Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to remove Trojan Agent - svchost.exe


  • Please log in to reply
12 replies to this topic

#1 LadyPtero

LadyPtero

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:36 AM

Posted 12 April 2012 - 11:16 AM

Hi there - my computer is infected with a Trojan agent that has disguised itself as "svchost.exe". I am able to run a Malwarebytes scan which detects it each time, but is unable to remove it. It seems to occassionally cause a redirect in Google searches to various sites or a 404 error as well as sometimes just randomly restarting the computer and slowing it down. This started happening after I allowed Java to make an update. Based on a few articles I've read, all of the symptoms seem similar to the Flashback virus which has hit Macs, though my laptop is just a regular PC.

Any help is much appreciated!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:36 AM

Posted 12 April 2012 - 12:34 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 LadyPtero

LadyPtero
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:36 AM

Posted 12 April 2012 - 08:03 PM

TDSSkiller Log


20:37:05.0994 4512 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
20:37:06.0125 4512 ============================================================
20:37:06.0125 4512 Current date / time: 2012/04/12 20:37:06.0125
20:37:06.0125 4512 SystemInfo:
20:37:06.0125 4512
20:37:06.0125 4512 OS Version: 6.1.7600 ServicePack: 0.0
20:37:06.0125 4512 Product type: Workstation
20:37:06.0125 4512 ComputerName: DEE-PC
20:37:06.0125 4512 UserName: Dee
20:37:06.0125 4512 Windows directory: C:\Windows
20:37:06.0125 4512 System windows directory: C:\Windows
20:37:06.0125 4512 Running under WOW64
20:37:06.0125 4512 Processor architecture: Intel x64
20:37:06.0125 4512 Number of processors: 2
20:37:06.0125 4512 Page size: 0x1000
20:37:06.0125 4512 Boot type: Normal boot
20:37:06.0125 4512 ============================================================
20:37:06.0461 4512 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:37:06.0466 4512 \Device\Harddisk0\DR0:
20:37:06.0467 4512 MBR used
20:37:06.0467 4512 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
20:37:06.0467 4512 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23428800
20:37:06.0467 4512 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2348C800, BlocksNum 0x1FA1800
20:37:06.0669 4512 Initialize success
20:37:06.0669 4512 ============================================================
20:37:29.0302 1624 ============================================================
20:37:29.0302 1624 Scan started
20:37:29.0302 1624 Mode: Manual; TDLFS;
20:37:29.0307 1624 ============================================================
20:37:32.0066 1624 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
20:37:32.0069 1624 1394ohci - ok
20:37:32.0139 1624 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
20:37:32.0140 1624 Accelerometer - ok
20:37:32.0204 1624 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
20:37:32.0208 1624 ACPI - ok
20:37:32.0266 1624 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
20:37:32.0266 1624 AcpiPmi - ok
20:37:32.0323 1624 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:37:32.0327 1624 adp94xx - ok
20:37:32.0350 1624 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:37:32.0355 1624 adpahci - ok
20:37:32.0388 1624 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:37:32.0390 1624 adpu320 - ok
20:37:32.0420 1624 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:37:32.0421 1624 AeLookupSvc - ok
20:37:32.0489 1624 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
20:37:32.0490 1624 AESTFilters - ok
20:37:32.0571 1624 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
20:37:32.0576 1624 AFD - ok
20:37:32.0695 1624 AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
20:37:32.0696 1624 AgereModemAudio - ok
20:37:32.0766 1624 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\Windows\system32\DRIVERS\agrsm64.sys
20:37:32.0778 1624 AgereSoftModem - ok
20:37:32.0827 1624 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
20:37:32.0828 1624 agp440 - ok
20:37:32.0855 1624 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:37:32.0856 1624 ALG - ok
20:37:32.0920 1624 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
20:37:32.0921 1624 aliide - ok
20:37:32.0944 1624 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
20:37:32.0945 1624 amdide - ok
20:37:33.0008 1624 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:37:33.0009 1624 AmdK8 - ok
20:37:33.0053 1624 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:37:33.0054 1624 AmdPPM - ok
20:37:33.0106 1624 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
20:37:33.0108 1624 amdsata - ok
20:37:33.0166 1624 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:37:33.0168 1624 amdsbs - ok
20:37:33.0187 1624 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
20:37:33.0188 1624 amdxata - ok
20:37:33.0261 1624 ApfiltrService (05f1a0a81a98cf27e3f028213fb6c36a) C:\Windows\system32\DRIVERS\Apfiltr.sys
20:37:33.0264 1624 ApfiltrService - ok
20:37:33.0338 1624 AppHostSvc (03fbb7c5ea4ef153f10282614b9771cb) C:\Windows\system32\inetsrv\apphostsvc.dll
20:37:33.0340 1624 AppHostSvc - ok
20:37:33.0393 1624 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
20:37:33.0395 1624 AppID - ok
20:37:33.0426 1624 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:37:33.0427 1624 AppIDSvc - ok
20:37:33.0492 1624 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
20:37:33.0494 1624 Appinfo - ok
20:37:33.0670 1624 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:37:33.0672 1624 Apple Mobile Device - ok
20:37:33.0742 1624 Application Updater (efacaab066d923a10435cf87e8c4d280) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
20:37:33.0750 1624 Application Updater - ok
20:37:33.0819 1624 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:37:33.0821 1624 arc - ok
20:37:33.0834 1624 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:37:33.0836 1624 arcsas - ok
20:37:33.0925 1624 aswFsBlk (e6dee1ff3ec08c146ae607257b2ac25e) C:\Windows\system32\drivers\aswFsBlk.sys
20:37:33.0926 1624 aswFsBlk - ok
20:37:34.0002 1624 aswMonFlt (976e731bc951d76237e960fad7402741) C:\Windows\system32\drivers\aswMonFlt.sys
20:37:34.0004 1624 aswMonFlt - ok
20:37:34.0063 1624 aswRdr (10fde4d126dd0d09d59a84f703449244) C:\Windows\system32\drivers\aswRdr.sys
20:37:34.0064 1624 aswRdr - ok
20:37:34.0111 1624 aswSP (0211624896d0b05f24533540e22fc740) C:\Windows\system32\drivers\aswSP.sys
20:37:34.0113 1624 aswSP - ok
20:37:34.0146 1624 aswTdi (f0cdae379c90d6e1d873c10b5ca1af0c) C:\Windows\system32\drivers\aswTdi.sys
20:37:34.0147 1624 aswTdi - ok
20:37:34.0189 1624 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:37:34.0190 1624 AsyncMac - ok
20:37:34.0254 1624 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
20:37:34.0255 1624 atapi - ok
20:37:34.0319 1624 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
20:37:34.0326 1624 AudioEndpointBuilder - ok
20:37:34.0368 1624 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
20:37:34.0375 1624 AudioSrv - ok
20:37:34.0428 1624 avast! Antivirus (8aaa93cd13e379eb76fbef56ac77d4d4) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
20:37:34.0428 1624 avast! Antivirus - ok
20:37:34.0433 1624 avast! Mail Scanner (8aaa93cd13e379eb76fbef56ac77d4d4) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
20:37:34.0438 1624 avast! Mail Scanner - ok
20:37:34.0447 1624 avast! Web Scanner (8aaa93cd13e379eb76fbef56ac77d4d4) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
20:37:34.0448 1624 avast! Web Scanner - ok
20:37:34.0494 1624 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
20:37:34.0496 1624 AxInstSV - ok
20:37:34.0546 1624 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:37:34.0552 1624 b06bdrv - ok
20:37:34.0577 1624 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:37:34.0580 1624 b57nd60a - ok
20:37:34.0702 1624 BCM43XX (6c95dd14cfd30b0617b91dc6a0b1a1fb) C:\Windows\system32\DRIVERS\bcmwl664.sys
20:37:34.0731 1624 BCM43XX - ok
20:37:34.0751 1624 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:37:34.0753 1624 BDESVC - ok
20:37:34.0769 1624 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:37:34.0770 1624 Beep - ok
20:37:34.0829 1624 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
20:37:34.0840 1624 BFE - ok
20:37:34.0926 1624 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
20:37:34.0938 1624 BITS - ok
20:37:35.0002 1624 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:37:35.0003 1624 blbdrive - ok
20:37:35.0141 1624 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
20:37:35.0146 1624 Bonjour Service - ok
20:37:35.0204 1624 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
20:37:35.0205 1624 bowser - ok
20:37:35.0258 1624 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:37:35.0258 1624 BrFiltLo - ok
20:37:35.0317 1624 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:37:35.0317 1624 BrFiltUp - ok
20:37:35.0350 1624 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
20:37:35.0352 1624 Browser - ok
20:37:35.0390 1624 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:37:35.0393 1624 Brserid - ok
20:37:35.0407 1624 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:37:35.0408 1624 BrSerWdm - ok
20:37:35.0430 1624 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:37:35.0430 1624 BrUsbMdm - ok
20:37:35.0458 1624 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:37:35.0458 1624 BrUsbSer - ok
20:37:35.0490 1624 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:37:35.0492 1624 BTHMODEM - ok
20:37:35.0537 1624 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:37:35.0539 1624 bthserv - ok
20:37:35.0549 1624 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:37:35.0551 1624 cdfs - ok
20:37:35.0593 1624 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
20:37:35.0595 1624 cdrom - ok
20:37:35.0643 1624 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
20:37:35.0645 1624 CertPropSvc - ok
20:37:35.0696 1624 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:37:35.0696 1624 circlass - ok
20:37:35.0716 1624 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:37:35.0719 1624 CLFS - ok
20:37:35.0782 1624 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:37:35.0784 1624 clr_optimization_v2.0.50727_32 - ok
20:37:35.0817 1624 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:37:35.0819 1624 clr_optimization_v2.0.50727_64 - ok
20:37:35.0873 1624 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:37:35.0874 1624 CmBatt - ok
20:37:35.0900 1624 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
20:37:35.0901 1624 cmdide - ok
20:37:35.0936 1624 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
20:37:35.0941 1624 CNG - ok
20:37:36.0035 1624 Com4QLBEx (c7a0e61d5714ac20de52d4f66ec773b8) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
20:37:36.0037 1624 Com4QLBEx - ok
20:37:36.0104 1624 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:37:36.0105 1624 Compbatt - ok
20:37:36.0190 1624 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
20:37:36.0191 1624 CompositeBus - ok
20:37:36.0214 1624 COMSysApp - ok
20:37:36.0279 1624 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:37:36.0280 1624 crcdisk - ok
20:37:36.0353 1624 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
20:37:36.0356 1624 CryptSvc - ok
20:37:36.0421 1624 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
20:37:36.0429 1624 DcomLaunch - ok
20:37:36.0451 1624 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:37:36.0455 1624 defragsvc - ok
20:37:36.0509 1624 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
20:37:36.0510 1624 DfsC - ok
20:37:36.0530 1624 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
20:37:36.0534 1624 Dhcp - ok
20:37:36.0545 1624 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:37:36.0546 1624 discache - ok
20:37:36.0591 1624 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:37:36.0592 1624 Disk - ok
20:37:36.0622 1624 Dnscache (676108c4e3aa6f6b34633748bd0bebd9) C:\Windows\System32\dnsrslvr.dll
20:37:36.0625 1624 Dnscache - ok
20:37:36.0638 1624 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
20:37:36.0642 1624 dot3svc - ok
20:37:36.0670 1624 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
20:37:36.0673 1624 DPS - ok
20:37:36.0722 1624 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:37:36.0722 1624 drmkaud - ok
20:37:36.0772 1624 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
20:37:36.0782 1624 DXGKrnl - ok
20:37:36.0843 1624 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:37:36.0846 1624 EapHost - ok
20:37:36.0947 1624 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:37:36.0978 1624 ebdrv - ok
20:37:37.0012 1624 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
20:37:37.0014 1624 EFS - ok
20:37:37.0066 1624 ehRecvr (b91d81b3b54a54ccafc03733dbc2e29e) C:\Windows\ehome\ehRecvr.exe
20:37:37.0074 1624 ehRecvr - ok
20:37:37.0101 1624 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:37:37.0103 1624 ehSched - ok
20:37:37.0152 1624 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:37:37.0157 1624 elxstor - ok
20:37:37.0220 1624 enecir (a9ec08727c64d985678f5b64c03823f0) C:\Windows\system32\DRIVERS\enecir.sys
20:37:37.0222 1624 enecir - ok
20:37:37.0274 1624 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
20:37:37.0275 1624 ErrDev - ok
20:37:37.0373 1624 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:37:37.0379 1624 EventSystem - ok
20:37:37.0434 1624 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:37:37.0437 1624 exfat - ok
20:37:37.0503 1624 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:37:37.0505 1624 fastfat - ok
20:37:37.0591 1624 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
20:37:37.0599 1624 Fax - ok
20:37:37.0623 1624 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:37:37.0624 1624 fdc - ok
20:37:37.0663 1624 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:37:37.0665 1624 fdPHost - ok
20:37:37.0686 1624 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:37:37.0689 1624 FDResPub - ok
20:37:37.0709 1624 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:37:37.0710 1624 FileInfo - ok
20:37:37.0748 1624 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:37:37.0749 1624 Filetrace - ok
20:37:37.0768 1624 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:37:37.0769 1624 flpydisk - ok
20:37:37.0818 1624 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
20:37:37.0822 1624 FltMgr - ok
20:37:37.0872 1624 FontCache (8ac4cb4ea61e41009fae9ae7b2b5da3a) C:\Windows\system32\FntCache.dll
20:37:37.0885 1624 FontCache - ok
20:37:37.0963 1624 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:37:37.0964 1624 FontCache3.0.0.0 - ok
20:37:37.0984 1624 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:37:37.0985 1624 FsDepends - ok
20:37:38.0038 1624 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
20:37:38.0039 1624 Fs_Rec - ok
20:37:38.0127 1624 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
20:37:38.0130 1624 fvevol - ok
20:37:38.0169 1624 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:37:38.0170 1624 gagp30kx - ok
20:37:38.0220 1624 GameConsoleService (c44d560e441f091ea3b72f778ec60de2) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
20:37:38.0222 1624 GameConsoleService - ok
20:37:38.0293 1624 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:37:38.0294 1624 GEARAspiWDM - ok
20:37:38.0367 1624 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
20:37:38.0373 1624 gpsvc - ok
20:37:38.0469 1624 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:37:38.0471 1624 gusvc - ok
20:37:38.0511 1624 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:37:38.0512 1624 hcw85cir - ok
20:37:38.0633 1624 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
20:37:38.0636 1624 HdAudAddService - ok
20:37:38.0733 1624 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:37:38.0734 1624 HDAudBus - ok
20:37:38.0759 1624 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:37:38.0759 1624 HidBatt - ok
20:37:38.0794 1624 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:37:38.0795 1624 HidBth - ok
20:37:38.0873 1624 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:37:38.0873 1624 HidIr - ok
20:37:38.0928 1624 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:37:38.0928 1624 hidserv - ok
20:37:38.0968 1624 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
20:37:38.0968 1624 HidUsb - ok
20:37:38.0993 1624 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
20:37:38.0998 1624 hkmsvc - ok
20:37:39.0008 1624 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
20:37:39.0013 1624 HomeGroupListener - ok
20:37:39.0038 1624 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
20:37:39.0043 1624 HomeGroupProvider - ok
20:37:39.0178 1624 HP Health Check Service (be78357fb49759b79ccc01894bcfdddb) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
20:37:39.0178 1624 HP Health Check Service - ok
20:37:39.0243 1624 HPDrvMntSvc.exe (2dfb151fd34df104dac0adf070eda83c) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
20:37:39.0243 1624 HPDrvMntSvc.exe - ok
20:37:39.0288 1624 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
20:37:39.0288 1624 hpdskflt - ok
20:37:39.0353 1624 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
20:37:39.0353 1624 HpqKbFiltr - ok
20:37:39.0398 1624 hpqwmiex (184c500cb9f69585f3fe85e1d2667cd8) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
20:37:39.0403 1624 hpqwmiex - ok
20:37:39.0478 1624 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
20:37:39.0478 1624 HpSAMD - ok
20:37:39.0548 1624 hpsrv (aa036cc5f5221d9b915f4d4dce74ba9a) C:\Windows\system32\Hpservice.exe
20:37:39.0553 1624 hpsrv - ok
20:37:39.0633 1624 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
20:37:39.0638 1624 HTTP - ok
20:37:39.0773 1624 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
20:37:39.0773 1624 hwpolicy - ok
20:37:39.0828 1624 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
20:37:39.0828 1624 i8042prt - ok
20:37:39.0908 1624 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
20:37:39.0913 1624 iaStorV - ok
20:37:39.0979 1624 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:37:39.0979 1624 IDriverT - ok
20:37:40.0044 1624 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:37:40.0054 1624 idsvc - ok
20:37:40.0444 1624 igfx (3c3f27002abc69c5afe29cbe6cf7addf) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:37:40.0514 1624 igfx - ok
20:37:40.0554 1624 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:37:40.0554 1624 iirsp - ok
20:37:40.0594 1624 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
20:37:40.0604 1624 IKEEXT - ok
20:37:40.0669 1624 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys
20:37:40.0669 1624 IntcHdmiAddService - ok
20:37:40.0684 1624 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
20:37:40.0684 1624 intelide - ok
20:37:40.0734 1624 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:37:40.0734 1624 intelppm - ok
20:37:40.0754 1624 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:37:40.0754 1624 IPBusEnum - ok
20:37:40.0784 1624 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:37:40.0784 1624 IpFilterDriver - ok
20:37:40.0839 1624 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
20:37:40.0844 1624 iphlpsvc - ok
20:37:40.0864 1624 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
20:37:40.0869 1624 IPMIDRV - ok
20:37:40.0879 1624 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:37:40.0879 1624 IPNAT - ok
20:37:40.0974 1624 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
20:37:40.0984 1624 iPod Service - ok
20:37:41.0069 1624 iPodDrv (02def37ab75e0032c50724646f708de8) C:\Windows\system32\drivers\iPodDrv.sys
20:37:41.0069 1624 iPodDrv - ok
20:37:41.0119 1624 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:37:41.0119 1624 IRENUM - ok
20:37:41.0139 1624 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
20:37:41.0139 1624 isapnp - ok
20:37:41.0164 1624 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
20:37:41.0164 1624 iScsiPrt - ok
20:37:41.0229 1624 JMCR (f8844b00c10e386c704c610e95a9847d) C:\Windows\system32\DRIVERS\jmcr.sys
20:37:41.0234 1624 JMCR - ok
20:37:41.0279 1624 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:37:41.0279 1624 kbdclass - ok
20:37:41.0329 1624 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
20:37:41.0329 1624 kbdhid - ok
20:37:41.0354 1624 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
20:37:41.0354 1624 KeyIso - ok
20:37:41.0388 1624 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
20:37:41.0389 1624 KSecDD - ok
20:37:41.0405 1624 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys
20:37:41.0406 1624 KSecPkg - ok
20:37:41.0423 1624 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:37:41.0424 1624 ksthunk - ok
20:37:41.0444 1624 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:37:41.0448 1624 KtmRm - ok
20:37:41.0475 1624 LanmanServer (c926920b8978de6acfe9e15c709e9b57) C:\Windows\system32\srvsvc.dll
20:37:41.0478 1624 LanmanServer - ok
20:37:41.0508 1624 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
20:37:41.0511 1624 LanmanWorkstation - ok
20:37:41.0589 1624 LightScribeService (07b1888209c54b675ffccbde9f06d2c6) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:37:41.0590 1624 LightScribeService - ok
20:37:41.0698 1624 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:37:41.0700 1624 lltdio - ok
20:37:41.0785 1624 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:37:41.0789 1624 lltdsvc - ok
20:37:41.0810 1624 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:37:41.0811 1624 lmhosts - ok
20:37:41.0874 1624 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:37:41.0875 1624 LSI_FC - ok
20:37:42.0033 1624 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:37:42.0034 1624 LSI_SAS - ok
20:37:42.0049 1624 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:37:42.0049 1624 LSI_SAS2 - ok
20:37:42.0083 1624 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:37:42.0084 1624 LSI_SCSI - ok
20:37:42.0129 1624 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:37:42.0131 1624 luafv - ok
20:37:42.0158 1624 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
20:37:42.0160 1624 Mcx2Svc - ok
20:37:42.0186 1624 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:37:42.0186 1624 megasas - ok
20:37:42.0209 1624 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:37:42.0211 1624 MegaSR - ok
20:37:42.0316 1624 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
20:37:42.0317 1624 Microsoft Office Groove Audit Service - ok
20:37:42.0383 1624 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:37:42.0386 1624 MMCSS - ok
20:37:42.0449 1624 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:37:42.0450 1624 Modem - ok
20:37:42.0515 1624 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:37:42.0515 1624 monitor - ok
20:37:42.0560 1624 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:37:42.0562 1624 mouclass - ok
20:37:42.0571 1624 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:37:42.0572 1624 mouhid - ok
20:37:42.0604 1624 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
20:37:42.0605 1624 mountmgr - ok
20:37:42.0630 1624 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
20:37:42.0631 1624 mpio - ok
20:37:42.0651 1624 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:37:42.0652 1624 mpsdrv - ok
20:37:42.0707 1624 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
20:37:42.0714 1624 MpsSvc - ok
20:37:42.0739 1624 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
20:37:42.0740 1624 MRxDAV - ok
20:37:42.0785 1624 mrxsmb (cfdcd8ca87c2a657debc150ac35b5e08) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:37:42.0787 1624 mrxsmb - ok
20:37:42.0807 1624 mrxsmb10 (1bee517b220b7f024f411aec1571dd5a) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:37:42.0809 1624 mrxsmb10 - ok
20:37:42.0823 1624 mrxsmb20 (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:37:42.0825 1624 mrxsmb20 - ok
20:37:42.0838 1624 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
20:37:42.0839 1624 msahci - ok
20:37:42.0863 1624 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
20:37:42.0864 1624 msdsm - ok
20:37:42.0888 1624 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:37:42.0890 1624 MSDTC - ok
20:37:42.0918 1624 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:37:42.0919 1624 Msfs - ok
20:37:42.0937 1624 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:37:42.0937 1624 mshidkmdf - ok
20:37:42.0955 1624 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
20:37:42.0955 1624 msisadrv - ok
20:37:42.0982 1624 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:37:42.0984 1624 MSiSCSI - ok
20:37:42.0994 1624 msiserver - ok
20:37:43.0065 1624 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:37:43.0066 1624 MSKSSRV - ok
20:37:43.0123 1624 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:37:43.0124 1624 MSPCLOCK - ok
20:37:43.0132 1624 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:37:43.0133 1624 MSPQM - ok
20:37:43.0164 1624 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
20:37:43.0167 1624 MsRPC - ok
20:37:43.0238 1624 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
20:37:43.0239 1624 mssmbios - ok
20:37:43.0258 1624 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:37:43.0259 1624 MSTEE - ok
20:37:43.0274 1624 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:37:43.0275 1624 MTConfig - ok
20:37:43.0299 1624 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:37:43.0300 1624 Mup - ok
20:37:43.0332 1624 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
20:37:43.0337 1624 napagent - ok
20:37:43.0382 1624 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:37:43.0384 1624 NativeWifiP - ok
20:37:43.0455 1624 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
20:37:43.0462 1624 NDIS - ok
20:37:43.0531 1624 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:37:43.0532 1624 NdisCap - ok
20:37:43.0574 1624 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:37:43.0575 1624 NdisTapi - ok
20:37:43.0621 1624 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
20:37:43.0622 1624 Ndisuio - ok
20:37:43.0632 1624 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:37:43.0634 1624 NdisWan - ok
20:37:43.0647 1624 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
20:37:43.0648 1624 NDProxy - ok
20:37:43.0694 1624 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:37:43.0695 1624 NetBIOS - ok
20:37:43.0727 1624 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
20:37:43.0729 1624 NetBT - ok
20:37:43.0751 1624 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
20:37:43.0753 1624 Netlogon - ok
20:37:43.0803 1624 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:37:43.0807 1624 Netman - ok
20:37:43.0884 1624 NetMsmqActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:37:43.0886 1624 NetMsmqActivator - ok
20:37:43.0891 1624 NetPipeActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:37:43.0892 1624 NetPipeActivator - ok
20:37:43.0952 1624 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:37:43.0957 1624 netprofm - ok
20:37:43.0962 1624 NetTcpActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:37:43.0962 1624 NetTcpActivator - ok
20:37:43.0967 1624 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:37:43.0972 1624 NetTcpPortSharing - ok
20:37:44.0127 1624 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
20:37:44.0157 1624 netw5v64 - ok
20:37:44.0192 1624 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:37:44.0192 1624 nfrd960 - ok
20:37:44.0222 1624 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
20:37:44.0222 1624 NlaSvc - ok
20:37:44.0242 1624 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:37:44.0242 1624 Npfs - ok
20:37:44.0257 1624 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:37:44.0262 1624 nsi - ok
20:37:44.0292 1624 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:37:44.0292 1624 nsiproxy - ok
20:37:44.0347 1624 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
20:37:44.0367 1624 Ntfs - ok
20:37:44.0392 1624 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:37:44.0392 1624 Null - ok
20:37:44.0447 1624 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
20:37:44.0447 1624 nvraid - ok
20:37:44.0477 1624 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
20:37:44.0477 1624 nvstor - ok
20:37:44.0497 1624 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
20:37:44.0497 1624 nv_agp - ok
20:37:44.0577 1624 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:37:44.0577 1624 odserv - ok
20:37:44.0597 1624 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
20:37:44.0597 1624 ohci1394 - ok
20:37:44.0647 1624 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:37:44.0652 1624 ose - ok
20:37:44.0687 1624 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:37:44.0692 1624 p2pimsvc - ok
20:37:44.0717 1624 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:37:44.0717 1624 p2psvc - ok
20:37:44.0747 1624 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:37:44.0747 1624 Parport - ok
20:37:44.0777 1624 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
20:37:44.0777 1624 partmgr - ok
20:37:44.0792 1624 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:37:44.0792 1624 PcaSvc - ok
20:37:44.0812 1624 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
20:37:44.0812 1624 pci - ok
20:37:44.0827 1624 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
20:37:44.0827 1624 pciide - ok
20:37:44.0852 1624 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:37:44.0852 1624 pcmcia - ok
20:37:44.0877 1624 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:37:44.0877 1624 pcw - ok
20:37:44.0902 1624 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:37:44.0907 1624 PEAUTH - ok
20:37:44.0952 1624 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:37:44.0952 1624 PerfHost - ok
20:37:45.0012 1624 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
20:37:45.0022 1624 pla - ok
20:37:45.0072 1624 PlugPlay (23157d583244400e1d7fbaee2e4b31b7) C:\Windows\system32\umpnpmgr.dll
20:37:45.0072 1624 PlugPlay - ok
20:37:45.0107 1624 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:37:45.0107 1624 PNRPAutoReg - ok
20:37:45.0152 1624 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:37:45.0157 1624 PNRPsvc - ok
20:37:45.0192 1624 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
20:37:45.0197 1624 PolicyAgent - ok
20:37:45.0212 1624 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:37:45.0212 1624 Power - ok
20:37:45.0287 1624 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
20:37:45.0292 1624 PptpMiniport - ok
20:37:45.0322 1624 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:37:45.0322 1624 Processor - ok
20:37:45.0382 1624 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
20:37:45.0387 1624 ProfSvc - ok
20:37:45.0447 1624 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
20:37:45.0447 1624 ProtectedStorage - ok
20:37:45.0527 1624 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
20:37:45.0527 1624 Psched - ok
20:37:45.0567 1624 PxHlpa64 (a6bf0a9b5a30d743623ca0d3be35df05) C:\Windows\system32\Drivers\PxHlpa64.sys
20:37:45.0572 1624 PxHlpa64 - ok
20:37:45.0622 1624 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:37:45.0637 1624 ql2300 - ok
20:37:45.0662 1624 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:37:45.0662 1624 ql40xx - ok
20:37:45.0692 1624 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:37:45.0692 1624 QWAVE - ok
20:37:45.0712 1624 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:37:45.0712 1624 QWAVEdrv - ok
20:37:45.0732 1624 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:37:45.0732 1624 RasAcd - ok
20:37:45.0782 1624 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:37:45.0787 1624 RasAgileVpn - ok
20:37:45.0802 1624 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:37:45.0802 1624 RasAuto - ok
20:37:45.0822 1624 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:37:45.0822 1624 Rasl2tp - ok
20:37:45.0852 1624 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
20:37:45.0857 1624 RasMan - ok
20:37:45.0872 1624 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:37:45.0872 1624 RasPppoe - ok
20:37:45.0922 1624 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:37:45.0922 1624 RasSstp - ok
20:37:45.0937 1624 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
20:37:45.0942 1624 rdbss - ok
20:37:45.0972 1624 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:37:45.0972 1624 rdpbus - ok
20:37:45.0987 1624 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:37:45.0987 1624 RDPCDD - ok
20:37:46.0007 1624 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:37:46.0007 1624 RDPENCDD - ok
20:37:46.0032 1624 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:37:46.0037 1624 RDPREFMP - ok
20:37:46.0057 1624 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
20:37:46.0062 1624 RDPWD - ok
20:37:46.0082 1624 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
20:37:46.0082 1624 rdyboost - ok
20:37:46.0107 1624 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:37:46.0107 1624 RemoteAccess - ok
20:37:46.0182 1624 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:37:46.0187 1624 RemoteRegistry - ok
20:37:46.0312 1624 RichVideo (498eb62a160674e793fa40fd65390625) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
20:37:46.0312 1624 RichVideo - ok
20:37:46.0497 1624 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
20:37:46.0497 1624 RimUsb - ok
20:37:46.0642 1624 RimVSerPort (0de22421179d5a8440b68517ddf2b051) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
20:37:46.0642 1624 RimVSerPort - ok
20:37:46.0672 1624 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
20:37:46.0672 1624 ROOTMODEM - ok
20:37:46.0717 1624 Roxio UPnP Renderer 9 (afd61a7c48a3e15c86a6fadf0b69a2e4) C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
20:37:46.0717 1624 Roxio UPnP Renderer 9 - ok
20:37:46.0737 1624 Roxio Upnp Server 9 (efbb36e2bb02169d26e9980778fc20d3) C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe
20:37:46.0742 1624 Roxio Upnp Server 9 - ok
20:37:46.0787 1624 RoxLiveShare9 (272572b93ede9d44e8330a03d1b83092) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
20:37:46.0792 1624 RoxLiveShare9 - ok
20:37:46.0827 1624 RoxMediaDB9 (6ba45db2953d0fc7c8107b2e3024cb89) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
20:37:46.0842 1624 RoxMediaDB9 - ok
20:37:46.0872 1624 RoxWatch9 (c48eabb051422eb38adc9eabd47640b9) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
20:37:46.0872 1624 RoxWatch9 - ok
20:37:46.0972 1624 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:37:46.0977 1624 RpcEptMapper - ok
20:37:47.0017 1624 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:37:47.0022 1624 RpcLocator - ok
20:37:47.0067 1624 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
20:37:47.0077 1624 RpcSs - ok
20:37:47.0148 1624 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:37:47.0153 1624 rspndr - ok
20:37:47.0213 1624 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:37:47.0213 1624 RTL8167 - ok
20:37:47.0263 1624 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
20:37:47.0263 1624 SamSs - ok
20:37:47.0313 1624 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
20:37:47.0313 1624 sbp2port - ok
20:37:47.0398 1624 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:37:47.0403 1624 SCardSvr - ok
20:37:47.0463 1624 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
20:37:47.0463 1624 scfilter - ok
20:37:47.0508 1624 Schedule (ec56b171f85c7e855e7b0588ac503eea) C:\Windows\system32\schedsvc.dll
20:37:47.0518 1624 Schedule - ok
20:37:47.0583 1624 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
20:37:47.0583 1624 SCPolicySvc - ok
20:37:47.0658 1624 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
20:37:47.0658 1624 sdbus - ok
20:37:47.0723 1624 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
20:37:47.0728 1624 SDRSVC - ok
20:37:47.0783 1624 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:37:47.0783 1624 secdrv - ok
20:37:47.0803 1624 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
20:37:47.0803 1624 seclogon - ok
20:37:47.0828 1624 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:37:47.0833 1624 SENS - ok
20:37:47.0888 1624 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:37:47.0888 1624 SensrSvc - ok
20:37:47.0943 1624 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:37:47.0943 1624 Serenum - ok
20:37:47.0963 1624 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:37:47.0968 1624 Serial - ok
20:37:47.0998 1624 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:37:47.0998 1624 sermouse - ok
20:37:48.0043 1624 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
20:37:48.0048 1624 SessionEnv - ok
20:37:48.0073 1624 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
20:37:48.0073 1624 sffdisk - ok
20:37:48.0108 1624 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
20:37:48.0108 1624 sffp_mmc - ok
20:37:48.0123 1624 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
20:37:48.0123 1624 sffp_sd - ok
20:37:48.0148 1624 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:37:48.0148 1624 sfloppy - ok
20:37:48.0193 1624 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:37:48.0198 1624 SharedAccess - ok
20:37:48.0233 1624 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
20:37:48.0238 1624 ShellHWDetection - ok
20:37:48.0278 1624 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:37:48.0278 1624 SiSRaid2 - ok
20:37:48.0308 1624 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:37:48.0308 1624 SiSRaid4 - ok
20:37:48.0393 1624 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:37:48.0393 1624 Smb - ok
20:37:48.0443 1624 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:37:48.0443 1624 SNMPTRAP - ok
20:37:48.0548 1624 Sonexis Application Sharing Driver Service (660d32a9daf89e2aa794a49b72add8e2) C:\Program Files (x86)\Sonexis\ApplicationSharing\AppDriverService.exe
20:37:48.0548 1624 Sonexis Application Sharing Driver Service - ok
20:37:48.0593 1624 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:37:48.0593 1624 spldr - ok
20:37:48.0648 1624 Spooler (89e8550c5862999fcf482ea562b0e98e) C:\Windows\System32\spoolsv.exe
20:37:48.0653 1624 Spooler - ok
20:37:48.0813 1624 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
20:37:48.0853 1624 sppsvc - ok
20:37:48.0883 1624 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:37:48.0888 1624 sppuinotify - ok
20:37:48.0918 1624 srv (ec8f67289105bf270498095f14963464) C:\Windows\system32\DRIVERS\srv.sys
20:37:48.0923 1624 srv - ok
20:37:48.0958 1624 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys
20:37:48.0963 1624 srv2 - ok
20:37:48.0988 1624 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:37:48.0993 1624 SrvHsfHDA - ok
20:37:49.0043 1624 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:37:49.0058 1624 SrvHsfV92 - ok
20:37:49.0103 1624 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:37:49.0108 1624 SrvHsfWinac - ok
20:37:49.0193 1624 srvnet (26e84d3649019c3244622e654dfcd75b) C:\Windows\system32\DRIVERS\srvnet.sys
20:37:49.0193 1624 srvnet - ok
20:37:49.0303 1624 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:37:49.0308 1624 SSDPSRV - ok
20:37:49.0383 1624 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:37:49.0383 1624 SstpSvc - ok
20:37:49.0533 1624 STacSV (810199dcc3bdc38304d7d649992ea7bc) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
20:37:49.0533 1624 STacSV - ok
20:37:49.0633 1624 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:37:49.0633 1624 stexstor - ok
20:37:49.0843 1624 STHDA (ed1722f43ce61409ef68340402d6267d) C:\Windows\system32\DRIVERS\stwrt64.sys
20:37:49.0848 1624 STHDA - ok
20:37:49.0968 1624 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
20:37:49.0973 1624 stisvc - ok
20:37:50.0153 1624 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
20:37:50.0153 1624 swenum - ok
20:37:50.0233 1624 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:37:50.0243 1624 swprv - ok
20:37:50.0393 1624 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
20:37:50.0418 1624 SysMain - ok
20:37:50.0503 1624 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
20:37:50.0508 1624 TabletInputService - ok
20:37:50.0583 1624 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
20:37:50.0593 1624 TapiSrv - ok
20:37:50.0618 1624 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:37:50.0623 1624 TBS - ok
20:37:50.0698 1624 Tcpip (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\drivers\tcpip.sys
20:37:50.0713 1624 Tcpip - ok
20:37:50.0873 1624 TCPIP6 (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\DRIVERS\tcpip.sys
20:37:50.0893 1624 TCPIP6 - ok
20:37:50.0963 1624 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
20:37:50.0963 1624 tcpipreg - ok
20:37:51.0008 1624 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:37:51.0008 1624 TDPIPE - ok
20:37:51.0018 1624 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
20:37:51.0023 1624 TDTCP - ok
20:37:51.0093 1624 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
20:37:51.0093 1624 tdx - ok
20:37:51.0333 1624 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
20:37:51.0338 1624 TermDD - ok
20:37:51.0433 1624 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
20:37:51.0448 1624 TermService - ok
20:37:51.0528 1624 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:37:51.0533 1624 Themes - ok
20:37:51.0611 1624 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:37:51.0614 1624 THREADORDER - ok
20:37:51.0671 1624 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:37:51.0677 1624 TrkWks - ok
20:37:51.0763 1624 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
20:37:51.0765 1624 TrustedInstaller - ok
20:37:51.0850 1624 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:37:51.0851 1624 tssecsrv - ok
20:37:52.0022 1624 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
20:37:52.0023 1624 tunnel - ok
20:37:52.0089 1624 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:37:52.0090 1624 uagp35 - ok
20:37:52.0129 1624 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
20:37:52.0132 1624 udfs - ok
20:37:52.0173 1624 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:37:52.0176 1624 UI0Detect - ok
20:37:52.0202 1624 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
20:37:52.0204 1624 uliagpkx - ok
20:37:52.0261 1624 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
20:37:52.0262 1624 umbus - ok
20:37:52.0286 1624 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:37:52.0287 1624 UmPass - ok
20:37:52.0347 1624 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:37:52.0352 1624 upnphost - ok
20:37:52.0448 1624 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
20:37:52.0449 1624 USBAAPL64 - ok
20:37:52.0504 1624 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
20:37:52.0505 1624 usbaudio - ok
20:37:52.0532 1624 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
20:37:52.0533 1624 usbccgp - ok
20:37:52.0563 1624 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
20:37:52.0565 1624 usbcir - ok
20:37:52.0596 1624 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
20:37:52.0597 1624 usbehci - ok
20:37:52.0656 1624 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
20:37:52.0659 1624 usbhub - ok
20:37:52.0679 1624 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
20:37:52.0683 1624 usbohci - ok
20:37:52.0757 1624 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:37:52.0758 1624 usbprint - ok
20:37:52.0782 1624 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:37:52.0783 1624 USBSTOR - ok
20:37:52.0812 1624 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
20:37:52.0813 1624 usbuhci - ok
20:37:52.0860 1624 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
20:37:52.0862 1624 usbvideo - ok
20:37:52.0909 1624 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:37:52.0913 1624 UxSms - ok
20:37:52.0935 1624 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
20:37:52.0935 1624 VaultSvc - ok
20:37:52.0985 1624 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
20:37:52.0990 1624 vdrvroot - ok
20:37:53.0010 1624 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
20:37:53.0015 1624 vds - ok
20:37:53.0050 1624 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:37:53.0050 1624 vga - ok
20:37:53.0070 1624 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:37:53.0070 1624 VgaSave - ok
20:37:53.0285 1624 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
20:37:53.0285 1624 vhdmp - ok
20:37:53.0420 1624 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
20:37:53.0420 1624 viaide - ok
20:37:53.0525 1624 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
20:37:53.0525 1624 volmgr - ok
20:37:53.0680 1624 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
20:37:53.0685 1624 volmgrx - ok
20:37:53.0825 1624 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
20:37:53.0830 1624 volsnap - ok
20:37:53.0935 1624 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:37:53.0935 1624 vsmraid - ok
20:37:54.0060 1624 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
20:37:54.0080 1624 VSS - ok
20:37:54.0170 1624 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:37:54.0175 1624 vwifibus - ok
20:37:54.0275 1624 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:37:54.0275 1624 vwififlt - ok
20:37:54.0315 1624 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:37:54.0325 1624 W32Time - ok
20:37:54.0395 1624 W3SVC (06d2b9bc146bb0f45f45ff7a296d50c4) C:\Windows\system32\inetsrv\iisw3adm.dll
20:37:54.0400 1624 W3SVC - ok
20:37:54.0465 1624 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:37:54.0470 1624 WacomPen - ok
20:37:54.0540 1624 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
20:37:54.0540 1624 WANARP - ok
20:37:54.0585 1624 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
20:37:54.0585 1624 Wanarpv6 - ok
20:37:54.0795 1624 WAS (06d2b9bc146bb0f45f45ff7a296d50c4) C:\Windows\system32\inetsrv\iisw3adm.dll
20:37:54.0800 1624 WAS - ok
20:37:54.0890 1624 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
20:37:54.0915 1624 wbengine - ok
20:37:54.0950 1624 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:37:54.0955 1624 WbioSrvc - ok
20:37:54.0975 1624 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll
20:37:54.0985 1624 wcncsvc - ok
20:37:55.0010 1624 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:37:55.0015 1624 WcsPlugInService - ok
20:37:55.0105 1624 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:37:55.0105 1624 Wd - ok
20:37:55.0255 1624 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:37:55.0260 1624 Wdf01000 - ok
20:37:55.0345 1624 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:37:55.0350 1624 WdiServiceHost - ok
20:37:55.0360 1624 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:37:55.0365 1624 WdiSystemHost - ok
20:37:55.0400 1624 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll
20:37:55.0405 1624 WebClient - ok
20:37:55.0420 1624 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:37:55.0425 1624 Wecsvc - ok
20:37:55.0450 1624 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:37:55.0460 1624 wercplsupport - ok
20:37:55.0495 1624 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:37:55.0500 1624 WerSvc - ok
20:37:55.0570 1624 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:37:55.0570 1624 WfpLwf - ok
20:37:55.0595 1624 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:37:55.0600 1624 WIMMount - ok
20:37:55.0620 1624 WinDefend - ok
20:37:55.0635 1624 WinHttpAutoProxySvc - ok
20:37:55.0690 1624 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:37:55.0690 1624 Winmgmt - ok
20:37:55.0790 1624 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
20:37:55.0805 1624 WinRM - ok
20:37:55.0945 1624 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
20:37:55.0950 1624 WinUsb - ok
20:37:56.0045 1624 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:37:56.0055 1624 Wlansvc - ok
20:37:56.0145 1624 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:37:56.0145 1624 WmiAcpi - ok
20:37:56.0200 1624 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:37:56.0200 1624 wmiApSrv - ok
20:37:56.0255 1624 WMPNetworkSvc - ok
20:37:56.0310 1624 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:37:56.0315 1624 WPCSvc - ok
20:37:56.0350 1624 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
20:37:56.0355 1624 WPDBusEnum - ok
20:37:56.0420 1624 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:37:56.0425 1624 ws2ifsl - ok
20:37:56.0460 1624 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
20:37:56.0465 1624 wscsvc - ok
20:37:56.0475 1624 WSearch - ok
20:37:56.0580 1624 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
20:37:56.0610 1624 wuauserv - ok
20:37:56.0685 1624 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
20:37:56.0685 1624 WudfPf - ok
20:37:56.0735 1624 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:37:56.0740 1624 WUDFRd - ok
20:37:56.0785 1624 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
20:37:56.0790 1624 wudfsvc - ok
20:37:56.0840 1624 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:37:56.0845 1624 WwanSvc - ok
20:37:56.0890 1624 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
20:37:56.0895 1624 yukonw7 - ok
20:37:56.0935 1624 MBR (0x1B8) (e3e91e98346c8b0475259c238728e9e3) \Device\Harddisk0\DR0
20:37:56.0980 1624 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
20:37:56.0980 1624 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
20:37:57.0030 1624 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:37:57.0030 1624 \Device\Harddisk0\DR0 - detected TDSS File System (1)
20:37:57.0070 1624 Boot (0x1200) (ceda72234919a91752878bcd1e8b396e) \Device\Harddisk0\DR0\Partition0
20:37:57.0070 1624 \Device\Harddisk0\DR0\Partition0 - ok
20:37:57.0080 1624 Boot (0x1200) (abada037868de784d05a63d64f933390) \Device\Harddisk0\DR0\Partition1
20:37:57.0100 1624 \Device\Harddisk0\DR0\Partition1 - ok
20:37:57.0145 1624 Boot (0x1200) (ca5b168d3abec1d1aeb5eadaa98c3be4) \Device\Harddisk0\DR0\Partition2
20:37:57.0145 1624 \Device\Harddisk0\DR0\Partition2 - ok
20:37:57.0150 1624 ============================================================
20:37:57.0150 1624 Scan finished
20:37:57.0150 1624 ============================================================
20:37:57.0165 5360 Detected object count: 2
20:37:57.0165 5360 Actual detected object count: 2

GMER LOG -


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-04-12 21:03:32
Windows 6.1.7600
Running: rs9r4utg.exe


---- Files - GMER 1.0.15 ----

File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS029C7.log 1048576 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\ctools[2].css 581 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\date[1].css 3804 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\crossdomainCA32B8IV.xml 116 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\crossdomainCAFAPURC.xml 185 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\TravelNewsStories_VideoPlayer[1].swf 64121 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\TumriRuntimeLibrary[1].swf 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\healthyfood[1].jpeg 3551 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\minaj-billboard-topper[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\getjs[4].aspx 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\gI_103821_toby-nixon[1].jpeg 30406 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\superfish[1].css 5113 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\supposition[1].js 3053 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\surly[5].js 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\0402rossmarkets_thumbnail[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\104e0c3e4cd983b6f540e1c392e058c1[1].swf 38986 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\diyfashion[1].css 44174 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\diyfashion_logo[1].jpeg 8555 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\2TSVCA3Z8DBBCAM4NIMRCAK0U970CA7O4QU2CA43XCNPCAVTJ66FCAM39Z5MCA1K64Y9CAEMJRXMCANUPFS1CAPD912CCAAG8X89CASLY3J4CABW0MCUCACO4R8TCAQ0181P.txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\script[1].js 444 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\4ef54287760ee304a1000927_1328751881_kW8iQ2vI5YXbfL1N2YDI5Z4ImIN-136x190[1].jpeg 13209 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\4ef787e319c295766c003378_1328751890_kTYomIh50JBCYBhuXWS8gbGynlU-136x190[1].jpeg 11687 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\4ef9152b19c2957669004cd4_1328751903_djB0SEm6nQcxqbGD93CzZpdoZdk-136x190[1].jpeg 13324 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\4ef9bbac19c295766f005722_1328751906_2W4Wqp32ZUafIoQPPoJ3XW4YdqP-136x190[1].jpeg 12684 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\4ef9cb5e760ee3049e005b91_1328751909_ftAquwqMZIFDtoxlh7peBzuaWDn-136x190[1].jpeg 10272 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\4efc571d760ee3049e008fc3_1328751923_1bEKtOMmENegfU4VhavPJ3zKrvz-136x190[1].jpeg 11934 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\4f09f99e19c2957a9b002a43_1328751785_tZ7VXB1JMTFs0Iuga60i3g5A3Ju-136x190[1].jpeg 8250 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\4e4f3c885e73d669a00000cd_1319714370_the-vow-original-136x190[1].jpeg 11750 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\system[1].css 10020 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\layout[1].css 5327 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\us_widget[1].txt 6092 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O4PW7Z6\jquery.bgiframe.min[1].js 1198 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\acces-menu-bg[1].png 3648 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\glamadapt_jsapi[2].act 5444 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\fringe-trend-041112-4[1].jpeg 3004 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\fringe-trend-041112-7[1].jpeg 3596 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\play_button[1].png 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\BrightcoveExperiences[1].js 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\comment[1].css 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\comment[1].js 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\content-module[1].css 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\UTI_Marine_Legacy_OutboardMotor_728x90[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\VideoPreloader_2[1].swf 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\school-girl-trend-041112-10[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\school-girl-trend-041112-12[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\school-girl-trend-041112-13[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\screenhunter_66_apr._10_15.36[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\html-elements[1].css 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\httpErrorPagesScripts[1] 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\newgc[1].css 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\C2UYCAUAAZ4BCA2X25XSCAVCB1CICASURLV6CA4JUXK6CA3IZ236CAOXDTTTCAMYCY4ICAAMYDJTCABUK3O7CAU4BF3ECAMYKP5UCAGWS07GCA3JQ7KCCASR4FG1CA9MWLG1.txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\dependent[1].js 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\fringe-trend-041112-9[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\styles[1].css 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\superfish-vertical[1].css 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\supersubs[1].js 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\screenhunter_80_apr._11_14.05[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\328_config[1].xml 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\jquery.hoverIntent.minified[1].js 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\Women_two_facing[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\0404banks_thumbnail[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\search-icon[1].png 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\4e25f8e25e73d613d30001ff_1319714209_the-hunger-games-original-136x190[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\4e6b998f7b9aa10c70000254_1319714475_hit-list-original-136x190[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\sprites_v5[1].png 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\base[2].js 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\gl[1].js 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\ie[2].css 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIVAQ7C7\alphabird_videoplayer[1].js 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\k%2F5389%2F2306788%2F0%2F170%2FAdId%3D2450040%3BBnId%3D1%3Bitime%3D277765430%3Bkey%3Dkey1%2Bkey2%2Bkey3%2Bkey4%3Blink%3D;ord=1541581775[1] 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\300x250_070111_MF_Wht_hyperlink[1].swf 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\id=articles_win-a-nordictrack-treadmill;wmode=transparent;kw=;test=%7Bget_test%7D;pga=ad;pos=top;tile=2;sz=300x250;ord=7850255210068953[1] 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\iDiamond-Jewel[1].html 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\vastvpaid[1].xml 1012 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\65230-cycle-burn-fat-spin-stationary-bike-work-out-recumbent-upright-gym-stacey-davis-health-spry__crop-square-33x33[1].jpg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\44143148_1543941872001_Chris-Klein-480x360[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\44143148_1547356084001_David-Walton-480x360[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\44143148_1555550485001_Wil-Sasso-480x360[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\44143148_918432492001_I-SQUARE480x360[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\44143148_919750677001_AskingAlexandria480x360[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\44143148_921228848001_ShaneWest480x360[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\44143148_922982582001_AimeeTeegarden480x360[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\44143148_97587701001_kardashians480x360[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\44143148_97701820001_rjberger480x360[1].jpeg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\iframe3[1].html 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\img[1].gif 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\plusone[1].js 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\fetch_jquery_video[1].php 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\fpi[1].html 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\log[1].txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\will-sasso-is-a-victim-of-soicumstance[1].html 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\p-01-0VIaSjnOLg[1].gif 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\html[1].ashx 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\Test160x600[1].swf 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\ui-bg_highlight-soft_35_adadad_1x100[1].png 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\rs[1].js 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\1831630674@x15[1] 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\1x1[1].gif 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\Creative_272120_-_seventhgeneration_earthmonth_coupon_Q2_2012(160x600)[1].js 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\RES_GAS_bacon1_160x600[1].swf 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\adlink%2F5389%2F2306780%2F0%2F225%2FAdId%3D2716666%3BBnId%3D1%3Bitime%3D277764433%3Blink%3D;ord=1541581775[1] 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\getAds[1].jsp 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\getjs[1].aspx 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\TravelNewsStories_VideoPlayer[1].swf 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\uat_17865[1].js 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\SkyscraperGrid[1].swf 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\smartad[1].jsp 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\lrp8326[1].js 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\design-no_image_square-33x33[1].jpg 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\Diamond-Jewel[1].swf 49920 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\ad[1].gif 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\style[1].css 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\activities[1].txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\ping[1].gif 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\ping[2].gif 43 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8N3MN2N\click[1].html 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@moderndaywomen[2].txt 501 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@mookie1[6].txt 606 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@CA0IM5NU.txt 1254 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@pointroll[10].txt 170 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@dc.tremormedia[10].txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@media.adfrontiers[7].txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ox-d.lycos[7].txt 106 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@xgraph[9].txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@beautyriot[1].txt 854 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@bid-tag[4].txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@adnxs[6].txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@tap2-cdn.rubiconproject[10].txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@www.beautyriot[1].txt 187 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@tumri[4].txt 86 bytes

---- EOF - GMER 1.0.15 ----

#4 LadyPtero

LadyPtero
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:36 AM

Posted 12 April 2012 - 08:10 PM

aswMBR log --


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-12 21:05:05
-----------------------------
21:05:05.891 OS Version: Windows x64 6.1.7600
21:05:05.891 Number of processors: 2 586 0x170A
21:05:05.892 ComputerName: DEE-PC UserName: Dee
21:05:08.713 Initialize success
21:05:08.896 AVAST engine defs: 10021800
21:05:29.886 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:05:29.890 Disk 0 Vendor: WDC_WD3200BEKT-60F3T1 12.01A12 Size: 305245MB BusType: 11
21:05:29.894 Device \Driver\atapi -> MajorFunction fffffa80052275c4
21:05:29.912 Disk 0 MBR read successfully
21:05:29.917 Disk 0 MBR scan
21:05:30.288 Disk 0 TDL4@MBR code has been found
21:05:30.294 Disk 0 MBR hidden
21:05:30.310 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
21:05:30.479 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 288849 MB offset 409600
21:05:30.511 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 16195 MB offset 591972352
21:05:30.519 Disk 0 MBR [TDL4] **ROOTKIT**
21:05:30.527 Disk 0 trace - called modules:
21:05:30.537 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys >>UNKNOWN [0xfffffa80061666e0]<<69894943.sys >>UNKNOWN [0xfffffa80052275c4]<<
21:05:30.884 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c9e560]
21:05:30.893 3 CLASSPNP.SYS[fffff8800112643f] -> nt!IofCallDriver -> [0xfffffa8004c9d240]
21:05:30.902 5 hpdskflt.sys[fffff88001c1d289] -> nt!IofCallDriver -> [0xfffffa8004b3b240]
21:05:30.912 7 ACPI.sys[fffff88000f88781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004b0a1f0]
21:05:30.923 \Driver\atapi[0xfffffa80051b6a70] -> IRP_MJ_CREATE -> 0xfffffa80052275c4
21:05:32.443 AVAST engine scan C:\Windows
21:05:37.638 AVAST engine scan C:\Windows\system32
21:07:05.226 AVAST engine scan C:\Windows\system32\drivers
21:07:13.791 AVAST engine scan C:\Users\Dee
21:09:03.941 Disk 0 MBR has been saved successfully to "C:\Users\Dee\Desktop\MBR.dat"
21:09:03.971 The log file has been saved successfully to "C:\Users\Dee\Desktop\aswMBR.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:36 AM

Posted 12 April 2012 - 11:40 PM

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

on reboot,allow fixtdss to RUN and click on REPAIR

Now rerun TDSSkiller and aswmbr again and post the new logs

good luck

#6 LadyPtero

LadyPtero
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:36 AM

Posted 13 April 2012 - 02:50 PM

TDSSkiller Log ---


15:48:48.0552 0492 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
15:48:48.0833 0492 ============================================================
15:48:48.0833 0492 Current date / time: 2012/04/13 15:48:48.0833
15:48:48.0833 0492 SystemInfo:
15:48:48.0833 0492
15:48:48.0833 0492 OS Version: 6.1.7600 ServicePack: 0.0
15:48:48.0833 0492 Product type: Workstation
15:48:48.0833 0492 ComputerName: DEE-PC
15:48:48.0833 0492 UserName: Dee
15:48:48.0833 0492 Windows directory: C:\Windows
15:48:48.0833 0492 System windows directory: C:\Windows
15:48:48.0833 0492 Running under WOW64
15:48:48.0833 0492 Processor architecture: Intel x64
15:48:48.0833 0492 Number of processors: 2
15:48:48.0833 0492 Page size: 0x1000
15:48:48.0833 0492 Boot type: Normal boot
15:48:48.0833 0492 ============================================================
15:48:50.0783 0492 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:48:50.0798 0492 \Device\Harddisk0\DR0:
15:48:50.0798 0492 MBR used
15:48:50.0798 0492 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
15:48:50.0798 0492 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23428800
15:48:50.0798 0492 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2348C800, BlocksNum 0x1FA1800
15:48:50.0861 0492 Initialize success
15:48:50.0861 0492 ============================================================
15:49:06.0913 3600 ============================================================
15:49:06.0913 3600 Scan started
15:49:06.0913 3600 Mode: Manual; TDLFS;
15:49:06.0913 3600 ============================================================
15:49:08.0598 3600 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
15:49:08.0598 3600 1394ohci - ok
15:49:08.0707 3600 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
15:49:08.0707 3600 Accelerometer - ok
15:49:08.0754 3600 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
15:49:08.0770 3600 ACPI - ok
15:49:08.0801 3600 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
15:49:08.0801 3600 AcpiPmi - ok
15:49:08.0863 3600 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:49:08.0879 3600 adp94xx - ok
15:49:08.0894 3600 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:49:08.0910 3600 adpahci - ok
15:49:08.0926 3600 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:49:08.0926 3600 adpu320 - ok
15:49:08.0957 3600 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:49:08.0957 3600 AeLookupSvc - ok
15:49:09.0050 3600 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
15:49:09.0050 3600 AESTFilters - ok
15:49:09.0128 3600 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
15:49:09.0144 3600 AFD - ok
15:49:09.0238 3600 AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
15:49:09.0238 3600 AgereModemAudio - ok
15:49:09.0347 3600 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\Windows\system32\DRIVERS\agrsm64.sys
15:49:09.0378 3600 AgereSoftModem - ok
15:49:09.0456 3600 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
15:49:09.0456 3600 agp440 - ok
15:49:09.0487 3600 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:49:09.0487 3600 ALG - ok
15:49:09.0581 3600 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
15:49:09.0581 3600 aliide - ok
15:49:09.0596 3600 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
15:49:09.0596 3600 amdide - ok
15:49:09.0659 3600 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:49:09.0659 3600 AmdK8 - ok
15:49:09.0674 3600 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:49:09.0674 3600 AmdPPM - ok
15:49:09.0737 3600 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
15:49:09.0737 3600 amdsata - ok
15:49:09.0784 3600 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:49:09.0799 3600 amdsbs - ok
15:49:09.0815 3600 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
15:49:09.0815 3600 amdxata - ok
15:49:09.0877 3600 ApfiltrService (05f1a0a81a98cf27e3f028213fb6c36a) C:\Windows\system32\DRIVERS\Apfiltr.sys
15:49:09.0893 3600 ApfiltrService - ok
15:49:09.0971 3600 AppHostSvc (03fbb7c5ea4ef153f10282614b9771cb) C:\Windows\system32\inetsrv\apphostsvc.dll
15:49:09.0986 3600 AppHostSvc - ok
15:49:10.0033 3600 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
15:49:10.0033 3600 AppID - ok
15:49:10.0096 3600 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:49:10.0096 3600 AppIDSvc - ok
15:49:10.0111 3600 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
15:49:10.0111 3600 Appinfo - ok
15:49:10.0345 3600 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:49:10.0361 3600 Apple Mobile Device - ok
15:49:10.0454 3600 Application Updater (efacaab066d923a10435cf87e8c4d280) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
15:49:10.0486 3600 Application Updater - ok
15:49:10.0564 3600 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:49:10.0564 3600 arc - ok
15:49:10.0579 3600 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:49:10.0579 3600 arcsas - ok
15:49:10.0657 3600 aswFsBlk (e6dee1ff3ec08c146ae607257b2ac25e) C:\Windows\system32\drivers\aswFsBlk.sys
15:49:10.0657 3600 aswFsBlk - ok
15:49:10.0720 3600 aswMonFlt (976e731bc951d76237e960fad7402741) C:\Windows\system32\drivers\aswMonFlt.sys
15:49:10.0720 3600 aswMonFlt - ok
15:49:10.0766 3600 aswRdr (10fde4d126dd0d09d59a84f703449244) C:\Windows\system32\drivers\aswRdr.sys
15:49:10.0766 3600 aswRdr - ok
15:49:10.0813 3600 aswSP (0211624896d0b05f24533540e22fc740) C:\Windows\system32\drivers\aswSP.sys
15:49:10.0813 3600 aswSP - ok
15:49:10.0860 3600 aswTdi (f0cdae379c90d6e1d873c10b5ca1af0c) C:\Windows\system32\drivers\aswTdi.sys
15:49:10.0860 3600 aswTdi - ok
15:49:10.0891 3600 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:49:10.0891 3600 AsyncMac - ok
15:49:10.0922 3600 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
15:49:10.0922 3600 atapi - ok
15:49:10.0985 3600 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
15:49:11.0000 3600 AudioEndpointBuilder - ok
15:49:11.0016 3600 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
15:49:11.0016 3600 AudioSrv - ok
15:49:11.0110 3600 avast! Antivirus (8aaa93cd13e379eb76fbef56ac77d4d4) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
15:49:11.0110 3600 avast! Antivirus - ok
15:49:11.0125 3600 avast! Mail Scanner (8aaa93cd13e379eb76fbef56ac77d4d4) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
15:49:11.0125 3600 avast! Mail Scanner - ok
15:49:11.0125 3600 avast! Web Scanner (8aaa93cd13e379eb76fbef56ac77d4d4) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
15:49:11.0141 3600 avast! Web Scanner - ok
15:49:11.0188 3600 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
15:49:11.0188 3600 AxInstSV - ok
15:49:11.0234 3600 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:49:11.0250 3600 b06bdrv - ok
15:49:11.0312 3600 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:49:11.0312 3600 b57nd60a - ok
15:49:11.0437 3600 BCM43XX (6c95dd14cfd30b0617b91dc6a0b1a1fb) C:\Windows\system32\DRIVERS\bcmwl664.sys
15:49:11.0468 3600 BCM43XX - ok
15:49:11.0484 3600 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:49:11.0500 3600 BDESVC - ok
15:49:11.0515 3600 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:49:11.0515 3600 Beep - ok
15:49:11.0562 3600 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
15:49:11.0578 3600 BFE - ok
15:49:11.0624 3600 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
15:49:11.0656 3600 BITS - ok
15:49:11.0702 3600 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:49:11.0702 3600 blbdrive - ok
15:49:11.0812 3600 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:49:11.0827 3600 Bonjour Service - ok
15:49:11.0874 3600 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
15:49:11.0874 3600 bowser - ok
15:49:11.0921 3600 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:49:11.0921 3600 BrFiltLo - ok
15:49:11.0936 3600 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:49:11.0936 3600 BrFiltUp - ok
15:49:11.0968 3600 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
15:49:11.0983 3600 Browser - ok
15:49:11.0999 3600 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:49:12.0014 3600 Brserid - ok
15:49:12.0030 3600 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:49:12.0030 3600 BrSerWdm - ok
15:49:12.0046 3600 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:49:12.0061 3600 BrUsbMdm - ok
15:49:12.0092 3600 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:49:12.0092 3600 BrUsbSer - ok
15:49:12.0155 3600 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:49:12.0155 3600 BTHMODEM - ok
15:49:12.0217 3600 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:49:12.0217 3600 bthserv - ok
15:49:12.0217 3600 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:49:12.0233 3600 cdfs - ok
15:49:12.0295 3600 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
15:49:12.0295 3600 cdrom - ok
15:49:12.0342 3600 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
15:49:12.0342 3600 CertPropSvc - ok
15:49:12.0389 3600 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:49:12.0389 3600 circlass - ok
15:49:12.0436 3600 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:49:12.0436 3600 CLFS - ok
15:49:12.0498 3600 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:49:12.0514 3600 clr_optimization_v2.0.50727_32 - ok
15:49:12.0560 3600 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:49:12.0560 3600 clr_optimization_v2.0.50727_64 - ok
15:49:12.0607 3600 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:49:12.0607 3600 CmBatt - ok
15:49:12.0623 3600 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
15:49:12.0623 3600 cmdide - ok
15:49:12.0654 3600 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
15:49:12.0670 3600 CNG - ok
15:49:12.0748 3600 Com4QLBEx (c7a0e61d5714ac20de52d4f66ec773b8) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
15:49:12.0748 3600 Com4QLBEx - ok
15:49:12.0826 3600 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:49:12.0826 3600 Compbatt - ok
15:49:12.0872 3600 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:49:12.0872 3600 CompositeBus - ok
15:49:12.0904 3600 COMSysApp - ok
15:49:12.0950 3600 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:49:12.0950 3600 crcdisk - ok
15:49:12.0997 3600 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
15:49:13.0013 3600 CryptSvc - ok
15:49:13.0044 3600 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
15:49:13.0060 3600 DcomLaunch - ok
15:49:13.0075 3600 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:49:13.0091 3600 defragsvc - ok
15:49:13.0153 3600 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
15:49:13.0153 3600 DfsC - ok
15:49:13.0200 3600 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
15:49:13.0200 3600 Dhcp - ok
15:49:13.0216 3600 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:49:13.0216 3600 discache - ok
15:49:13.0262 3600 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:49:13.0262 3600 Disk - ok
15:49:13.0294 3600 Dnscache (676108c4e3aa6f6b34633748bd0bebd9) C:\Windows\System32\dnsrslvr.dll
15:49:13.0294 3600 Dnscache - ok
15:49:13.0309 3600 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
15:49:13.0309 3600 dot3svc - ok
15:49:13.0325 3600 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
15:49:13.0325 3600 DPS - ok
15:49:13.0372 3600 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:49:13.0387 3600 drmkaud - ok
15:49:13.0434 3600 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
15:49:13.0434 3600 DXGKrnl - ok
15:49:13.0481 3600 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:49:13.0481 3600 EapHost - ok
15:49:13.0574 3600 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:49:13.0652 3600 ebdrv - ok
15:49:13.0684 3600 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
15:49:13.0684 3600 EFS - ok
15:49:13.0746 3600 ehRecvr (b91d81b3b54a54ccafc03733dbc2e29e) C:\Windows\ehome\ehRecvr.exe
15:49:13.0762 3600 ehRecvr - ok
15:49:13.0777 3600 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:49:13.0793 3600 ehSched - ok
15:49:13.0840 3600 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:49:13.0855 3600 elxstor - ok
15:49:13.0902 3600 enecir (a9ec08727c64d985678f5b64c03823f0) C:\Windows\system32\DRIVERS\enecir.sys
15:49:13.0902 3600 enecir - ok
15:49:13.0949 3600 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
15:49:13.0949 3600 ErrDev - ok
15:49:14.0027 3600 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:49:14.0042 3600 EventSystem - ok
15:49:14.0058 3600 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:49:14.0074 3600 exfat - ok
15:49:14.0105 3600 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:49:14.0120 3600 fastfat - ok
15:49:14.0167 3600 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
15:49:14.0198 3600 Fax - ok
15:49:14.0245 3600 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:49:14.0245 3600 fdc - ok
15:49:14.0276 3600 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:49:14.0276 3600 fdPHost - ok
15:49:14.0292 3600 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:49:14.0292 3600 FDResPub - ok
15:49:14.0339 3600 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:49:14.0339 3600 FileInfo - ok
15:49:14.0386 3600 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:49:14.0386 3600 Filetrace - ok
15:49:14.0432 3600 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:49:14.0432 3600 flpydisk - ok
15:49:14.0495 3600 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
15:49:14.0510 3600 FltMgr - ok
15:49:14.0557 3600 FontCache (8ac4cb4ea61e41009fae9ae7b2b5da3a) C:\Windows\system32\FntCache.dll
15:49:14.0604 3600 FontCache - ok
15:49:14.0713 3600 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:49:14.0713 3600 FontCache3.0.0.0 - ok
15:49:14.0729 3600 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:49:14.0729 3600 FsDepends - ok
15:49:14.0760 3600 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:49:14.0760 3600 Fs_Rec - ok
15:49:14.0978 3600 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
15:49:14.0978 3600 fvevol - ok
15:49:15.0025 3600 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:49:15.0041 3600 gagp30kx - ok
15:49:15.0119 3600 GameConsoleService (c44d560e441f091ea3b72f778ec60de2) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
15:49:15.0134 3600 GameConsoleService - ok
15:49:15.0275 3600 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:49:15.0275 3600 GEARAspiWDM - ok
15:49:15.0337 3600 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
15:49:15.0384 3600 gpsvc - ok
15:49:15.0478 3600 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:49:15.0478 3600 gusvc - ok
15:49:15.0509 3600 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:49:15.0509 3600 hcw85cir - ok
15:49:15.0571 3600 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
15:49:15.0571 3600 HdAudAddService - ok
15:49:15.0649 3600 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:49:15.0649 3600 HDAudBus - ok
15:49:15.0680 3600 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:49:15.0680 3600 HidBatt - ok
15:49:15.0712 3600 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:49:15.0712 3600 HidBth - ok
15:49:15.0758 3600 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:49:15.0774 3600 HidIr - ok
15:49:15.0805 3600 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:49:15.0805 3600 hidserv - ok
15:49:15.0852 3600 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
15:49:15.0852 3600 HidUsb - ok
15:49:15.0883 3600 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
15:49:15.0883 3600 hkmsvc - ok
15:49:15.0914 3600 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
15:49:15.0914 3600 HomeGroupListener - ok
15:49:15.0946 3600 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
15:49:15.0961 3600 HomeGroupProvider - ok
15:49:16.0086 3600 HP Health Check Service (be78357fb49759b79ccc01894bcfdddb) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
15:49:16.0086 3600 HP Health Check Service - ok
15:49:16.0148 3600 HPDrvMntSvc.exe (2dfb151fd34df104dac0adf070eda83c) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
15:49:16.0148 3600 HPDrvMntSvc.exe - ok
15:49:16.0180 3600 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
15:49:16.0180 3600 hpdskflt - ok
15:49:16.0258 3600 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
15:49:16.0258 3600 HpqKbFiltr - ok
15:49:16.0304 3600 hpqwmiex (184c500cb9f69585f3fe85e1d2667cd8) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
15:49:16.0320 3600 hpqwmiex - ok
15:49:16.0382 3600 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
15:49:16.0382 3600 HpSAMD - ok
15:49:16.0398 3600 hpsrv (aa036cc5f5221d9b915f4d4dce74ba9a) C:\Windows\system32\Hpservice.exe
15:49:16.0414 3600 hpsrv - ok
15:49:16.0476 3600 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
15:49:16.0492 3600 HTTP - ok
15:49:16.0507 3600 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
15:49:16.0507 3600 hwpolicy - ok
15:49:16.0570 3600 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
15:49:16.0570 3600 i8042prt - ok
15:49:16.0632 3600 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
15:49:16.0632 3600 iaStorV - ok
15:49:16.0710 3600 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:49:16.0726 3600 IDriverT - ok
15:49:16.0804 3600 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:49:16.0819 3600 idsvc - ok
15:49:17.0100 3600 igfx (3c3f27002abc69c5afe29cbe6cf7addf) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:49:17.0287 3600 igfx - ok
15:49:17.0318 3600 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:49:17.0318 3600 iirsp - ok
15:49:17.0365 3600 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
15:49:17.0396 3600 IKEEXT - ok
15:49:17.0474 3600 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys
15:49:17.0474 3600 IntcHdmiAddService - ok
15:49:17.0521 3600 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
15:49:17.0521 3600 intelide - ok
15:49:17.0584 3600 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:49:17.0584 3600 intelppm - ok
15:49:17.0599 3600 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:49:17.0599 3600 IPBusEnum - ok
15:49:17.0630 3600 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:49:17.0630 3600 IpFilterDriver - ok
15:49:17.0662 3600 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
15:49:17.0677 3600 iphlpsvc - ok
15:49:17.0708 3600 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:49:17.0708 3600 IPMIDRV - ok
15:49:17.0724 3600 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:49:17.0724 3600 IPNAT - ok
15:49:17.0833 3600 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
15:49:17.0864 3600 iPod Service - ok
15:49:17.0942 3600 iPodDrv (02def37ab75e0032c50724646f708de8) C:\Windows\system32\drivers\iPodDrv.sys
15:49:17.0942 3600 iPodDrv - ok
15:49:17.0989 3600 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:49:18.0005 3600 IRENUM - ok
15:49:18.0020 3600 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
15:49:18.0020 3600 isapnp - ok
15:49:18.0052 3600 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
15:49:18.0067 3600 iScsiPrt - ok
15:49:18.0130 3600 JMCR (f8844b00c10e386c704c610e95a9847d) C:\Windows\system32\DRIVERS\jmcr.sys
15:49:18.0130 3600 JMCR - ok
15:49:18.0161 3600 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:49:18.0161 3600 kbdclass - ok
15:49:18.0239 3600 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
15:49:18.0239 3600 kbdhid - ok
15:49:18.0254 3600 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:49:18.0270 3600 KeyIso - ok
15:49:18.0301 3600 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
15:49:18.0301 3600 KSecDD - ok
15:49:18.0332 3600 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys
15:49:18.0332 3600 KSecPkg - ok
15:49:18.0348 3600 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:49:18.0348 3600 ksthunk - ok
15:49:18.0379 3600 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:49:18.0395 3600 KtmRm - ok
15:49:18.0426 3600 LanmanServer (c926920b8978de6acfe9e15c709e9b57) C:\Windows\system32\srvsvc.dll
15:49:18.0442 3600 LanmanServer - ok
15:49:18.0504 3600 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
15:49:18.0504 3600 LanmanWorkstation - ok
15:49:18.0598 3600 LightScribeService (07b1888209c54b675ffccbde9f06d2c6) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:49:18.0613 3600 LightScribeService - ok
15:49:18.0691 3600 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:49:18.0691 3600 lltdio - ok
15:49:18.0754 3600 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:49:18.0754 3600 lltdsvc - ok
15:49:18.0769 3600 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:49:18.0785 3600 lmhosts - ok
15:49:18.0832 3600 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:49:18.0847 3600 LSI_FC - ok
15:49:18.0894 3600 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:49:18.0894 3600 LSI_SAS - ok
15:49:18.0925 3600 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:49:18.0925 3600 LSI_SAS2 - ok
15:49:18.0941 3600 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:49:18.0956 3600 LSI_SCSI - ok
15:49:18.0972 3600 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:49:18.0972 3600 luafv - ok
15:49:19.0003 3600 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
15:49:19.0003 3600 Mcx2Svc - ok
15:49:19.0034 3600 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:49:19.0050 3600 megasas - ok
15:49:19.0097 3600 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:49:19.0097 3600 MegaSR - ok
15:49:19.0206 3600 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:49:19.0206 3600 Microsoft Office Groove Audit Service - ok
15:49:19.0268 3600 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:49:19.0284 3600 MMCSS - ok
15:49:19.0300 3600 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:49:19.0300 3600 Modem - ok
15:49:19.0378 3600 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:49:19.0378 3600 monitor - ok
15:49:19.0424 3600 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:49:19.0424 3600 mouclass - ok
15:49:19.0424 3600 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:49:19.0440 3600 mouhid - ok
15:49:19.0456 3600 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
15:49:19.0456 3600 mountmgr - ok
15:49:19.0502 3600 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
15:49:19.0502 3600 mpio - ok
15:49:19.0518 3600 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:49:19.0518 3600 mpsdrv - ok
15:49:19.0549 3600 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
15:49:19.0580 3600 MpsSvc - ok
15:49:19.0596 3600 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
15:49:19.0596 3600 MRxDAV - ok
15:49:19.0627 3600 mrxsmb (cfdcd8ca87c2a657debc150ac35b5e08) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:49:19.0627 3600 mrxsmb - ok
15:49:19.0658 3600 mrxsmb10 (1bee517b220b7f024f411aec1571dd5a) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:49:19.0658 3600 mrxsmb10 - ok
15:49:19.0721 3600 mrxsmb20 (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:49:19.0721 3600 mrxsmb20 - ok
15:49:19.0736 3600 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
15:49:19.0752 3600 msahci - ok
15:49:19.0783 3600 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
15:49:19.0783 3600 msdsm - ok
15:49:19.0814 3600 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:49:19.0814 3600 MSDTC - ok
15:49:19.0846 3600 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:49:19.0846 3600 Msfs - ok
15:49:19.0861 3600 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:49:19.0861 3600 mshidkmdf - ok
15:49:19.0877 3600 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
15:49:19.0877 3600 msisadrv - ok
15:49:19.0908 3600 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:49:19.0908 3600 MSiSCSI - ok
15:49:19.0924 3600 msiserver - ok
15:49:19.0970 3600 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:49:19.0970 3600 MSKSSRV - ok
15:49:20.0017 3600 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:49:20.0017 3600 MSPCLOCK - ok
15:49:20.0033 3600 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:49:20.0033 3600 MSPQM - ok
15:49:20.0064 3600 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
15:49:20.0064 3600 MsRPC - ok
15:49:20.0111 3600 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
15:49:20.0111 3600 mssmbios - ok
15:49:20.0142 3600 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:49:20.0142 3600 MSTEE - ok
15:49:20.0173 3600 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:49:20.0173 3600 MTConfig - ok
15:49:20.0220 3600 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:49:20.0220 3600 Mup - ok
15:49:20.0251 3600 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
15:49:20.0267 3600 napagent - ok
15:49:20.0329 3600 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:49:20.0329 3600 NativeWifiP - ok
15:49:20.0360 3600 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
15:49:20.0392 3600 NDIS - ok
15:49:20.0423 3600 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:49:20.0438 3600 NdisCap - ok
15:49:20.0470 3600 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:49:20.0470 3600 NdisTapi - ok
15:49:20.0516 3600 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
15:49:20.0516 3600 Ndisuio - ok
15:49:20.0532 3600 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:49:20.0548 3600 NdisWan - ok
15:49:20.0563 3600 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
15:49:20.0579 3600 NDProxy - ok
15:49:20.0610 3600 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:49:20.0626 3600 NetBIOS - ok
15:49:20.0657 3600 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
15:49:20.0657 3600 NetBT - ok
15:49:20.0688 3600 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:49:20.0688 3600 Netlogon - ok
15:49:20.0750 3600 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:49:20.0766 3600 Netman - ok
15:49:20.0844 3600 NetMsmqActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:49:20.0844 3600 NetMsmqActivator - ok
15:49:20.0844 3600 NetPipeActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:49:20.0860 3600 NetPipeActivator - ok
15:49:20.0891 3600 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:49:20.0906 3600 netprofm - ok
15:49:20.0906 3600 NetTcpActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:49:20.0906 3600 NetTcpActivator - ok
15:49:20.0922 3600 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:49:20.0922 3600 NetTcpPortSharing - ok
15:49:21.0109 3600 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
15:49:21.0234 3600 netw5v64 - ok
15:49:21.0281 3600 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:49:21.0281 3600 nfrd960 - ok
15:49:21.0328 3600 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
15:49:21.0343 3600 NlaSvc - ok
15:49:21.0359 3600 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:49:21.0359 3600 Npfs - ok
15:49:21.0374 3600 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:49:21.0374 3600 nsi - ok
15:49:21.0406 3600 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:49:21.0406 3600 nsiproxy - ok
15:49:21.0452 3600 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
15:49:21.0515 3600 Ntfs - ok
15:49:21.0530 3600 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:49:21.0530 3600 Null - ok
15:49:21.0593 3600 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
15:49:21.0593 3600 nvraid - ok
15:49:21.0624 3600 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
15:49:21.0624 3600 nvstor - ok
15:49:21.0655 3600 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
15:49:21.0655 3600 nv_agp - ok
15:49:21.0749 3600 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:49:21.0764 3600 odserv - ok
15:49:21.0827 3600 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
15:49:21.0827 3600 ohci1394 - ok
15:49:21.0889 3600 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:49:21.0889 3600 ose - ok
15:49:21.0920 3600 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:49:21.0936 3600 p2pimsvc - ok
15:49:22.0030 3600 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:49:22.0045 3600 p2psvc - ok
15:49:22.0076 3600 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:49:22.0076 3600 Parport - ok
15:49:22.0108 3600 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
15:49:22.0108 3600 partmgr - ok
15:49:22.0139 3600 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:49:22.0139 3600 PcaSvc - ok
15:49:22.0154 3600 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
15:49:22.0170 3600 pci - ok
15:49:22.0186 3600 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
15:49:22.0186 3600 pciide - ok
15:49:22.0217 3600 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:49:22.0217 3600 pcmcia - ok
15:49:22.0248 3600 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:49:22.0248 3600 pcw - ok
15:49:22.0295 3600 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:49:22.0310 3600 PEAUTH - ok
15:49:22.0388 3600 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:49:22.0388 3600 PerfHost - ok
15:49:22.0451 3600 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
15:49:22.0498 3600 pla - ok
15:49:22.0529 3600 PlugPlay (23157d583244400e1d7fbaee2e4b31b7) C:\Windows\system32\umpnpmgr.dll
15:49:22.0544 3600 PlugPlay - ok
15:49:22.0560 3600 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:49:22.0560 3600 PNRPAutoReg - ok
15:49:22.0607 3600 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:49:22.0607 3600 PNRPsvc - ok
15:49:22.0638 3600 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
15:49:22.0654 3600 PolicyAgent - ok
15:49:22.0669 3600 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:49:22.0685 3600 Power - ok
15:49:22.0763 3600 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
15:49:22.0763 3600 PptpMiniport - ok
15:49:22.0794 3600 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:49:22.0794 3600 Processor - ok
15:49:22.0856 3600 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
15:49:22.0856 3600 ProfSvc - ok
15:49:22.0872 3600 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:49:22.0888 3600 ProtectedStorage - ok
15:49:22.0934 3600 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
15:49:22.0934 3600 Psched - ok
15:49:22.0997 3600 PxHlpa64 (a6bf0a9b5a30d743623ca0d3be35df05) C:\Windows\system32\Drivers\PxHlpa64.sys
15:49:22.0997 3600 PxHlpa64 - ok
15:49:23.0044 3600 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:49:23.0106 3600 ql2300 - ok
15:49:23.0168 3600 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:49:23.0168 3600 ql40xx - ok
15:49:23.0200 3600 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:49:23.0215 3600 QWAVE - ok
15:49:23.0231 3600 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:49:23.0231 3600 QWAVEdrv - ok
15:49:23.0262 3600 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:49:23.0262 3600 RasAcd - ok
15:49:23.0309 3600 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:49:23.0309 3600 RasAgileVpn - ok
15:49:23.0324 3600 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:49:23.0324 3600 RasAuto - ok
15:49:23.0340 3600 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:49:23.0356 3600 Rasl2tp - ok
15:49:23.0434 3600 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
15:49:23.0449 3600 RasMan - ok
15:49:23.0465 3600 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:49:23.0465 3600 RasPppoe - ok
15:49:23.0512 3600 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:49:23.0512 3600 RasSstp - ok
15:49:23.0543 3600 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
15:49:23.0543 3600 rdbss - ok
15:49:23.0574 3600 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:49:23.0574 3600 rdpbus - ok
15:49:23.0590 3600 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:49:23.0590 3600 RDPCDD - ok
15:49:23.0621 3600 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:49:23.0621 3600 RDPENCDD - ok
15:49:23.0636 3600 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:49:23.0636 3600 RDPREFMP - ok
15:49:23.0652 3600 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
15:49:23.0668 3600 RDPWD - ok
15:49:23.0683 3600 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
15:49:23.0699 3600 rdyboost - ok
15:49:23.0730 3600 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:49:23.0730 3600 RemoteAccess - ok
15:49:23.0777 3600 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:49:23.0777 3600 RemoteRegistry - ok
15:49:23.0839 3600 RichVideo (498eb62a160674e793fa40fd65390625) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
15:49:23.0855 3600 RichVideo - ok
15:49:23.0917 3600 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
15:49:23.0917 3600 RimUsb - ok
15:49:23.0980 3600 RimVSerPort (0de22421179d5a8440b68517ddf2b051) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
15:49:23.0980 3600 RimVSerPort - ok
15:49:24.0026 3600 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
15:49:24.0026 3600 ROOTMODEM - ok
15:49:24.0058 3600 Roxio UPnP Renderer 9 (afd61a7c48a3e15c86a6fadf0b69a2e4) C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
15:49:24.0058 3600 Roxio UPnP Renderer 9 - ok
15:49:24.0073 3600 Roxio Upnp Server 9 (efbb36e2bb02169d26e9980778fc20d3) C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe
15:49:24.0089 3600 Roxio Upnp Server 9 - ok
15:49:24.0120 3600 RoxLiveShare9 (272572b93ede9d44e8330a03d1b83092) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
15:49:24.0136 3600 RoxLiveShare9 - ok
15:49:24.0182 3600 RoxMediaDB9 (6ba45db2953d0fc7c8107b2e3024cb89) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
15:49:24.0198 3600 RoxMediaDB9 - ok
15:49:24.0229 3600 RoxWatch9 (c48eabb051422eb38adc9eabd47640b9) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
15:49:24.0229 3600 RoxWatch9 - ok
15:49:24.0276 3600 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:49:24.0292 3600 RpcEptMapper - ok
15:49:24.0370 3600 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:49:24.0370 3600 RpcLocator - ok
15:49:24.0401 3600 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
15:49:24.0416 3600 RpcSs - ok
15:49:24.0494 3600 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:49:24.0494 3600 rspndr - ok
15:49:24.0557 3600 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:49:24.0557 3600 RTL8167 - ok
15:49:24.0619 3600 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:49:24.0619 3600 SamSs - ok
15:49:24.0650 3600 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
15:49:24.0650 3600 sbp2port - ok
15:49:24.0682 3600 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:49:24.0682 3600 SCardSvr - ok
15:49:24.0697 3600 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
15:49:24.0713 3600 scfilter - ok
15:49:24.0744 3600 Schedule (ec56b171f85c7e855e7b0588ac503eea) C:\Windows\system32\schedsvc.dll
15:49:24.0775 3600 Schedule - ok
15:49:24.0806 3600 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
15:49:24.0822 3600 SCPolicySvc - ok
15:49:24.0884 3600 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
15:49:24.0884 3600 sdbus - ok
15:49:24.0900 3600 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
15:49:24.0916 3600 SDRSVC - ok
15:49:24.0931 3600 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:49:24.0931 3600 secdrv - ok
15:49:24.0947 3600 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
15:49:24.0962 3600 seclogon - ok
15:49:24.0994 3600 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:49:24.0994 3600 SENS - ok
15:49:25.0040 3600 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:49:25.0056 3600 SensrSvc - ok
15:49:25.0072 3600 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:49:25.0072 3600 Serenum - ok
15:49:25.0103 3600 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:49:25.0103 3600 Serial - ok
15:49:25.0150 3600 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:49:25.0165 3600 sermouse - ok
15:49:25.0196 3600 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
15:49:25.0196 3600 SessionEnv - ok
15:49:25.0228 3600 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
15:49:25.0228 3600 sffdisk - ok
15:49:25.0243 3600 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:49:25.0243 3600 sffp_mmc - ok
15:49:25.0259 3600 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
15:49:25.0259 3600 sffp_sd - ok
15:49:25.0290 3600 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:49:25.0290 3600 sfloppy - ok
15:49:25.0321 3600 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:49:25.0337 3600 SharedAccess - ok
15:49:25.0415 3600 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
15:49:25.0430 3600 ShellHWDetection - ok
15:49:25.0446 3600 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:49:25.0446 3600 SiSRaid2 - ok
15:49:25.0493 3600 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:49:25.0493 3600 SiSRaid4 - ok
15:49:25.0555 3600 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:49:25.0555 3600 Smb - ok
15:49:25.0586 3600 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:49:25.0586 3600 SNMPTRAP - ok
15:49:25.0696 3600 Sonexis Application Sharing Driver Service (660d32a9daf89e2aa794a49b72add8e2) C:\Program Files (x86)\Sonexis\ApplicationSharing\AppDriverService.exe
15:49:25.0696 3600 Sonexis Application Sharing Driver Service - ok
15:49:25.0711 3600 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:49:25.0727 3600 spldr - ok
15:49:25.0742 3600 Spooler (89e8550c5862999fcf482ea562b0e98e) C:\Windows\System32\spoolsv.exe
15:49:25.0758 3600 Spooler - ok
15:49:25.0883 3600 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
15:49:25.0961 3600 sppsvc - ok
15:49:26.0008 3600 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:49:26.0008 3600 sppuinotify - ok
15:49:26.0039 3600 srv (ec8f67289105bf270498095f14963464) C:\Windows\system32\DRIVERS\srv.sys
15:49:26.0039 3600 srv - ok
15:49:26.0070 3600 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys
15:49:26.0086 3600 srv2 - ok
15:49:26.0117 3600 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:49:26.0117 3600 SrvHsfHDA - ok
15:49:26.0179 3600 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:49:26.0227 3600 SrvHsfV92 - ok
15:49:26.0274 3600 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:49:26.0289 3600 SrvHsfWinac - ok
15:49:26.0321 3600 srvnet (26e84d3649019c3244622e654dfcd75b) C:\Windows\system32\DRIVERS\srvnet.sys
15:49:26.0321 3600 srvnet - ok
15:49:26.0367 3600 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:49:26.0383 3600 SSDPSRV - ok
15:49:26.0383 3600 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:49:26.0399 3600 SstpSvc - ok
15:49:26.0492 3600 STacSV (810199dcc3bdc38304d7d649992ea7bc) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
15:49:26.0492 3600 STacSV - ok
15:49:26.0555 3600 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:49:26.0555 3600 stexstor - ok
15:49:26.0617 3600 STHDA (ed1722f43ce61409ef68340402d6267d) C:\Windows\system32\DRIVERS\stwrt64.sys
15:49:26.0633 3600 STHDA - ok
15:49:26.0695 3600 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
15:49:26.0726 3600 stisvc - ok
15:49:26.0757 3600 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
15:49:26.0757 3600 swenum - ok
15:49:26.0820 3600 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:49:26.0835 3600 swprv - ok
15:49:26.0898 3600 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
15:49:26.0945 3600 SysMain - ok
15:49:26.0976 3600 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
15:49:26.0976 3600 TabletInputService - ok
15:49:26.0991 3600 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
15:49:27.0007 3600 TapiSrv - ok
15:49:27.0038 3600 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:49:27.0038 3600 TBS - ok
15:49:27.0194 3600 Tcpip (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\drivers\tcpip.sys
15:49:27.0241 3600 Tcpip - ok
15:49:27.0319 3600 TCPIP6 (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\DRIVERS\tcpip.sys
15:49:27.0335 3600 TCPIP6 - ok
15:49:27.0366 3600 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
15:49:27.0366 3600 tcpipreg - ok
15:49:27.0397 3600 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:49:27.0397 3600 TDPIPE - ok
15:49:27.0397 3600 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:49:27.0413 3600 TDTCP - ok
15:49:27.0459 3600 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
15:49:27.0459 3600 tdx - ok
15:49:27.0491 3600 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
15:49:27.0491 3600 TermDD - ok
15:49:27.0537 3600 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
15:49:27.0569 3600 TermService - ok
15:49:27.0584 3600 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:49:27.0584 3600 Themes - ok
15:49:27.0615 3600 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:49:27.0615 3600 THREADORDER - ok
15:49:27.0647 3600 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:49:27.0647 3600 TrkWks - ok
15:49:27.0693 3600 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
15:49:27.0693 3600 TrustedInstaller - ok
15:49:27.0709 3600 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:49:27.0725 3600 tssecsrv - ok
15:49:27.0756 3600 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
15:49:27.0771 3600 tunnel - ok
15:49:27.0803 3600 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:49:27.0803 3600 uagp35 - ok
15:49:27.0834 3600 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
15:49:27.0834 3600 udfs - ok
15:49:27.0865 3600 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:49:27.0865 3600 UI0Detect - ok
15:49:27.0896 3600 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
15:49:27.0912 3600 uliagpkx - ok
15:49:27.0943 3600 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
15:49:27.0943 3600 umbus - ok
15:49:27.0974 3600 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:49:27.0974 3600 UmPass - ok
15:49:28.0021 3600 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:49:28.0037 3600 upnphost - ok
15:49:28.0115 3600 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
15:49:28.0115 3600 USBAAPL64 - ok
15:49:28.0208 3600 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
15:49:28.0208 3600 usbaudio - ok
15:49:28.0239 3600 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
15:49:28.0239 3600 usbccgp - ok
15:49:28.0317 3600 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
15:49:28.0317 3600 usbcir - ok
15:49:28.0349 3600 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
15:49:28.0349 3600 usbehci - ok
15:49:28.0411 3600 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
15:49:28.0427 3600 usbhub - ok
15:49:28.0442 3600 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
15:49:28.0442 3600 usbohci - ok
15:49:28.0489 3600 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:49:28.0489 3600 usbprint - ok
15:49:28.0505 3600 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:49:28.0505 3600 USBSTOR - ok
15:49:28.0520 3600 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
15:49:28.0520 3600 usbuhci - ok
15:49:28.0551 3600 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
15:49:28.0551 3600 usbvideo - ok
15:49:28.0583 3600 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:49:28.0583 3600 UxSms - ok
15:49:28.0614 3600 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:49:28.0614 3600 VaultSvc - ok
15:49:28.0661 3600 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
15:49:28.0661 3600 vdrvroot - ok
15:49:28.0739 3600 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
15:49:28.0754 3600 vds - ok
15:49:28.0785 3600 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:49:28.0785 3600 vga - ok
15:49:28.0817 3600 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:49:28.0817 3600 VgaSave - ok
15:49:28.0848 3600 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
15:49:28.0863 3600 vhdmp - ok
15:49:28.0879 3600 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
15:49:28.0879 3600 viaide - ok
15:49:28.0895 3600 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
15:49:28.0895 3600 volmgr - ok
15:49:28.0926 3600 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
15:49:28.0941 3600 volmgrx - ok
15:49:28.0957 3600 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
15:49:28.0973 3600 volsnap - ok
15:49:28.0988 3600 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:49:28.0988 3600 vsmraid - ok
15:49:29.0035 3600 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
15:49:29.0097 3600 VSS - ok
15:49:29.0129 3600 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:49:29.0129 3600 vwifibus - ok
15:49:29.0160 3600 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:49:29.0160 3600 vwififlt - ok
15:49:29.0207 3600 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:49:29.0207 3600 W32Time - ok
15:49:29.0269 3600 W3SVC (06d2b9bc146bb0f45f45ff7a296d50c4) C:\Windows\system32\inetsrv\iisw3adm.dll
15:49:29.0285 3600 W3SVC - ok
15:49:29.0316 3600 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:49:29.0316 3600 WacomPen - ok
15:49:29.0378 3600 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:49:29.0378 3600 WANARP - ok
15:49:29.0409 3600 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:49:29.0409 3600 Wanarpv6 - ok
15:49:29.0441 3600 WAS (06d2b9bc146bb0f45f45ff7a296d50c4) C:\Windows\system32\inetsrv\iisw3adm.dll
15:49:29.0441 3600 WAS - ok
15:49:29.0503 3600 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
15:49:29.0550 3600 wbengine - ok
15:49:29.0565 3600 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:49:29.0581 3600 WbioSrvc - ok
15:49:29.0597 3600 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll
15:49:29.0597 3600 wcncsvc - ok
15:49:29.0628 3600 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:49:29.0628 3600 WcsPlugInService - ok
15:49:29.0659 3600 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:49:29.0659 3600 Wd - ok
15:49:29.0737 3600 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:49:29.0753 3600 Wdf01000 - ok
15:49:29.0768 3600 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:49:29.0784 3600 WdiServiceHost - ok
15:49:29.0784 3600 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:49:29.0784 3600 WdiSystemHost - ok
15:49:29.0831 3600 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll
15:49:29.0831 3600 WebClient - ok
15:49:29.0846 3600 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:49:29.0862 3600 Wecsvc - ok
15:49:29.0877 3600 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:49:29.0877 3600 wercplsupport - ok
15:49:29.0893 3600 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:49:29.0909 3600 WerSvc - ok
15:49:29.0924 3600 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:49:29.0924 3600 WfpLwf - ok
15:49:29.0955 3600 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:49:29.0955 3600 WIMMount - ok
15:49:30.0002 3600 WinDefend - ok
15:49:30.0018 3600 WinHttpAutoProxySvc - ok
15:49:30.0080 3600 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:49:30.0096 3600 Winmgmt - ok
15:49:30.0158 3600 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
15:49:30.0205 3600 WinRM - ok
15:49:30.0283 3600 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
15:49:30.0283 3600 WinUsb - ok
15:49:30.0330 3600 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:49:30.0361 3600 Wlansvc - ok
15:49:30.0423 3600 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:49:30.0423 3600 WmiAcpi - ok
15:49:30.0486 3600 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:49:30.0486 3600 wmiApSrv - ok
15:49:30.0501 3600 WMPNetworkSvc - ok
15:49:30.0517 3600 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:49:30.0533 3600 WPCSvc - ok
15:49:30.0548 3600 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
15:49:30.0548 3600 WPDBusEnum - ok
15:49:30.0579 3600 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:49:30.0579 3600 ws2ifsl - ok
15:49:30.0642 3600 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
15:49:30.0642 3600 wscsvc - ok
15:49:30.0657 3600 WSearch - ok
15:49:30.0751 3600 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
15:49:30.0813 3600 wuauserv - ok
15:49:30.0845 3600 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
15:49:30.0845 3600 WudfPf - ok
15:49:30.0891 3600 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:49:30.0891 3600 WUDFRd - ok
15:49:30.0923 3600 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
15:49:30.0923 3600 wudfsvc - ok
15:49:30.0954 3600 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:49:30.0954 3600 WwanSvc - ok
15:49:30.0985 3600 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
15:49:31.0001 3600 yukonw7 - ok
15:49:31.0032 3600 MBR (0x1B8) (b77f55828499d1191a5ee721894b4993) \Device\Harddisk0\DR0
15:49:31.0188 3600 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:49:31.0188 3600 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:49:31.0203 3600 Boot (0x1200) (ceda72234919a91752878bcd1e8b396e) \Device\Harddisk0\DR0\Partition0
15:49:31.0203 3600 \Device\Harddisk0\DR0\Partition0 - ok
15:49:31.0219 3600 Boot (0x1200) (abada037868de784d05a63d64f933390) \Device\Harddisk0\DR0\Partition1
15:49:31.0219 3600 \Device\Harddisk0\DR0\Partition1 - ok
15:49:31.0250 3600 Boot (0x1200) (ca5b168d3abec1d1aeb5eadaa98c3be4) \Device\Harddisk0\DR0\Partition2
15:49:31.0250 3600 \Device\Harddisk0\DR0\Partition2 - ok
15:49:31.0250 3600 ============================================================
15:49:31.0250 3600 Scan finished
15:49:31.0250 3600 ============================================================
15:49:31.0266 1472 Detected object count: 1
15:49:31.0266 1472 Actual detected object count: 1
15:49:54.0151 1472 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:49:54.0151 1472 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#7 LadyPtero

LadyPtero
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:36 AM

Posted 13 April 2012 - 02:57 PM

aswmbr Log --


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-13 15:52:16
-----------------------------
15:52:16.846 OS Version: Windows x64 6.1.7600
15:52:16.846 Number of processors: 2 586 0x170A
15:52:16.846 ComputerName: DEE-PC UserName: Dee
15:52:18.110 Initialize success
15:52:18.188 AVAST engine defs: 10021800
15:52:40.884 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:52:40.899 Disk 0 Vendor: WDC_WD3200BEKT-60F3T1 12.01A12 Size: 305245MB BusType: 11
15:52:40.915 Disk 0 MBR read successfully
15:52:40.915 Disk 0 MBR scan
15:52:40.915 Disk 0 unknown MBR code
15:52:40.930 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
15:52:40.946 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 288849 MB offset 409600
15:52:40.977 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 16195 MB offset 591972352
15:52:41.008 Disk 0 scanning C:\Windows\system32\drivers
15:52:51.554 Service scanning
15:53:05.984 Modules scanning
15:53:05.984 Disk 0 trace - called modules:
15:53:06.031 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
15:53:06.546 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c85060]
15:53:06.546 3 CLASSPNP.SYS[fffff880010bd43f] -> nt!IofCallDriver -> [0xfffffa8004c84040]
15:53:06.561 5 hpdskflt.sys[fffff88001ff5289] -> nt!IofCallDriver -> [0xfffffa8004af5520]
15:53:06.561 7 ACPI.sys[fffff88000f49781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004af1680]
15:53:07.575 AVAST engine scan C:\Windows
15:53:10.118 AVAST engine scan C:\Windows\system32
15:54:33.505 AVAST engine scan C:\Windows\system32\drivers
15:54:49.714 AVAST engine scan C:\Users\Dee
15:56:00.096 Disk 0 MBR has been saved successfully to "C:\Users\Dee\Desktop\MBR.dat"
15:56:00.111 The log file has been saved successfully to "C:\Users\Dee\Desktop\aswMBR413.txt"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:36 AM

Posted 13 April 2012 - 06:39 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#9 LadyPtero

LadyPtero
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:36 AM

Posted 13 April 2012 - 09:57 PM

ESET List --


C:\Config.Msi\5b6c2025.rbf a variant of Win32/Adware.Toolbar.Dealio application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.04.2012_20.35.02\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.04.2012_20.35.02\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.04.2012_20.35.02\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.04.2012_20.35.02\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AG trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.04.2012_20.35.02\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.KQ trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.04.2012_20.35.02\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AF trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.04.2012_20.35.02\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.04.2012_20.35.02\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.04.2012_20.37.06\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.04.2012_20.37.06\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.04.2012_20.37.06\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.04.2012_20.37.06\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AG trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.04.2012_20.37.06\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.KQ trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.04.2012_20.37.06\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AF trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.04.2012_20.37.06\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.04.2012_20.37.06\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined
C:\Users\Dee\AppData\Local\Temp\plugtmp-3\plugin-smuvbdkurusd.php PDF/Exploit.Pidief.PGF.Gen trojan cleaned by deleting - quarantined
C:\Users\Dee\Downloads\YouTubeDownloaderSetup27.exe a variant of Win32/Toolbar.Widgi application deleted - quarantined

#10 LadyPtero

LadyPtero
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:36 AM

Posted 13 April 2012 - 10:01 PM

MiniToolBox by Farbar Version: 18-01-2012
Ran by Dee (administrator) on 13-04-2012 at 22:59:59
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom 802.11b/g WLAN = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Dee-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.md.comcast.net.

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.md.comcast.net.
Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
Physical Address. . . . . . . . . : 0C-60-76-7E-61-26
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a84c:d9b2:8ee1:b4cb%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, April 13, 2012 9:39:58 PM
Lease Expires . . . . . . . . . . : Saturday, April 14, 2012 10:53:12 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 319578230
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-62-F1-82-00-26-22-A1-6C-8F
DNS Servers . . . . . . . . . . . : 68.84.73.242
75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-26-22-A1-6C-8F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {6798B181-D22C-411B-B509-90387E95F428}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.md.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.md.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:86a:3b2:ba73:61e8(Preferred)
Link-local IPv6 Address . . . . . : fe80::86a:3b2:ba73:61e8%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 68.84.73.242

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging google.com [72.14.204.101] with 32 bytes of data:
Reply from 72.14.204.101: bytes=32 time=22ms TTL=51
Reply from 72.14.204.101: bytes=32 time=22ms TTL=51

Ping statistics for 72.14.204.101:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 22ms, Maximum = 22ms, Average = 22ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 68.84.73.242

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=129ms TTL=49
Reply from 98.139.183.24: bytes=32 time=32ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 32ms, Maximum = 129ms, Average = 80ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 68.84.73.242

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...0c 60 76 7e 61 26 ......Broadcom 802.11b/g WLAN
11...00 26 22 a1 6c 8f ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 281
192.168.1.100 255.255.255.255 On-link 192.168.1.100 281
192.168.1.255 255.255.255.255 On-link 192.168.1.100 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:86a:3b2:ba73:61e8/128
On-link
13 281 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::86a:3b2:ba73:61e8/128
On-link
13 281 fe80::a84c:d9b2:8ee1:b4cb/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/13/2012 09:46:27 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (04/13/2012 09:01:27 PM) (Source: Application Hang) (User: )
Description: The program WINWORD.EXE version 12.0.4518.1014 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 478

Start Time: 01cd19d9f8460f16

Termination Time: 14

Application Path: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

Report Id: 5416e153-85cd-11e1-800c-002622a16c8f

Error: (04/13/2012 05:56:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1139

Error: (04/13/2012 05:56:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1139

Error: (04/13/2012 05:56:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2012 04:00:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1232

Error: (04/13/2012 04:00:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1232

Error: (04/13/2012 04:00:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/11/2012 07:22:30 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: -1073741702 (0xc000007a).

Error: (04/10/2012 11:20:42 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: -1073741702 (0xc000007a).


System errors:
=============
Error: (04/13/2012 09:40:35 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 9 service to connect.

Error: (04/13/2012 03:46:56 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 9 service to connect.

Error: (04/12/2012 09:22:27 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 9 service to connect.

Error: (04/12/2012 08:29:13 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 9 service to connect.

Error: (04/12/2012 08:28:08 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:05:10 AM on ?4/?12/?2012 was unexpected.

Error: (04/11/2012 09:03:16 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 9 service to connect.

Error: (04/11/2012 08:50:33 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (04/11/2012 08:50:33 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (04/11/2012 08:50:33 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (04/11/2012 08:50:33 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
Activate Norton Online Backup (Version: 1.1.20.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.3)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.1.85.3)
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Adobe Reader 9.1 MUI (Version: 9.1.0)
Alps Touch Pad Driver
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
avast! Free Antivirus (Version: 5.0.377.0)
Avidemux 2.5 (Version: 2.5.2.5660)
BlackBerry Desktop Software 4.5 (Version: 4.5.0.15)
BlackBerry® Media Sync (Version: 3.0.0.39)
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.350.6)
Cakewalk Sound Center 1.1.0 (Version: 1.1.0)
Choice Guard (Version: 1.2.87.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
ConferenceManager Client Software (Version: 9.2.1104)
ConferenceManager Print Driver (Version: 9.2.11.4)
CyberLink DVD Suite (Version: 6.0.3101)
DivX Plus Web Player (Version: 2.0.0)
doubleTwist (Version: 3.0.1.6567)
ENE CIR Receiver Driver (Version: 2.7.3.519)
ESET Online Scanner v3
Facebook Plug-In
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
GEAR driver installer for x86 and x64 (Version: 4.010.1)
Google Chrome (Version: 18.0.1025.152)
Google Talk Plugin (Version: 2.8.7.6830)
Homepage Protection (Version: )
HP 3D DriveGuard (Version: 4.0.3.1)
HP Advisor (Version: 3.2.8946.3086)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Games (Version: 1.0.0.71)
HP MediaSmart DVD (Version: 3.0.3123)
HP MediaSmart Internet TV (Version: 3.0.1916)
HP MediaSmart Live TV (Version: 3.0.1924)
HP MediaSmart Movie Themes (Version: 3.0.3102)
HP MediaSmart Music/Photo/Video (Version: 3.0.3123)
HP MediaSmart SlingPlayer (Version: 2.1.1.60)
HP MediaSmart SmartMenu (Version: 3.0.30.1)
HP MediaSmart Software Notebook Demo (Version: 1.00.0000)
HP MediaSmart Webcam (Version: 3.0.1913)
HP Quick Launch Buttons (Version: 6.50.17.1)
HP Setup (Version: 1.2.3220.3079)
HP Smart Web Printing (Version: 131.1.35898)
HP Support Assistant (Version: 5.1.10.7)
HP Update (Version: 5.001.000.014)
HP User Guides 0146 (Version: 1.02.0002)
HP Wireless Assistant (Version: 3.50.12.1)
HPAsset component for HP Active Support Library (Version: 3.0.0.7)
IDT Audio (Version: 1.0.6225.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1883)
iTunes (Version: 10.5.3.3)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 26 (Version: 6.0.260)
JMicron Flash Media Controller Driver (Version: 1.0.32.1)
Junk Mail filter update (Version: 14.0.8064.206)
LabelPrint (Version: 2.5.1913)
LightScribe System Software (Version: 1.18.16.1)
LSI HDA Modem (Version: 2.2.97)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Live Search Toolbar (Version: 3.0.560.0)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Home and Student 60 day trial
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6215.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 3.0.40818.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Works (Version: 9.7.0621)
Move Media Player
Mozilla Firefox 10.0 (x86 en-US) (Version: 10.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Creator LE 5.0.6 (Version: 17.0)
Picasa 3 (Version: 3.8)
Power2Go (Version: 6.0.3101)
PowerDirector (Version: 7.0.3101)
PowerRecover (Version: 5.5.1923)
QLBCASL (Version: 6.40.17.2)
QuickTime (Version: 7.71.80.42)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0005)
Roxio Media Manager (Version: 9.4.023)
SlingBoxWatchYourTVAnyWhere (Version: 2.1.1.58)
Spotify (Version: 0.5.2)
Spotify (Version: 0.8.2.610.g090a06f8)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VD64Inst (Version: 1.00.0000)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8064.0206)
Windows Live Essentials (Version: 14.0.8064.206)
Windows Live Mail (Version: 14.0.8064.0206)
Windows Live Messenger (Version: 14.0.8064.0206)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8064.0206)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
YouTube Downloader 2.7

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 3998.96 MB
Available physical RAM: 2412.22 MB
Total Pagefile: 7996.07 MB
Available Pagefile: 6251.03 MB
Total Virtual: 4095.88 MB
Available Virtual: 3959.87 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:282.08 GB) (Free:210.35 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:15.82 GB) (Free:2.59 GB) NTFS

========================= Users: ========================================

User accounts for \\DEE-PC

Administrator Dee Guest


**** End of log ****

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:36 AM

Posted 13 April 2012 - 10:43 PM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#12 LadyPtero

LadyPtero
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:36 AM

Posted 13 April 2012 - 11:09 PM

Thanks for getting back to me so promptly and for all the expert help!! :clapping:

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:36 AM

Posted 13 April 2012 - 11:16 PM

You're most welcome :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users