Author Topic: [closed K] redirects (Read 1046 times)

joes1952 · « **on:** April 03, 2012, 12:29:29 PM »

please advise

hxxp://63.209.69.107/search/web/bosch+flasher+pro/a12/46355-8909_1346/v5.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Joe at 14:21:00 on 2012-04-03
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3893.1871 [GMT -4:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Windows\System32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Synapthttp://63.209.69.107/search/web/bosch+flasher+pro/a12/46355-8909_1346/v5ics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11f_ActiveX.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\msiexec.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = g.msn.com/USCON/1
uDefault_Page_URL = g.msn.com/USCON/1
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
mWinlogon: Userinit=userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: LastPass Browser Helper Object: {95d9ecf5-2a4d-4550-be49-70d42f71296e} - C:\Program Files (x86)\LastPass\LPBar.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [Update] rundll32.exe "C:\Users\Joe\AppData\Roaming\Creative\Creative\buhjtfc.dll",DllRegisterServer
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Joe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: {75AA409D-05F9-4F27-BD53-C7339D4B1D0A} - hxxps://www.gpcemail.com/,DSID=841ceed60171d215800d47b8a906bdc6,DanaInfo=NotesBLUE.genpt.com+dwa85W.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6B6C75C0-4916-4154-83DD-9B36E592DAFD} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{BC6A80A6-C223-4764-9FA1-F2A8CF9EEECB} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{BC6A80A6-C223-4764-9FA1-F2A8CF9EEECB}\34963736F67393232373 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{BC6A80A6-C223-4764-9FA1-F2A8CF9EEECB}\541627C6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{BC6A80A6-C223-4764-9FA1-F2A8CF9EEECB}\6416E636974596765627D27657563747 : DhcpNameServer = 192.168.33.1
TCP: Interfaces\{BC6A80A6-C223-4764-9FA1-F2A8CF9EEECB}\67562796A7F6E6 : DhcpNameServer = 192.168.1.1 192.168.1.1
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: vShare Plugin: {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: LastPass Browser Helper Object: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll
BHO-X64: LastPass Browser Helper Object - No File
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: vShare Plugin: {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-18 169312]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-8-28 98208]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-8-28 689472]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-8-28 2320920]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\system32\DRIVERS\bcmvwl64.sys --> C:\Windows\system32\DRIVERS\bcmvwl64.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-27 136176]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-27 136176]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-04-03 17:33:45   8669240   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A17551A2-E6A5-475E-BF0A-4E089C9CE74C}\mpengine.dll
2012-04-02 18:24:44   388096   ----a-r-   C:\Users\Joe\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-04-02 18:24:43   --------   d-----w-   C:\Program Files (x86)\Trend Micro
2012-03-19 10:18:23   --------   d-----w-   C:\Users\Joe\AppData\Local\{C18F13A7-D05D-478F-B24F-8CD301059B44}
2012-03-16 02:51:13   --------   d-----w-   C:\Users\Joe\AppData\Local\{67841EE7-AA69-430A-B41C-C36F836DBFFF}
2012-03-13 22:38:29   5473136   ----a-w-   C:\Windows\System32\ntoskrnl.exe
2012-03-13 22:38:29   3971440   ----a-w-   C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-13 22:38:29   3915632   ----a-w-   C:\Windows\SysWow64\ntoskrnl.exe
2012-03-13 22:35:29   3143168   ----a-w-   C:\Windows\System32\win32k.sys
2012-03-13 22:35:28   320512   ----a-w-   C:\Windows\System32\d3d10_1core.dll
2012-03-13 22:35:28   218624   ----a-w-   C:\Windows\SysWow64\d3d10_1core.dll
2012-03-13 22:35:28   1837568   ----a-w-   C:\Windows\System32\d3d10warp.dll
2012-03-13 22:35:28   1541120   ----a-w-   C:\Windows\System32\DWrite.dll
2012-03-13 22:35:28   1074176   ----a-w-   C:\Windows\SysWow64\DWrite.dll
2012-03-13 22:35:27   902656   ----a-w-   C:\Windows\System32\d2d1.dll
2012-03-13 22:35:27   739840   ----a-w-   C:\Windows\SysWow64\d2d1.dll
2012-03-13 22:35:27   197120   ----a-w-   C:\Windows\System32\d3d10_1.dll
2012-03-13 22:35:27   161792   ----a-w-   C:\Windows\SysWow64\d3d10_1.dll
2012-03-13 22:35:27   1170944   ----a-w-   C:\Windows\SysWow64\d3d10warp.dll
2012-03-13 19:35:39   9216   ----a-w-   C:\Windows\System32\rdrmemptylst.exe
2012-03-13 19:35:39   826368   ----a-w-   C:\Windows\SysWow64\rdpcore.dll
2012-03-13 19:35:39   76288   ----a-w-   C:\Windows\System32\rdpwsx.dll
2012-03-13 19:35:39   149504   ----a-w-   C:\Windows\System32\rdpcorekmts.dll
2012-03-13 19:35:39   1031680   ----a-w-   C:\Windows\System32\rdpcore.dll
2012-03-13 19:35:38   23552   ----a-w-   C:\Windows\System32\drivers\tdtcp.sys
2012-03-13 19:35:38   204800   ----a-w-   C:\Windows\System32\drivers\rdpwd.sys
2012-03-12 23:31:05   --------   d-----w-   C:\Program Files\iPod
2012-03-12 23:31:04   --------   d-----w-   C:\Program Files\iTunes
2012-03-12 23:31:04   --------   d-----w-   C:\Program Files (x86)\iTunes
2012-03-12 01:40:01   --------   d-----w-   C:\Users\Joe\AppData\Roaming\SpeedyPC Software
2012-03-12 01:40:01   --------   d-----w-   C:\Users\Joe\AppData\Roaming\DriverCure
2012-03-12 01:39:56   --------   d-----w-   C:\ProgramData\SpeedyPC Software
2012-03-07 04:33:50   --------   d-----w-   C:\Users\Joe\AppData\Local\{563C3F51-B2D4-487E-81A1-EE5E901B5EBA}
.
==================== Find3M ====================
.
2012-02-23 13:18:36   279656   ------w-   C:\Windows\System32\MpSigStub.exe
2012-02-18 15:37:57   414368   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-15 15:01:50   52736   ----a-w-   C:\Windows\System32\drivers\usbaapl64.sys
2012-02-15 15:01:50   4547944   ----a-w-   C:\Windows\System32\usbaaplrc.dll
.
============= FINISH: 14:21:38.89 ===============

kevinf80 · « **Reply #1 on:** April 03, 2012, 12:46:40 PM »

Hello joes1952 and welcome to SpywareHammer,

I'm kevinf80 and I will be helping with any malware issues you may have with your system.

Please be aware that some of the logs I may ask for can be very complex and can take a long time to decipher. I am a volunteer here with a job and family so I ask that you be patient when waiting for replies.
Please DO NOT run any scans/tools/fixes on your own as this will conflict with the tools we are going to use.
Either print or Save to Notepad all instructions and please follow them carefully, if there's something you don't understand or that will not work please let me know and we will go through it together.
Malware is often buggy and can be very unstable, with that in mind it is advisable to backup any important data before we begin. Go Here and follow the instructions specific for your operating system.
If you do not reply within 72 hours the thread will be closed, if you need more time let me know. Likewise if I do not respond within 48 hours feel free to PM me.
If you have any P2P applications installed such as BitTorrent, uTorrent, Limewire etc etc, please uninstall them before we begin.
If you are using Cracked or Illegal software your thread will be locked and all help will cease.

Please proceed as follows :-

Please read carefully and follow these steps.

Download TDSSKiller and save it to your Desktop.
Doubleclick on TDSSKiller.exe to run the application.
Click on "Change parameters" and place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
Select “Scan”
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Kevin....

joes1952 · « **Reply #2 on:** April 03, 2012, 04:29:10 PM »

thanks Kevin

kevinf80 · « **Reply #3 on:** April 03, 2012, 04:45:52 PM »

Please only attach files if you are asked, always copy/paste to your reply. If you have no other option, maybe the log exceeds the forum character limit. You must zip the file first. Right click on the file, select sent to > "compressed (zipped) folder" then attach the zipped folder.....

The file you have attached is corrupt and UNreadable....

joes1952 · « **Reply #4 on:** April 04, 2012, 08:05:12 PM »

Sorry Kevin I am unable to copy and past file after it is ziped

kevinf80 · « **Reply #5 on:** April 05, 2012, 12:09:03 AM »

We prefer that logs are copied and pasted to replies, or you can split them and use multiple replies. If you do zip them up they must be attached. It is not possible to copy and paste a zipped file....

joes1952 · « **Reply #6 on:** April 05, 2012, 09:44:38 AM »

11:33:36.0582 2816   TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32
11:33:38.0584 2816   ============================================================
11:33:38.0584 2816   Current date / time: 2012/04/05 11:33:38.0584
11:33:38.0584 2816   SystemInfo:
11:33:38.0584 2816
11:33:38.0584 2816   OS Version: 6.1.7600 ServicePack: 0.0
11:33:38.0584 2816   Product type: Workstation
11:33:38.0585 2816   ComputerName: JOE-PC
11:33:38.0585 2816   UserName: Joe
11:33:38.0585 2816   Windows directory: C:\Windows
11:33:38.0585 2816   System windows directory: C:\Windows
11:33:38.0585 2816   Running under WOW64
11:33:38.0585 2816   Processor architecture: Intel x64
11:33:38.0585 2816   Number of processors: 4
11:33:38.0585 2816   Page size: 0x1000
11:33:38.0585 2816   Boot type: Normal boot
11:33:38.0585 2816   ============================================================
11:33:38.0986 2816   Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:33:38.0990 2816   \Device\Harddisk0\DR0:
11:33:38.0990 2816   MBR used
11:33:38.0990 2816   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
11:33:38.0990 2816   \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x38607030
11:33:39.0046 2816   Initialize success
11:33:39.0046 2816   ============================================================
11:35:40.0836 1100   ============================================================
11:35:40.0836 1100   Scan started
11:35:40.0836 1100   Mode: Manual; SigCheck; TDLFS;
11:35:40.0836 1100   ============================================================
11:35:43.0942 1100   1394ohci (69aa89a20dee08bfa650aab6ce37bd10) C:\Windows\system32\DRIVERS\1394ohci.sys
11:35:43.0990 1100   1394ohci - ok
11:35:44.0134 1100   ACPI (794ff35015209b9d44f1360c42c9776d) C:\Windows\system32\DRIVERS\ACPI.sys
11:35:44.0148 1100   ACPI - ok
11:35:44.0275 1100   AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
11:35:44.0288 1100   AcpiPmi - ok
11:35:44.0394 1100   AdobeActiveFileMonitor8.0 (765fe0463e711e5a68ac7b69538ed922) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
11:35:44.0411 1100   AdobeActiveFileMonitor8.0 - ok
11:35:44.0554 1100   adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:35:44.0569 1100   adp94xx - ok
11:35:44.0688 1100   adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:35:44.0716 1100   adpahci - ok
11:35:44.0950 1100   adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:35:44.0966 1100   adpu320 - ok
11:35:45.0040 1100   AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:35:45.0091 1100   AeLookupSvc - ok
11:35:45.0249 1100   AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:35:45.0256 1100   AERTFilters - ok
11:35:45.0425 1100   AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
11:35:45.0441 1100   AFD - ok
11:35:45.0934 1100   agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
11:35:45.0942 1100   agp440 - ok
11:35:46.0031 1100   ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:35:46.0043 1100   ALG - ok
11:35:46.0165 1100   aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
11:35:46.0174 1100   aliide - ok
11:35:46.0296 1100   amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
11:35:46.0305 1100   amdide - ok
11:35:46.0423 1100   AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:35:46.0443 1100   AmdK8 - ok
11:35:46.0545 1100   AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:35:46.0557 1100   AmdPPM - ok
11:35:46.0673 1100   amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
11:35:46.0693 1100   amdsata - ok
11:35:46.0848 1100   amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:35:46.0859 1100   amdsbs - ok
11:35:46.0983 1100   amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
11:35:46.0998 1100   amdxata - ok
11:35:47.0117 1100   AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
11:35:47.0133 1100   AppID - ok
11:35:47.0253 1100   AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:35:47.0298 1100   AppIDSvc - ok
11:35:47.0437 1100   Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
11:35:47.0452 1100   Appinfo - ok
11:35:47.0597 1100   Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:35:47.0606 1100   Apple Mobile Device - ok
11:35:47.0760 1100   arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:35:47.0775 1100   arc - ok
11:35:47.0876 1100   arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:35:47.0897 1100   arcsas - ok
11:35:48.0153 1100   AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:35:48.0190 1100   AsyncMac - ok
11:35:48.0321 1100   atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
11:35:48.0328 1100   atapi - ok
11:35:48.0452 1100   AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:35:48.0498 1100   AudioEndpointBuilder - ok
11:35:48.0545 1100   AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:35:48.0595 1100   AudioSrv - ok
11:35:48.0786 1100   AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
11:35:48.0810 1100   AxInstSV - ok
11:35:48.0939 1100   b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:35:48.0955 1100   b06bdrv - ok
11:35:49.0096 1100   b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:35:49.0117 1100   b57nd60a - ok
11:35:49.0229 1100   BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
11:35:49.0239 1100   BBSvc - ok
11:35:49.0423 1100   BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
11:35:49.0492 1100   BCM43XX - ok
11:35:49.0619 1100   BcmVWL (d224b2e6bb543f1d8f1177d57fec2950) C:\Windows\system32\DRIVERS\bcmvwl64.sys
11:35:49.0625 1100   BcmVWL - ok
11:35:49.0724 1100   BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:35:49.0735 1100   BDESVC - ok
11:35:50.0003 1100   Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:35:50.0053 1100   Beep - ok
11:35:50.0179 1100   BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
11:35:50.0226 1100   BFE - ok
11:35:50.0314 1100   BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
11:35:50.0361 1100   BITS - ok
11:35:50.0581 1100   blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:35:50.0594 1100   blbdrive - ok
11:35:50.0705 1100   Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
11:35:50.0721 1100   Bonjour Service - ok
11:35:50.0820 1100   bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
11:35:50.0850 1100   bowser - ok
11:35:50.0930 1100   BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:35:50.0950 1100   BrFiltLo - ok
11:35:51.0130 1100   BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:35:51.0150 1100   BrFiltUp - ok
11:35:51.0240 1100   Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
11:35:51.0290 1100   Browser - ok
11:35:51.0360 1100   Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:35:51.0370 1100   Brserid - ok
11:35:51.0540 1100   BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:35:51.0550 1100   BrSerWdm - ok
11:35:51.0660 1100   BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:35:51.0670 1100   BrUsbMdm - ok
11:35:51.0805 1100   BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:35:51.0815 1100   BrUsbSer - ok
11:35:51.0925 1100   BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:35:51.0940 1100   BTHMODEM - ok
11:35:52.0120 1100   bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:35:52.0175 1100   bthserv - ok
11:35:52.0255 1100   cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:35:52.0290 1100   cdfs - ok
11:35:52.0435 1100   cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
11:35:52.0455 1100   cdrom - ok
11:35:52.0680 1100   CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:35:52.0735 1100   CertPropSvc - ok
11:35:52.0820 1100   circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:35:52.0855 1100   circlass - ok
11:35:52.0925 1100   CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:35:52.0940 1100   CLFS - ok
11:35:53.0015 1100   clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:35:53.0025 1100   clr_optimization_v2.0.50727_32 - ok
11:35:53.0065 1100   clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:35:53.0070 1100   clr_optimization_v2.0.50727_64 - ok
11:35:53.0195 1100   clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:35:53.0205 1100   clr_optimization_v4.0.30319_32 - ok
11:35:53.0255 1100   clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:35:53.0260 1100   clr_optimization_v4.0.30319_64 - ok
11:35:53.0360 1100   CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:35:53.0385 1100   CmBatt - ok
11:35:53.0420 1100   cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
11:35:53.0430 1100   cmdide - ok
11:35:53.0460 1100   CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
11:35:53.0475 1100   CNG - ok
11:35:53.0700 1100   Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:35:53.0715 1100   Compbatt - ok
11:35:53.0855 1100   CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:35:53.0865 1100   CompositeBus - ok
11:35:53.0955 1100   COMSysApp - ok
11:35:54.0005 1100   crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:35:54.0015 1100   crcdisk - ok
11:35:54.0145 1100   CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
11:35:54.0195 1100   CryptSvc - ok
11:35:54.0345 1100   CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
11:35:54.0355 1100   CtClsFlt - ok
11:35:54.0635 1100   cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:35:54.0645 1100   cvhsvc - ok
11:35:54.0755 1100   DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:35:54.0815 1100   DcomLaunch - ok
11:35:54.0865 1100   defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:35:54.0935 1100   defragsvc - ok
11:35:54.0965 1100   DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
11:35:54.0985 1100   DfsC - ok
11:35:55.0205 1100   Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
11:35:55.0225 1100   Dhcp - ok
11:35:55.0275 1100   discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:35:55.0325 1100   discache - ok
11:35:55.0375 1100   Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:35:55.0385 1100   Disk - ok
11:35:55.0445 1100   Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
11:35:55.0455 1100   Dnscache - ok
11:35:55.0576 1100   DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
11:35:55.0590 1100   DockLoginService ( UnsignedFile.Multi.Generic ) - warning
11:35:55.0590 1100   DockLoginService - detected UnsignedFile.Multi.Generic (1)
11:35:55.0665 1100   dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
11:35:55.0705 1100   dot3svc - ok
11:35:55.0845 1100   Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
11:35:55.0860 1100   Dot4 - ok
11:35:55.0984 1100   Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:35:56.0003 1100   Dot4Print - ok
11:35:56.0036 1100   dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
11:35:56.0050 1100   dot4usb - ok
11:35:56.0201 1100   DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
11:35:56.0250 1100   DPS - ok
11:35:56.0451 1100   drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:35:56.0476 1100   drmkaud - ok
11:35:56.0597 1100   DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
11:35:56.0619 1100   DXGKrnl - ok
11:35:56.0734 1100   EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:35:56.0773 1100   EapHost - ok
11:35:56.0866 1100   ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:35:56.0916 1100   ebdrv - ok
11:35:57.0016 1100   EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
11:35:57.0035 1100   EFS - ok
11:35:57.0093 1100   ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
11:35:57.0112 1100   ehRecvr - ok
11:35:57.0150 1100   ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:35:57.0162 1100   ehSched - ok
11:35:57.0243 1100   elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:35:57.0259 1100   elxstor - ok
11:35:57.0305 1100   ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
11:35:57.0316 1100   ErrDev - ok
11:35:57.0447 1100   EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:35:57.0502 1100   EventSystem - ok
11:35:57.0567 1100   exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:35:57.0617 1100   exfat - ok
11:35:57.0643 1100   fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:35:57.0687 1100   fastfat - ok
11:35:57.0752 1100   Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
11:35:57.0775 1100   Fax - ok
11:35:57.0824 1100   fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:35:57.0834 1100   fdc - ok
11:35:57.0900 1100   fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:35:57.0936 1100   fdPHost - ok
11:35:57.0954 1100   FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:35:57.0991 1100   FDResPub - ok
11:35:58.0063 1100   FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:35:58.0072 1100   FileInfo - ok
11:35:58.0092 1100   Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:35:58.0127 1100   Filetrace - ok
11:35:58.0311 1100   FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:35:58.0329 1100   FLEXnet Licensing Service - ok
11:35:58.0433 1100   flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:35:58.0444 1100   flpydisk - ok
11:35:58.0551 1100   FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
11:35:58.0561 1100   FltMgr - ok
11:35:58.0641 1100   FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
11:35:58.0661 1100   FontCache - ok
11:35:58.0716 1100   FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:35:58.0730 1100   FontCache3.0.0.0 - ok
11:35:58.0824 1100   FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:35:58.0845 1100   FsDepends - ok
11:35:58.0992 1100   fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
11:35:59.0006 1100   fssfltr - ok
11:35:59.0150 1100   fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
11:35:59.0179 1100   fsssvc - ok
11:35:59.0283 1100   Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:35:59.0299 1100   Fs_Rec - ok
11:35:59.0484 1100   fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:35:59.0501 1100   fvevol - ok
11:35:59.0787 1100   gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:35:59.0796 1100   gagp30kx - ok
11:35:59.0886 1100   GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
11:35:59.0901 1100   GameConsoleService - ok
11:36:00.0000 1100   GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:36:00.0005 1100   GEARAspiWDM - ok
11:36:00.0059 1100   GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
11:36:00.0064 1100   GoToAssist - ok
11:36:00.0172 1100   gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
11:36:00.0196 1100   gpsvc - ok
11:36:00.0345 1100   gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:36:00.0353 1100   gupdate - ok
11:36:00.0381 1100   gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:36:00.0389 1100   gupdatem - ok
11:36:00.0511 1100   hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:36:00.0522 1100   hcw85cir - ok
11:36:00.0639 1100   HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:36:00.0656 1100   HDAudBus - ok
11:36:00.0785 1100   HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
11:36:00.0791 1100   HECIx64 - ok
11:36:00.0849 1100   HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:36:00.0863 1100   HidBatt - ok
11:36:01.0049 1100   HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:36:01.0079 1100   HidBth - ok
11:36:01.0119 1100   HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:36:01.0129 1100   HidIr - ok
11:36:01.0169 1100   hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:36:01.0209 1100   hidserv - ok
11:36:01.0349 1100   HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
11:36:01.0369 1100   HidUsb - ok
11:36:01.0689 1100   hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
11:36:01.0729 1100   hkmsvc - ok
11:36:01.0829 1100   HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
11:36:01.0849 1100   HomeGroupListener - ok
11:36:01.0969 1100   HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
11:36:01.0979 1100   HomeGroupProvider - ok
11:36:02.0089 1100   hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
11:36:02.0099 1100   hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
11:36:02.0099 1100   hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
11:36:02.0299 1100   hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
11:36:02.0309 1100   hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
11:36:02.0309 1100   hpqddsvc - detected UnsignedFile.Multi.Generic (1)
11:36:02.0429 1100   HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
11:36:02.0449 1100   HpSAMD - ok
11:36:02.0680 1100   HPSLPSVC (d972f48d0ce396759b788693cd665926) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
11:36:02.0690 1100   HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
11:36:02.0690 1100   HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
11:36:02.0810 1100   HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
11:36:02.0870 1100   HTTP - ok
11:36:03.0100 1100   hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
11:36:03.0110 1100   hwpolicy - ok
11:36:03.0250 1100   i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:36:03.0260 1100   i8042prt - ok
11:36:03.0420 1100   iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
11:36:03.0430 1100   iaStor - ok
11:36:03.0660 1100   iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
11:36:03.0670 1100   iaStorV - ok
11:36:03.0900 1100   idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:36:03.0920 1100   idsvc - ok
11:36:04.0380 1100   igfx (09ce164afa8483e41808784d7fca154e) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:36:04.0508 1100   igfx - ok
11:36:04.0598 1100   iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:36:04.0608 1100   iirsp - ok
11:36:04.0700 1100   IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
11:36:04.0750 1100   IKEEXT - ok
11:36:04.0865 1100   Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
11:36:04.0876 1100   Impcd - ok
11:36:05.0027 1100   IntcAzAudAddService (6e4ccb3aff07e2b9f2a937385c84b573) C:\Windows\system32\drivers\RTKVHD64.sys
11:36:05.0076 1100   IntcAzAudAddService - ok
11:36:05.0203 1100   IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
11:36:05.0217 1100   IntcDAud - ok
11:36:05.0322 1100   intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
11:36:05.0334 1100   intelide - ok
11:36:05.0567 1100   intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:36:05.0579 1100   intelppm - ok
11:36:05.0660 1100   IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:36:05.0701 1100   IPBusEnum - ok
11:36:05.0798 1100   IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:36:05.0837 1100   IpFilterDriver - ok
11:36:05.0932 1100   iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
11:36:05.0978 1100   iphlpsvc - ok
11:36:06.0080 1100   IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:36:06.0094 1100   IPMIDRV - ok
11:36:06.0187 1100   IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:36:06.0225 1100   IPNAT - ok
11:36:06.0338 1100   iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
11:36:06.0358 1100   iPod Service - ok
11:36:06.0604 1100   IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:36:06.0618 1100   IRENUM - ok
11:36:06.0706 1100   isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
11:36:06.0716 1100   isapnp - ok
11:36:06.0899 1100   iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
11:36:06.0909 1100   iScsiPrt - ok
11:36:07.0009 1100   kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:36:07.0009 1100   kbdclass - ok
11:36:07.0109 1100   kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
11:36:07.0129 1100   kbdhid - ok
11:36:07.0224 1100   KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:36:07.0249 1100   KeyIso - ok
11:36:07.0304 1100   KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
11:36:07.0319 1100   KSecDD - ok
11:36:07.0434 1100   KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
11:36:07.0454 1100   KSecPkg - ok
11:36:07.0614 1100   ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:36:07.0669 1100   ksthunk - ok
11:36:07.0729 1100   KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:36:07.0769 1100   KtmRm - ok
11:36:07.0854 1100   L1C (39918db0efcf045a1ce6fabbf339f975) C:\Windows\system32\DRIVERS\L1C62x64.sys
11:36:07.0869 1100   L1C - ok
11:36:08.0004 1100   LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
11:36:08.0029 1100   LanmanServer - ok
11:36:08.0199 1100   LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
11:36:08.0264 1100   LanmanWorkstation - ok
11:36:08.0434 1100   lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:36:08.0484 1100   lltdio - ok
11:36:08.0709 1100   lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:36:08.0769 1100   lltdsvc - ok
11:36:08.0829 1100   lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:36:08.0874 1100   lmhosts - ok
11:36:08.0994 1100   LMS (7485fbcef9136f530953575e2977859d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:36:09.0004 1100   LMS - ok
11:36:09.0129 1100   LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:36:09.0149 1100   LSI_FC - ok
11:36:09.0269 1100   LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:36:09.0279 1100   LSI_SAS - ok
11:36:09.0419 1100   LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:36:09.0429 1100   LSI_SAS2 - ok
11:36:09.0639 1100   LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:36:09.0639 1100   LSI_SCSI - ok
11:36:10.0019 1100   luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:36:10.0069 1100   luafv - ok
11:36:10.0209 1100   Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
11:36:10.0249 1100   Mcx2Svc - ok
11:36:10.0479 1100   megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:36:10.0489 1100   megasas - ok
11:36:10.0569 1100   MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:36:10.0589 1100   MegaSR - ok
11:36:10.0709 1100   MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:36:10.0759 1100   MMCSS - ok
11:36:10.0839 1100   Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:36:10.0879 1100   Modem - ok
11:36:10.0999 1100   monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:36:11.0029 1100   monitor - ok
11:36:11.0079 1100   mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:36:11.0089 1100   mouclass - ok
11:36:11.0152 1100   mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

joes1952 · « **Reply #7 on:** April 05, 2012, 09:46:22 AM »

11:36:11.0169 1100   mouhid - ok
11:36:11.0194 1100   mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
11:36:11.0204 1100   mountmgr - ok
11:36:11.0234 1100   mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
11:36:11.0244 1100   mpio - ok
11:36:11.0269 1100   mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:36:11.0304 1100   mpsdrv - ok
11:36:11.0359 1100   MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
11:36:11.0404 1100   MpsSvc - ok
11:36:11.0444 1100   MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
11:36:11.0482 1100   MRxDAV - ok
11:36:11.0604 1100   mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:36:11.0617 1100   mrxsmb - ok
11:36:11.0724 1100   mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:36:11.0739 1100   mrxsmb10 - ok
11:36:11.0953 1100   mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:36:11.0974 1100   mrxsmb20 - ok
11:36:12.0094 1100   msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys
11:36:12.0102 1100   msahci - ok
11:36:12.0215 1100   msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
11:36:12.0228 1100   msdsm - ok
11:36:12.0333 1100   MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:36:12.0346 1100   MSDTC - ok
11:36:12.0489 1100   Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:36:12.0523 1100   Msfs - ok
11:36:12.0657 1100   mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:36:12.0693 1100   mshidkmdf - ok
11:36:12.0801 1100   msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
11:36:12.0809 1100   msisadrv - ok
11:36:12.0938 1100   MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:36:12.0984 1100   MSiSCSI - ok
11:36:13.0021 1100   msiserver - ok
11:36:13.0092 1100   MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:36:13.0147 1100   MSKSSRV - ok
11:36:13.0288 1100   MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:36:13.0339 1100   MSPCLOCK - ok
11:36:13.0499 1100   MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:36:13.0537 1100   MSPQM - ok
11:36:13.0605 1100   MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
11:36:13.0639 1100   MsRPC - ok
11:36:13.0665 1100   mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:36:13.0674 1100   mssmbios - ok
11:36:13.0768 1100   MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:36:13.0810 1100   MSTEE - ok
11:36:13.0860 1100   MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:36:13.0873 1100   MTConfig - ok
11:36:13.0919 1100   Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:36:13.0938 1100   Mup - ok
11:36:13.0973 1100   napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
11:36:14.0018 1100   napagent - ok
11:36:14.0163 1100   NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:36:14.0193 1100   NativeWifiP - ok
11:36:14.0277 1100   NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
11:36:14.0300 1100   NDIS - ok
11:36:14.0473 1100   NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:36:14.0514 1100   NdisCap - ok
11:36:14.0683 1100   NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:36:14.0746 1100   NdisTapi - ok
11:36:14.0838 1100   Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
11:36:14.0886 1100   Ndisuio - ok
11:36:14.0956 1100   NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:36:15.0000 1100   NdisWan - ok
11:36:15.0016 1100   NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
11:36:15.0056 1100   NDProxy - ok
11:36:15.0191 1100   Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
11:36:15.0195 1100   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:36:15.0196 1100   Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:36:15.0342 1100   NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:36:15.0385 1100   NetBIOS - ok
11:36:15.0447 1100   NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
11:36:15.0495 1100   NetBT - ok
11:36:15.0538 1100   Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:36:15.0552 1100   Netlogon - ok
11:36:15.0601 1100   Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:36:15.0649 1100   Netman - ok
11:36:15.0682 1100   netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:36:15.0726 1100   netprofm - ok
11:36:15.0797 1100   NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:36:15.0804 1100   NetTcpPortSharing - ok
11:36:15.0904 1100   nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:36:15.0919 1100   nfrd960 - ok
11:36:16.0042 1100   NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
11:36:16.0100 1100   NlaSvc - ok
11:36:16.0233 1100   Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:36:16.0271 1100   Npfs - ok
11:36:16.0382 1100   nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:36:16.0441 1100   nsi - ok
11:36:16.0568 1100   nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:36:16.0625 1100   nsiproxy - ok
11:36:16.0877 1100   Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
11:36:16.0930 1100   Ntfs - ok
11:36:17.0048 1100   Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:36:17.0085 1100   Null - ok
11:36:17.0235 1100   nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
11:36:17.0248 1100   nvraid - ok
11:36:17.0401 1100   nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
11:36:17.0420 1100   nvstor - ok
11:36:17.0585 1100   nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
11:36:17.0594 1100   nv_agp - ok
11:36:17.0790 1100   ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
11:36:17.0802 1100   ohci1394 - ok
11:36:17.0895 1100   ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:36:17.0903 1100   ose - ok
11:36:18.0054 1100   osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:36:18.0154 1100   osppsvc - ok
11:36:18.0235 1100   p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:36:18.0251 1100   p2pimsvc - ok
11:36:18.0300 1100   p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:36:18.0318 1100   p2psvc - ok
11:36:18.0360 1100   Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:36:18.0376 1100   Parport - ok
11:36:18.0436 1100   partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
11:36:18.0445 1100   partmgr - ok
11:36:18.0474 1100   PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:36:18.0505 1100   PcaSvc - ok
11:36:18.0583 1100   pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
11:36:18.0598 1100   pci - ok
11:36:18.0622 1100   pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
11:36:18.0632 1100   pciide - ok
11:36:18.0677 1100   pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:36:18.0687 1100   pcmcia - ok
11:36:18.0767 1100   pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:36:18.0778 1100   pcw - ok
11:36:18.0893 1100   PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:36:18.0963 1100   PEAUTH - ok
11:36:19.0055 1100   PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:36:19.0069 1100   PerfHost - ok
11:36:19.0155 1100   pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
11:36:19.0219 1100   pla - ok
11:36:19.0264 1100   PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
11:36:19.0281 1100   PlugPlay - ok
11:36:19.0407 1100   Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
11:36:19.0413 1100   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:36:19.0413 1100   Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:36:19.0461 1100   PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:36:19.0473 1100   PNRPAutoReg - ok
11:36:19.0557 1100   PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:36:19.0573 1100   PNRPsvc - ok
11:36:19.0676 1100   PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
11:36:19.0730 1100   PolicyAgent - ok
11:36:19.0942 1100   Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:36:19.0982 1100   Power - ok
11:36:20.0138 1100   PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
11:36:20.0181 1100   PptpMiniport - ok
11:36:20.0303 1100   Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:36:20.0316 1100   Processor - ok
11:36:20.0451 1100   ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
11:36:20.0498 1100   ProfSvc - ok
11:36:20.0571 1100   ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:36:20.0598 1100   ProtectedStorage - ok
11:36:20.0724 1100   Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
11:36:20.0771 1100   Psched - ok
11:36:20.0879 1100   PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
11:36:20.0886 1100   PxHlpa64 - ok
11:36:20.0986 1100   ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:36:21.0030 1100   ql2300 - ok
11:36:21.0151 1100   ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:36:21.0163 1100   ql40xx - ok
11:36:21.0274 1100   QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:36:21.0304 1100   QWAVE - ok
11:36:21.0435 1100   QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:36:21.0462 1100   QWAVEdrv - ok
11:36:21.0608 1100   RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:36:21.0649 1100   RasAcd - ok
11:36:21.0789 1100   RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:36:21.0836 1100   RasAgileVpn - ok
11:36:21.0972 1100   RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:36:22.0020 1100   RasAuto - ok
11:36:22.0175 1100   Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:36:22.0224 1100   Rasl2tp - ok
11:36:22.0344 1100   RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
11:36:22.0408 1100   RasMan - ok
11:36:22.0574 1100   RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:36:22.0624 1100   RasPppoe - ok
11:36:22.0787 1100   RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:36:22.0835 1100   RasSstp - ok
11:36:22.0979 1100   rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
11:36:23.0043 1100   rdbss - ok
11:36:23.0180 1100   rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:36:23.0192 1100   rdpbus - ok
11:36:23.0306 1100   RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:36:23.0352 1100   RDPCDD - ok
11:36:23.0526 1100   RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:36:23.0575 1100   RDPENCDD - ok
11:36:23.0709 1100   RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:36:23.0752 1100   RDPREFMP - ok
11:36:23.0907 1100   RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
11:36:23.0928 1100   RDPWD - ok
11:36:24.0070 1100   rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
11:36:24.0081 1100   rdyboost - ok
11:36:24.0196 1100   RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:36:24.0254 1100   RemoteAccess - ok
11:36:24.0385 1100   RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:36:24.0432 1100   RemoteRegistry - ok
11:36:24.0633 1100   RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:36:24.0677 1100   RpcEptMapper - ok
11:36:24.0800 1100   RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:36:24.0815 1100   RpcLocator - ok
11:36:24.0927 1100   RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:36:24.0979 1100   RpcSs - ok
11:36:25.0094 1100   rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:36:25.0147 1100   rspndr - ok
11:36:25.0299 1100   RSUSBSTOR (22d6b47d004a6568c500680be2972854) C:\Windows\system32\Drivers\RtsUStor.sys
11:36:25.0314 1100   RSUSBSTOR - ok
11:36:25.0433 1100   SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:36:25.0460 1100   SamSs - ok
11:36:25.0665 1100   sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
11:36:25.0681 1100   sbp2port - ok
11:36:25.0878 1100   SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:36:25.0922 1100   SCardSvr - ok
11:36:26.0064 1100   scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
11:36:26.0098 1100   scfilter - ok
11:36:26.0234 1100   Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
11:36:26.0261 1100   Schedule - ok
11:36:26.0390 1100   SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:36:26.0443 1100   SCPolicySvc - ok
11:36:26.0559 1100   SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
11:36:26.0577 1100   SDRSVC - ok
11:36:26.0785 1100   SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
11:36:26.0797 1100   SeaPort - ok
11:36:26.0935 1100   secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:36:26.0988 1100   secdrv - ok
11:36:27.0123 1100   seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
11:36:27.0161 1100   seclogon - ok
11:36:27.0276 1100   SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:36:27.0322 1100   SENS - ok
11:36:27.0443 1100   SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:36:27.0459 1100   SensrSvc - ok
11:36:27.0623 1100   Ser2pl (749502a6c51116a6229cf7536181907f) C:\Windows\system32\DRIVERS\ser2pl64.sys
11:36:27.0633 1100   Ser2pl - ok
11:36:27.0792 1100   Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:36:27.0802 1100   Serenum - ok
11:36:27.0934 1100   Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:36:27.0947 1100   Serial - ok
11:36:28.0124 1100   sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:36:28.0137 1100   sermouse - ok
11:36:28.0267 1100   SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
11:36:28.0310 1100   SessionEnv - ok
11:36:28.0539 1100   sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
11:36:28.0549 1100   sffdisk - ok
11:36:28.0646 1100   sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:36:28.0654 1100   sffp_mmc - ok
11:36:28.0798 1100   sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:36:28.0806 1100   sffp_sd - ok
11:36:28.0936 1100   sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:36:28.0950 1100   sfloppy - ok
11:36:29.0128 1100   Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
11:36:29.0146 1100   Sftfs - ok
11:36:29.0277 1100   sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:36:29.0293 1100   sftlist - ok
11:36:29.0440 1100   Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:36:29.0458 1100   Sftplay - ok
11:36:29.0641 1100   Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:36:29.0648 1100   Sftredir - ok
11:36:29.0734 1100   SftService (e1974a92ac0914a3859359a0a8c82c68) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
11:36:29.0750 1100   SftService - ok
11:36:29.0871 1100   Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
11:36:29.0896 1100   Sftvol - ok
11:36:29.0993 1100   sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:36:30.0001 1100   sftvsa - ok
11:36:30.0144 1100   SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:36:30.0204 1100   SharedAccess - ok
11:36:30.0345 1100   ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
11:36:30.0384 1100   ShellHWDetection - ok
11:36:30.0604 1100   SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:36:30.0617 1100   SiSRaid2 - ok
11:36:30.0741 1100   SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:36:30.0754 1100   SiSRaid4 - ok
11:36:30.0936 1100   Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:36:31.0003 1100   Smb - ok
11:36:31.0163 1100   SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:36:31.0177 1100   SNMPTRAP - ok
11:36:31.0432 1100   spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:36:31.0440 1100   spldr - ok
11:36:32.0056 1100   Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
11:36:32.0087 1100   Spooler - ok
11:36:33.0982 1100   sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
11:36:34.0049 1100   sppsvc - ok
11:36:34.0394 1100   sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:36:34.0450 1100   sppuinotify - ok
11:36:34.0603 1100   srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
11:36:34.0620 1100   srv - ok
11:36:34.0769 1100   srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
11:36:34.0783 1100   srv2 - ok
11:36:34.0914 1100   srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
11:36:34.0937 1100   srvnet - ok
11:36:35.0076 1100   SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:36:35.0123 1100   SSDPSRV - ok
11:36:35.0258 1100   SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:36:35.0297 1100   SstpSvc - ok
11:36:35.0463 1100   stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:36:35.0477 1100   stexstor - ok
11:36:35.0626 1100   StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
11:36:35.0640 1100   StillCam - ok
11:36:35.0797 1100   stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
11:36:35.0824 1100   stisvc - ok
11:36:35.0975 1100   swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:36:35.0991 1100   swenum - ok
11:36:36.0148 1100   swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:36:36.0195 1100   swprv - ok
11:36:36.0337 1100   SynTP (c25866bdf0e818e02bb8e76845d26e54) C:\Windows\system32\DRIVERS\SynTP.sys
11:36:36.0348 1100   SynTP - ok
11:36:36.0518 1100   SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
11:36:36.0557 1100   SysMain - ok
11:36:36.0691 1100   TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
11:36:36.0710 1100   TabletInputService - ok
11:36:36.0856 1100   TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
11:36:36.0901 1100   TapiSrv - ok
11:36:37.0051 1100   TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:36:37.0090 1100   TBS - ok
11:36:37.0273 1100   Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
11:36:37.0322 1100   Tcpip - ok
11:36:37.0603 1100   TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
11:36:37.0639 1100   TCPIP6 - ok
11:36:37.0783 1100   tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
11:36:37.0824 1100   tcpipreg - ok
11:36:37.0965 1100   TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:36:37.0975 1100   TDPIPE - ok
11:36:38.0098 1100   TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
11:36:38.0112 1100   TDTCP - ok
11:36:38.0344 1100   tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
11:36:38.0385 1100   tdx - ok
11:36:38.0533 1100   TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
11:36:38.0544 1100   TermDD - ok
11:36:38.0683 1100   TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
11:36:38.0731 1100   TermService - ok
11:36:38.0862 1100   Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:36:38.0880 1100   Themes - ok
11:36:39.0016 1100   THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:36:39.0066 1100   THREADORDER - ok
11:36:39.0208 1100   TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:36:39.0254 1100   TrkWks - ok
11:36:39.0389 1100   TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
11:36:39.0410 1100   TrustedInstaller - ok
11:36:39.0684 1100   tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:36:39.0735 1100   tssecsrv - ok
11:36:40.0041 1100   tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
11:36:40.0090 1100   tunnel - ok
11:36:40.0231 1100   TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
11:36:40.0245 1100   TurboB - ok
11:36:40.0364 1100   TurboBoost (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
11:36:40.0375 1100   TurboBoost - ok
11:36:40.0485 1100   uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:36:40.0493 1100   uagp35 - ok
11:36:40.0628 1100   udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
11:36:40.0655 1100   udfs - ok
11:36:40.0767 1100   UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:36:40.0789 1100   UI0Detect - ok
11:36:40.0959 1100   uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
11:36:40.0970 1100   uliagpkx - ok
11:36:41.0086 1100   umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
11:36:41.0098 1100   umbus - ok
11:36:41.0211 1100   UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:36:41.0227 1100   UmPass - ok
11:36:41.0408 1100   UNS (765f2dd351ba064f657751d8d75e58c0) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:36:41.0455 1100   UNS - ok
11:36:41.0591 1100   upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:36:41.0635 1100   upnphost - ok
11:36:41.0759 1100   USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
11:36:41.0777 1100   USBAAPL64 - ok
11:36:41.0874 1100   usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
11:36:41.0895 1100   usbccgp - ok
11:36:42.0003 1100   usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
11:36:42.0022 1100   usbcir - ok
11:36:42.0129 1100   usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
11:36:42.0144 1100   usbehci - ok
11:36:42.0271 1100   usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
11:36:42.0286 1100   usbhub - ok
11:36:42.0371 1100   usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
11:36:42.0384 1100   usbohci - ok
11:36:42.0515 1100   usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:36:42.0542 1100   usbprint - ok
11:36:42.0695 1100   usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:36:42.0714 1100   usbscan - ok
11:36:42.0812 1100   USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:36:42.0821 1100   USBSTOR - ok
11:36:42.0935 1100   usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
11:36:42.0950 1100   usbuhci - ok
11:36:43.0075 1100   usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
11:36:43.0087 1100   usbvideo - ok
11:36:43.0156 1100   UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:36:43.0210 1100   UxSms - ok
11:36:43.0292 1100   VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:36:43.0311 1100   VaultSvc - ok
11:36:43.0421 1100   vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
11:36:43.0434 1100   vdrvroot - ok
11:36:43.0551 1100   vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
11:36:43.0570 1100   vds - ok
11:36:43.0723 1100   vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:36:43.0742 1100   vga - ok
11:36:43.0856 1100   VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:36:43.0899 1100   VgaSave - ok
11:36:44.0015 1100   vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
11:36:44.0032 1100   vhdmp - ok
11:36:44.0140 1100   viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
11:36:44.0152 1100   viaide - ok
11:36:44.0245 1100   volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
11:36:44.0254 1100   volmgr - ok
11:36:44.0467 1100   volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
11:36:44.0484 1100   volmgrx - ok
11:36:44.0603 1100   volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
11:36:44.0616 1100   volsnap - ok
11:36:44.0824 1100   vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:36:44.0842 1100   vsmraid - ok
11:36:44.0987 1100   VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
11:36:45.0020 1100   VSS - ok
11:36:45.0136 1100   vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:36:45.0149 1100   vwifibus - ok
11:36:45.0291 1100   vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:36:45.0305 1100   vwififlt - ok
11:36:45.0462 1100   vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:36:45.0480 1100   vwifimp - ok
11:36:45.0584 1100   W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:36:45.0628 1100   W32Time - ok
11:36:45.0730 1100   WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:36:45.0741 1100   WacomPen - ok
11:36:45.0817 1100   WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:36:45.0851 1100   WANARP - ok
11:36:45.0880 1100   Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:36:45.0928 1100   Wanarpv6 - ok
11:36:46.0122 1100   WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:36:46.0149 1100   WatAdminSvc - ok
11:36:46.0217 1100   wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
11:36:46.0247 1100   wbengine - ok
11:36:46.0268 1100   WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:36:46.0285 1100   WbioSrvc - ok
11:36:46.0317 1100   wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
11:36:46.0331 1100   wcncsvc - ok
11:36:46.0357 1100   WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:36:46.0373 1100   WcsPlugInService - ok
11:36:46.0410 1100   Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:36:46.0417 1100   Wd - ok
11:36:46.0540 1100   Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:36:46.0564 1100   Wdf01000 - ok
11:36:46.0600 1100   WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:36:46.0618 1100   WdiServiceHost - ok
11:36:46.0622 1100   WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:36:46.0642 1100   WdiSystemHost - ok
11:36:46.0683 1100   WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
11:36:46.0698 1100   WebClient - ok
11:36:46.0727 1100   Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:36:46.0768 1100   Wecsvc - ok
11:36:46.0794 1100   wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:36:46.0840 1100   wercplsupport - ok
11:36:46.0896 1100   WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:36:46.0937 1100   WerSvc - ok
11:36:46.0974 1100   WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:36:47.0010 1100   WfpLwf - ok
11:36:47.0073 1100   WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
11:36:47.0083 1100   WimFltr - ok
11:36:47.0113 1100   WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:36:47.0121 1100   WIMMount - ok
11:36:47.0151 1100   WinDefend - ok
11:36:47.0157 1100   WinHttpAutoProxySvc - ok
11:36:47.0251 1100   Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:36:47.0297 1100   Winmgmt - ok
11:36:47.0417 1100   WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
11:36:47.0482 1100   WinRM - ok
11:36:47.0665 1100   WinUsb (4d52c872018af7e18d078978dcc3f6f2) C:\Windows\system32\DRIVERS\WinUsb.sys
11:36:47.0678 1100   WinUsb - ok
11:36:47.0891 1100   Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:36:47.0920 1100   Wlansvc - ok
11:36:48.0051 1100   wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:36:48.0058 1100   wlcrasvc - ok
11:36:48.0149 1100   wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:36:48.0193 1100   wlidsvc - ok
11:36:48.0330 1100   WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:36:48.0340 1100   WmiAcpi - ok
11:36:48.0407 1100   wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:36:48.0421 1100   wmiApSrv - ok
11:36:48.0489 1100   WMPNetworkSvc - ok
11:36:48.0557 1100   WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:36:48.0572 1100   WPCSvc - ok
11:36:48.0605 1100   WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
11:36:48.0620 1100   WPDBusEnum - ok
11:36:48.0690 1100   ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:36:48.0730 1100   ws2ifsl - ok
11:36:48.0818 1100   wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
11:36:48.0829 1100   wscsvc - ok
11:36:48.0837 1100   WSearch - ok
11:36:48.0920 1100   wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
11:36:48.0993 1100   wuauserv - ok
11:36:49.0025 1100   WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys
11:36:49.0037 1100   WudfPf - ok
11:36:49.0092 1100   WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:36:49.0104 1100   WUDFRd - ok
11:36:49.0126 1100   wudfsvc (27b9bee5aac00139e3a3af5d6227a0dc) C:\Windows\System32\WUDFSvc.dll
11:36:49.0139 1100   wudfsvc - ok
11:36:49.0165 1100   WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:36:49.0185 1100   WwanSvc - ok
11:36:49.0251 1100   MBR (0x1B8) (0f84f2562620c40d8a3e1908c8075675) \Device\Harddisk0\DR0
11:36:49.0282 1100   \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
11:36:49.0282 1100   \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
11:36:49.0615 1100   \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:36:49.0615 1100   \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:36:49.0648 1100   Boot (0x1200) (88bcb367f174286ae07a746609656cd1) \Device\Harddisk0\DR0\Partition0
11:36:49.0649 1100   \Device\Harddisk0\DR0\Partition0 - ok
11:36:49.0661 1100   Boot (0x1200) (bb14ee8745498d2317f6879f7f6031a2) \Device\Harddisk0\DR0\Partition1
11:36:49.0662 1100   \Device\Harddisk0\DR0\Partition1 - ok
11:36:49.0662 1100   ============================================================
11:36:49.0663 1100   Scan finished
11:36:49.0663 1100   ============================================================
11:36:49.0673 6276   Detected object count: 8
11:36:49.0673 6276   Actual detected object count: 8
11:36:58.0878 6276   DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
11:36:58.0878 6276   DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:36:58.0878 6276   hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
11:36:58.0878 6276   hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:36:58.0881 6276   hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:36:58.0881 6276   hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:36:58.0883 6276   HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
11:36:58.0884 6276   HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:36:58.0884 6276   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:36:58.0884 6276   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:36:58.0886 6276   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:36:58.0886 6276   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:36:58.0975 6276   \Device\Harddisk0\DR0\# - copied to quarantine
11:36:58.0975 6276   \Device\Harddisk0\DR0 - copied to quarantine
11:36:59.0060 6276   \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
11:36:59.0062 6276   \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
11:36:59.0068 6276   \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
11:36:59.0074 6276   \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
11:36:59.0092 6276   \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
11:36:59.0103 6276   \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
11:36:59.0107 6276   \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
11:36:59.0108 6276   \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
11:36:59.0110 6276   \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
11:36:59.0113 6276   \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
11:36:59.0116 6276   \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
11:36:59.0116 6276   \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
11:36:59.0118 6276   \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
11:36:59.0119 6276   \Device\Harddisk0\DR0 - ok
11:36:59.0122 6276   \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
11:36:59.0122 6276   \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:36:59.0122 6276   \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
11:37:04.0396 0584   Deinitialize success

kevinf80 · « **Reply #8 on:** April 05, 2012, 09:56:28 AM »

Well we`ve caught the rootkit, OK continue with the following:

Step 1

Please download Malwarebytes Anti-Malware and save it to your desktop.
Alernative D/L mirror
Alternative D/L mirror

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
Please save the log to a location you will remember.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 2

Run ESET Online Scan

Hold down Control and click on the following link to open ESET OnlineScan in a new window.

ESET OnlineScan

Click the button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

Click on to download the ESET Smart Installer. Save it to your desktop.
Double click on the icon on your desktop.

Check
Click the button.
Accept any security warnings from your browser.
Check
Ensure remove found threats is checked
Push the Start button.
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, push
Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Push the button.
Push

You can refer to this animation by neomage if needed.
Frequently asked questions available Here Please read them before running the scan.

Also be aware this scan can take several hours to complete depending on the size of your system.

ESET log can be found here "C:\Program Files\ESET\EsetOnlineScanner\log.txt".

Let me see those two logs, also give an update on current issues or concerns..

Kevin

joes1952 · « **Reply #9 on:** April 05, 2012, 12:03:51 PM »

C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll   Win32/Toolbar.Babylon application   cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\3523.tmp   Win64/Olmarik.AH trojan   cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\3524.tmp   Win64/Olmarik.AH trojan   cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.04.2012_11.33.38\mbr0000\tdlfs0000\tsk0000.dta   Win32/Olmarik.AWO trojan   cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.04.2012_11.33.38\mbr0000\tdlfs0000\tsk0001.dta   Win64/Olmarik.AD trojan   cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.04.2012_11.33.38\mbr0000\tdlfs0000\tsk0002.dta   Win32/Olmarik.AYH trojan   cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.04.2012_11.33.38\mbr0000\tdlfs0000\tsk0003.dta   Win64/Olmarik.AG trojan   cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.04.2012_11.33.38\mbr0000\tdlfs0000\tsk0004.dta   a variant of Win32/Rootkit.Kryptik.KQ trojan   cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.04.2012_11.33.38\mbr0000\tdlfs0000\tsk0005.dta   Win64/Olmarik.AF trojan   cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.04.2012_11.33.38\mbr0000\tdlfs0000\tsk0009.dta   Win32/Olmarik.AWO trojan   cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.04.2012_11.33.38\mbr0000\tdlfs0000\tsk0010.dta   Win64/Olmarik.X trojan   cleaned by deleting - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\41PVFDT1\MyBabylonTB[1]   Win32/Toolbar.Babylon application   cleaned by deleting - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1G2I3GHP\afrCAX5DQCM.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1G2I3GHP\gift-reward-central_com[1].htm   HTML/ScrInject.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1G2I3GHP\gift-rewardcentral_com[1].htm   HTML/ScrInject.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1G2I3GHP\rewardsurveychannel_com[1].htm   HTML/Fraud.BG trojan   cleaned by deleting - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6PXMSGHZ\rewardsurveychannel_com[1].htm   HTML/ScrInject.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6PXMSGHZ\rewardsurveychannel_com[2].htm   HTML/ScrInject.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6PXMSGHZ\rewardsurveychannel_com[3].htm   HTML/ScrInject.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7KH7VTIQ\afrCA7N2AXE.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7KH7VTIQ\afrCA9ZHEB5.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7KH7VTIQ\afrCAH7PZDW.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7KH7VTIQ\afrCAJ2YSU4.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7KH7VTIQ\afrCAQA6J3X.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7KH7VTIQ\afrCARQ0API.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7KH7VTIQ\afrCAUN3579.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8MRXCNRH\afrCA0TXU7Q.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8MRXCNRH\afrCA2UZ85W.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8MRXCNRH\afrCAE84KSW.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8MRXCNRH\afrCASNCGT0.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8MRXCNRH\afrCAYQBZHL.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8MRXCNRH\giftrewardzcenter_com[1].htm   HTML/ScrInject.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DB32HCO1\afrCA0RRF15.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DB32HCO1\afrCA425BCA.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DB32HCO1\afrCA9QUV4S.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DB32HCO1\afrCADK8JNL.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DB32HCO1\afrCAP00G0U.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DB32HCO1\afrCAX81ERX.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DB32HCO1\afrCAYBRI8I.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DB32HCO1\afrCAZ7NQTZ.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IK833WJQ\afrCA41CHJR.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IK833WJQ\afrCA4IUJKM.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IK833WJQ\afrCA4OVQJ7.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IK833WJQ\afrCAO3YVZA.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IK833WJQ\afrCAOVDDDD.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IK833WJQ\afrCAX8OPBY.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IK833WJQ\afrCAZ1F3IG.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IK833WJQ\gift-rewardcentral_com[1].htm   HTML/ScrInject.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IK833WJQ\giftrewardzcenter_com[1].htm   HTML/ScrInject.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OF2N4AOY\gift-reward-central_com[1].htm   HTML/ScrInject.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OF2N4AOY\rewardsurveychannel_com[1].htm   HTML/Fraud.BG trojan   cleaned by deleting - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RTYAM640\afrCA8PHD8R.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RTYAM640\afrCASAYI60.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RTYAM640\afrCAVCN2HO.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RTYAM640\gift-rewardcentral_com[1].htm   HTML/ScrInject.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YUOQA184\afrCA56VRBS.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YUOQA184\afrCAJ66UDZ.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YUOQA184\afrCAKYI22L.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZOB4DOPZ\afrCA26NHUT.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZOB4DOPZ\afrCAU1S7YC.htm   HTML/Iframe.B.Gen virus   deleted - quarantined
C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZOB4DOPZ\gift-reward-central_com[1].htm   HTML/ScrInject.B.Gen virus   deleted - quarantined

joes1952 · « **Reply #10 on:** April 05, 2012, 12:06:25 PM »

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.04.05.07

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Joe :: JOE-PC [administrator]

4/5/2012 12:49:41 PM
mbam-log-2012-04-05 (12-49-41).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 197190
Time elapsed: 3 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Users\Joe\AppData\Roaming\Creative\Creative\buhjtfc.dll (Trojan.Tracur) -> Delete on reboot.

Registry Keys Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Update (Trojan.Tracur) -> Data: rundll32.exe "C:\Users\Joe\AppData\Roaming\Creative\Creative\buhjtfc.dll",DllRegisterServer -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 6
C:\Users\Joe\AppData\Roaming\Creative\Creative\buhjtfc.dll (Trojan.Tracur) -> Delete on reboot.
C:\Users\Joe\AppData\Roaming\Creative\Creative\ivzucplz.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Users\Joe\AppData\Local\Temp\arg268359.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Users\Joe\AppData\Local\Temp\nsj4453.tmp\buhjtfc.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Users\Joe\AppData\Local\Temp\nsj4453.tmp\ivzucplz.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

kevinf80 · « **Reply #11 on:** April 05, 2012, 02:41:23 PM »

How is your system responding now, any issues or concerns?

joes1952 · « **Reply #12 on:** April 05, 2012, 04:11:33 PM »

none at the moment Kevin thanks alot

kevinf80 · « **Reply #13 on:** April 05, 2012, 04:51:49 PM »

Run your system for 24 hours, if OK run this scan and post the log....

Download Security Check by screen317 from HERE or HERE.
Save it to your Desktop.
Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Kevin

joes1952 · « **Reply #14 on:** April 05, 2012, 06:06:35 PM »

Kevin I have had 2 complete shut downs like never got computer to power up

Results of screen317's Security Check version 0.99.32
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Java(TM) 6 Update 29
Java version out of date!
Adobe Reader 9 Adobe Reader out of date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
``````````End of Log````````````

News:

Author Topic: [closed K] redirects (Read 1046 times)

joes1952

[closed K] redirects

kevinf80

Re: [closed K] redirects

joes1952

Re: [closed K] redirects

kevinf80

Re: [closed K] redirects

joes1952

Re: [closed K] redirects

kevinf80

Re: [closed K] redirects

joes1952

Re: [closed K] redirects

joes1952

Re: [closed K] redirects

kevinf80

Re: [closed K] redirects

joes1952

Re: [closed K] redirects

joes1952

Re: [closed K] redirects

kevinf80

Re: [closed K] redirects

joes1952

Re: [closed K] redirects

kevinf80

Re: [closed K] redirects

joes1952

Re: [closed K] redirects