Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"winrscmde stopped working"


  • Please log in to reply
3 replies to this topic

#1 Zi Bronsley

Zi Bronsley

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 01 April 2012 - 11:50 AM

Thanks in advance for any help you can provide. I've been searching through the forums, and based on similar posts, I believe I've got a rootkit problem.

My computer is running Windows Vista Business, Service Pack 1, 64-bit OS; Intel Core 2 Duo CPU, 3 GHz; with 4 GB RAM

I've recently started getting a Windows pop-up warning with the message "winrscmde stopped working." Additional programs have also started closing with an error message at start-up (OpenOffice, AVG, etc,) and I got the blue screen of death today.

In similar posts, the posters were asked to run TDSSKiller and aswMBR, so I went ahead and ran those... If someone could decipher the logs for me I'd greatly appreciate it. Is my system clean, or are there additional steps to take? Thanks!

11:53:38.0642 2640 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
11:53:39.0167 2640 ============================================================
11:53:39.0167 2640 Current date / time: 2012/04/01 11:53:39.0166
11:53:39.0167 2640 SystemInfo:
11:53:39.0167 2640
11:53:39.0167 2640 OS Version: 6.0.6001 ServicePack: 1.0
11:53:39.0167 2640 Product type: Workstation
11:53:39.0167 2640 ComputerName: MILKSHAKE
11:53:39.0167 2640 UserName: speakeasyfx
11:53:39.0167 2640 Windows directory: C:\Windows
11:53:39.0167 2640 System windows directory: C:\Windows
11:53:39.0167 2640 Running under WOW64
11:53:39.0167 2640 Processor architecture: Intel x64
11:53:39.0167 2640 Number of processors: 2
11:53:39.0167 2640 Page size: 0x1000
11:53:39.0167 2640 Boot type: Normal boot
11:53:39.0167 2640 ============================================================
11:53:40.0664 2640 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:53:40.0688 2640 Drive \Device\Harddisk1\DR1 - Size: 0x7A1D2200 (1.91 Gb), SectorSize: 0x200, Cylinders: 0xF9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:53:40.0692 2640 \Device\Harddisk0\DR0:
11:53:40.0692 2640 MBR used
11:53:40.0692 2640 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0x94E2800
11:53:40.0692 2640 \Device\Harddisk1\DR1:
11:53:40.0693 2640 MBR used
11:53:40.0693 2640 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x6, StartLBA 0xF5, BlocksNum 0x3D070B
11:53:40.0730 2640 Initialize success
11:53:40.0730 2640 ============================================================
11:54:10.0534 1328 ============================================================
11:54:10.0534 1328 Scan started
11:54:10.0534 1328 Mode: Manual; TDLFS;
11:54:10.0534 1328 ============================================================
11:54:11.0621 1328 ACPI (8c99ed256a889d647935a97c543b7b85) C:\Windows\system32\drivers\acpi.sys
11:54:11.0626 1328 ACPI - ok
11:54:11.0776 1328 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:54:11.0777 1328 AdobeARMservice - ok
11:54:11.0932 1328 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
11:54:11.0940 1328 adp94xx - ok
11:54:11.0972 1328 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
11:54:11.0978 1328 adpahci - ok
11:54:12.0070 1328 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
11:54:12.0072 1328 adpu160m - ok
11:54:12.0142 1328 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
11:54:12.0145 1328 adpu320 - ok
11:54:12.0220 1328 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
11:54:12.0221 1328 AeLookupSvc - ok
11:54:12.0325 1328 AFD (db37041ab857abc7e179e856d8e1582c) C:\Windows\system32\drivers\afd.sys
11:54:12.0331 1328 AFD - ok
11:54:12.0467 1328 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
11:54:12.0468 1328 agp440 - ok
11:54:12.0548 1328 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
11:54:12.0550 1328 aic78xx - ok
11:54:12.0586 1328 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
11:54:12.0587 1328 ALG - ok
11:54:12.0721 1328 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
11:54:12.0722 1328 aliide - ok
11:54:12.0748 1328 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
11:54:12.0749 1328 amdide - ok
11:54:12.0809 1328 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
11:54:12.0810 1328 AmdK8 - ok
11:54:12.0925 1328 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
11:54:12.0926 1328 Appinfo - ok
11:54:13.0053 1328 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:54:13.0054 1328 Apple Mobile Device - ok
11:54:13.0174 1328 AppMgmt (3da98c07b18a676180fe7eed924d1673) C:\Windows\System32\appmgmts.dll
11:54:13.0177 1328 AppMgmt - ok
11:54:13.0237 1328 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
11:54:13.0240 1328 arc - ok
11:54:13.0287 1328 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
11:54:13.0289 1328 arcsas - ok
11:54:13.0366 1328 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
11:54:13.0367 1328 AsyncMac - ok
11:54:13.0396 1328 atapi (1898fae8e07d97f2f6c2d5326c633fac) C:\Windows\system32\drivers\atapi.sys
11:54:13.0396 1328 atapi - ok
11:54:13.0515 1328 AudioEndpointBuilder (2a54b6a48ab6d2166271b05e9469326e) C:\Windows\System32\Audiosrv.dll
11:54:13.0517 1328 AudioEndpointBuilder - ok
11:54:13.0523 1328 AudioSrv (2a54b6a48ab6d2166271b05e9469326e) C:\Windows\System32\Audiosrv.dll
11:54:13.0525 1328 AudioSrv - ok
11:54:13.0791 1328 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
11:54:13.0826 1328 AVGIDSAgent - ok
11:54:13.0902 1328 AVGIDSDriver (fa46adf6e497cf185160f09e603ce2a3) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
11:54:13.0902 1328 AVGIDSDriver - ok
11:54:13.0956 1328 AVGIDSEH (d6b93e5d8b96a66f55a4d2ee7f24667c) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
11:54:13.0956 1328 AVGIDSEH - ok
11:54:13.0987 1328 AVGIDSFilter (ff6551f1ab0da3b30c9dec923f21b504) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
11:54:13.0988 1328 AVGIDSFilter - ok
11:54:14.0052 1328 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
11:54:14.0053 1328 Avgldx64 - ok
11:54:14.0147 1328 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
11:54:14.0148 1328 Avgmfx64 - ok
11:54:14.0221 1328 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
11:54:14.0230 1328 Avgrkx64 - ok
11:54:14.0283 1328 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
11:54:14.0285 1328 Avgtdia - ok
11:54:14.0440 1328 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
11:54:14.0441 1328 avgwd - ok
11:54:14.0603 1328 b57nd60a (1777e5ac9fc74f7991b2aba25ea34759) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:54:14.0606 1328 b57nd60a - ok
11:54:14.0693 1328 BFE (bc4737aaffa5964e4f8827c9b8c0eb8e) C:\Windows\System32\bfe.dll
11:54:14.0699 1328 BFE - ok
11:54:14.0826 1328 BITS (d896a0d43f8ab81ecb1fc6c24decfd58) C:\Windows\System32\qmgr.dll
11:54:14.0839 1328 BITS - ok
11:54:14.0873 1328 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
11:54:14.0874 1328 blbdrive - ok
11:54:14.0996 1328 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
11:54:14.0998 1328 Bonjour Service - ok
11:54:15.0071 1328 bowser (8b2b19031d0aeade6e1b933df1acba7e) C:\Windows\system32\DRIVERS\bowser.sys
11:54:15.0073 1328 bowser - ok
11:54:15.0130 1328 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
11:54:15.0131 1328 BrFiltLo - ok
11:54:15.0154 1328 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
11:54:15.0155 1328 BrFiltUp - ok
11:54:15.0224 1328 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
11:54:15.0234 1328 Browser - ok
11:54:15.0315 1328 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
11:54:15.0317 1328 Brserid - ok
11:54:15.0334 1328 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
11:54:15.0335 1328 BrSerWdm - ok
11:54:15.0355 1328 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
11:54:15.0356 1328 BrUsbMdm - ok
11:54:15.0372 1328 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
11:54:15.0373 1328 BrUsbSer - ok
11:54:15.0500 1328 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
11:54:15.0501 1328 BTHMODEM - ok
11:54:15.0531 1328 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
11:54:15.0532 1328 cdfs - ok
11:54:15.0563 1328 cdrom (3b2fb35363423ed60c8fbf15fc8680bd) C:\Windows\system32\DRIVERS\cdrom.sys
11:54:15.0565 1328 cdrom - ok
11:54:15.0644 1328 CertPropSvc (edfffc8b6afb609bf33dbe0a900426b6) C:\Windows\System32\certprop.dll
11:54:15.0646 1328 CertPropSvc - ok
11:54:15.0713 1328 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
11:54:15.0714 1328 circlass - ok
11:54:15.0748 1328 CLFS (caeda2572b7042b11062f327f099251d) C:\Windows\system32\CLFS.sys
11:54:15.0753 1328 CLFS - ok
11:54:16.0044 1328 CLHNServiceForPowerDVD12 (2454cf8626b183d023d47feeb17285b5) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
11:54:16.0045 1328 CLHNServiceForPowerDVD12 - ok
11:54:16.0173 1328 clr_optimization_v2.0.50727_32 (a4af4201bd519971f8f34724f3ca9dbb) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:54:16.0175 1328 clr_optimization_v2.0.50727_32 - ok
11:54:16.0220 1328 clr_optimization_v2.0.50727_64 (0ee3f378dff6a8f0a122b5bfb6f2d9e5) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:54:16.0222 1328 clr_optimization_v2.0.50727_64 - ok
11:54:16.0332 1328 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
11:54:16.0333 1328 cmdide - ok
11:54:16.0376 1328 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
11:54:16.0377 1328 Compbatt - ok
11:54:16.0383 1328 COMSysApp - ok
11:54:16.0422 1328 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
11:54:16.0423 1328 crcdisk - ok
11:54:16.0501 1328 CryptSvc (4374f784121d8b3bb466b03f5e5ebd33) C:\Windows\system32\cryptsvc.dll
11:54:16.0503 1328 CryptSvc - ok
11:54:16.0569 1328 CSC (a25e4dd707714da07fe1febf1dc91d86) C:\Windows\system32\drivers\csc.sys
11:54:16.0576 1328 CSC - ok
11:54:16.0668 1328 CscService (06af83c429743f3b85f1224c50254bef) C:\Windows\System32\cscsvc.dll
11:54:16.0677 1328 CscService - ok
11:54:16.0892 1328 CyberLink PowerDVD 12 Media Server Monitor Service (d392f813979ec80efa16a79eeeaac8af) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
11:54:16.0893 1328 CyberLink PowerDVD 12 Media Server Monitor Service - ok
11:54:16.0913 1328 CyberLink PowerDVD 12 Media Server Service (f5e32a49478a509eb8215171d8e187bc) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
11:54:16.0915 1328 CyberLink PowerDVD 12 Media Server Service - ok
11:54:17.0047 1328 DcomLaunch (ff27be0ba7b3c48d5c99afcb56d436c2) C:\Windows\system32\rpcss.dll
11:54:17.0056 1328 DcomLaunch - ok
11:54:17.0090 1328 DfsC (bd4acc56e477ad7419cbe90fceeb621b) C:\Windows\system32\Drivers\dfsc.sys
11:54:17.0092 1328 DfsC - ok
11:54:17.0182 1328 DFSR (1781f99840979ee7b126c9073c377fd0) C:\Windows\system32\DFSR.exe
11:54:17.0219 1328 DFSR - ok
11:54:17.0401 1328 Dhcp (fdaa0edfcfb70cd529589ad654651b40) C:\Windows\System32\dhcpcsvc.dll
11:54:17.0405 1328 Dhcp - ok
11:54:17.0452 1328 disk (2dc415fc05fb8a079f896cbbacb19324) C:\Windows\system32\drivers\disk.sys
11:54:17.0453 1328 disk - ok
11:54:17.0471 1328 Dnscache (93ce26dbed3182634f18dd2fe10e41be) C:\Windows\System32\dnsrslvr.dll
11:54:17.0473 1328 Dnscache - ok
11:54:17.0485 1328 dot3svc (cc661867677627f2911c2a4970dee0f1) C:\Windows\System32\dot3svc.dll
11:54:17.0488 1328 dot3svc - ok
11:54:17.0603 1328 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
11:54:17.0606 1328 DPS - ok
11:54:17.0689 1328 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
11:54:17.0690 1328 drmkaud - ok
11:54:17.0755 1328 DXGKrnl (645b6c9dad903edde4703cb76929b7dc) C:\Windows\System32\drivers\dxgkrnl.sys
11:54:17.0759 1328 DXGKrnl - ok
11:54:17.0862 1328 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
11:54:17.0865 1328 E1G60 - ok
11:54:17.0983 1328 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
11:54:17.0985 1328 EapHost - ok
11:54:18.0064 1328 Ecache (7343d950a34a95dcb7441642e3e6beef) C:\Windows\system32\drivers\ecache.sys
11:54:18.0067 1328 Ecache - ok
11:54:18.0104 1328 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
11:54:18.0109 1328 elxstor - ok
11:54:18.0155 1328 EMDMgmt (31272dd1f13ee5031af1e3ea054fd92c) C:\Windows\system32\emdmgmt.dll
11:54:18.0162 1328 EMDMgmt - ok
11:54:18.0325 1328 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
11:54:18.0326 1328 ErrDev - ok
11:54:18.0372 1328 EventSystem (d8338e6b3c23ad36096a6fdabd039283) C:\Windows\system32\es.dll
11:54:18.0377 1328 EventSystem - ok
11:54:18.0517 1328 exfat (2a546b9a84658b0554b1ec35cd9adaf5) C:\Windows\system32\drivers\exfat.sys
11:54:18.0520 1328 exfat - ok
11:54:18.0567 1328 fastfat (fe731d345ed9eeabbc72a59b35941834) C:\Windows\system32\drivers\fastfat.sys
11:54:18.0570 1328 fastfat - ok
11:54:18.0617 1328 Fax (989a776a2ff32a148fcf15c44058b129) C:\Windows\system32\fxssvc.exe
11:54:18.0626 1328 Fax - ok
11:54:18.0907 1328 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
11:54:18.0908 1328 fdc - ok
11:54:18.0946 1328 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
11:54:18.0947 1328 fdPHost - ok
11:54:19.0006 1328 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
11:54:19.0007 1328 FDResPub - ok
11:54:19.0069 1328 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
11:54:19.0070 1328 FileInfo - ok
11:54:19.0098 1328 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
11:54:19.0099 1328 Filetrace - ok
11:54:19.0235 1328 FLEXnet Licensing Service 64 (5cee6cd43ae5844c49300ea0b1e557ee) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
11:54:19.0250 1328 FLEXnet Licensing Service 64 - ok
11:54:19.0342 1328 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
11:54:19.0343 1328 flpydisk - ok
11:54:19.0378 1328 FltMgr (7dacf1a3a4219575070c6dc7c957428a) C:\Windows\system32\drivers\fltmgr.sys
11:54:19.0381 1328 FltMgr - ok
11:54:19.0449 1328 FontCache3.0.0.0 (3a8059e00c155283323cf57f998a73e0) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:54:19.0451 1328 FontCache3.0.0.0 - ok
11:54:19.0560 1328 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
11:54:19.0561 1328 Fs_Rec - ok
11:54:19.0596 1328 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
11:54:19.0598 1328 gagp30kx - ok
11:54:19.0653 1328 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:54:19.0654 1328 GEARAspiWDM - ok
11:54:19.0695 1328 gpsvc (9e5b254d58232ec8921ec3c5a94c81ed) C:\Windows\System32\gpsvc.dll
11:54:19.0704 1328 gpsvc - ok
11:54:19.0826 1328 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
11:54:19.0831 1328 HdAudAddService - ok
11:54:19.0845 1328 HDAudBus (0c0d0f8a3ff09ecc81963d09ec6a0a84) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:54:19.0845 1328 HDAudBus - ok
11:54:19.0875 1328 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
11:54:19.0876 1328 HidBth - ok
11:54:19.0900 1328 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
11:54:19.0901 1328 HidIr - ok
11:54:19.0941 1328 hidserv (0aa154538544e988429da2d5aa803a6c) C:\Windows\system32\hidserv.dll
11:54:19.0942 1328 hidserv - ok
11:54:20.0031 1328 HidUsb (128e2da8483fdd4dd0c7b3f9abd6f323) C:\Windows\system32\DRIVERS\hidusb.sys
11:54:20.0032 1328 HidUsb - ok
11:54:20.0067 1328 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
11:54:20.0069 1328 hkmsvc - ok
11:54:20.0150 1328 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
11:54:20.0151 1328 HpCISSs - ok
11:54:20.0218 1328 HTTP (7c39506bc3be2b77b7671bb320fdb736) C:\Windows\system32\drivers\HTTP.sys
11:54:20.0225 1328 HTTP - ok
11:54:20.0254 1328 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
11:54:20.0255 1328 i2omp - ok
11:54:20.0319 1328 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
11:54:20.0332 1328 i8042prt - ok
11:54:20.0382 1328 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
11:54:20.0387 1328 iaStorV - ok
11:54:20.0522 1328 idsvc (f8e071cd7b92e81a2c64d860347eda1e) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:54:20.0532 1328 idsvc - ok
11:54:20.0610 1328 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
11:54:20.0611 1328 iirsp - ok
11:54:20.0685 1328 IKEEXT (3a3b232140c33376e134e7b61a0eaa44) C:\Windows\System32\ikeext.dll
11:54:20.0753 1328 IKEEXT - ok
11:54:20.0879 1328 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
11:54:20.0880 1328 intelide - ok
11:54:20.0917 1328 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
11:54:20.0918 1328 intelppm - ok
11:54:20.0945 1328 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
11:54:20.0946 1328 IPBusEnum - ok
11:54:20.0968 1328 IpFilterDriver (99b821f5bebd6a3cc3fe564f802ae0fd) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:54:20.0970 1328 IpFilterDriver - ok
11:54:21.0019 1328 iphlpsvc (82efc3d6d161dd874f1203c5f60f623c) C:\Windows\System32\iphlpsvc.dll
11:54:21.0022 1328 iphlpsvc - ok
11:54:21.0054 1328 IpInIp - ok
11:54:21.0085 1328 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
11:54:21.0087 1328 IPMIDRV - ok
11:54:21.0110 1328 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
11:54:21.0112 1328 IPNAT - ok
11:54:21.0175 1328 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
11:54:21.0180 1328 iPod Service - ok
11:54:21.0244 1328 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
11:54:21.0245 1328 IRENUM - ok
11:54:21.0328 1328 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
11:54:21.0329 1328 isapnp - ok
11:54:21.0390 1328 iScsiPrt (49e4ccbf74783fce5d2cc1ff6480e1f4) C:\Windows\system32\DRIVERS\msiscsi.sys
11:54:21.0391 1328 iScsiPrt - ok
11:54:21.0468 1328 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
11:54:21.0470 1328 iteatapi - ok
11:54:21.0588 1328 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
11:54:21.0590 1328 iteraid - ok
11:54:21.0618 1328 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
11:54:21.0619 1328 kbdclass - ok
11:54:21.0654 1328 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
11:54:21.0655 1328 kbdhid - ok
11:54:21.0723 1328 KeyIso (1b461e9f6db0ef829b4369f47a24bbec) C:\Windows\system32\lsass.exe
11:54:21.0724 1328 KeyIso - ok
11:54:21.0769 1328 KSecDD (a6f636c447cf3def5f50018f0c0e1aae) C:\Windows\system32\Drivers\ksecdd.sys
11:54:21.0776 1328 KSecDD - ok
11:54:21.0815 1328 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
11:54:21.0817 1328 ksthunk - ok
11:54:21.0888 1328 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
11:54:21.0894 1328 KtmRm - ok
11:54:21.0933 1328 LanmanServer (6f212edd7aae8bd905c9e8824a34f8ae) C:\Windows\system32\srvsvc.dll
11:54:21.0934 1328 LanmanServer - ok
11:54:22.0024 1328 LanmanWorkstation (d81690276c9e06a50d398cd1ae3c89ab) C:\Windows\System32\wkssvc.dll
11:54:22.0028 1328 LanmanWorkstation - ok
11:54:22.0099 1328 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
11:54:22.0100 1328 lltdio - ok
11:54:22.0179 1328 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
11:54:22.0184 1328 lltdsvc - ok
11:54:22.0211 1328 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
11:54:22.0212 1328 lmhosts - ok
11:54:22.0277 1328 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
11:54:22.0279 1328 LSI_FC - ok
11:54:22.0336 1328 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
11:54:22.0338 1328 LSI_SAS - ok
11:54:22.0402 1328 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
11:54:22.0416 1328 LSI_SCSI - ok
11:54:22.0470 1328 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
11:54:22.0472 1328 luafv - ok
11:54:22.0572 1328 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
11:54:22.0575 1328 McComponentHostService - ok
11:54:22.0707 1328 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
11:54:22.0708 1328 megasas - ok
11:54:22.0765 1328 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
11:54:22.0771 1328 MegaSR - ok
11:54:22.0815 1328 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
11:54:22.0817 1328 MMCSS - ok
11:54:22.0905 1328 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
11:54:22.0906 1328 Modem - ok
11:54:22.0971 1328 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
11:54:22.0972 1328 monitor - ok
11:54:22.0984 1328 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
11:54:22.0984 1328 mouclass - ok
11:54:23.0082 1328 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
11:54:23.0082 1328 mouhid - ok
11:54:23.0113 1328 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
11:54:23.0115 1328 MountMgr - ok
11:54:23.0174 1328 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
11:54:23.0198 1328 mpio - ok
11:54:23.0444 1328 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
11:54:23.0449 1328 mpsdrv - ok
11:54:23.0524 1328 MpsSvc (8a670648c755867a3aa38da50ba569aa) C:\Windows\system32\mpssvc.dll
11:54:23.0532 1328 MpsSvc - ok
11:54:23.0572 1328 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
11:54:23.0573 1328 Mraid35x - ok
11:54:23.0600 1328 MRxDAV (fe2706c15f8345c342820e4e4583fea0) C:\Windows\system32\drivers\mrxdav.sys
11:54:23.0602 1328 MRxDAV - ok
11:54:23.0660 1328 mrxsmb (8e01ed1d845b0dac094a9be50d426187) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:54:23.0662 1328 mrxsmb - ok
11:54:23.0673 1328 mrxsmb10 (7aca70376a4eca01a8e02957e55d2710) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:54:23.0677 1328 mrxsmb10 - ok
11:54:23.0685 1328 mrxsmb20 (168da84ebf8afbc6e8f8ee229cc6dc9f) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:54:23.0687 1328 mrxsmb20 - ok
11:54:23.0764 1328 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
11:54:23.0764 1328 msahci - ok
11:54:23.0793 1328 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
11:54:23.0795 1328 msdsm - ok
11:54:23.0887 1328 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
11:54:23.0889 1328 MSDTC - ok
11:54:23.0921 1328 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
11:54:23.0922 1328 Msfs - ok
11:54:24.0004 1328 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
11:54:24.0004 1328 msisadrv - ok
11:54:24.0093 1328 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
11:54:24.0096 1328 MSiSCSI - ok
11:54:24.0103 1328 msiserver - ok
11:54:24.0153 1328 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
11:54:24.0154 1328 MSKSSRV - ok
11:54:24.0229 1328 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
11:54:24.0230 1328 MSPCLOCK - ok
11:54:24.0329 1328 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
11:54:24.0330 1328 MSPQM - ok
11:54:24.0365 1328 MsRPC (b8e32e6103fbba9fbb1d0c11ff0d13b5) C:\Windows\system32\drivers\MsRPC.sys
11:54:24.0370 1328 MsRPC - ok
11:54:24.0381 1328 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
11:54:24.0381 1328 mssmbios - ok
11:54:24.0495 1328 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
11:54:24.0496 1328 MSTEE - ok
11:54:24.0633 1328 Mup (ddf133501f68d6988a0f55dfa88637b4) C:\Windows\system32\Drivers\mup.sys
11:54:24.0634 1328 Mup - ok
11:54:24.0676 1328 napagent (c25022cdd18980846973b598900915f8) C:\Windows\system32\qagentRT.dll
11:54:24.0683 1328 napagent - ok
11:54:24.0781 1328 NativeWifiP (7c81124ea83cca576558371c6ac0896d) C:\Windows\system32\DRIVERS\nwifi.sys
11:54:24.0784 1328 NativeWifiP - ok
11:54:24.0883 1328 NDIS (2a2ee457af36c5c9a6808c768bd3a12b) C:\Windows\system32\drivers\ndis.sys
11:54:24.0886 1328 NDIS - ok
11:54:24.0902 1328 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
11:54:24.0903 1328 NdisTapi - ok
11:54:24.0944 1328 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
11:54:24.0945 1328 Ndisuio - ok
11:54:24.0965 1328 NdisWan (52e3e8e35101399be9b2938c992aa087) C:\Windows\system32\DRIVERS\ndiswan.sys
11:54:24.0968 1328 NdisWan - ok
11:54:25.0027 1328 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
11:54:25.0028 1328 NDProxy - ok
11:54:25.0042 1328 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
11:54:25.0043 1328 NetBIOS - ok
11:54:25.0084 1328 netbt (7a29ca243a629230799754162d80120f) C:\Windows\system32\DRIVERS\netbt.sys
11:54:25.0087 1328 netbt - ok
11:54:25.0114 1328 Netlogon (1b461e9f6db0ef829b4369f47a24bbec) C:\Windows\system32\lsass.exe
11:54:25.0115 1328 Netlogon - ok
11:54:25.0184 1328 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
11:54:25.0189 1328 Netman - ok
11:54:25.0206 1328 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
11:54:25.0212 1328 netprofm - ok
11:54:25.0276 1328 NetTcpPortSharing (f9102685f97f9ba85f4a70afcf722cfe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:54:25.0278 1328 NetTcpPortSharing - ok
11:54:25.0332 1328 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
11:54:25.0333 1328 nfrd960 - ok
11:54:25.0408 1328 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
11:54:25.0412 1328 NlaSvc - ok
11:54:25.0437 1328 Npfs (b06154e2a2c91e9be5599fca53bc4cd0) C:\Windows\system32\drivers\Npfs.sys
11:54:25.0438 1328 Npfs - ok
11:54:25.0458 1328 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
11:54:25.0459 1328 nsi - ok
11:54:25.0488 1328 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
11:54:25.0498 1328 nsiproxy - ok
11:54:25.0597 1328 Ntfs (fe86ba5ac3b50e2ca911e9c60c07b638) C:\Windows\system32\drivers\Ntfs.sys
11:54:25.0615 1328 Ntfs - ok
11:54:25.0851 1328 ntk_PowerDVD12 (eaac965642ef5f818aed508cadf83e4b) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys
11:54:25.0852 1328 ntk_PowerDVD12 - ok
11:54:25.0970 1328 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
11:54:25.0971 1328 Null - ok
11:54:26.0202 1328 nvlddmkm (1781b464e94788aa8b561904d808fd3a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:54:26.0246 1328 nvlddmkm - ok
11:54:26.0472 1328 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
11:54:26.0475 1328 nvraid - ok
11:54:26.0522 1328 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
11:54:26.0539 1328 nvstor - ok
11:54:26.0613 1328 nvsvc (9bcd72ef23cd9b4f22c1e2a00e2007a3) C:\Windows\system32\nvvsvc.exe
11:54:26.0619 1328 nvsvc - ok
11:54:26.0757 1328 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
11:54:26.0759 1328 nv_agp - ok
11:54:26.0786 1328 NwlnkFlt - ok
11:54:26.0794 1328 NwlnkFwd - ok
11:54:26.0884 1328 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys
11:54:26.0886 1328 ohci1394 - ok
11:54:26.0936 1328 p2pimsvc (430f35c5592d253f43a26b4f5a523dbf) C:\Windows\system32\p2psvc.dll
11:54:26.0946 1328 p2pimsvc - ok
11:54:26.0958 1328 p2psvc (430f35c5592d253f43a26b4f5a523dbf) C:\Windows\system32\p2psvc.dll
11:54:26.0962 1328 p2psvc - ok
11:54:27.0083 1328 Parport (4c6a7fd04ddf4db88791048382e3edb1) C:\Windows\system32\DRIVERS\parport.sys
11:54:27.0085 1328 Parport - ok
11:54:27.0118 1328 partmgr (5ab40c36894f4c06bdab0c9a2fba282d) C:\Windows\system32\drivers\partmgr.sys
11:54:27.0119 1328 partmgr - ok
11:54:27.0147 1328 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
11:54:27.0149 1328 PcaSvc - ok
11:54:27.0203 1328 pci (2a5b2a51559066ea84742909b5b2cd69) C:\Windows\system32\drivers\pci.sys
11:54:27.0205 1328 pci - ok
11:54:27.0235 1328 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
11:54:27.0236 1328 pciide - ok
11:54:27.0286 1328 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
11:54:27.0290 1328 pcmcia - ok
11:54:27.0339 1328 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
11:54:27.0347 1328 PEAUTH - ok
11:54:27.0394 1328 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
11:54:27.0395 1328 PerfHost - ok
11:54:27.0491 1328 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
11:54:27.0506 1328 pla - ok
11:54:27.0562 1328 PlugPlay (5aaa0c5534b05ed49919fcd9dbd11a5b) C:\Windows\system32\umpnpmgr.dll
11:54:27.0567 1328 PlugPlay - ok
11:54:27.0653 1328 PNRPAutoReg (430f35c5592d253f43a26b4f5a523dbf) C:\Windows\system32\p2psvc.dll
11:54:27.0657 1328 PNRPAutoReg - ok
11:54:27.0667 1328 PNRPsvc (430f35c5592d253f43a26b4f5a523dbf) C:\Windows\system32\p2psvc.dll
11:54:27.0671 1328 PNRPsvc - ok
11:54:27.0715 1328 PolicyAgent (93edfb7be39dc47645069b4890b2ce7e) C:\Windows\System32\ipsecsvc.dll
11:54:27.0723 1328 PolicyAgent - ok
11:54:27.0760 1328 PptpMiniport (f5739f2c6db2534c384ad5150808e8f5) C:\Windows\system32\DRIVERS\raspptp.sys
11:54:27.0762 1328 PptpMiniport - ok
11:54:27.0832 1328 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
11:54:27.0833 1328 Processor - ok
11:54:27.0873 1328 ProfSvc (b21fe10dad3ab59e78df7aa3fbf41e70) C:\Windows\system32\profsvc.dll
11:54:27.0876 1328 ProfSvc - ok
11:54:27.0905 1328 ProtectedStorage (1b461e9f6db0ef829b4369f47a24bbec) C:\Windows\system32\lsass.exe
11:54:27.0906 1328 ProtectedStorage - ok
11:54:27.0938 1328 PSched (ce3aecb2bf2c377380ee028864841f4e) C:\Windows\system32\DRIVERS\pacer.sys
11:54:27.0941 1328 PSched - ok
11:54:28.0084 1328 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
11:54:28.0085 1328 PxHlpa64 - ok
11:54:28.0131 1328 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
11:54:28.0145 1328 ql2300 - ok
11:54:28.0199 1328 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
11:54:28.0201 1328 ql40xx - ok
11:54:28.0298 1328 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
11:54:28.0302 1328 QWAVE - ok
11:54:28.0320 1328 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
11:54:28.0321 1328 QWAVEdrv - ok
11:54:28.0337 1328 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
11:54:28.0338 1328 RasAcd - ok
11:54:28.0357 1328 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
11:54:28.0359 1328 RasAuto - ok
11:54:28.0398 1328 Rasl2tp (3b9085f91ef00abd15a6f36570e90e12) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:54:28.0465 1328 Rasl2tp - ok
11:54:28.0613 1328 RasMan (2a63d46b01685fd4be9778ca3c231c2d) C:\Windows\System32\rasmans.dll
11:54:28.0618 1328 RasMan - ok
11:54:28.0634 1328 RasPppoe (2ce1703c27196094fb6e4c6e439f2c21) C:\Windows\system32\DRIVERS\raspppoe.sys
11:54:28.0635 1328 RasPppoe - ok
11:54:28.0716 1328 RasSstp (fcd04fa67e8b40fa0ad361dd38593942) C:\Windows\system32\DRIVERS\rassstp.sys
11:54:28.0717 1328 RasSstp - ok
11:54:28.0780 1328 rdbss (33fa5b6136d92ee0f53f021c79091300) C:\Windows\system32\DRIVERS\rdbss.sys
11:54:28.0785 1328 rdbss - ok
11:54:28.0795 1328 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:54:28.0796 1328 RDPCDD - ok
11:54:28.0813 1328 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\DRIVERS\rdpdr.sys
11:54:28.0818 1328 rdpdr - ok
11:54:28.0838 1328 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
11:54:28.0839 1328 RDPENCDD - ok
11:54:28.0872 1328 RDPWD (7747082f672aa2846235c9cea42e2e72) C:\Windows\system32\drivers\RDPWD.sys
11:54:28.0876 1328 RDPWD - ok
11:54:28.0958 1328 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
11:54:28.0960 1328 RemoteAccess - ok
11:54:28.0993 1328 RemoteRegistry (416c611369cbe49074b89cee2f83abef) C:\Windows\system32\regsvc.dll
11:54:28.0997 1328 RemoteRegistry - ok
11:54:29.0014 1328 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
11:54:29.0015 1328 RpcLocator - ok
11:54:29.0128 1328 RpcSs (ff27be0ba7b3c48d5c99afcb56d436c2) C:\Windows\system32\rpcss.dll
11:54:29.0131 1328 RpcSs - ok
11:54:29.0168 1328 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
11:54:29.0169 1328 rspndr - ok
11:54:29.0250 1328 RTL8192su (56e8dba585f8164e12cb2beca4c04e7b) C:\Windows\system32\DRIVERS\RTL8192su.sys
11:54:29.0253 1328 RTL8192su - ok
11:54:29.0322 1328 SamSs (1b461e9f6db0ef829b4369f47a24bbec) C:\Windows\system32\lsass.exe
11:54:29.0323 1328 SamSs - ok
11:54:29.0352 1328 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
11:54:29.0354 1328 sbp2port - ok
11:54:29.0396 1328 SCardSvr (f024d560fea06f8b56d673849eb89ae6) C:\Windows\System32\SCardSvr.dll
11:54:29.0400 1328 SCardSvr - ok
11:54:29.0449 1328 Schedule (c74c6c01353d87aafe1193b426d667b0) C:\Windows\system32\schedsvc.dll
11:54:29.0454 1328 Schedule - ok
11:54:29.0483 1328 SCPolicySvc (edfffc8b6afb609bf33dbe0a900426b6) C:\Windows\System32\certprop.dll
11:54:29.0484 1328 SCPolicySvc - ok
11:54:29.0540 1328 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
11:54:29.0543 1328 SDRSVC - ok
11:54:29.0584 1328 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:54:29.0585 1328 secdrv - ok
11:54:29.0612 1328 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
11:54:29.0614 1328 seclogon - ok
11:54:29.0630 1328 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
11:54:29.0632 1328 SENS - ok
11:54:29.0657 1328 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
11:54:29.0658 1328 Serenum - ok
11:54:29.0713 1328 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
11:54:29.0714 1328 Serial - ok
11:54:29.0758 1328 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
11:54:29.0760 1328 sermouse - ok
11:54:29.0786 1328 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
11:54:29.0787 1328 SessionEnv - ok
11:54:29.0819 1328 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
11:54:29.0820 1328 sffdisk - ok
11:54:29.0834 1328 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
11:54:29.0835 1328 sffp_mmc - ok
11:54:29.0853 1328 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
11:54:29.0854 1328 sffp_sd - ok
11:54:29.0930 1328 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
11:54:29.0931 1328 sfloppy - ok
11:54:29.0973 1328 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
11:54:29.0978 1328 SharedAccess - ok
11:54:30.0055 1328 ShellHWDetection (eb3114330236cf030e8edf62881baf67) C:\Windows\System32\shsvcs.dll
11:54:30.0058 1328 ShellHWDetection - ok
11:54:30.0152 1328 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
11:54:30.0153 1328 SiSRaid2 - ok
11:54:30.0179 1328 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
11:54:30.0181 1328 SiSRaid4 - ok
11:54:30.0248 1328 slsvc (a301d2cefb4747dfe0c24425dcbe0b78) C:\Windows\system32\SLsvc.exe
11:54:30.0274 1328 slsvc - ok
11:54:30.0346 1328 SLUINotify (f5ddf7c0af85eb72cb295171f8c3cb35) C:\Windows\system32\SLUINotify.dll
11:54:30.0348 1328 SLUINotify - ok
11:54:30.0388 1328 Smb (41eb2e8e005feedcafce301983eff932) C:\Windows\system32\DRIVERS\smb.sys
11:54:30.0389 1328 Smb - ok
11:54:30.0439 1328 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
11:54:30.0441 1328 SNMPTRAP - ok
11:54:30.0456 1328 spldr (f9cb0672162f7f04248e2b82c1ff4617) C:\Windows\system32\drivers\spldr.sys
11:54:30.0456 1328 spldr - ok
11:54:30.0475 1328 Spooler (e6519a9e756d74dc51c697ba62162f51) C:\Windows\System32\spoolsv.exe
11:54:30.0479 1328 Spooler - ok
11:54:30.0561 1328 srv (b02f20d0d581496b826e21f8572c62b0) C:\Windows\system32\DRIVERS\srv.sys
11:54:30.0576 1328 srv - ok
11:54:30.0585 1328 srv2 (68dcd148225f40ef1cdf6cfc115cb6fe) C:\Windows\system32\DRIVERS\srv2.sys
11:54:30.0588 1328 srv2 - ok
11:54:30.0597 1328 srvnet (4d0858b640cdbcba671c5439a8ef45cb) C:\Windows\system32\DRIVERS\srvnet.sys
11:54:30.0599 1328 srvnet - ok
11:54:30.0633 1328 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
11:54:30.0635 1328 SSDPSRV - ok
11:54:30.0820 1328 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
11:54:30.0823 1328 SstpSvc - ok
11:54:30.0869 1328 stisvc (f14f7d7d68a66777fb999d5d0f21138d) C:\Windows\System32\wiaservc.dll
11:54:30.0877 1328 stisvc - ok
11:54:30.0924 1328 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
11:54:30.0925 1328 swenum - ok
11:54:31.0092 1328 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:54:31.0095 1328 SwitchBoard - ok
11:54:31.0159 1328 swprv (da34d6eb4a3154c0bebaeb0a2483ef3e) C:\Windows\System32\swprv.dll
11:54:31.0196 1328 swprv - ok
11:54:31.0275 1328 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
11:54:31.0276 1328 Symc8xx - ok
11:54:31.0296 1328 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
11:54:31.0297 1328 Sym_hi - ok
11:54:31.0361 1328 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
11:54:31.0362 1328 Sym_u3 - ok
11:54:31.0437 1328 SysMain (bea0d5521ed21df8f6ffeed86daede7b) C:\Windows\system32\sysmain.dll
11:54:31.0447 1328 SysMain - ok
11:54:31.0489 1328 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
11:54:31.0491 1328 TabletInputService - ok
11:54:31.0624 1328 TapiSrv (52091001caf20ae84cf47023ee21b4bb) C:\Windows\System32\tapisrv.dll
11:54:31.0627 1328 TapiSrv - ok
11:54:31.0636 1328 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
11:54:31.0638 1328 TBS - ok
11:54:31.0820 1328 Tcpip (7a1183fbb802f5abad7fa18bc67e0858) C:\Windows\system32\drivers\tcpip.sys
11:54:31.0836 1328 Tcpip - ok
11:54:31.0944 1328 Tcpip6 (7a1183fbb802f5abad7fa18bc67e0858) C:\Windows\system32\DRIVERS\tcpip.sys
11:54:31.0950 1328 Tcpip6 - ok
11:54:32.0043 1328 tcpipreg (c29d4b3b08ad0b7e8564814e4ff6a57b) C:\Windows\system32\drivers\tcpipreg.sys
11:54:32.0044 1328 tcpipreg - ok
11:54:32.0070 1328 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
11:54:32.0071 1328 TDPIPE - ok
11:54:32.0122 1328 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
11:54:32.0124 1328 TDTCP - ok
11:54:32.0161 1328 tdx (8c39c72e0e853de04748c0337d9b9216) C:\Windows\system32\DRIVERS\tdx.sys
11:54:32.0163 1328 tdx - ok
11:54:32.0214 1328 TermDD (3f0ebf6ee609f2a276c0d5faf244ec90) C:\Windows\system32\DRIVERS\termdd.sys
11:54:32.0214 1328 TermDD - ok
11:54:32.0255 1328 TermService (f870a5589d6a94b426efb13689023946) C:\Windows\System32\termsrv.dll
11:54:32.0258 1328 TermService - ok
11:54:32.0305 1328 Themes (eb3114330236cf030e8edf62881baf67) C:\Windows\system32\shsvcs.dll
11:54:32.0307 1328 Themes - ok
11:54:32.0364 1328 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
11:54:32.0365 1328 THREADORDER - ok
11:54:32.0382 1328 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
11:54:32.0383 1328 TrkWks - ok
11:54:32.0422 1328 TrustedInstaller (ac6ff1df22ed90bad6417ee5a4c6e2f0) C:\Windows\servicing\TrustedInstaller.exe
11:54:32.0423 1328 TrustedInstaller - ok
11:54:32.0523 1328 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:54:32.0524 1328 tssecsrv - ok
11:54:32.0652 1328 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
11:54:32.0653 1328 tunmp - ok
11:54:32.0748 1328 tunnel (f6a4fba7c03ac2efd00f3301c0c1e067) C:\Windows\system32\DRIVERS\tunnel.sys
11:54:32.0749 1328 tunnel - ok
11:54:32.0784 1328 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
11:54:32.0786 1328 uagp35 - ok
11:54:32.0862 1328 udfs (eca6629e33f122afff18a2ab7c3eb033) C:\Windows\system32\DRIVERS\udfs.sys
11:54:32.0866 1328 udfs - ok
11:54:32.0918 1328 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
11:54:32.0920 1328 UI0Detect - ok
11:54:32.0957 1328 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
11:54:32.0959 1328 uliagpkx - ok
11:54:33.0032 1328 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
11:54:33.0036 1328 uliahci - ok
11:54:33.0098 1328 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
11:54:33.0100 1328 UlSata - ok
11:54:33.0155 1328 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
11:54:33.0158 1328 ulsata2 - ok
11:54:33.0183 1328 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
11:54:33.0184 1328 umbus - ok
11:54:33.0232 1328 UmRdpService (658c50524e470516067708babfb08738) C:\Windows\System32\umrdp.dll
11:54:33.0236 1328 UmRdpService - ok
11:54:33.0256 1328 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
11:54:33.0258 1328 upnphost - ok
11:54:33.0389 1328 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
11:54:33.0391 1328 usbccgp - ok
11:54:33.0511 1328 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
11:54:33.0513 1328 usbcir - ok
11:54:33.0567 1328 usbehci (da6d8d8ed0a53c63ac6f4bd40fe83fbe) C:\Windows\system32\DRIVERS\usbehci.sys
11:54:33.0568 1328 usbehci - ok
11:54:33.0844 1328 usbhub (99045369ae3216216573d0775fd7ed56) C:\Windows\system32\DRIVERS\usbhub.sys
11:54:33.0848 1328 usbhub - ok
11:54:34.0046 1328 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
11:54:34.0047 1328 usbohci - ok
11:54:34.0088 1328 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys
11:54:34.0089 1328 usbprint - ok
11:54:34.0162 1328 USBSTOR (586d9876a4945779c8eea926c0d16889) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:54:34.0163 1328 USBSTOR - ok
11:54:34.0196 1328 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
11:54:34.0197 1328 usbuhci - ok
11:54:34.0234 1328 UxSms (9190f03c82547afa87367f1ceca88f3b) C:\Windows\System32\uxsms.dll
11:54:34.0236 1328 UxSms - ok
11:54:34.0273 1328 vds (c15a4a550cba7b9f1f68b72528e04ce1) C:\Windows\System32\vds.exe
11:54:34.0279 1328 vds - ok
11:54:34.0384 1328 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
11:54:34.0385 1328 vga - ok
11:54:34.0422 1328 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
11:54:34.0423 1328 VgaSave - ok
11:54:34.0479 1328 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
11:54:34.0480 1328 viaide - ok
11:54:34.0544 1328 volmgr (793d9b32a1c462c91f6f70358283ac97) C:\Windows\system32\drivers\volmgr.sys
11:54:34.0545 1328 volmgr - ok
11:54:34.0647 1328 volmgrx (5aa217da5dc4ff5b9ac9ab86563b3223) C:\Windows\system32\drivers\volmgrx.sys
11:54:34.0653 1328 volmgrx - ok
11:54:34.0712 1328 volsnap (de4307412d98050239026e56a7dff3c0) C:\Windows\system32\drivers\volsnap.sys
11:54:34.0716 1328 volsnap - ok
11:54:34.0774 1328 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
11:54:34.0776 1328 vsmraid - ok
11:54:34.0836 1328 VSS (186bd53f8a408ad20f5a056c05678629) C:\Windows\system32\vssvc.exe
11:54:34.0852 1328 VSS - ok
11:54:35.0123 1328 vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
11:54:35.0128 1328 vToolbarUpdater10.2.0 - ok
11:54:35.0199 1328 W32Time (ba29f34a61cb55c0dee29e787542edf4) C:\Windows\system32\w32time.dll
11:54:35.0202 1328 W32Time - ok
11:54:35.0245 1328 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
11:54:35.0246 1328 WacomPen - ok
11:54:35.0271 1328 Wanarp (aea75207e443c8623c36b8d03596f84f) C:\Windows\system32\DRIVERS\wanarp.sys
11:54:35.0273 1328 Wanarp - ok
11:54:35.0276 1328 Wanarpv6 (aea75207e443c8623c36b8d03596f84f) C:\Windows\system32\DRIVERS\wanarp.sys
11:54:35.0276 1328 Wanarpv6 - ok
11:54:35.0315 1328 wbengine (54d1827975afd9bc391343c357b9ea06) C:\Windows\system32\wbengine.exe
11:54:35.0329 1328 wbengine - ok
11:54:35.0416 1328 wcncsvc (055449247c490e24b968b44fe8a969eb) C:\Windows\System32\wcncsvc.dll
11:54:35.0424 1328 wcncsvc - ok
11:54:35.0448 1328 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
11:54:35.0450 1328 WcsPlugInService - ok
11:54:35.0526 1328 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
11:54:35.0527 1328 Wd - ok
11:54:35.0658 1328 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
11:54:35.0668 1328 Wdf01000 - ok
11:54:35.0707 1328 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
11:54:35.0709 1328 WdiServiceHost - ok
11:54:35.0712 1328 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
11:54:35.0713 1328 WdiSystemHost - ok
11:54:35.0730 1328 WebClient (3d4ab55f8178fd0cd3ca45cd0ec9cf5b) C:\Windows\System32\webclnt.dll
11:54:35.0733 1328 WebClient - ok
11:54:35.0787 1328 Wecsvc (bd9a749f36710ffa02e0e530f7451936) C:\Windows\system32\wecsvc.dll
11:54:35.0791 1328 Wecsvc - ok
11:54:35.0827 1328 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
11:54:35.0829 1328 wercplsupport - ok
11:54:35.0841 1328 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
11:54:35.0844 1328 WerSvc - ok
11:54:35.0890 1328 WinDefend - ok
11:54:35.0894 1328 WinHttpAutoProxySvc - ok
11:54:35.0967 1328 Winmgmt (ac98f38feab066a8f983d54ff3f4fd4c) C:\Windows\system32\wbem\WMIsvc.dll
11:54:35.0970 1328 Winmgmt - ok
11:54:36.0042 1328 WinRM (aeb6c5200fd5517f06076af0ee4538e1) C:\Windows\system32\WsmSvc.dll
11:54:36.0055 1328 WinRM - ok
11:54:36.0152 1328 Wlansvc (05477e53b7b529435026f705b4235324) C:\Windows\System32\wlansvc.dll
11:54:36.0265 1328 Wlansvc - ok
11:54:36.0454 1328 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
11:54:36.0455 1328 WmiAcpi - ok
11:54:36.0551 1328 wmiApSrv (d303322dd577c3deda1251ed2e7a496c) C:\Windows\system32\wbem\WmiApSrv.exe
11:54:36.0554 1328 wmiApSrv - ok
11:54:36.0596 1328 WMPNetworkSvc - ok
11:54:36.0634 1328 WPDBusEnum (a27c8f92d84e2ddc151978e4692c978e) C:\Windows\system32\wpdbusenum.dll
11:54:36.0637 1328 WPDBusEnum - ok
11:54:36.0737 1328 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
11:54:36.0738 1328 ws2ifsl - ok
11:54:36.0775 1328 wscsvc (cb8ea6d95949384925ccfca21cc6dfd8) C:\Windows\System32\wscsvc.dll
11:54:36.0778 1328 wscsvc - ok
11:54:36.0814 1328 WSearch - ok
11:54:36.0888 1328 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
11:54:36.0915 1328 wuauserv - ok
11:54:37.0053 1328 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:54:37.0055 1328 WUDFRd - ok
11:54:37.0084 1328 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
11:54:37.0086 1328 wudfsvc - ok
11:54:37.0354 1328 {329F96B6-DF1E-4328-BFDA-39EA953C1312} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl
11:54:37.0355 1328 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
11:54:37.0370 1328 MBR (0x1B8) (e9f67288208d53ef770f82e186904857) \Device\Harddisk0\DR0
11:54:37.0401 1328 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
11:54:37.0401 1328 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
11:54:37.0440 1328 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:54:37.0440 1328 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:54:37.0444 1328 MBR (0x1B8) (06449e7c4af0550b77e260798769aa40) \Device\Harddisk1\DR1
11:54:37.0601 1328 \Device\Harddisk1\DR1 - ok
11:54:37.0609 1328 Boot (0x1200) (c628819a554bff4616f1679353a7ee34) \Device\Harddisk0\DR0\Partition0
11:54:37.0610 1328 \Device\Harddisk0\DR0\Partition0 - ok
11:54:37.0613 1328 Boot (0x1200) (651d5487b47286e1c60ca7e0ce7759bf) \Device\Harddisk1\DR1\Partition0
11:54:37.0615 1328 \Device\Harddisk1\DR1\Partition0 - ok
11:54:37.0615 1328 ============================================================
11:54:37.0615 1328 Scan finished
11:54:37.0615 1328 ============================================================
11:54:37.0619 2568 Detected object count: 2
11:54:37.0619 2568 Actual detected object count: 2
11:55:26.0352 2568 \Device\Harddisk0\DR0\# - copied to quarantine
11:55:26.0353 2568 \Device\Harddisk0\DR0 - copied to quarantine
11:55:26.0390 2568 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
11:55:26.0392 2568 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
11:55:26.0399 2568 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
11:55:26.0405 2568 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
11:55:26.0429 2568 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
11:55:26.0439 2568 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
11:55:26.0440 2568 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
11:55:26.0440 2568 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
11:55:26.0442 2568 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
11:55:26.0444 2568 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
11:55:26.0447 2568 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
11:55:26.0448 2568 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
11:55:26.0483 2568 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
11:55:26.0484 2568 \Device\Harddisk0\DR0 - ok
11:55:28.0335 2568 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
11:55:28.0335 2568 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:55:28.0335 2568 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
11:55:36.0694 3000 Deinitialize success


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-01 12:06:50
-----------------------------
12:06:50.178 OS Version: Windows x64 6.0.6001 Service Pack 1
12:06:50.178 Number of processors: 2 586 0x170A
12:06:50.178 ComputerName: MILKSHAKE UserName:
12:06:51.828 Initialize success
12:07:53.553 AVAST engine defs: 12040100
12:08:27.593 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:08:27.595 Disk 0 Vendor: Hitachi_HDS721680PLA380 P21OABNA Size: 76293MB BusType: 3
12:08:27.711 Disk 0 MBR read successfully
12:08:27.712 Disk 0 MBR scan
12:08:27.715 Disk 0 Windows VISTA default MBR code
12:08:27.716 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 62 MB offset 63
12:08:27.724 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 76229 MB offset 129024
12:08:27.748 Disk 0 scanning C:\Windows\system32\drivers
12:08:35.739 Service scanning
12:08:59.638 Modules scanning
12:08:59.641 Disk 0 trace - called modules:
12:08:59.655 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
12:08:59.656 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80054d9230]
12:08:59.660 3 CLASSPNP.SYS[fffffa6000fceb3a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80047f24b0]
12:09:00.388 AVAST engine scan C:\Windows
12:09:02.099 AVAST engine scan C:\Windows\system32
12:11:19.665 AVAST engine scan C:\Windows\system32\drivers
12:11:29.403 AVAST engine scan C:\Users\speakeasyfx
12:18:30.334 AVAST engine scan C:\ProgramData
12:21:06.970 Scan finished successfully
12:33:45.405 Disk 0 MBR has been saved successfully to "C:\Users\speakeasyfx\Documents\MBR.dat"
12:33:45.407 The log file has been saved successfully to "C:\Users\speakeasyfx\Documents\aswMBR.txt"

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:38 AM

Posted 01 April 2012 - 01:56 PM

Very good,you should free from the error now

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#3 Zi Bronsley

Zi Bronsley
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 07 April 2012 - 05:16 PM

Sorry for the delayed response. Thanks for your help!

Ran Malwarebytes Anti-Malware. Showed one trojan, removed it. Restarted PC, ran the Anti-Malware scan again, showed a clean log.

ESET online scanner results...

C:\TDSSKiller_Quarantine\01.04.2012_11.53.39\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\01.04.2012_11.53.39\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\01.04.2012_11.53.39\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\01.04.2012_11.53.39\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AG trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\01.04.2012_11.53.39\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.KS trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\01.04.2012_11.53.39\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AF trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\01.04.2012_11.53.39\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\01.04.2012_11.53.39\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined

Mini Toolbox results...

MiniToolBox by Farbar Version: 18-01-2012
Ran by speakeasyfx (administrator) on 07-04-2012 at 18:10:48
Microsoft® Windows Vista™ Business Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Belkin USB Wireless Adaptor = Wireless Network Connection (Connected)
Broadcom NetXtreme Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=192.168.10.1
add address name="Local Area Connection" address=192.168.10.69


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : milkshake
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : speakeasyfx.com

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Belkin USB Wireless Adaptor
Physical Address. . . . . . . . . : 94-44-52-AC-6A-3B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::491d:5e9:9db5:108a%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.70(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, April 07, 2012 3:48:43 PM
Lease Expires . . . . . . . . . . : Sunday, April 08, 2012 3:48:42 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-22-19-1E-00-77
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.speakeasyfx.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:486:1fbd:3f57:feb9(Preferred)
Link-local IPv6 Address . . . . . : fe80::486:1fbd:3f57:feb9%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D5B6E186-9656-47FC-9C2E-0D7BC094938E}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{BCBAE8E4-49DB-4A10-B98B-4D1EA34835FF}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.70%15(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: Cisco.Home
Address: 192.168.1.254

DNS request timed out.
timeout was 2 seconds.
Name: google.com.speakeasyfx.com
Address: 72.47.228.243



Pinging google.com [72.47.228.243] with 32 bytes of data:

Reply from 72.47.228.243: bytes=32 time=100ms TTL=47

Reply from 72.47.228.243: bytes=32 time=100ms TTL=47



Ping statistics for 72.47.228.243:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 100ms, Maximum = 100ms, Average = 100ms

Server: Cisco.Home
Address: 192.168.1.254

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com.speakeasyfx.com
Address: 72.47.228.243



Pinging yahoo.com [72.47.228.243] with 32 bytes of data:

Reply from 72.47.228.243: bytes=32 time=102ms TTL=47

Request timed out.



Ping statistics for 72.47.228.243:

Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),

Approximate round trip times in milli-seconds:

Minimum = 102ms, Maximum = 102ms, Average = 102ms

Server: Cisco.Home
Address: 192.168.1.254

DNS request timed out.
timeout was 2 seconds.
Name: bleepingcomputer.com.speakeasyfx.com
Address: 72.47.228.243



Pinging bleepingcomputer.com [72.47.228.243] with 32 bytes of data:

Reply from 72.47.228.243: bytes=32 time=101ms TTL=47

Reply from 72.47.228.243: bytes=32 time=100ms TTL=47



Ping statistics for 72.47.228.243:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 100ms, Maximum = 101ms, Average = 100ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
14 ...94 44 52 ac 6a 3b ...... Belkin USB Wireless Adaptor
10 ...00 22 19 1e 00 77 ...... Broadcom NetXtreme Gigabit Ethernet
1 ........................... Software Loopback Interface 1
11 ...00 00 00 00 00 00 00 e0 isatap.speakeasyfx.com
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
13 ...00 00 00 00 00 00 00 e0 isatap.{D5B6E186-9656-47FC-9C2E-0D7BC094938E}
15 ...00 00 00 00 00 00 00 e0 isatap.{BCBAE8E4-49DB-4A10-B98B-4D1EA34835FF}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.70 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.70 281
192.168.1.70 255.255.255.255 On-link 192.168.1.70 281
192.168.1.255 255.255.255.255 On-link 192.168.1.70 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.70 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.70 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.10.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 18 ::/0 On-link
1 306 ::1/128 On-link
12 18 2001::/32 On-link
12 266 2001:0:4137:9e76:486:1fbd:3f57:feb9/128
On-link
14 281 fe80::/64 On-link
12 266 fe80::/64 On-link
15 286 fe80::5efe:192.168.1.70/128
On-link
12 266 fe80::486:1fbd:3f57:feb9/128
On-link
14 281 fe80::491d:5e9:9db5:108a/128
On-link
1 306 ff00::/8 On-link
12 266 ff00::/8 On-link
14 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/07/2012 04:59:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error: (04/07/2012 04:58:56 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error: (04/07/2012 02:24:33 PM) (Source: Perflib) (User: )
Description: PolicyAgent4

Error: (04/07/2012 02:24:33 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (04/07/2012 02:24:33 PM) (Source: Perflib) (User: )
Description: EmdCache4

Error: (04/07/2012 00:54:45 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 24338402

Error: (04/07/2012 00:54:45 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 24338402

Error: (04/07/2012 00:54:45 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/07/2012 00:54:44 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 24337373

Error: (04/07/2012 00:54:44 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 24337373


System errors:
=============
Error: (04/07/2012 03:48:39 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (04/07/2012 02:19:21 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (04/07/2012 02:15:17 PM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 192.168.1.68 with the system
having network hardware address 8C-58-77-39-3A-24. Network operations on this system may
be disrupted as a result.

Error: (04/06/2012 01:30:39 AM) (Source: Service Control Manager) (User: )
Description: CyberLink PowerDVD 12 Media Server Monitor Service

Error: (04/06/2012 01:30:38 AM) (Source: Service Control Manager) (User: )
Description: CyberLink PowerDVD 12 Media Server Service

Error: (04/06/2012 01:15:52 AM) (Source: DCOM) (User: )
Description: {0002DF01-0000-0000-C000-000000000046}

Error: (04/06/2012 01:11:58 AM) (Source: Service Control Manager) (User: )
Description: CyberLink PowerDVD 12 Media Server Monitor Service

Error: (04/06/2012 01:11:57 AM) (Source: Service Control Manager) (User: )
Description: CyberLink PowerDVD 12 Media Server Service

Error: (04/06/2012 01:04:24 AM) (Source: Service Control Manager) (User: )
Description: CyberLink PowerDVD 12 Media Server Monitor Service

Error: (04/06/2012 01:04:24 AM) (Source: Service Control Manager) (User: )
Description: CyberLink PowerDVD 12 Media Server Service


Microsoft Office Sessions:
=========================
Error: (04/07/2012 04:59:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifestC:\Users\speakeasyfx\Downloads\esetsmartinstaller_enu.exe

Error: (04/07/2012 04:58:56 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifestC:\Users\speakeasyfx\Downloads\esetsmartinstaller_enu.exe

Error: (04/07/2012 02:24:33 PM) (Source: Perflib)(User: )
Description: PolicyAgent4

Error: (04/07/2012 02:24:33 PM) (Source: Perflib)(User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (04/07/2012 02:24:33 PM) (Source: Perflib)(User: )
Description: EmdCache4

Error: (04/07/2012 00:54:45 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 24338402

Error: (04/07/2012 00:54:45 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 24338402

Error: (04/07/2012 00:54:45 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/07/2012 00:54:44 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 24337373

Error: (04/07/2012 00:54:44 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 24337373


=========================== Installed Programs ============================

Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.228)
Apple Mobile Device Support (Version: 4.0.0.97)
Autodesk DirectConnect 2010 R1 (64-bit) (Version: 4.0.296.0)
Autodesk DirectConnect 2012 64-bit (Version: 6.0.443.0)
Autodesk MatchMover 2011 64-bit (Version: 13.00.0000)
Autodesk MatchMover 2012 64-bit (Version: 14.00.0000)
Autodesk Maya 2011 64-bit (Version: 13.00.0000)
Autodesk Maya 2011 English Documentation 64-bit (Version: 13.0)
Autodesk Maya 2012 64-bit (Version: 14.0.0.0)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2409)
AVG 2012 (Version: 2012.0.1913)
Bonjour (Version: 3.0.0.10)
Composite 2011 (64-bit) (Version: 6.0.0)
Composite 2012 64-bit (Version: 7.0.0)
Dropbox (Version: 1.2.52)
Google Chrome (Version: 18.0.1025.151)
iTunes (Version: 10.5.3.3)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
NVIDIA Drivers (Version: 1.3)
NVIDIA nView Desktop Manager
NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit (Version: 2.60.0216.1828)
Python 2.6 (64-bit) (Version: 2.6.150)
Python 2.6 pywin32-212
WinRAR 4.01 (64-bit) (Version: 4.01.0)

========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 4028.71 MB
Available physical RAM: 2304.22 MB
Total Pagefile: 8240.73 MB
Available Pagefile: 6517.23 MB
Total Virtual: 4095.88 MB
Available Virtual: 4000.71 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:74.44 GB) (Free:7.87 GB) NTFS
2 Drive d: (Castle_S3_D1_USA_DES) (CDROM) (Total:7.39 GB) (Free:0 GB) UDF
3 Drive g: (WD Passport) (Fixed) (Total:111.76 GB) (Free:33.67 GB) FAT32

========================= Users: ========================================

User accounts for \\MILKSHAKE

Administrator Guest speakeasyfx


**** End of log ****

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:38 AM

Posted 07 April 2012 - 11:26 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users