Author Topic: [Inactive] Happili Google Search Redirect (Read 840 times)

axpriest · « **on:** March 30, 2012, 06:17:45 PM »

Occasionally when I perform a Google search, I will be redirected to the Happili website. This was originally blocked (under the 64.15.72.104 IP) by Trend Micro; however, it has changed over to another IP now (something in the ~173 area? I don't have time to write it down before it switches over to the website name, and it won't do it every time I do a google search, but will continue doing it every time I try to search afterward unless I close the browser) which is not blocked yet. So far there are no other issues beyond this.

My logs (and I have a HijackThis log if necessary):

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 3/2/2011 12:44:04 PM
System Uptime: 3/29/2012 11:41:34 PM (18 hours ago)
.
Motherboard: Dell Inc. | | 0C2KJT
Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz | CPU 1 | 3200/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 921 GiB total, 760.947 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (NTFS) - 931 GiB total, 647.88 GiB free.
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP105: 3/8/2012 4:36:18 PM - Scheduled Checkpoint
RP106: 3/13/2012 3:15:34 AM - Windows Update
RP107: 3/13/2012 7:15:49 PM - Windows Update
RP108: 3/14/2012 12:29:40 PM - Windows Update
RP109: 3/19/2012 2:58:08 PM - Installed Steam
RP110: 3/29/2012 10:52:47 AM - Scheduled Checkpoint
RP111: 3/30/2012 3:39:30 PM - Installed HiJackThis
RP112: 3/30/2012 3:47:06 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
Adobe Reader 9.4.6
Auslogics Disk Defrag
Battlefield 3™
Battlelog Web Plugins
Best Buy pc app
Counter-Strike: Source
Crystal Reports for Visual Studio
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Dock
Dell Getting Started Guide
Dell Product Registration
DirectX 9 Runtime
Dotfuscator Software Services - Community Edition
Dragon Age II
Dragon Age: Origins
ESN Sonar
EVGA Precision 2.0.4
Garmin Lifetime Updater
Garry's Mod
GoToAssist 8.0.0.514
Half-Life 2
HiJackThis
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2522890)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2529927)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2548139)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2549864)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2635973)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)
Intel(R) Processor Graphics
Java Auto Updater
Java(TM) 6 Update 26
Java(TM) 7 Update 1
Java(TM) SE Development Kit 7 Update 1
Junk Mail filter update
Lexmark Printable Web
Magic ISO Maker v5.5 (build 0281)
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
Microsoft Choice Guard
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 R2 Data-Tier Application Framework
Microsoft SQL Server 2008 R2 Data-Tier Application Project
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Transact-SQL Language Service
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server System CLR Types
Microsoft Sync Framework SDK v1.0 SP1
Microsoft Visual C++ Compilers 2010 Standard - enu - x86
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual F# 2.0 Runtime
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Professional - ENU
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 SharePoint Developer Tools
Microsoft Visual Studio Macro Tools
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Card Reader
NetBeans IDE 7.0.1
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Origin
PhotoShowExpress
PunkBuster Services
Realtek High Definition Audio Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2645410)
Security Update for Microsoft Visual Studio Macro Tools (KB2669970)
Sonic CinePlayer Decoder Pack
Steam
System Requirements Lab CYRI
The Elder Scrolls V Skyrim
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Ventrilo Client
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
WCF RIA Services V1.0 SP1
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
World of Warcraft
World of Warcraft Beta
.
==== Event Viewer Messages From Past Week ========
.
3/30/2012 3:21:14 PM, Error: Service Control Manager [7034] - The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s).
3/30/2012 1:54:23 AM, Error: Service Control Manager [7034] - The SQL Server VSS Writer service terminated unexpectedly. It has done this 1 time(s).
3/30/2012 1:54:19 AM, Error: Service Control Manager [7034] - The SQL Server (SQLEXPRESS) service terminated unexpectedly. It has done this 1 time(s).
3/29/2012 3:05:26 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR6.
3/29/2012 11:42:51 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
3/29/2012 11:41:53 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect.
3/29/2012 11:41:53 PM, Error: Service Control Manager [7000] - The lxeaCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/29/2012 11:24:44 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
3/29/2012 11:20:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
3/29/2012 11:10:53 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
3/29/2012 11:10:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/29/2012 11:10:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
3/29/2012 11:10:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/29/2012 11:10:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
3/29/2012 11:10:22 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr tmtdi Wanarpv6
3/29/2012 11:10:21 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
3/29/2012 10:34:46 PM, Error: Service Control Manager [7034] - The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s).
3/28/2012 12:47:47 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
.
==== End Of File ===========================

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Anthony at 17:04:12 on 2012-03-30
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3959.2034 [GMT -7:00]
.
AV: Trend Micro Titanium Maximum Security *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium Maximum Security *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Trend Micro Firewall Booster *Enabled* {49A8346C-6900-54B6-B1B3-5F678736DDE9}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\lxeacoms.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll
BHO: TSToolbarBHO: {43c6d902-a1c5-45c9-91f6-fd9e90337e18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Trend Micro Toolbar: {ccac5586-44d7-4c43-b64a-f042461a97d2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [<NO NAME>]
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{9DBA5207-5595-4D8F-A99F-D9827574A772} : DhcpNameServer = 192.168.1.1
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll
BHO-X64: Trend Micro NSC BHO - No File
BHO-X64: TSToolbarBHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
BHO-X64: Trend Micro Toolbar BHO - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
BHO-X64: TmBpIeBHO - No File
BHO-X64: Lexmark Printable Web: {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB-X64: Trend Micro Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun-x64: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun-x64: [(Default)]
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;C:\Windows\system32\DRIVERS\tmlwf.sys --> C:\Windows\system32\DRIVERS\tmlwf.sys [?]
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-6-9 256336]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 lxea_device;lxea_device;C:\Windows\system32\lxeacoms.exe -service --> C:\Windows\system32\lxeacoms.exe -service [?]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2011-12-23 2348864]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-12-17 381248]
R2 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?]
R2 tmwfp;Trend Micro WFP Callout Driver;C:\Windows\system32\DRIVERS\tmwfp.sys --> C:\Windows\system32\DRIVERS\tmwfp.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTCore64;RTCore64;C:\Program Files (x86)\EVGA Precision\RTCore64.sys [2011-8-12 14440]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxeaserv.exe [2011-8-25 45736]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632]
S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-1-13 705856]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe [2011-10-7 25832]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0105;RsFx0105 Driver;C:\Windows\system32\DRIVERS\RsFx0105.sys --> C:\Windows\system32\DRIVERS\RsFx0105.sys [?]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464]
.
=============== Created Last 30 ================
.
2012-03-30 22:40:12   --------   d-----w-   C:\Program Files (x86)\Trend Micro
2012-03-30 06:18:03   --------   d-----w-   C:\ProgramData\PC Tools
2012-03-30 05:42:02   --------   d-----w-   C:\Users\Anthony\AppData\Roaming\Malwarebytes
2012-03-30 05:41:57   --------   d-----w-   C:\ProgramData\Malwarebytes
2012-03-30 05:41:56   23152   ----a-w-   C:\Windows\System32\drivers\mbam.sys
2012-03-30 05:41:56   --------   d-----w-   C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-03-29 10:16:06   5120   ----a-w-   C:\ProgramData\Microsoft\Windows\DRM\B4CE.tmp
2012-03-29 10:16:06   5120   ----a-w-   C:\ProgramData\Microsoft\Windows\DRM\B4CD.tmp
2012-03-22 22:38:03   --------   d-----w-   C:\Program Files (x86)\World of Warcraft Beta
2012-03-22 22:34:14   --------   d-----w-   C:\ProgramData\Battle.net
2012-03-19 21:59:10   --------   d-----w-   C:\Program Files (x86)\Steam
2012-03-19 21:59:10   --------   d-----w-   C:\Program Files (x86)\Common Files\Steam
2012-03-14 19:38:42   5559152   ----a-w-   C:\Windows\System32\ntoskrnl.exe
2012-03-14 19:38:41   3968368   ----a-w-   C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-14 19:38:41   3913584   ----a-w-   C:\Windows\SysWow64\ntoskrnl.exe
2012-03-14 19:29:23   3145728   ----a-w-   C:\Windows\System32\win32k.sys
2012-03-14 19:29:21   1544192   ----a-w-   C:\Windows\System32\DWrite.dll
2012-03-14 19:29:21   1077248   ----a-w-   C:\Windows\SysWow64\DWrite.dll
2012-03-13 23:36:26   9216   ----a-w-   C:\Windows\System32\rdrmemptylst.exe
2012-03-13 23:36:26   77312   ----a-w-   C:\Windows\System32\rdpwsx.dll
2012-03-13 23:36:26   149504   ----a-w-   C:\Windows\System32\rdpcorekmts.dll
2012-03-13 23:36:25   826880   ----a-w-   C:\Windows\SysWow64\rdpcore.dll
2012-03-13 23:36:25   23552   ----a-w-   C:\Windows\System32\drivers\tdtcp.sys
2012-03-13 23:36:25   210944   ----a-w-   C:\Windows\System32\drivers\rdpwd.sys
2012-03-13 23:36:25   1031680   ----a-w-   C:\Windows\System32\rdpcore.dll
.
==================== Find3M ====================
.
2012-03-23 09:15:13   414368   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-18 03:00:08   282864   ----a-w-   C:\Windows\SysWow64\PnkBstrB.xtr
2012-02-18 03:00:08   282864   ----a-w-   C:\Windows\SysWow64\PnkBstrB.exe
2012-02-18 02:59:57   280904   ----a-w-   C:\Windows\SysWow64\PnkBstrB.ex0
2012-02-17 22:41:31   76888   ----a-w-   C:\Windows\SysWow64\PnkBstrA.exe
2012-01-04 10:44:20   509952   ----a-w-   C:\Windows\System32\ntshrui.dll
2012-01-04 08:58:41   442880   ----a-w-   C:\Windows\SysWow64\ntshrui.dll
.
============= FINISH: 17:04:42.10 ===============

1972vet · « **Reply #1 on:** March 30, 2012, 07:17:36 PM »

Please read carefully and follow these steps.

Download TDSSKiller and save it to your Desktop.
Double-click on TDSSKiller.exe to run the application. Click the "Change parameters". Under Additional options, check the box next to both options, "Verify Driver Digital Signature" and "Detect TDLFS file system" and click the OK button.
Click the Start scan button.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
You may be prompted to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file back here on your next reply.
...otherwise, if a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". If this was the case, then we need to see that log.

axpriest · « **Reply #2 on:** March 30, 2012, 07:27:54 PM »

The log file is too big for one message. I will try to cut it in half.
18:23:00.0581 3596   TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
18:23:01.0268 3596   ============================================================
18:23:01.0268 3596   Current date / time: 2012/03/30 18:23:01.0268
18:23:01.0268 3596   SystemInfo:
18:23:01.0268 3596
18:23:01.0268 3596   OS Version: 6.1.7601 ServicePack: 1.0
18:23:01.0268 3596   Product type: Workstation
18:23:01.0268 3596   ComputerName: TONY-A
18:23:01.0268 3596   UserName: Anthony
18:23:01.0268 3596   Windows directory: C:\Windows
18:23:01.0268 3596   System windows directory: C:\Windows
18:23:01.0268 3596   Running under WOW64
18:23:01.0268 3596   Processor architecture: Intel x64
18:23:01.0268 3596   Number of processors: 4
18:23:01.0268 3596   Page size: 0x1000
18:23:01.0268 3596   Boot type: Normal boot
18:23:01.0268 3596   ============================================================
18:23:02.0531 3596   Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:23:02.0563 3596   Drive \Device\Harddisk5\DR5 - Size: 0xE8DF200000 (931.49 Gb), SectorSize: 0x200, Cylinders: 0x1DAFD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:23:08.0116 3596   Drive \Device\Harddisk6\DR6 - Size: 0x1E8BE000 (0.48 Gb), SectorSize: 0x200, Cylinders: 0x3E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:23:08.0116 3596   \Device\Harddisk0\DR0:
18:23:08.0116 3596   MBR used
18:23:08.0116 3596   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x15C3000
18:23:08.0116 3596   \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x15D7000, BlocksNum 0x7312F000
18:23:08.0116 3596   \Device\Harddisk5\DR5:
18:23:08.0132 3596   MBR used
18:23:08.0132 3596   \Device\Harddisk5\DR5\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x746F8800
18:23:08.0132 3596   \Device\Harddisk6\DR6:
18:23:08.0132 3596   MBR used
18:23:08.0132 3596   \Device\Harddisk6\DR6\Partition0: MBR, Type 0x6, StartLBA 0xE9, BlocksNum 0xF4117
18:23:08.0179 3596   Initialize success
18:23:08.0179 3596   ============================================================
18:23:36.0945 1216   ============================================================
18:23:36.0945 1216   Scan started
18:23:36.0945 1216   Mode: Manual; SigCheck; TDLFS;
18:23:36.0945 1216   ============================================================
18:23:37.0398 1216   1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:23:37.0538 1216   1394ohci - ok
18:23:37.0554 1216   ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:23:37.0569 1216   ACPI - ok
18:23:37.0600 1216   AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:23:37.0678 1216   AcpiPmi - ok
18:23:37.0710 1216   adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:23:37.0756 1216   adp94xx - ok
18:23:37.0772 1216   adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:23:37.0788 1216   adpahci - ok
18:23:37.0788 1216   adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:23:37.0803 1216   adpu320 - ok
18:23:37.0834 1216   AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:23:37.0897 1216   AeLookupSvc - ok
18:23:37.0959 1216   AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:23:38.0006 1216   AFD - ok
18:23:38.0022 1216   agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:23:38.0037 1216   agp440 - ok
18:23:38.0037 1216   ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:23:38.0068 1216   ALG - ok
18:23:38.0084 1216   aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:23:38.0084 1216   aliide - ok
18:23:38.0100 1216   amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:23:38.0115 1216   amdide - ok
18:23:38.0131 1216   AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:23:38.0162 1216   AmdK8 - ok
18:23:38.0178 1216   AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:23:38.0224 1216   AmdPPM - ok
18:23:38.0256 1216   amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:23:38.0271 1216   amdsata - ok
18:23:38.0287 1216   amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:23:38.0302 1216   amdsbs - ok
18:23:38.0302 1216   amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:23:38.0318 1216   amdxata - ok
18:23:38.0396 1216   Amsp (18f64623e76ff58009d6f9cb9dea5d0a) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
18:23:53.0497 1216   Amsp - ok
18:23:53.0575 1216   AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:23:53.0653 1216   AppID - ok
18:23:53.0684 1216   AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:23:53.0715 1216   AppIDSvc - ok
18:23:53.0746 1216   Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
18:23:53.0793 1216   Appinfo - ok
18:23:53.0840 1216   arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:23:53.0856 1216   arc - ok
18:23:53.0871 1216   arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:23:53.0887 1216   arcsas - ok
18:23:53.0965 1216   aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:23:53.0996 1216   aspnet_state - ok
18:23:54.0012 1216   AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:23:54.0074 1216   AsyncMac - ok
18:23:54.0090 1216   atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:23:54.0105 1216   atapi - ok
18:23:54.0152 1216   AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:23:54.0214 1216   AudioEndpointBuilder - ok
18:23:54.0230 1216   AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:23:54.0277 1216   AudioSrv - ok
18:23:54.0308 1216   AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
18:23:54.0355 1216   AxInstSV - ok
18:23:54.0386 1216   b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:23:54.0433 1216   b06bdrv - ok
18:23:54.0464 1216   b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:23:54.0495 1216   b57nd60a - ok
18:23:54.0511 1216   BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:23:54.0651 1216   BDESVC - ok
18:23:54.0760 1216   Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:23:54.0854 1216   Beep - ok
18:23:54.0916 1216   BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
18:23:54.0979 1216   BFE - ok
18:23:54.0994 1216   BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
18:23:55.0041 1216   BITS - ok
18:23:55.0072 1216   blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:23:55.0088 1216   blbdrive - ok
18:23:55.0104 1216   bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:23:55.0135 1216   bowser - ok
18:23:55.0166 1216   BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:23:55.0213 1216   BrFiltLo - ok
18:23:55.0228 1216   BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:23:55.0260 1216   BrFiltUp - ok
18:23:55.0306 1216   Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
18:23:55.0369 1216   Browser - ok
18:23:55.0400 1216   Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:23:55.0431 1216   Brserid - ok
18:23:55.0447 1216   BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:23:55.0478 1216   BrSerWdm - ok
18:23:55.0494 1216   BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:23:55.0509 1216   BrUsbMdm - ok
18:23:55.0509 1216   BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:23:55.0540 1216   BrUsbSer - ok
18:23:55.0556 1216   BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:23:55.0603 1216   BTHMODEM - ok
18:23:55.0618 1216   bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:23:55.0650 1216   bthserv - ok
18:23:55.0665 1216   cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:23:55.0712 1216   cdfs - ok
18:23:55.0743 1216   cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:23:55.0774 1216   cdrom - ok
18:23:55.0806 1216   CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:23:55.0837 1216   CertPropSvc - ok
18:23:55.0852 1216   circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:23:55.0899 1216   circlass - ok
18:23:55.0930 1216   CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:23:55.0946 1216   CLFS - ok
18:23:55.0993 1216   clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:23:56.0008 1216   clr_optimization_v2.0.50727_32 - ok
18:23:56.0055 1216   clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:23:56.0071 1216   clr_optimization_v2.0.50727_64 - ok
18:23:56.0133 1216   clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:23:56.0149 1216   clr_optimization_v4.0.30319_32 - ok
18:23:56.0196 1216   clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:23:56.0211 1216   clr_optimization_v4.0.30319_64 - ok
18:23:56.0227 1216   CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:23:56.0258 1216   CmBatt - ok
18:23:56.0274 1216   cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:23:56.0289 1216   cmdide - ok
18:23:56.0320 1216   CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:23:56.0367 1216   CNG - ok
18:23:56.0383 1216   Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:23:56.0398 1216   Compbatt - ok
18:23:56.0414 1216   CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:23:56.0430 1216   CompositeBus - ok
18:23:56.0445 1216   COMSysApp - ok
18:23:56.0445 1216   crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:23:56.0461 1216   crcdisk - ok
18:23:56.0508 1216   CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
18:23:56.0586 1216   CryptSvc - ok
18:23:56.0695 1216   cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:23:56.0726 1216   cvhsvc - ok
18:23:56.0804 1216   DAUpdaterSvc (80861969541971176e005d2c09dae851) C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
18:23:56.0835 1216   DAUpdaterSvc - ok
18:23:56.0866 1216   DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:23:56.0929 1216   DcomLaunch - ok
18:23:56.0960 1216   defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:23:57.0007 1216   defragsvc - ok
18:23:57.0038 1216   DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:23:57.0100 1216   DfsC - ok
18:23:57.0147 1216   Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
18:23:57.0225 1216   Dhcp - ok
18:23:57.0241 1216   discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:23:57.0288 1216   discache - ok
18:23:57.0303 1216   Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:23:57.0319 1216   Disk - ok
18:23:57.0350 1216   Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
18:23:57.0397 1216   Dnscache - ok
18:23:57.0475 1216   DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
18:23:57.0506 1216   DockLoginService ( UnsignedFile.Multi.Generic ) - warning
18:23:57.0506 1216   DockLoginService - detected UnsignedFile.Multi.Generic (1)
18:23:57.0537 1216   dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
18:23:57.0600 1216   dot3svc - ok
18:23:57.0631 1216   DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
18:23:57.0678 1216   DPS - ok
18:23:57.0709 1216   drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:23:57.0756 1216   drmkaud - ok
18:23:57.0802 1216   DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:23:57.0834 1216   DXGKrnl - ok
18:23:57.0849 1216   EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:23:57.0896 1216   EapHost - ok
18:23:57.0990 1216   ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:23:58.0068 1216   ebdrv - ok
18:23:58.0099 1216   EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
18:23:58.0130 1216   EFS - ok
18:23:58.0161 1216   ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
18:23:58.0224 1216   ehRecvr - ok
18:23:58.0255 1216   ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:23:58.0286 1216   ehSched - ok
18:23:58.0302 1216   elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:23:58.0317 1216   elxstor - ok
18:23:58.0333 1216   ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:23:58.0364 1216   ErrDev - ok
18:23:58.0411 1216   EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:23:58.0473 1216   EventSystem - ok
18:23:58.0489 1216   exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:23:58.0536 1216   exfat - ok
18:23:58.0551 1216   fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:23:58.0598 1216   fastfat - ok
18:23:58.0629 1216   Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
18:23:58.0692 1216   Fax - ok
18:23:58.0723 1216   fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:23:58.0738 1216   fdc - ok
18:23:58.0738 1216   fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:23:58.0801 1216   fdPHost - ok
18:23:58.0816 1216   FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:23:58.0863 1216   FDResPub - ok
18:23:58.0879 1216   FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:23:58.0894 1216   FileInfo - ok
18:23:58.0926 1216   Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:23:58.0957 1216   Filetrace - ok
18:23:58.0972 1216   flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:23:58.0988 1216   flpydisk - ok
18:23:59.0035 1216   FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:23:59.0066 1216   FltMgr - ok
18:23:59.0128 1216   FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
18:23:59.0222 1216   FontCache - ok
18:23:59.0269 1216   FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:23:59.0300 1216   FontCache3.0.0.0 - ok
18:23:59.0316 1216   FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:23:59.0316 1216   FsDepends - ok
18:23:59.0331 1216   Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
18:23:59.0347 1216   Fs_Rec - ok
18:23:59.0378 1216   fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:23:59.0394 1216   fvevol - ok
18:23:59.0409 1216   gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:23:59.0409 1216   gagp30kx - ok
18:23:59.0472 1216   GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
18:23:59.0487 1216   GoToAssist - ok
18:23:59.0518 1216   gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
18:23:59.0596 1216   gpsvc - ok
18:23:59.0596 1216   hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:23:59.0628 1216   hcw85cir - ok
18:23:59.0674 1216   HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:23:59.0721 1216   HdAudAddService - ok
18:23:59.0752 1216   HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:23:59.0768 1216   HDAudBus - ok
18:23:59.0815 1216   HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
18:23:59.0862 1216   HECIx64 - ok
18:23:59.0877 1216   HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:23:59.0893 1216   HidBatt - ok
18:23:59.0908 1216   HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:23:59.0940 1216   HidBth - ok
18:23:59.0955 1216   HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:23:59.0986 1216   HidIr - ok
18:24:00.0018 1216   hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
18:24:00.0096 1216   hidserv - ok
18:24:00.0111 1216   HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:24:00.0142 1216   HidUsb - ok
18:24:00.0174 1216   hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
18:24:00.0236 1216   hkmsvc - ok
18:24:00.0267 1216   HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
18:24:00.0314 1216   HomeGroupListener - ok
18:24:00.0345 1216   HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
18:24:00.0376 1216   HomeGroupProvider - ok
18:24:00.0408 1216   HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:24:00.0408 1216   HpSAMD - ok
18:24:00.0454 1216   HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:24:00.0548 1216   HTTP - ok
18:24:00.0564 1216   hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:24:00.0564 1216   hwpolicy - ok
18:24:00.0595 1216   i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:24:00.0610 1216   i8042prt - ok
18:24:00.0657 1216   iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:24:00.0688 1216   iaStorV - ok
18:24:00.0751 1216   idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:24:00.0798 1216   idsvc - ok
18:24:00.0985 1216   igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:24:01.0266 1216   igfx - ok
18:24:01.0281 1216   iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:24:01.0297 1216   iirsp - ok
18:24:01.0344 1216   IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
18:24:01.0406 1216   IKEEXT - ok
18:24:01.0422 1216   Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
18:24:01.0484 1216   Impcd - ok
18:24:01.0562 1216   IntcAzAudAddService (e9befd8c6a1db3b544b61647dda35f62) C:\Windows\system32\drivers\RTKVHD64.sys
18:24:01.0609 1216   IntcAzAudAddService - ok
18:24:01.0640 1216   IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
18:24:01.0656 1216   IntcDAud - ok
18:24:01.0671 1216   intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:24:01.0687 1216   intelide - ok
18:24:01.0718 1216   intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:24:01.0749 1216   intelppm - ok
18:24:01.0765 1216   IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:24:01.0812 1216   IPBusEnum - ok
18:24:01.0843 1216   IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:24:01.0921 1216   IpFilterDriver - ok
18:24:01.0936 1216   iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
18:24:01.0999 1216   iphlpsvc - ok
18:24:02.0030 1216   IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:24:02.0077 1216   IPMIDRV - ok
18:24:02.0092 1216   IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:24:02.0124 1216   IPNAT - ok
18:24:02.0139 1216   IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:24:02.0170 1216   IRENUM - ok
18:24:02.0186 1216   isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:24:02.0217 1216   isapnp - ok
18:24:02.0233 1216   iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:24:02.0248 1216   iScsiPrt - ok
18:24:02.0264 1216   k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
18:24:02.0280 1216   k57nd60a - ok
18:24:02.0311 1216   kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:24:02.0326 1216   kbdclass - ok
18:24:02.0326 1216   kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
18:24:02.0358 1216   kbdhid - ok
18:24:02.0404 1216   KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:24:02.0436 1216   KeyIso - ok
18:24:02.0451 1216   KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:24:02.0467 1216   KSecDD - ok
18:24:02.0482 1216   KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:24:02.0498 1216   KSecPkg - ok
18:24:02.0514 1216   ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:24:02.0545 1216   ksthunk - ok
18:24:02.0576 1216   KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:24:02.0623 1216   KtmRm - ok
18:24:02.0638 1216   LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
18:24:02.0701 1216   LanmanServer - ok
18:24:02.0732 1216   LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
18:24:02.0810 1216   LanmanWorkstation - ok
18:24:02.0826 1216   lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:24:02.0872 1216   lltdio - ok
18:24:02.0904 1216   lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:24:02.0950 1216   lltdsvc - ok
18:24:02.0966 1216   lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:24:03.0013 1216   lmhosts - ok
18:24:03.0028 1216   LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:24:03.0044 1216   LSI_FC - ok
18:24:03.0060 1216   LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:24:03.0075 1216   LSI_SAS - ok
18:24:03.0075 1216   LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:24:03.0091 1216   LSI_SAS2 - ok
18:24:03.0106 1216   LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:24:03.0122 1216   LSI_SCSI - ok
18:24:03.0138 1216   luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:24:03.0184 1216   luafv - ok
18:24:03.0231 1216   lxeaCATSCustConnectService (3d1516114f5b1548864d043177f992a6) C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe
18:24:03.0262 1216   lxeaCATSCustConnectService - ok
18:24:03.0278 1216   lxea_device - ok
18:24:03.0309 1216   Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
18:24:03.0356 1216   Mcx2Svc - ok
18:24:03.0372 1216   megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:24:03.0387 1216   megasas - ok
18:24:03.0403 1216   MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:24:03.0418 1216   MegaSR - ok
18:24:03.0450 1216   MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:24:03.0528 1216   MMCSS - ok
18:24:03.0543 1216   Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:24:03.0590 1216   Modem - ok
18:24:03.0621 1216   monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:24:03.0684 1216   monitor - ok
18:24:03.0715 1216   mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
18:24:03.0730 1216   mouclass - ok
18:24:03.0746 1216   mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:24:03.0777 1216   mouhid - ok
18:24:03.0824 1216   mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:24:03.0840 1216   mountmgr - ok
18:24:03.0871 1216   mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:24:03.0902 1216   mpio - ok
18:24:03.0902 1216   mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:24:03.0964 1216   mpsdrv - ok
18:24:03.0996 1216   MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
18:24:04.0058 1216   MpsSvc - ok
18:24:04.0089 1216   MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:24:04.0136 1216   MRxDAV - ok
18:24:04.0167 1216   mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:24:04.0230 1216   mrxsmb - ok
18:24:04.0261 1216   mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:24:04.0308 1216   mrxsmb10 - ok
18:24:04.0354 1216   mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:24:04.0386 1216   mrxsmb20 - ok
18:24:04.0401 1216   msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:24:04.0401 1216   msahci - ok
18:24:04.0448 1216   msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:24:04.0479 1216   msdsm - ok
18:24:04.0495 1216   MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:24:04.0526 1216   MSDTC - ok
18:24:04.0526 1216   Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:24:04.0573 1216   Msfs - ok
18:24:04.0588 1216   mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:24:04.0651 1216   mshidkmdf - ok
18:24:04.0666 1216   msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:24:04.0682 1216   msisadrv - ok
18:24:04.0698 1216   MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:24:04.0744 1216   MSiSCSI - ok
18:24:04.0744 1216   msiserver - ok
18:24:04.0776 1216   MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:24:04.0838 1216   MSKSSRV - ok
18:24:04.0947 1216   MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:24:05.0010 1216   MSPCLOCK - ok
18:24:05.0025 1216   MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:24:05.0072 1216   MSPQM - ok
18:24:05.0103 1216   MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:24:05.0134 1216   MsRPC - ok
18:24:05.0166 1216   mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:24:05.0166 1216   mssmbios - ok
18:24:05.0244 1216   MSSQL$SQLEXPRESS - ok
18:24:05.0306 1216   MSSQLServerADHelper100 (7a2a8c975356858eb38466a6b1592e8d) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
18:24:05.0337 1216   MSSQLServerADHelper100 - ok
18:24:05.0337 1216   MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:24:05.0400 1216   MSTEE - ok
18:24:05.0415 1216   MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:24:05.0431 1216   MTConfig - ok
18:24:05.0446 1216   Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:24:05.0462 1216   Mup - ok
18:24:05.0493 1216   napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
18:24:05.0587 1216   napagent - ok
18:24:05.0618 1216   NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:24:05.0649 1216   NativeWifiP - ok
18:24:05.0680 1216   NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:24:05.0727 1216   NDIS - ok
18:24:05.0743 1216   NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:24:05.0790 1216   NdisCap - ok
18:24:05.0805 1216   NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:24:05.0836 1216   NdisTapi - ok
18:24:05.0868 1216   Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:24:05.0914 1216   Ndisuio - ok
18:24:05.0946 1216   NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:24:06.0008 1216   NdisWan - ok
18:24:06.0024 1216   NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:24:06.0055 1216   NDProxy - ok
18:24:06.0086 1216   NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:24:06.0133 1216   NetBIOS - ok
18:24:06.0164 1216   NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:24:06.0211 1216   NetBT - ok
18:24:06.0226 1216   Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:24:06.0242 1216   Netlogon - ok
18:24:06.0289 1216   Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:24:06.0351 1216   Netman - ok
18:24:06.0445 1216   NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:24:06.0476 1216   NetMsmqActivator - ok
18:24:06.0476 1216   NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

axpriest · « **Reply #3 on:** March 30, 2012, 07:29:13 PM »

And part 2
18:24:06.0492 1216   NetPipeActivator - ok
18:24:06.0507 1216   netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:24:06.0554 1216   netprofm - ok
18:24:06.0570 1216   NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:24:06.0570 1216   NetTcpActivator - ok
18:24:06.0570 1216   NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:24:06.0585 1216   NetTcpPortSharing - ok
18:24:06.0616 1216   nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:24:06.0616 1216   nfrd960 - ok
18:24:06.0663 1216   NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
18:24:06.0710 1216   NlaSvc - ok
18:24:06.0741 1216   Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:24:06.0772 1216   Npfs - ok
18:24:06.0788 1216   nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:24:06.0835 1216   nsi - ok
18:24:06.0866 1216   nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:24:06.0897 1216   nsiproxy - ok
18:24:06.0960 1216   Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:24:07.0022 1216   Ntfs - ok
18:24:07.0038 1216   Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:24:07.0100 1216   Null - ok
18:24:07.0147 1216   NVHDA (dd743dc997f26eddfdcebe7146b458b8) C:\Windows\system32\drivers\nvhda64v.sys
18:24:07.0162 1216   NVHDA - ok
18:24:07.0412 1216   nvlddmkm (fd7ea1dcfbe760f04146024697329843) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:24:07.0755 1216   nvlddmkm - ok
18:24:07.0802 1216   nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:24:07.0818 1216   nvraid - ok
18:24:07.0833 1216   nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:24:07.0849 1216   nvstor - ok
18:24:07.0911 1216   nvsvc (687d36f22e3a1b9513135bbeb47d7556) C:\Windows\system32\nvvsvc.exe
18:24:07.0942 1216   nvsvc - ok
18:24:08.0036 1216   nvUpdatusService (55370b722a62d0b1dca79a58a05a5712) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:24:08.0098 1216   nvUpdatusService - ok
18:24:08.0145 1216   nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:24:08.0161 1216   nv_agp - ok
18:24:08.0208 1216   ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:24:08.0254 1216   ohci1394 - ok
18:24:08.0317 1216   ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:24:08.0348 1216   ose - ok
18:24:08.0520 1216   osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:24:08.0660 1216   osppsvc - ok
18:24:08.0691 1216   p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:24:08.0738 1216   p2pimsvc - ok
18:24:08.0769 1216   p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:24:08.0816 1216   p2psvc - ok
18:24:08.0832 1216   Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:24:08.0863 1216   Parport - ok
18:24:08.0894 1216   partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
18:24:08.0910 1216   partmgr - ok
18:24:08.0925 1216   PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:24:08.0956 1216   PcaSvc - ok
18:24:08.0972 1216   pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:24:08.0988 1216   pci - ok
18:24:09.0003 1216   pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:24:09.0019 1216   pciide - ok
18:24:09.0034 1216   pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:24:09.0050 1216   pcmcia - ok
18:24:09.0066 1216   pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:24:09.0081 1216   pcw - ok
18:24:09.0097 1216   PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:24:09.0144 1216   PEAUTH - ok
18:24:09.0190 1216   PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:24:09.0237 1216   PerfHost - ok
18:24:09.0300 1216   pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
18:24:09.0393 1216   pla - ok
18:24:09.0440 1216   PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
18:24:09.0518 1216   PlugPlay - ok
18:24:09.0549 1216   PnkBstrA - ok
18:24:09.0580 1216   PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:24:09.0612 1216   PNRPAutoReg - ok
18:24:09.0612 1216   PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:24:09.0643 1216   PNRPsvc - ok
18:24:09.0658 1216   PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
18:24:09.0721 1216   PolicyAgent - ok
18:24:09.0752 1216   Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:24:09.0830 1216   Power - ok
18:24:09.0877 1216   PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:24:09.0939 1216   PptpMiniport - ok
18:24:09.0955 1216   Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:24:10.0002 1216   Processor - ok
18:24:10.0064 1216   ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
18:24:10.0220 1216   ProfSvc - ok
18:24:10.0251 1216   ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:24:10.0267 1216   ProtectedStorage - ok
18:24:10.0298 1216   Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:24:10.0360 1216   Psched - ok
18:24:10.0392 1216   PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
18:24:10.0407 1216   PxHlpa64 - ok
18:24:10.0454 1216   ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:24:10.0516 1216   ql2300 - ok
18:24:10.0532 1216   ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:24:10.0548 1216   ql40xx - ok
18:24:10.0563 1216   QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:24:10.0594 1216   QWAVE - ok
18:24:10.0610 1216   QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:24:10.0626 1216   QWAVEdrv - ok
18:24:10.0641 1216   RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:24:10.0672 1216   RasAcd - ok
18:24:10.0704 1216   RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:24:10.0735 1216   RasAgileVpn - ok
18:24:10.0766 1216   RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:24:10.0813 1216   RasAuto - ok
18:24:10.0844 1216   Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:24:10.0906 1216   Rasl2tp - ok
18:24:10.0953 1216   RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
18:24:11.0000 1216   RasMan - ok
18:24:11.0000 1216   RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:24:11.0062 1216   RasPppoe - ok
18:24:11.0078 1216   RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:24:11.0125 1216   RasSstp - ok
18:24:11.0140 1216   rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:24:11.0203 1216   rdbss - ok
18:24:11.0234 1216   rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:24:11.0250 1216   rdpbus - ok
18:24:11.0265 1216   RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:24:11.0328 1216   RDPCDD - ok
18:24:11.0359 1216   RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:24:11.0406 1216   RDPENCDD - ok
18:24:11.0421 1216   RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:24:11.0468 1216   RDPREFMP - ok
18:24:11.0515 1216   RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
18:24:11.0577 1216   RDPWD - ok
18:24:11.0593 1216   rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:24:11.0608 1216   rdyboost - ok
18:24:11.0624 1216   RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:24:11.0671 1216   RemoteAccess - ok
18:24:11.0686 1216   RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:24:11.0764 1216   RemoteRegistry - ok
18:24:11.0842 1216   RoxMediaDB12OEM (bddc447ab46625a54619808575d5cb46) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
18:24:11.0905 1216   RoxMediaDB12OEM - ok
18:24:11.0936 1216   RoxWatch12 (ce203243adf512540249df9c264f12dd) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
18:24:11.0952 1216   RoxWatch12 - ok
18:24:11.0952 1216   RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:24:12.0014 1216   RpcEptMapper - ok
18:24:12.0030 1216   RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:24:12.0076 1216   RpcLocator - ok
18:24:12.0108 1216   RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:24:12.0154 1216   RpcSs - ok
18:24:12.0217 1216   RsFx0105 (c9fe05a63c500abe3afa5786504c4d36) C:\Windows\system32\DRIVERS\RsFx0105.sys
18:24:12.0248 1216   RsFx0105 - ok
18:24:12.0264 1216   rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:24:12.0342 1216   rspndr - ok
18:24:12.0404 1216   RTCore64 (632db2a99f79e715d0c3432036cd392f) C:\Program Files (x86)\EVGA Precision\RTCore64.sys
18:24:12.0420 1216   RTCore64 - ok
18:24:12.0451 1216   SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:24:12.0482 1216   SamSs - ok
18:24:12.0513 1216   sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:24:12.0529 1216   sbp2port - ok
18:24:12.0560 1216   SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:24:12.0607 1216   SCardSvr - ok
18:24:12.0638 1216   scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:24:12.0716 1216   scfilter - ok
18:24:12.0763 1216   Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
18:24:12.0856 1216   Schedule - ok
18:24:12.0888 1216   SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:24:12.0919 1216   SCPolicySvc - ok
18:24:12.0950 1216   SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
18:24:12.0997 1216   SDRSVC - ok
18:24:13.0012 1216   secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:24:13.0090 1216   secdrv - ok
18:24:13.0106 1216   seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
18:24:13.0153 1216   seclogon - ok
18:24:13.0168 1216   SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
18:24:13.0231 1216   SENS - ok
18:24:13.0231 1216   SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:24:13.0262 1216   SensrSvc - ok
18:24:13.0278 1216   Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:24:13.0309 1216   Serenum - ok
18:24:13.0340 1216   Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:24:13.0371 1216   Serial - ok
18:24:13.0387 1216   sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:24:13.0402 1216   sermouse - ok
18:24:13.0449 1216   SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
18:24:13.0512 1216   SessionEnv - ok
18:24:13.0543 1216   sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:24:13.0590 1216   sffdisk - ok
18:24:13.0605 1216   sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:24:13.0621 1216   sffp_mmc - ok
18:24:13.0636 1216   sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:24:13.0699 1216   sffp_sd - ok
18:24:13.0714 1216   sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:24:13.0761 1216   sfloppy - ok
18:24:13.0824 1216   Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
18:24:13.0855 1216   Sftfs - ok
18:24:13.0948 1216   sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:24:13.0980 1216   sftlist - ok
18:24:14.0011 1216   Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:24:14.0011 1216   Sftplay - ok
18:24:14.0026 1216   Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:24:14.0042 1216   Sftredir - ok
18:24:14.0089 1216   SftService (38f88f0df46c4d42125ef721abd7f6b9) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
18:24:14.0120 1216   SftService - ok
18:24:14.0136 1216   Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
18:24:14.0151 1216   Sftvol - ok
18:24:14.0167 1216   sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:24:14.0182 1216   sftvsa - ok
18:24:14.0214 1216   SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
18:24:14.0292 1216   SharedAccess - ok
18:24:14.0323 1216   ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
18:24:14.0370 1216   ShellHWDetection - ok
18:24:14.0401 1216   SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:24:14.0416 1216   SiSRaid2 - ok
18:24:14.0432 1216   SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:24:14.0432 1216   SiSRaid4 - ok
18:24:14.0463 1216   Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:24:14.0526 1216   Smb - ok
18:24:14.0557 1216   SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:24:14.0604 1216   SNMPTRAP - ok
18:24:14.0619 1216   spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:24:14.0635 1216   spldr - ok
18:24:14.0650 1216   Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
18:24:14.0713 1216   Spooler - ok
18:24:14.0775 1216   sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
18:24:14.0884 1216   sppsvc - ok
18:24:14.0900 1216   sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:24:14.0947 1216   sppuinotify - ok
18:24:15.0040 1216   SQLAgent$SQLEXPRESS (45e65fb17a4cd5facbd3ca16c8334c82) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
18:24:15.0072 1216   SQLAgent$SQLEXPRESS - ok
18:24:15.0103 1216   SQLBrowser (10d936dced9eacd1a1b3fcdda6d7a4eb) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:24:15.0134 1216   SQLBrowser - ok
18:24:15.0165 1216   SQLWriter (f92e5f93be572b512da3c016b675ede0) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:24:15.0181 1216   SQLWriter - ok
18:24:15.0228 1216   srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:24:15.0290 1216   srv - ok
18:24:15.0321 1216   srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:24:15.0352 1216   srv2 - ok
18:24:15.0368 1216   srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:24:15.0415 1216   srvnet - ok
18:24:15.0446 1216   SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:24:15.0493 1216   SSDPSRV - ok
18:24:15.0524 1216   SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:24:15.0555 1216   SstpSvc - ok
18:24:15.0602 1216   Steam Client Service - ok
18:24:15.0696 1216   Stereo Service (46ca9dc1af6f36010816f690906aa7f4) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:24:15.0727 1216   Stereo Service - ok
18:24:15.0742 1216   stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:24:15.0758 1216   stexstor - ok
18:24:15.0789 1216   stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
18:24:15.0836 1216   stisvc - ok
18:24:15.0867 1216   stllssvr (9e182dd94496550a22a392cc1a8e0f52) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
18:24:15.0914 1216   stllssvr - ok
18:24:15.0945 1216   swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:24:15.0945 1216   swenum - ok
18:24:15.0976 1216   swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:24:16.0023 1216   swprv - ok
18:24:16.0086 1216   SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
18:24:16.0148 1216   SysMain - ok
18:24:16.0164 1216   TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
18:24:16.0179 1216   TabletInputService - ok
18:24:16.0195 1216   TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
18:24:16.0242 1216   TapiSrv - ok
18:24:16.0257 1216   TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:24:16.0304 1216   TBS - ok
18:24:16.0366 1216   Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
18:24:16.0444 1216   Tcpip - ok
18:24:16.0476 1216   TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
18:24:16.0507 1216   TCPIP6 - ok
18:24:16.0522 1216   tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:24:16.0600 1216   tcpipreg - ok
18:24:16.0616 1216   TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:24:16.0647 1216   TDPIPE - ok
18:24:16.0678 1216   TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
18:24:16.0725 1216   TDTCP - ok
18:24:16.0756 1216   tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:24:16.0803 1216   tdx - ok
18:24:16.0819 1216   TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:24:16.0834 1216   TermDD - ok
18:24:16.0850 1216   TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
18:24:16.0897 1216   TermService - ok
18:24:16.0912 1216   Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:24:16.0959 1216   Themes - ok
18:24:16.0990 1216   THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:24:17.0037 1216   THREADORDER - ok
18:24:17.0084 1216   tmactmon (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\Windows\system32\DRIVERS\tmactmon.sys
18:24:17.0100 1216   tmactmon - ok
18:24:17.0146 1216   tmcomm (360e61217d4e1e333583d0c721057f70) C:\Windows\system32\DRIVERS\tmcomm.sys
18:24:17.0178 1216   tmcomm - ok
18:24:17.0193 1216   tmevtmgr (699d34eb7c670139ca23a65372bd5743) C:\Windows\system32\DRIVERS\tmevtmgr.sys
18:24:17.0209 1216   tmevtmgr - ok
18:24:17.0256 1216   tmlwf (5922b1f5741bbdbaf7f7b4cbd2b7c4a5) C:\Windows\system32\DRIVERS\tmlwf.sys
18:24:17.0271 1216   tmlwf - ok
18:24:17.0302 1216   tmtdi (262198efb734012bfcd17e7479ae4a09) C:\Windows\system32\DRIVERS\tmtdi.sys
18:24:17.0318 1216   tmtdi - ok
18:24:17.0349 1216   tmwfp (0a2e3899cc72ad4cc85ea3d50a5331cc) C:\Windows\system32\DRIVERS\tmwfp.sys
18:24:17.0365 1216   tmwfp - ok
18:24:17.0412 1216   TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:24:17.0474 1216   TrkWks - ok
18:24:17.0536 1216   TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
18:24:17.0599 1216   TrustedInstaller - ok
18:24:17.0630 1216   tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:24:17.0692 1216   tssecsrv - ok
18:24:17.0739 1216   TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:24:17.0786 1216   TsUsbFlt - ok
18:24:17.0802 1216   tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:24:17.0880 1216   tunnel - ok
18:24:17.0911 1216   uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:24:17.0911 1216   uagp35 - ok
18:24:17.0958 1216   udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:24:18.0036 1216   udfs - ok
18:24:18.0051 1216   UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:24:18.0098 1216   UI0Detect - ok
18:24:18.0129 1216   uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:24:18.0145 1216   uliagpkx - ok
18:24:18.0176 1216   umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:24:18.0192 1216   umbus - ok
18:24:18.0207 1216   UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:24:18.0238 1216   UmPass - ok
18:24:18.0254 1216   upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:24:18.0332 1216   upnphost - ok
18:24:18.0363 1216   usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
18:24:18.0426 1216   usbaudio - ok
18:24:18.0457 1216   usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:24:18.0504 1216   usbccgp - ok
18:24:18.0535 1216   usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:24:18.0566 1216   usbcir - ok
18:24:18.0582 1216   usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
18:24:18.0613 1216   usbehci - ok
18:24:18.0628 1216   usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:24:18.0644 1216   usbhub - ok
18:24:18.0675 1216   usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
18:24:18.0691 1216   usbohci - ok
18:24:18.0706 1216   usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:24:18.0753 1216   usbprint - ok
18:24:18.0784 1216   usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
18:24:18.0847 1216   usbscan - ok
18:24:18.0878 1216   USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:24:18.0925 1216   USBSTOR - ok
18:24:18.0940 1216   usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
18:24:18.0987 1216   usbuhci - ok
18:24:19.0003 1216   UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:24:19.0034 1216   UxSms - ok
18:24:19.0065 1216   VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:24:19.0081 1216   VaultSvc - ok
18:24:19.0081 1216   vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:24:19.0096 1216   vdrvroot - ok
18:24:19.0128 1216   vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
18:24:19.0190 1216   vds - ok
18:24:19.0221 1216   vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:24:19.0237 1216   vga - ok
18:24:19.0252 1216   VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:24:19.0284 1216   VgaSave - ok
18:24:19.0299 1216   vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:24:19.0315 1216   vhdmp - ok
18:24:19.0408 1216   viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:24:19.0424 1216   viaide - ok
18:24:19.0440 1216   volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:24:19.0455 1216   volmgr - ok
18:24:19.0486 1216   volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:24:19.0502 1216   volmgrx - ok
18:24:19.0518 1216   volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:24:19.0533 1216   volsnap - ok
18:24:19.0564 1216   vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:24:19.0580 1216   vsmraid - ok
18:24:19.0642 1216   VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
18:24:19.0736 1216   VSS - ok
18:24:19.0752 1216   vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
18:24:19.0767 1216   vwifibus - ok
18:24:19.0798 1216   W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:24:19.0845 1216   W32Time - ok
18:24:19.0861 1216   WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:24:19.0876 1216   WacomPen - ok
18:24:19.0908 1216   WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:24:19.0954 1216   WANARP - ok
18:24:19.0954 1216   Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:24:20.0001 1216   Wanarpv6 - ok
18:24:20.0048 1216   WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
18:24:20.0079 1216   WatAdminSvc - ok
18:24:20.0142 1216   wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
18:24:20.0204 1216   wbengine - ok
18:24:20.0220 1216   WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:24:20.0235 1216   WbioSrvc - ok
18:24:20.0282 1216   wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
18:24:20.0329 1216   wcncsvc - ok
18:24:20.0344 1216   WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:24:20.0376 1216   WcsPlugInService - ok
18:24:20.0391 1216   Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:24:20.0407 1216   Wd - ok
18:24:20.0454 1216   WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
18:24:20.0500 1216   WDC_SAM - ok
18:24:20.0516 1216   Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:24:20.0563 1216   Wdf01000 - ok
18:24:20.0578 1216   WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:24:20.0672 1216   WdiServiceHost - ok
18:24:20.0672 1216   WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:24:20.0703 1216   WdiSystemHost - ok
18:24:20.0734 1216   WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
18:24:20.0750 1216   WebClient - ok
18:24:20.0781 1216   Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:24:20.0812 1216   Wecsvc - ok
18:24:20.0828 1216   wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:24:20.0890 1216   wercplsupport - ok
18:24:20.0937 1216   WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:24:21.0000 1216   WerSvc - ok
18:24:21.0015 1216   WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:24:21.0062 1216   WfpLwf - ok
18:24:21.0078 1216   WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
18:24:21.0093 1216   WimFltr - ok
18:24:21.0109 1216   WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:24:21.0124 1216   WIMMount - ok
18:24:21.0140 1216   WinDefend - ok
18:24:21.0140 1216   WinHttpAutoProxySvc - ok
18:24:21.0202 1216   Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:24:21.0249 1216   Winmgmt - ok
18:24:21.0327 1216   WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
18:24:21.0405 1216   WinRM - ok
18:24:21.0421 1216   Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:24:21.0483 1216   Wlansvc - ok
18:24:21.0514 1216   WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:24:21.0561 1216   WmiAcpi - ok
18:24:21.0577 1216   wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:24:21.0624 1216   wmiApSrv - ok
18:24:21.0639 1216   WMPNetworkSvc - ok
18:24:21.0655 1216   WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:24:21.0702 1216   WPCSvc - ok
18:24:21.0733 1216   WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
18:24:21.0780 1216   WPDBusEnum - ok
18:24:21.0795 1216   ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:24:21.0842 1216   ws2ifsl - ok
18:24:21.0858 1216   wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
18:24:21.0889 1216   wscsvc - ok
18:24:21.0889 1216   WSearch - ok
18:24:21.0967 1216   wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
18:24:22.0092 1216   wuauserv - ok
18:24:22.0107 1216   WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:24:22.0154 1216   WudfPf - ok
18:24:22.0170 1216   WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:24:22.0232 1216   WUDFRd - ok
18:24:22.0263 1216   wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
18:24:22.0294 1216   wudfsvc - ok
18:24:22.0310 1216   WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:24:22.0357 1216   WwanSvc - ok
18:24:22.0372 1216   MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
18:24:22.0482 1216   \Device\Harddisk0\DR0 - ok
18:24:22.0482 1216   MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk5\DR5
18:24:22.0918 1216   \Device\Harddisk5\DR5 - ok
18:24:22.0918 1216   MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk6\DR6
18:24:23.0090 1216   \Device\Harddisk6\DR6 - ok
18:24:23.0090 1216   Boot (0x1200) (08c4dcf84738a38f823833d437ed7e36) \Device\Harddisk0\DR0\Partition0
18:24:23.0090 1216   \Device\Harddisk0\DR0\Partition0 - ok
18:24:23.0106 1216   Boot (0x1200) (dccb6fd2ca30ebf6b61ad41a6ec7172c) \Device\Harddisk0\DR0\Partition1
18:24:23.0106 1216   \Device\Harddisk0\DR0\Partition1 - ok
18:24:23.0106 1216   Boot (0x1200) (8fc5f0522ef5152313af06c82b0b7ead) \Device\Harddisk5\DR5\Partition0
18:24:23.0121 1216   \Device\Harddisk5\DR5\Partition0 - ok
18:24:23.0121 1216   Boot (0x1200) (fb0fbbfcea6d6949f94959963402d5ec) \Device\Harddisk6\DR6\Partition0
18:24:23.0121 1216   \Device\Harddisk6\DR6\Partition0 - ok
18:24:23.0121 1216   ============================================================
18:24:23.0121 1216   Scan finished
18:24:23.0121 1216   ============================================================
18:24:23.0121 6396   Detected object count: 1
18:24:23.0121 6396   Actual detected object count: 1
18:24:47.0863 6396   DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
18:24:47.0863 6396   DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip

1972vet · « **Reply #4 on:** March 30, 2012, 07:37:34 PM »

Great, thanks! Please disable the active protection component of your antivirus and antispyware programs by following the directions that apply Here.
...of those, many people overlook the Windows Defender since, for most, there is no icon for it in the system tray. Scroll through those directives above and look for this application specifically, to make certain it is disabled.

Please download combofix from This Webpage...and read through the instructions there for running the tool.

***Important Note***
Please read through the guidance on that web page carefully and thoroughly...and install the Recovery Console. Using this tool without the Recovery Console installed is NOT RECOMMENDED.

If you have Windows Vista or Windows 7, you can skip the recovery console step...in Vista/7 it's in the System Recovery Options menu. The System Recovery Options menu is on the Windows Vista or Windows 7 installation disc. If Windows doesn't start correctly, you can use these tools to repair startup problems.

The Windows Recovery Console will allow you to boot into a special recovery (repair) mode that is not otherwise available. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It's a simple procedure that will only take a few moments.

Once installed, a blue screen prompt should appear that reads as follows:

The Recovery Console was successfully installed.

When you see that screen, please continue as follows:

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a log file for you. Please post that log back here on your next reply. Thanks!

Note:
Do not mouseclick combofix's window while it's running....that may cause the scan to stall

axpriest · « **Reply #5 on:** March 31, 2012, 12:29:57 AM »

Upon finishing its ~50 step scan, it restarted my computer. When I logged back in it started a flashing blue screen box, like the one that all the info is written in during the scan, which is flashing open and closed while moving from the top left to the middle of the screen. There is no log as far as I can see, from the files.

axpriest · « **Reply #6 on:** March 31, 2012, 01:01:25 AM »

I couldn't select anything with it flashing open and closed (it would move from whatever I clicked to the blue window, and it was flashing quicker than I could click). I restarted, it opened to the same flashing blue window. I used system restore to earlier today -- the step before the DDS scan, which was the last one saved despite it supposedly making a save point before the combofix scan.

1972vet · « **Reply #7 on:** March 31, 2012, 03:23:12 AM »

Did you disable TrendMicro Security? If so, you may have to uninstall it, then reinstall when we finish. Try running combofix in safe mode.

1972vet · « **Reply #8 on:** April 04, 2012, 07:18:41 AM »

Still with us axpriest?

1972vet · « **Reply #9 on:** April 08, 2012, 06:08:21 AM »

Due to the lack of feedback this Topic is closed. If you need continued support, please create a new thread detailing what issues you are having.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.

News:

Author Topic: [Inactive] Happili Google Search Redirect (Read 840 times)

axpriest

[Inactive] Happili Google Search Redirect

1972vet

Re: [Inactive] Happili Google Search Redirect

axpriest

Re: [Inactive] Happili Google Search Redirect

axpriest

Re: [Inactive] Happili Google Search Redirect

1972vet

Re: [Inactive] Happili Google Search Redirect

axpriest

Re: [Inactive] Happili Google Search Redirect

axpriest

Re: [Inactive] Happili Google Search Redirect

1972vet

Re: [Inactive] Happili Google Search Redirect

1972vet

Re: [Inactive] Happili Google Search Redirect

1972vet

Re: [Inactive] Happili Google Search Redirect