed to Task 2 & do the mbar procedure.

what do you mean?

[gettheman]

I keep going into my microsoft inboc to write a mail but the inbox keeps popping up while I am trying to write for some reason

is there any sign of malware, anything else i need to do?

[gettheman]

also get the error when I reboot from erunt

[gettheman]

sorry just realised not given you the full rkill report. aplogies

Rkill 2.4.7 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2013 BleepingComputer.com

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/11/2013 08:14:08 AM in x86 mode.

Windows Version: Windows Vista Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.

Startup Type set to: Manual

* msiserver => %systemroot%\system32\msiexec.exe /V [incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 04/11/2013 08:14:19 AM

Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)

[Maurice Naggar]

IF ERUNT hiccups with the message box, just close the window to cancel the run. This may occur each time Windows starts. It is having a problem creating a backup. So just close the window by clicking the X close button.

The MBAR found nothing, you reported. That is a good beginning.

We have more work to do.

BTW, each time you reply, I need to know whether or not you are still seeing OUTBOUND malicious IP blocks !!

In other words, I need regular reports as to the status of your original problem.

btw, I am going to disregard for the time being, any issue with mail. My main focus is hunting for malware.

Please read carefully and follow these steps.

• Download TDSSKiller and save it to your Desktop.
  
• Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
  If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  
• If an infected file is detected, the default action will be Cure, click on Continue.
  
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
  
• If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
  Skip and click on Continue
  
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
  
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
  

[gettheman]

yes I keep getting outbound blocks on MBAM but not been quick enough to capture it, it is always to do with firefox though I noticed

[gettheman]

22:28:32.0069 4388 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

22:28:34.0062 4388 ============================================================

22:28:34.0062 4388 Current date / time: 2013/04/11 22:28:34.0062

22:28:34.0062 4388 SystemInfo:

22:28:34.0062 4388

22:28:34.0062 4388 OS Version: 6.0.6002 ServicePack: 2.0

22:28:34.0062 4388 Product type: Workstation

22:28:34.0062 4388 ComputerName: DELL-530

22:28:34.0062 4388 UserName: Chris

22:28:34.0062 4388 Windows directory: C:\Windows

22:28:34.0062 4388 System windows directory: C:\Windows

22:28:34.0063 4388 Processor architecture: Intel x86

22:28:34.0063 4388 Number of processors: 2

22:28:34.0063 4388 Page size: 0x1000

22:28:34.0063 4388 Boot type: Normal boot

22:28:34.0063 4388 ============================================================

22:28:36.0586 4388 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

22:28:36.0586 4388 ============================================================

22:28:36.0586 4388 \Device\Harddisk0\DR0:

22:28:36.0586 4388 MBR partitions:

22:28:36.0586 4388 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x240A5800

22:28:36.0586 4388 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x240A6000, BlocksNum 0x1388000

22:28:36.0586 4388 ============================================================

22:28:36.0602 4388 C: <-> \Device\Harddisk0\DR0\Partition1

22:28:36.0680 4388 D: <-> \Device\Harddisk0\DR0\Partition2

22:28:36.0711 4388 ============================================================

22:28:36.0711 4388 Initialize success

22:28:36.0711 4388 ============================================================

22:28:37.0896 5160 ============================================================

22:28:37.0896 5160 Scan started

22:28:37.0896 5160 Mode: Manual;

22:28:37.0896 5160 ============================================================

22:28:40.0103 5160 ================ Scan system memory ========================

22:28:40.0103 5160 System memory - ok

22:28:40.0103 5160 ================ Scan services =============================

22:28:41.0053 5160 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys

22:28:41.0083 5160 ACPI - ok

22:28:41.0358 5160 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

22:28:41.0382 5160 AdobeARMservice - ok

22:28:41.0575 5160 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

22:28:41.0575 5160 AdobeFlashPlayerUpdateSvc - ok

22:28:41.0809 5160 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

22:28:41.0871 5160 adp94xx - ok

22:28:41.0911 5160 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys

22:28:41.0921 5160 adpahci - ok

22:28:41.0931 5160 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys

22:28:41.0971 5160 adpu160m - ok

22:28:41.0991 5160 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

22:28:41.0991 5160 adpu320 - ok

22:28:42.0041 5160 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

22:28:42.0041 5160 AeLookupSvc - ok

22:28:42.0091 5160 [ 330A1E4DF07C2E29949ED8631CD8828E ] AERTFilters C:\Windows\system32\AERTSrv.exe

22:28:42.0091 5160 AERTFilters - ok

22:28:42.0151 5160 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys

22:28:42.0161 5160 AFD - ok

22:28:42.0211 5160 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys

22:28:42.0211 5160 agp440 - ok

22:28:42.0261 5160 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys

22:28:42.0291 5160 aic78xx - ok

22:28:42.0321 5160 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe

22:28:42.0321 5160 ALG - ok

22:28:42.0331 5160 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys

22:28:42.0341 5160 aliide - ok

22:28:42.0351 5160 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys

22:28:42.0351 5160 amdagp - ok

22:28:42.0361 5160 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys

22:28:42.0361 5160 amdide - ok

22:28:42.0371 5160 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys

22:28:42.0371 5160 AmdK7 - ok

22:28:42.0381 5160 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

22:28:42.0381 5160 AmdK8 - ok

22:28:42.0391 5160 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll

22:28:42.0401 5160 Appinfo - ok

22:28:42.0611 5160 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

22:28:42.0611 5160 Apple Mobile Device - ok

22:28:42.0701 5160 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys

22:28:42.0711 5160 arc - ok

22:28:42.0751 5160 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys

22:28:42.0751 5160 arcsas - ok

22:28:42.0771 5160 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

22:28:42.0771 5160 AsyncMac - ok

22:28:42.0781 5160 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys

22:28:42.0781 5160 atapi - ok

22:28:42.0821 5160 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

22:28:42.0831 5160 AudioEndpointBuilder - ok

22:28:42.0831 5160 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll

22:28:42.0841 5160 Audiosrv - ok

22:28:42.0881 5160 [ F3D3B0AFFD227AA2BFC80C1A4536BAA0 ] avc3 C:\Windows\system32\DRIVERS\avc3.sys

22:28:42.0881 5160 avc3 - ok

22:28:42.0921 5160 [ 7F9B99B564E7C9FBB6729ED95B5BBB24 ] avchv C:\Windows\system32\DRIVERS\avchv.sys

22:28:42.0921 5160 avchv - ok

22:28:42.0931 5160 [ C7BE750843A8A39167187FD28634A25E ] avckf C:\Windows\system32\DRIVERS\avckf.sys

22:28:42.0941 5160 avckf - ok

22:28:43.0503 5160 [ A624841BECEE1B0FCAB28BF2E4CB317A ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe

22:28:43.0504 5160 BdDesktopParental - ok

22:28:43.0740 5160 [ 2C8F82DC54215B2FE064EFF996F39D9B ] BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys

22:28:43.0741 5160 BdfNdisf - ok

22:28:43.0767 5160 [ F7D825F7E47D8A7865F5D2156B1B7A24 ] bdftdif C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys

22:28:43.0768 5160 bdftdif - ok

22:28:43.0830 5160 [ B6CBFC9D825BB2D955620CD4D8EF07F9 ] BDSandBox C:\Windows\system32\drivers\bdsandbox.sys

22:28:43.0831 5160 BDSandBox - ok

22:28:43.0926 5160 [ A7478F77584F8DB6AD74B2BBE1144886 ] bdselfpr C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys

22:28:43.0926 5160 bdselfpr - ok

22:28:43.0957 5160 [ B82A4AE7C1259411421D2389BD1AB058 ] BDVEDISK C:\Windows\system32\DRIVERS\bdvedisk.sys

22:28:43.0957 5160 BDVEDISK - ok

22:28:44.0020 5160 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys

22:28:44.0020 5160 Beep - ok

22:28:44.0067 5160 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll

22:28:44.0067 5160 BFE - ok

22:28:44.0145 5160 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll

22:28:44.0176 5160 BITS - ok

22:28:44.0176 5160 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

22:28:44.0176 5160 blbdrive - ok

22:28:44.0207 5160 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys

22:28:44.0207 5160 bowser - ok

22:28:44.0254 5160 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys

22:28:44.0254 5160 BrFiltLo - ok

22:28:44.0269 5160 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys

22:28:44.0269 5160 BrFiltUp - ok

22:28:44.0269 5160 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll

22:28:44.0269 5160 Browser - ok

22:28:44.0285 5160 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys

22:28:44.0285 5160 Brserid - ok

22:28:44.0301 5160 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys

22:28:44.0301 5160 BrSerWdm - ok

22:28:44.0316 5160 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys

22:28:44.0316 5160 BrUsbMdm - ok

22:28:44.0316 5160 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys

22:28:44.0316 5160 BrUsbSer - ok

22:28:44.0332 5160 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

22:28:44.0332 5160 BTHMODEM - ok

22:28:44.0363 5160 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

22:28:44.0363 5160 cdfs - ok

22:28:44.0394 5160 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

22:28:44.0394 5160 cdrom - ok

22:28:44.0394 5160 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll

22:28:44.0394 5160 CertPropSvc - ok

22:28:44.0410 5160 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys

22:28:44.0410 5160 circlass - ok

22:28:44.0425 5160 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys

22:28:44.0441 5160 CLFS - ok

22:28:44.0488 5160 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

22:28:44.0488 5160 clr_optimization_v2.0.50727_32 - ok

22:28:44.0862 5160 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

22:28:44.0878 5160 clr_optimization_v4.0.30319_32 - ok

22:28:44.0909 5160 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys

22:28:44.0909 5160 cmdide - ok

22:28:44.0925 5160 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys

22:28:44.0925 5160 Compbatt - ok

22:28:44.0925 5160 COMSysApp - ok

22:28:44.0940 5160 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

22:28:44.0940 5160 crcdisk - ok

22:28:44.0956 5160 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys

22:28:44.0956 5160 Crusoe - ok

22:28:45.0018 5160 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll

22:28:45.0018 5160 CryptSvc - ok

22:28:45.0081 5160 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll

22:28:45.0096 5160 DcomLaunch - ok

22:28:45.0112 5160 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys

22:28:45.0112 5160 DfsC - ok

22:28:45.0361 5160 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe

22:28:45.0455 5160 DFSR - ok

22:28:45.0533 5160 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys

22:28:45.0533 5160 dg_ssudbus - ok

22:28:45.0580 5160 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll

22:28:45.0580 5160 Dhcp - ok

22:28:45.0611 5160 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys

22:28:45.0611 5160 disk - ok

22:28:45.0673 5160 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll

22:28:45.0673 5160 Dnscache - ok

22:28:45.0689 5160 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll

22:28:45.0689 5160 dot3svc - ok

22:28:45.0689 5160 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll

22:28:45.0705 5160 DPS - ok

22:28:45.0736 5160 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

22:28:45.0736 5160 drmkaud - ok

22:28:45.0783 5160 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

22:28:45.0783 5160 DXGKrnl - ok

22:28:45.0798 5160 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys

22:28:45.0798 5160 e1express - ok

22:28:45.0814 5160 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys

22:28:45.0829 5160 E1G60 - ok

22:28:45.0829 5160 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll

22:28:45.0829 5160 EapHost - ok

22:28:45.0876 5160 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys

22:28:45.0876 5160 Ecache - ok

22:28:45.0939 5160 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

22:28:46.0001 5160 ehRecvr - ok

22:28:46.0001 5160 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe

22:28:46.0001 5160 ehSched - ok

22:28:46.0032 5160 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll

22:28:46.0048 5160 ehstart - ok

22:28:46.0095 5160 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys

22:28:46.0110 5160 elxstor - ok

22:28:46.0126 5160 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll

22:28:46.0141 5160 EMDMgmt - ok

22:28:46.0204 5160 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys

22:28:46.0204 5160 ErrDev - ok

22:28:46.0219 5160 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll

22:28:46.0219 5160 EventSystem - ok

22:28:46.0266 5160 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys

22:28:46.0266 5160 exfat - ok

22:28:46.0282 5160 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys

22:28:46.0282 5160 fastfat - ok

22:28:46.0297 5160 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys

22:28:46.0297 5160 fdc - ok

22:28:46.0313 5160 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll

22:28:46.0313 5160 fdPHost - ok

22:28:46.0329 5160 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll

22:28:46.0329 5160 FDResPub - ok

22:28:46.0344 5160 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

22:28:46.0344 5160 FileInfo - ok

22:28:46.0360 5160 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys

22:28:46.0360 5160 Filetrace - ok

22:28:46.0375 5160 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

22:28:46.0375 5160 flpydisk - ok

22:28:46.0391 5160 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

22:28:46.0391 5160 FltMgr - ok

22:28:46.0485 5160 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll

22:28:46.0500 5160 FontCache - ok

22:28:46.0578 5160 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

22:28:46.0594 5160 FontCache3.0.0.0 - ok

22:28:46.0609 5160 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

22:28:46.0625 5160 Fs_Rec - ok

22:28:46.0656 5160 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

22:28:46.0656 5160 gagp30kx - ok

22:28:46.0687 5160 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll

22:28:46.0703 5160 gpsvc - ok

22:28:46.0734 5160 gttap1 - ok

22:28:46.0765 5160 [ 9C1E3F5A672EDB0831AAF3E36B6876A6 ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys

22:28:46.0765 5160 gzflt - ok

22:28:46.0828 5160 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

22:28:46.0843 5160 HdAudAddService - ok

22:28:46.0843 5160 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

22:28:46.0859 5160 HDAudBus - ok

22:28:46.0875 5160 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys

22:28:46.0875 5160 HidBth - ok

22:28:46.0890 5160 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys

22:28:46.0890 5160 HidIr - ok

22:28:46.0906 5160 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll

22:28:46.0906 5160 hidserv - ok

22:28:46.0921 5160 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

22:28:46.0921 5160 HidUsb - ok

22:28:46.0937 5160 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll

22:28:46.0937 5160 hkmsvc - ok

22:28:46.0953 5160 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys

22:28:46.0953 5160 HpCISSs - ok

22:28:46.0968 5160 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys

22:28:46.0984 5160 HTTP - ok

22:28:46.0999 5160 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys

22:28:47.0031 5160 i2omp - ok

22:28:47.0124 5160 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

22:28:47.0140 5160 i8042prt - ok

22:28:47.0155 5160 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys

22:28:47.0187 5160 iaStorV - ok

22:28:47.0249 5160 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

22:28:47.0265 5160 idsvc - ok

22:28:47.0389 5160 [ 63C56DAC467EF814B60FF2AA2286C917 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys

22:28:47.0436 5160 igfx - ok

22:28:47.0499 5160 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys

22:28:47.0499 5160 iirsp - ok

22:28:47.0530 5160 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll

22:28:47.0545 5160 IKEEXT - ok

22:28:47.0623 5160 [ F8F53C5449F15B23D4C61D51D2701DA8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys

22:28:47.0686 5160 IntcAzAudAddService - ok

22:28:47.0733 5160 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys

22:28:47.0733 5160 intelide - ok

22:28:47.0779 5160 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

22:28:47.0779 5160 intelppm - ok

22:28:47.0795 5160 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

22:28:47.0795 5160 IPBusEnum - ok

22:28:47.0811 5160 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

22:28:47.0811 5160 IpFilterDriver - ok

22:28:47.0826 5160 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

22:28:47.0842 5160 iphlpsvc - ok

22:28:47.0842 5160 IpInIp - ok

22:28:47.0857 5160 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys

22:28:47.0857 5160 IPMIDRV - ok

22:28:47.0873 5160 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys

22:28:47.0873 5160 IPNAT - ok

22:28:47.0889 5160 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

22:28:47.0889 5160 IRENUM - ok

22:28:47.0904 5160 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys

22:28:47.0904 5160 isapnp - ok

22:28:47.0935 5160 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

22:28:47.0951 5160 iScsiPrt - ok

22:28:47.0967 5160 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys

22:28:47.0967 5160 iteatapi - ok

22:28:48.0013 5160 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys

22:28:48.0060 5160 iteraid - ok

22:28:48.0076 5160 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

22:28:48.0076 5160 kbdclass - ok

22:28:48.0138 5160 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

22:28:48.0138 5160 kbdhid - ok

22:28:48.0169 5160 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe

22:28:48.0185 5160 KeyIso - ok

22:28:48.0216 5160 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

22:28:48.0232 5160 KSecDD - ok

22:28:48.0263 5160 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll

22:28:48.0263 5160 KtmRm - ok

22:28:48.0294 5160 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll

22:28:48.0294 5160 LanmanServer - ok

22:28:48.0294 5160 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

22:28:48.0310 5160 LanmanWorkstation - ok

22:28:48.0325 5160 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

22:28:48.0325 5160 lltdio - ok

22:28:48.0341 5160 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll

22:28:48.0341 5160 lltdsvc - ok

22:28:48.0357 5160 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll

22:28:48.0357 5160 lmhosts - ok

22:28:48.0372 5160 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

22:28:48.0372 5160 LSI_FC - ok

22:28:48.0388 5160 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

22:28:48.0388 5160 LSI_SAS - ok

22:28:48.0403 5160 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

22:28:48.0403 5160 LSI_SCSI - ok

22:28:48.0419 5160 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys

22:28:48.0419 5160 luafv - ok

22:28:48.0450 5160 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

22:28:48.0450 5160 MBAMProtector - ok

22:28:48.0497 5160 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

22:28:48.0497 5160 MBAMScheduler - ok

22:28:48.0528 5160 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

22:28:48.0544 5160 MBAMService - ok

22:28:48.0622 5160 [ AA44024C1796F40D43F2E6C08B47A564 ] McAfee SiteAdvisor Service c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe

22:28:48.0637 5160 McAfee SiteAdvisor Service - ok

22:28:48.0669 5160 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

22:28:48.0669 5160 Mcx2Svc - ok

22:28:48.0731 5160 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys

22:28:48.0731 5160 megasas - ok

22:28:48.0793 5160 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys

22:28:48.0809 5160 MegaSR - ok

22:28:48.0825 5160 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll

22:28:48.0840 5160 MMCSS - ok

22:28:48.0871 5160 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys

22:28:48.0871 5160 Modem - ok

22:28:48.0887 5160 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

22:28:48.0887 5160 monitor - ok

22:28:48.0903 5160 [ E07AFAF733D3004F5DC64AA3A47700B1 ] MOSUMAC C:\Windows\system32\DRIVERS\MOSUMAC.SYS

22:28:48.0903 5160 MOSUMAC - ok

22:28:48.0918 5160 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

22:28:48.0918 5160 mouclass - ok

22:28:48.0934 5160 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

22:28:48.0934 5160 mouhid - ok

22:28:48.0949 5160 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys

22:28:48.0949 5160 MountMgr - ok

22:28:49.0027 5160 [ 1C9B83F6A2D1F414F0ACD28D75605607 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

22:28:49.0230 5160 MozillaMaintenance - ok

22:28:49.0293 5160 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys

22:28:49.0293 5160 mpio - ok

22:28:49.0308 5160 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

22:28:49.0308 5160 mpsdrv - ok

22:28:49.0355 5160 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll

22:28:49.0355 5160 MpsSvc - ok

22:28:49.0386 5160 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys

22:28:49.0386 5160 Mraid35x - ok

22:28:49.0386 5160 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

22:28:49.0402 5160 MRxDAV - ok

22:28:49.0433 5160 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

22:28:49.0433 5160 mrxsmb - ok

22:28:49.0449 5160 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

22:28:49.0449 5160 mrxsmb10 - ok

22:28:49.0464 5160 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

22:28:49.0464 5160 mrxsmb20 - ok

22:28:49.0495 5160 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys

22:28:49.0495 5160 msahci - ok

22:28:49.0527 5160 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys

22:28:49.0527 5160 msdsm - ok

22:28:49.0542 5160 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe

22:28:49.0542 5160 MSDTC - ok

22:28:49.0558 5160 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys

22:28:49.0558 5160 Msfs - ok

22:28:49.0589 5160 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

22:28:49.0605 5160 msisadrv - ok

22:28:49.0620 5160 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

22:28:49.0620 5160 MSiSCSI - ok

22:28:49.0636 5160 msiserver - ok

22:28:49.0683 5160 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

22:28:49.0683 5160 MSKSSRV - ok

22:28:49.0698 5160 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

22:28:49.0698 5160 MSPCLOCK - ok

22:28:49.0698 5160 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

22:28:49.0698 5160 MSPQM - ok

22:28:49.0714 5160 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

22:28:49.0714 5160 MsRPC - ok

22:28:49.0729 5160 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

22:28:49.0729 5160 mssmbios - ok

22:28:49.0745 5160 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

22:28:49.0745 5160 MSTEE - ok

22:28:49.0745 5160 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys

22:28:49.0745 5160 Mup - ok

22:28:49.0776 5160 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll

22:28:49.0792 5160 napagent - ok

22:28:49.0839 5160 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

22:28:49.0839 5160 NativeWifiP - ok

22:28:49.0885 5160 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys

22:28:49.0901 5160 NDIS - ok

22:28:49.0917 5160 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

22:28:49.0917 5160 NdisTapi - ok

22:28:49.0932 5160 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

22:28:49.0932 5160 Ndisuio - ok

22:28:49.0948 5160 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

22:28:49.0948 5160 NdisWan - ok

22:28:49.0963 5160 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

22:28:49.0963 5160 NDProxy - ok

22:28:49.0979 5160 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

22:28:49.0979 5160 NetBIOS - ok

22:28:49.0995 5160 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys

22:28:49.0995 5160 netbt - ok

22:28:50.0010 5160 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe

22:28:50.0010 5160 Netlogon - ok

22:28:50.0026 5160 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll

22:28:50.0026 5160 Netman - ok

22:28:50.0057 5160 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll

22:28:50.0108 5160 netprofm - ok

22:28:50.0128 5160 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

22:28:50.0138 5160 NetTcpPortSharing - ok

22:28:50.0198 5160 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

22:28:50.0208 5160 nfrd960 - ok

22:28:50.0238 5160 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll

22:28:50.0238 5160 NlaSvc - ok

22:28:50.0248 5160 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys

22:28:50.0248 5160 Npfs - ok

22:28:50.0268 5160 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll

22:28:50.0268 5160 nsi - ok

22:28:50.0278 5160 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

22:28:50.0278 5160 nsiproxy - ok

22:28:50.0328 5160 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

22:28:50.0398 5160 Ntfs - ok

22:28:50.0409 5160 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys

22:28:50.0411 5160 ntrigdigi - ok

22:28:50.0425 5160 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys

22:28:50.0428 5160 Null - ok

22:28:50.0440 5160 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys

22:28:50.0443 5160 nvraid - ok

22:28:50.0452 5160 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys

22:28:50.0455 5160 nvstor - ok

22:28:50.0469 5160 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

22:28:50.0472 5160 nv_agp - ok

22:28:50.0476 5160 NwlnkFlt - ok

22:28:50.0481 5160 NwlnkFwd - ok

22:28:50.0524 5160 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

22:28:50.0526 5160 ohci1394 - ok

22:28:50.0595 5160 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

22:28:50.0602 5160 ose - ok

22:28:50.0627 5160 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll

22:28:50.0644 5160 p2pimsvc - ok

22:28:50.0660 5160 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll

22:28:50.0666 5160 p2psvc - ok

22:28:50.0677 5160 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys

22:28:50.0679 5160 Parport - ok

22:28:50.0704 5160 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys

22:28:50.0707 5160 partmgr - ok

22:28:50.0749 5160 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys

22:28:50.0751 5160 Parvdm - ok

22:28:50.0756 5160 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll

22:28:50.0759 5160 PcaSvc - ok

22:28:50.0775 5160 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys

22:28:50.0779 5160 pci - ok

22:28:50.0786 5160 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys

22:28:50.0788 5160 pciide - ok

22:28:50.0802 5160 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

22:28:50.0806 5160 pcmcia - ok

22:28:50.0860 5160 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys

22:28:50.0862 5160 pcouffin - ok

22:28:50.0928 5160 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys

22:28:50.0945 5160 PEAUTH - ok

22:28:50.0986 5160 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll

22:28:51.0010 5160 pla - ok

22:28:51.0018 5160 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll

22:28:51.0030 5160 PlugPlay - ok

22:28:51.0075 5160 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll

22:28:51.0080 5160 PNRPAutoReg - ok

22:28:51.0178 5160 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll

22:28:51.0184 5160 PNRPsvc - ok

22:28:51.0208 5160 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

22:28:51.0233 5160 PolicyAgent - ok

22:28:51.0256 5160 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

22:28:51.0258 5160 PptpMiniport - ok

22:28:51.0268 5160 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys

22:28:51.0270 5160 Processor - ok

22:28:51.0276 5160 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll

22:28:51.0281 5160 ProfSvc - ok

22:28:51.0293 5160 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe

22:28:51.0294 5160 ProtectedStorage - ok

22:28:51.0309 5160 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys

22:28:51.0312 5160 PSched - ok

22:28:51.0370 5160 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

22:28:51.0395 5160 ql2300 - ok

22:28:51.0407 5160 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

22:28:51.0411 5160 ql40xx - ok

22:28:51.0417 5160 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll

22:28:51.0423 5160 QWAVE - ok

22:28:51.0434 5160 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

22:28:51.0436 5160 QWAVEdrv - ok

22:28:51.0445 5160 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

22:28:51.0447 5160 RasAcd - ok

22:28:51.0453 5160 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll

22:28:51.0457 5160 RasAuto - ok

22:28:51.0462 5160 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

22:28:51.0464 5160 Rasl2tp - ok

22:28:51.0524 5160 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll

22:28:51.0528 5160 RasMan - ok

22:28:51.0539 5160 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

22:28:51.0541 5160 RasPppoe - ok

22:28:51.0546 5160 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

22:28:51.0548 5160 RasSstp - ok

22:28:51.0565 5160 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

22:28:51.0570 5160 rdbss - ok

22:28:51.0578 5160 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

22:28:51.0580 5160 RDPCDD - ok

22:28:51.0596 5160 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys

22:28:51.0600 5160 rdpdr - ok

22:28:51.0605 5160 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

22:28:51.0607 5160 RDPENCDD - ok

22:28:51.0632 5160 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

22:28:51.0636 5160 RDPWD - ok

22:28:51.0719 5160 [ 89525CC2DBAD44F7199B9CC188B3F9C5 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

22:28:51.0721 5160 RealNetworks Downloader Resolver Service - ok

22:28:51.0764 5160 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll

22:28:51.0767 5160 RemoteAccess - ok

22:28:51.0773 5160 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll

22:28:51.0777 5160 RemoteRegistry - ok

22:28:51.0798 5160 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe

22:28:51.0801 5160 RpcLocator - ok

22:28:51.0818 5160 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\System32\rpcss.dll

22:28:51.0823 5160 RpcSs - ok

22:28:51.0834 5160 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

22:28:51.0837 5160 rspndr - ok

22:28:51.0890 5160 [ 283392AF1860ECDB5E0F8EBD7F3D72DF ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys

22:28:51.0892 5160 RTL8169 - ok

22:28:51.0933 5160 [ 1E94612C7364C9D17A3B0A989957A603 ] SafeBox C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe

22:28:51.0934 5160 SafeBox - ok

22:28:51.0950 5160 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe

22:28:51.0952 5160 SamSs - ok

22:28:51.0965 5160 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

22:28:51.0967 5160 sbp2port - ok

22:28:51.0973 5160 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll

22:28:51.0977 5160 SCardSvr - ok

22:28:52.0046 5160 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll

22:28:52.0069 5160 Schedule - ok

22:28:52.0081 5160 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll

22:28:52.0082 5160 SCPolicySvc - ok

22:28:52.0088 5160 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll

22:28:52.0092 5160 SDRSVC - ok

22:28:52.0157 5160 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys

22:28:52.0172 5160 secdrv - ok

22:28:52.0172 5160 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll

22:28:52.0172 5160 seclogon - ok

22:28:52.0188 5160 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll

22:28:52.0188 5160 SENS - ok

22:28:52.0203 5160 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

22:28:52.0235 5160 Serenum - ok

22:28:52.0250 5160 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys

22:28:52.0250 5160 Serial - ok

22:28:52.0266 5160 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys

22:28:52.0266 5160 sermouse - ok

22:28:52.0266 5160 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll

22:28:52.0281 5160 SessionEnv - ok

22:28:52.0281 5160 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

22:28:52.0281 5160 sffdisk - ok

22:28:52.0297 5160 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

22:28:52.0297 5160 sffp_mmc - ok

22:28:52.0313 5160 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

22:28:52.0313 5160 sffp_sd - ok

22:28:52.0328 5160 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

22:28:52.0359 5160 sfloppy - ok

22:28:52.0391 5160 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll

22:28:52.0406 5160 SharedAccess - ok

22:28:52.0406 5160 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

22:28:52.0422 5160 ShellHWDetection - ok

22:28:52.0437 5160 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys

22:28:52.0437 5160 sisagp - ok

22:28:52.0437 5160 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys

22:28:52.0437 5160 SiSRaid2 - ok

22:28:52.0453 5160 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

22:28:52.0453 5160 SiSRaid4 - ok

22:28:52.0515 5160 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe

22:28:52.0968 5160 slsvc - ok

22:28:53.0015 5160 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll

22:28:53.0015 5160 SLUINotify - ok

22:28:53.0030 5160 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys

22:28:53.0030 5160 Smb - ok

22:28:53.0061 5160 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

22:28:53.0061 5160 SNMPTRAP - ok

22:28:53.0077 5160 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys

22:28:53.0155 5160 spldr - ok

22:28:53.0155 5160 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe

22:28:53.0171 5160 Spooler - ok

22:28:53.0202 5160 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys

22:28:53.0202 5160 srv - ok

22:28:53.0233 5160 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

22:28:53.0264 5160 srv2 - ok

22:28:53.0280 5160 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

22:28:53.0280 5160 srvnet - ok

22:28:53.0280 5160 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

22:28:53.0280 5160 SSDPSRV - ok

22:28:53.0342 5160 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll

22:28:53.0358 5160 SstpSvc - ok

22:28:53.0373 5160 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys

22:28:53.0389 5160 ssudmdm - ok

22:28:53.0405 5160 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll

22:28:53.0420 5160 stisvc - ok

22:28:53.0436 5160 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

22:28:53.0436 5160 swenum - ok

22:28:53.0467 5160 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll

22:28:53.0483 5160 swprv - ok

22:28:53.0498 5160 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys

22:28:53.0498 5160 Symc8xx - ok

22:28:53.0514 5160 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys

22:28:53.0514 5160 Sym_hi - ok

22:28:53.0514 5160 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys

22:28:53.0529 5160 Sym_u3 - ok

22:28:53.0545 5160 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll

22:28:53.0545 5160 SysMain - ok

22:28:53.0561 5160 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll

22:28:53.0561 5160 TabletInputService - ok

22:28:53.0607 5160 [ 8CF6E2AE1707D82E904ECCA68CEF8B87 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys

22:28:53.0607 5160 tap0901 - ok

22:28:53.0623 5160 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll

22:28:53.0623 5160 TapiSrv - ok

22:28:53.0623 5160 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll

22:28:53.0639 5160 TBS - ok

22:28:53.0685 5160 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

22:28:53.0701 5160 Tcpip - ok

22:28:53.0732 5160 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys

22:28:53.0732 5160 Tcpip6 - ok

22:28:53.0763 5160 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

22:28:53.0763 5160 tcpipreg - ok

22:28:53.0779 5160 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

22:28:53.0779 5160 TDPIPE - ok

22:28:53.0795 5160 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

22:28:53.0795 5160 TDTCP - ok

22:28:53.0810 5160 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

22:28:53.0810 5160 tdx - ok

22:28:53.0826 5160 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

22:28:53.0826 5160 TermDD - ok

22:28:53.0841 5160 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll

22:28:53.0841 5160 TermService - ok

22:28:53.0873 5160 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll

22:28:53.0873 5160 Themes - ok

22:28:53.0888 5160 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll

22:28:53.0888 5160 THREADORDER - ok

22:28:53.0888 5160 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll

22:28:53.0888 5160 TrkWks - ok

22:28:53.0919 5160 [ F2AEE22231046CAD8D2F94D2C0F9BEFB ] trufos C:\Windows\system32\DRIVERS\trufos.sys

22:28:53.0935 5160 trufos - ok

22:28:53.0966 5160 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

22:28:53.0966 5160 TrustedInstaller - ok

22:28:53.0997 5160 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

22:28:53.0997 5160 tssecsrv - ok

22:28:54.0013 5160 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys

22:28:54.0013 5160 tunmp - ok

22:28:54.0029 5160 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

22:28:54.0029 5160 tunnel - ok

22:28:54.0044 5160 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys

22:28:54.0060 5160 uagp35 - ok

22:28:54.0060 5160 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

22:28:54.0075 5160 udfs - ok

22:28:54.0075 5160 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe

22:28:54.0075 5160 UI0Detect - ok

22:28:54.0107 5160 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

22:28:54.0107 5160 uliagpkx - ok

22:28:54.0169 5160 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys

22:28:54.0185 5160 uliahci - ok

22:28:54.0216 5160 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys

22:28:54.0231 5160 UlSata - ok

22:28:54.0278 5160 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys

22:28:54.0278 5160 ulsata2 - ok

22:28:54.0294 5160 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

22:28:54.0294 5160 umbus - ok

22:28:54.0434 5160 [ 1C5835420F2A8F6D683FD6BDFFA2FFDD ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe

22:28:54.0434 5160 UPDATESRV - ok

22:28:54.0481 5160 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll

22:28:54.0481 5160 upnphost - ok

22:28:54.0528 5160 [ 8BD3AE150D97BA4E633C6C5C51B41AE1 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys

22:28:54.0543 5160 usbccgp - ok

22:28:54.0559 5160 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys

22:28:54.0575 5160 usbcir - ok

22:28:54.0590 5160 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

22:28:54.0590 5160 usbehci - ok

22:28:54.0621 5160 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

22:28:54.0621 5160 usbhub - ok

22:28:54.0653 5160 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

22:28:54.0653 5160 usbohci - ok

22:28:54.0668 5160 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys

22:28:54.0684 5160 usbprint - ok

22:28:54.0715 5160 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

22:28:54.0715 5160 USBSTOR - ok

22:28:54.0731 5160 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

22:28:54.0731 5160 usbuhci - ok

22:28:54.0746 5160 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll

22:28:54.0746 5160 UxSms - ok

22:28:54.0756 5160 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe

22:28:54.0786 5160 vds - ok

22:28:54.0806 5160 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

22:28:54.0816 5160 vga - ok

22:28:54.0826 5160 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys

22:28:54.0826 5160 VgaSave - ok

22:28:54.0836 5160 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys

22:28:54.0846 5160 viaagp - ok

22:28:54.0856 5160 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys

22:28:54.0856 5160 ViaC7 - ok

22:28:54.0876 5160 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys

22:28:54.0876 5160 viaide - ok

22:28:54.0906 5160 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys

22:28:54.0916 5160 volmgr - ok

22:28:54.0926 5160 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

22:28:54.0926 5160 volmgrx - ok

22:28:54.0946 5160 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys

22:28:54.0956 5160 volsnap - ok

22:28:54.0986 5160 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

22:28:54.0996 5160 vsmraid - ok

22:28:55.0026 5160 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe

22:28:55.0056 5160 VSS - ok

22:28:55.0106 5160 [ 199F40FD6788B479B7458A27E6DD26C6 ] VSSERV C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe

22:28:55.0116 5160 VSSERV - ok

22:28:55.0176 5160 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll

22:28:55.0186 5160 W32Time - ok

22:28:55.0196 5160 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys

22:28:55.0196 5160 WacomPen - ok

22:28:55.0206 5160 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys

22:28:55.0206 5160 Wanarp - ok

22:28:55.0206 5160 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

22:28:55.0216 5160 Wanarpv6 - ok

22:28:55.0216 5160 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll

22:28:55.0226 5160 wcncsvc - ok

22:28:55.0246 5160 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

22:28:55.0256 5160 WcsPlugInService - ok

22:28:55.0266 5160 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys

22:28:55.0266 5160 Wd - ok

22:28:55.0296 5160 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

22:28:55.0306 5160 Wdf01000 - ok

22:28:55.0306 5160 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll

22:28:55.0316 5160 WdiServiceHost - ok

22:28:55.0316 5160 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll

22:28:55.0316 5160 WdiSystemHost - ok

22:28:55.0326 5160 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll

22:28:55.0336 5160 WebClient - ok

22:28:55.0356 5160 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll

22:28:55.0376 5160 Wecsvc - ok

22:28:55.0376 5160 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll

22:28:55.0406 5160 wercplsupport - ok

22:28:55.0426 5160 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll

22:28:55.0436 5160 WerSvc - ok

22:28:55.0476 5160 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

22:28:55.0476 5160 WinDefend - ok

22:28:55.0486 5160 WinHttpAutoProxySvc - ok

22:28:55.0516 5160 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

22:28:55.0526 5160 Winmgmt - ok

22:28:55.0556 5160 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll

22:28:55.0586 5160 WinRM - ok

22:28:55.0646 5160 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys

22:28:55.0646 5160 WinUSB - ok

22:28:55.0656 5160 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll

22:28:55.0666 5160 Wlansvc - ok

22:28:55.0766 5160 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

22:28:55.0796 5160 wlidsvc - ok

22:28:55.0816 5160 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

22:28:55.0816 5160 WmiAcpi - ok

22:28:55.0826 5160 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

22:28:55.0826 5160 wmiApSrv - ok

22:28:55.0876 5160 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

22:28:55.0886 5160 WMPNetworkSvc - ok

22:28:55.0896 5160 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll

22:28:55.0906 5160 WPCSvc - ok

22:28:55.0906 5160 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

22:28:55.0906 5160 WPDBusEnum - ok

22:28:55.0926 5160 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys

22:28:55.0926 5160 WpdUsb - ok

22:28:55.0996 5160 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

22:28:56.0016 5160 WPFFontCache_v0400 - ok

22:28:56.0026 5160 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

22:28:56.0036 5160 ws2ifsl - ok

22:28:56.0046 5160 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll

22:28:56.0046 5160 wscsvc - ok

22:28:56.0056 5160 WSearch - ok

22:28:56.0116 5160 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll

22:28:56.0196 5160 wuauserv - ok

22:28:56.0256 5160 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

22:28:56.0256 5160 WudfPf - ok

22:28:56.0306 5160 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

22:28:56.0306 5160 WUDFRd - ok

22:28:56.0336 5160 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

22:28:56.0346 5160 wudfsvc - ok

22:28:56.0356 5160 ================ Scan global ===============================

22:28:56.0376 5160 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll

22:28:56.0406 5160 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll

22:28:56.0436 5160 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll

22:28:56.0456 5160 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe

22:28:56.0466 5160 [Global] - ok

22:28:56.0466 5160 ================ Scan MBR ==================================

22:28:56.0476 5160 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

22:28:56.0636 5160 \Device\Harddisk0\DR0 - ok

22:28:56.0646 5160 ================ Scan VBR ==================================

22:28:56.0646 5160 [ 3DFD8F055873D9238E5377622DA9FB66 ] \Device\Harddisk0\DR0\Partition1

22:28:56.0646 5160 \Device\Harddisk0\DR0\Partition1 - ok

22:28:56.0676 5160 [ C16041381DB22404C8FC65DDE425FB44 ] \Device\Harddisk0\DR0\Partition2

22:28:56.0676 5160 \Device\Harddisk0\DR0\Partition2 - ok

22:28:56.0676 5160 ============================================================

22:28:56.0676 5160 Scan finished

22:28:56.0676 5160 ============================================================

22:28:56.0686 5884 Detected object count: 0

22:28:56.0686 5884 Actual detected object count: 0

[Maurice Naggar]

yes I keep getting outbound blocks on MBAM but not been quick enough to capture it, it is always to do with firefox though I noticed

Make a note that Firefox browser is something that needs looking at, later. For now, Close it and keep it closed.

Use Internet Explorer instead, as much as possible.

The TDSSKiller result is good. No detections. We will be doing more checks.

Save and close any work documents, close any apps that you started.

Temporarily turn off (disable) your antivirus program

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Start your MBAM MalwareBytes' Anti-Malware.

Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

If you have the PRO license, then do this too: Click the Protection tab. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.

Do a Full Scan.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

When all done, Copy & paste the MBAM scan log into a new reply.

Tell me, How is the system ?

Re-enable your antivirus program.

Then do a Quick scan of your system with your BitDefender antivirus.

Please let me know that result.

To Reset Firefox to its default state:

Start Firefox

in the address bar, type in

about:support

Click on the Reset Firefox button at top right of screen.

While in Firefox, press Shift+CTRL+Delete keys and delete temporary internet cache files.

Close Firefox.

[gettheman]

Firefox keeps hanging. Not responding for about 30 secs then its okay for some unknown reason

Bit defender scan was fine although it has 227 password protected files which it wont let me scan without password

Malwarebytes Anti-Malware (PRO) 1.75.0.1300

www.malwarebytes.org

Database version: v2013.04.11.09

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Chris :: DELL-530 [administrator]

Protection: Enabled

11/04/2013 23:30:12

mbam-log-2013-04-11 (23-30-12).txt

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 293071

Time elapsed: 53 minute(s), 4 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[gettheman]

reset firefox but then got the server not found on first run

[Maurice Naggar]

Your BitDefender run found nothing apparently.

The MBAM full scan detected nothing; which is excellent.

I would suggest you uninstall firefox, restart the system.

Then if you must have Firefox, get the latest release version and install that.

I'd be very careful as to what browser add-ons you put on.

Also, as much as possible, use a blank start-page in your browser setting.

btw, keep Internet Explorer set as the system default browser. If offered by FF to have it as the default, decline the option.

[gettheman]

ok thanks

[Maurice Naggar]

Kindly update me as to what you have done, and, if the Outbound IP blocks are gone.

[gettheman]

scanned everything liked you asked. keep getting server not found but no outbound IP blocks as of yet

[Maurice Naggar]

That's not clear to me.

What exactly gives you a "server not found" ???

I need the verbatim {exact & complete) text of any such message .....with detail on "how" /when / where it shows up.

IF need be, take a snapshot (if possible) with your camera or do a screen-capture, and then attach as a GIF file.

[gettheman]

every so oftern more often than I not I click on a site, any site and get server not found error

I`ll attach a file next time it happens