Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected? Avast, sys restore not working, mult issues


  • This topic is locked This topic is locked
21 replies to this topic

#1 cloudedaze13

cloudedaze13

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:23 PM

Posted 06 May 2012 - 12:21 PM

ISSUES THUS FAR:

Avast Pro webshield no longer working

Avast fails to start (right now wont load or fix itself)

was getting error msg at times trying to run Avast Sandbox

computer freezing up at times during startup or shortly after trying to open various programs

malwarebytes will not load at times (failed to load)

mult programs on task manager listed with no "user name" (csrss.exe winlogon.exe atieclxx.exe) also when I try to close those says access denied

system restore will not work error (0xc000003a)

windows updates fails to load at times

all sorts of processes running 72 total 14 svchost.exe alone


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Owner at 12:00:48 on 2012-05-06
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3836.2632 [GMT -5:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Trend Micro Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
FW: Trend Micro Personal Firewall *Disabled* {70A91CD9-303D-A217-A80E-6DEE136EDB2B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page =
uSearch Bar = Preserve
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cnnb
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
uPolicies-system: WallpaperStyle = 2
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
dPolicies-system: WallpaperStyle = 2
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
TCP: Interfaces\{EFA021F3-35DA-4A5A-BDCB-AED64A6A56A7} : DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
TCP: Interfaces\{EFA021F3-35DA-4A5A-BDCB-AED64A6A56A7}\2494749554C4C4F475 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{EFA021F3-35DA-4A5A-BDCB-AED64A6A56A7}\358656271647F6E6745756374725F6F6D637 : DhcpNameServer = 4.2.2.1
TCP: Interfaces\{EFA021F3-35DA-4A5A-BDCB-AED64A6A56A7}\96E6475627E65647 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{EFA021F3-35DA-4A5A-BDCB-AED64A6A56A7}\D656C66796E602169627 : DhcpNameServer = 192.168.1.1
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
mRun-x64: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1o9fp52h.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2559647&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - foxnews.com
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru\components\ff4\kavlinkfilter4.dll
FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru\components\ff5\kavlinkfilter5.dll
FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru\components\ff6\kavlinkfilter6.dll
FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru\components\ff7\kavlinkfilter7.dll
FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru\components\ff8\kavlinkfilter8.dll
FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru\components\ff4\ffvkplugin4.dll
FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru\components\ff5\ffvkplugin5.dll
FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru\components\ff6\ffvkplugin6.dll
FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru\components\ff7\ffvkplugin7.dll
FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru\components\ff8\ffvkplugin8.dll
FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru\components\ffvkplugin.dll
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\aswNdis.sys --> C:\Windows\system32\DRIVERS\aswNdis.sys [?]
R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\system32\drivers\aswNdis2.sys --> C:\Windows\system32\drivers\aswNdis2.sys [?]
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R1 aswFW;avast! TDI Firewall driver;C:\Windows\system32\drivers\aswFW.sys --> C:\Windows\system32\drivers\aswFW.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-18 140672]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/06/23 18:26:28];C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-3-13 146928]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/09/28 01:41:47];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2009-9-28 146928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-2-4 127192]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 sp_rsdrv2;Spyware Terminator Driver Filter;C:\Windows\system32\DRIVERS\stflt.sys --> C:\Windows\system32\DRIVERS\stflt.sys [?]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2011-9-5 1148632]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-8-15 228408]
R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-2-4 44768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-8 136176]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-8-18 2152152]
S3 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
S3 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-9-28 89600]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-8 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2012-05-04 22:00:04 60416 ----a-w- C:\Windows\System32\athihvui.dll
2012-05-04 22:00:04 439808 ----a-w- C:\Windows\System32\athihvs.dll
2012-05-04 22:00:04 -------- d-----w- C:\Windows\System32\nn-NO
2012-05-04 21:59:31 -------- d-----w- C:\Program Files (x86)\Cisco
2012-05-04 21:59:10 904704 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VC\msdia80.dll
2012-05-03 22:45:04 -------- d-----w- C:\Users\Owner\AppData\Roaming\Comodo
2012-05-03 22:45:03 -------- d-----w- C:\ProgramData\Comodo
2012-05-02 02:00:33 -------- d-----w- C:\Program Files\HitmanPro
2012-05-02 02:00:19 -------- d-----w- C:\ProgramData\HitmanPro
2012-05-01 22:36:35 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes
2012-05-01 22:36:29 -------- d-----w- C:\ProgramData\Malwarebytes
2012-05-01 22:36:28 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
.
==================== Find3M ====================
.
.
============= FINISH: 12:02:21.02 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:23 PM

Posted 10 May 2012 - 09:05 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===

Please post the logs for my review.

#3 cloudedaze13

cloudedaze13
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:23 PM

Posted 10 May 2012 - 06:19 PM

here's my results. When I tried to run the avast program I received an error message saying aswMBR.exe entry point not found ( the procedure entry point awscnGetVirusID could not be located in the dynamic link library aswScan.dll) I was still able to run the scan though. My Avast has been screwed up for weeks now. Webshield stopped working, then after a uninstall and new install now avast won't work at all plus it didn't save my pro version license file.

17:07:05.0571 223208 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
17:07:05.0850 223208 ============================================================
17:07:05.0851 223208 Current date / time: 2012/05/10 17:07:05.0850
17:07:05.0851 223208 SystemInfo:
17:07:05.0851 223208
17:07:05.0851 223208 OS Version: 6.1.7600 ServicePack: 0.0
17:07:05.0851 223208 Product type: Workstation
17:07:05.0851 223208 ComputerName: OWNER-PC
17:07:05.0852 223208 UserName: Owner
17:07:05.0852 223208 Windows directory: C:\Windows
17:07:05.0852 223208 System windows directory: C:\Windows
17:07:05.0852 223208 Running under WOW64
17:07:05.0852 223208 Processor architecture: Intel x64
17:07:05.0852 223208 Number of processors: 2
17:07:05.0852 223208 Page size: 0x1000
17:07:05.0852 223208 Boot type: Normal boot
17:07:05.0852 223208 ============================================================
17:07:07.0736 223208 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:07:07.0753 223208 ============================================================
17:07:07.0754 223208 \Device\Harddisk0\DR0:
17:07:07.0754 223208 MBR partitions:
17:07:07.0754 223208 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
17:07:07.0754 223208 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x38444000
17:07:07.0754 223208 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x384A8000, BlocksNum 0x1EAA000
17:07:07.0754 223208 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
17:07:07.0754 223208 ============================================================
17:07:07.0792 223208 C: <-> \Device\Harddisk0\DR0\Partition1
17:07:07.0845 223208 D: <-> \Device\Harddisk0\DR0\Partition2
17:07:07.0845 223208 ============================================================
17:07:07.0845 223208 Initialize success
17:07:07.0845 223208 ============================================================
17:07:26.0867 223104 ============================================================
17:07:26.0867 223104 Scan started
17:07:26.0867 223104 Mode: Manual;
17:07:26.0867 223104 ============================================================
17:07:28.0318 223104 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE
17:07:28.0329 223104 !SASCORE - ok
17:07:28.0496 223104 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
17:07:28.0511 223104 1394ohci - ok
17:07:28.0552 223104 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
17:07:28.0556 223104 Accelerometer - ok
17:07:28.0610 223104 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
17:07:28.0628 223104 ACPI - ok
17:07:28.0646 223104 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
17:07:28.0649 223104 AcpiPmi - ok
17:07:28.0749 223104 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:07:28.0755 223104 AdobeARMservice - ok
17:07:28.0829 223104 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:07:28.0848 223104 adp94xx - ok
17:07:28.0894 223104 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:07:28.0911 223104 adpahci - ok
17:07:28.0939 223104 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:07:28.0954 223104 adpu320 - ok
17:07:28.0985 223104 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:07:28.0989 223104 AeLookupSvc - ok
17:07:29.0085 223104 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
17:07:29.0090 223104 AESTFilters - ok
17:07:29.0170 223104 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
17:07:29.0189 223104 AFD - ok
17:07:29.0240 223104 AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
17:07:29.0243 223104 AgereModemAudio - ok
17:07:29.0323 223104 AgereSoftModem (af4748ef93416159459769a24a0053af) C:\Windows\system32\DRIVERS\agrsm64.sys
17:07:29.0349 223104 AgereSoftModem - ok
17:07:29.0374 223104 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
17:07:29.0377 223104 agp440 - ok
17:07:29.0408 223104 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:07:29.0412 223104 ALG - ok
17:07:29.0435 223104 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
17:07:29.0437 223104 aliide - ok
17:07:29.0497 223104 AMD External Events Utility (d0d8877969011d1b0ed9c3c55a9a9108) C:\Windows\system32\atiesrxx.exe
17:07:29.0513 223104 AMD External Events Utility - ok
17:07:29.0530 223104 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
17:07:29.0532 223104 amdide - ok
17:07:29.0579 223104 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:07:29.0583 223104 AmdK8 - ok
17:07:29.0618 223104 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:07:29.0622 223104 AmdPPM - ok
17:07:29.0660 223104 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
17:07:29.0664 223104 amdsata - ok
17:07:29.0698 223104 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:07:29.0712 223104 amdsbs - ok
17:07:29.0730 223104 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
17:07:29.0733 223104 amdxata - ok
17:07:29.0785 223104 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
17:07:29.0789 223104 AppID - ok
17:07:29.0818 223104 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:07:29.0822 223104 AppIDSvc - ok
17:07:29.0851 223104 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
17:07:29.0856 223104 Appinfo - ok
17:07:29.0968 223104 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:07:29.0975 223104 Apple Mobile Device - ok
17:07:30.0044 223104 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
17:07:30.0060 223104 AppMgmt - ok
17:07:30.0112 223104 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:07:30.0117 223104 arc - ok
17:07:30.0141 223104 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:07:30.0145 223104 arcsas - ok
17:07:30.0189 223104 aspnet_state - ok
17:07:30.0236 223104 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
17:07:30.0240 223104 aswFsBlk - ok
17:07:30.0305 223104 aswFW (78c8f46f4bd5f9dcfe2af5dfea33f334) C:\Windows\system32\drivers\aswFW.sys
17:07:30.0315 223104 aswFW - ok
17:07:30.0363 223104 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
17:07:30.0368 223104 aswMonFlt - ok
17:07:30.0398 223104 aswNdis (518b8d447a1975ab46da093a2e743256) C:\Windows\system32\DRIVERS\aswNdis.sys
17:07:30.0402 223104 aswNdis - ok
17:07:30.0453 223104 aswNdis2 (a985fa77a3262bc119e6e520cda645b0) C:\Windows\system32\drivers\aswNdis2.sys
17:07:30.0465 223104 aswNdis2 - ok
17:07:30.0492 223104 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
17:07:30.0496 223104 aswRdr - ok
17:07:30.0570 223104 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
17:07:30.0616 223104 aswSnx - ok
17:07:30.0660 223104 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
17:07:30.0678 223104 aswSP - ok
17:07:30.0711 223104 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
17:07:30.0715 223104 aswTdi - ok
17:07:30.0765 223104 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:07:30.0769 223104 AsyncMac - ok
17:07:30.0788 223104 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
17:07:30.0789 223104 atapi - ok
17:07:30.0937 223104 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
17:07:31.0004 223104 athr - ok
17:07:31.0144 223104 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys
17:07:31.0155 223104 AtiHdmiService - ok
17:07:31.0563 223104 atikmdag (c5758bf1dfd762a5b17041ff061b7750) C:\Windows\system32\DRIVERS\atikmdag.sys
17:07:31.0689 223104 atikmdag - ok
17:07:31.0775 223104 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
17:07:31.0778 223104 AtiPcie - ok
17:07:31.0865 223104 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
17:07:31.0892 223104 AudioEndpointBuilder - ok
17:07:31.0908 223104 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
17:07:31.0914 223104 AudioSrv - ok
17:07:31.0991 223104 avast! Antivirus (996e6d052438e8d8dfd501f31560b2e0) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:07:31.0995 223104 avast! Antivirus - ok
17:07:32.0030 223104 avast! Firewall (63d43ba2ea495a9f1c1740a513c7e00b) C:\Program Files\AVAST Software\Avast\afwServ.exe
17:07:32.0040 223104 avast! Firewall - ok
17:07:32.0078 223104 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
17:07:32.0089 223104 AxInstSV - ok
17:07:32.0145 223104 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:07:32.0162 223104 b06bdrv - ok
17:07:32.0209 223104 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:07:32.0223 223104 b57nd60a - ok
17:07:32.0264 223104 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:07:32.0270 223104 BDESVC - ok
17:07:32.0285 223104 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:07:32.0288 223104 Beep - ok
17:07:32.0367 223104 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
17:07:32.0437 223104 BITS - ok
17:07:32.0480 223104 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:07:32.0484 223104 blbdrive - ok
17:07:32.0532 223104 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
17:07:32.0544 223104 bowser - ok
17:07:32.0591 223104 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:07:32.0596 223104 BrFiltLo - ok
17:07:32.0608 223104 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:07:32.0611 223104 BrFiltUp - ok
17:07:32.0642 223104 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
17:07:32.0652 223104 Browser - ok
17:07:32.0683 223104 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:07:32.0697 223104 Brserid - ok
17:07:32.0709 223104 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:07:32.0711 223104 BrSerWdm - ok
17:07:32.0728 223104 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:07:32.0731 223104 BrUsbMdm - ok
17:07:32.0741 223104 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:07:32.0744 223104 BrUsbSer - ok
17:07:32.0788 223104 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:07:32.0791 223104 BTHMODEM - ok
17:07:32.0829 223104 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:07:32.0833 223104 bthserv - ok
17:07:32.0864 223104 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:07:32.0869 223104 cdfs - ok
17:07:32.0915 223104 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
17:07:32.0931 223104 cdrom - ok
17:07:32.0966 223104 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
17:07:32.0971 223104 CertPropSvc - ok
17:07:33.0010 223104 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:07:33.0014 223104 circlass - ok
17:07:33.0055 223104 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:07:33.0080 223104 CLFS - ok
17:07:33.0140 223104 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:07:33.0160 223104 clr_optimization_v2.0.50727_32 - ok
17:07:33.0188 223104 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:07:33.0199 223104 clr_optimization_v2.0.50727_64 - ok
17:07:33.0284 223104 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:07:33.0320 223104 clr_optimization_v4.0.30319_32 - ok
17:07:33.0353 223104 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:07:33.0369 223104 clr_optimization_v4.0.30319_64 - ok
17:07:33.0409 223104 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:07:33.0412 223104 CmBatt - ok
17:07:33.0429 223104 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
17:07:33.0432 223104 cmdide - ok
17:07:33.0498 223104 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
17:07:33.0534 223104 CNG - ok
17:07:33.0624 223104 Com4QLBEx (f9a79c5b27037821112c50a9c8fb367a) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
17:07:33.0639 223104 Com4QLBEx - ok
17:07:33.0674 223104 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:07:33.0678 223104 Compbatt - ok
17:07:33.0725 223104 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:07:33.0729 223104 CompositeBus - ok
17:07:33.0744 223104 COMSysApp - ok
17:07:33.0768 223104 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:07:33.0771 223104 crcdisk - ok
17:07:33.0816 223104 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
17:07:33.0831 223104 CryptSvc - ok
17:07:33.0906 223104 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
17:07:33.0931 223104 CSC - ok
17:07:34.0033 223104 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
17:07:34.0053 223104 CscService - ok
17:07:34.0193 223104 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:07:34.0222 223104 cvhsvc - ok
17:07:34.0381 223104 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
17:07:34.0417 223104 DcomLaunch - ok
17:07:34.0457 223104 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:07:34.0477 223104 defragsvc - ok
17:07:34.0528 223104 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
17:07:34.0541 223104 DfsC - ok
17:07:34.0596 223104 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
17:07:34.0614 223104 Dhcp - ok
17:07:34.0644 223104 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:07:34.0646 223104 discache - ok
17:07:34.0683 223104 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:07:34.0692 223104 Disk - ok
17:07:34.0748 223104 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
17:07:34.0764 223104 Dnscache - ok
17:07:34.0796 223104 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
17:07:34.0814 223104 dot3svc - ok
17:07:34.0875 223104 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
17:07:34.0891 223104 Dot4 - ok
17:07:34.0933 223104 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:07:34.0937 223104 Dot4Print - ok
17:07:34.0955 223104 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
17:07:34.0960 223104 dot4usb - ok
17:07:34.0983 223104 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
17:07:34.0993 223104 DPS - ok
17:07:35.0039 223104 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:07:35.0043 223104 drmkaud - ok
17:07:35.0145 223104 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
17:07:35.0190 223104 DXGKrnl - ok
17:07:35.0237 223104 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:07:35.0254 223104 EapHost - ok
17:07:35.0465 223104 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:07:35.0543 223104 ebdrv - ok
17:07:35.0632 223104 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
17:07:35.0636 223104 EFS - ok
17:07:35.0756 223104 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
17:07:35.0783 223104 ehRecvr - ok
17:07:35.0817 223104 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:07:35.0827 223104 ehSched - ok
17:07:35.0912 223104 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:07:35.0937 223104 elxstor - ok
17:07:35.0972 223104 enecir (524c79054636d2e5751169005006460b) C:\Windows\system32\DRIVERS\enecir.sys
17:07:35.0975 223104 enecir - ok
17:07:35.0999 223104 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
17:07:36.0001 223104 ErrDev - ok
17:07:36.0048 223104 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:07:36.0064 223104 EventSystem - ok
17:07:36.0093 223104 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:07:36.0107 223104 exfat - ok
17:07:36.0133 223104 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:07:36.0147 223104 fastfat - ok
17:07:36.0197 223104 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
17:07:36.0226 223104 Fax - ok
17:07:36.0246 223104 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:07:36.0251 223104 fdc - ok
17:07:36.0279 223104 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:07:36.0282 223104 fdPHost - ok
17:07:36.0294 223104 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:07:36.0298 223104 FDResPub - ok
17:07:36.0313 223104 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:07:36.0317 223104 FileInfo - ok
17:07:36.0327 223104 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:07:36.0330 223104 Filetrace - ok
17:07:36.0353 223104 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:07:36.0356 223104 flpydisk - ok
17:07:36.0385 223104 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
17:07:36.0398 223104 FltMgr - ok
17:07:36.0505 223104 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
17:07:36.0553 223104 FontCache - ok
17:07:36.0602 223104 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:07:36.0607 223104 FontCache3.0.0.0 - ok
17:07:36.0632 223104 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:07:36.0636 223104 FsDepends - ok
17:07:36.0659 223104 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:07:36.0663 223104 Fs_Rec - ok
17:07:36.0726 223104 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:07:36.0740 223104 fvevol - ok
17:07:36.0779 223104 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:07:36.0783 223104 gagp30kx - ok
17:07:36.0830 223104 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:07:36.0834 223104 GEARAspiWDM - ok
17:07:36.0916 223104 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
17:07:36.0962 223104 gpsvc - ok
17:07:37.0084 223104 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:07:37.0093 223104 gupdate - ok
17:07:37.0114 223104 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:07:37.0117 223104 gupdatem - ok
17:07:37.0128 223104 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:07:37.0130 223104 hcw85cir - ok
17:07:37.0180 223104 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
17:07:37.0196 223104 HdAudAddService - ok
17:07:37.0253 223104 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:07:37.0265 223104 HDAudBus - ok
17:07:37.0274 223104 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:07:37.0278 223104 HidBatt - ok
17:07:37.0310 223104 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:07:37.0315 223104 HidBth - ok
17:07:37.0334 223104 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:07:37.0338 223104 HidIr - ok
17:07:37.0370 223104 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:07:37.0376 223104 hidserv - ok
17:07:37.0406 223104 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
17:07:37.0409 223104 HidUsb - ok
17:07:37.0428 223104 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
17:07:37.0440 223104 hkmsvc - ok
17:07:37.0464 223104 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
17:07:37.0480 223104 HomeGroupListener - ok
17:07:37.0519 223104 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
17:07:37.0536 223104 HomeGroupProvider - ok
17:07:37.0636 223104 HP Health Check Service (58c91cca61a948dc6e789c93c05a1d6f) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
17:07:37.0648 223104 HP Health Check Service - ok
17:07:37.0670 223104 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
17:07:37.0673 223104 hpdskflt - ok
17:07:37.0802 223104 hpqcxs08 (ed377b3c83fdea8d906109a085d219ba) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:07:37.0825 223104 hpqcxs08 - ok
17:07:37.0855 223104 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:07:37.0866 223104 hpqddsvc - ok
17:07:37.0915 223104 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
17:07:37.0919 223104 HpqKbFiltr - ok
17:07:37.0999 223104 hpqwmiex (fdf273a845f1ffcceadf363aaf47582f) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:07:38.0012 223104 hpqwmiex - ok
17:07:38.0050 223104 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
17:07:38.0054 223104 HpSAMD - ok
17:07:38.0091 223104 hpsrv (aa036cc5f5221d9b915f4d4dce74ba9a) C:\Windows\system32\Hpservice.exe
17:07:38.0097 223104 hpsrv - ok
17:07:38.0190 223104 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
17:07:38.0217 223104 HTTP - ok
17:07:38.0229 223104 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
17:07:38.0231 223104 hwpolicy - ok
17:07:38.0278 223104 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:07:38.0288 223104 i8042prt - ok
17:07:38.0351 223104 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
17:07:38.0382 223104 iaStorV - ok
17:07:38.0527 223104 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:07:38.0573 223104 idsvc - ok
17:07:38.0962 223104 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
17:07:39.0078 223104 igfx - ok
17:07:39.0179 223104 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:07:39.0183 223104 iirsp - ok
17:07:39.0282 223104 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
17:07:39.0308 223104 IKEEXT - ok
17:07:39.0336 223104 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
17:07:39.0339 223104 intelide - ok
17:07:39.0377 223104 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:07:39.0381 223104 intelppm - ok
17:07:39.0404 223104 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:07:39.0421 223104 IPBusEnum - ok
17:07:39.0453 223104 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:07:39.0458 223104 IpFilterDriver - ok
17:07:39.0474 223104 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:07:39.0479 223104 IPMIDRV - ok
17:07:39.0499 223104 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:07:39.0504 223104 IPNAT - ok
17:07:39.0648 223104 iPod Service (f8e8676d1b6b2cc12df9aa6b1a43d929) C:\Program Files\iPod\bin\iPodService.exe
17:07:39.0676 223104 iPod Service - ok
17:07:39.0713 223104 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:07:39.0716 223104 IRENUM - ok
17:07:39.0763 223104 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
17:07:39.0767 223104 isapnp - ok
17:07:39.0796 223104 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
17:07:39.0811 223104 iScsiPrt - ok
17:07:39.0831 223104 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:07:39.0835 223104 kbdclass - ok
17:07:39.0872 223104 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
17:07:39.0876 223104 kbdhid - ok
17:07:39.0907 223104 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:07:39.0913 223104 KeyIso - ok
17:07:39.0939 223104 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
17:07:39.0950 223104 KSecDD - ok
17:07:39.0977 223104 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
17:07:39.0991 223104 KSecPkg - ok
17:07:40.0019 223104 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:07:40.0023 223104 ksthunk - ok
17:07:40.0089 223104 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:07:40.0112 223104 KtmRm - ok
17:07:40.0161 223104 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
17:07:40.0176 223104 LanmanServer - ok
17:07:40.0206 223104 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
17:07:40.0222 223104 LanmanWorkstation - ok
17:07:40.0490 223104 Lavasoft Ad-Aware Service (4d99fca201b72e0f2ca996e357baa170) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
17:07:40.0534 223104 Lavasoft Ad-Aware Service - ok
17:07:40.0655 223104 Lbd (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys
17:07:40.0660 223104 Lbd - ok
17:07:40.0749 223104 LightScribeService (83d8be94e1cbcbe2ea8372db1a95a159) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:07:40.0759 223104 LightScribeService - ok
17:07:40.0819 223104 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:07:40.0823 223104 lltdio - ok
17:07:40.0878 223104 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:07:40.0897 223104 lltdsvc - ok
17:07:40.0910 223104 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:07:40.0915 223104 lmhosts - ok
17:07:40.0940 223104 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:07:40.0944 223104 LSI_FC - ok
17:07:40.0970 223104 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:07:40.0974 223104 LSI_SAS - ok
17:07:41.0002 223104 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:07:41.0006 223104 LSI_SAS2 - ok
17:07:41.0030 223104 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:07:41.0034 223104 LSI_SCSI - ok
17:07:41.0055 223104 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:07:41.0060 223104 luafv - ok
17:07:41.0170 223104 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
17:07:41.0190 223104 McComponentHostService - ok
17:07:41.0239 223104 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
17:07:41.0258 223104 Mcx2Svc - ok
17:07:41.0286 223104 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:07:41.0291 223104 megasas - ok
17:07:41.0348 223104 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:07:41.0369 223104 MegaSR - ok
17:07:41.0398 223104 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:07:41.0411 223104 MMCSS - ok
17:07:41.0438 223104 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:07:41.0441 223104 Modem - ok
17:07:41.0478 223104 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:07:41.0483 223104 monitor - ok
17:07:41.0529 223104 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:07:41.0533 223104 mouclass - ok
17:07:41.0551 223104 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:07:41.0555 223104 mouhid - ok
17:07:41.0578 223104 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
17:07:41.0581 223104 mountmgr - ok
17:07:41.0607 223104 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
17:07:41.0617 223104 mpio - ok
17:07:41.0636 223104 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:07:41.0639 223104 mpsdrv - ok
17:07:41.0655 223104 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
17:07:41.0666 223104 MRxDAV - ok
17:07:41.0703 223104 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:07:41.0719 223104 mrxsmb - ok
17:07:41.0765 223104 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:07:41.0778 223104 mrxsmb10 - ok
17:07:41.0798 223104 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:07:41.0801 223104 mrxsmb20 - ok
17:07:41.0821 223104 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
17:07:41.0824 223104 msahci - ok
17:07:41.0851 223104 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
17:07:41.0862 223104 msdsm - ok
17:07:41.0896 223104 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:07:41.0912 223104 MSDTC - ok
17:07:41.0951 223104 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:07:41.0955 223104 Msfs - ok
17:07:41.0969 223104 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:07:41.0973 223104 mshidkmdf - ok
17:07:41.0989 223104 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
17:07:41.0992 223104 msisadrv - ok
17:07:42.0038 223104 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:07:42.0053 223104 MSiSCSI - ok
17:07:42.0058 223104 msiserver - ok
17:07:42.0094 223104 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:07:42.0098 223104 MSKSSRV - ok
17:07:42.0110 223104 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:07:42.0114 223104 MSPCLOCK - ok
17:07:42.0119 223104 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:07:42.0121 223104 MSPQM - ok
17:07:42.0154 223104 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
17:07:42.0171 223104 MsRPC - ok
17:07:42.0187 223104 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:07:42.0190 223104 mssmbios - ok
17:07:42.0205 223104 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:07:42.0208 223104 MSTEE - ok
17:07:42.0234 223104 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:07:42.0236 223104 MTConfig - ok
17:07:42.0264 223104 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:07:42.0266 223104 Mup - ok
17:07:42.0318 223104 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
17:07:42.0343 223104 napagent - ok
17:07:42.0402 223104 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:07:42.0420 223104 NativeWifiP - ok
17:07:42.0503 223104 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
17:07:42.0541 223104 NDIS - ok
17:07:42.0565 223104 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:07:42.0569 223104 NdisCap - ok
17:07:42.0598 223104 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:07:42.0601 223104 NdisTapi - ok
17:07:42.0615 223104 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
17:07:42.0618 223104 Ndisuio - ok
17:07:42.0641 223104 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:07:42.0656 223104 NdisWan - ok
17:07:42.0674 223104 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
17:07:42.0678 223104 NDProxy - ok
17:07:42.0764 223104 Net Driver HPZ12 (458a00528bf213a31f51896ec37b91f4) C:\Windows\system32\HPZinw12.dll
17:07:42.0777 223104 Net Driver HPZ12 - ok
17:07:42.0800 223104 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:07:42.0803 223104 NetBIOS - ok
17:07:42.0830 223104 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
17:07:42.0845 223104 NetBT - ok
17:07:42.0869 223104 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:07:42.0871 223104 Netlogon - ok
17:07:42.0924 223104 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:07:42.0941 223104 Netman - ok
17:07:42.0973 223104 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:07:42.0989 223104 netprofm - ok
17:07:43.0041 223104 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:07:43.0052 223104 NetTcpPortSharing - ok
17:07:43.0440 223104 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
17:07:43.0559 223104 netw5v64 - ok
17:07:43.0681 223104 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:07:43.0686 223104 nfrd960 - ok
17:07:43.0746 223104 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
17:07:43.0769 223104 NlaSvc - ok
17:07:43.0869 223104 nmservice (cd569fa91ec6f59d045c19d0d3850f44) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
17:07:43.0897 223104 nmservice - ok
17:07:43.0932 223104 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:07:43.0937 223104 Npfs - ok
17:07:43.0952 223104 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:07:43.0961 223104 nsi - ok
17:07:43.0975 223104 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:07:43.0976 223104 nsiproxy - ok
17:07:44.0105 223104 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
17:07:44.0141 223104 Ntfs - ok
17:07:44.0236 223104 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:07:44.0241 223104 Null - ok
17:07:44.0288 223104 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
17:07:44.0303 223104 nvraid - ok
17:07:44.0327 223104 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
17:07:44.0343 223104 nvstor - ok
17:07:44.0398 223104 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
17:07:44.0408 223104 nv_agp - ok
17:07:44.0443 223104 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
17:07:44.0448 223104 ohci1394 - ok
17:07:44.0529 223104 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:07:44.0544 223104 ose - ok
17:07:44.0904 223104 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:07:45.0008 223104 osppsvc - ok
17:07:45.0138 223104 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:07:45.0165 223104 p2pimsvc - ok
17:07:45.0213 223104 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:07:45.0235 223104 p2psvc - ok
17:07:45.0275 223104 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:07:45.0279 223104 Parport - ok
17:07:45.0311 223104 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
17:07:45.0315 223104 partmgr - ok
17:07:45.0336 223104 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:07:45.0352 223104 PcaSvc - ok
17:07:45.0390 223104 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
17:07:45.0398 223104 pci - ok
17:07:45.0408 223104 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
17:07:45.0411 223104 pciide - ok
17:07:45.0447 223104 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:07:45.0464 223104 pcmcia - ok
17:07:45.0479 223104 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:07:45.0482 223104 pcw - ok
17:07:45.0536 223104 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:07:45.0555 223104 PEAUTH - ok
17:07:45.0691 223104 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
17:07:45.0735 223104 PeerDistSvc - ok
17:07:45.0815 223104 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:07:45.0820 223104 PerfHost - ok
17:07:45.0978 223104 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
17:07:46.0029 223104 pla - ok
17:07:46.0079 223104 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
17:07:46.0096 223104 PlugPlay - ok
17:07:46.0144 223104 Pml Driver HPZ12 (bb3bf7b26daadcbab3ba90c4bcf9e73c) C:\Windows\system32\HPZipm12.dll
17:07:46.0156 223104 Pml Driver HPZ12 - ok
17:07:46.0214 223104 pnarp (fb83b6c62dff5abe36304351d2bed581) C:\Windows\system32\DRIVERS\pnarp.sys
17:07:46.0218 223104 pnarp - ok
17:07:46.0234 223104 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:07:46.0250 223104 PNRPAutoReg - ok
17:07:46.0284 223104 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:07:46.0291 223104 PNRPsvc - ok
17:07:46.0338 223104 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
17:07:46.0358 223104 PolicyAgent - ok
17:07:46.0382 223104 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:07:46.0400 223104 Power - ok
17:07:46.0437 223104 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
17:07:46.0449 223104 PptpMiniport - ok
17:07:46.0475 223104 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:07:46.0478 223104 Processor - ok
17:07:46.0502 223104 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
17:07:46.0518 223104 ProfSvc - ok
17:07:46.0549 223104 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:07:46.0552 223104 ProtectedStorage - ok
17:07:46.0602 223104 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
17:07:46.0605 223104 Psched - ok
17:07:46.0663 223104 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
17:07:46.0680 223104 PSI_SVC_2 - ok
17:07:46.0739 223104 purendis (1b3434642ce3c26e6f24d3a76d749c2a) C:\Windows\system32\DRIVERS\purendis.sys
17:07:46.0744 223104 purendis - ok
17:07:46.0874 223104 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:07:46.0937 223104 ql2300 - ok
17:07:47.0042 223104 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:07:47.0058 223104 ql40xx - ok
17:07:47.0107 223104 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:07:47.0129 223104 QWAVE - ok
17:07:47.0152 223104 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:07:47.0157 223104 QWAVEdrv - ok
17:07:47.0172 223104 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:07:47.0175 223104 RasAcd - ok
17:07:47.0221 223104 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:07:47.0225 223104 RasAgileVpn - ok
17:07:47.0239 223104 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:07:47.0251 223104 RasAuto - ok
17:07:47.0267 223104 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:07:47.0284 223104 Rasl2tp - ok
17:07:47.0479 223104 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
17:07:47.0494 223104 RasMan - ok
17:07:47.0519 223104 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:07:47.0523 223104 RasPppoe - ok
17:07:47.0538 223104 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:07:47.0542 223104 RasSstp - ok
17:07:47.0571 223104 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
17:07:47.0587 223104 rdbss - ok
17:07:47.0610 223104 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:07:47.0613 223104 rdpbus - ok
17:07:47.0628 223104 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:07:47.0629 223104 RDPCDD - ok
17:07:47.0664 223104 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
17:07:47.0679 223104 RDPDR - ok
17:07:47.0714 223104 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:07:47.0715 223104 RDPENCDD - ok
17:07:47.0735 223104 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:07:47.0736 223104 RDPREFMP - ok
17:07:47.0761 223104 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
17:07:47.0775 223104 RDPWD - ok
17:07:47.0803 223104 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
17:07:47.0820 223104 rdyboost - ok
17:07:47.0869 223104 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:07:47.0887 223104 RemoteAccess - ok
17:07:47.0927 223104 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:07:47.0949 223104 RemoteRegistry - ok
17:07:48.0052 223104 RichVideo (498eb62a160674e793fa40fd65390625) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
17:07:48.0066 223104 RichVideo - ok
17:07:48.0085 223104 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:07:48.0092 223104 RpcEptMapper - ok
17:07:48.0098 223104 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:07:48.0102 223104 RpcLocator - ok
17:07:48.0144 223104 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
17:07:48.0150 223104 RpcSs - ok
17:07:48.0216 223104 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:07:48.0221 223104 rspndr - ok
17:07:48.0241 223104 RSUSBSTOR - ok
17:07:48.0286 223104 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:07:48.0301 223104 RTL8167 - ok
17:07:48.0310 223104 RtsUIR - ok
17:07:48.0348 223104 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:07:48.0354 223104 SamSs - ok
17:07:48.0440 223104 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:07:48.0443 223104 SASDIFSV - ok
17:07:48.0451 223104 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:07:48.0453 223104 SASKUTIL - ok
17:07:48.0477 223104 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
17:07:48.0480 223104 sbp2port - ok
17:07:48.0510 223104 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:07:48.0528 223104 SCardSvr - ok
17:07:48.0543 223104 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
17:07:48.0546 223104 scfilter - ok
17:07:48.0632 223104 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
17:07:48.0672 223104 Schedule - ok
17:07:48.0699 223104 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
17:07:48.0700 223104 SCPolicySvc - ok
17:07:48.0732 223104 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
17:07:48.0736 223104 sdbus - ok
17:07:48.0757 223104 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
17:07:48.0773 223104 SDRSVC - ok
17:07:48.0799 223104 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:07:48.0801 223104 secdrv - ok
17:07:48.0814 223104 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
17:07:48.0820 223104 seclogon - ok
17:07:48.0835 223104 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:07:48.0840 223104 SENS - ok
17:07:48.0856 223104 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:07:48.0861 223104 SensrSvc - ok
17:07:48.0887 223104 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:07:48.0890 223104 Serenum - ok
17:07:48.0908 223104 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:07:48.0912 223104 Serial - ok
17:07:48.0927 223104 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:07:48.0930 223104 sermouse - ok
17:07:48.0959 223104 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
17:07:48.0972 223104 SessionEnv - ok
17:07:49.0000 223104 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
17:07:49.0003 223104 sffdisk - ok
17:07:49.0009 223104 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:07:49.0011 223104 sffp_mmc - ok
17:07:49.0016 223104 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
17:07:49.0018 223104 sffp_sd - ok
17:07:49.0024 223104 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:07:49.0027 223104 sfloppy - ok
17:07:49.0128 223104 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
17:07:49.0152 223104 Sftfs - ok
17:07:49.0255 223104 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:07:49.0277 223104 sftlist - ok
17:07:49.0327 223104 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:07:49.0345 223104 Sftplay - ok
17:07:49.0376 223104 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:07:49.0381 223104 Sftredir - ok
17:07:49.0400 223104 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
17:07:49.0403 223104 Sftvol - ok
17:07:49.0430 223104 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:07:49.0445 223104 sftvsa - ok
17:07:49.0496 223104 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:07:49.0513 223104 SharedAccess - ok
17:07:49.0563 223104 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
17:07:49.0590 223104 ShellHWDetection - ok
17:07:49.0633 223104 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:07:49.0640 223104 SiSRaid2 - ok
17:07:49.0669 223104 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:07:49.0674 223104 SiSRaid4 - ok
17:07:49.0725 223104 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:07:49.0737 223104 Smb - ok
17:07:49.0778 223104 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:07:49.0794 223104 SNMPTRAP - ok
17:07:49.0808 223104 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:07:49.0812 223104 spldr - ok
17:07:49.0879 223104 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
17:07:49.0897 223104 Spooler - ok
17:07:50.0093 223104 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
17:07:50.0158 223104 sppsvc - ok
17:07:50.0239 223104 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:07:50.0245 223104 sppuinotify - ok
17:07:50.0318 223104 sp_rsdrv2 (b9657a0aff28c1cb114acc0cb93ee4bb) C:\Windows\system32\DRIVERS\stflt.sys
17:07:50.0323 223104 sp_rsdrv2 - ok
17:07:50.0386 223104 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
17:07:50.0411 223104 srv - ok
17:07:50.0446 223104 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
17:07:50.0463 223104 srv2 - ok
17:07:50.0526 223104 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:07:50.0546 223104 SrvHsfHDA - ok
17:07:50.0672 223104 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:07:50.0724 223104 SrvHsfV92 - ok
17:07:50.0853 223104 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:07:50.0889 223104 SrvHsfWinac - ok
17:07:50.0935 223104 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
17:07:50.0953 223104 srvnet - ok
17:07:51.0006 223104 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:07:51.0030 223104 SSDPSRV - ok
17:07:51.0051 223104 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:07:51.0072 223104 SstpSvc - ok
17:07:51.0246 223104 ST2012_Svc (3cd482fb9e2f73cc63d905495aff56b5) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
17:07:51.0277 223104 ST2012_Svc - ok
17:07:51.0390 223104 STacSV (810199dcc3bdc38304d7d649992ea7bc) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
17:07:51.0405 223104 STacSV - ok
17:07:51.0451 223104 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:07:51.0456 223104 stexstor - ok
17:07:51.0528 223104 STHDA (ed1722f43ce61409ef68340402d6267d) C:\Windows\system32\DRIVERS\stwrt64.sys
17:07:51.0547 223104 STHDA - ok
17:07:51.0633 223104 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
17:07:51.0660 223104 stisvc - ok
17:07:51.0679 223104 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:07:51.0682 223104 swenum - ok
17:07:51.0728 223104 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:07:51.0749 223104 swprv - ok
17:07:51.0821 223104 SynTP (8f63178d1db81bb79270ae55ecdd8321) C:\Windows\system32\DRIVERS\SynTP.sys
17:07:51.0834 223104 SynTP - ok
17:07:51.0948 223104 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
17:07:51.0990 223104 SysMain - ok
17:07:52.0086 223104 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
17:07:52.0106 223104 TabletInputService - ok
17:07:52.0143 223104 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
17:07:52.0168 223104 TapiSrv - ok
17:07:52.0182 223104 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:07:52.0189 223104 TBS - ok
17:07:52.0371 223104 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
17:07:52.0424 223104 Tcpip - ok
17:07:52.0674 223104 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
17:07:52.0689 223104 TCPIP6 - ok
17:07:52.0773 223104 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
17:07:52.0776 223104 tcpipreg - ok
17:07:52.0802 223104 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:07:52.0804 223104 TDPIPE - ok
17:07:52.0821 223104 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
17:07:52.0824 223104 TDTCP - ok
17:07:52.0844 223104 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
17:07:52.0847 223104 tdx - ok
17:07:52.0872 223104 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
17:07:52.0875 223104 TermDD - ok
17:07:52.0927 223104 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
17:07:52.0951 223104 TermService - ok
17:07:52.0962 223104 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:07:52.0967 223104 Themes - ok
17:07:52.0989 223104 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:07:52.0991 223104 THREADORDER - ok
17:07:53.0008 223104 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:07:53.0019 223104 TrkWks - ok
17:07:53.0065 223104 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
17:07:53.0079 223104 TrustedInstaller - ok
17:07:53.0103 223104 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:07:53.0108 223104 tssecsrv - ok
17:07:53.0148 223104 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
17:07:53.0159 223104 tunnel - ok
17:07:53.0178 223104 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:07:53.0181 223104 uagp35 - ok
17:07:53.0218 223104 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
17:07:53.0234 223104 udfs - ok
17:07:53.0257 223104 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:07:53.0263 223104 UI0Detect - ok
17:07:53.0298 223104 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
17:07:53.0301 223104 uliagpkx - ok
17:07:53.0345 223104 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
17:07:53.0349 223104 umbus - ok
17:07:53.0362 223104 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:07:53.0365 223104 UmPass - ok
17:07:53.0431 223104 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
17:07:53.0455 223104 UmRdpService - ok
17:07:53.0493 223104 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:07:53.0515 223104 upnphost - ok
17:07:53.0572 223104 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
17:07:53.0577 223104 USBAAPL64 - ok
17:07:53.0616 223104 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
17:07:53.0628 223104 usbccgp - ok
17:07:53.0637 223104 USBCCID - ok
17:07:53.0687 223104 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
17:07:53.0691 223104 usbcir - ok
17:07:53.0725 223104 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
17:07:53.0728 223104 usbehci - ok
17:07:53.0782 223104 usbfilter (44d9c773febff10593b50ddfc2d6bc27) C:\Windows\system32\DRIVERS\usbfilter.sys
17:07:53.0787 223104 usbfilter - ok
17:07:53.0847 223104 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
17:07:53.0866 223104 usbhub - ok
17:07:53.0905 223104 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
17:07:53.0909 223104 usbohci - ok
17:07:53.0941 223104 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:07:53.0944 223104 usbprint - ok
17:07:53.0980 223104 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:07:53.0984 223104 USBSTOR - ok
17:07:54.0019 223104 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
17:07:54.0023 223104 usbuhci - ok
17:07:54.0076 223104 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
17:07:54.0090 223104 usbvideo - ok
17:07:54.0117 223104 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:07:54.0124 223104 UxSms - ok
17:07:54.0147 223104 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:07:54.0150 223104 VaultSvc - ok
17:07:54.0192 223104 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
17:07:54.0195 223104 vdrvroot - ok
17:07:54.0245 223104 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
17:07:54.0268 223104 vds - ok
17:07:54.0306 223104 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:07:54.0309 223104 vga - ok
17:07:54.0320 223104 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:07:54.0323 223104 VgaSave - ok
17:07:54.0354 223104 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
17:07:54.0372 223104 vhdmp - ok
17:07:54.0390 223104 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
17:07:54.0394 223104 viaide - ok
17:07:54.0418 223104 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
17:07:54.0428 223104 volmgr - ok
17:07:54.0464 223104 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
17:07:54.0483 223104 volmgrx - ok
17:07:54.0527 223104 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
17:07:54.0540 223104 volsnap - ok
17:07:54.0582 223104 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:07:54.0592 223104 vsmraid - ok
17:07:54.0709 223104 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
17:07:54.0761 223104 VSS - ok
17:07:54.0861 223104 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:07:54.0867 223104 vwifibus - ok
17:07:54.0902 223104 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:07:54.0907 223104 vwififlt - ok
17:07:54.0948 223104 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:07:54.0954 223104 vwifimp - ok
17:07:54.0995 223104 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:07:55.0013 223104 W32Time - ok
17:07:55.0041 223104 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:07:55.0044 223104 WacomPen - ok
17:07:55.0084 223104 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:07:55.0088 223104 WANARP - ok
17:07:55.0104 223104 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:07:55.0106 223104 Wanarpv6 - ok
17:07:55.0215 223104 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:07:55.0245 223104 WatAdminSvc - ok
17:07:55.0334 223104 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
17:07:55.0369 223104 wbengine - ok
17:07:55.0460 223104 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:07:55.0477 223104 WbioSrvc - ok
17:07:55.0536 223104 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
17:07:55.0559 223104 wcncsvc - ok
17:07:55.0572 223104 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:07:55.0580 223104 WcsPlugInService - ok
17:07:55.0617 223104 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:07:55.0620 223104 Wd - ok
17:07:55.0679 223104 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:07:55.0714 223104 Wdf01000 - ok
17:07:55.0735 223104 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:07:55.0748 223104 WdiServiceHost - ok
17:07:55.0752 223104 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:07:55.0758 223104 WdiSystemHost - ok
17:07:55.0804 223104 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
17:07:55.0826 223104 WebClient - ok
17:07:55.0851 223104 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:07:55.0865 223104 Wecsvc - ok
17:07:55.0884 223104 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:07:55.0896 223104 wercplsupport - ok
17:07:55.0923 223104 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:07:55.0937 223104 WerSvc - ok
17:07:55.0998 223104 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:07:56.0003 223104 WfpLwf - ok
17:07:56.0016 223104 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:07:56.0020 223104 WIMMount - ok
17:07:56.0029 223104 WinHttpAutoProxySvc - ok
17:07:56.0104 223104 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:07:56.0119 223104 Winmgmt - ok
17:07:56.0245 223104 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
17:07:56.0297 223104 WinRM - ok
17:07:56.0467 223104 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
17:07:56.0473 223104 WinUsb - ok
17:07:56.0555 223104 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:07:56.0589 223104 Wlansvc - ok
17:07:56.0614 223104 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:07:56.0616 223104 WmiAcpi - ok
17:07:56.0673 223104 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:07:56.0687 223104 wmiApSrv - ok
17:07:56.0733 223104 WMPNetworkSvc - ok
17:07:56.0740 223104 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:07:56.0746 223104 WPCSvc - ok
17:07:56.0765 223104 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
17:07:56.0777 223104 WPDBusEnum - ok
17:07:56.0799 223104 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:07:56.0802 223104 ws2ifsl - ok
17:07:56.0806 223104 WSearch - ok
17:07:56.0948 223104 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
17:07:56.0995 223104 wuauserv - ok
17:07:57.0088 223104 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
17:07:57.0092 223104 WudfPf - ok
17:07:57.0136 223104 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:07:57.0151 223104 WUDFRd - ok
17:07:57.0172 223104 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
17:07:57.0191 223104 wudfsvc - ok
17:07:57.0225 223104 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:07:57.0247 223104 WwanSvc - ok
17:07:57.0305 223104 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
17:07:57.0321 223104 yukonw7 - ok
17:07:57.0461 223104 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
17:07:57.0480 223104 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
17:07:57.0570 223104 {55662437-DA8C-40c0-AADA-2C816A897A49} (74983addca2d9618512c088d856d6615) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
17:07:57.0588 223104 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
17:07:57.0625 223104 MBR (0x1B8) (54899efeddc7cc50fad782dfcf105eae) \Device\Harddisk0\DR0
17:07:57.0666 223104 \Device\Harddisk0\DR0 - ok
17:07:57.0698 223104 Boot (0x1200) (fda52d775cd2a8e37c25d057efdb16d6) \Device\Harddisk0\DR0\Partition0
17:07:57.0702 223104 \Device\Harddisk0\DR0\Partition0 - ok
17:07:57.0714 223104 Boot (0x1200) (983054ded5b96046f45f317903ad762d) \Device\Harddisk0\DR0\Partition1
17:07:57.0717 223104 \Device\Harddisk0\DR0\Partition1 - ok
17:07:57.0754 223104 Boot (0x1200) (817902d0ae769ba204993943db4cf410) \Device\Harddisk0\DR0\Partition2
17:07:57.0756 223104 \Device\Harddisk0\DR0\Partition2 - ok
17:07:57.0766 223104 Boot (0x1200) (052b7053281a1a2eae2896e8dc6ed069) \Device\Harddisk0\DR0\Partition3
17:07:57.0768 223104 \Device\Harddisk0\DR0\Partition3 - ok
17:07:57.0768 223104 ============================================================
17:07:57.0768 223104 Scan finished
17:07:57.0768 223104 ============================================================
17:07:57.0779 222924 Detected object count: 0
17:07:57.0779 222924 Actual detected object count: 0



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-10 17:10:25
-----------------------------
17:10:25.849 OS Version: Windows x64 6.1.7600
17:10:25.849 Number of processors: 2 586 0x602
17:10:25.850 ComputerName: OWNER-PC UserName: Owner
17:10:31.066 Initialize success
18:08:41.637 AVAST engine error: 2
18:09:10.497 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:09:10.503 Disk 0 Vendor: ST9500420AS 0003HPM1 Size: 476940MB BusType: 11
18:09:10.618 Disk 0 MBR read successfully
18:09:10.624 Disk 0 MBR scan
18:09:10.631 Disk 0 unknown MBR code
18:09:10.646 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
18:09:10.662 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 460936 MB offset 409600
18:09:10.702 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15700 MB offset 944406528
18:09:10.723 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
18:09:10.778 Disk 0 scanning C:\Windows\system32\drivers
18:09:18.665 Service scanning
18:09:34.037 Modules scanning
18:09:34.060 Disk 0 trace - called modules:
18:09:34.070
18:09:34.076 Scan finished successfully
18:10:09.454 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
18:10:09.460 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"

Attached Files

  • Attached File  MBR.zip   531bytes   0 downloads


#4 cloudedaze13

cloudedaze13
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:23 PM

Posted 10 May 2012 - 07:05 PM

after my post here my computer shut itself down on its own with and started back up this msg

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 1033

Additional information about the problem:
BCCode: 109
BCP1: A3A039D89803E8CC
BCP2: B3B7465EEA82233A
BCP3: FFFFF80000B95080
BCP4: 0000000000000002
OS Version: 6_1_7600
Service Pack: 0_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\051012-35724-01.dmp
C:\Windows\Temp\WER-54163-0.sysdata.xml

#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:23 PM

Posted 11 May 2012 - 08:53 AM

Nothing was removed with the latest scan.

after my post here my computer shut itself down on its own with and started back up this msg


If you restart your computer normally is this BSOD still present?


AVAST may be causing this error.

Remove it using the Add/Remove programs list.

If that fails.

Download Revo Uninstaller

http://majorgeeks.com/Revo_Uninstaller_d5706.html

Revo Uninstaller helps you to remove any unwanted application installed on your computer.

Remove all items pertaining to AVAST.

Keep me posted.

#6 cloudedaze13

cloudedaze13
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:23 PM

Posted 11 May 2012 - 07:08 PM

I did what you said using the revo program due to not being able to uninstall avast normally. After it removed avast I was no longer to connect to the internet. It continued to fail to connect to my network. I started the computer in safe mode with networking and still it would not connect. I tried to repair the connection and that would not work either. I had to do a system restore to regain access to my network.

Ideas??

#7 cloudedaze13

cloudedaze13
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:23 PM

Posted 11 May 2012 - 08:27 PM

when I try to uninstall avast the normal way this is the error that I receive.

Error reading product data from "C:\Program Files\AVAST Software\Avast\setup\part-setup_ais-557.vpx" Setup cannot continue.

#8 cloudedaze13

cloudedaze13
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:23 PM

Posted 11 May 2012 - 08:54 PM

I was able to uninstall avast using there uninstaller tool. It's now removed and I still have network access.

Next??

#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:23 PM

Posted 12 May 2012 - 08:05 AM

Click the Posted Image button. In the Search box, type Command Prompt, and then, in the list of results, double-click Command Prompt.

at the cursor type:
ipconfig /flushdns <-- (A space between g and / is needed)

repeat with
ipconfig /renew

Then hit Enter, type Exit, hit the Enter key.

You may need to run CMD - Command Prompt on Vista - Windows 7 with Elevated Privilege
http://www.mydigitallife.info/2007/02/17/how-to-open-elevated-command-prompt-with-administrator-privileges-in-windows-vista/
<<<>>>

If that fails to restore your internet

Run this tool.

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


#10 cloudedaze13

cloudedaze13
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:23 PM

Posted 12 May 2012 - 10:27 AM

I have internet access again after I was able to uninstall avast. Are there any other issues with my pc from reading my logs?

#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:23 PM

Posted 12 May 2012 - 10:43 AM

This last check.

Third party programs if not up to date can be an open door for an infection

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

#12 cloudedaze13

cloudedaze13
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:23 PM

Posted 14 May 2012 - 08:05 PM

Results of screen317's Security Check version 0.99.32
Windows 7 x64 (UAC is disabled!)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
McAfee Security Scan Plus
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Ad-Aware
Spyware Terminator 2012
CCleaner
SlimCleaner
Java™ 6 Update 14
Java version out of date!
Adobe Flash Player 10.0.32.18 Flash Player out of Date!
Adobe Reader X (10.1.1)
Mozilla Firefox (11.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
``````````End of Log````````````

#13 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:23 PM

Posted 15 May 2012 - 08:25 AM

Secure your system by updating 3rd party programs.

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

Check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

If present remove the old version(s) of Java using the Add/Remove Programs applet.


Java™ 6 Update 14


===

Critical vulnerabilities have been identified in Adobe Flash Player v11.2.202.233 and earlier versions... being exploited in the wild in active targeted attacks...

Get the latest Flash Player

On the top of the page you will be given an opportunity to download the version for your operating system.
Make sure you select appropriate version.

You will also have an option to install the Free! McAfee Security Scan Plus Un-check the box if you are NOT using McAfee's virus protection software.

For the users of Internet Explorer download version 11.
Flash Player 11 (64 bit)
Flash Player 11 (32 bit)
===

If all is well:

Time for some housekeeping

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bold text into the Run box and click OK:

ComboFix /Uninstall
===

Delete the other tools we used.

#14 cloudedaze13

cloudedaze13
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:23 PM

Posted 16 May 2012 - 09:22 PM

Ok I updated my programs as advised. I also tried to run the combofix that you suggested but it said that it was not found. shall I download combo fix?

#15 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:23 PM

Posted 17 May 2012 - 07:26 AM

Just rename ComboFix.exe to UNINSTALL.exe and double click it. It's case insensitive.

If no joy then Install ComboFix again. Run ComboFix /Uninstall (make sure you have a space after ComboFix.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users