Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirecting issues


  • This topic is locked This topic is locked
11 replies to this topic

#1 lilayton

lilayton

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 29 April 2012 - 05:55 PM

Hello,
My friend secretly used utorrent on my laptop and now I'm having these weird redirecting pages every time i open a browser. How may i fix this?

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:40 PM

Posted 29 April 2012 - 06:23 PM

Hello, I moved this to the Am I Infected forum.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

>>>>
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.



Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on [color=blue]Malwarebytes Chameleon
and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware)

Edited by boopme, 29 April 2012 - 06:23 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 lilayton

lilayton
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 29 April 2012 - 06:32 PM

MiniToolBox by Farbar Version: 18-01-2012
Ran by Velle (administrator) on 29-04-2012 at 18:29:26
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
**********************************************************

*****************

========================= Flush DNS:

===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings:

==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings:

==============================


"Reset FF Proxy Settings": Firefox Proxy settings were

reset.

Hosts file not detected in the default directory
========================= IP Configuration:

================================

Intel® Centrino® Advanced-N 6200 AGN = Wireless

Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth

Network Connection (Media disconnected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS

6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network

Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network

Connection 3 (Media disconnected)
The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : AlienwareM18
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : myhome.westell.com

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual

WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 18-3D-A2-7B-4D-C9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual

WiFi Miniport Adapter
Physical Address. . . . . . . . . : 18-3D-A2-7B-4D-C9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : myhome.westell.com
Description . . . . . . . . . . . : Intel® Centrino

® Advanced-N 6200 AGN
Physical Address. . . . . . . . . : 18-3D-A2-7B-4D-C8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . :

fe80::f877:85c4:5aa5:de24%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.43

(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, April 29,

2012 2:54:43 PM
Lease Expires . . . . . . . . . . : Monday, April 30,

2012 3:01:14 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 186138018
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-DF-

F5-F2-18-3D-A2-7B-4D-C8
DNS Servers . . . . . . . . . . . : 192.168.1.1
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8151

PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 5C-26-0A-72-63-FB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device

(Personal Area Network)
Physical Address. . . . . . . . . : 38-59-F9-D6-68-41
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling

Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-

00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.myhome.westell.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP

Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-

00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Pinging google.com [74.125.227.32] with 32 bytes of data:
Reply from 74.125.227.32: bytes=32 time=22ms TTL=56
Reply from 74.125.227.32: bytes=32 time=22ms TTL=56

Ping statistics for 74.125.227.32:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 22ms, Maximum = 22ms, Average = 22ms

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=29ms TTL=55
Reply from 209.191.122.70: bytes=32 time=25ms TTL=55

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 25ms, Maximum = 29ms, Average = 27ms

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes

of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
==========================================================

=================
Interface List
17...18 3d a2 7b 4d c9 ......Microsoft Virtual WiFi

Miniport Adapter #2
16...18 3d a2 7b 4d c9 ......Microsoft Virtual WiFi

Miniport Adapter
15...18 3d a2 7b 4d c8 ......Intel® Centrino®

Advanced-N 6200 AGN
13...5c 26 0a 72 63 fb ......Atheros AR8151 PCI-E Gigabit

Ethernet Controller (NDIS 6.20)
12...38 59 f9 d6 68 41 ......Bluetooth Device (Personal

Area Network)
1...........................Software Loopback Interface

1
20...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-

Interface
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
==========================================================

=================

IPv4 Route Table
==========================================================

=================
Active Routes:
Network Destination Netmask Gateway

Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1

192.168.1.43 25
127.0.0.0 255.0.0.0 On-link

127.0.0.1 306
127.0.0.1 255.255.255.255 On-link

127.0.0.1 306
127.255.255.255 255.255.255.255 On-link

127.0.0.1 306
192.168.1.0 255.255.255.0 On-link

192.168.1.43 281
192.168.1.43 255.255.255.255 On-link

192.168.1.43 281
192.168.1.255 255.255.255.255 On-link

192.168.1.43 281
224.0.0.0 240.0.0.0 On-link

127.0.0.1 306
224.0.0.0 240.0.0.0 On-link

192.168.1.43 281
255.255.255.255 255.255.255.255 On-link

127.0.0.1 306
255.255.255.255 255.255.255.255 On-link

192.168.1.43 281
==========================================================

=================
Persistent Routes:
None

IPv6 Route Table
==========================================================

=================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
15 281 fe80::/64 On-link
15 281 fe80::f877:85c4:5aa5:de24/128
On-link
1 306 ff00::/8 On-link
15 281 ff00::/8 On-link
==========================================================

=================
Persistent Routes:
None
========================= Winsock entries

=====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224]

(Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024]

(Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024]

(Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992]

(Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352]

(Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft

Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft

Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll

[152864] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096]

(Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016]

(Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016]

(Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672]

(Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104]

(Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft

Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft

Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll

[193824] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()

========================= Event log errors:

===============================

Application errors:
==================
Error: (04/29/2012 06:23:10 PM) (Source: Application

Error) (User: )
Description: Faulting application name:

nullDC_Win32_Release-NoTrace.exe, version: 0.0.0.0, time

stamp: 0x4e50af79
Faulting module name: nullDC_Win32_Release-NoTrace.exe,

version: 0.0.0.0, time stamp: 0x4e50af79
Exception code: 0x80000003
Fault offset: 0x0002c151
Faulting process id: 0x1534
Faulting application start time: 0xnullDC_Win32_Release-

NoTrace.exe0
Faulting application path: nullDC_Win32_Release-

NoTrace.exe1
Faulting module path: nullDC_Win32_Release-NoTrace.exe2
Report Id: nullDC_Win32_Release-NoTrace.exe3

Error: (04/29/2012 06:22:19 PM) (Source: Application

Error) (User: )
Description: Faulting application name:

nullDC_Win32_Release-NoTrace.exe, version: 0.0.0.0, time

stamp: 0x4e50af79
Faulting module name: nullDC_Win32_Release-NoTrace.exe,

version: 0.0.0.0, time stamp: 0x4e50af79
Exception code: 0x80000003
Fault offset: 0x0002c151
Faulting process id: 0x1f54
Faulting application start time: 0xnullDC_Win32_Release-

NoTrace.exe0
Faulting application path: nullDC_Win32_Release-

NoTrace.exe1
Faulting module path: nullDC_Win32_Release-NoTrace.exe2
Report Id: nullDC_Win32_Release-NoTrace.exe3

Error: (04/29/2012 06:21:54 PM) (Source: Application

Error) (User: )
Description: Faulting application name:

nullDC_Win32_Release-NoTrace.exe, version: 0.0.0.0, time

stamp: 0x4e50af79
Faulting module name: ntdll.dll, version: 6.1.7601.17725,

time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x00033ab3
Faulting process id: 0x2510
Faulting application start time: 0xnullDC_Win32_Release-

NoTrace.exe0
Faulting application path: nullDC_Win32_Release-

NoTrace.exe1
Faulting module path: nullDC_Win32_Release-NoTrace.exe2
Report Id: nullDC_Win32_Release-NoTrace.exe3

Error: (04/29/2012 06:17:51 PM) (Source: Application

Error) (User: )
Description: Faulting application name: nullDC_100b1.exe,

version: 0.0.0.0, time stamp: 0x460fcca0
Faulting module name: unknown, version: 0.0.0.0, time

stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x71df4f0d
Faulting process id: 0xcb8
Faulting application start time: 0xnullDC_100b1.exe0
Faulting application path: nullDC_100b1.exe1
Faulting module path: nullDC_100b1.exe2
Report Id: nullDC_100b1.exe3

Error: (04/29/2012 06:17:43 PM) (Source: Application

Error) (User: )
Description: Faulting application name: nullDC_100b1.exe,

version: 0.0.0.0, time stamp: 0x460fcca0
Faulting module name: unknown, version: 0.0.0.0, time

stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x71df4f0d
Faulting process id: 0x9d0
Faulting application start time: 0xnullDC_100b1.exe0
Faulting application path: nullDC_100b1.exe1
Faulting module path: nullDC_100b1.exe2
Report Id: nullDC_100b1.exe3

Error: (04/29/2012 06:16:09 PM) (Source: Application

Error) (User: )
Description: Faulting application name: nullDC_100b1.exe,

version: 0.0.0.0, time stamp: 0x460fcca0
Faulting module name: unknown, version: 0.0.0.0, time

stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x71df4f0d
Faulting process id: 0x1d60
Faulting application start time: 0xnullDC_100b1.exe0
Faulting application path: nullDC_100b1.exe1
Faulting module path: nullDC_100b1.exe2
Report Id: nullDC_100b1.exe3

Error: (04/29/2012 06:15:14 PM) (Source: Application

Error) (User: )
Description: Faulting application name: nullDC_100b1.exe,

version: 0.0.0.0, time stamp: 0x460fcca0
Faulting module name: unknown, version: 0.0.0.0, time

stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x71df4f0d
Faulting process id: 0x1dc4
Faulting application start time: 0xnullDC_100b1.exe0
Faulting application path: nullDC_100b1.exe1
Faulting module path: nullDC_100b1.exe2
Report Id: nullDC_100b1.exe3

Error: (04/29/2012 06:09:16 PM) (Source: Application

Error) (User: )
Description: Faulting application name:

nullDC_100b1_6.exe, version: 0.0.0.0, time stamp:

0x47310f19
Faulting module name: unknown, version: 0.0.0.0, time

stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x71df4f0d
Faulting process id: 0x188c
Faulting application start time: 0xnullDC_100b1_6.exe0
Faulting application path: nullDC_100b1_6.exe1
Faulting module path: nullDC_100b1_6.exe2
Report Id: nullDC_100b1_6.exe3

Error: (04/29/2012 06:04:06 PM) (Source: Application

Error) (User: )
Description: Faulting application name:

nullDC_Win32_Release-NoTrace.exe, version: 0.0.0.0, time

stamp: 0x4e7093a0
Faulting module name: ntdll.dll, version: 6.1.7601.17725,

time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0x5c4
Faulting application start time: 0xnullDC_Win32_Release-

NoTrace.exe0
Faulting application path: nullDC_Win32_Release-

NoTrace.exe1
Faulting module path: nullDC_Win32_Release-NoTrace.exe2
Report Id: nullDC_Win32_Release-NoTrace.exe3

Error: (04/29/2012 05:40:38 PM) (Source: Application

Error) (User: )
Description: Faulting application name:

nullDC_Win32_Release-NoTrace.exe, version: 0.0.0.0, time

stamp: 0x4dea3442
Faulting module name: ntdll.dll, version: 6.1.7601.17725,

time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0x1fc0
Faulting application start time: 0xnullDC_Win32_Release-

NoTrace.exe0
Faulting application path: nullDC_Win32_Release-

NoTrace.exe1
Faulting module path: nullDC_Win32_Release-NoTrace.exe2
Report Id: nullDC_Win32_Release-NoTrace.exe3


System errors:
=============
Error: (04/29/2012 03:01:18 PM) (Source: Microsoft-

Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read

the local hosts file.

Error: (04/29/2012 03:01:17 PM) (Source: Microsoft-

Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read

the local hosts file.

Error: (04/29/2012 03:01:15 PM) (Source: Microsoft-

Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read

the local hosts file.

Error: (04/29/2012 03:01:08 PM) (Source: Microsoft-

Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read

the local hosts file.

Error: (04/29/2012 02:54:44 PM) (Source: Service Control

Manager) (User: )
Description: The HomeGroup Listener service terminated

with service-specific error %%-2147023143.

Error: (04/29/2012 02:54:44 PM) (Source: Microsoft-

Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read

the local hosts file.

Error: (04/29/2012 02:54:43 PM) (Source: Microsoft-

Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read

the local hosts file.

Error: (04/29/2012 02:54:43 PM) (Source: Microsoft-

Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read

the local hosts file.

Error: (04/29/2012 01:33:46 PM) (Source: Service Control

Manager) (User: )
Description: A timeout (30000 milliseconds) was reached

while waiting for a transaction response from the

SftService service.

Error: (04/29/2012 01:33:16 PM) (Source: Service Control

Manager) (User: )
Description: A timeout (30000 milliseconds) was reached

while waiting for a transaction response from the

SftService service.


Microsoft Office Sessions:
=========================
Error: (04/29/2012 06:23:10 PM) (Source: Application

Error)(User: )
Description: nullDC_Win32_Release-

NoTrace.exe0.0.0.04e50af79nullDC_Win32_Release-

NoTrace.exe0.0.0.04e50af79800000030002c151153401cd265ef521

037fC:\Users\Velle\Desktop

\nullDC_NAOMI_104_r136\nullDC_Win32_Release-NoTrace.exeC:

\Users\Velle\Desktop

\nullDC_NAOMI_104_r136\nullDC_Win32_Release-

NoTrace.exe4810d8a3-9252-11e1-a941-3859f9d66841

Error: (04/29/2012 06:22:19 PM) (Source: Application

Error)(User: )
Description: nullDC_Win32_Release-

NoTrace.exe0.0.0.04e50af79nullDC_Win32_Release-

NoTrace.exe0.0.0.04e50af79800000030002c1511f5401cd265ee201

9b55C:\Users\Velle\Desktop

\nullDC_NAOMI_104_r136\nullDC_Win32_Release-NoTrace.exeC:

\Users\Velle\Desktop

\nullDC_NAOMI_104_r136\nullDC_Win32_Release-

NoTrace.exe2996494f-9252-11e1-a941-3859f9d66841

Error: (04/29/2012 06:21:54 PM) (Source: Application

Error)(User: )
Description: nullDC_Win32_Release-

NoTrace.exe0.0.0.04e50af79ntdll.dll6.1.7601.177254ec49b8fc

000000500033ab3251001cd265edc485843C:\Users\Velle\Desktop

\nullDC_NAOMI_104_r136\nullDC_Win32_Release-NoTrace.exeC:

\Windows\SysWOW64\ntdll.dll1aef65a0-9252-11e1-a941-

3859f9d66841

Error: (04/29/2012 06:17:51 PM) (Source: Application

Error)(User: )
Description:

nullDC_100b1.exe0.0.0.0460fcca0unknown0.0.0.000000000c0000

41d71df4f0dcb801cd265e4b9e965bC:\Users\Velle\Documents

\Games\ndc\nullDC_100b1.exeunknown89d74642-9251-11e1-a941

-3859f9d66841

Error: (04/29/2012 06:17:43 PM) (Source: Application

Error)(User: )
Description:

nullDC_100b1.exe0.0.0.0460fcca0unknown0.0.0.000000000c0000

41d71df4f0d9d001cd265e46e85027C:\Users\Velle\Documents

\Games\ndc\nullDC_100b1.exeunknown8554016b-9251-11e1-a941

-3859f9d66841

Error: (04/29/2012 06:16:09 PM) (Source: Application

Error)(User: )
Description:

nullDC_100b1.exe0.0.0.0460fcca0unknown0.0.0.000000000c0000

41d71df4f0d1d6001cd265e0f48d277C:\Users\Velle\Documents

\Games\ndc\nullDC_100b1.exeunknown4d5ec048-9251-11e1-a941

-3859f9d66841

Error: (04/29/2012 06:15:14 PM) (Source: Application

Error)(User: )
Description:

nullDC_100b1.exe0.0.0.0460fcca0unknown0.0.0.000000000c0000

41d71df4f0d1dc401cd265dede20845C:\Users\Velle\Documents

\Games\ndc\nullDC_100b1.exeunknown2c8b0526-9251-11e1-a941

-3859f9d66841

Error: (04/29/2012 06:09:16 PM) (Source: Application

Error)(User: )
Description:

nullDC_100b1_6.exe0.0.0.047310f19unknown0.0.0.000000000c00

0041d71df4f0d188c01cd265d17a5d2dfC:\Users\Velle\Documents

\Games\Null DC 1.6\nullDC_100b1_6.exeunknown57243a40-9250

-11e1-a941-3859f9d66841

Error: (04/29/2012 06:04:06 PM) (Source: Application

Error)(User: )
Description: nullDC_Win32_Release-

NoTrace.exe0.0.0.04e7093a0ntdll.dll6.1.7601.177254ec49b8fc

0000374000ce6c35c401cd265c5f3138feC:\Users\Velle

\Documents\Games\EmuCR-nullDC-Naomi-

r140\nullDC_Win32_Release-NoTrace.exeC:\Windows

\SysWOW64\ntdll.dll9e59bf09-924f-11e1-a941-3859f9d66841

Error: (04/29/2012 05:40:38 PM) (Source: Application

Error)(User: )
Description: nullDC_Win32_Release-

NoTrace.exe0.0.0.04dea3442ntdll.dll6.1.7601.177254ec49b8fc

0000374000ce6c31fc001cd26591765de46C:\Users\Velle\Desktop

\EmuCR-nullDC-r135\nullDC_Win32_Release-NoTrace.exeC:

\Windows\SysWOW64\ntdll.dll5722e9fc-924c-11e1-a941-

3859f9d66841


=========================== Installed Programs

============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
AccelerometerP11 (Version: 2.00.11.22)
Acoustica Premium Edition 5.0 (Version: 5.0)
AcusticaAudio Nebula3Free
ADM 1.0
Adobe AIR (Version: 1.5.3.9120)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Creative Suite 5 Master Collection (Version: 5.0)
Adobe Flash Player 10 ActiveX (Version: 10.1.52.14)
Adobe Flash Player 10 Plugin (Version: 10.1.52.14)
Adobe Flash Player 11 ActiveX 64-bit (Version:

11.2.202.233)
Adobe Flash Player 11 Plugin 64-bit (Version:

11.2.202.233)
Adobe Media Player (Version: 1.8)
Adobe Reader X (10.1.3) MUI (Version: 10.1.3)
Advanced Audio FX Engine (Version: 1.12.05)
AKAI professional VST Collection v1.0
Akamai NetSession Interface
Akamai NetSession Interface Service
Alien303
AlienRespawn - Support Software (Version: 9.4.60)
AlienRespawn (Version: 9.4.60)
Alienware M18x Manual (Version: 1.0.2.0)
Alienware On-Screen Display (Version: 0.31.0.14C)
Analog Factory HipHop 2.2.1
Antares Autotune VST v5.09
Antares Avox 1.06
Antares Filter VST DX v1.0
Antares Filter VST DX v1.01
Antares Harmony Engine VST RTAS v1.0
Antares Microphone Modeler DX v1.32
Antares Tube VST v1.02
Apple Software Update (Version: 2.1.1.116)
Arturia CS-80V v1.5
ASIO4ALL (Version: 2.10)
Atheros Communications Inc.® AR81Family Gigabit/Fast

Ethernet Driver (Version: 1.0.0.36)
Attack 1.2.1
Automap 4.3 (Version: 4.3)
Bandisoft MPEG-1 Decoder
Bass Station 1.6 (Version: 1.6)
Bonjour (Version: 2.0.2.0)
Bonjour Print Services (Version: 2.0.2.0)
Cakewalk Audio FX Pack 1
Cakewalk Audio FX Pack 2
Cakewalk Audio FX Pack 3
Call of Duty: Black Ops
Call of Duty: Black Ops - Multiplayer
Camel Audio Alchemy64 (Version: 1.25.0)
Command Center (Version: 2.6.10.0)
CSR (Version: 1.1.0)
CUBE 2 (Version: 2.2)
CursorFX
CursorFX (Version: 2.10.022)
D3DX10 (Version: 15.4.2368.0902)
daHornet Version 1.34
Dash Synthesis daAlfa2k.v1.54
Deckadance
Definition Update for Microsoft Office 2010 (KB982726) 32

-Bit Edition
Deus Ex - Human Revolution version 1.0 (Version: 1.0)
DirectX 9 Runtime (Version: 1.00.0000)
discoDSP Discovery v2.4 (Version: 2.4)
DUNE 1.31
Edirol HQ Orchestral v1.01
eLicenser Control
Emagic EVP73 VSTi v1.0
EMS Synth A VS VSTi v0.32
EMSC (Version: 0.0.0.22C)
FabFilter Pro-C VST RTAS v1.10
FabFilter TotalBundle VST RTAS v1.0
FL Studio 10
FLUX Spring Pack Bundle v1.0.4.14
Flux:: BitterSweet II (Version: 1.4.0.0)
Flux:: Stereo Tool (Version: 1.4.0.0)
Genesis Vst
Glitch One MB VSTi Version 1.0b
Google Chrome (Version: 18.0.1025.162)
IDT Audio (Version: 1.0.6320.0)
IL Download Manager
Image-Line PoiZone v2.1
Integrated Webcam Live! Central (Version: 2.00.44)
Intel PROSet Wireless
Intel® PROSet/Wireless WiFi Software (Version:

14.0.2000)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
Interlok driver setup x64 (Version: 5.8.13)
iZotope Ozone 3 (Version: 3.05)
iZotope Trash v1.04
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 24 (Version: 6.0.240)
Junk Mail filter update (Version: 15.4.3502.0922)
Kjaerhus Audio - Golden Audio Channel | GAC-1 v1.01

(Version: 1.01)
Kjaerhus Audio - Golden Equaliser | GEQ-7 v1.10 (Version:

1.10)
KNOBSTER Bundle
KORG AudioGate (Version: 2.1.0)
KORG Legacy Collection - ANALOG EDITION 2007 (Version:

1.2.3)
KORG Legacy Collection - DIGITAL EDITION v1.0.0
Korg Legacy Collection VSTi v1.0.02
Kuassa Amplifikation One Ver.1.1.1
LinuxSampler 20090803
Live 8.2.2
Live 8.2.4
Logitech Gaming Software 5.10 (Version: 5.10.127)
LoopBe1 - Internal MIDI Port
Luxonix Purity VSTi v1.1.2
LUXONIX Ravity(S) v1.4
M42 Nebula VSTi v1.0
Malwarebytes Anti-Malware version 1.61.0.1400 (Version:

1.61.0.1400)
MemoryMoon v1.3 VSTi
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version:

4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version:

12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version:

14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010

(Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version:

14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version:

14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version:

14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version:

14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version:

14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version:

14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version:

14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version:

14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version:

14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version:

14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version:

14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version:

14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version:

14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010

(Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI

(English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version:

14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010

(Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version:

14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version:

3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version:

8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version:

8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version:

8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version:

8.0.59192)
Microsoft Visual C++ 2008 Redistributable - x64

9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64

9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

(Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

(Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86

9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86

9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable -

10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Moog Modular V 2.5
Mozilla Firefox 5.0.1 (x86 en-US) (Version: 5.0.1)
Mp3Doctor PRO (Version: 1.04)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
N.I Pro-53 v3.0-OxYGeN
Native Instruments FM8
Native Instruments Guitar Rig 3
Native Instruments Massive (Version: 1.1.5.1967)
Native Instruments Massive v1.0.1.008 VSTi DXi RTAS
Native Instruments Urban Arsenal
Native.Instruments Battery v3.0.1.005 VSTi DXi RTAS
Native.Instruments.Pro.53.v3.02.004-DAC
Nexon Game Manager
Nexuiz
NN-29 VSTi Digital Sampler v. 0.3c BETA
NomadFactory Integral Studio Pack VST RTAS v1.1
Novation USB Audio Driver 2.3 (Version: 2.3)
nullDC 1.0.0 Public Beta 1 Setup (Version: 1.0.0)
NVIDIA 3D Vision Driver 267.64 (Version: 267.64)
NVIDIA Control Panel 267.64 (Version: 267.64)
NVIDIA Graphics Driver 267.64 (Version: 267.64)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version:

9.10.0514)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6764)
OpenAL
Pando Media Booster (Version: 2.6.0.7)
PdaNet for Android 2.41
PDF Settings CS5 (Version: 10.0)
PhotoShowExpress (Version: 2.0.063)
PowerISO (Version: 5.0)
Pro-Sounds PS-1 (Version: 1.2)
Project64 1.6 (Version: 1.6)
PxMergeModule (Version: 1.00.0000)
QualxServ Service Agreement (Version: 2.0.0)
RBVirtualFolder64Inst (Version: 1.00.0000)
reFX Nexus VSTi RTAS v2.2.0
rgc:audio sfz+ DXi v1.01
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
S-YXG50 Trial
S4 League_EU (Version: 1.00.0000)
SampleMoog (Version: 1.0.0)
Shred 1.06
Skype™ 5.9 (Version: 5.9.114)
SmartCode VNC Manager (Enterprise Edition) 6.8 (Version:

6.8.4.0)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Sonik Synth 2
SONiVOX Sampla
Sonnox Oxford Reverb Native VST v1.0
Sonnox Oxford TransMod Native VST v1.3.1
SoundFonts.it Milestone v1.0 VSTi
SPL Analog Code Bundle v1.1
Steam (Version: 1.0.0.0)
Studio Devil Virtual Guitar Amp VST v1.1
Studio Instruments 1.0 (Version: 1.0)
Superwave Bundle VSTi v2.0
Synaptics Pointing Device Driver (Version: 15.1.19.0)
SynthEdit (Version: 1.1.5000)
Synthogy Ivory 1.50 Standalone
TeamViewer 7 (Version: 7.0.12979)
TerraTec Komplexer VSTi v1.0.2.0
The Music Producer (Version: 2.1)
Ultimate 3 Band EQ v1.05
UninstallTpkdx64
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile

(KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile

(KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile

(KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871)

(Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523)

(Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217)

(Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit

Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit

Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit

Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit

Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit

Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit

Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit

Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit

Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit

Edition
Update for Microsoft Outlook Social Connector 2010

(KB2553406) 32-Bit Edition
UVI Workstation 1.1.7 (Version: 1.1.7)
V-Station 1.50 (Version: 1.50)
Vindictus
Wave Arts Power Suite (Version: 5.40)
Waveform Demo
Waves Gold Processors 3.6
Waves Mercury Bundle (Version: 5.0)
Way Out Ware TimewARP2600 v1.15
Windows Live Communications Platform (Version:

15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections

(Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version:

15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version:

15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version:

15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version:

15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info:

===================================

Percentage of memory in use: 19%
Total physical RAM: 16365.82 MB
Available physical RAM: 13212.69 MB
Total Pagefile: 32729.84 MB
Available Pagefile: 29371.4 MB
Total Virtual: 4095.88 MB
Available Virtual: 3957.84 MB

========================= Partitions:

=====================================

1 Drive c: (OS) (Fixed) (Total:1387.5 GB) (Free:1083.43

GB) NTFS

========================= Users:

========================================

User accounts for \\ALIENWAREM18

Administrator Guest Velle




**** End of log ****

#4 lilayton

lilayton
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 29 April 2012 - 06:34 PM

What if i already have Malewarebytes installed?

#5 lilayton

lilayton
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 29 April 2012 - 06:42 PM

18:34:56.0179 9780 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
18:34:56.0865 9780 ============================================================
18:34:56.0865 9780 Current date / time: 2012/04/29 18:34:56.0865
18:34:56.0865 9780 SystemInfo:
18:34:56.0865 9780
18:34:56.0865 9780 OS Version: 6.1.7601 ServicePack: 1.0
18:34:56.0865 9780 Product type: Workstation
18:34:56.0865 9780 ComputerName: ALIENWAREM18
18:34:56.0865 9780 UserName: Velle
18:34:56.0865 9780 Windows directory: C:\Windows
18:34:56.0865 9780 System windows directory: C:\Windows
18:34:56.0866 9780 Running under WOW64
18:34:56.0866 9780 Processor architecture: Intel x64
18:34:56.0866 9780 Number of processors: 8
18:34:56.0866 9780 Page size: 0x1000
18:34:56.0866 9780 Boot type: Normal boot
18:34:56.0866 9780 ============================================================
18:34:57.0771 9780 Drive \Device\Harddisk0\DR0 - Size: 0x15D51500000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C882, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:34:57.0793 9780 ============================================================
18:34:57.0793 9780 \Device\Harddisk0\DR0:
18:34:57.0793 9780 MBR partitions:
18:34:57.0793 9780 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1378000
18:34:57.0793 9780 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x138C000, BlocksNum 0xAD6FE000
18:34:57.0793 9780 ============================================================
18:34:57.0850 9780 C: <-> \Device\Harddisk0\DR0\Partition1
18:34:57.0850 9780 ============================================================
18:34:57.0850 9780 Initialize success
18:34:57.0851 9780 ============================================================
18:35:14.0815 9544 ============================================================
18:35:14.0815 9544 Scan started
18:35:14.0817 9544 Mode: Manual;
18:35:14.0817 9544 ============================================================
18:35:17.0524 9544 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:35:17.0534 9544 1394ohci - ok
18:35:17.0586 9544 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
18:35:17.0586 9544 Acceler - ok
18:35:17.0664 9544 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:35:17.0671 9544 ACPI - ok
18:35:17.0682 9544 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:35:17.0684 9544 AcpiPmi - ok
18:35:17.0803 9544 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:35:17.0806 9544 AdobeARMservice - ok
18:35:18.0003 9544 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:35:18.0007 9544 AdobeFlashPlayerUpdateSvc - ok
18:35:18.0112 9544 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
18:35:18.0123 9544 adp94xx - ok
18:35:18.0177 9544 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
18:35:18.0184 9544 adpahci - ok
18:35:18.0207 9544 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
18:35:18.0211 9544 adpu320 - ok
18:35:18.0257 9544 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:35:18.0258 9544 AeLookupSvc - ok
18:35:18.0362 9544 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
18:35:18.0364 9544 AESTFilters - ok
18:35:18.0472 9544 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:35:18.0481 9544 AFD - ok
18:35:18.0508 9544 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:35:18.0511 9544 agp440 - ok
18:35:18.0811 9544 Akamai (1125c7d9fb8898015829c387c1bc87c7) C:/Program Files (x86)/Common Files/Akamai/netsession_win_6c825ce.dll
18:35:18.0861 9544 Akamai - ok
18:35:18.0941 9544 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:35:18.0942 9544 ALG - ok
18:35:19.0004 9544 AlienFusionService (227ddb513fa5255928f3d741aac300f7) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
18:35:19.0006 9544 AlienFusionService - ok
18:35:19.0061 9544 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:35:19.0063 9544 aliide - ok
18:35:19.0087 9544 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:35:19.0088 9544 amdide - ok
18:35:19.0119 9544 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
18:35:19.0122 9544 AmdK8 - ok
18:35:19.0132 9544 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
18:35:19.0134 9544 AmdPPM - ok
18:35:19.0157 9544 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:35:19.0186 9544 amdsata - ok
18:35:19.0204 9544 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
18:35:19.0208 9544 amdsbs - ok
18:35:19.0247 9544 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:35:19.0248 9544 amdxata - ok
18:35:19.0281 9544 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:35:19.0283 9544 AppID - ok
18:35:19.0312 9544 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:35:19.0314 9544 AppIDSvc - ok
18:35:19.0376 9544 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
18:35:19.0379 9544 Appinfo - ok
18:35:19.0438 9544 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
18:35:19.0443 9544 AppMgmt - ok
18:35:19.0504 9544 aracpi (5f22132c9153639762708909f156b33d) C:\Windows\system32\ipodservice.dll
18:35:19.0506 9544 aracpi ( Backdoor.Multi.ZAccess.gen ) - infected
18:35:19.0506 9544 aracpi - detected Backdoor.Multi.ZAccess.gen (0)
18:35:19.0559 9544 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
18:35:19.0563 9544 arc - ok
18:35:19.0581 9544 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
18:35:19.0584 9544 arcsas - ok
18:35:19.0721 9544 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:35:19.0724 9544 aspnet_state - ok
18:35:19.0753 9544 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:35:19.0754 9544 AsyncMac - ok
18:35:19.0779 9544 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:35:19.0781 9544 atapi - ok
18:35:19.0906 9544 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:35:19.0917 9544 AudioEndpointBuilder - ok
18:35:19.0932 9544 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:35:19.0943 9544 AudioSrv - ok
18:35:19.0991 9544 automap (332bbc97f90440e46dd621adc2dc512a) C:\Windows\system32\DRIVERS\automap.sys
18:35:19.0992 9544 automap - ok
18:35:20.0079 9544 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
18:35:20.0083 9544 AxInstSV - ok
18:35:20.0216 9544 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
18:35:20.0226 9544 b06bdrv - ok
18:35:20.0314 9544 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:35:20.0319 9544 b57nd60a - ok
18:35:20.0382 9544 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:35:20.0393 9544 BDESVC - ok
18:35:20.0422 9544 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:35:20.0423 9544 Beep - ok
18:35:20.0538 9544 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
18:35:20.0554 9544 BITS - ok
18:35:20.0564 9544 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:35:20.0566 9544 blbdrive - ok
18:35:20.0681 9544 Bonjour Service (5ab58c337ac65837fe404462ad6265ab) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
18:35:20.0686 9544 Bonjour Service - ok
18:35:20.0752 9544 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:35:20.0754 9544 bowser - ok
18:35:20.0778 9544 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
18:35:20.0779 9544 BrFiltLo - ok
18:35:20.0787 9544 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
18:35:20.0788 9544 BrFiltUp - ok
18:35:20.0873 9544 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
18:35:20.0877 9544 Browser - ok
18:35:20.0937 9544 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:35:20.0942 9544 Brserid - ok
18:35:20.0954 9544 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:35:20.0957 9544 BrSerWdm - ok
18:35:20.0964 9544 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:35:20.0966 9544 BrUsbMdm - ok
18:35:20.0973 9544 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:35:20.0974 9544 BrUsbSer - ok
18:35:21.0038 9544 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
18:35:21.0039 9544 BthEnum - ok
18:35:21.0082 9544 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:35:21.0083 9544 BTHMODEM - ok
18:35:21.0114 9544 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
18:35:21.0117 9544 BthPan - ok
18:35:21.0254 9544 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
18:35:21.0263 9544 BTHPORT - ok
18:35:21.0333 9544 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:35:21.0336 9544 bthserv - ok
18:35:21.0349 9544 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
18:35:21.0352 9544 BTHUSB - ok
18:35:21.0436 9544 btwampfl (7a2ce8c1bf4daa1f2766e21e9ca11078) C:\Windows\system32\drivers\btwampfl.sys
18:35:21.0441 9544 btwampfl - ok
18:35:21.0497 9544 btwavdt (d895dc213edbda5fcc53aad1f1e0e63b) C:\Windows\system32\DRIVERS\btwavdt.sys
18:35:21.0499 9544 btwavdt - ok
18:35:21.0522 9544 btwrchid (6d7aa2bde0135599c5f230d69db3b420) C:\Windows\system32\drivers\btwrchid.sys
18:35:21.0523 9544 btwrchid - ok
18:35:21.0578 9544 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:35:21.0581 9544 cdfs - ok
18:35:21.0647 9544 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:35:21.0649 9544 cdrom - ok
18:35:21.0704 9544 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:35:21.0708 9544 CertPropSvc - ok
18:35:21.0754 9544 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
18:35:21.0756 9544 circlass - ok
18:35:21.0832 9544 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:35:21.0838 9544 CLFS - ok
18:35:21.0954 9544 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:35:21.0958 9544 clr_optimization_v2.0.50727_32 - ok
18:35:22.0044 9544 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:35:22.0049 9544 clr_optimization_v2.0.50727_64 - ok
18:35:22.0258 9544 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:35:22.0261 9544 clr_optimization_v4.0.30319_32 - ok
18:35:22.0329 9544 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:35:22.0333 9544 clr_optimization_v4.0.30319_64 - ok
18:35:22.0357 9544 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:35:22.0359 9544 CmBatt - ok
18:35:22.0389 9544 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:35:22.0397 9544 cmdide - ok
18:35:22.0514 9544 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:35:22.0522 9544 CNG - ok
18:35:22.0553 9544 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:35:22.0553 9544 Compbatt - ok
18:35:22.0641 9544 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
18:35:22.0642 9544 CompositeBus - ok
18:35:22.0679 9544 COMSysApp - ok
18:35:22.0716 9544 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
18:35:22.0719 9544 crcdisk - ok
18:35:22.0799 9544 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
18:35:22.0803 9544 CryptSvc - ok
18:35:22.0903 9544 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
18:35:22.0921 9544 CSC - ok
18:35:23.0048 9544 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
18:35:23.0059 9544 CscService - ok
18:35:23.0132 9544 CtClsFlt (bc3d4f90978cd7c8eabd1baf3bf7873a) C:\Windows\system32\DRIVERS\CtClsFlt.sys
18:35:23.0137 9544 CtClsFlt - ok
18:35:23.0266 9544 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:35:23.0277 9544 DcomLaunch - ok
18:35:23.0353 9544 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:35:23.0359 9544 defragsvc - ok
18:35:23.0406 9544 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:35:23.0409 9544 DfsC - ok
18:35:23.0502 9544 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
18:35:23.0508 9544 Dhcp - ok
18:35:23.0533 9544 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:35:23.0534 9544 discache - ok
18:35:23.0563 9544 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
18:35:23.0566 9544 Disk - ok
18:35:23.0617 9544 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
18:35:23.0629 9544 dmvsc - ok
18:35:23.0714 9544 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
18:35:23.0718 9544 Dnscache - ok
18:35:23.0784 9544 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
18:35:23.0789 9544 dot3svc - ok
18:35:23.0854 9544 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
18:35:23.0858 9544 DPS - ok
18:35:23.0883 9544 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:35:23.0884 9544 drmkaud - ok
18:35:24.0033 9544 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:35:24.0048 9544 DXGKrnl - ok
18:35:24.0064 9544 EagleX64 - ok
18:35:24.0112 9544 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:35:24.0121 9544 EapHost - ok
18:35:24.0394 9544 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
18:35:24.0456 9544 ebdrv - ok
18:35:24.0573 9544 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
18:35:24.0576 9544 EFS - ok
18:35:24.0721 9544 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
18:35:24.0733 9544 ehRecvr - ok
18:35:24.0813 9544 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:35:24.0816 9544 ehSched - ok
18:35:24.0943 9544 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
18:35:24.0952 9544 elxstor - ok
18:35:24.0981 9544 EMSC (e47d9d7e6e53892fc97282482f4ae307) C:\Windows\system32\DRIVERS\EMSC.SYS
18:35:24.0982 9544 EMSC - ok
18:35:24.0989 9544 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:35:24.0991 9544 ErrDev - ok
18:35:25.0096 9544 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:35:25.0103 9544 EventSystem - ok
18:35:25.0392 9544 EvtEng (7ee9f35bc1dd0ce1a4976032f9ac5162) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:35:25.0414 9544 EvtEng - ok
18:35:25.0433 9544 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:35:25.0811 9544 exfat - ok
18:35:25.0883 9544 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:35:25.0887 9544 fastfat - ok
18:35:26.0014 9544 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
18:35:26.0034 9544 Fax - ok
18:35:26.0063 9544 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
18:35:26.0066 9544 fdc - ok
18:35:26.0099 9544 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:35:26.0101 9544 fdPHost - ok
18:35:26.0153 9544 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:35:26.0156 9544 FDResPub - ok
18:35:26.0191 9544 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:35:26.0192 9544 FileInfo - ok
18:35:26.0218 9544 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:35:26.0222 9544 Filetrace - ok
18:35:26.0232 9544 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
18:35:26.0233 9544 flpydisk - ok
18:35:26.0323 9544 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:35:26.0328 9544 FltMgr - ok
18:35:26.0471 9544 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
18:35:26.0489 9544 FontCache - ok
18:35:26.0556 9544 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:35:26.0557 9544 FontCache3.0.0.0 - ok
18:35:26.0603 9544 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:35:26.0606 9544 FsDepends - ok
18:35:26.0658 9544 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
18:35:26.0659 9544 fssfltr - ok
18:35:26.0906 9544 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:35:26.0929 9544 fsssvc - ok
18:35:26.0978 9544 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
18:35:26.0979 9544 Fs_Rec - ok
18:35:27.0057 9544 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:35:27.0062 9544 fvevol - ok
18:35:27.0101 9544 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
18:35:27.0103 9544 gagp30kx - ok
18:35:27.0219 9544 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
18:35:27.0233 9544 gpsvc - ok
18:35:27.0267 9544 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:35:27.0268 9544 hcw85cir - ok
18:35:27.0376 9544 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:35:27.0383 9544 HdAudAddService - ok
18:35:27.0434 9544 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:35:27.0437 9544 HDAudBus - ok
18:35:27.0466 9544 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
18:35:27.0469 9544 HidBatt - ok
18:35:27.0482 9544 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
18:35:27.0486 9544 HidBth - ok
18:35:27.0507 9544 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
18:35:27.0509 9544 HidIr - ok
18:35:27.0548 9544 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
18:35:27.0551 9544 hidserv - ok
18:35:27.0572 9544 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:35:27.0573 9544 HidUsb - ok
18:35:27.0622 9544 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
18:35:27.0624 9544 hkmsvc - ok
18:35:27.0692 9544 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
18:35:27.0697 9544 HomeGroupListener - ok
18:35:27.0753 9544 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
18:35:27.0759 9544 HomeGroupProvider - ok
18:35:27.0796 9544 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:35:27.0798 9544 HpSAMD - ok
18:35:27.0912 9544 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:35:27.0923 9544 HTTP - ok
18:35:27.0944 9544 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:35:27.0944 9544 hwpolicy - ok
18:35:28.0008 9544 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
18:35:28.0011 9544 i8042prt - ok
18:35:28.0092 9544 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
18:35:28.0098 9544 iaStor - ok
18:35:28.0169 9544 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:35:28.0171 9544 IAStorDataMgrSvc - ok
18:35:28.0246 9544 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:35:28.0254 9544 iaStorV - ok
18:35:28.0373 9544 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:35:28.0383 9544 IDriverT - ok
18:35:28.0531 9544 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:35:28.0546 9544 idsvc - ok
18:35:28.0598 9544 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
18:35:28.0601 9544 iirsp - ok
18:35:28.0753 9544 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
18:35:28.0768 9544 IKEEXT - ok
18:35:28.0839 9544 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
18:35:28.0843 9544 Impcd - ok
18:35:28.0866 9544 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:35:28.0867 9544 intelide - ok
18:35:28.0911 9544 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:35:28.0912 9544 intelppm - ok
18:35:28.0966 9544 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:35:28.0969 9544 IPBusEnum - ok
18:35:29.0022 9544 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:35:29.0024 9544 IpFilterDriver - ok
18:35:29.0043 9544 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:35:29.0047 9544 IPMIDRV - ok
18:35:29.0059 9544 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:35:29.0062 9544 IPNAT - ok
18:35:29.0097 9544 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:35:29.0101 9544 IRENUM - ok
18:35:29.0108 9544 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:35:29.0109 9544 isapnp - ok
18:35:29.0181 9544 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:35:29.0186 9544 iScsiPrt - ok
18:35:29.0212 9544 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:35:29.0213 9544 kbdclass - ok
18:35:29.0224 9544 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
18:35:29.0226 9544 kbdhid - ok
18:35:29.0292 9544 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:35:29.0294 9544 KeyIso - ok
18:35:29.0321 9544 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:35:29.0323 9544 KSecDD - ok
18:35:29.0382 9544 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:35:29.0384 9544 KSecPkg - ok
18:35:29.0411 9544 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:35:29.0412 9544 ksthunk - ok
18:35:29.0518 9544 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:35:29.0527 9544 KtmRm - ok
18:35:29.0574 9544 L1C (ebed8b3ff4a823c1a6eebeed7b29353f) C:\Windows\system32\DRIVERS\L1C62x64.sys
18:35:29.0576 9544 L1C - ok
18:35:29.0642 9544 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
18:35:29.0648 9544 LanmanServer - ok
18:35:29.0709 9544 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
18:35:29.0714 9544 LanmanWorkstation - ok
18:35:29.0772 9544 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:35:29.0773 9544 lltdio - ok
18:35:29.0862 9544 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:35:29.0868 9544 lltdsvc - ok
18:35:29.0892 9544 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:35:29.0894 9544 lmhosts - ok
18:35:29.0948 9544 LoopBeMidi1 (37efb026e1a8a79fbe7044a241281b3e) C:\Windows\system32\drivers\loopbe1.sys
18:35:29.0949 9544 LoopBeMidi1 - ok
18:35:30.0014 9544 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
18:35:30.0023 9544 LSI_FC - ok
18:35:30.0039 9544 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
18:35:30.0043 9544 LSI_SAS - ok
18:35:30.0072 9544 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
18:35:30.0076 9544 LSI_SAS2 - ok
18:35:30.0092 9544 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
18:35:30.0094 9544 LSI_SCSI - ok
18:35:30.0148 9544 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:35:30.0161 9544 luafv - ok
18:35:30.0214 9544 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
18:35:30.0216 9544 MBAMProtector - ok
18:35:30.0358 9544 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:35:30.0367 9544 MBAMService - ok
18:35:30.0426 9544 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
18:35:30.0429 9544 Mcx2Svc - ok
18:35:30.0456 9544 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
18:35:30.0457 9544 megasas - ok
18:35:30.0493 9544 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
18:35:30.0498 9544 MegaSR - ok
18:35:30.0539 9544 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
18:35:30.0541 9544 MEIx64 - ok
18:35:30.0634 9544 Microsoft SharePoint Workspace Audit Service - ok
18:35:30.0681 9544 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:35:30.0684 9544 MMCSS - ok
18:35:30.0704 9544 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:35:30.0707 9544 Modem - ok
18:35:30.0746 9544 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:35:30.0747 9544 monitor - ok
18:35:30.0778 9544 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:35:30.0781 9544 mouclass - ok
18:35:30.0816 9544 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:35:30.0817 9544 mouhid - ok
18:35:30.0862 9544 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:35:30.0864 9544 mountmgr - ok
18:35:30.0899 9544 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:35:30.0906 9544 mpio - ok
18:35:30.0947 9544 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:35:30.0949 9544 mpsdrv - ok
18:35:30.0964 9544 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:35:30.0968 9544 MRxDAV - ok
18:35:31.0044 9544 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:35:31.0048 9544 mrxsmb - ok
18:35:31.0121 9544 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:35:31.0126 9544 mrxsmb10 - ok
18:35:31.0152 9544 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:35:31.0156 9544 mrxsmb20 - ok
18:35:31.0166 9544 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:35:31.0168 9544 msahci - ok
18:35:31.0187 9544 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:35:31.0191 9544 msdsm - ok
18:35:31.0263 9544 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:35:31.0267 9544 MSDTC - ok
18:35:31.0306 9544 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:35:31.0307 9544 Msfs - ok
18:35:31.0324 9544 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:35:31.0328 9544 mshidkmdf - ok
18:35:31.0351 9544 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:35:31.0352 9544 msisadrv - ok
18:35:31.0438 9544 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:35:31.0442 9544 MSiSCSI - ok
18:35:31.0448 9544 msiserver - ok
18:35:31.0483 9544 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:35:31.0486 9544 MSKSSRV - ok
18:35:31.0524 9544 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:35:31.0527 9544 MSPCLOCK - ok
18:35:31.0536 9544 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:35:31.0538 9544 MSPQM - ok
18:35:31.0647 9544 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:35:31.0653 9544 MsRPC - ok
18:35:31.0684 9544 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
18:35:31.0686 9544 mssmbios - ok
18:35:31.0704 9544 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:35:31.0706 9544 MSTEE - ok
18:35:31.0736 9544 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
18:35:31.0738 9544 MTConfig - ok
18:35:31.0768 9544 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:35:31.0769 9544 Mup - ok
18:35:31.0897 9544 MyWiFiDHCPDNS (0cf5580f27918ffd2e165ecafa734103) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:35:31.0903 9544 MyWiFiDHCPDNS - ok
18:35:32.0004 9544 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
18:35:32.0023 9544 napagent - ok
18:35:32.0107 9544 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:35:32.0113 9544 NativeWifiP - ok
18:35:32.0236 9544 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
18:35:32.0251 9544 NDIS - ok
18:35:32.0297 9544 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:35:32.0299 9544 NdisCap - ok
18:35:32.0324 9544 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:35:32.0327 9544 NdisTapi - ok
18:35:32.0362 9544 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:35:32.0364 9544 Ndisuio - ok
18:35:32.0428 9544 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:35:32.0431 9544 NdisWan - ok
18:35:32.0482 9544 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:35:32.0483 9544 NDProxy - ok
18:35:32.0522 9544 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:35:32.0523 9544 NetBIOS - ok
18:35:32.0589 9544 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:35:32.0594 9544 NetBT - ok
18:35:32.0602 9544 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:35:32.0604 9544 Netlogon - ok
18:35:32.0707 9544 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:35:32.0716 9544 Netman - ok
18:35:32.0831 9544 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:35:32.0836 9544 NetMsmqActivator - ok
18:35:32.0844 9544 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:35:32.0847 9544 NetPipeActivator - ok
18:35:32.0963 9544 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:35:32.0972 9544 netprofm - ok
18:35:32.0981 9544 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:35:32.0983 9544 NetTcpActivator - ok
18:35:32.0992 9544 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:35:32.0994 9544 NetTcpPortSharing - ok
18:35:33.0057 9544 netvsc (73ce12b8bdd747b0063cb0a7ef44cea7) C:\Windows\system32\DRIVERS\netvsc60.sys
18:35:33.0061 9544 netvsc - ok
18:35:33.0484 9544 NETwNs64 (b9c587bdaa61a689883439d5ae6fe7f3) C:\Windows\system32\DRIVERS\NETwNs64.sys
18:35:33.0667 9544 NETwNs64 - ok
18:35:33.0773 9544 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
18:35:33.0777 9544 nfrd960 - ok
18:35:33.0856 9544 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
18:35:33.0862 9544 NlaSvc - ok
18:35:33.0887 9544 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:35:33.0888 9544 Npfs - ok
18:35:33.0922 9544 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:35:33.0925 9544 nsi - ok
18:35:33.0946 9544 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:35:33.0947 9544 nsiproxy - ok
18:35:34.0142 9544 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:35:34.0168 9544 Ntfs - ok
18:35:34.0200 9544 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:35:34.0201 9544 Null - ok
18:35:34.0248 9544 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys
18:35:34.0252 9544 nusb3hub - ok
18:35:34.0318 9544 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys
18:35:34.0322 9544 nusb3xhc - ok
18:35:34.0378 9544 NVHDA (7c5b642380b9ade6734721057c03f900) C:\Windows\system32\drivers\nvhda64v.sys
18:35:34.0382 9544 NVHDA - ok
18:35:34.0965 9544 nvlddmkm (99674f4fba8c07eafa9ca8d192977562) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:35:35.0151 9544 nvlddmkm - ok
18:35:35.0211 9544 NvnUsbAudio (7aeab7a9c665e97f8cf2cc87d9cceebb) C:\Windows\system32\DRIVERS\nvnusbaudio.sys
18:35:35.0213 9544 NvnUsbAudio - ok
18:35:35.0298 9544 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:35:35.0302 9544 nvraid - ok
18:35:35.0323 9544 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:35:35.0327 9544 nvstor - ok
18:35:35.0496 9544 NVSvc (2d8862010d4e04e3fa97d2a42644ab4a) C:\Windows\system32\nvvsvc.exe
18:35:35.0513 9544 NVSvc - ok
18:35:35.0531 9544 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:35:35.0535 9544 nv_agp - ok
18:35:35.0576 9544 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:35:35.0578 9544 ohci1394 - ok
18:35:35.0720 9544 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:35:35.0723 9544 ose - ok
18:35:36.0097 9544 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:35:36.0178 9544 osppsvc - ok
18:35:36.0277 9544 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:35:36.0285 9544 p2pimsvc - ok
18:35:36.0372 9544 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:35:36.0381 9544 p2psvc - ok
18:35:36.0420 9544 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
18:35:36.0431 9544 Parport - ok
18:35:36.0475 9544 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
18:35:36.0476 9544 partmgr - ok
18:35:36.0541 9544 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:35:36.0546 9544 PcaSvc - ok
18:35:36.0602 9544 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:35:36.0606 9544 pci - ok
18:35:36.0613 9544 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:35:36.0616 9544 pciide - ok
18:35:36.0635 9544 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
18:35:36.0641 9544 pcmcia - ok
18:35:36.0665 9544 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:35:36.0666 9544 pcw - ok
18:35:36.0768 9544 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:35:36.0782 9544 PEAUTH - ok
18:35:36.0952 9544 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
18:35:36.0975 9544 PeerDistSvc - ok
18:35:37.0100 9544 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:35:37.0102 9544 PerfHost - ok
18:35:37.0300 9544 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
18:35:37.0323 9544 pla - ok
18:35:37.0415 9544 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
18:35:37.0423 9544 PlugPlay - ok
18:35:37.0465 9544 pneteth (a010f13d27c1033a8be09d5fa9bf348b) C:\Windows\system32\DRIVERS\pneteth.sys
18:35:37.0467 9544 pneteth - ok
18:35:37.0533 9544 pnetmdm (06841f5cd8410b6bdc0b5a631b8f8787) C:\Windows\system32\DRIVERS\pnetmdm64.sys
18:35:37.0535 9544 pnetmdm - ok
18:35:37.0576 9544 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:35:37.0581 9544 PNRPAutoReg - ok
18:35:37.0596 9544 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:35:37.0602 9544 PNRPsvc - ok
18:35:37.0671 9544 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
18:35:37.0681 9544 PolicyAgent - ok
18:35:37.0753 9544 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:35:37.0758 9544 Power - ok
18:35:37.0803 9544 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:35:37.0807 9544 PptpMiniport - ok
18:35:37.0837 9544 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
18:35:37.0840 9544 Processor - ok
18:35:37.0898 9544 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
18:35:37.0905 9544 ProfSvc - ok
18:35:37.0938 9544 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:35:37.0941 9544 ProtectedStorage - ok
18:35:37.0996 9544 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:35:37.0998 9544 Psched - ok
18:35:38.0073 9544 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
18:35:38.0075 9544 PxHlpa64 - ok
18:35:38.0266 9544 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
18:35:38.0290 9544 ql2300 - ok
18:35:38.0317 9544 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
18:35:38.0321 9544 ql40xx - ok
18:35:38.0402 9544 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:35:38.0411 9544 QWAVE - ok
18:35:38.0440 9544 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:35:38.0442 9544 QWAVEdrv - ok
18:35:38.0450 9544 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:35:38.0451 9544 RasAcd - ok
18:35:38.0498 9544 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:35:38.0501 9544 RasAgileVpn - ok
18:35:38.0540 9544 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:35:38.0546 9544 RasAuto - ok
18:35:38.0608 9544 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:35:38.0612 9544 Rasl2tp - ok
18:35:38.0700 9544 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
18:35:38.0707 9544 RasMan - ok
18:35:38.0743 9544 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:35:38.0752 9544 RasPppoe - ok
18:35:38.0788 9544 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:35:38.0791 9544 RasSstp - ok
18:35:38.0855 9544 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:35:38.0870 9544 rdbss - ok
18:35:38.0906 9544 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:35:38.0917 9544 rdpbus - ok
18:35:38.0953 9544 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:35:38.0955 9544 RDPCDD - ok
18:35:39.0010 9544 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
18:35:39.0013 9544 RDPDR - ok
18:35:39.0038 9544 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:35:39.0040 9544 RDPENCDD - ok
18:35:39.0063 9544 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:35:39.0065 9544 RDPREFMP - ok
18:35:39.0077 9544 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
18:35:39.0078 9544 RdpVideoMiniport - ok
18:35:39.0156 9544 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
18:35:39.0161 9544 RDPWD - ok
18:35:39.0270 9544 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:35:39.0273 9544 rdyboost - ok
18:35:39.0453 9544 RegSrvc (aa9fd849c028ccb441a78061b57db734) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:35:39.0466 9544 RegSrvc - ok
18:35:39.0531 9544 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:35:39.0535 9544 RemoteAccess - ok
18:35:39.0597 9544 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:35:39.0603 9544 RemoteRegistry - ok
18:35:39.0688 9544 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
18:35:39.0692 9544 RFCOMM - ok
18:35:39.0735 9544 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
18:35:39.0740 9544 ROOTMODEM - ok
18:35:39.0966 9544 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
18:35:39.0983 9544 RoxMediaDB12OEM - ok
18:35:40.0075 9544 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
18:35:40.0080 9544 RoxWatch12 - ok
18:35:40.0146 9544 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:35:40.0150 9544 RpcEptMapper - ok
18:35:40.0222 9544 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:35:40.0260 9544 RpcLocator - ok
18:35:40.0345 9544 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:35:40.0355 9544 RpcSs - ok
18:35:40.0455 9544 RSPCIESTOR (546d7f426776090b90ef5f195b6ae662) C:\Windows\system32\DRIVERS\RtsPStor.sys
18:35:40.0461 9544 RSPCIESTOR - ok
18:35:40.0473 9544 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:35:40.0477 9544 rspndr - ok
18:35:40.0506 9544 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
18:35:40.0508 9544 s3cap - ok
18:35:40.0515 9544 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:35:40.0517 9544 SamSs - ok
18:35:40.0560 9544 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:35:40.0562 9544 sbp2port - ok
18:35:40.0632 9544 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:35:40.0637 9544 SCardSvr - ok
18:35:40.0705 9544 SCDEmu (c81eb41e9ffc35560e5025891dc01a6e) C:\Windows\system32\drivers\SCDEmu.sys
18:35:40.0708 9544 SCDEmu - ok
18:35:40.0733 9544 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:35:40.0735 9544 scfilter - ok
18:35:40.0877 9544 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
18:35:40.0897 9544 Schedule - ok
18:35:40.0940 9544 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:35:40.0942 9544 SCPolicySvc - ok
18:35:41.0008 9544 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
18:35:41.0011 9544 sdbus - ok
18:35:41.0076 9544 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
18:35:41.0082 9544 SDRSVC - ok
18:35:41.0112 9544 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:35:41.0113 9544 secdrv - ok
18:35:41.0142 9544 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
18:35:41.0145 9544 seclogon - ok
18:35:41.0186 9544 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
18:35:41.0191 9544 SENS - ok
18:35:41.0220 9544 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:35:41.0223 9544 SensrSvc - ok
18:35:41.0256 9544 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
18:35:41.0258 9544 Serenum - ok
18:35:41.0291 9544 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
18:35:41.0295 9544 Serial - ok
18:35:41.0305 9544 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
18:35:41.0310 9544 sermouse - ok
18:35:41.0360 9544 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
18:35:41.0365 9544 SessionEnv - ok
18:35:41.0372 9544 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:35:41.0373 9544 sffdisk - ok
18:35:41.0382 9544 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:35:41.0383 9544 sffp_mmc - ok
18:35:41.0391 9544 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:35:41.0392 9544 sffp_sd - ok
18:35:41.0401 9544 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
18:35:41.0403 9544 sfloppy - ok
18:35:41.0665 9544 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\AlienRespawn\sftservice.EXE
18:35:41.0691 9544 SftService - ok
18:35:41.0807 9544 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
18:35:41.0815 9544 SharedAccess - ok
18:35:41.0886 9544 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
18:35:41.0893 9544 ShellHWDetection - ok
18:35:41.0943 9544 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
18:35:41.0952 9544 SiSRaid2 - ok
18:35:41.0967 9544 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
18:35:41.0970 9544 SiSRaid4 - ok
18:35:42.0070 9544 SkypeUpdate (68ea68d03bf58389fe6ad2b38fad798c) C:\Program Files (x86)\Skype\Updater\Updater.exe
18:35:42.0072 9544 SkypeUpdate - ok
18:35:42.0096 9544 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:35:42.0098 9544 Smb - ok
18:35:42.0140 9544 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:35:42.0148 9544 SNMPTRAP - ok
18:35:42.0172 9544 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:35:42.0173 9544 spldr - ok
18:35:42.0280 9544 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
18:35:42.0291 9544 Spooler - ok
18:35:42.0542 9544 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
18:35:42.0600 9544 sppsvc - ok
18:35:42.0638 9544 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:35:42.0643 9544 sppuinotify - ok
18:35:42.0760 9544 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:35:42.0767 9544 srv - ok
18:35:42.0847 9544 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:35:42.0856 9544 srv2 - ok
18:35:42.0911 9544 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:35:42.0916 9544 srvnet - ok
18:35:42.0996 9544 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:35:43.0002 9544 SSDPSRV - ok
18:35:43.0040 9544 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:35:43.0045 9544 SstpSvc - ok
18:35:43.0138 9544 STacSV (46b72c1c296c1e985d031d98f0ffa5e5) C:\Program Files\IDT\WDM\STacSV64.exe
18:35:43.0143 9544 STacSV - ok
18:35:43.0178 9544 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
18:35:43.0180 9544 stdcfltn - ok
18:35:43.0216 9544 Steam Client Service - ok
18:35:43.0312 9544 Stereo Service (95f9eeb717a80970378d8587a55af0f1) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:35:43.0318 9544 Stereo Service - ok
18:35:43.0352 9544 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
18:35:43.0355 9544 stexstor - ok
18:35:43.0473 9544 STHDA (501b376781eb6e46aae43946e3dd7d84) C:\Windows\system32\DRIVERS\stwrt64.sys
18:35:43.0482 9544 STHDA - ok
18:35:43.0607 9544 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
18:35:43.0621 9544 stisvc - ok
18:35:43.0722 9544 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
18:35:43.0736 9544 stllssvr - ok
18:35:43.0766 9544 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
18:35:43.0767 9544 storvsc - ok
18:35:43.0788 9544 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
18:35:43.0790 9544 swenum - ok
18:35:43.0958 9544 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:35:43.0968 9544 SwitchBoard - ok
18:35:44.0077 9544 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:35:44.0088 9544 swprv - ok
18:35:44.0121 9544 Synth3dVsc (c3a39c4079305480972d29c44b868c78) C:\Windows\system32\drivers\Synth3dVsc.sys
18:35:44.0123 9544 Synth3dVsc - ok
18:35:44.0182 9544 SynthVid (4cdd7df58730d23ba9cb5829a6e2ecea) C:\Windows\system32\DRIVERS\VMBusVideoM.sys
18:35:44.0192 9544 SynthVid - ok
18:35:44.0385 9544 SynTP (d8205430cfd64fdb7d691d3bb74fd18f) C:\Windows\system32\DRIVERS\SynTP.sys
18:35:44.0406 9544 SynTP - ok
18:35:44.0645 9544 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
18:35:44.0675 9544 SysMain - ok
18:35:44.0711 9544 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
18:35:44.0717 9544 TabletInputService - ok
18:35:44.0785 9544 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
18:35:44.0797 9544 TapiSrv - ok
18:35:44.0841 9544 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:35:44.0845 9544 TBS - ok
18:35:45.0065 9544 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
18:35:45.0095 9544 Tcpip - ok
18:35:45.0221 9544 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
18:35:45.0250 9544 TCPIP6 - ok
18:35:45.0292 9544 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:35:45.0293 9544 tcpipreg - ok
18:35:45.0330 9544 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:35:45.0332 9544 TDPIPE - ok
18:35:45.0361 9544 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
18:35:45.0363 9544 TDTCP - ok
18:35:45.0422 9544 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:35:45.0435 9544 tdx - ok
18:35:45.0748 9544 TeamViewer7 (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
18:35:45.0787 9544 TeamViewer7 - ok
18:35:45.0836 9544 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
18:35:45.0837 9544 TermDD - ok
18:35:45.0880 9544 terminpt (2b5bdff688ec9871d7ec5837833374e9) C:\Windows\system32\drivers\terminpt.sys
18:35:45.0881 9544 terminpt - ok
18:35:45.0986 9544 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
18:35:45.0998 9544 TermService - ok
18:35:46.0065 9544 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:35:46.0070 9544 Themes - ok
18:35:46.0118 9544 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:35:46.0121 9544 THREADORDER - ok
18:35:46.0182 9544 TPkd (c676b0f52f2b6483afb88f79cabb011e) C:\Windows\system32\drivers\TPkd.sys
18:35:46.0185 9544 TPkd - ok
18:35:46.0233 9544 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:35:46.0238 9544 TrkWks - ok
18:35:46.0312 9544 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
18:35:46.0316 9544 TrustedInstaller - ok
18:35:46.0358 9544 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:35:46.0361 9544 tssecsrv - ok
18:35:46.0395 9544 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:35:46.0397 9544 TsUsbFlt - ok
18:35:46.0437 9544 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
18:35:46.0441 9544 TsUsbGD - ok
18:35:46.0461 9544 tsusbhub (e1748d04ae40118b62bc18ac86032192) C:\Windows\system32\drivers\tsusbhub.sys
18:35:46.0463 9544 tsusbhub - ok
18:35:46.0527 9544 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:35:46.0530 9544 tunnel - ok
18:35:46.0540 9544 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
18:35:46.0542 9544 uagp35 - ok
18:35:46.0618 9544 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:35:46.0625 9544 udfs - ok
18:35:46.0662 9544 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:35:46.0667 9544 UI0Detect - ok
18:35:46.0698 9544 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:35:46.0701 9544 uliagpkx - ok
18:35:46.0743 9544 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
18:35:46.0745 9544 umbus - ok
18:35:46.0758 9544 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
18:35:46.0760 9544 UmPass - ok
18:35:46.0841 9544 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
18:35:46.0848 9544 UmRdpService - ok
18:35:46.0932 9544 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:35:46.0941 9544 upnphost - ok
18:35:46.0993 9544 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
18:35:46.0996 9544 usbaudio - ok
18:35:47.0046 9544 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
18:35:47.0055 9544 usbccgp - ok
18:35:47.0118 9544 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:35:47.0121 9544 usbcir - ok
18:35:47.0151 9544 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
18:35:47.0152 9544 usbehci - ok
18:35:47.0223 9544 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:35:47.0230 9544 usbhub - ok
18:35:47.0238 9544 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
18:35:47.0241 9544 usbohci - ok
18:35:47.0250 9544 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
18:35:47.0252 9544 usbprint - ok
18:35:47.0280 9544 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:35:47.0282 9544 USBSTOR - ok
18:35:47.0291 9544 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
18:35:47.0293 9544 usbuhci - ok
18:35:47.0386 9544 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
18:35:47.0390 9544 usbvideo - ok
18:35:47.0425 9544 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:35:47.0427 9544 UxSms - ok
18:35:47.0457 9544 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:35:47.0460 9544 VaultSvc - ok
18:35:47.0486 9544 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:35:47.0487 9544 vdrvroot - ok
18:35:47.0570 9544 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
18:35:47.0581 9544 vds - ok
18:35:47.0611 9544 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:35:47.0612 9544 vga - ok
18:35:47.0640 9544 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:35:47.0641 9544 VgaSave - ok
18:35:47.0646 9544 VGPU - ok
18:35:47.0698 9544 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:35:47.0703 9544 vhdmp - ok
18:35:47.0711 9544 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:35:47.0713 9544 viaide - ok
18:35:47.0725 9544 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
18:35:47.0726 9544 VMBusHID - ok
18:35:47.0780 9544 vncmirror (93f279a2c172562050700a18fa84be2e) C:\Windows\system32\DRIVERS\vncmirror.sys
18:35:47.0781 9544 vncmirror - ok
18:35:47.0827 9544 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:35:47.0830 9544 volmgr - ok
18:35:47.0881 9544 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:35:47.0887 9544 volmgrx - ok
18:35:47.0966 9544 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:35:47.0971 9544 volsnap - ok
18:35:48.0016 9544 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
18:35:48.0022 9544 vsmraid - ok
18:35:48.0215 9544 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
18:35:48.0242 9544 VSS - ok
18:35:48.0280 9544 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:35:48.0282 9544 vwifibus - ok
18:35:48.0315 9544 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:35:48.0317 9544 vwififlt - ok
18:35:48.0357 9544 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
18:35:48.0358 9544 vwifimp - ok
18:35:48.0432 9544 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:35:48.0441 9544 W32Time - ok
18:35:48.0476 9544 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
18:35:48.0478 9544 WacomPen - ok
18:35:48.0512 9544 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:35:48.0515 9544 WANARP - ok
18:35:48.0522 9544 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:35:48.0525 9544 Wanarpv6 - ok
18:35:48.0703 9544 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
18:35:48.0725 9544 WatAdminSvc - ok
18:35:48.0917 9544 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
18:35:48.0943 9544 wbengine - ok
18:35:49.0016 9544 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:35:49.0022 9544 WbioSrvc - ok
18:35:49.0087 9544 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
18:35:49.0097 9544 wcncsvc - ok
18:35:49.0122 9544 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:35:49.0130 9544 WcsPlugInService - ok
18:35:49.0162 9544 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
18:35:49.0163 9544 Wd - ok
18:35:49.0273 9544 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:35:49.0283 9544 Wdf01000 - ok
18:35:49.0348 9544 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:35:49.0353 9544 WdiServiceHost - ok
18:35:49.0360 9544 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:35:49.0363 9544 WdiSystemHost - ok
18:35:49.0421 9544 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
18:35:49.0428 9544 WebClient - ok
18:35:49.0493 9544 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:35:49.0501 9544 Wecsvc - ok
18:35:49.0548 9544 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:35:49.0562 9544 wercplsupport - ok
18:35:49.0612 9544 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:35:49.0618 9544 WerSvc - ok
18:35:49.0638 9544 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:35:49.0640 9544 WfpLwf - ok
18:35:49.0746 9544 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
18:35:49.0752 9544 WimFltr - ok
18:35:49.0781 9544 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:35:49.0783 9544 WIMMount - ok
18:35:49.0796 9544 WinHttpAutoProxySvc - ok
18:35:49.0918 9544 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:35:49.0922 9544 Winmgmt - ok
18:35:50.0135 9544 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
18:35:50.0170 9544 WinRM - ok
18:35:50.0275 9544 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
18:35:50.0277 9544 WinUSB - ok
18:35:50.0401 9544 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:35:50.0419 9544 Wlansvc - ok
18:35:50.0496 9544 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:35:50.0509 9544 wlcrasvc - ok
18:35:50.0805 9544 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:35:50.0837 9544 wlidsvc - ok
18:35:50.0925 9544 WmBEnum (680a7846370000d20d7e74917d5b7936) C:\Windows\system32\drivers\WmBEnum.sys
18:35:50.0926 9544 WmBEnum - ok
18:35:50.0986 9544 WmFilter (14c35ba8189c6f65d839163aa285e954) C:\Windows\system32\drivers\WmFilter.sys
18:35:50.0987 9544 WmFilter - ok
18:35:51.0021 9544 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
18:35:51.0022 9544 WmiAcpi - ok
18:35:51.0097 9544 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:35:51.0101 9544 wmiApSrv - ok
18:35:51.0157 9544 WMPNetworkSvc - ok
18:35:51.0216 9544 WmVirHid (8488dd91a3ee54a8e29f02ad7bb8201e) C:\Windows\system32\drivers\WmVirHid.sys
18:35:51.0216 9544 WmVirHid - ok
18:35:51.0269 9544 WmXlCore (14802b3a30aa849c97cb968ccc813bf3) C:\Windows\system32\drivers\WmXlCore.sys
18:35:51.0271 9544 WmXlCore - ok
18:35:51.0316 9544 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:35:51.0320 9544 WPCSvc - ok
18:35:51.0350 9544 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
18:35:51.0356 9544 WPDBusEnum - ok
18:35:51.0400 9544 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:35:51.0402 9544 ws2ifsl - ok
18:35:51.0409 9544 WSearch - ok
18:35:51.0696 9544 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
18:35:51.0737 9544 wuauserv - ok
18:35:51.0800 9544 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:35:51.0804 9544 WudfPf - ok
18:35:51.0867 9544 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:35:51.0871 9544 WUDFRd - ok
18:35:51.0899 9544 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
18:35:51.0904 9544 wudfsvc - ok
18:35:51.0965 9544 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:35:51.0972 9544 WwanSvc - ok
18:35:52.0080 9544 X6va006 - ok
18:35:52.0099 9544 X6va008 - ok
18:35:52.0172 9544 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
18:35:52.0174 9544 xusb21 - ok
18:35:52.0249 9544 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
18:35:52.0287 9544 \Device\Harddisk0\DR0 - ok
18:35:52.0292 9544 Boot (0x1200) (d48ff1b2293ac4fde6ec6cbcecc30bc4) \Device\Harddisk0\DR0\Partition0
18:35:52.0295 9544 \Device\Harddisk0\DR0\Partition0 - ok
18:35:52.0329 9544 Boot (0x1200) (3194e077be19a829c29167c79cd50972) \Device\Harddisk0\DR0\Partition1
18:35:52.0339 9544 \Device\Harddisk0\DR0\Partition1 - ok
18:35:52.0340 9544 ============================================================
18:35:52.0340 9544 Scan finished
18:35:52.0340 9544 ============================================================
18:35:52.0360 6940 Detected object count: 1
18:35:52.0360 6940 Actual detected object count: 1
18:37:00.0843 6940 C:\Windows\system32\ipodservice.dll - copied to quarantine
18:37:00.0844 6940 HKLM\SYSTEM\ControlSet001\services\aracpi - will be deleted on reboot
18:37:00.0869 6940 HKLM\SYSTEM\ControlSet002\services\aracpi - will be deleted on reboot
18:37:01.0003 6940 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\svchost:netsvcs - cured
18:37:01.0050 6940 C:\Windows\system32\ipodservice.dll - will be deleted on reboot
18:37:01.0050 6940 aracpi ( Backdoor.Multi.ZAccess.gen ) - User select action: Delete
18:37:07.0098 2480 Deinitialize success

#6 lilayton

lilayton
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 29 April 2012 - 08:26 PM

malwarebytes found nothing.

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:40 PM

Posted 29 April 2012 - 08:33 PM

OK, good scans.. This was your issue
18:35:52.0360 6940 Detected object count: 1
18:35:52.0360 6940 Actual detected object count: 1
18:37:00.0843 6940 C:\Windows\system32\ipodservice.dll - copied to quarantine
18:37:00.0844 6940 HKLM\SYSTEM\ControlSet001\services\aracpi - will be deleted on reboot
18:37:00.0869 6940 HKLM\SYSTEM\ControlSet002\services\aracpi - will be deleted on reboot
18:37:01.0003 6940 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\svchost:netsvcs - cured
18:37:01.0050 6940 C:\Windows\system32\ipodservice.dll - will be deleted on reboot
18:37:01.0050 6940 aracpi ( Backdoor.Multi.ZAccess.gen ) - User select action: Delete
18:37:07.0098 2480 Deinitialize success


Did you reboot??... "will be deleted on reboot"
One of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

You will need to change your passwords on here. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, it would be wise to contact those same financial institutions to apprise them of your situation.



I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 lilayton

lilayton
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 30 April 2012 - 05:32 AM

After that virus scan took place, I saved a log and rebooted. Before it rebooted, I saw an alienware file that was needed to boot get deleted as well. So now it wont start.

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:40 PM

Posted 30 April 2012 - 09:36 PM

It will not start in Safe mode either?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:09:40 PM

Posted 30 April 2012 - 11:25 PM

Hi lilayton,

I'll will be assisting you.

Also I'll move the topic to the malware forum.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst64 and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

#11 lilayton

lilayton
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 30 April 2012 - 11:36 PM

Thanks for all of the help, turns out there was a problem with my vga monitor that stopped the screen display during boot. The alienware staff couldn't fix and made me reformat. Issue solved :)

#12 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:09:40 PM

Posted 30 April 2012 - 11:41 PM

Glad the issue is resolved. :)

This thread will now be closed since the issue seems to be resolved.

If you need this topic reopened, please send me a Private Message and I will reopen it for you.

If you should have a new issue, please start a new topic.

Every one else should start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users