Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected? Or just need a cleanup to boost performances?


  • Please log in to reply
11 replies to this topic

#1 yhelfman

yhelfman

  • Members
  • 128 posts
  • OFFLINE
  •  
  • Local time:01:02 AM

Posted 25 January 2013 - 08:25 PM

No specific virus or Ad or other clear symptoms, just general performance deteriorating ... appreciate some assistance in detecting what's going on and hopefully boosting back sluggish performance. Thanks!

BC AdBot (Login to Remove)

 


#2 yhelfman

yhelfman
  • Topic Starter

  • Members
  • 128 posts
  • OFFLINE
  •  
  • Local time:01:02 AM

Posted 28 January 2013 - 02:19 PM

Hi,

It's been 3 days and I haven't heard back :( I know it was a weekend ...
Since I've posted a similar topic in the past http://www.bleepingcomputer.com/forums/topic477353.html/page__p__2912811__fromsearch__1#entry2912811
I started off by running the generic tools that boompe suggested there. Here are the logs. I hope someone can take this from there.

Thanks,
Yuval

MiniToolBox by Farbar Version:10-01-2013
Ran by User (administrator) on 28-01-2013 at 08:58:05
Running from "C:\Users\User\Desktop\YuvalTuneUp\MiniToolBox"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom 802.11n = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=10.0.0.4 metric=1 publish=Yes
set subinterface interface=??. subinterface=ethernet_10 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : User-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.pace.com

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : B4-74-9F-45-F6-0D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) #2
Physical Address. . . . . . . . . : 4C-ED-DE-9B-89-1E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.pace.com
Description . . . . . . . . . . . : Broadcom 802.11n
Physical Address. . . . . . . . . : B4-74-9F-45-F6-0D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2d31:6cc1:b5e9:9e43%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.73(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 27, 2013 3:18:06 AM
Lease Expires . . . . . . . . . . : Tuesday, January 29, 2013 3:18:05 AM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 364147871
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-37-DF-35-E8-11-32-2A-A4-E6
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : E8-11-32-2A-A4-E6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.pace.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.pace.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:24ae:34fa:3f57:feb6(Preferred)
Link-local IPv6 Address . . . . . : fe80::24ae:34fa:3f57:feb6%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: homeportal
Address: 192.168.1.254

Name: google.com
Addresses: 2001:4860:4001:800::1004
74.125.224.134
74.125.224.135
74.125.224.136
74.125.224.137
74.125.224.142
74.125.224.128
74.125.224.129
74.125.224.130
74.125.224.131
74.125.224.132
74.125.224.133


Pinging google.com [74.125.224.132] with 32 bytes of data:
Reply from 74.125.224.132: bytes=32 time=17ms TTL=54
Reply from 74.125.224.132: bytes=32 time=35ms TTL=54

Ping statistics for 74.125.224.132:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 35ms, Average = 26ms
Server: homeportal
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=138ms TTL=47
Reply from 98.139.183.24: bytes=32 time=171ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 138ms, Maximum = 171ms, Average = 154ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
19...b4 74 9f 45 f6 0d ......Microsoft Virtual WiFi Miniport Adapter
14...4c ed de 9b 89 1e ......Bluetooth Device (Personal Area Network) #2
13...b4 74 9f 45 f6 0d ...... Broadcom 802.11n
12...e8 11 32 2a a4 e6 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.73 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 192.168.1.73 306
169.254.255.255 255.255.255.255 On-link 192.168.1.73 281
192.168.1.0 255.255.255.0 On-link 192.168.1.73 281
192.168.1.73 255.255.255.255 On-link 192.168.1.73 281
192.168.1.255 255.255.255.255 On-link 192.168.1.73 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.73 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.73 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
169.254.0.0 255.255.0.0 10.0.0.4 1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:4137:9e76:24ae:34fa:3f57:feb6/128
On-link
13 281 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::24ae:34fa:3f57:feb6/128
On-link
13 281 fe80::2d31:6cc1:b5e9:9e43/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/26/2013 01:28:53 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services OnIdentity() System Writer.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.

System Error:
.
.

Error: (01/26/2013 01:28:53 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services OnIdentity() System Writer.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.

System Error:
.
.

Error: (01/25/2013 04:31:01 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (932) SUS20ClientDataStore: The version store for this instance (0) has reached its maximum size of 32Mb. It is likely that a long-running transaction is preventing cleanup of the version store and causing it to build up in size. Updates will be rejected until the long-running transaction has been completely committed or rolled back.

Possible long-running transaction:

SessionId: 0x00000000015A04A0

Session-context: 0x00000000

Session-context ThreadId: 0x0000000000000978

Cleanup: 1

Error: (01/25/2013 04:30:45 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (932) SUS20ClientDataStore: The version store for this instance (0) has reached its maximum size of 32Mb. It is likely that a long-running transaction is preventing cleanup of the version store and causing it to build up in size. Updates will be rejected until the long-running transaction has been completely committed or rolled back.

Possible long-running transaction:

SessionId: 0x00000000015A04A0

Session-context: 0x00000000

Session-context ThreadId: 0x0000000000000978

Cleanup: 1

Error: (01/25/2013 04:30:28 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (932) SUS20ClientDataStore: The version store for this instance (0) has reached its maximum size of 32Mb. It is likely that a long-running transaction is preventing cleanup of the version store and causing it to build up in size. Updates will be rejected until the long-running transaction has been completely committed or rolled back.

Possible long-running transaction:

SessionId: 0x00000000015A04A0

Session-context: 0x00000000

Session-context ThreadId: 0x0000000000000978

Cleanup: 1

Error: (01/25/2013 04:30:12 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (932) SUS20ClientDataStore: The version store for this instance (0) has reached its maximum size of 32Mb. It is likely that a long-running transaction is preventing cleanup of the version store and causing it to build up in size. Updates will be rejected until the long-running transaction has been completely committed or rolled back.

Possible long-running transaction:

SessionId: 0x00000000015A04A0

Session-context: 0x00000000

Session-context ThreadId: 0x0000000000000978

Cleanup: 1

Error: (01/25/2013 04:29:55 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (932) SUS20ClientDataStore: The version store for this instance (0) has reached its maximum size of 32Mb. It is likely that a long-running transaction is preventing cleanup of the version store and causing it to build up in size. Updates will be rejected until the long-running transaction has been completely committed or rolled back.

Possible long-running transaction:

SessionId: 0x00000000015A04A0

Session-context: 0x00000000

Session-context ThreadId: 0x0000000000000978

Cleanup: 1

Error: (01/20/2013 08:19:31 PM) (Source: Application Hang) (User: )
Description: OUTLOOK.EXE 14.0.6126.5003 Windows . , .

: 29d8

: 01cdf78d76ec4170

: 190

: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

: 923eb0f0-6381-11e2-9c54-4cedde9b891e

Error: (01/16/2013 03:41:45 PM) (Source: Application Hang) (User: )
Description: install_reader11_en_mssa_aih.exe 3.3.6.0 Windows . , .

: 1688

: 01cdf441fb0119cf

: 8

: C:\Users\User\AppData\Local\Temp\install_reader11_en_mssa_aih.exe

:

Error: (01/09/2013 03:43:01 AM) (Source: Application Error) (User: )
Description: : ccSvcHst.exe, : 10.1.1.16, : 0x4daa1893
: KERNEL32.DLL_unloaded, : 0.0.0.0, : 0x50b83c89
: 0xc0000005
: 0x75367717
: 0x538
: 0xccSvcHst.exe0
: ccSvcHst.exe1
: ccSvcHst.exe2
: ccSvcHst.exe3


System errors:
=============
Error: (01/27/2013 07:18:52 PM) (Source: volsnap) (User: )
Description: C: - .

Error: (01/27/2013 03:18:11 AM) (Source: Service Control Manager) (User: )
Description: - ScRegSetValueExW FailureActions :
%%5

Error: (01/27/2013 03:18:07 AM) (Source: Service Control Manager) (User: )
Description: - ScRegSetValueExW FailureActions :
%%5

Error: (01/27/2013 03:16:46 AM) (Source: Service Control Manager) (User: )
Description: - ScRegSetValueExW FailureActions :
%%5

Error: (01/26/2013 08:44:38 AM) (Source: Service Control Manager) (User: )
Description: - Windows Update :
%%-2147467243

Error: (01/25/2013 08:28:54 PM) (Source: volsnap) (User: )
Description: C: - .

Error: (01/24/2013 06:01:50 PM) (Source: volsnap) (User: )
Description: C: - .

Error: (01/24/2013 05:36:49 PM) (Source: DCOM) (User: )
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (01/24/2013 11:47:59 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:45:59 on 24/01/2013 was unexpected.

Error: (01/24/2013 11:47:36 AM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.


Microsoft Office Sessions:
=========================
Error: (01/26/2013 01:28:53 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.

System Error:
.

Error: (01/26/2013 01:28:53 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.

System Error:
.

Error: (01/25/2013 04:31:01 PM) (Source: ESENT)(User: )
Description: wuaueng.dll932SUS20ClientDataStore: 0320x00000000015A04A00x000000000x00000000000009781

Error: (01/25/2013 04:30:45 PM) (Source: ESENT)(User: )
Description: wuaueng.dll932SUS20ClientDataStore: 0320x00000000015A04A00x000000000x00000000000009781

Error: (01/25/2013 04:30:28 PM) (Source: ESENT)(User: )
Description: wuaueng.dll932SUS20ClientDataStore: 0320x00000000015A04A00x000000000x00000000000009781

Error: (01/25/2013 04:30:12 PM) (Source: ESENT)(User: )
Description: wuaueng.dll932SUS20ClientDataStore: 0320x00000000015A04A00x000000000x00000000000009781

Error: (01/25/2013 04:29:55 PM) (Source: ESENT)(User: )
Description: wuaueng.dll932SUS20ClientDataStore: 0320x00000000015A04A00x000000000x00000000000009781

Error: (01/20/2013 08:19:31 PM) (Source: Application Hang)(User: )
Description: OUTLOOK.EXE14.0.6126.500329d801cdf78d76ec4170190C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE923eb0f0-6381-11e2-9c54-4cedde9b891e

Error: (01/16/2013 03:41:45 PM) (Source: Application Hang)(User: )
Description: install_reader11_en_mssa_aih.exe3.3.6.0168801cdf441fb0119cf8C:\Users\User\AppData\Local\Temp\install_reader11_en_mssa_aih.exe

Error: (01/09/2013 03:43:01 AM) (Source: Application Error)(User: )
Description: ccSvcHst.exe10.1.1.164daa1893KERNEL32.DLL_unloaded0.0.0.050b83c89c00000057536771753801cde54804c90234C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exeKERNEL32.DLLb80c60bc-5a51-11e2-96d2-4cedde9b891e


=========================== Installed Programs ============================

???? Windows Live (Version: 15.4.3502.0922)
??????? ??????????? ??? Windows Live (Version: 15.4.3502.0922)
???????? ?? Messenger (Version: 15.4.3502.0922)
???????? ?????????? Windows Live (Version: 15.4.3502.0922)
????????? Messenger (Version: 15.4.3502.0922)
?????????? Windows Live (Version: 15.4.3502.0922)
??????????? ?? Windows Live (Version: 15.4.3502.0922)
Adobe AIR (Version: 3.1.0.4880)
Adobe Connect Add-in
Adobe Flash Player 10 ActiveX 64-bit (Version: 10.3.162.28)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader XI (11.0.01) (Version: 11.0.01)
Agatha Christie - Death on the Nile (Version: 2.2.0.82)
AndreaMosaic 3.33.0
Ashampoo Burning Studio 6 FREE (Version: 6.7.6)
Atheros Client Installation Program (Version: 9.0)
AVG 2013 (Version: 13.0.2639)
AVG 2013 (Version: 13.0.2890)
AVG 2013 (Version: 2013.0.2890)
BatteryLifeExtender (Version: 1.0.10)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Rewards Client Installer (Version: 16.0.345.0)
Blekko Search Bar
Broadcom 802.11 Network Adapter (Version: 5.60.48.55)
Build-a-lot (Version: 2.2.0.82)
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon MP Navigator EX 4.1
Canon MX410 series MP Drivers
Canon MX410 series User Registration
Canon My Printer
Canon Solution Menu EX
Canon Speed Dial Utility
Chuzzle Deluxe (Version: 2.2.0.82)
Compl?ment Messenger (Version: 15.4.3502.0922)
Complemento Messenger (Version: 15.4.3502.0922)
CyberLink Media Suite (Version: 8.0.2227)
CyberLink Media+ Player10 (Version: 10.0.1110.00)
CyberLink MediaShow (Version: 5.0.1130a)
CyberLink Power2Go (Version: 6.1.3802)
CyberLink PowerDirector (Version: 8.0.3306)
CyberLink YouCam (Version: 3.1.3509)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.82)
Domain Samurai (Version: 0.2.80)
Doplnok programu Messenger (Version: 15.4.3502.0922)
Easy Content Share (Version: 1.0)
Easy Display Manager (Version: 3.2)
Easy Migration (Version: 1.0.0.5)
Easy Network Manager (Version: 4.4.6)
Easy SpeedUp Manager (Version: 2.1.1.1)
EasyBatteryManager (Version: 4.0.0.4)
EasyBits GO
EasyFileShare (Version: 1.0.11)
ETDWare PS/2-X64 10.7.14.12_WHQL (Version: 10.7.14.12)
Farm Frenzy (Version: 2.2.0.82)
Fast Start (Version: 2.2.0.0)
FastStone Photo Resizer 3.1 (Version: 3.1)
Fotogalerija Windows Live (Version: 15.4.3502.0922)
Galer?a fotogr?fica de Windows Live (Version: 15.4.3502.0922)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galeria fotografii us?ugi Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galerie foto Windows Live (Version: 15.4.3502.0922)
Garmin Lifetime Updater (Version: 2.0.11)
Google Chrome (Version: 24.0.1312.56)
Google Talk Plugin (Version: 3.10.2.10212)
Google Update Helper (Version: 1.3.21.123)
HelpPC (Version: 1.0.0)
Insaniquarium Deluxe (Version: 2.2.0.82)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2202)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.3.1001)
Java 7 Update 10 (Version: 7.0.100)
Java Auto Updater (Version: 2.1.9.0)
John Deere Drive Green (Version: 2.2.0.82)
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Codec Pack 6.0.4 (Full) (Version: 6.0.4)
Mesh Runtime (Version: 15.4.5722.2)
Messenger-kumppani (Version: 15.4.3502.0922)
Messenger ??? ?? (Version: 15.4.3502.0922)
Messenger ???? (Version: 15.4.3502.0922)
Messenger ????? (Version: 15.4.3502.0922)
Messenger Assistent (Version: 15.4.3502.0922)
Messenger Companion (Version: 15.4.3502.0922)
Messenger k?s?r? (Version: 15.4.3502.0922)
Messenger Pratilac (Version: 15.4.3502.0922)
Messenger Suradnik (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile HEB Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Arabic) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Russian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Movie Color Enhancer (Version: 1.0)
Mozilla Firefox 18.0.1 (x86 en-US) (Version: 18.0.1)
Mozilla Maintenance Service (Version: 18.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Peggle (Version: 2.2.0.82)
Penguins! (Version: 2.2.0.82)
Picasa 3 (Version: 3.8)
Plants vs. Zombies (Version: 2.2.0.82)
Po?ta Windows Live (Version: 15.4.3502.0922)
Poczta us?ugi Windows Live (Version: 15.4.3502.0922)
Podstawowe programy Windows Live (Version: 15.4.3502.0922)
Polar Golfer (Version: 2.2.0.82)
Pomocnik Messenger (Version: 15.4.3502.0922)
Raccolta foto di Windows Live (Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (Version: 7.33.1125.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6257)
Samsung AnyWeb Print (Version: 1.0)
Samsung AnyWeb Print (Version: 1.1.21.0)
Samsung Support Center (Version: 1.1.21)
Samsung Universal Print Driver (Version: 2.01.06.00:16)
Samsung Universal Scan Driver (Version: 1.2.1.0)
Samsung Update Plus (Version: 3.0.1.17)
Skype Click to Call (Version: 5.9.9216)
Skype 6.0 (Version: 6.0.126)
Spremljevalec Messenger (Version: 15.4.3502.0922)
SRS Premium Sound Control Panel (Version: 1.10.1000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
User Guide (Version: 1.0)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
WIDCOMM Bluetooth Software (Version: 6.3.0.7000)
WildTangent Games (Version: 1.0.1.5)
WildTangent ORB Game Console
Windows Live ?? (Version: 15.4.3502.0922)
Windows Live ?? ??? (Version: 15.4.3502.0922)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ??? (Version: 15.4.3508.1109)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Fot?t?r (Version: 15.4.3502.0922)
Windows Live Foto-galerija (Version: 15.4.3502.0922)
Windows Live Foto?raf Galerisi (Version: 15.4.3502.0922)
Windows Live fotoatt?lu galerija (Version: 15.4.3502.0922)
Windows Live Fotogal?ria (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live Fotogalleri (Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (Version: 15.4.3502.0922)
Windows Live Galerija fotografija (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Po?ta (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Temel Par?alar (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Liven asennusty?kalu (Version: 15.4.3502.0922)
Windows Liven s?hk?posti (Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922)
WinRAR archiver
Xvid MPEG-4 Video Codec
YTD YouTube Downloader & Converter 3.6
Zuma Deluxe (Version: 2.2.0.95)
Windows Live (Version: 15.4.3502.0922)
Messenger (Version: 15.4.3502.0922)
Messenger pagalbin? priemon? (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live fotogalerija (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 2932.56 MB
Available physical RAM: 1694.61 MB
Total Pagefile: 5863.32 MB
Available Pagefile: 4143.21 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.27 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:112 GB) (Free:15.97 GB) NTFS
2 Drive d: ( ) (Fixed) (Total:165.77 GB) (Free:27.18 GB) NTFS
4 Drive f: () (Removable) (Total:29.8 GB) (Free:26.67 GB) FAT32

========================= Users: ========================================

User accounts for \\USER-PC

Administrator Guest User


**** End of log ****

08:59:35.0983 4244 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
08:59:36.0579 4244 ============================================================
08:59:36.0579 4244 Current date / time: 2013/01/28 08:59:36.0578
08:59:36.0579 4244 SystemInfo:
08:59:36.0579 4244
08:59:36.0579 4244 OS Version: 6.1.7601 ServicePack: 1.0
08:59:36.0579 4244 Product type: Workstation
08:59:36.0579 4244 ComputerName: USER-PC
08:59:36.0579 4244 UserName: User
08:59:36.0579 4244 Windows directory: C:\Windows
08:59:36.0579 4244 System windows directory: C:\Windows
08:59:36.0579 4244 Running under WOW64
08:59:36.0579 4244 Processor architecture: Intel x64
08:59:36.0580 4244 Number of processors: 2
08:59:36.0580 4244 Page size: 0x1000
08:59:36.0580 4244 Boot type: Normal boot
08:59:36.0580 4244 ============================================================
08:59:37.0530 4244 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:59:37.0536 4244 Drive \Device\Harddisk1\DR1 - Size: 0x774488000 (29.82 Gb), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:59:37.0540 4244 ============================================================
08:59:37.0540 4244 \Device\Harddisk0\DR0:
08:59:37.0540 4244 MBR partitions:
08:59:37.0540 4244 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:59:37.0540 4244 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE000000
08:59:37.0562 4244 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xE033000, BlocksNum 0x14B8A800
08:59:37.0562 4244 \Device\Harddisk1\DR1:
08:59:37.0563 4244 MBR partitions:
08:59:37.0563 4244 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x3BA2420
08:59:37.0563 4244 ============================================================
08:59:37.0651 4244 C: <-> \Device\Harddisk0\DR0\Partition2
08:59:37.0802 4244 D: <-> \Device\Harddisk0\DR0\Partition3
08:59:37.0803 4244 ============================================================
08:59:37.0803 4244 Initialize success
08:59:37.0803 4244 ============================================================
09:00:21.0780 3908 ============================================================
09:00:21.0780 3908 Scan started
09:00:21.0780 3908 Mode: Manual; TDLFS;
09:00:21.0780 3908 ============================================================
09:00:24.0494 3908 ================ Scan system memory ========================
09:00:24.0494 3908 System memory - ok
09:00:24.0495 3908 ================ Scan services =============================
09:00:24.0755 3908 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:00:24.0770 3908 1394ohci - ok
09:00:24.0835 3908 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:00:24.0842 3908 ACPI - ok
09:00:24.0867 3908 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:00:24.0870 3908 AcpiPmi - ok
09:00:25.0051 3908 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:00:25.0054 3908 AdobeARMservice - ok
09:00:25.0251 3908 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:00:25.0257 3908 AdobeFlashPlayerUpdateSvc - ok
09:00:25.0323 3908 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:00:25.0333 3908 adp94xx - ok
09:00:25.0407 3908 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:00:25.0414 3908 adpahci - ok
09:00:25.0455 3908 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:00:25.0460 3908 adpu320 - ok
09:00:25.0504 3908 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:00:25.0507 3908 AeLookupSvc - ok
09:00:25.0558 3908 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:00:25.0567 3908 AFD - ok
09:00:25.0628 3908 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:00:25.0630 3908 agp440 - ok
09:00:25.0656 3908 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:00:25.0684 3908 ALG - ok
09:00:25.0752 3908 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:00:25.0754 3908 aliide - ok
09:00:25.0786 3908 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:00:25.0788 3908 amdide - ok
09:00:25.0822 3908 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:00:25.0826 3908 AmdK8 - ok
09:00:25.0877 3908 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:00:25.0880 3908 AmdPPM - ok
09:00:25.0946 3908 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:00:25.0963 3908 amdsata - ok
09:00:26.0015 3908 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:00:26.0020 3908 amdsbs - ok
09:00:26.0045 3908 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:00:26.0046 3908 amdxata - ok
09:00:26.0100 3908 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:00:26.0103 3908 AppID - ok
09:00:26.0165 3908 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:00:26.0167 3908 AppIDSvc - ok
09:00:26.0194 3908 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:00:26.0196 3908 Appinfo - ok
09:00:26.0216 3908 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:00:26.0220 3908 arc - ok
09:00:26.0242 3908 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:00:26.0246 3908 arcsas - ok
09:00:26.0301 3908 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:00:26.0304 3908 AsyncMac - ok
09:00:26.0330 3908 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:00:26.0331 3908 atapi - ok
09:00:26.0389 3908 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:00:26.0401 3908 AudioEndpointBuilder - ok
09:00:26.0418 3908 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:00:26.0427 3908 AudioSrv - ok
09:00:26.0675 3908 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
09:00:26.0824 3908 AVGIDSAgent - ok
09:00:26.0903 3908 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
09:00:26.0907 3908 AVGIDSDriver - ok
09:00:26.0932 3908 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
09:00:26.0934 3908 AVGIDSHA - ok
09:00:26.0966 3908 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
09:00:26.0982 3908 Avgldx64 - ok
09:00:27.0059 3908 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
09:00:27.0064 3908 Avgloga - ok
09:00:27.0079 3908 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
09:00:27.0082 3908 Avgmfx64 - ok
09:00:27.0098 3908 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
09:00:27.0100 3908 Avgrkx64 - ok
09:00:27.0135 3908 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
09:00:27.0140 3908 Avgtdia - ok
09:00:27.0178 3908 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
09:00:27.0183 3908 avgwd - ok
09:00:27.0230 3908 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:00:27.0234 3908 AxInstSV - ok
09:00:27.0263 3908 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:00:27.0274 3908 b06bdrv - ok
09:00:27.0308 3908 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:00:27.0314 3908 b57nd60a - ok
09:00:27.0507 3908 [ 43AD3D3E7674833FCA9A7C4E7180AD54 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
09:00:27.0622 3908 BCM43XX - ok
09:00:27.0655 3908 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:00:27.0657 3908 BDESVC - ok
09:00:27.0695 3908 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:00:27.0697 3908 Beep - ok
09:00:27.0775 3908 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:00:27.0788 3908 BFE - ok
09:00:27.0835 3908 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:00:27.0891 3908 BITS - ok
09:00:27.0921 3908 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:00:27.0924 3908 blbdrive - ok
09:00:27.0961 3908 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:00:27.0963 3908 bowser - ok
09:00:28.0016 3908 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:00:28.0019 3908 BrFiltLo - ok
09:00:28.0032 3908 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:00:28.0035 3908 BrFiltUp - ok
09:00:28.0084 3908 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:00:28.0088 3908 Browser - ok
09:00:28.0112 3908 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:00:28.0119 3908 Brserid - ok
09:00:28.0142 3908 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:00:28.0144 3908 BrSerWdm - ok
09:00:28.0165 3908 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:00:28.0167 3908 BrUsbMdm - ok
09:00:28.0183 3908 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:00:28.0186 3908 BrUsbSer - ok
09:00:28.0254 3908 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
09:00:28.0257 3908 BthEnum - ok
09:00:28.0283 3908 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:00:28.0287 3908 BTHMODEM - ok
09:00:28.0313 3908 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:00:28.0316 3908 BthPan - ok
09:00:28.0382 3908 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
09:00:28.0392 3908 BTHPORT - ok
09:00:28.0435 3908 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:00:28.0438 3908 bthserv - ok
09:00:28.0455 3908 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
09:00:28.0457 3908 BTHUSB - ok
09:00:28.0529 3908 [ 72CC5DCC4E67E7927F94801166CFDCDA ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
09:00:28.0536 3908 BTWAMPFL - ok
09:00:28.0599 3908 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
09:00:28.0603 3908 btwaudio - ok
09:00:28.0620 3908 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
09:00:28.0625 3908 btwavdt - ok
09:00:28.0734 3908 [ F0AF04A96CA48B869284B5DC4CDB8CBB ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:00:28.0750 3908 btwdins - ok
09:00:28.0779 3908 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
09:00:28.0781 3908 btwl2cap - ok
09:00:28.0802 3908 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
09:00:28.0805 3908 btwrchid - ok
09:00:28.0870 3908 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:00:28.0874 3908 cdfs - ok
09:00:28.0911 3908 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:00:28.0916 3908 cdrom - ok
09:00:28.0970 3908 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:00:28.0973 3908 CertPropSvc - ok
09:00:28.0989 3908 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:00:28.0992 3908 circlass - ok
09:00:29.0029 3908 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:00:29.0035 3908 CLFS - ok
09:00:29.0142 3908 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:00:29.0146 3908 clr_optimization_v2.0.50727_32 - ok
09:00:29.0243 3908 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:00:29.0247 3908 clr_optimization_v2.0.50727_64 - ok
09:00:29.0321 3908 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:00:29.0324 3908 clr_optimization_v4.0.30319_32 - ok
09:00:29.0383 3908 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:00:29.0386 3908 clr_optimization_v4.0.30319_64 - ok
09:00:29.0429 3908 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
09:00:29.0431 3908 clwvd - ok
09:00:29.0484 3908 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:00:29.0487 3908 CmBatt - ok
09:00:29.0510 3908 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:00:29.0512 3908 cmdide - ok
09:00:29.0577 3908 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:00:29.0585 3908 CNG - ok
09:00:29.0613 3908 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:00:29.0614 3908 Compbatt - ok
09:00:29.0653 3908 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:00:29.0656 3908 CompositeBus - ok
09:00:29.0675 3908 COMSysApp - ok
09:00:29.0694 3908 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:00:29.0696 3908 crcdisk - ok
09:00:29.0752 3908 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:00:29.0764 3908 CryptSvc - ok
09:00:29.0813 3908 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:00:29.0824 3908 DcomLaunch - ok
09:00:29.0861 3908 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:00:29.0867 3908 defragsvc - ok
09:00:29.0906 3908 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:00:29.0909 3908 DfsC - ok
09:00:29.0931 3908 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:00:29.0938 3908 Dhcp - ok
09:00:29.0971 3908 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:00:29.0972 3908 discache - ok
09:00:30.0024 3908 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:00:30.0026 3908 Disk - ok
09:00:30.0065 3908 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:00:30.0070 3908 Dnscache - ok
09:00:30.0123 3908 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:00:30.0129 3908 dot3svc - ok
09:00:30.0168 3908 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:00:30.0173 3908 DPS - ok
09:00:30.0197 3908 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:00:30.0199 3908 drmkaud - ok
09:00:30.0254 3908 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:00:30.0271 3908 DXGKrnl - ok
09:00:30.0301 3908 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:00:30.0304 3908 EapHost - ok
09:00:30.0400 3908 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:00:30.0454 3908 ebdrv - ok
09:00:30.0510 3908 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:00:30.0513 3908 EFS - ok
09:00:30.0581 3908 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:00:30.0593 3908 ehRecvr - ok
09:00:30.0648 3908 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:00:30.0666 3908 ehSched - ok
09:00:30.0777 3908 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:00:30.0788 3908 elxstor - ok
09:00:30.0835 3908 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:00:30.0838 3908 ErrDev - ok
09:00:30.0949 3908 [ 0C8324462B9791A1ECE2A329A7378A55 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
09:00:30.0991 3908 ETD - ok
09:00:31.0034 3908 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:00:31.0042 3908 EventSystem - ok
09:00:31.0078 3908 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:00:31.0083 3908 exfat - ok
09:00:31.0131 3908 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:00:31.0135 3908 fastfat - ok
09:00:31.0194 3908 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:00:31.0207 3908 Fax - ok
09:00:31.0236 3908 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:00:31.0239 3908 fdc - ok
09:00:31.0293 3908 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:00:31.0296 3908 fdPHost - ok
09:00:31.0312 3908 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:00:31.0315 3908 FDResPub - ok
09:00:31.0333 3908 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:00:31.0335 3908 FileInfo - ok
09:00:31.0344 3908 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:00:31.0347 3908 Filetrace - ok
09:00:31.0366 3908 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:00:31.0369 3908 flpydisk - ok
09:00:31.0430 3908 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:00:31.0435 3908 FltMgr - ok
09:00:31.0492 3908 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:00:31.0527 3908 FontCache - ok
09:00:31.0581 3908 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:00:31.0584 3908 FontCache3.0.0.0 - ok
09:00:31.0641 3908 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:00:31.0644 3908 FsDepends - ok
09:00:31.0685 3908 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:00:31.0697 3908 Fs_Rec - ok
09:00:31.0755 3908 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:00:31.0759 3908 fvevol - ok
09:00:31.0782 3908 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:00:31.0785 3908 gagp30kx - ok
09:00:31.0849 3908 [ 521A469CAF61F00E1DE081CC2099C1D6 ] GameConsoleService C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
09:00:31.0855 3908 GameConsoleService - ok
09:00:31.0937 3908 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:00:31.0951 3908 gpsvc - ok
09:00:32.0072 3908 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:00:32.0076 3908 gupdate - ok
09:00:32.0095 3908 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:00:32.0097 3908 gupdatem - ok
09:00:32.0187 3908 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:00:32.0192 3908 gusvc - ok
09:00:32.0223 3908 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:00:32.0226 3908 hcw85cir - ok
09:00:32.0290 3908 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:00:32.0297 3908 HdAudAddService - ok
09:00:32.0344 3908 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:00:32.0347 3908 HDAudBus - ok
09:00:32.0411 3908 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:00:32.0412 3908 HECIx64 - ok
09:00:32.0431 3908 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:00:32.0434 3908 HidBatt - ok
09:00:32.0457 3908 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:00:32.0461 3908 HidBth - ok
09:00:32.0485 3908 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:00:32.0488 3908 HidIr - ok
09:00:32.0516 3908 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:00:32.0519 3908 hidserv - ok
09:00:32.0557 3908 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:00:32.0559 3908 HidUsb - ok
09:00:32.0589 3908 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:00:32.0593 3908 hkmsvc - ok
09:00:32.0647 3908 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:00:32.0653 3908 HomeGroupListener - ok
09:00:32.0691 3908 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:00:32.0698 3908 HomeGroupProvider - ok
09:00:32.0772 3908 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:00:32.0775 3908 HpSAMD - ok
09:00:32.0825 3908 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:00:32.0838 3908 HTTP - ok
09:00:32.0927 3908 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:00:32.0929 3908 hwpolicy - ok
09:00:32.0960 3908 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:00:32.0963 3908 i8042prt - ok
09:00:33.0020 3908 [ A5F72BB0D024E7E463344105BE613AE4 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:00:33.0027 3908 iaStor - ok
09:00:33.0065 3908 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:00:33.0073 3908 iaStorV - ok
09:00:33.0169 3908 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:00:33.0185 3908 idsvc - ok
09:00:33.0442 3908 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:00:33.0642 3908 igfx - ok
09:00:33.0675 3908 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:00:33.0677 3908 iirsp - ok
09:00:33.0724 3908 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:00:33.0740 3908 IKEEXT - ok
09:00:33.0796 3908 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
09:00:33.0801 3908 Impcd - ok
09:00:33.0904 3908 [ A0C2C3D4C03C4FB896CFC53873784178 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:00:33.0947 3908 IntcAzAudAddService - ok
09:00:33.0993 3908 [ C6C1F19205DA83C801BE7C25F4E2EE07 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
09:00:34.0000 3908 IntcDAud - ok
09:00:34.0046 3908 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:00:34.0048 3908 intelide - ok
09:00:34.0117 3908 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:00:34.0119 3908 intelppm - ok
09:00:34.0147 3908 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:00:34.0152 3908 IPBusEnum - ok
09:00:34.0187 3908 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:00:34.0191 3908 IpFilterDriver - ok
09:00:34.0268 3908 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:00:34.0293 3908 iphlpsvc - ok
09:00:34.0316 3908 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:00:34.0320 3908 IPMIDRV - ok
09:00:34.0354 3908 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:00:34.0358 3908 IPNAT - ok
09:00:34.0402 3908 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:00:34.0404 3908 IRENUM - ok
09:00:34.0428 3908 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:00:34.0431 3908 isapnp - ok
09:00:34.0463 3908 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:00:34.0471 3908 iScsiPrt - ok
09:00:34.0505 3908 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:00:34.0508 3908 kbdclass - ok
09:00:34.0539 3908 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:00:34.0542 3908 kbdhid - ok
09:00:34.0570 3908 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:00:34.0572 3908 KeyIso - ok
09:00:34.0600 3908 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:00:34.0602 3908 KSecDD - ok
09:00:34.0674 3908 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:00:34.0679 3908 KSecPkg - ok
09:00:34.0717 3908 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:00:34.0719 3908 ksthunk - ok
09:00:34.0804 3908 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:00:34.0813 3908 KtmRm - ok
09:00:34.0864 3908 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:00:34.0871 3908 LanmanServer - ok
09:00:34.0915 3908 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:00:34.0921 3908 LanmanWorkstation - ok
09:00:34.0958 3908 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:00:34.0961 3908 lltdio - ok
09:00:35.0023 3908 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:00:35.0030 3908 lltdsvc - ok
09:00:35.0054 3908 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:00:35.0057 3908 lmhosts - ok
09:00:35.0174 3908 [ 23D990150D56B670A62B21B9ABDD45EE ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:00:35.0180 3908 LMS - ok
09:00:35.0226 3908 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:00:35.0230 3908 LSI_FC - ok
09:00:35.0253 3908 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:00:35.0256 3908 LSI_SAS - ok
09:00:35.0270 3908 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:00:35.0273 3908 LSI_SAS2 - ok
09:00:35.0292 3908 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:00:35.0296 3908 LSI_SCSI - ok
09:00:35.0329 3908 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:00:35.0332 3908 luafv - ok
09:00:35.0365 3908 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:00:35.0370 3908 Mcx2Svc - ok
09:00:35.0393 3908 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:00:35.0396 3908 megasas - ok
09:00:35.0418 3908 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:00:35.0424 3908 MegaSR - ok
09:00:35.0499 3908 Microsoft SharePoint Workspace Audit Service - ok
09:00:35.0538 3908 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:00:35.0542 3908 MMCSS - ok
09:00:35.0559 3908 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:00:35.0562 3908 Modem - ok
09:00:35.0627 3908 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:00:35.0629 3908 monitor - ok
09:00:35.0654 3908 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:00:35.0657 3908 mouclass - ok
09:00:35.0677 3908 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:00:35.0680 3908 mouhid - ok
09:00:35.0731 3908 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:00:35.0734 3908 mountmgr - ok
09:00:35.0869 3908 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:00:35.0875 3908 MozillaMaintenance - ok
09:00:35.0915 3908 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:00:35.0919 3908 mpio - ok
09:00:35.0969 3908 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:00:35.0972 3908 mpsdrv - ok
09:00:36.0021 3908 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:00:36.0039 3908 MpsSvc - ok
09:00:36.0065 3908 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:00:36.0070 3908 MRxDAV - ok
09:00:36.0136 3908 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:00:36.0139 3908 mrxsmb - ok
09:00:36.0180 3908 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:00:36.0185 3908 mrxsmb10 - ok
09:00:36.0202 3908 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:00:36.0206 3908 mrxsmb20 - ok
09:00:36.0222 3908 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:00:36.0223 3908 msahci - ok
09:00:36.0244 3908 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:00:36.0248 3908 msdsm - ok
09:00:36.0274 3908 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:00:36.0279 3908 MSDTC - ok
09:00:36.0315 3908 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:00:36.0317 3908 Msfs - ok
09:00:36.0327 3908 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:00:36.0329 3908 mshidkmdf - ok
09:00:36.0356 3908 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:00:36.0358 3908 msisadrv - ok
09:00:36.0390 3908 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:00:36.0395 3908 MSiSCSI - ok
09:00:36.0402 3908 msiserver - ok
09:00:36.0424 3908 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:00:36.0427 3908 MSKSSRV - ok
09:00:36.0447 3908 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:00:36.0449 3908 MSPCLOCK - ok
09:00:36.0459 3908 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:00:36.0461 3908 MSPQM - ok
09:00:36.0511 3908 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:00:36.0519 3908 MsRPC - ok
09:00:36.0545 3908 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:00:36.0546 3908 mssmbios - ok
09:00:36.0569 3908 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:00:36.0572 3908 MSTEE - ok
09:00:36.0585 3908 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:00:36.0587 3908 MTConfig - ok
09:00:36.0609 3908 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:00:36.0611 3908 Mup - ok
09:00:36.0655 3908 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:00:36.0666 3908 napagent - ok
09:00:36.0748 3908 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:00:36.0755 3908 NativeWifiP - ok
09:00:36.0806 3908 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:00:36.0822 3908 NDIS - ok
09:00:36.0849 3908 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:00:36.0852 3908 NdisCap - ok
09:00:36.0895 3908 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:00:36.0898 3908 NdisTapi - ok
09:00:36.0968 3908 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:00:36.0971 3908 Ndisuio - ok
09:00:36.0992 3908 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:00:36.0998 3908 NdisWan - ok
09:00:37.0034 3908 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:00:37.0037 3908 NDProxy - ok
09:00:37.0088 3908 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:00:37.0089 3908 NetBIOS - ok
09:00:37.0134 3908 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:00:37.0139 3908 NetBT - ok
09:00:37.0165 3908 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:00:37.0168 3908 Netlogon - ok
09:00:37.0242 3908 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:00:37.0250 3908 Netman - ok
09:00:37.0280 3908 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:00:37.0290 3908 netprofm - ok
09:00:37.0335 3908 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:00:37.0339 3908 NetTcpPortSharing - ok
09:00:37.0384 3908 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:00:37.0387 3908 nfrd960 - ok
09:00:37.0408 3908 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:00:37.0415 3908 NlaSvc - ok
09:00:37.0430 3908 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:00:37.0432 3908 Npfs - ok
09:00:37.0456 3908 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:00:37.0459 3908 nsi - ok
09:00:37.0473 3908 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:00:37.0474 3908 nsiproxy - ok
09:00:37.0552 3908 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:00:37.0579 3908 Ntfs - ok
09:00:37.0608 3908 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:00:37.0611 3908 Null - ok
09:00:37.0675 3908 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:00:37.0679 3908 nvraid - ok
09:00:37.0716 3908 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:00:37.0720 3908 nvstor - ok
09:00:37.0740 3908 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:00:37.0744 3908 nv_agp - ok
09:00:37.0768 3908 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:00:37.0772 3908 ohci1394 - ok
09:00:37.0870 3908 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:00:37.0874 3908 ose - ok
09:00:38.0054 3908 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:00:38.0162 3908 osppsvc - ok
09:00:38.0211 3908 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:00:38.0219 3908 p2pimsvc - ok
09:00:38.0242 3908 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:00:38.0252 3908 p2psvc - ok
09:00:38.0294 3908 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:00:38.0298 3908 Parport - ok
09:00:38.0353 3908 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:00:38.0355 3908 partmgr - ok
09:00:38.0379 3908 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:00:38.0385 3908 PcaSvc - ok
09:00:38.0418 3908 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:00:38.0422 3908 pci - ok
09:00:38.0436 3908 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:00:38.0438 3908 pciide - ok
09:00:38.0458 3908 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:00:38.0463 3908 pcmcia - ok
09:00:38.0484 3908 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:00:38.0486 3908 pcw - ok
09:00:38.0514 3908 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:00:38.0526 3908 PEAUTH - ok
09:00:38.0624 3908 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:00:38.0628 3908 PerfHost - ok
09:00:38.0729 3908 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:00:38.0754 3908 pla - ok
09:00:38.0817 3908 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:00:38.0826 3908 PlugPlay - ok
09:00:38.0887 3908 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:00:38.0891 3908 PNRPAutoReg - ok
09:00:38.0911 3908 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:00:38.0917 3908 PNRPsvc - ok
09:00:38.0958 3908 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:00:38.0968 3908 PolicyAgent - ok
09:00:39.0000 3908 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:00:39.0007 3908 Power - ok
09:00:39.0046 3908 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:00:39.0050 3908 PptpMiniport - ok
09:00:39.0098 3908 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:00:39.0101 3908 Processor - ok
09:00:39.0136 3908 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:00:39.0142 3908 ProfSvc - ok
09:00:39.0162 3908 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:00:39.0164 3908 ProtectedStorage - ok
09:00:39.0196 3908 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:00:39.0199 3908 Psched - ok
09:00:39.0263 3908 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:00:39.0289 3908 ql2300 - ok
09:00:39.0322 3908 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:00:39.0326 3908 ql40xx - ok
09:00:39.0366 3908 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:00:39.0373 3908 QWAVE - ok
09:00:39.0394 3908 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:00:39.0396 3908 QWAVEdrv - ok
09:00:39.0437 3908 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:00:39.0440 3908 RasAcd - ok
09:00:39.0468 3908 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:00:39.0472 3908 RasAgileVpn - ok
09:00:39.0489 3908 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:00:39.0494 3908 RasAuto - ok
09:00:39.0533 3908 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:00:39.0537 3908 Rasl2tp - ok
09:00:39.0611 3908 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:00:39.0620 3908 RasMan - ok
09:00:39.0657 3908 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:00:39.0661 3908 RasPppoe - ok
09:00:39.0671 3908 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:00:39.0675 3908 RasSstp - ok
09:00:39.0695 3908 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:00:39.0702 3908 rdbss - ok
09:00:39.0724 3908 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:00:39.0727 3908 rdpbus - ok
09:00:39.0743 3908 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:00:39.0744 3908 RDPCDD - ok
09:00:39.0765 3908 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:00:39.0767 3908 RDPENCDD - ok
09:00:39.0791 3908 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:00:39.0793 3908 RDPREFMP - ok
09:00:39.0828 3908 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:00:39.0842 3908 RDPWD - ok
09:00:39.0911 3908 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:00:39.0915 3908 rdyboost - ok
09:00:39.0938 3908 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:00:39.0942 3908 RemoteAccess - ok
09:00:39.0976 3908 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:00:39.0982 3908 RemoteRegistry - ok
09:00:40.0035 3908 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:00:40.0040 3908 RFCOMM - ok
09:00:40.0134 3908 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
09:00:40.0156 3908 RichVideo - ok
09:00:40.0178 3908 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:00:40.0182 3908 RpcEptMapper - ok
09:00:40.0209 3908 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:00:40.0212 3908 RpcLocator - ok
09:00:40.0261 3908 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:00:40.0270 3908 RpcSs - ok
09:00:40.0286 3908 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:00:40.0289 3908 rspndr - ok
09:00:40.0324 3908 [ BFE0EF0C4C15820698F50AD73AF5E35F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:00:40.0334 3908 RTL8167 - ok
09:00:40.0418 3908 [ 4CA0DBA9E224473D664C25E411F5A3BD ] rtport C:\Windows\SysWOW64\drivers\rtport.sys
09:00:40.0420 3908 rtport - ok
09:00:40.0457 3908 [ 62DB6CC4B0818F1B5F3441241B098F12 ] SABI C:\Windows\system32\Drivers\SABI.sys
09:00:40.0500 3908 SABI - ok
09:00:40.0515 3908 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:00:40.0517 3908 SamSs - ok
09:00:40.0551 3908 [ D641337B75B9A9D5AE10687AA1097755 ] Samsung UPD Service C:\Windows\System32\SUPDSvc.exe
09:00:40.0558 3908 Samsung UPD Service - ok
09:00:40.0592 3908 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:00:40.0596 3908 sbp2port - ok
09:00:40.0640 3908 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:00:40.0648 3908 SCardSvr - ok
09:00:40.0685 3908 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:00:40.0688 3908 scfilter - ok
09:00:40.0779 3908 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:00:40.0800 3908 Schedule - ok
09:00:40.0829 3908 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:00:40.0831 3908 SCPolicySvc - ok
09:00:40.0881 3908 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:00:40.0887 3908 SDRSVC - ok
09:00:40.0927 3908 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:00:40.0929 3908 secdrv - ok
09:00:40.0943 3908 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:00:40.0947 3908 seclogon - ok
09:00:41.0016 3908 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:00:41.0021 3908 SENS - ok
09:00:41.0045 3908 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:00:41.0049 3908 SensrSvc - ok
09:00:41.0079 3908 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:00:41.0082 3908 Serenum - ok
09:00:41.0124 3908 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:00:41.0128 3908 Serial - ok
09:00:41.0166 3908 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:00:41.0169 3908 sermouse - ok
09:00:41.0213 3908 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:00:41.0219 3908 SessionEnv - ok
09:00:41.0266 3908 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:00:41.0268 3908 sffdisk - ok
09:00:41.0287 3908 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:00:41.0289 3908 sffp_mmc - ok
09:00:41.0300 3908 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:00:41.0303 3908 sffp_sd - ok
09:00:41.0324 3908 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:00:41.0326 3908 sfloppy - ok
09:00:41.0393 3908 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:00:41.0401 3908 SharedAccess - ok
09:00:41.0443 3908 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:00:41.0452 3908 ShellHWDetection - ok
09:00:41.0470 3908 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:00:41.0473 3908 SiSRaid2 - ok
09:00:41.0492 3908 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:00:41.0495 3908 SiSRaid4 - ok
09:00:41.0570 3908 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:00:41.0573 3908 SkypeUpdate - ok
09:00:41.0597 3908 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:00:41.0600 3908 Smb - ok
09:00:41.0650 3908 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:00:41.0654 3908 SNMPTRAP - ok
09:00:41.0712 3908 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:00:41.0713 3908 spldr - ok
09:00:41.0757 3908 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:00:41.0769 3908 Spooler - ok
09:00:41.0881 3908 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:00:41.0937 3908 sppsvc - ok
09:00:41.0971 3908 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:00:41.0974 3908 sppuinotify - ok
09:00:42.0046 3908 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:00:42.0054 3908 srv - ok
09:00:42.0093 3908 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:00:42.0100 3908 srv2 - ok
09:00:42.0127 3908 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:00:42.0131 3908 srvnet - ok
09:00:42.0193 3908 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:00:42.0200 3908 SSDPSRV - ok
09:00:42.0262 3908 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
09:00:42.0264 3908 SSPORT - ok
09:00:42.0306 3908 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:00:42.0311 3908 SstpSvc - ok
09:00:42.0339 3908 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:00:42.0342 3908 stexstor - ok
09:00:42.0369 3908 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
09:00:42.0372 3908 StillCam - ok
09:00:42.0460 3908 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:00:42.0473 3908 stisvc - ok
09:00:42.0504 3908 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:00:42.0506 3908 swenum - ok
09:00:42.0542 3908 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:00:42.0554 3908 swprv - ok
09:00:42.0636 3908 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:00:42.0666 3908 SysMain - ok
09:00:42.0719 3908 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:00:42.0724 3908 TabletInputService - ok
09:00:42.0771 3908 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:00:42.0779 3908 TapiSrv - ok
09:00:42.0828 3908 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:00:42.0832 3908 TBS - ok
09:00:42.0915 3908 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:00:42.0947 3908 Tcpip - ok
09:00:42.0985 3908 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:00:43.0008 3908 TCPIP6 - ok
09:00:43.0026 3908 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:00:43.0035 3908 tcpipreg - ok
09:00:43.0102 3908 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:00:43.0105 3908 TDPIPE - ok
09:00:43.0140 3908 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:00:43.0143 3908 TDTCP - ok
09:00:43.0191 3908 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:00:43.0195 3908 tdx - ok
09:00:43.0233 3908 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:00:43.0236 3908 TermDD - ok
09:00:43.0282 3908 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:00:43.0296 3908 TermService - ok
09:00:43.0321 3908 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:00:43.0325 3908 Themes - ok
09:00:43.0336 3908 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:00:43.0339 3908 THREADORDER - ok
09:00:43.0363 3908 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:00:43.0368 3908 TrkWks - ok
09:00:43.0430 3908 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:00:43.0434 3908 TrustedInstaller - ok
09:00:43.0492 3908 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:00:43.0495 3908 tssecsrv - ok
09:00:43.0519 3908 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:00:43.0523 3908 TsUsbFlt - ok
09:00:43.0567 3908 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:00:43.0571 3908 tunnel - ok
09:00:43.0637 3908 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:00:43.0640 3908 uagp35 - ok
09:00:43.0667 3908 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:00:43.0674 3908 udfs - ok
09:00:43.0709 3908 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:00:43.0712 3908 UI0Detect - ok
09:00:43.0734 3908 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:00:43.0738 3908 uliagpkx - ok
09:00:43.0768 3908 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
09:00:43.0771 3908 umbus - ok
09:00:43.0797 3908 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:00:43.0799 3908 UmPass - ok
09:00:43.0973 3908 [ CBDEE152D73200EE49031A26310B9D3E ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:00:44.0015 3908 UNS - ok
09:00:44.0082 3908 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:00:44.0091 3908 upnphost - ok
09:00:44.0130 3908 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:00:44.0134 3908 usbccgp - ok
09:00:44.0168 3908 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:00:44.0172 3908 usbcir - ok
09:00:44.0236 3908 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:00:44.0239 3908 usbehci - ok
09:00:44.0281 3908 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:00:44.0288 3908 usbhub - ok
09:00:44.0318 3908 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:00:44.0321 3908 usbohci - ok
09:00:44.0383 3908 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:00:44.0386 3908 usbprint - ok
09:00:44.0414 3908 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:00:44.0417 3908 usbscan - ok
09:00:44.0435 3908 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:00:44.0438 3908 USBSTOR - ok
09:00:44.0459 3908 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:00:44.0462 3908 usbuhci - ok
09:00:44.0540 3908 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
09:00:44.0545 3908 usbvideo - ok
09:00:44.0577 3908 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:00:44.0582 3908 UxSms - ok
09:00:44.0597 3908 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:00:44.0600 3908 VaultSvc - ok
09:00:44.0639 3908 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:00:44.0641 3908 vdrvroot - ok
09:00:44.0691 3908 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:00:44.0704 3908 vds - ok
09:00:44.0801 3908 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:00:44.0804 3908 vga - ok
09:00:44.0827 3908 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:00:44.0830 3908 VgaSave - ok
09:00:44.0865 3908 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:00:44.0871 3908 vhdmp - ok
09:00:44.0892 3908 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:00:44.0894 3908 viaide - ok
09:00:44.0940 3908 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:00:44.0942 3908 volmgr - ok
09:00:44.0964 3908 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:00:44.0971 3908 volmgrx - ok
09:00:44.0998 3908 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:00:45.0004 3908 volsnap - ok
09:00:45.0058 3908 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:00:45.0063 3908 vsmraid - ok
09:00:45.0130 3908 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:00:45.0158 3908 VSS - ok
09:00:45.0175 3908 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:00:45.0178 3908 vwifibus - ok
09:00:45.0212 3908 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:00:45.0216 3908 vwififlt - ok
09:00:45.0267 3908 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:00:45.0268 3908 vwifimp - ok
09:00:45.0321 3908 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:00:45.0330 3908 W32Time - ok
09:00:45.0351 3908 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:00:45.0354 3908 WacomPen - ok
09:00:45.0407 3908 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:00:45.0410 3908 WANARP - ok
09:00:45.0416 3908 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:00:45.0419 3908 Wanarpv6 - ok
09:00:45.0496 3908 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:00:45.0518 3908 WatAdminSvc - ok
09:00:45.0576 3908 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:00:45.0604 3908 wbengine - ok
09:00:45.0630 3908 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:00:45.0637 3908 WbioSrvc - ok
09:00:45.0681 3908 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:00:45.0691 3908 wcncsvc - ok
09:00:45.0726 3908 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:00:45.0731 3908 WcsPlugInService - ok
09:00:45.0770 3908 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:00:45.0773 3908 Wd - ok
09:00:45.0828 3908 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:00:45.0842 3908 Wdf01000 - ok
09:00:45.0865 3908 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:00:45.0870 3908 WdiServiceHost - ok
09:00:45.0877 3908 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:00:45.0881 3908 WdiSystemHost - ok
09:00:45.0915 3908 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:00:45.0923 3908 WebClient - ok
09:00:45.0946 3908 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:00:45.0955 3908 Wecsvc - ok
09:00:45.0994 3908 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:00:45.0999 3908 wercplsupport - ok
09:00:46.0033 3908 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:00:46.0038 3908 WerSvc - ok
09:00:46.0064 3908 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:00:46.0067 3908 WfpLwf - ok
09:00:46.0092 3908 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:00:46.0095 3908 WIMMount - ok
09:00:46.0155 3908 WinDefend - ok
09:00:46.0163 3908 WinHttpAutoProxySvc - ok
09:00:46.0218 3908 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:00:46.0223 3908 Winmgmt - ok
09:00:46.0350 3908 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:00:46.0386 3908 WinRM - ok
09:00:46.0450 3908 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:00:46.0453 3908 WinUsb - ok
09:00:46.0512 3908 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:00:46.0529 3908 Wlansvc - ok
09:00:46.0602 3908 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:00:46.0613 3908 wlcrasvc - ok
09:00:46.0753 3908 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:00:46.0792 3908 wlidsvc - ok
09:00:46.0821 3908 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:00:46.0824 3908 WmiAcpi - ok
09:00:46.0861 3908 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:00:46.0866 3908 wmiApSrv - ok
09:00:46.0887 3908 WMPNetworkSvc - ok
09:00:46.0917 3908 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:00:46.0921 3908 WPCSvc - ok
09:00:46.0958 3908 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:00:46.0963 3908 WPDBusEnum - ok
09:00:46.0988 3908 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:00:46.0990 3908 ws2ifsl - ok
09:00:47.0008 3908 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:00:47.0013 3908 wscsvc - ok
09:00:47.0019 3908 WSearch - ok
09:00:47.0109 3908 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:00:47.0151 3908 wuauserv - ok
09:00:47.0214 3908 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:00:47.0217 3908 WudfPf - ok
09:00:47.0252 3908 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:00:47.0256 3908 WUDFRd - ok
09:00:47.0299 3908 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:00:47.0303 3908 wudfsvc - ok
09:00:47.0334 3908 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:00:47.0342 3908 WwanSvc - ok
09:00:47.0399 3908 ================ Scan global ===============================
09:00:47.0419 3908 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:00:47.0451 3908 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
09:00:47.0472 3908 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
09:00:47.0505 3908 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:00:47.0565 3908 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:00:47.0573 3908 [Global] - ok
09:00:47.0574 3908 ================ Scan MBR ==================================
09:00:47.0591 3908 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
09:00:48.0055 3908 \Device\Harddisk0\DR0 - ok
09:00:48.0063 3908 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
09:00:48.0206 3908 \Device\Harddisk1\DR1 - ok
09:00:48.0207 3908 ================ Scan VBR ==================================
09:00:48.0212 3908 [ 29DDD3B2F517B17B53D00641EBE4DF05 ] \Device\Harddisk0\DR0\Partition1
09:00:48.0214 3908 \Device\Harddisk0\DR0\Partition1 - ok
09:00:48.0251 3908 [ 0D1ECE150B7A56590406AEB4DFCB8E9F ] \Device\Harddisk0\DR0\Partition2
09:00:48.0253 3908 \Device\Harddisk0\DR0\Partition2 - ok
09:00:48.0301 3908 [ D38D885571F6760D48AC8111E64F3FD5 ] \Device\Harddisk0\DR0\Partition3
09:00:48.0304 3908 \Device\Harddisk0\DR0\Partition3 - ok
09:00:48.0313 3908 [ D9CCA927948B960C2C3A247BA6E7CEEE ] \Device\Harddisk1\DR1\Partition1
09:00:48.0315 3908 \Device\Harddisk1\DR1\Partition1 - ok
09:00:48.0316 3908 ============================================================
09:00:48.0316 3908 Scan finished
09:00:48.0316 3908 ============================================================
09:00:48.0333 4628 Detected object count: 0
09:00:48.0333 4628 Actual detected object count: 0
09:01:16.0309 2436 Deinitialize success

# AdwCleaner v2.109 - Logfile created 01/28/2013 at 09:03:13
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : User - USER-PC
# Boot Mode : Normal
# Running from : C:\Users\User\Desktop\YuvalTuneUp\AdwCleaner\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Ask

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://blekko.com/ws/?source=3971d482&tbp=homepage&u=04aa2db1000000000000b4749f45f60d --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://blekko.com/ws/?source=3971d482&tbp=tab&u=04aa2db1000000000000b4749f45f60d --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.1 (en-US)

-\\ Google Chrome v24.0.1312.56

*************************

AdwCleaner[S1].txt - [2289 octets] - [28/01/2013 09:03:13]

########## EOF - C:\AdwCleaner[S1].txt - [2349 octets] ##########

ESET detected and removed the following (exported to a text file):

C:\Users\User\AppData\Local\Temp\{24878F52-DD58-434C-9CD9-72879054C15D}\ytdToolbar.msi a variant of Win32/Toolbar.Widgi application deleted - quarantined
C:\Users\User\AppData\Local\Temp\APNStub.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Users\User\AppData\Local\Temp\blekko.exe Win32/FreeInstaller.A application cleaned by deleting - quarantined
C:\Users\User\Downloads\YouTubeDownloaderSetup35.exe Win32/Toolbar.Widgi application cleaned by deleting - quarantined

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,423 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:02 AM

Posted 28 January 2013 - 02:34 PM

Hello again.

Remove this thru control Panel
Java 7 Update 10 (Version: 7.0.100)....Reboot

Go here and install 7up11
http://www.oracle.com/technetwork/java/javase/downloads/jre7-downloads-1880261.html

This one.2nd from bottom
Windows x64 31.44 MB jre-7u11-windows-x64.exe



Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#4 yhelfman

yhelfman
  • Topic Starter

  • Members
  • 128 posts
  • OFFLINE
  •  
  • Local time:01:02 AM

Posted 28 January 2013 - 03:07 PM

Hi boopme,

I did the Java removal/install, but tried scanning twice aswMBR, one with my AVS Antivirus enabled, and one with disabled, both times at some point aswMBR stopped responding and the scan was never completed. What else can we do? :)

Yuval

#5 yhelfman

yhelfman
  • Topic Starter

  • Members
  • 128 posts
  • OFFLINE
  •  
  • Local time:01:02 AM

Posted 28 January 2013 - 03:09 PM

Shall I try running it again, in Safe Mode?

#6 yhelfman

yhelfman
  • Topic Starter

  • Members
  • 128 posts
  • OFFLINE
  •  
  • Local time:01:02 AM

Posted 28 January 2013 - 06:56 PM

Hi again,

After trying in Safe Mode and also Run As Admin, still wasn't able to complete a scan with aswMBR. The last few lines I see of the scan are:

Service scanning
Modules scanning
AVAST engine scan c:\windows
AVAST engine scan c:\windows\system32
Scanning: c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications. (can't see the full path)

Generally the PC seems to run better than before, but still uses 10-15% CPU which seems to me alittle high since I closed all running programs ... Task Manager won't say much, other than majority of the cpu consumption is dor process name: system, description: NT Kernel & System.

Looking forward to your next reply.
Yuval

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,423 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:02 AM

Posted 28 January 2013 - 08:40 PM

Hello Yuval as we just went thru the deep clean I want to see what is running.

Download Autoruns for Windows: http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
No installation required.
Simply unzip Autoruns.zip file, and double click on autoruns.exe file to run the program.
Go File>Save, and save it as AutoRuns.txt file to know location.
You must select Text from drop-down menu as a file type:

Posted Image

Upload the file(s) here: http://uploadmb.com/
Copy the link inside the Direct Link box and post it in your next reply.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#8 yhelfman

yhelfman
  • Topic Starter

  • Members
  • 128 posts
  • OFFLINE
  •  
  • Local time:01:02 AM

Posted 28 January 2013 - 08:52 PM

Hi boopme,

The log file was uploaded to http://www.uploadmb.com/dw.php?id=1359424208

Thanks,
Yuval

#9 yhelfman

yhelfman
  • Topic Starter

  • Members
  • 128 posts
  • OFFLINE
  •  
  • Local time:01:02 AM

Posted 29 January 2013 - 12:14 AM

I'm sorry but I will not have access to this PC from tomorrow 1/29 9:30am PDT, so hopefully we can finish up by then. If not, my appologies, the person whom I'm helping her with this needs her PC back by then.

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,423 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:02 AM

Posted 29 January 2013 - 02:56 PM

Have a really busy day today... I looked yesterday at that log and did not see what we can stop.

Unless you want to throw it by someone in WIN7 for a second opinion.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#11 yhelfman

yhelfman
  • Topic Starter

  • Members
  • 128 posts
  • OFFLINE
  •  
  • Local time:01:02 AM

Posted 29 January 2013 - 04:11 PM

No that should do it for now. I returned the PC and found out drive C was literally fully used, so I moved some data to D which is now almost full as well and recommended her to get an external disk or replace this one with at least 500GB. Her gmail/outlook mailbox size was 32GB which was filling out C drive fast. She'll get rid of old emails and attachments. Please close this post. Thanks so much for your help, as always! Yuval

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,423 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:02 AM

Posted 29 January 2013 - 08:45 PM

You're wlcome!
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users