Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FakeAlert virus reported by AVG


  • This topic is locked This topic is locked
12 replies to this topic

#1 Gully1974

Gully1974

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:36 PM

Posted 12 April 2013 - 01:45 PM

Hello, I woke up this morning to AVG reporting that it had healed about 6 FakeAlert viruses.  Now about every half an hour or so I get another message from AVG saying it has healed another FakeAlert virus.  I have tried a google search but it does not give me any sensible answers!



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,590 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:36 AM

Posted 12 April 2013 - 02:20 PM

Hello,I moved this to the Am I Infected forum from WIN8..
 
I would like you to run these...

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:

Link 1
Link 2
Link 3
Link 4

•In order for Rkill to run properly you must disable your anti-malware software. Please refer to this page if you are not sure how.
•Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)?Note: You may have to run Rkill a few times before it is successful. You may also have to download Rkill from a different link which will save it as a different file name.

•A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
•An Rkill.log will appear. Please copy and paste the contents in your reply (file also located at c:\rkill.log)
•Do not reboot your computer after running Rkill as the malware programs will start again. If your computer reboots, run Rkill again before continuing on to the next step.
•If nothing happens or if the tool does not run, please let me know in your next reply.

>>>>>

TDSS Alt
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.

>>>>

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

    >>>>>

    Please download AdwCleaner by Xplode onto your desktop.
    •Close all open programs and internet browsers.
    •Double click on adwcleaner.exe to run the tool.
    •Click on Delete.
    •Confirm each time with Ok.
    •You will be prompted to restart your computer. A text file will open after the restart.
    •Please post the contents of that logfile with your next reply.
    •You can find the logfile at C:\AdwCleaner[S1].txt as well.


    >>>>

    Now I'd like us to scan your machine with ESET OnlineScan
    • Hold down Control and click on this link to open ESET OnlineScan in a new window.
    • Click the esetonlinebtn.png button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the esetsmartinstaller_enu.png
        icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
    NOTE:Sometimes if ESET finds no infections it will not create a log.


How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#3 Gully1974

Gully1974
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:36 PM

Posted 12 April 2013 - 02:34 PM

Rkill 2.4.7 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 04/12/2013 08:26:25 PM in x64 mode.
Windows Version: Windows 8 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Windows\jmesoft\Service.exe (PID: 1184) [WD-HEUR]
 * C:\Windows\jmesoft\hotkey.exe (PID: 3940) [WD-HEUR]
 * C:\Windows\jmesoft\JME_LOAD.exe (PID: 4704) [WD-HEUR]
 
3 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]
 
Backup Registry file created at:
 C:\Users\Mark\Desktop\rkill\rkill-04-12-2013-08-26-30.reg
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\.exe\shell found and deleted!
 
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
Checking Windows Service Integrity: 
 
 * WinDefend => "%ProgramFiles%\Windows Defender\MsMpEng.exe" [Incorrect ImagePath]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 04/12/2013 08:26:46 PM
Execution time: 0 hours(s), 0 minute(s), and 20 seconds(s)
 
 
20:28:02.0454 5332  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:28:02.0454 5332  UEFI system
20:28:03.0011 5332  ============================================================
20:28:03.0011 5332  Current date / time: 2013/04/12 20:28:03.0011
20:28:03.0011 5332  SystemInfo:
20:28:03.0011 5332  
20:28:03.0011 5332  OS Version: 6.2.9200 ServicePack: 0.0
20:28:03.0011 5332  Product type: Workstation
20:28:03.0011 5332  ComputerName: MARKANDAISHA
20:28:03.0011 5332  UserName: Mark
20:28:03.0011 5332  Windows directory: C:\windows
20:28:03.0011 5332  System windows directory: C:\windows
20:28:03.0011 5332  Running under WOW64
20:28:03.0011 5332  Processor architecture: Intel x64
20:28:03.0011 5332  Number of processors: 4
20:28:03.0011 5332  Page size: 0x1000
20:28:03.0011 5332  Boot type: Normal boot
20:28:03.0011 5332  ============================================================
20:28:03.0593 5332  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:28:03.0598 5332  ============================================================
20:28:03.0598 5332  \Device\Harddisk0\DR0:
20:28:03.0599 5332  GPT partitions:
20:28:03.0599 5332  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1EE9D794-335D-4815-806D-213D0F94FC78}, Name: , StartLBA 0x800, BlocksNum 0x1F4000
20:28:03.0599 5332  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F0EA2EC7-D708-4A9F-B1B0-998A6B10131B}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
20:28:03.0599 5332  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {102676E5-F98F-4878-809E-0BC5CA55E38C}, Name: , StartLBA 0x276800, BlocksNum 0xFA000
20:28:03.0599 5332  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {637B98CB-FFDB-41FB-9741-3DB2445806D0}, Name: Microsoft reserved partition, StartLBA 0x370800, BlocksNum 0x40000
20:28:03.0599 5332  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5CB140AF-1FD0-429A-B0FA-AEC7C3A80D97}, Name: Basic data partition, StartLBA 0x3B0800, BlocksNum 0x71282000
20:28:03.0599 5332  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {03C4AA65-8A34-4FDA-A935-1E6C54FB1050}, Name: , StartLBA 0x71632800, BlocksNum 0x30D4000
20:28:03.0599 5332  MBR partitions:
20:28:03.0599 5332  ============================================================
20:28:03.0617 5332  C: <-> \Device\Harddisk0\DR0\Partition5
20:28:03.0617 5332  ============================================================
20:28:03.0617 5332  Initialize success
20:28:03.0617 5332  ============================================================
20:28:28.0405 5624  ============================================================
20:28:28.0405 5624  Scan started
20:28:28.0405 5624  Mode: Manual; TDLFS; 
20:28:28.0405 5624  ============================================================
20:28:29.0203 5624  ================ Scan system memory ========================
20:28:29.0203 5624  System memory - ok
20:28:29.0203 5624  ================ Scan services =============================
20:28:29.0326 5624  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
20:28:29.0328 5624  1394ohci - ok
20:28:29.0339 5624  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\windows\system32\drivers\3ware.sys
20:28:29.0340 5624  3ware - ok
20:28:29.0362 5624  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\windows\system32\drivers\ACPI.sys
20:28:29.0364 5624  ACPI - ok
20:28:29.0372 5624  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\windows\system32\Drivers\acpiex.sys
20:28:29.0373 5624  acpiex - ok
20:28:29.0387 5624  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
20:28:29.0389 5624  acpipagr - ok
20:28:29.0401 5624  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
20:28:29.0402 5624  AcpiPmi - ok
20:28:29.0409 5624  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\windows\System32\drivers\acpitime.sys
20:28:29.0410 5624  acpitime - ok
20:28:29.0475 5624  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:28:29.0476 5624  AdobeFlashPlayerUpdateSvc - ok
20:28:29.0499 5624  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
20:28:29.0503 5624  adp94xx - ok
20:28:29.0519 5624  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\windows\system32\drivers\adpahci.sys
20:28:29.0522 5624  adpahci - ok
20:28:29.0533 5624  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\windows\system32\drivers\adpu320.sys
20:28:29.0535 5624  adpu320 - ok
20:28:29.0562 5624  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
20:28:29.0564 5624  AeLookupSvc - ok
20:28:29.0576 5624  [ 9E975BDC89C83900B2C534C4E1B018F8 ] AFD             C:\windows\system32\drivers\afd.sys
20:28:29.0579 5624  AFD - ok
20:28:29.0598 5624  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\windows\system32\drivers\agp440.sys
20:28:29.0598 5624  agp440 - ok
20:28:29.0617 5624  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\windows\System32\alg.exe
20:28:29.0619 5624  ALG - ok
20:28:29.0652 5624  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
20:28:29.0653 5624  AllUserInstallAgent - ok
20:28:29.0674 5624  [ FB88D16B55F788EEB7590584FE2D8F1A ] AmdK8           C:\windows\System32\drivers\amdk8.sys
20:28:29.0676 5624  AmdK8 - ok
20:28:29.0692 5624  [ 81402FF3373CE4DF77D5C874E369A985 ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
20:28:29.0694 5624  AmdPPM - ok
20:28:29.0710 5624  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\windows\system32\drivers\amdsata.sys
20:28:29.0712 5624  amdsata - ok
20:28:29.0729 5624  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
20:28:29.0732 5624  amdsbs - ok
20:28:29.0746 5624  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\windows\system32\drivers\amdxata.sys
20:28:29.0747 5624  amdxata - ok
20:28:29.0762 5624  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\windows\system32\drivers\appid.sys
20:28:29.0764 5624  AppID - ok
20:28:29.0781 5624  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\windows\System32\appidsvc.dll
20:28:29.0782 5624  AppIDSvc - ok
20:28:29.0795 5624  [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo         C:\windows\System32\appinfo.dll
20:28:29.0796 5624  Appinfo - ok
20:28:29.0814 5624  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\windows\system32\drivers\arc.sys
20:28:29.0815 5624  arc - ok
20:28:29.0828 5624  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\windows\system32\drivers\arcsas.sys
20:28:29.0829 5624  arcsas - ok
20:28:29.0832 5624  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
20:28:29.0832 5624  AsyncMac - ok
20:28:29.0835 5624  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\windows\system32\drivers\atapi.sys
20:28:29.0836 5624  atapi - ok
20:28:29.0851 5624  [ 8A814F4CBF6AA28A8F0212592824C927 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
20:28:29.0853 5624  AudioEndpointBuilder - ok
20:28:29.0874 5624  [ 01E8E96251900BCEFAB34FBC1FCEB552 ] Audiosrv        C:\windows\System32\Audiosrv.dll
20:28:29.0881 5624  Audiosrv - ok
20:28:29.0899 5624  [ 58D7FAF5C81ECEFFD2EDEDA9C2619D82 ] Avgboota        C:\windows\system32\DRIVERS\avgboota.sys
20:28:29.0900 5624  Avgboota - ok
20:28:29.0911 5624  [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd         C:\windows\system32\DRIVERS\avgfwd6a.sys
20:28:29.0912 5624  Avgfwfd - ok
20:28:29.0976 5624  [ D0BE22C910E46550C6308D50DDA76B94 ] avgfws          C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
20:28:29.0982 5624  avgfws - ok
20:28:30.0057 5624  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
20:28:30.0141 5624  AVGIDSAgent - ok
20:28:30.0167 5624  [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver    C:\windows\system32\DRIVERS\avgidsdrivera.sys
20:28:30.0168 5624  AVGIDSDriver - ok
20:28:30.0179 5624  [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA        C:\windows\system32\DRIVERS\avgidsha.sys
20:28:30.0181 5624  AVGIDSHA - ok
20:28:30.0196 5624  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\windows\system32\DRIVERS\avgldx64.sys
20:28:30.0198 5624  Avgldx64 - ok
20:28:30.0212 5624  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\windows\system32\DRIVERS\avgloga.sys
20:28:30.0214 5624  Avgloga - ok
20:28:30.0226 5624  [ 841C40C193889730848849AC220D9242 ] Avgmfx64        C:\windows\system32\DRIVERS\avgmfx64.sys
20:28:30.0227 5624  Avgmfx64 - ok
20:28:30.0240 5624  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\windows\system32\DRIVERS\avgrkx64.sys
20:28:30.0241 5624  Avgrkx64 - ok
20:28:30.0253 5624  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
20:28:30.0255 5624  avgwd - ok
20:28:30.0260 5624  [ 64A0A811F096834E8B85AB5009609D10 ] Avgwfpa         C:\windows\system32\DRIVERS\avgwfpa.sys
20:28:30.0262 5624  Avgwfpa - ok
20:28:30.0269 5624  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\windows\System32\AxInstSV.dll
20:28:30.0270 5624  AxInstSV - ok
20:28:30.0291 5624  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
20:28:30.0295 5624  b06bdrv - ok
20:28:30.0312 5624  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
20:28:30.0314 5624  BasicDisplay - ok
20:28:30.0320 5624  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
20:28:30.0321 5624  BasicRender - ok
20:28:30.0331 5624  [ 558F6EEF46EC2642C8F72D34CBB5612E ] BDESVC          C:\windows\System32\bdesvc.dll
20:28:30.0333 5624  BDESVC - ok
20:28:30.0349 5624  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\windows\system32\drivers\Beep.sys
20:28:30.0349 5624  Beep - ok
20:28:30.0375 5624  [ 407F85D5387EDBB665A7969DF4D4712B ] BFE             C:\windows\System32\bfe.dll
20:28:30.0381 5624  BFE - ok
20:28:30.0421 5624  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\windows\System32\qmgr.dll
20:28:30.0425 5624  BITS - ok
20:28:30.0434 5624  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\windows\system32\DRIVERS\bowser.sys
20:28:30.0436 5624  bowser - ok
20:28:30.0452 5624  [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
20:28:30.0454 5624  BrokerInfrastructure - ok
20:28:30.0463 5624  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\windows\System32\browser.dll
20:28:30.0464 5624  Browser - ok
20:28:30.0482 5624  [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
20:28:30.0484 5624  BthAvrcpTg - ok
20:28:30.0503 5624  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
20:28:30.0504 5624  BthHFEnum - ok
20:28:30.0524 5624  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
20:28:30.0525 5624  bthhfhid - ok
20:28:30.0543 5624  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
20:28:30.0544 5624  BTHMODEM - ok
20:28:30.0562 5624  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\windows\system32\bthserv.dll
20:28:30.0563 5624  bthserv - ok
20:28:30.0575 5624  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
20:28:30.0575 5624  cdfs - ok
20:28:30.0586 5624  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\windows\System32\drivers\cdrom.sys
20:28:30.0587 5624  cdrom - ok
20:28:30.0601 5624  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\windows\System32\certprop.dll
20:28:30.0603 5624  CertPropSvc - ok
20:28:30.0625 5624  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\windows\System32\drivers\circlass.sys
20:28:30.0626 5624  circlass - ok
20:28:30.0648 5624  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\windows\system32\drivers\CLFS.sys
20:28:30.0651 5624  CLFS - ok
20:28:30.0669 5624  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
20:28:30.0670 5624  CmBatt - ok
20:28:30.0691 5624  [ 1894FD2D5966A81D3B07A7C4D8724D59 ] CNG             C:\windows\system32\Drivers\cng.sys
20:28:30.0696 5624  CNG - ok
20:28:30.0707 5624  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
20:28:30.0708 5624  CompositeBus - ok
20:28:30.0711 5624  COMSysApp - ok
20:28:30.0723 5624  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\windows\system32\drivers\condrv.sys
20:28:30.0724 5624  condrv - ok
20:28:30.0755 5624  [ C018B548183363E4E22C234EAF992779 ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
20:28:30.0759 5624  cphs - ok
20:28:30.0771 5624  [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc        C:\windows\system32\cryptsvc.dll
20:28:30.0772 5624  CryptSvc - ok
20:28:30.0783 5624  [ A4CCA7289C1A6223D61FD27BF2FC413F ] dam             C:\windows\system32\drivers\dam.sys
20:28:30.0784 5624  dam - ok
20:28:30.0809 5624  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\windows\system32\rpcss.dll
20:28:30.0813 5624  DcomLaunch - ok
20:28:30.0828 5624  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\windows\System32\defragsvc.dll
20:28:30.0832 5624  defragsvc - ok
20:28:30.0850 5624  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\windows\system32\das.dll
20:28:30.0853 5624  DeviceAssociationService - ok
20:28:30.0862 5624  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
20:28:30.0864 5624  DeviceInstall - ok
20:28:30.0876 5624  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
20:28:30.0878 5624  Dfsc - ok
20:28:30.0905 5624  [ CFB72DF4B2364AF6D4D685DCD310E942 ] Dhcp            C:\windows\system32\dhcpcore.dll
20:28:30.0909 5624  Dhcp - ok
20:28:30.0917 5624  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\windows\system32\drivers\discache.sys
20:28:30.0918 5624  discache - ok
20:28:30.0928 5624  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\windows\system32\drivers\disk.sys
20:28:30.0929 5624  disk - ok
20:28:30.0944 5624  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
20:28:30.0946 5624  dmvsc - ok
20:28:30.0963 5624  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\windows\System32\dnsrslvr.dll
20:28:30.0964 5624  Dnscache - ok
20:28:30.0974 5624  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\windows\System32\dot3svc.dll
20:28:30.0977 5624  dot3svc - ok
20:28:31.0004 5624  [ 27069CFFF29B7F04F4B1BB10154BE52B ] dot4            C:\windows\system32\DRIVERS\Dot4.sys
20:28:31.0006 5624  dot4 - ok
20:28:31.0032 5624  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D ] Dot4Print       C:\windows\System32\drivers\Dot4Prt.sys
20:28:31.0033 5624  Dot4Print - ok
20:28:31.0052 5624  [ B7D595F2F464F7B628AD53F06547792C ] dot4usb         C:\windows\system32\DRIVERS\dot4usb.sys
20:28:31.0053 5624  dot4usb - ok
20:28:31.0066 5624  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\windows\system32\dps.dll
20:28:31.0068 5624  DPS - ok
20:28:31.0075 5624  [ 84D07E4E4FBE72DA3EC1C1E77C49B53C ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
20:28:31.0075 5624  drmkaud - ok
20:28:31.0084 5624  [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
20:28:31.0087 5624  DsmSvc - ok
20:28:31.0122 5624  [ ED120AA770A78B5079F8C7BB5AF8A035 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
20:28:31.0149 5624  DXGKrnl - ok
20:28:31.0170 5624  [ 651FBD69A9713D623D456A240F96179C ] e1iexpress      C:\windows\system32\DRIVERS\e1i63x64.sys
20:28:31.0173 5624  e1iexpress - ok
20:28:31.0187 5624  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\windows\System32\eapsvc.dll
20:28:31.0189 5624  Eaphost - ok
20:28:31.0246 5624  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\windows\system32\drivers\evbda.sys
20:28:31.0289 5624  ebdrv - ok
20:28:31.0320 5624  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\windows\System32\lsass.exe
20:28:31.0321 5624  EFS - ok
20:28:31.0333 5624  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
20:28:31.0335 5624  EhStorClass - ok
20:28:31.0350 5624  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
20:28:31.0352 5624  EhStorTcgDrv - ok
20:28:31.0366 5624  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\windows\System32\drivers\errdev.sys
20:28:31.0367 5624  ErrDev - ok
20:28:31.0391 5624  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\windows\system32\es.dll
20:28:31.0394 5624  EventSystem - ok
20:28:31.0415 5624  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\windows\system32\drivers\exfat.sys
20:28:31.0417 5624  exfat - ok
20:28:31.0431 5624  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\windows\system32\drivers\fastfat.sys
20:28:31.0432 5624  fastfat - ok
20:28:31.0470 5624  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\windows\system32\fxssvc.exe
20:28:31.0478 5624  Fax - ok
20:28:31.0496 5624  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\windows\System32\drivers\fdc.sys
20:28:31.0496 5624  fdc - ok
20:28:31.0509 5624  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\windows\system32\fdPHost.dll
20:28:31.0510 5624  fdPHost - ok
20:28:31.0520 5624  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\windows\system32\fdrespub.dll
20:28:31.0521 5624  FDResPub - ok
20:28:31.0530 5624  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\windows\system32\fhsvc.dll
20:28:31.0532 5624  fhsvc - ok
20:28:31.0544 5624  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
20:28:31.0545 5624  FileInfo - ok
20:28:31.0558 5624  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
20:28:31.0560 5624  Filetrace - ok
20:28:31.0572 5624  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
20:28:31.0573 5624  flpydisk - ok
20:28:31.0588 5624  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
20:28:31.0589 5624  FltMgr - ok
20:28:31.0614 5624  [ 305CB1E16576F436BC8797E629A3D46D ] FontCache       C:\windows\system32\FntCache.dll
20:28:31.0631 5624  FontCache - ok
20:28:31.0702 5624  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:28:31.0704 5624  FontCache3.0.0.0 - ok
20:28:31.0713 5624  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
20:28:31.0714 5624  FsDepends - ok
20:28:31.0722 5624  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
20:28:31.0723 5624  Fs_Rec - ok
20:28:31.0740 5624  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
20:28:31.0743 5624  fvevol - ok
20:28:31.0759 5624  [ 3EF3FCCC0E70EEC5C2AD996F32BBA642 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
20:28:31.0761 5624  FxPPM - ok
20:28:31.0777 5624  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
20:28:31.0778 5624  gagp30kx - ok
20:28:31.0789 5624  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
20:28:31.0791 5624  gencounter - ok
20:28:31.0805 5624  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
20:28:31.0807 5624  GPIOClx0101 - ok
20:28:31.0839 5624  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\windows\System32\gpsvc.dll
20:28:31.0864 5624  gpsvc - ok
20:28:31.0906 5624  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:28:31.0907 5624  gupdate - ok
20:28:31.0910 5624  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:28:31.0911 5624  gupdatem - ok
20:28:31.0945 5624  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:28:31.0947 5624  gusvc - ok
20:28:31.0973 5624  [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:28:31.0975 5624  HdAudAddService - ok
20:28:31.0988 5624  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
20:28:31.0989 5624  HDAudBus - ok
20:28:32.0002 5624  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
20:28:32.0004 5624  HidBatt - ok
20:28:32.0019 5624  [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth          C:\windows\System32\drivers\hidbth.sys
20:28:32.0021 5624  HidBth - ok
20:28:32.0048 5624  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
20:28:32.0049 5624  hidi2c - ok
20:28:32.0066 5624  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\windows\System32\drivers\hidir.sys
20:28:32.0066 5624  HidIr - ok
20:28:32.0100 5624  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\windows\system32\hidserv.dll
20:28:32.0101 5624  hidserv - ok
20:28:32.0108 5624  [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb          C:\windows\System32\drivers\hidusb.sys
20:28:32.0108 5624  HidUsb - ok
20:28:32.0116 5624  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\windows\system32\kmsvc.dll
20:28:32.0119 5624  hkmsvc - ok
20:28:32.0137 5624  [ 6CC1AD7B0E071C317B7FB8FC6AEF0EDA ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:28:32.0140 5624  HomeGroupListener - ok
20:28:32.0183 5624  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:28:32.0187 5624  HomeGroupProvider - ok
20:28:32.0204 5624  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
20:28:32.0205 5624  HpSAMD - ok
20:28:32.0237 5624  [ 47DBBF38E00C3F7404B71F6509241EF1 ] HTTP            C:\windows\system32\drivers\HTTP.sys
20:28:32.0240 5624  HTTP - ok
20:28:32.0251 5624  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
20:28:32.0252 5624  hwpolicy - ok
20:28:32.0262 5624  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
20:28:32.0262 5624  hyperkbd - ok
20:28:32.0274 5624  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
20:28:32.0275 5624  HyperVideo - ok
20:28:32.0287 5624  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
20:28:32.0288 5624  i8042prt - ok
20:28:32.0313 5624  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
20:28:32.0317 5624  iaStorV - ok
20:28:32.0395 5624  [ ABEFA4BD23329FD9BD47496BF2E58774 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
20:28:32.0403 5624  IconMan_R - ok
20:28:32.0515 5624  [ 9A2A5417366DFAC11FBA73E436D6D6B1 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
20:28:32.0546 5624  igfx - ok
20:28:32.0566 5624  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\windows\system32\drivers\iirsp.sys
20:28:32.0568 5624  iirsp - ok
20:28:32.0600 5624  [ 45EACE8D94B9CEC746A85154892C4FDC ] IKEEXT          C:\windows\System32\ikeext.dll
20:28:32.0617 5624  IKEEXT - ok
20:28:32.0672 5624  [ 01B5249AF90F308F0F07BA48F5386766 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
20:28:32.0723 5624  IntcAzAudAddService - ok
20:28:32.0741 5624  [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
20:28:32.0745 5624  IntcDAud - ok
20:28:32.0845 5624  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:28:32.0851 5624  Intel® Capability Licensing Service Interface - ok
20:28:32.0862 5624  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\windows\system32\drivers\intelide.sys
20:28:32.0862 5624  intelide - ok
20:28:32.0899 5624  [ F9E126AA767E2E6E3128434A43C9F713 ] intelppm        C:\windows\System32\drivers\intelppm.sys
20:28:32.0900 5624  intelppm - ok
20:28:32.0917 5624  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
20:28:32.0918 5624  IpFilterDriver - ok
20:28:32.0947 5624  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
20:28:32.0955 5624  iphlpsvc - ok
20:28:32.0974 5624  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
20:28:32.0976 5624  IPMIDRV - ok
20:28:32.0991 5624  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
20:28:32.0992 5624  IPNAT - ok
20:28:33.0005 5624  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\windows\system32\drivers\irenum.sys
20:28:33.0006 5624  IRENUM - ok
20:28:33.0062 5624  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\windows\system32\drivers\isapnp.sys
20:28:33.0063 5624  isapnp - ok
20:28:33.0071 5624  [ F5F0DE1B7F256997501EECECE9648108 ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
20:28:33.0074 5624  iScsiPrt - ok
20:28:33.0145 5624  [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
20:28:33.0147 5624  jhi_service - ok
20:28:33.0195 5624  [ 1DED0D0AA513E2A5862B20A520D3A1E1 ] JME Keyboard    C:\Windows\jmesoft\Service.exe
20:28:33.0195 5624  JME Keyboard - ok
20:28:33.0208 5624  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
20:28:33.0209 5624  kbdclass - ok
20:28:33.0212 5624  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
20:28:33.0212 5624  kbdhid - ok
20:28:33.0224 5624  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
20:28:33.0226 5624  kdnic - ok
20:28:33.0234 5624  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\windows\system32\lsass.exe
20:28:33.0235 5624  KeyIso - ok
20:28:33.0248 5624  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
20:28:33.0249 5624  KSecDD - ok
20:28:33.0263 5624  [ E427D299CFE267A2465D3AAF81440ED9 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
20:28:33.0264 5624  KSecPkg - ok
20:28:33.0275 5624  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
20:28:33.0276 5624  ksthunk - ok
20:28:33.0313 5624  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\windows\system32\msdtckrm.dll
20:28:33.0317 5624  KtmRm - ok
20:28:33.0339 5624  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\windows\system32\srvsvc.dll
20:28:33.0343 5624  LanmanServer - ok
20:28:33.0374 5624  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:28:33.0377 5624  LanmanWorkstation - ok
20:28:33.0416 5624  [ 32F8DCFB3257B1BC745DD96A847937B5 ] Lenovo System Agent Service C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
20:28:33.0421 5624  Lenovo System Agent Service - ok
20:28:33.0430 5624  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
20:28:33.0431 5624  lltdio - ok
20:28:33.0445 5624  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\windows\System32\lltdsvc.dll
20:28:33.0449 5624  lltdsvc - ok
20:28:33.0458 5624  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\windows\System32\lmhsvc.dll
20:28:33.0460 5624  lmhosts - ok
20:28:33.0469 5624  [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:28:33.0471 5624  LMS - ok
20:28:33.0496 5624  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
20:28:33.0497 5624  LSI_SAS - ok
20:28:33.0519 5624  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
20:28:33.0521 5624  LSI_SAS2 - ok
20:28:33.0540 5624  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
20:28:33.0542 5624  LSI_SCSI - ok
20:28:33.0559 5624  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
20:28:33.0561 5624  LSI_SSS - ok
20:28:33.0592 5624  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\windows\System32\lsm.dll
20:28:33.0597 5624  LSM - ok
20:28:33.0609 5624  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\windows\system32\drivers\luafv.sys
20:28:33.0610 5624  luafv - ok
20:28:33.0648 5624  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
20:28:33.0648 5624  MBAMProtector - ok
20:28:33.0688 5624  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:28:33.0692 5624  MBAMScheduler - ok
20:28:33.0709 5624  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:28:33.0715 5624  MBAMService - ok
20:28:33.0734 5624  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\windows\system32\drivers\megasas.sys
20:28:33.0735 5624  megasas - ok
20:28:33.0753 5624  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
20:28:33.0757 5624  MegaSR - ok
20:28:33.0783 5624  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\windows\System32\drivers\HECIx64.sys
20:28:33.0784 5624  MEIx64 - ok
20:28:33.0813 5624  Microsoft SharePoint Workspace Audit Service - ok
20:28:33.0825 5624  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\windows\system32\mmcss.dll
20:28:33.0827 5624  MMCSS - ok
20:28:33.0848 5624  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\windows\system32\drivers\modem.sys
20:28:33.0848 5624  Modem - ok
20:28:33.0864 5624  [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
20:28:33.0865 5624  monitor - ok
20:28:33.0871 5624  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\windows\System32\drivers\mouclass.sys
20:28:33.0871 5624  mouclass - ok
20:28:33.0879 5624  [ CB2527B8B87D83E56FBF3944BBB6F606 ] mouhid          C:\windows\System32\drivers\mouhid.sys
20:28:33.0880 5624  mouhid - ok
20:28:33.0887 5624  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
20:28:33.0888 5624  mountmgr - ok
20:28:33.0899 5624  [ 36BF4D86F166ACBC14F0B8B8F90CBCEA ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
20:28:33.0900 5624  mpsdrv - ok
20:28:33.0923 5624  [ 411EA973A1961C287927DF13891EB41E ] MpsSvc          C:\windows\system32\mpssvc.dll
20:28:33.0932 5624  MpsSvc - ok
20:28:33.0949 5624  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
20:28:33.0950 5624  MRxDAV - ok
20:28:33.0981 5624  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
20:28:33.0982 5624  mrxsmb - ok
20:28:33.0996 5624  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
20:28:33.0999 5624  mrxsmb10 - ok
20:28:34.0008 5624  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
20:28:34.0010 5624  mrxsmb20 - ok
20:28:34.0027 5624  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
20:28:34.0028 5624  MsBridge - ok
20:28:34.0042 5624  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\windows\System32\msdtc.exe
20:28:34.0045 5624  MSDTC - ok
20:28:34.0068 5624  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\windows\system32\drivers\Msfs.sys
20:28:34.0068 5624  Msfs - ok
20:28:34.0086 5624  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
20:28:34.0087 5624  msgpiowin32 - ok
20:28:34.0101 5624  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
20:28:34.0101 5624  mshidkmdf - ok
20:28:34.0107 5624  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
20:28:34.0108 5624  mshidumdf - ok
20:28:34.0116 5624  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
20:28:34.0117 5624  msisadrv - ok
20:28:34.0138 5624  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\windows\system32\iscsiexe.dll
20:28:34.0140 5624  MSiSCSI - ok
20:28:34.0143 5624  msiserver - ok
20:28:34.0164 5624  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
20:28:34.0164 5624  MSKSSRV - ok
20:28:34.0177 5624  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
20:28:34.0178 5624  MsLldp - ok
20:28:34.0193 5624  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
20:28:34.0193 5624  MSPCLOCK - ok
20:28:34.0207 5624  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
20:28:34.0207 5624  MSPQM - ok
20:28:34.0219 5624  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
20:28:34.0223 5624  MsRPC - ok
20:28:34.0234 5624  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
20:28:34.0235 5624  mssmbios - ok
20:28:34.0238 5624  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
20:28:34.0238 5624  MSTEE - ok
20:28:34.0255 5624  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
20:28:34.0257 5624  MTConfig - ok
20:28:34.0270 5624  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\windows\system32\Drivers\mup.sys
20:28:34.0271 5624  Mup - ok
20:28:34.0283 5624  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\windows\system32\drivers\mvumis.sys
20:28:34.0286 5624  mvumis - ok
20:28:34.0321 5624  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\windows\system32\qagentRT.dll
20:28:34.0326 5624  napagent - ok
20:28:34.0336 5624  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
20:28:34.0340 5624  NativeWifiP - ok
20:28:34.0385 5624  [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
20:28:34.0390 5624  NAUpdate - ok
20:28:34.0399 5624  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\windows\System32\ncasvc.dll
20:28:34.0402 5624  NcaSvc - ok
20:28:34.0407 5624  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
20:28:34.0409 5624  NcdAutoSetup - ok
20:28:34.0444 5624  [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS            C:\windows\system32\drivers\ndis.sys
20:28:34.0448 5624  NDIS - ok
20:28:34.0463 5624  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
20:28:34.0465 5624  NdisCap - ok
20:28:34.0471 5624  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
20:28:34.0473 5624  NdisImPlatform - ok
20:28:34.0481 5624  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
20:28:34.0482 5624  NdisTapi - ok
20:28:34.0492 5624  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
20:28:34.0493 5624  Ndisuio - ok
20:28:34.0503 5624  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
20:28:34.0504 5624  NdisWan - ok
20:28:34.0507 5624  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\windows\system32\DRIVERS\ndiswan.sys
20:28:34.0508 5624  NDISWANLEGACY - ok
20:28:34.0521 5624  [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
20:28:34.0522 5624  NDProxy - ok
20:28:34.0535 5624  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\windows\system32\drivers\Ndu.sys
20:28:34.0537 5624  Ndu - ok
20:28:34.0543 5624  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
20:28:34.0544 5624  NetBIOS - ok
20:28:34.0560 5624  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
20:28:34.0562 5624  NetBT - ok
20:28:34.0575 5624  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\windows\system32\lsass.exe
20:28:34.0576 5624  Netlogon - ok
20:28:34.0592 5624  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\windows\System32\netman.dll
20:28:34.0594 5624  Netman - ok
20:28:34.0604 5624  [ 5FF52E13C72838D87DAF228EC9E92C89 ] netprofm        C:\windows\System32\netprofmsvc.dll
20:28:34.0608 5624  netprofm - ok
20:28:34.0671 5624  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:28:34.0672 5624  NetTcpPortSharing - ok
20:28:34.0786 5624  [ 57B9C04D673F236D41FAB03842C8640B ] NETwNs64        C:\windows\system32\DRIVERS\NETwNs64.sys
20:28:34.0887 5624  NETwNs64 - ok
20:28:34.0926 5624  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
20:28:34.0927 5624  nfrd960 - ok
20:28:34.0985 5624  [ 8CE7F624D791733E8CECFA443B2DF513 ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
20:28:34.0987 5624  NitroDriverReadSpool2 - ok
20:28:35.0000 5624  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\windows\System32\nlasvc.dll
20:28:35.0004 5624  NlaSvc - ok
20:28:35.0062 5624  [ AAAE3B793B248A3DF86C65928484AB9A ] nlsX86cc        C:\windows\SysWOW64\NLSSRV32.EXE
20:28:35.0063 5624  nlsX86cc - ok
20:28:35.0075 5624  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\windows\system32\drivers\Npfs.sys
20:28:35.0076 5624  Npfs - ok
20:28:35.0086 5624  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
20:28:35.0088 5624  npsvctrig - ok
20:28:35.0096 5624  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\windows\system32\nsisvc.dll
20:28:35.0098 5624  nsi - ok
20:28:35.0110 5624  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
20:28:35.0111 5624  nsiproxy - ok
20:28:35.0149 5624  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
20:28:35.0156 5624  Ntfs - ok
20:28:35.0172 5624  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\windows\system32\drivers\Null.sys
20:28:35.0173 5624  Null - ok
20:28:35.0191 5624  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\windows\system32\drivers\nvraid.sys
20:28:35.0193 5624  nvraid - ok
20:28:35.0201 5624  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\windows\system32\drivers\nvstor.sys
20:28:35.0203 5624  nvstor - ok
20:28:35.0220 5624  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
20:28:35.0222 5624  nv_agp - ok
20:28:35.0265 5624  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:28:35.0267 5624  ose - ok
20:28:35.0356 5624  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:28:35.0373 5624  osppsvc - ok
20:28:35.0391 5624  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
20:28:35.0396 5624  p2pimsvc - ok
20:28:35.0409 5624  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\windows\system32\p2psvc.dll
20:28:35.0413 5624  p2psvc - ok
20:28:35.0432 5624  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\windows\System32\drivers\parport.sys
20:28:35.0433 5624  Parport - ok
20:28:35.0476 5624  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\windows\system32\drivers\partmgr.sys
20:28:35.0477 5624  partmgr - ok
20:28:35.0530 5624  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\windows\System32\pcasvc.dll
20:28:35.0535 5624  PcaSvc - ok
20:28:35.0547 5624  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\windows\system32\drivers\pci.sys
20:28:35.0549 5624  pci - ok
20:28:35.0564 5624  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\windows\system32\drivers\pciide.sys
20:28:35.0565 5624  pciide - ok
20:28:35.0581 5624  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
20:28:35.0582 5624  pcmcia - ok
20:28:35.0598 5624  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\windows\system32\drivers\pcw.sys
20:28:35.0599 5624  pcw - ok
20:28:35.0627 5624  [ AECC24430301DBC6A76916E3029B6B83 ] pdc             C:\windows\system32\drivers\pdc.sys
20:28:35.0629 5624  pdc - ok
20:28:35.0646 5624  [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH          C:\windows\system32\drivers\peauth.sys
20:28:35.0652 5624  PEAUTH - ok
20:28:35.0693 5624  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\windows\SysWow64\perfhost.exe
20:28:35.0694 5624  PerfHost - ok
20:28:35.0727 5624  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\windows\system32\pla.dll
20:28:35.0753 5624  pla - ok
20:28:35.0766 5624  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
20:28:35.0767 5624  PlugPlay - ok
20:28:35.0774 5624  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
20:28:35.0775 5624  PNRPAutoReg - ok
20:28:35.0781 5624  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
20:28:35.0784 5624  PNRPsvc - ok
20:28:35.0829 5624  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
20:28:35.0831 5624  PolicyAgent - ok
20:28:35.0841 5624  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\windows\system32\umpo.dll
20:28:35.0844 5624  Power - ok
20:28:35.0854 5624  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
20:28:35.0855 5624  PptpMiniport - ok
20:28:35.0942 5624  [ CC0B8655E4B2A5BBB215CDA8FC3BE4DE ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
20:28:35.0993 5624  PrintNotify - ok
20:28:36.0007 5624  [ 8DA167F8967AB35A2487095CB1B879A0 ] Processor       C:\windows\System32\drivers\processr.sys
20:28:36.0008 5624  Processor - ok
20:28:36.0021 5624  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\windows\system32\profsvc.dll
20:28:36.0024 5624  ProfSvc - ok
20:28:36.0036 5624  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\windows\system32\DRIVERS\pacer.sys
20:28:36.0038 5624  Psched - ok
20:28:36.0046 5624  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\windows\system32\qwave.dll
20:28:36.0049 5624  QWAVE - ok
20:28:36.0057 5624  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
20:28:36.0058 5624  QWAVEdrv - ok
20:28:36.0073 5624  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
20:28:36.0074 5624  RasAcd - ok
20:28:36.0105 5624  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
20:28:36.0107 5624  RasAgileVpn - ok
20:28:36.0121 5624  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\windows\System32\rasauto.dll
20:28:36.0124 5624  RasAuto - ok
20:28:36.0130 5624  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
20:28:36.0131 5624  Rasl2tp - ok
20:28:36.0144 5624  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\windows\System32\rasmans.dll
20:28:36.0148 5624  RasMan - ok
20:28:36.0156 5624  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
20:28:36.0157 5624  RasPppoe - ok
20:28:36.0169 5624  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
20:28:36.0170 5624  RasSstp - ok
20:28:36.0192 5624  [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
20:28:36.0194 5624  rdbss - ok
20:28:36.0202 5624  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
20:28:36.0204 5624  rdpbus - ok
20:28:36.0212 5624  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
20:28:36.0213 5624  RDPDR - ok
20:28:36.0228 5624  [ 3B4F32CA8B37584ECF98BCE136E38B96 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
20:28:36.0230 5624  RdpVideoMiniport - ok
20:28:36.0249 5624  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
20:28:36.0250 5624  RDPWD - ok
20:28:36.0267 5624  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
20:28:36.0269 5624  rdyboost - ok
20:28:36.0302 5624  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\windows\System32\mprdim.dll
20:28:36.0304 5624  RemoteAccess - ok
20:28:36.0317 5624  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\windows\system32\regsvc.dll
20:28:36.0318 5624  RemoteRegistry - ok
20:28:36.0329 5624  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
20:28:36.0331 5624  RpcEptMapper - ok
20:28:36.0360 5624  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\windows\system32\locator.exe
20:28:36.0361 5624  RpcLocator - ok
20:28:36.0379 5624  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\windows\system32\rpcss.dll
20:28:36.0383 5624  RpcSs - ok
20:28:36.0396 5624  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
20:28:36.0398 5624  rspndr - ok
20:28:36.0432 5624  [ 8EB6DCEB7473C232D8BC9A886E3183AC ] RSUSBVSTOR      C:\windows\System32\Drivers\RtsUVStor.sys
20:28:36.0435 5624  RSUSBVSTOR - ok
20:28:36.0474 5624  [ 7D9DA8EC6784A9EE213C676709D46BE6 ] RTL8168         C:\windows\system32\DRIVERS\Rt630x64.sys
20:28:36.0479 5624  RTL8168 - ok
20:28:36.0527 5624  [ 39E9712774EE4E9002A799F9A4FB5E8D ] RTL8192Ce       C:\windows\system32\DRIVERS\rtwlane.sys
20:28:36.0552 5624  RTL8192Ce - ok
20:28:36.0584 5624  [ 39E9712774EE4E9002A799F9A4FB5E8D ] RTWlanE         C:\windows\system32\DRIVERS\rtwlane.sys
20:28:36.0590 5624  RTWlanE - ok
20:28:36.0627 5624  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\windows\System32\drivers\vms3cap.sys
20:28:36.0628 5624  s3cap - ok
20:28:36.0639 5624  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\windows\system32\lsass.exe
20:28:36.0640 5624  SamSs - ok
20:28:36.0662 5624  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
20:28:36.0663 5624  sbp2port - ok
20:28:36.0680 5624  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\windows\System32\SCardSvr.dll
20:28:36.0683 5624  SCardSvr - ok
20:28:36.0697 5624  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
20:28:36.0698 5624  scfilter - ok
20:28:36.0725 5624  [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule        C:\windows\system32\schedsvc.dll
20:28:36.0731 5624  Schedule - ok
20:28:36.0762 5624  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\windows\System32\certprop.dll
20:28:36.0763 5624  SCPolicySvc - ok
20:28:36.0790 5624  [ 12F06525912BBEF67837DE47D87C60A9 ] sdbus           C:\windows\System32\drivers\sdbus.sys
20:28:36.0792 5624  sdbus - ok
20:28:36.0815 5624  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\windows\System32\SDRSVC.dll
20:28:36.0817 5624  SDRSVC - ok
20:28:36.0835 5624  [ 74369A913837FB46C3B27373DA2ADF4E ] sdstor          C:\windows\System32\drivers\sdstor.sys
20:28:36.0836 5624  sdstor - ok
20:28:36.0852 5624  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
20:28:36.0854 5624  secdrv - ok
20:28:36.0862 5624  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\windows\system32\seclogon.dll
20:28:36.0864 5624  seclogon - ok
20:28:36.0871 5624  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\windows\System32\sens.dll
20:28:36.0873 5624  SENS - ok
20:28:36.0882 5624  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\windows\system32\sensrsvc.dll
20:28:36.0885 5624  SensrSvc - ok
20:28:36.0900 5624  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\windows\system32\drivers\SerCx.sys
20:28:36.0901 5624  SerCx - ok
20:28:36.0917 5624  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\windows\System32\drivers\serenum.sys
20:28:36.0917 5624  Serenum - ok
20:28:36.0937 5624  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\windows\System32\drivers\serial.sys
20:28:36.0937 5624  Serial - ok
20:28:36.0957 5624  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\windows\System32\drivers\sermouse.sys
20:28:36.0958 5624  sermouse - ok
20:28:36.0979 5624  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\windows\system32\sessenv.dll
20:28:36.0983 5624  SessionEnv - ok
20:28:37.0000 5624  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
20:28:37.0000 5624  sfloppy - ok
20:28:37.0023 5624  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\windows\System32\ipnathlp.dll
20:28:37.0027 5624  SharedAccess - ok
20:28:37.0040 5624  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:28:37.0043 5624  ShellHWDetection - ok
20:28:37.0059 5624  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
20:28:37.0060 5624  SiSRaid2 - ok
20:28:37.0074 5624  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
20:28:37.0076 5624  SiSRaid4 - ok
20:28:37.0093 5624  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
20:28:37.0096 5624  SNMPTRAP - ok
20:28:37.0104 5624  [ 465F3C355CE5ED2779B8F460F14C5A78 ] spaceport       C:\windows\system32\drivers\spaceport.sys
20:28:37.0107 5624  spaceport - ok
20:28:37.0127 5624  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
20:28:37.0128 5624  SpbCx - ok
20:28:37.0152 5624  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\windows\System32\spoolsv.exe
20:28:37.0156 5624  Spooler - ok
20:28:37.0222 5624  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\windows\system32\sppsvc.exe
20:28:37.0281 5624  sppsvc - ok
20:28:37.0309 5624  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\windows\system32\DRIVERS\srv.sys
20:28:37.0311 5624  srv - ok
20:28:37.0370 5624  [ 9912FDF63EC78E1977083E20DEAE4889 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
20:28:37.0375 5624  srv2 - ok
20:28:37.0396 5624  [ FD8B4F201B681C555A4AF41922C52557 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
20:28:37.0399 5624  srvnet - ok
20:28:37.0414 5624  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
20:28:37.0416 5624  SSDPSRV - ok
20:28:37.0426 5624  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\windows\system32\sstpsvc.dll
20:28:37.0429 5624  SstpSvc - ok
20:28:37.0436 5624  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\windows\system32\drivers\stexstor.sys
20:28:37.0437 5624  stexstor - ok
20:28:37.0455 5624  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\windows\System32\wiaservc.dll
20:28:37.0459 5624  stisvc - ok
20:28:37.0468 5624  [ C588BBD37B432CE3204E5765B459E6B2 ] storahci        C:\windows\system32\drivers\storahci.sys
20:28:37.0469 5624  storahci - ok
20:28:37.0484 5624  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
20:28:37.0485 5624  storflt - ok
20:28:37.0500 5624  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\windows\system32\storsvc.dll
20:28:37.0502 5624  StorSvc - ok
20:28:37.0518 5624  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\windows\system32\drivers\storvsc.sys
20:28:37.0519 5624  storvsc - ok
20:28:37.0532 5624  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\windows\system32\svsvc.dll
20:28:37.0534 5624  svsvc - ok
20:28:37.0541 5624  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\windows\System32\drivers\swenum.sys
20:28:37.0541 5624  swenum - ok
20:28:37.0560 5624  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\windows\System32\swprv.dll
20:28:37.0565 5624  swprv - ok
20:28:37.0594 5624  [ DC21E1F06343773D7E24362DCEF7944B ] SysMain         C:\windows\system32\sysmain.dll
20:28:37.0620 5624  SysMain - ok
20:28:37.0637 5624  [ 079244F281621FEDCC161D3923E858FE ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
20:28:37.0706 5624  SystemEventsBroker - ok
20:28:37.0717 5624  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\windows\System32\TabSvc.dll
20:28:37.0720 5624  TabletInputService - ok
20:28:37.0733 5624  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\windows\System32\tapisrv.dll
20:28:37.0736 5624  TapiSrv - ok
20:28:37.0769 5624  [ F4F78B7F39BD56BD0BFE4C4399398F6F ] Tcpip           C:\windows\system32\drivers\tcpip.sys
20:28:37.0777 5624  Tcpip - ok
20:28:37.0811 5624  [ F4F78B7F39BD56BD0BFE4C4399398F6F ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
20:28:37.0819 5624  TCPIP6 - ok
20:28:37.0831 5624  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
20:28:37.0832 5624  tcpipreg - ok
20:28:37.0847 5624  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
20:28:37.0847 5624  tdx - ok
20:28:37.0860 5624  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\windows\System32\drivers\terminpt.sys
20:28:37.0861 5624  terminpt - ok
20:28:37.0885 5624  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\windows\System32\termsrv.dll
20:28:37.0889 5624  TermService - ok
20:28:37.0898 5624  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\windows\system32\themeservice.dll
20:28:37.0900 5624  Themes - ok
20:28:37.0930 5624  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\windows\system32\mmcss.dll
20:28:37.0931 5624  THREADORDER - ok
20:28:37.0939 5624  [ 52066C139CC189468845D5BE557B25EB ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
20:28:37.0942 5624  TimeBroker - ok
20:28:37.0961 5624  [ B44EFE254C0B3719E4037088D24FE4B5 ] TPM             C:\windows\system32\drivers\tpm.sys
20:28:37.0964 5624  TPM - ok
20:28:37.0981 5624  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\windows\System32\trkwks.dll
20:28:37.0983 5624  TrkWks - ok
20:28:38.0030 5624  [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:28:38.0030 5624  TrustedInstaller - ok
20:28:38.0046 5624  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
20:28:38.0048 5624  TsUsbFlt - ok
20:28:38.0058 5624  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
20:28:38.0059 5624  TsUsbGD - ok
20:28:38.0079 5624  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
20:28:38.0097 5624  tunnel - ok
20:28:38.0107 5624  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\windows\system32\drivers\uagp35.sys
20:28:38.0109 5624  uagp35 - ok
20:28:38.0126 5624  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
20:28:38.0129 5624  UASPStor - ok
20:28:38.0146 5624  [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
20:28:38.0149 5624  UCX01000 - ok
20:28:38.0166 5624  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
20:28:38.0167 5624  udfs - ok
20:28:38.0177 5624  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\windows\system32\UI0Detect.exe
20:28:38.0179 5624  UI0Detect - ok
20:28:38.0189 5624  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
20:28:38.0191 5624  uliagpkx - ok
20:28:38.0203 5624  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\windows\System32\drivers\umbus.sys
20:28:38.0205 5624  umbus - ok
20:28:38.0220 5624  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\windows\System32\drivers\umpass.sys
20:28:38.0221 5624  UmPass - ok
20:28:38.0236 5624  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\windows\System32\umrdp.dll
20:28:38.0239 5624  UmRdpService - ok
20:28:38.0320 5624  [ DBE2E6388379D5CC78099650541E9566 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:28:38.0323 5624  UNS - ok
20:28:38.0341 5624  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\windows\System32\upnphost.dll
20:28:38.0344 5624  upnphost - ok
20:28:38.0354 5624  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
20:28:38.0355 5624  usbccgp - ok
20:28:38.0391 5624  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\windows\System32\drivers\usbcir.sys
20:28:38.0393 5624  usbcir - ok
20:28:38.0410 5624  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\windows\System32\drivers\usbehci.sys
20:28:38.0411 5624  usbehci - ok
20:28:38.0445 5624  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\windows\System32\drivers\usbhub.sys
20:28:38.0447 5624  usbhub - ok
20:28:38.0466 5624  [ C5986337DE3BF63ABD9ED4D834D34B89 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
20:28:38.0470 5624  USBHUB3 - ok
20:28:38.0481 5624  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\windows\System32\drivers\usbohci.sys
20:28:38.0482 5624  usbohci - ok
20:28:38.0497 5624  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\windows\System32\drivers\usbprint.sys
20:28:38.0498 5624  usbprint - ok
20:28:38.0519 5624  [ E933ACBC0EC37E88E79EE98965578018 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
20:28:38.0520 5624  usbscan - ok
20:28:38.0530 5624  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
20:28:38.0531 5624  USBSTOR - ok
20:28:38.0551 5624  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
20:28:38.0551 5624  usbuhci - ok
20:28:38.0570 5624  [ 09799E701B4327097E9F63D3FE221083 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
20:28:38.0572 5624  usbvideo - ok
20:28:38.0588 5624  [ 9CD4259AD15F84DE27B94A956C978D6C ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
20:28:38.0591 5624  USBXHCI - ok
20:28:38.0605 5624  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\windows\system32\lsass.exe
20:28:38.0606 5624  VaultSvc - ok
20:28:38.0611 5624  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
20:28:38.0612 5624  vdrvroot - ok
20:28:38.0631 5624  [ 00FBA165A1167738802DA5D0EE78EF10 ] vds             C:\windows\System32\vds.exe
20:28:38.0637 5624  vds - ok
20:28:38.0655 5624  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
20:28:38.0657 5624  VerifierExt - ok
20:28:38.0682 5624  [ 8628FA679F0EC4B709CCD1F6B6A3233B ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
20:28:38.0686 5624  vhdmp - ok
20:28:38.0706 5624  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\windows\system32\drivers\viaide.sys
20:28:38.0707 5624  viaide - ok
20:28:38.0719 5624  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\windows\system32\drivers\vmbus.sys
20:28:38.0721 5624  vmbus - ok
20:28:38.0737 5624  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
20:28:38.0738 5624  VMBusHID - ok
20:28:38.0770 5624  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\windows\System32\ICSvc.dll
20:28:38.0773 5624  vmicheartbeat - ok
20:28:38.0778 5624  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\windows\System32\ICSvc.dll
20:28:38.0780 5624  vmickvpexchange - ok
20:28:38.0784 5624  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\windows\System32\ICSvc.dll
20:28:38.0786 5624  vmicrdv - ok
20:28:38.0791 5624  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\windows\System32\ICSvc.dll
20:28:38.0793 5624  vmicshutdown - ok
20:28:38.0797 5624  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\windows\System32\ICSvc.dll
20:28:38.0799 5624  vmictimesync - ok
20:28:38.0804 5624  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\windows\System32\ICSvc.dll
20:28:38.0806 5624  vmicvss - ok
20:28:38.0830 5624  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\windows\system32\drivers\volmgr.sys
20:28:38.0831 5624  volmgr - ok
20:28:38.0843 5624  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
20:28:38.0846 5624  volmgrx - ok
20:28:38.0859 5624  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap         C:\windows\system32\drivers\volsnap.sys
20:28:38.0860 5624  volsnap - ok
20:28:38.0874 5624  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\windows\System32\drivers\vpci.sys
20:28:38.0876 5624  vpci - ok
20:28:38.0899 5624  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
20:28:38.0901 5624  vsmraid - ok
20:28:38.0935 5624  [ EA658570314042C914964FC72AB50E6B ] VSS             C:\windows\system32\vssvc.exe
20:28:38.0961 5624  VSS - ok
20:28:38.0973 5624  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
20:28:38.0976 5624  VSTXRAID - ok
20:28:38.0987 5624  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
20:28:38.0988 5624  vwifibus - ok
20:28:38.0997 5624  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
20:28:38.0998 5624  vwififlt - ok
20:28:39.0004 5624  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
20:28:39.0005 5624  vwifimp - ok
20:28:39.0018 5624  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\windows\system32\w32time.dll
20:28:39.0021 5624  W32Time - ok
20:28:39.0039 5624  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\windows\System32\drivers\wacompen.sys
20:28:39.0040 5624  WacomPen - ok
20:28:39.0054 5624  [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
20:28:39.0054 5624  Wanarp - ok
20:28:39.0057 5624  [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
20:28:39.0058 5624  Wanarpv6 - ok
20:28:39.0083 5624  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\windows\system32\wbengine.exe
20:28:39.0108 5624  wbengine - ok
20:28:39.0125 5624  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
20:28:39.0129 5624  WbioSrvc - ok
20:28:39.0139 5624  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
20:28:39.0142 5624  Wcmsvc - ok
20:28:39.0168 5624  [ 4507D89FA9E4283100948C91E867D130 ] wcncsvc         C:\windows\System32\wcncsvc.dll
20:28:39.0173 5624  wcncsvc - ok
20:28:39.0182 5624  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:28:39.0184 5624  WcsPlugInService - ok
20:28:39.0197 5624  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\windows\system32\drivers\wd.sys
20:28:39.0199 5624  Wd - ok
20:28:39.0219 5624  [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
20:28:39.0220 5624  WdBoot - ok
20:28:39.0257 5624  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
20:28:39.0263 5624  Wdf01000 - ok
20:28:39.0283 5624  [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
20:28:39.0285 5624  WdFilter - ok
20:28:39.0301 5624  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\windows\system32\wdi.dll
20:28:39.0304 5624  WdiServiceHost - ok
20:28:39.0307 5624  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\windows\system32\wdi.dll
20:28:39.0308 5624  WdiSystemHost - ok
20:28:39.0324 5624  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\windows\System32\webclnt.dll
20:28:39.0327 5624  WebClient - ok
20:28:39.0341 5624  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\windows\system32\wecsvc.dll
20:28:39.0345 5624  Wecsvc - ok
20:28:39.0359 5624  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\windows\System32\wercplsupport.dll
20:28:39.0361 5624  wercplsupport - ok
20:28:39.0380 5624  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\windows\System32\WerSvc.dll
20:28:39.0382 5624  WerSvc - ok
20:28:39.0391 5624  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
20:28:39.0393 5624  WFPLWFS - ok
20:28:39.0404 5624  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\windows\System32\wiarpc.dll
20:28:39.0407 5624  WiaRpc - ok
20:28:39.0419 5624  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
20:28:39.0420 5624  WIMMount - ok
20:28:39.0441 5624  WinDefend - ok
20:28:39.0460 5624  [ 1369928779943B5C7AABA263E6E2BBC1 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
20:28:39.0468 5624  WinHttpAutoProxySvc - ok
20:28:39.0514 5624  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
20:28:39.0557 5624  Winmgmt - ok
20:28:39.0599 5624  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\windows\system32\WsmSvc.dll
20:28:39.0642 5624  WinRM - ok
20:28:39.0672 5624  [ 19B3CFB1D6516AB2C54772CB75426AD4 ] WlanSvc         C:\windows\System32\wlansvc.dll
20:28:39.0697 5624  WlanSvc - ok
20:28:39.0730 5624  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\windows\system32\wlidsvc.dll
20:28:39.0763 5624  wlidsvc - ok
20:28:39.0776 5624  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
20:28:39.0777 5624  WmiAcpi - ok
20:28:39.0794 5624  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
20:28:39.0796 5624  wmiApSrv - ok
20:28:39.0804 5624  WMPNetworkSvc - ok
20:28:39.0821 5624  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
20:28:39.0822 5624  wpcfltr - ok
20:28:39.0841 5624  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\windows\System32\wpcsvc.dll
20:28:39.0843 5624  WPCSvc - ok
20:28:39.0861 5624  [ 39D8AB837F91B729D12D32ED81E2062F ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
20:28:39.0863 5624  WPDBusEnum - ok
20:28:39.0873 5624  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
20:28:39.0874 5624  WpdUpFltr - ok
20:28:39.0882 5624  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
20:28:39.0882 5624  ws2ifsl - ok
20:28:39.0896 5624  [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc          C:\windows\System32\wscsvc.dll
20:28:39.0899 5624  wscsvc - ok
20:28:39.0901 5624  WSearch - ok
20:28:39.0940 5624  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\windows\System32\WSService.dll
20:28:39.0975 5624  WSService - ok
20:28:40.0005 5624  [ 72B4E9DF6456C43C42A1419B09486045 ] wsvd            C:\windows\system32\DRIVERS\wsvd.sys
20:28:40.0006 5624  wsvd - ok
20:28:40.0057 5624  [ 69DDDAF7BB4D39A4CC928EA434A3E258 ] wuauserv        C:\windows\system32\wuaueng.dll
20:28:40.0100 5624  wuauserv - ok
20:28:40.0113 5624  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
20:28:40.0115 5624  WudfPf - ok
20:28:40.0130 5624  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
20:28:40.0132 5624  WUDFRd - ok
20:28:40.0136 5624  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP    C:\windows\system32\DRIVERS\WUDFRd.sys
20:28:40.0137 5624  WUDFSensorLP - ok
20:28:40.0148 5624  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
20:28:40.0150 5624  wudfsvc - ok
20:28:40.0155 5624  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
20:28:40.0156 5624  WUDFWpdFs - ok
20:28:40.0172 5624  [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc         C:\windows\System32\wwansvc.dll
20:28:40.0177 5624  WwanSvc - ok
20:28:40.0226 5624  [ C6B289A70A2D36242A2CCAA2715E1747 ] X5XSEx_Pr148    C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys
20:28:40.0227 5624  X5XSEx_Pr148 - ok
20:28:40.0236 5624  ================ Scan global ===============================
20:28:40.0273 5624  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\windows\system32\basesrv.dll
20:28:40.0308 5624  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\windows\system32\winsrv.dll
20:28:40.0323 5624  [ BD7C6949984D19AAA609896B675E7357 ] C:\windows\system32\sxssrv.dll
20:28:40.0365 5624  [ 8F226143046435C75C033B0C52E90FFE ] C:\windows\system32\services.exe
20:28:40.0367 5624  [Global] - ok
20:28:40.0368 5624  ================ Scan MBR ==================================
20:28:40.0376 5624  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:28:40.0479 5624  \Device\Harddisk0\DR0 - ok
20:28:40.0479 5624  ================ Scan VBR ==================================
20:28:40.0507 5624  [ 0BFC1FA265C0947FBE4D6C5521064402 ] \Device\Harddisk0\DR0\Partition1
20:28:40.0510 5624  \Device\Harddisk0\DR0\Partition1 - ok
20:28:40.0531 5624  [ 402CFC39F5BA9EEB7CAAD8561A772296 ] \Device\Harddisk0\DR0\Partition2
20:28:40.0532 5624  \Device\Harddisk0\DR0\Partition2 - ok
20:28:40.0540 5624  [ 42C8CBCF199EB1D7977FA7D4AF52AC29 ] \Device\Harddisk0\DR0\Partition3
20:28:40.0542 5624  \Device\Harddisk0\DR0\Partition3 - ok
20:28:40.0546 5624  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4
20:28:40.0547 5624  \Device\Harddisk0\DR0\Partition4 - ok
20:28:40.0555 5624  [ B3F1DDA7C647C495CCFAEA40EFAFEDBA ] \Device\Harddisk0\DR0\Partition5
20:28:40.0557 5624  \Device\Harddisk0\DR0\Partition5 - ok
20:28:40.0590 5624  [ 6D12A0D808B06B9B8596E565FAC77BF2 ] \Device\Harddisk0\DR0\Partition6
20:28:40.0593 5624  \Device\Harddisk0\DR0\Partition6 - ok
20:28:40.0594 5624  ============================================================
20:28:40.0594 5624  Scan finished
20:28:40.0594 5624  ============================================================
20:28:40.0600 2912  Detected object count: 0
20:28:40.0600 2912  Actual detected object count: 0
 

 

 

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by Mark (administrator) on 12-04-2013 at 20:30:47
Running from "C:\Users\Mark\Desktop"
Windows 8  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Ethernet (Connected)
Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wi-Fi (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : MarkandAisha
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 20-16-D8-45-DB-A4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 20-16-D8-45-DB-A4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : EC-A8-6B-35-16-E4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d8be:1a80:a40c:759b%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.7(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 12 April 2013 18:00:23
   Lease Expires . . . . . . . . . . : 13 April 2013 18:00:23
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 367831147
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-40-9E-D7-74-E5-43-2E-F4-96
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 13:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:382f:24f3:fde6:5184(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::382f:24f3:fde6:5184%19(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{D47E9161-01E7-424C-8B75-DD15278BA4F7}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.0.1
 
Name:    google.com
Addresses:  2a00:1450:4009:808::100e
 173.194.41.103
 173.194.41.99
 173.194.41.100
 173.194.41.96
 173.194.41.97
 173.194.41.104
 173.194.41.98
 173.194.41.105
 173.194.41.102
 173.194.41.110
 173.194.41.101
 
 
Pinging google.com [173.194.41.100] with 32 bytes of data:
Reply from 173.194.41.100: bytes=32 time=9ms TTL=53
Reply from 173.194.41.100: bytes=32 time=9ms TTL=53
 
Ping statistics for 173.194.41.100:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 9ms, Maximum = 9ms, Average = 9ms
Server:  UnKnown
Address:  192.168.0.1
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=428ms TTL=46
Reply from 98.139.183.24: bytes=32 time=591ms TTL=46
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 428ms, Maximum = 591ms, Average = 509ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 17...20 16 d8 45 db a4 ......Microsoft Wi-Fi Direct Virtual Adapter
 16...20 16 d8 45 db a4 ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
 12...ec a8 6b 35 16 e4 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.7     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.7    276
      192.168.0.7  255.255.255.255         On-link       192.168.0.7    276
    192.168.0.255  255.255.255.255         On-link       192.168.0.7    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.7    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.7    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 19    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 19    306 2001::/32                On-link
 19    306 2001:0:4137:9e76:382f:24f3:fde6:5184/128
                                    On-link
 12    276 fe80::/64                On-link
 19    306 fe80::/64                On-link
 19    306 fe80::382f:24f3:fde6:5184/128
                                    On-link
 12    276 fe80::d8be:1a80:a40c:759b/128
                                    On-link
  1    306 ff00::/8                 On-link
 19    306 ff00::/8                 On-link
 12    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/12/2013 02:07:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.2.9200.16384, time stamp: 0x50107dbc
Faulting module name: ntdll.dll, version: 6.2.9200.16420, time stamp: 0x505ab405
Exception code: 0xc0000374
Fault offset: 0x00000000000ea485
Faulting process id: 0x17fc
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5
 
Error: (04/11/2013 07:03:24 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (04/11/2013 07:03:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/11/2013 07:03:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/11/2013 07:03:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/11/2013 07:03:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/11/2013 07:00:03 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (04/11/2013 06:59:19 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/11/2013 06:59:19 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/11/2013 06:59:19 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (04/12/2013 08:26:26 PM) (Source: Service Control Manager) (User: )
Description: The JME Keyboard Driver service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (04/12/2013 06:25:48 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/12/2013 06:00:27 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (04/12/2013 06:00:26 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (04/12/2013 06:00:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (04/12/2013 06:00:22 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:54:37 PM on ?4/?12/?2013 was unexpected.
 
Error: (04/12/2013 05:55:33 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/12/2013 02:29:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/12/2013 01:53:56 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/12/2013 00:12:47 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
Error: (04/12/2013 02:07:27 PM) (Source: Application Error)(User: )
Description: explorer.exe6.2.9200.1638450107dbcntdll.dll6.2.9200.16420505ab405c000037400000000000ea48517fc01ce32b9666f3001C:\windows\explorer.exeC:\windows\SYSTEM32\ntdll.dllec0d81a8-a371-11e2-be8f-eca86b3516e4
 
Error: (04/11/2013 07:03:24 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dllc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dll3
 
Error: (04/11/2013 07:03:23 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll
 
Error: (04/11/2013 07:03:23 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll
 
Error: (04/11/2013 07:03:23 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll
 
Error: (04/11/2013 07:03:23 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll
 
Error: (04/11/2013 07:00:03 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dllc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dll3
 
Error: (04/11/2013 06:59:19 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll
 
Error: (04/11/2013 06:59:19 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll
 
Error: (04/11/2013 06:59:19 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.3.0.29126)
Adobe AIR (Version: 1.5.3.9120)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Advanced Uninstaller PRO - Version 11 (Version: 11)
Amazon Browser App (Version: 1.0.0.0)
AVG 2013 (Version: 13.0.2904)
AVG 2013 (Version: 13.0.3162)
AVG 2013 (Version: 2013.0.2904)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Driver & Application Installation (Version: 6.12.0815)
Fake Alert Removal Tool (Version: 1.0)
FreeRide Games (Version: 07.05.80.00)
Google Chrome (Version: 26.0.1410.64)
Google Update Helper (Version: 1.3.21.135)
Intel AppUp(SM) center (Version: 3.6.1.33057.10)
Intel® Management Engine Components (Version: 8.1.0.1252)
Intel® Processor Graphics (Version: 9.17.10.2792)
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Lenovo Blacksilk USB Keyboard Driver (Version: V1.4.11.0608)
Lenovo Dependency Package (Version: 1.5.23.0)
Lenovo Power2Go (Version: 6.0.6418)
Lenovo PowerDVD10 (Version: 10.0.4126.52)
Lenovo Rescue System (Version: 4.0.0.0822)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
Nero Burning ROM 10 (Version: 10.2.11000.12.100)
Nero Burning ROM 10 (Version: 10.5.10300)
Nero BurningROM 10 Help (CHM) (Version: 10.5.10100)
Nero BurnRights 10 (Version: 4.2.10300.0.102)
Nero BurnRights 10 Help (CHM) (Version: 10.5.10000)
Nero Control Center 10 (Version: 10.2.10600.0.6)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.17400.8.2)
Nero Update (Version: 1.0.0018)
Nitro Pro 7 (Version: 7.4.1.21)
Picasa 3 (Version: 3.9)
Realtek Ethernet Controller Driver (Version: 8.2.612.2012)
Realtek High Definition Audio Driver (Version: 6.0.1.6649)
Realtek USB 2.0 Card Reader (Version: 6.1.8400.39030)
REALTEK Wireless LAN Driver (Version: 1.00.0187)
Shared C Run-time for x64 (Version: 10.0.0)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.5 (Version: 2.0.5)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 39%
Total physical RAM: 8081.61 MB
Available physical RAM: 4878.07 MB
Total Pagefile: 16273.61 MB
Available Pagefile: 12695.53 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.16 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows8_OS) (Fixed) (Total:905.25 GB) (Free:657.19 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\MARKANDAISHA
 
Administrator            Aisha                    Guest                    
Mark                     
 
 
**** End of log ****
 
 
Just going to run Adwcleaner.....


#4 Gully1974

Gully1974
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:36 PM

Posted 12 April 2013 - 02:40 PM

# AdwCleaner v2.200 - Logfile created 04/12/2013 at 20:35:59
# Updated 02/04/2013 by Xplode
# Operating system : Windows 8  (64 bits)
# User : Mark - MARKANDAISHA
# Boot Mode : Normal
# Running from : C:\Users\Mark\Desktop\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v10.0.9200.16537
 
[OK] Registry is clean.
 
-\\ Mozilla Firefox v20.0.1 (en-US)
 
File : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\k1qncnoj.default\prefs.js
 
[OK] File is clean.
 
File : C:\Users\Aisha\AppData\Roaming\Mozilla\Firefox\Profiles\006ixvfc.default\prefs.js
 
[OK] File is clean.
 
-\\ Google Chrome v26.0.1410.64
 
File : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
File : C:\Users\Aisha\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[S1].txt - [1140 octets] - [12/04/2013 20:35:59]
 
########## EOF - C:\AdwCleaner[S1].txt - [1200 octets] ##########


#5 Gully1974

Gully1974
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:36 PM

Posted 12 April 2013 - 03:13 PM

Still scanning with ESET online scanner at the moment ... will post the results when finished.



#6 Gully1974

Gully1974
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:36 PM

Posted 12 April 2013 - 03:44 PM

C:\Program Files (x86)\Fake Alert Removal Tool\FakeAlertRemovalTool.exe a variant of Win32/SecurityStronghold.A application cleaned by deleting - quarantined
C:\Users\Mark\Downloads\FakeAlertRemovalTool.exe multiple threats cleaned by deleting - quarantined
C:\Windows.old\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaggpjhmkdcbjahknefoeehgdgahpmc\1\5120f4f3aecab1.79685250.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Windows.old\Users\Mark\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DW5EBWIW\search_defender_166[1].exe a variant of Win32/SProtector.A application cleaned by deleting - quarantined
C:\Windows.old\Users\Mark\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DW5EBWIW\wsconduit__166[1].exe a variant of Win32/Amonetize.B application cleaned by deleting - quarantined
C:\Windows.old\Users\Mark\AppData\Roaming\SearchProtect\bin\ChromeModule.dll a variant of Win32/Conduit.SearchProtect.C application cleaned by deleting - quarantined
C:\Windows.old\Users\Mark\AppData\Roaming\SearchProtect\bin\cltmng.exe a variant of Win32/Conduit.SearchProtect.B application cleaned by deleting - quarantined
C:\Windows.old\Users\Mark\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll a variant of Win32/Conduit.SearchProtect.C application cleaned by deleting - quarantined
C:\Windows.old\Users\Mark\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll a variant of Win32/Conduit.SearchProtect.C application cleaned by deleting - quarantined
C:\Windows.old\Users\Mark\AppData\Roaming\SearchProtect\bin\SPHook32.dll probably a variant of Win32/Conduit.SearchProtect.C application cleaned by deleting - quarantined


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,590 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:36 AM

Posted 12 April 2013 - 04:56 PM

OK, thanks Gully.. looks like the ever usual I infected myself from a torrent d'load. :(
 
Protector.A does not spread automatically using its own means. It needs the attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.
http://www.pandasecurity.com/homeusers/security-info/209576/Protector.A

 

 

Please download [url="http://oldtimer.geekstogo.com/TFC.exe"]TFC[/url] (Temp File Cleaner) by Old Timer and save it to your desktop.
alternate download link

  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.


How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#8 Gully1974

Gully1974
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:36 PM

Posted 13 April 2013 - 02:07 AM

Thank you boopme, I have run the TFC.exe programme and I will report back if there are any repeats of the virus warning.  I have downloaded torrents onto this computer but I am usually very safe and cautious but I guess I wasn't as careful as I thought I was. :(



#9 Gully1974

Gully1974
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:36 PM

Posted 13 April 2013 - 03:02 AM

No, I have done all of that and am still getting the virus warnings from AVG :(



#10 Gully1974

Gully1974
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:36 PM

Posted 13 April 2013 - 02:34 PM

Thank you very much for your time and help, but is there anything else I can do to remove the virus warnings.  Thanks again and take care.



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,590 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:36 AM

Posted 13 April 2013 - 08:57 PM

Sorry had a long busy day. Appears your malware is protected. We can get ,just need a new topic and a DDS log.

 

Please follow this Preparation Guide Do steps 6,7, 8 and post in a new topic.

Let me know if all went well.


How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#12 Gully1974

Gully1974
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:36 PM

Posted 15 April 2013 - 11:41 AM

Have completed the DDS log and posted a new topic as suggested! Many thanks for your time.



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,590 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:36 AM

Posted 15 April 2013 - 01:50 PM

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 2 days and ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users