Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Periods of Noticeable Slowness


  • This topic is locked This topic is locked
11 replies to this topic

#1 GaryGranath

GaryGranath

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, in the infamous Durham Triangle
  • Local time:01:23 AM

Posted 31 May 2012 - 09:30 PM

I have a Windows 7 Home Premium 64-bit system that's been exhibiting periods of unusual slowness for the hardware I have.

It's a gaming system with an i7 quad-core processor and 6GB of tri-channel memory, which I also use for email, Internet, etc.

It was lightning fast when purchased two years ago but has slowed very gradually and now has noticeable slow episodes from time to time,

not just at boot but when using the Internet, retrieving email, processing documents, using Windows Explorer, etc.

I did thorough virus scans, disk cleanup and defrag, but it still hesitates a bit here and there. I suspect malware of some kind. I manually control

some startup services so I don't think I have that bogging the system. Can someone help me find out if something rotten has crept in?

Thanks, Gary

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:23 AM

Posted 31 May 2012 - 09:42 PM

Hello Gary,lets look.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.



Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.




Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 GaryGranath

GaryGranath
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, in the infamous Durham Triangle
  • Local time:01:23 AM

Posted 11 June 2012 - 03:36 PM

Sorry I haven't responded. I thought I selected the correct option to be notified when someone replied to my post, but I wasn't notified.

And I'm looking at the options for posting and still don't see anything about reply/post notification. I'll keep looking.

Anyhow, I have your reply and will gather the requested information ASAP.


Gary

#4 GaryGranath

GaryGranath
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, in the infamous Durham Triangle
  • Local time:01:23 AM

Posted 11 June 2012 - 04:57 PM

OK. It ought to leap right out at me but I cannot find a link that lets me attach the Results.txt file to my post. This ought to be obvious but I sure am
missing it!

I've scrolled to the top and the bottom of the thread, moused-over every icon, clicked every Settings item I can find, looked at post options. What's up?

How do I give you my results?

Gary

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:23 AM

Posted 11 June 2012 - 06:49 PM

Please remember to click the Watch Topic button at the top right and select Immediate Notification so you do not miss any replies.

You cannot attach in this section.. Use copy/paste

Edited by boopme, 11 June 2012 - 06:50 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 GaryGranath

GaryGranath
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, in the infamous Durham Triangle
  • Local time:01:23 AM

Posted 11 June 2012 - 07:34 PM

OK, thanks. Here are the contents of the Results.txt file. Quite lengthy. I'm trying to get all the malware turned off so I can run RKill. I'll be back.
-------------------------------------------------------------------------------------------------------------------------


MiniToolBox by Farbar Version: 09-06-2012
Ran by Gary (administrator) on 11-06-2012 at 17:28:20
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.1.36 metric=1 publish=Yes


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Jetline-060310C
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : westell.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-1F-BC-09-21-81
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::38dc:9623:e91a:61d1%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.36(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, June 11, 2012 2:06:57 PM
Lease Expires . . . . . . . . . . : Tuesday, June 12, 2012 2:06:57 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234889148
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-A5-70-B4-00-1F-BC-09-21-81
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.westell.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1c5e:1102:cdcb:5783(Preferred)
Link-local IPv6 Address . . . . . : fe80::1c5e:1102:cdcb:5783%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:400a:800::1008
74.125.225.78
74.125.225.64
74.125.225.65
74.125.225.66
74.125.225.67
74.125.225.68
74.125.225.69
74.125.225.70
74.125.225.71
74.125.225.72
74.125.225.73


Pinging google.com [74.125.225.73] with 32 bytes of data:
Reply from 74.125.225.73: bytes=32 time=51ms TTL=54
Reply from 74.125.225.73: bytes=32 time=52ms TTL=54

Ping statistics for 74.125.225.73:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 51ms, Maximum = 52ms, Average = 51ms
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=117ms TTL=50
Reply from 72.30.38.140: bytes=32 time=129ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 117ms, Maximum = 129ms, Average = 123ms
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 1f bc 09 21 81 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.36 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 192.168.1.36 21
169.254.255.255 255.255.255.255 On-link 192.168.1.36 276
192.168.1.0 255.255.255.0 On-link 192.168.1.36 276
192.168.1.36 255.255.255.255 On-link 192.168.1.36 276
192.168.1.255 255.255.255.255 On-link 192.168.1.36 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.36 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.36 276
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
169.254.0.0 255.255.0.0 192.168.1.36 1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:1c5e:1102:cdcb:5783/128
On-link
10 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::1c5e:1102:cdcb:5783/128
On-link
10 276 fe80::38dc:9623:e91a:61d1/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/06/2012 09:18:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: fsx.exe, version: 10.0.61472.0, time stamp: 0x475e17d3
Faulting module name: FSUIPC4.dll_unloaded, version: 0.0.0.0, time stamp: 0x4f993421
Exception code: 0xc0000005
Fault offset: 0x61037304
Faulting process id: 0xd2c
Faulting application start time: 0xfsx.exe0
Faulting application path: fsx.exe1
Faulting module path: fsx.exe2
Report Id: fsx.exe3

Error: (05/31/2012 09:20:08 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154, Class not registered
.


Operation:
Instantiating VSS server

Error: (05/31/2012 09:20:08 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered.
This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider.
The error returned from CoCreateInstance on class with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and Name IVssCoordinatorEx2 is [0x80040154, Class not registered
].


Operation:
Instantiating VSS server

Error: (05/30/2012 01:03:32 PM) (Source: Application Error) (User: )
Description: Faulting application name: fsx.exe, version: 10.0.61472.0, time stamp: 0x475e17d3
Faulting module name: FSUIPC4.dll_unloaded, version: 0.0.0.0, time stamp: 0x4f993421
Exception code: 0xc0000005
Fault offset: 0x61037304
Faulting process id: 0x1210
Faulting application start time: 0xfsx.exe0
Faulting application path: fsx.exe1
Faulting module path: fsx.exe2
Report Id: fsx.exe3

Error: (05/22/2012 10:06:45 PM) (Source: Application Error) (User: )
Description: Faulting application name: fsx.exe, version: 10.0.61472.0, time stamp: 0x475e17d3
Faulting module name: FSUIPC4.dll_unloaded, version: 0.0.0.0, time stamp: 0x4f993421
Exception code: 0xc0000005
Fault offset: 0x61037304
Faulting process id: 0xaf0
Faulting application start time: 0xfsx.exe0
Faulting application path: fsx.exe1
Faulting module path: fsx.exe2
Report Id: fsx.exe3

Error: (05/15/2012 00:39:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: fsx.exe, version: 10.0.61472.0, time stamp: 0x475e17d3
Faulting module name: FSUIPC4.dll_unloaded, version: 0.0.0.0, time stamp: 0x4f993421
Exception code: 0xc0000005
Fault offset: 0x61037304
Faulting process id: 0xd4
Faulting application start time: 0xfsx.exe0
Faulting application path: fsx.exe1
Faulting module path: fsx.exe2
Report Id: fsx.exe3

Error: (05/08/2012 01:13:18 PM) (Source: Application Hang) (User: )
Description: The program PlanG.exe version 2.0.5.493 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: fcc

Start Time: 01cd2d3bf9ec382a

Termination Time: 30

Application Path: C:\TA Software\Plan-G v2\PlanG.exe

Report Id: 189053cf-9931-11e1-a4ef-001fbc092181

Error: (05/08/2012 00:56:55 PM) (Source: Application Hang) (User: )
Description: The program PlanG.exe version 2.0.5.493 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e20

Start Time: 01cd2d3b1e9eb0fd

Termination Time: 70

Application Path: C:\TA Software\Plan-G v2\PlanG.exe

Report Id: ce0b029e-992e-11e1-a4ef-001fbc092181

Error: (05/08/2012 00:53:36 PM) (Source: Application Hang) (User: )
Description: The program PlanG.exe version 2.0.5.493 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 478

Start Time: 01cd2d37aa12f690

Termination Time: 202

Application Path: C:\TA Software\Plan-G v2\PlanG.exe

Report Id: 56df9f24-992e-11e1-a4ef-001fbc092181

Error: (05/08/2012 00:06:39 AM) (Source: Application Error) (User: )
Description: Faulting application name: fsx.exe, version: 10.0.61472.0, time stamp: 0x475e17d3
Faulting module name: FSUIPC4.dll_unloaded, version: 0.0.0.0, time stamp: 0x4f993421
Exception code: 0xc0000005
Fault offset: 0x61037304
Faulting process id: 0xd00
Faulting application start time: 0xfsx.exe0
Faulting application path: fsx.exe1
Faulting module path: fsx.exe2
Report Id: fsx.exe3


System errors:
=============
Error: (06/11/2012 02:06:50 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: SYSTEM)
Description: Performance power management features on processor 3 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (06/11/2012 02:06:50 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: SYSTEM)
Description: Performance power management features on processor 1 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (06/11/2012 02:06:50 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: SYSTEM)
Description: Performance power management features on processor 2 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (06/11/2012 02:06:50 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: SYSTEM)
Description: Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (06/10/2012 10:05:54 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: SYSTEM)
Description: Performance power management features on processor 3 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (06/10/2012 10:05:54 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: SYSTEM)
Description: Performance power management features on processor 1 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (06/10/2012 10:05:54 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: SYSTEM)
Description: Performance power management features on processor 2 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (06/10/2012 10:05:54 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: SYSTEM)
Description: Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (06/10/2012 02:47:18 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: SYSTEM)
Description: Performance power management features on processor 3 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (06/10/2012 02:47:18 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: SYSTEM)
Description: Performance power management features on processor 1 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.


Microsoft Office Sessions:
=========================
Error: (06/06/2012 09:18:17 PM) (Source: Application Error)(User: )
Description: fsx.exe10.0.61472.0475e17d3FSUIPC4.dll_unloaded0.0.0.04f993421c000000561037304d2c01cd442a403100dfF:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exeFSUIPC4.dlla9100865-b03e-11e1-b282-001fbc092181

Error: (05/31/2012 09:20:08 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040154, Class not registered


Operation:
Instantiating VSS server

Error: (05/31/2012 09:20:08 PM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80040154, Class not registered


Operation:
Instantiating VSS server

Error: (05/30/2012 01:03:32 PM) (Source: Application Error)(User: )
Description: fsx.exe10.0.61472.0475e17d3FSUIPC4.dll_unloaded0.0.0.04f993421c000000561037304121001cd3e850f69f778F:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exeFSUIPC4.dll626f00c4-aa79-11e1-97af-001fbc092181

Error: (05/22/2012 10:06:45 PM) (Source: Application Error)(User: )
Description: fsx.exe10.0.61472.0475e17d3FSUIPC4.dll_unloaded0.0.0.04f993421c000000561037304af001cd384a2fb6340bF:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exeFSUIPC4.dllf1ccbd56-a47b-11e1-ae21-001fbc092181

Error: (05/15/2012 00:39:06 PM) (Source: Application Error)(User: )
Description: fsx.exe10.0.61472.0475e17d3FSUIPC4.dll_unloaded0.0.0.04f993421c000000561037304d401cd32b4234f83fdF:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exeFSUIPC4.dll7c549dc9-9eac-11e1-8892-001fbc092181

Error: (05/08/2012 01:13:18 PM) (Source: Application Hang)(User: )
Description: PlanG.exe2.0.5.493fcc01cd2d3bf9ec382a30C:\TA Software\Plan-G v2\PlanG.exe189053cf-9931-11e1-a4ef-001fbc092181

Error: (05/08/2012 00:56:55 PM) (Source: Application Hang)(User: )
Description: PlanG.exe2.0.5.493e2001cd2d3b1e9eb0fd70C:\TA Software\Plan-G v2\PlanG.exece0b029e-992e-11e1-a4ef-001fbc092181

Error: (05/08/2012 00:53:36 PM) (Source: Application Hang)(User: )
Description: PlanG.exe2.0.5.49347801cd2d37aa12f690202C:\TA Software\Plan-G v2\PlanG.exe56df9f24-992e-11e1-a4ef-001fbc092181

Error: (05/08/2012 00:06:39 AM) (Source: Application Error)(User: )
Description: fsx.exe10.0.61472.0475e17d3FSUIPC4.dll_unloaded0.0.0.04f993421c000000561037304d0001cd2cccba770c96F:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exeFSUIPC4.dll35b4c256-98c3-11e1-ac22-001fbc092181


=========================== Installed Programs ============================

Acoustica Effects Pack (Version: 1.0)
Active Sky 2012 (Version: 13.1.4363.9190)
Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Reader X (10.1.3) (Version: 10.1.3)
AlacrityPC (Version: 1.0.0)
Canon DIGITAL CAMERA Solution Disk Software Guide (Version: 1.1.0.2)
Canon IJ Network Scan Utility
Canon IJ Network Tool
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.7.2.11)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon Internet Library for ZoomBrowser EX (Version: 1.6.3.9)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.4.0.8)
Canon MP Navigator EX 3.1
Canon MX870 series MP Drivers
Canon MX870 series User Registration
Canon Personal Printing Guide (Version: 1.1.0.2)
Canon PowerShot A3100 IS and PowerShot A3000 IS Camera User Guide (Version: 1.0.0.2)
Canon Utilities CameraWindow (Version: 7.4.0.7)
Canon Utilities CameraWindow DC 8 (Version: 8.1.0.11)
Canon Utilities Movie Uploader for YouTube (Version: 1.0.0.11)
Canon Utilities My Printer
Canon Utilities MyCamera (Version: 7.3.0.5)
Canon Utilities PhotoStitch (Version: 3.1.22.46)
Canon Utilities Solution Menu
Canon Utilities ZoomBrowser EX (Version: 6.5.0.14)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.3.0.4)
CCleaner (Version: 3.15)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Cortona3D Viewer (Version: 6.0.180)
D3DX10 (Version: 15.4.2368.0902)
ESET Smart Security (Version: 4.2.64.12)
Flight Training - December 2011 (Version: 1.0.8)
FS Design Studio V3.5.1 (Version: 3.50.1000)
FSGenesis Alaska-Hawaii Terrain Mesh for FSX (Version: 2.1)
FSGenesis Canada Terrain Mesh for FSX (Version: 1.0.0)
FSGenesis Mexico Terrain Mesh for FSX (Version: 2.0.0)
FSGenesis North America Terrain Mesh for FSX -- Plains (Version: 2.0.0)
FSGenesis North America Terrain Mesh for FSX -- Rockies (Version: 2.0.0)
FSGenesis North America Terrain Mesh for FSX -- West Coast (Version: 2.0.0)
FSGenesis US National Landclass Project for FSX (Version: 2.02)
FSX Learner Aircraft
Garmin Lifetime Updater (Version: 2.1.7)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.111)
Hawker Hurricane IIA for FS2004
Instant Scenery (Version: 2.02)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 32 (Version: 6.0.320)
Junk Mail filter update (Version: 15.4.3502.0922)
LightScribe System Software (Version: 1.18.2.1)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Flight Simulator X (Version: 10.0.61355.0)
Microsoft Flight Simulator X SDK SP1A (Version: 10.0.61355.0)
Microsoft Flight Simulator X Service Pack 1 (Version: 10.0.61355.0)
Microsoft Flight Simulator X Service Pack 2 (Version: 10.0.61472.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Nero 8 Essentials (Version: 8.3.569)
neroxml (Version: 1.0.0)
NVIDIA 3D Vision Controller Driver 285.62 (Version: 285.62)
NVIDIA 3D Vision Driver 285.62 (Version: 285.62)
NVIDIA Control Panel 285.62 (Version: 285.62)
NVIDIA Display Control Panel (Version: 6.14.12.5721)
NVIDIA Graphics Driver 285.62 (Version: 285.62)
NVIDIA Install Application (Version: 2.1002.46.235)
NVIDIA PhysX (Version: 9.11.0621)
NVIDIA PhysX System Software 9.11.0621 (Version: 9.11.0621)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.8562)
NVIDIA Update 1.5.20 (Version: 1.5.20)
NVIDIA Update Components (Version: 1.5.20)
Pdf995
Plan-G (Version: 2.0.3)
RCS B-25J RAF MkII for FSX
Realtek High Definition Audio Driver (Version: 6.0.1.5928)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.550.0)
SBuilderX313 (Version: 3.1.3)
Skype™ 5.5 (Version: 5.5.124)
Spin It Again
TrackIR4
TurboTax 2010
TurboTax 2010 WinPerFedFormset (Version: 010.000.3535)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0425)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0202)
TurboTax 2010 wnciper (Version: 010.000.1103)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.3161)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0496)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0218)
TurboTax 2011 wnciper (Version: 011.000.1545)
TurboTax 2011 wrapper (Version: 011.000.0121)
Ultimate Terrain X - USA
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VCRedistSetup (Version: 1.0.0)
Verizon Wireless Software Upgrade Assistant - SAMSUNG (TL-PC) (Version: 1.11.0602)
Verizon Wireless Software Upgrade Assistant - Samsung (Version: 1.11.0808)
Watchtower Library 2011 - English (Version: 13.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Wings of POWER II: P51 Mustang

========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 6135.18 MB
Available physical RAM: 4247.4 MB
Total Pagefile: 12268.55 MB
Available Pagefile: 10280.93 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.63 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:391.57 GB) NTFS
3 Drive f: (Flight Sim) (Fixed) (Total:698.63 GB) (Free:661.09 GB) NTFS

========================= Users: ========================================

User accounts for \\JETLINE-060310C

Administrator Gary Guest
UpdatusUser


**** End of log ****




#7 GaryGranath

GaryGranath
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, in the infamous Durham Triangle
  • Local time:01:23 AM

Posted 11 June 2012 - 09:45 PM

OK. I seem to have run all the tools successfully. Frankly, nothing jumps out; only 174 cookies. Odd... I just cleaned them out earlier this week. They're like rabbits.
Here are the log files - a lot of data! You didn't ask for the Rkill log but it appears to contain nothing significant. Is this a strong indication that my system is clean, or
do you have some other tricks up your sleeve?

I think I need to manually reactivate Windows Defender, don't I?


Superantispyware Log:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/11/2012 at 09:46 PM

Application Version : 5.0.1150

Core Rules Database Version : 8718
Trace Rules Database Version: 6530

Scan type : Complete Scan
Total Scan Time : 00:33:38

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 625
Memory threats detected : 0
Registry items scanned : 70274
Registry threats detected : 0
File items scanned : 149889
File threats detected : 174

Adware.Tracking Cookie
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\OG70W22R.txt [ /invitemedia.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\2HPWBL2I.txt [ /adxpose.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\838BUUTY.txt [ /ru4.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\H791VHV8.txt [ /accounts.google.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\9L6984ZZ.txt [ /ads.paper.li ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\VKFCYWYD.txt [ /myweather.112.2o7.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\BDDOA6P2.txt [ /traveladvertising.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\1USI6706.txt [ /ad.wsod.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\Y24YRSZU.txt [ /statcounter.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\ECDD6T1B.txt [ /collective-media.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\O4KJS00H.txt [ /liveperson.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\L3RYDF7U.txt [ /webstat.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\5KW9YJ7H.txt [ /adserver.adtechus.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\IHCCKS8Y.txt [ /apmebf.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\X77R9OW3.txt [ /pointroll.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\CGNG0BQ2.txt [ /accountonline.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\XHOUPMGT.txt [ /citi.bridgetrack.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\JS7N0VCT.txt [ /burstnet.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\DWALGQCB.txt [ /ar.atwola.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\NOL2RGN3.txt [ /247realmedia.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\IKRK2NOV.txt [ /ad.simflight.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\NZ3KPSWT.txt [ /ihg.db.advertising.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\EUXNQJKY.txt [ /fastclick.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\NM9JONGJ.txt [ /ads.pubmatic.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\J5DHWCJL.txt [ /www.burstnet.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\RVYMSK9Z.txt [ /doubleclick.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\1DM082CX.txt [ /media6degrees.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\N1B33995.txt [ /lfstmedia.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\R6W08XHF.txt [ /revsci.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\E08YPOSX.txt [ /burstbeacon.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\7ZY7BQ60.txt [ /imrworldwide.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\8GM6B075.txt [ /lucidmedia.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\J91YNX69.txt [ /ads.pointroll.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\BD7OBKDO.txt [ /www.googleadservices.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\DF77D9NG.txt [ /statse.webtrendslive.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\UW4JVAQ1.txt [ /ihg2.db.advertising.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\0CBATJW2.txt [ /ads.rmmneuron.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\R38JHMY7.txt [ /usatoday1.112.2o7.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\2GCEDW9K.txt [ /www.t-shirtcountdown.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\T2ME7DY3.txt [ /realmedia.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\4A1DETEK.txt [ /adserver.aopa.org ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\B2VRTQUS.txt [ /legolas-media.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\1048U5YO.txt [ /www.googleadservices.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\GDK3LXUZ.txt [ /ads.masslive.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\XE44N37R.txt [ /ad.yieldmanager.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\3JG00TL9.txt [ /specificclick.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\NQ6ZKN5V.txt [ /advertising.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\WY2NSG63.txt [ /ads.bleepingcomputer.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\I8MRJ1LR.txt [ /casalemedia.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\MOMI60HM.txt [ /tacoda.at.atwola.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\08AR3LPZ.txt [ /ussearch.122.2o7.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\V3SYVWTN.txt [ /clickbooth.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\Q07OSX6J.txt [ /www.burstbeacon.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\I6HWEH8R.txt [ /2o7.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\EQHBNYBD.txt [ /ads.al.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\GDILUZKY.txt [ /trafficmp.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\M0JY4T3A.txt [ /cbcnewmedia.112.2o7.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\VSK5BRRW.txt [ /kontera.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\Z0WTWEG9.txt [ /atdmt.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\XU36P1CF.txt [ /tinbuadserv.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\76MPJ2K9.txt [ /ads.undertone.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\UJHQKZV9.txt [ /a1.interclick.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\WKTN4916.txt [ /mediaservices-d.openxenterprise.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\XYXU3RHG.txt [ /tribalfusion.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\NF0N3JI7.txt [ /questionmarket.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\NLY2R7WJ.txt [ /beatthetraffic.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\15TE5YV1.txt [ /yieldmanager.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\K0GZ0NGA.txt [ /serving-sys.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\TG2P5NE4.txt [ /interclick.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\A03PJN16.txt [ /c.atdmt.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\YYPN3Y76.txt [ /adbrite.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\LQW438I7.txt [ /at.atwola.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\PFSQAKWA.txt [ /dmtracker.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\9FVH8JF1.txt [ /msnportal.112.2o7.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\TDW4TE26.txt [ /network.realmedia.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\31XVK1LT.txt [ /liveperson.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\0APT5ET8.txt [ /mediaplex.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\DHZ82PE0.txt [ /adinterax.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\6XE3K53C.txt [ /liveperson.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\EHVBQOXF.txt [ /zedo.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\96XJS2ZZ.txt [ /hotwire.db.advertising.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\3B0BM0TJ.txt [ /pro-market.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\7FZ9W77Y.txt [ /dc.tremormedia.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\FO43KI0P.txt [ /media2.legacy.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\38SYTHJ0.txt [ /sales.liveperson.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\WTTL3CTS.txt [ /ads.nj.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\SC9WTVGY.txt [ /data.coremetrics.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\ZHRRMQ6A.txt [ /ads.flightsim.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\RZVJ93YV.txt [ /ads.mlive.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\63U6O4I3.txt [ /ads.pennlive.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\YC8WNSO1.txt [ /ads.oregonlive.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\MZL114X3.txt [ /www.googleadservices.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\65LRM49X.txt [ /aopa.112.2o7.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\EA5B9TWE.txt [ /ads.cleveland.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\NLWSH7S0.txt [ /ad.360yield.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\V80I0BWO.txt [ /ads.syracuse.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\EWD411JW.txt [ /bs.serving-sys.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\7J9QHH0U.txt [ /citizenstelecom.112.2o7.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\3AQ7WQLU.txt [ /ehg-verizon.hitbox.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\I3YBCGD9.txt [ /amazon-adsystem.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\JCH1B3Y6.txt [ /hitbox.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\HOWMR5HR.txt [ /media.adfrontiers.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\IXNPTIA4.txt [ /networldmedia.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\6AY8O6DC.txt [ /ads.wncoutdoors.info ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\J9I4UXQT.txt [ /idgenterprise.112.2o7.net ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\W1YHJMHZ.txt [ /www.googleadservices.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\RNNVY1T9.txt [ /ads.nola.com ]
C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies\XSVNKPG9.txt [ /www.googleadservices.com ]
C:\USERS\GARY\AppData\Roaming\Microsoft\Windows\Cookies\IB59VBKC.txt [ Cookie:gary@adsonar.com/adserving ]
C:\USERS\GARY\Cookies\OG70W22R.txt [ Cookie:gary@invitemedia.com/ ]
C:\USERS\GARY\Cookies\838BUUTY.txt [ Cookie:gary@ru4.com/ ]
C:\USERS\GARY\Cookies\H791VHV8.txt [ Cookie:gary@accounts.google.com/ ]
C:\USERS\GARY\Cookies\VKFCYWYD.txt [ Cookie:gary@myweather.112.2o7.net/ ]
C:\USERS\GARY\Cookies\BDDOA6P2.txt [ Cookie:gary@traveladvertising.com/ ]
C:\USERS\GARY\Cookies\Y24YRSZU.txt [ Cookie:gary@statcounter.com/ ]
C:\USERS\GARY\Cookies\ECDD6T1B.txt [ Cookie:gary@collective-media.net/ ]
C:\USERS\GARY\Cookies\O4KJS00H.txt [ Cookie:gary@liveperson.net/hc/44153975 ]
C:\USERS\GARY\Cookies\L3RYDF7U.txt [ Cookie:gary@webstat.com/ ]
C:\USERS\GARY\Cookies\IHCCKS8Y.txt [ Cookie:gary@apmebf.com/ ]
C:\USERS\GARY\Cookies\X77R9OW3.txt [ Cookie:gary@pointroll.com/ ]
C:\USERS\GARY\Cookies\IB59VBKC.txt [ Cookie:gary@adsonar.com/adserving ]
C:\USERS\GARY\Cookies\JS7N0VCT.txt [ Cookie:gary@burstnet.com/ ]
C:\USERS\GARY\Cookies\DWALGQCB.txt [ Cookie:gary@ar.atwola.com/ ]
C:\USERS\GARY\Cookies\NOL2RGN3.txt [ Cookie:gary@247realmedia.com/ ]
C:\USERS\GARY\Cookies\EUXNQJKY.txt [ Cookie:gary@fastclick.net/ ]
C:\USERS\GARY\Cookies\J5DHWCJL.txt [ Cookie:gary@www.burstnet.com/ ]
C:\USERS\GARY\Cookies\RVYMSK9Z.txt [ Cookie:gary@doubleclick.net/ ]
C:\USERS\GARY\Cookies\1DM082CX.txt [ Cookie:gary@media6degrees.com/ ]
C:\USERS\GARY\Cookies\N1B33995.txt [ Cookie:gary@lfstmedia.com/ ]
C:\USERS\GARY\Cookies\R6W08XHF.txt [ Cookie:gary@revsci.net/ ]
C:\USERS\GARY\Cookies\E08YPOSX.txt [ Cookie:gary@burstbeacon.com/ ]
C:\USERS\GARY\Cookies\7ZY7BQ60.txt [ Cookie:gary@imrworldwide.com/cgi-bin ]
C:\USERS\GARY\Cookies\8GM6B075.txt [ Cookie:gary@lucidmedia.com/ ]
C:\USERS\GARY\Cookies\J91YNX69.txt [ Cookie:gary@ads.pointroll.com/ ]
C:\USERS\GARY\Cookies\BD7OBKDO.txt [ Cookie:gary@www.googleadservices.com/pagead/conversion/1012840371/ ]
C:\USERS\GARY\Cookies\DF77D9NG.txt [ Cookie:gary@statse.webtrendslive.com/ ]
C:\USERS\GARY\Cookies\UW4JVAQ1.txt [ Cookie:gary@ihg2.db.advertising.com/ ]
C:\USERS\GARY\Cookies\2GCEDW9K.txt [ Cookie:gary@www.t-shirtcountdown.com/ ]
C:\USERS\GARY\Cookies\T2ME7DY3.txt [ Cookie:gary@realmedia.com/ ]
C:\USERS\GARY\Cookies\B2VRTQUS.txt [ Cookie:gary@legolas-media.com/ ]
C:\USERS\GARY\Cookies\1048U5YO.txt [ Cookie:gary@www.googleadservices.com/pagead/conversion/1071797063/ ]
C:\USERS\GARY\Cookies\NQ6ZKN5V.txt [ Cookie:gary@advertising.com/ ]
C:\USERS\GARY\Cookies\I8MRJ1LR.txt [ Cookie:gary@casalemedia.com/ ]
C:\USERS\GARY\Cookies\MOMI60HM.txt [ Cookie:gary@tacoda.at.atwola.com/ ]
C:\USERS\GARY\Cookies\V3SYVWTN.txt [ Cookie:gary@clickbooth.com/ ]
C:\USERS\GARY\Cookies\Q07OSX6J.txt [ Cookie:gary@www.burstbeacon.com/ ]
C:\USERS\GARY\Cookies\I6HWEH8R.txt [ Cookie:gary@2o7.net/ ]
C:\USERS\GARY\Cookies\GDILUZKY.txt [ Cookie:gary@trafficmp.com/ ]
C:\USERS\GARY\Cookies\M0JY4T3A.txt [ Cookie:gary@cbcnewmedia.112.2o7.net/ ]
C:\USERS\GARY\Cookies\XU36P1CF.txt [ Cookie:gary@tinbuadserv.com/ ]
C:\USERS\GARY\Cookies\UJHQKZV9.txt [ Cookie:gary@a1.interclick.com/ ]
C:\USERS\GARY\Cookies\XYXU3RHG.txt [ Cookie:gary@tribalfusion.com/ ]
C:\USERS\GARY\Cookies\NF0N3JI7.txt [ Cookie:gary@questionmarket.com/ ]
C:\USERS\GARY\Cookies\15TE5YV1.txt [ Cookie:gary@yieldmanager.net/ ]
C:\USERS\GARY\Cookies\K0GZ0NGA.txt [ Cookie:gary@serving-sys.com/ ]
C:\USERS\GARY\Cookies\A03PJN16.txt [ Cookie:gary@c.atdmt.com/ ]
C:\USERS\GARY\Cookies\LQW438I7.txt [ Cookie:gary@at.atwola.com/ ]
C:\USERS\GARY\Cookies\31XVK1LT.txt [ Cookie:gary@liveperson.net/ ]
C:\USERS\GARY\Cookies\0APT5ET8.txt [ Cookie:gary@mediaplex.com/ ]
C:\USERS\GARY\Cookies\DHZ82PE0.txt [ Cookie:gary@adinterax.com/ ]
C:\USERS\GARY\Cookies\6XE3K53C.txt [ Cookie:gary@liveperson.net/hc/18262047 ]
C:\USERS\GARY\Cookies\96XJS2ZZ.txt [ Cookie:gary@hotwire.db.advertising.com/ ]
C:\USERS\GARY\Cookies\FO43KI0P.txt [ Cookie:gary@media2.legacy.com/ ]
C:\USERS\GARY\Cookies\38SYTHJ0.txt [ Cookie:gary@sales.liveperson.net/ ]
C:\USERS\GARY\Cookies\SC9WTVGY.txt [ Cookie:gary@data.coremetrics.com/ ]
C:\USERS\GARY\Cookies\65LRM49X.txt [ Cookie:gary@aopa.112.2o7.net/ ]
C:\USERS\GARY\Cookies\EWD411JW.txt [ Cookie:gary@bs.serving-sys.com/ ]
C:\USERS\GARY\Cookies\7J9QHH0U.txt [ Cookie:gary@citizenstelecom.112.2o7.net/ ]
C:\USERS\GARY\Cookies\3AQ7WQLU.txt [ Cookie:gary@ehg-verizon.hitbox.com/ ]
C:\USERS\GARY\Cookies\JCH1B3Y6.txt [ Cookie:gary@hitbox.com/ ]
C:\USERS\GARY\Cookies\HOWMR5HR.txt [ Cookie:gary@media.adfrontiers.com/ ]
C:\USERS\GARY\Cookies\J9I4UXQT.txt [ Cookie:gary@idgenterprise.112.2o7.net/ ]
C:\USERS\GARY\Cookies\W1YHJMHZ.txt [ Cookie:gary@www.googleadservices.com/pagead/conversion/976177990/ ]
C:\USERS\GARY\Cookies\XSVNKPG9.txt [ Cookie:gary@www.googleadservices.com/pagead/conversion/1072738770/ ]


TDSSKiller Log:
22:02:34.0457 1644 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
22:02:34.0941 1644 ============================================================
22:02:34.0941 1644 Current date / time: 2012/06/11 22:02:34.0941
22:02:34.0941 1644 SystemInfo:
22:02:34.0941 1644
22:02:34.0941 1644 OS Version: 6.1.7601 ServicePack: 1.0
22:02:34.0941 1644 Product type: Workstation
22:02:34.0941 1644 ComputerName: JETLINE-060310C
22:02:34.0941 1644 UserName: Gary
22:02:34.0941 1644 Windows directory: C:\Windows
22:02:34.0941 1644 System windows directory: C:\Windows
22:02:34.0941 1644 Running under WOW64
22:02:34.0941 1644 Processor architecture: Intel x64
22:02:34.0941 1644 Number of processors: 4
22:02:34.0941 1644 Page size: 0x1000
22:02:34.0941 1644 Boot type: Normal boot
22:02:34.0941 1644 ============================================================
22:02:36.0173 1644 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x17A85, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
22:02:36.0189 1644 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
22:02:36.0189 1644 ============================================================
22:02:36.0189 1644 \Device\Harddisk0\DR0:
22:02:36.0189 1644 MBR partitions:
22:02:36.0189 1644 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000
22:02:36.0189 1644 \Device\Harddisk1\DR1:
22:02:36.0189 1644 MBR partitions:
22:02:36.0189 1644 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:02:36.0189 1644 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
22:02:36.0189 1644 ============================================================
22:02:36.0205 1644 C: <-> \Device\Harddisk1\DR1\Partition1
22:02:36.0236 1644 F: <-> \Device\Harddisk0\DR0\Partition0
22:02:36.0236 1644 ============================================================
22:02:36.0236 1644 Initialize success
22:02:36.0236 1644 ============================================================
22:03:05.0221 1220 ============================================================
22:03:05.0221 1220 Scan started
22:03:05.0221 1220 Mode: Manual; TDLFS;
22:03:05.0221 1220 ============================================================
22:03:05.0798 1220 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:03:05.0798 1220 !SASCORE - ok
22:03:05.0923 1220 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:03:05.0923 1220 1394ohci - ok
22:03:05.0954 1220 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:03:05.0969 1220 ACPI - ok
22:03:06.0001 1220 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:03:06.0001 1220 AcpiPmi - ok
22:03:06.0063 1220 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:03:06.0063 1220 AdobeARMservice - ok
22:03:06.0157 1220 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:03:06.0157 1220 AdobeFlashPlayerUpdateSvc - ok
22:03:06.0188 1220 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:03:06.0219 1220 adp94xx - ok
22:03:06.0219 1220 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:03:06.0250 1220 adpahci - ok
22:03:06.0344 1220 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:03:06.0344 1220 adpu320 - ok
22:03:06.0359 1220 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:03:06.0359 1220 AeLookupSvc - ok
22:03:06.0406 1220 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
22:03:06.0406 1220 AFD - ok
22:03:06.0437 1220 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:03:06.0453 1220 agp440 - ok
22:03:06.0453 1220 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:03:06.0453 1220 ALG - ok
22:03:06.0469 1220 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:03:06.0484 1220 aliide - ok
22:03:06.0484 1220 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:03:06.0500 1220 amdide - ok
22:03:06.0500 1220 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:03:06.0515 1220 AmdK8 - ok
22:03:06.0515 1220 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:03:06.0531 1220 AmdPPM - ok
22:03:06.0547 1220 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:03:06.0562 1220 amdsata - ok
22:03:06.0578 1220 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:03:06.0593 1220 amdsbs - ok
22:03:06.0593 1220 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:03:06.0609 1220 amdxata - ok
22:03:06.0640 1220 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:03:06.0656 1220 AppID - ok
22:03:06.0671 1220 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:03:06.0671 1220 AppIDSvc - ok
22:03:06.0687 1220 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
22:03:06.0687 1220 Appinfo - ok
22:03:06.0703 1220 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:03:06.0718 1220 arc - ok
22:03:06.0718 1220 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:03:06.0718 1220 arcsas - ok
22:03:06.0734 1220 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:03:06.0734 1220 AsyncMac - ok
22:03:06.0749 1220 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:03:06.0749 1220 atapi - ok
22:03:06.0796 1220 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:03:06.0796 1220 AudioEndpointBuilder - ok
22:03:06.0796 1220 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:03:06.0796 1220 AudioSrv - ok
22:03:06.0827 1220 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
22:03:06.0827 1220 AxInstSV - ok
22:03:06.0859 1220 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:03:06.0859 1220 b06bdrv - ok
22:03:06.0890 1220 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:03:06.0905 1220 b57nd60a - ok
22:03:06.0921 1220 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:03:06.0921 1220 BDESVC - ok
22:03:06.0937 1220 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:03:06.0937 1220 Beep - ok
22:03:07.0015 1220 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
22:03:07.0015 1220 BFE - ok
22:03:07.0077 1220 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
22:03:07.0077 1220 BITS - ok
22:03:07.0093 1220 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:03:07.0108 1220 blbdrive - ok
22:03:07.0139 1220 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:03:07.0155 1220 bowser - ok
22:03:07.0155 1220 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:03:07.0171 1220 BrFiltLo - ok
22:03:07.0171 1220 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:03:07.0171 1220 BrFiltUp - ok
22:03:07.0186 1220 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
22:03:07.0202 1220 Browser - ok
22:03:07.0217 1220 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:03:07.0233 1220 Brserid - ok
22:03:07.0233 1220 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:03:07.0249 1220 BrSerWdm - ok
22:03:07.0264 1220 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:03:07.0264 1220 BrUsbMdm - ok
22:03:07.0280 1220 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:03:07.0280 1220 BrUsbSer - ok
22:03:07.0295 1220 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:03:07.0295 1220 BTHMODEM - ok
22:03:07.0311 1220 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:03:07.0311 1220 bthserv - ok
22:03:07.0327 1220 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:03:07.0327 1220 cdfs - ok
22:03:07.0358 1220 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
22:03:07.0358 1220 cdrom - ok
22:03:07.0373 1220 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:03:07.0373 1220 CertPropSvc - ok
22:03:07.0405 1220 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:03:07.0405 1220 circlass - ok
22:03:07.0436 1220 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:03:07.0436 1220 CLFS - ok
22:03:07.0483 1220 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:03:07.0483 1220 clr_optimization_v2.0.50727_32 - ok
22:03:07.0514 1220 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:03:07.0514 1220 clr_optimization_v2.0.50727_64 - ok
22:03:07.0576 1220 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:03:07.0576 1220 clr_optimization_v4.0.30319_32 - ok
22:03:07.0592 1220 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:03:07.0592 1220 clr_optimization_v4.0.30319_64 - ok
22:03:07.0592 1220 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:03:07.0607 1220 CmBatt - ok
22:03:07.0623 1220 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:03:07.0639 1220 cmdide - ok
22:03:07.0670 1220 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
22:03:07.0701 1220 CNG - ok
22:03:07.0701 1220 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:03:07.0717 1220 Compbatt - ok
22:03:07.0732 1220 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:03:07.0748 1220 CompositeBus - ok
22:03:07.0748 1220 COMSysApp - ok
22:03:07.0748 1220 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:03:07.0748 1220 crcdisk - ok
22:03:07.0779 1220 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
22:03:07.0779 1220 CryptSvc - ok
22:03:07.0826 1220 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:03:07.0826 1220 DcomLaunch - ok
22:03:07.0857 1220 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:03:07.0857 1220 defragsvc - ok
22:03:07.0888 1220 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:03:07.0888 1220 DfsC - ok
22:03:07.0919 1220 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
22:03:07.0919 1220 Dhcp - ok
22:03:07.0935 1220 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:03:07.0935 1220 discache - ok
22:03:07.0966 1220 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:03:07.0966 1220 Disk - ok
22:03:07.0997 1220 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
22:03:07.0997 1220 Dnscache - ok
22:03:08.0029 1220 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
22:03:08.0029 1220 dot3svc - ok
22:03:08.0044 1220 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
22:03:08.0060 1220 DPS - ok
22:03:08.0075 1220 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:03:08.0075 1220 drmkaud - ok
22:03:08.0138 1220 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:03:08.0138 1220 DXGKrnl - ok
22:03:08.0200 1220 eamonm (398fdc5694f2ba9e51e321ca40d1706e) C:\Windows\system32\DRIVERS\eamonm.sys
22:03:08.0200 1220 eamonm - ok
22:03:08.0200 1220 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:03:08.0200 1220 EapHost - ok
22:03:08.0309 1220 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:03:08.0387 1220 ebdrv - ok
22:03:08.0465 1220 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
22:03:08.0465 1220 EFS - ok
22:03:08.0512 1220 ehdrv (e99457900012b53b2226f146ecaf9136) C:\Windows\system32\DRIVERS\ehdrv.sys
22:03:08.0512 1220 ehdrv - ok
22:03:08.0575 1220 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
22:03:08.0575 1220 ehRecvr - ok
22:03:08.0637 1220 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:03:08.0637 1220 ehSched - ok
22:03:08.0684 1220 EhttpSrv (11c3ad68dcf80201c9f74edee6da3804) C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
22:03:08.0684 1220 EhttpSrv - ok
22:03:08.0746 1220 ekrn (efa198f8983d064a81052851f7bb80c2) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
22:03:08.0746 1220 ekrn - ok
22:03:08.0793 1220 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:03:08.0809 1220 elxstor - ok
22:03:08.0840 1220 epfw (f9d0d6a7a6d48391be1f314ef7669ce2) C:\Windows\system32\DRIVERS\epfw.sys
22:03:08.0855 1220 epfw - ok
22:03:08.0871 1220 Epfwndis (96620ad728144d8e30a7baec9ddc811c) C:\Windows\system32\DRIVERS\Epfwndis.sys
22:03:08.0902 1220 Epfwndis - ok
22:03:08.0933 1220 epfwwfp (16576f3a76f4d0dd83522d69b5eafaa1) C:\Windows\system32\DRIVERS\epfwwfp.sys
22:03:08.0949 1220 epfwwfp - ok
22:03:08.0965 1220 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:03:08.0980 1220 ErrDev - ok
22:03:09.0058 1220 esihdrv - ok
22:03:09.0089 1220 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:03:09.0089 1220 EventSystem - ok
22:03:09.0105 1220 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:03:09.0121 1220 exfat - ok
22:03:09.0136 1220 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:03:09.0167 1220 fastfat - ok
22:03:09.0230 1220 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
22:03:09.0230 1220 Fax - ok
22:03:09.0245 1220 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:03:09.0261 1220 fdc - ok
22:03:09.0261 1220 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:03:09.0261 1220 fdPHost - ok
22:03:09.0277 1220 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:03:09.0277 1220 FDResPub - ok
22:03:09.0292 1220 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:03:09.0308 1220 FileInfo - ok
22:03:09.0308 1220 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:03:09.0323 1220 Filetrace - ok
22:03:09.0370 1220 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:03:09.0370 1220 flpydisk - ok
22:03:09.0386 1220 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:03:09.0433 1220 FltMgr - ok
22:03:09.0495 1220 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
22:03:09.0511 1220 FontCache - ok
22:03:09.0557 1220 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:03:09.0573 1220 FontCache3.0.0.0 - ok
22:03:09.0573 1220 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:03:09.0589 1220 FsDepends - ok
22:03:09.0604 1220 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
22:03:09.0604 1220 Fs_Rec - ok
22:03:09.0651 1220 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:03:09.0667 1220 fvevol - ok
22:03:09.0667 1220 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:03:09.0698 1220 gagp30kx - ok
22:03:09.0745 1220 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
22:03:09.0760 1220 gpsvc - ok
22:03:09.0807 1220 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:03:09.0807 1220 gupdate - ok
22:03:09.0823 1220 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:03:09.0823 1220 gupdatem - ok
22:03:09.0823 1220 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:03:09.0823 1220 hcw85cir - ok
22:03:09.0854 1220 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
22:03:09.0854 1220 HdAudAddService - ok
22:03:09.0869 1220 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:03:09.0869 1220 HDAudBus - ok
22:03:09.0885 1220 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:03:09.0901 1220 HidBatt - ok
22:03:09.0916 1220 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:03:09.0916 1220 HidBth - ok
22:03:09.0932 1220 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:03:09.0947 1220 HidIr - ok
22:03:09.0963 1220 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
22:03:09.0963 1220 hidserv - ok
22:03:10.0010 1220 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
22:03:10.0025 1220 HidUsb - ok
22:03:10.0041 1220 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
22:03:10.0041 1220 hkmsvc - ok
22:03:10.0072 1220 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
22:03:10.0088 1220 HomeGroupListener - ok
22:03:10.0088 1220 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
22:03:10.0088 1220 HomeGroupProvider - ok
22:03:10.0119 1220 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:03:10.0119 1220 HpSAMD - ok
22:03:10.0166 1220 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:03:10.0181 1220 HTTP - ok
22:03:10.0197 1220 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:03:10.0197 1220 hwpolicy - ok
22:03:10.0228 1220 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
22:03:10.0244 1220 i8042prt - ok
22:03:10.0275 1220 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:03:10.0291 1220 iaStorV - ok
22:03:10.0353 1220 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:03:10.0353 1220 IDriverT - ok
22:03:10.0431 1220 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:03:10.0431 1220 idsvc - ok
22:03:10.0509 1220 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:03:10.0509 1220 iirsp - ok
22:03:10.0556 1220 IJPLMSVC (c5b04409186a27409bd069580208a6d3) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
22:03:10.0556 1220 IJPLMSVC - ok
22:03:10.0603 1220 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
22:03:10.0618 1220 IKEEXT - ok
22:03:10.0727 1220 IntcAzAudAddService (a9638fa0fb0c5b86229c3fd809ce8cff) C:\Windows\system32\drivers\RTKVHD64.sys
22:03:10.0743 1220 IntcAzAudAddService - ok
22:03:10.0790 1220 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:03:10.0790 1220 intelide - ok
22:03:10.0805 1220 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:03:10.0805 1220 intelppm - ok
22:03:10.0852 1220 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
22:03:10.0852 1220 IntuitUpdateService - ok
22:03:10.0915 1220 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
22:03:10.0915 1220 IntuitUpdateServiceV4 - ok
22:03:10.0930 1220 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:03:10.0930 1220 IPBusEnum - ok
22:03:10.0961 1220 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:03:10.0961 1220 IpFilterDriver - ok
22:03:11.0008 1220 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
22:03:11.0008 1220 iphlpsvc - ok
22:03:11.0039 1220 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:03:11.0039 1220 IPMIDRV - ok
22:03:11.0055 1220 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:03:11.0071 1220 IPNAT - ok
22:03:11.0102 1220 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:03:11.0102 1220 IRENUM - ok
22:03:11.0133 1220 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:03:11.0133 1220 isapnp - ok
22:03:11.0164 1220 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:03:11.0164 1220 iScsiPrt - ok
22:03:11.0180 1220 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
22:03:11.0195 1220 kbdclass - ok
22:03:11.0211 1220 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
22:03:11.0211 1220 kbdhid - ok
22:03:11.0227 1220 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:03:11.0227 1220 KeyIso - ok
22:03:11.0242 1220 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
22:03:11.0242 1220 KSecDD - ok
22:03:11.0273 1220 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
22:03:11.0289 1220 KSecPkg - ok
22:03:11.0289 1220 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:03:11.0305 1220 ksthunk - ok
22:03:11.0429 1220 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:03:11.0429 1220 KtmRm - ok
22:03:11.0445 1220 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
22:03:11.0445 1220 LanmanServer - ok
22:03:11.0476 1220 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
22:03:11.0476 1220 LanmanWorkstation - ok
22:03:11.0507 1220 LightScribeService (9dbafd6106ee59d548aa1b0c144799ef) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
22:03:11.0523 1220 LightScribeService - ok
22:03:11.0539 1220 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:03:11.0554 1220 lltdio - ok
22:03:11.0570 1220 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:03:11.0570 1220 lltdsvc - ok
22:03:11.0585 1220 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:03:11.0585 1220 lmhosts - ok
22:03:11.0585 1220 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:03:11.0601 1220 LSI_FC - ok
22:03:11.0617 1220 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:03:11.0617 1220 LSI_SAS - ok
22:03:11.0632 1220 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:03:11.0632 1220 LSI_SAS2 - ok
22:03:11.0648 1220 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:03:11.0663 1220 LSI_SCSI - ok
22:03:11.0679 1220 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:03:11.0679 1220 luafv - ok
22:03:11.0710 1220 lvpepf64 (07389f6925e490d2db7882110e99921c) C:\Windows\system32\DRIVERS\lv302a64.sys
22:03:11.0710 1220 lvpepf64 - ok
22:03:11.0757 1220 LVRS64 (7f0ba3a6e8996f15693c6b7d81da049e) C:\Windows\system32\DRIVERS\lvrs64.sys
22:03:11.0757 1220 LVRS64 - ok
22:03:11.0773 1220 LVUSBS64 (5c3ff68267a5d242ee79ee01b993d6ce) C:\Windows\system32\drivers\LVUSBS64.sys
22:03:11.0773 1220 LVUSBS64 - ok
22:03:11.0804 1220 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
22:03:11.0804 1220 Mcx2Svc - ok
22:03:11.0819 1220 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:03:11.0835 1220 megasas - ok
22:03:11.0851 1220 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:03:11.0866 1220 MegaSR - ok
22:03:11.0882 1220 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:03:11.0882 1220 MMCSS - ok
22:03:11.0882 1220 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:03:11.0882 1220 Modem - ok
22:03:11.0882 1220 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:03:11.0882 1220 monitor - ok
22:03:11.0897 1220 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
22:03:11.0897 1220 mouclass - ok
22:03:11.0913 1220 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:03:11.0913 1220 mouhid - ok
22:03:11.0944 1220 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:03:11.0944 1220 mountmgr - ok
22:03:11.0960 1220 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:03:11.0975 1220 mpio - ok
22:03:11.0975 1220 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:03:11.0991 1220 mpsdrv - ok
22:03:12.0038 1220 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
22:03:12.0053 1220 MpsSvc - ok
22:03:12.0069 1220 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:03:12.0085 1220 MRxDAV - ok
22:03:12.0100 1220 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:03:12.0100 1220 mrxsmb - ok
22:03:12.0147 1220 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:03:12.0163 1220 mrxsmb10 - ok
22:03:12.0178 1220 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:03:12.0194 1220 mrxsmb20 - ok
22:03:12.0209 1220 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:03:12.0209 1220 msahci - ok
22:03:12.0225 1220 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:03:12.0241 1220 msdsm - ok
22:03:12.0256 1220 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:03:12.0256 1220 MSDTC - ok
22:03:12.0256 1220 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:03:12.0256 1220 Msfs - ok
22:03:12.0272 1220 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:03:12.0272 1220 mshidkmdf - ok
22:03:12.0287 1220 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:03:12.0303 1220 msisadrv - ok
22:03:12.0319 1220 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:03:12.0319 1220 MSiSCSI - ok
22:03:12.0334 1220 msiserver - ok
22:03:12.0350 1220 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:03:12.0350 1220 MSKSSRV - ok
22:03:12.0365 1220 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:03:12.0365 1220 MSPCLOCK - ok
22:03:12.0365 1220 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:03:12.0381 1220 MSPQM - ok
22:03:12.0397 1220 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:03:12.0412 1220 MsRPC - ok
22:03:12.0412 1220 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:03:12.0412 1220 mssmbios - ok
22:03:12.0428 1220 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:03:12.0428 1220 MSTEE - ok
22:03:12.0443 1220 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:03:12.0443 1220 MTConfig - ok
22:03:12.0459 1220 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:03:12.0475 1220 Mup - ok
22:03:12.0506 1220 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
22:03:12.0506 1220 napagent - ok
22:03:12.0537 1220 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:03:12.0537 1220 NativeWifiP - ok
22:03:12.0599 1220 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
22:03:12.0599 1220 NDIS - ok
22:03:12.0615 1220 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:03:12.0631 1220 NdisCap - ok
22:03:12.0631 1220 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:03:12.0631 1220 NdisTapi - ok
22:03:12.0646 1220 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:03:12.0646 1220 Ndisuio - ok
22:03:12.0662 1220 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:03:12.0677 1220 NdisWan - ok
22:03:12.0693 1220 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:03:12.0724 1220 NDProxy - ok
22:03:12.0724 1220 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:03:12.0740 1220 NetBIOS - ok
22:03:12.0771 1220 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:03:12.0771 1220 NetBT - ok
22:03:12.0802 1220 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:03:12.0802 1220 Netlogon - ok
22:03:13.0005 1220 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:03:13.0021 1220 Netman - ok
22:03:13.0036 1220 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:03:13.0036 1220 netprofm - ok
22:03:13.0099 1220 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:03:13.0099 1220 NetTcpPortSharing - ok
22:03:13.0130 1220 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:03:13.0145 1220 nfrd960 - ok
22:03:13.0192 1220 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
22:03:13.0192 1220 NlaSvc - ok
22:03:13.0286 1220 NMIndexingService (cb992ae1506985d9167e85883b4c3240) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
22:03:13.0348 1220 NMIndexingService - ok
22:03:13.0348 1220 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:03:13.0364 1220 Npfs - ok
22:03:13.0395 1220 npusbio (95a2ab418251a3b2a2571cde880b80d0) C:\Windows\system32\Drivers\npusbio_x64.sys
22:03:13.0395 1220 npusbio - ok
22:03:13.0411 1220 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:03:13.0411 1220 nsi - ok
22:03:13.0411 1220 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:03:13.0411 1220 nsiproxy - ok
22:03:13.0660 1220 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:03:13.0707 1220 Ntfs - ok
22:03:14.0347 1220 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:03:14.0456 1220 Null - ok
22:03:15.0002 1220 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:03:15.0049 1220 nvlddmkm - ok
22:03:15.0127 1220 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:03:15.0127 1220 nvraid - ok
22:03:15.0158 1220 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:03:15.0173 1220 nvstor - ok
22:03:15.0283 1220 nvsvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe
22:03:15.0298 1220 nvsvc - ok
22:03:15.0423 1220 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
22:03:15.0439 1220 nvUpdatusService - ok
22:03:15.0485 1220 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:03:15.0501 1220 nv_agp - ok
22:03:15.0532 1220 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:03:15.0532 1220 ohci1394 - ok
22:03:15.0563 1220 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:03:15.0563 1220 ose - ok
22:03:15.0579 1220 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:03:15.0579 1220 p2pimsvc - ok
22:03:15.0610 1220 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:03:15.0610 1220 p2psvc - ok
22:03:15.0626 1220 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:03:15.0641 1220 Parport - ok
22:03:15.0657 1220 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
22:03:15.0673 1220 partmgr - ok
22:03:15.0688 1220 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:03:15.0688 1220 PcaSvc - ok
22:03:15.0704 1220 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:03:15.0735 1220 pci - ok
22:03:15.0735 1220 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:03:15.0751 1220 pciide - ok
22:03:15.0766 1220 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:03:15.0782 1220 pcmcia - ok
22:03:15.0797 1220 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:03:15.0797 1220 pcw - ok
22:03:15.0829 1220 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:03:15.0844 1220 PEAUTH - ok
22:03:15.0891 1220 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:03:15.0891 1220 PerfHost - ok
22:03:16.0016 1220 PID_PEPI (087a343dfc337f37723dd7912de6b6cd) C:\Windows\system32\DRIVERS\LV302V64.SYS
22:03:16.0031 1220 PID_PEPI - ok
22:03:16.0125 1220 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
22:03:16.0141 1220 pla - ok
22:03:16.0172 1220 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
22:03:16.0187 1220 PlugPlay - ok
22:03:16.0187 1220 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:03:16.0187 1220 PNRPAutoReg - ok
22:03:16.0203 1220 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:03:16.0203 1220 PNRPsvc - ok
22:03:16.0250 1220 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
22:03:16.0250 1220 PolicyAgent - ok
22:03:16.0281 1220 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:03:16.0297 1220 Power - ok
22:03:16.0328 1220 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:03:16.0359 1220 PptpMiniport - ok
22:03:16.0359 1220 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:03:16.0375 1220 Processor - ok
22:03:16.0406 1220 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
22:03:16.0406 1220 ProfSvc - ok
22:03:16.0421 1220 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:03:16.0421 1220 ProtectedStorage - ok
22:03:16.0593 1220 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:03:16.0624 1220 Psched - ok
22:03:16.0702 1220 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:03:16.0733 1220 ql2300 - ok
22:03:16.0780 1220 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:03:16.0780 1220 ql40xx - ok
22:03:16.0796 1220 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:03:16.0796 1220 QWAVE - ok
22:03:16.0811 1220 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:03:16.0811 1220 QWAVEdrv - ok
22:03:16.0827 1220 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:03:16.0843 1220 RasAcd - ok
22:03:16.0843 1220 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:03:16.0858 1220 RasAgileVpn - ok
22:03:16.0874 1220 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:03:16.0874 1220 RasAuto - ok
22:03:16.0905 1220 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:03:16.0921 1220 Rasl2tp - ok
22:03:16.0967 1220 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
22:03:16.0967 1220 RasMan - ok
22:03:16.0983 1220 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:03:16.0983 1220 RasPppoe - ok
22:03:17.0014 1220 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:03:17.0014 1220 RasSstp - ok
22:03:17.0045 1220 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:03:17.0045 1220 rdbss - ok
22:03:17.0045 1220 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:03:17.0061 1220 rdpbus - ok
22:03:17.0061 1220 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:03:17.0061 1220 RDPCDD - ok
22:03:17.0077 1220 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:03:17.0077 1220 RDPENCDD - ok
22:03:17.0092 1220 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:03:17.0092 1220 RDPREFMP - ok
22:03:17.0123 1220 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
22:03:17.0123 1220 RDPWD - ok
22:03:17.0170 1220 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:03:17.0170 1220 rdyboost - ok
22:03:17.0186 1220 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:03:17.0186 1220 RemoteAccess - ok
22:03:17.0201 1220 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:03:17.0201 1220 RemoteRegistry - ok
22:03:17.0217 1220 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:03:17.0217 1220 RpcEptMapper - ok
22:03:17.0248 1220 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:03:17.0248 1220 RpcLocator - ok
22:03:17.0279 1220 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:03:17.0295 1220 RpcSs - ok
22:03:17.0326 1220 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:03:17.0326 1220 rspndr - ok
22:03:17.0373 1220 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
22:03:17.0389 1220 RTL8167 - ok
22:03:17.0435 1220 SaiH0461 (be1d7d7ba1dbff394f7513a83cd55a9d) C:\Windows\system32\DRIVERS\SaiH0461.sys
22:03:17.0435 1220 SaiH0461 - ok
22:03:17.0467 1220 SaiH0763 (45c0b193065219189772a038e6c29d49) C:\Windows\system32\DRIVERS\SaiH0763.sys
22:03:17.0467 1220 SaiH0763 - ok
22:03:17.0467 1220 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:03:17.0482 1220 SamSs - ok
22:03:17.0560 1220 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:03:17.0560 1220 SASDIFSV - ok
22:03:17.0576 1220 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:03:17.0576 1220 SASKUTIL - ok
22:03:17.0591 1220 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:03:17.0607 1220 sbp2port - ok
22:03:17.0638 1220 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:03:17.0638 1220 SCardSvr - ok
22:03:17.0654 1220 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:03:17.0669 1220 scfilter - ok
22:03:17.0732 1220 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
22:03:17.0732 1220 Schedule - ok
22:03:17.0763 1220 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:03:17.0763 1220 SCPolicySvc - ok
22:03:17.0779 1220 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
22:03:17.0779 1220 SDRSVC - ok
22:03:17.0810 1220 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:03:17.0825 1220 secdrv - ok
22:03:17.0857 1220 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
22:03:17.0857 1220 seclogon - ok
22:03:17.0857 1220 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
22:03:17.0872 1220 SENS - ok
22:03:17.0872 1220 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:03:17.0872 1220 SensrSvc - ok
22:03:17.0888 1220 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:03:17.0888 1220 Serenum - ok
22:03:17.0919 1220 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:03:17.0950 1220 Serial - ok
22:03:17.0981 1220 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:03:17.0981 1220 sermouse - ok
22:03:18.0013 1220 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
22:03:18.0013 1220 SessionEnv - ok
22:03:18.0028 1220 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:03:18.0044 1220 sffdisk - ok
22:03:18.0044 1220 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:03:18.0059 1220 sffp_mmc - ok
22:03:18.0059 1220 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:03:18.0059 1220 sffp_sd - ok
22:03:18.0059 1220 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:03:18.0075 1220 sfloppy - ok
22:03:18.0091 1220 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
22:03:18.0106 1220 SharedAccess - ok
22:03:18.0137 1220 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
22:03:18.0137 1220 ShellHWDetection - ok
22:03:18.0153 1220 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:03:18.0169 1220 SiSRaid2 - ok
22:03:18.0184 1220 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:03:18.0200 1220 SiSRaid4 - ok
22:03:18.0215 1220 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:03:18.0215 1220 Smb - ok
22:03:18.0231 1220 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:03:18.0231 1220 SNMPTRAP - ok
22:03:18.0247 1220 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:03:18.0247 1220 spldr - ok
22:03:18.0293 1220 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
22:03:18.0293 1220 Spooler - ok
22:03:18.0403 1220 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
22:03:18.0449 1220 sppsvc - ok
22:03:18.0527 1220 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:03:18.0527 1220 sppuinotify - ok
22:03:18.0574 1220 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:03:18.0590 1220 srv - ok
22:03:18.0621 1220 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:03:18.0637 1220 srv2 - ok
22:03:18.0652 1220 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:03:18.0652 1220 srvnet - ok
22:03:18.0683 1220 sscdbus (f4f1e1ff6986fe8914525af751ea3eac) C:\Windows\system32\DRIVERS\sscdbus.sys
22:03:18.0683 1220 sscdbus - ok
22:03:18.0699 1220 sscdmdfl (5447690d2cfe1bde1be3a5a5a3e2f796) C:\Windows\system32\DRIVERS\sscdmdfl.sys
22:03:18.0699 1220 sscdmdfl - ok
22:03:18.0761 1220 sscdmdm (bfda292053aeb76a0c1d63b2279d5138) C:\Windows\system32\DRIVERS\sscdmdm.sys
22:03:18.0761 1220 sscdmdm - ok
22:03:18.0777 1220 sscdserd (208731a751357dd71c5a0345c77afd0a) C:\Windows\system32\DRIVERS\sscdserd.sys
22:03:18.0793 1220 sscdserd - ok
22:03:18.0808 1220 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:03:18.0808 1220 SSDPSRV - ok
22:03:18.0839 1220 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:03:18.0839 1220 SstpSvc - ok
22:03:18.0933 1220 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:03:18.0949 1220 Stereo Service - ok
22:03:18.0949 1220 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:03:18.0949 1220 stexstor - ok
22:03:18.0995 1220 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
22:03:18.0995 1220 stisvc - ok
22:03:19.0042 1220 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:03:19.0058 1220 swenum - ok
22:03:19.0089 1220 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:03:19.0089 1220 swprv - ok
22:03:19.0183 1220 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
22:03:19.0183 1220 SysMain - ok
22:03:19.0261 1220 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
22:03:19.0261 1220 TabletInputService - ok
22:03:19.0292 1220 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
22:03:19.0292 1220 TapiSrv - ok
22:03:19.0307 1220 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:03:19.0307 1220 TBS - ok
22:03:19.0385 1220 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
22:03:19.0417 1220 Tcpip - ok
22:03:19.0495 1220 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
22:03:19.0495 1220 TCPIP6 - ok
22:03:19.0541 1220 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:03:19.0541 1220 tcpipreg - ok
22:03:19.0557 1220 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:03:19.0557 1220 TDPIPE - ok
22:03:19.0573 1220 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
22:03:19.0588 1220 TDTCP - ok
22:03:19.0619 1220 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:03:19.0619 1220 tdx - ok
22:03:19.0635 1220 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:03:19.0651 1220 TermDD - ok
22:03:19.0697 1220 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
22:03:19.0697 1220 TermService - ok
22:03:19.0713 1220 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:03:19.0713 1220 Themes - ok
22:03:19.0744 1220 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:03:19.0744 1220 THREADORDER - ok
22:03:19.0744 1220 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:03:19.0744 1220 TrkWks - ok
22:03:19.0775 1220 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
22:03:19.0775 1220 TrustedInstaller - ok
22:03:19.0791 1220 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:03:19.0791 1220 tssecsrv - ok
22:03:19.0838 1220 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:03:19.0853 1220 TsUsbFlt - ok
22:03:19.0900 1220 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:03:19.0900 1220 tunnel - ok
22:03:19.0916 1220 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:03:19.0931 1220 uagp35 - ok
22:03:19.0963 1220 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:03:19.0963 1220 udfs - ok
22:03:19.0978 1220 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:03:19.0978 1220 UI0Detect - ok
22:03:20.0009 1220 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:03:20.0025 1220 uliagpkx - ok
22:03:20.0056 1220 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
22:03:20.0056 1220 umbus - ok
22:03:20.0072 1220 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:03:20.0072 1220 UmPass - ok
22:03:20.0103 1220 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:03:20.0119 1220 upnphost - ok
22:03:20.0134 1220 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
22:03:20.0134 1220 usbaudio - ok
22:03:20.0165 1220 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:03:20.0165 1220 usbccgp - ok
22:03:20.0212 1220 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:03:20.0228 1220 usbcir - ok
22:03:20.0228 1220 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
22:03:20.0243 1220 usbehci - ok
22:03:20.0275 1220 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
22:03:20.0290 1220 usbhub - ok
22:03:20.0290 1220 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
22:03:20.0306 1220 usbohci - ok
22:03:20.0306 1220 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:03:20.0321 1220 usbprint - ok
22:03:20.0353 1220 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:03:20.0368 1220 USBSTOR - ok
22:03:20.0368 1220 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
22:03:20.0368 1220 usbuhci - ok
22:03:20.0384 1220 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:03:20.0384 1220 UxSms - ok
22:03:20.0399 1220 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:03:20.0399 1220 VaultSvc - ok
22:03:20.0415 1220 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:03:20.0431 1220 vdrvroot - ok
22:03:20.0477 1220 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
22:03:20.0477 1220 vds - ok
22:03:20.0493 1220 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:03:20.0493 1220 vga - ok
22:03:20.0509 1220 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:03:20.0509 1220 VgaSave - ok
22:03:20.0540 1220 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:03:20.0555 1220 vhdmp - ok
22:03:20.0571 1220 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:03:20.0571 1220 viaide - ok
22:03:20.0602 1220 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:03:20.0618 1220 volmgr - ok
22:03:20.0665 1220 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:03:20.0665 1220 volmgrx - ok
22:03:20.0696 1220 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:03:20.0711 1220 volsnap - ok
22:03:20.0743 1220 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:03:20.0758 1220 vsmraid - ok
22:03:20.0821 1220 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
22:03:20.0852 1220 VSS - ok
22:03:20.0930 1220 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
22:03:20.0945 1220 vwifibus - ok
22:03:20.0977 1220 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:03:20.0992 1220 W32Time - ok
22:03:20.0992 1220 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:03:20.0992 1220 WacomPen - ok
22:03:21.0023 1220 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:03:21.0023 1220 WANARP - ok
22:03:21.0023 1220 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:03:21.0039 1220 Wanarpv6 - ok
22:03:21.0101 1220 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
22:03:21.0117 1220 WatAdminSvc - ok
22:03:21.0195 1220 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
22:03:21.0226 1220 wbengine - ok
22:03:21.0273 1220 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:03:21.0273 1220 WbioSrvc - ok
22:03:21.0304 1220 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
22:03:21.0304 1220 wcncsvc - ok
22:03:21.0320 1220 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:03:21.0320 1220 WcsPlugInService - ok
22:03:21.0335 1220 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:03:21.0335 1220 Wd - ok
22:03:21.0367 1220 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:03:21.0367 1220 Wdf01000 - ok
22:03:21.0382 1220 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:03:21.0382 1220 WdiServiceHost - ok
22:03:21.0382 1220 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:03:21.0382 1220 WdiSystemHost - ok
22:03:21.0413 1220 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
22:03:21.0429 1220 WebClient - ok
22:03:21.0445 1220 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:03:21.0445 1220 Wecsvc - ok
22:03:21.0460 1220 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:03:21.0460 1220 wercplsupport - ok
22:03:21.0491 1220 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:03:21.0491 1220 WerSvc - ok
22:03:21.0491 1220 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:03:21.0507 1220 WfpLwf - ok
22:03:21.0507 1220 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:03:21.0523 1220 WIMMount - ok
22:03:21.0554 1220 WinDefend - ok
22:03:21.0554 1220 WinHttpAutoProxySvc - ok
22:03:21.0601 1220 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:03:21.0616 1220 Winmgmt - ok
22:03:21.0788 1220 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
22:03:21.0819 1220 WinRM - ok
22:03:21.0881 1220 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
22:03:21.0897 1220 WinUsb - ok
22:03:21.0944 1220 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:03:21.0944 1220 Wlansvc - ok
22:03:22.0069 1220 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:03:22.0084 1220 wlidsvc - ok
22:03:22.0115 1220 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:03:22.0115 1220 WmiAcpi - ok
22:03:22.0147 1220 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:03:22.0147 1220 wmiApSrv - ok
22:03:22.0147 1220 WMPNetworkSvc - ok
22:03:22.0162 1220 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:03:22.0162 1220 WPCSvc - ok
22:03:22.0178 1220 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
22:03:22.0178 1220 WPDBusEnum - ok
22:03:22.0193 1220 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:03:22.0193 1220 ws2ifsl - ok
22:03:22.0209 1220 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
22:03:22.0209 1220 wscsvc - ok
22:03:22.0209 1220 WSearch - ok
22:03:22.0318 1220 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
22:03:22.0349 1220 wuauserv - ok
22:03:22.0396 1220 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:03:22.0396 1220 WudfPf - ok
22:03:22.0427 1220 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:03:22.0443 1220 WUDFRd - ok
22:03:22.0459 1220 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
22:03:22.0474 1220 wudfsvc - ok
22:03:22.0490 1220 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:03:22.0490 1220 WwanSvc - ok
22:03:22.0505 1220 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:03:22.0552 1220 \Device\Harddisk0\DR0 - ok
22:03:22.0552 1220 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
22:03:22.0755 1220 \Device\Harddisk1\DR1 - ok
22:03:22.0755 1220 Boot (0x1200) (1721c2dd0106b2c9036c75d3b3042202) \Device\Harddisk0\DR0\Partition0
22:03:22.0755 1220 \Device\Harddisk0\DR0\Partition0 - ok
22:03:22.0755 1220 Boot (0x1200) (eb855be781f3295f9e0b6c7b16d3536c) \Device\Harddisk1\DR1\Partition0
22:03:22.0771 1220 \Device\Harddisk1\DR1\Partition0 - ok
22:03:22.0771 1220 Boot (0x1200) (ba3c7a3c5da43e59089c7e57dd670437) \Device\Harddisk1\DR1\Partition1
22:03:22.0771 1220 \Device\Harddisk1\DR1\Partition1 - ok
22:03:22.0771 1220 ============================================================
22:03:22.0771 1220 Scan finished
22:03:22.0771 1220 ============================================================
22:03:22.0771 0212 Detected object count: 0
22:03:22.0771 0212 Actual detected object count: 0
22:04:54.0624 3764 Deinitialize success


aswMBR Log:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-11 22:12:23
-----------------------------
22:12:23.645 OS Version: Windows x64 6.1.7601 Service Pack 1
22:12:23.645 Number of processors: 4 586 0x1A05
22:12:23.661 ComputerName: JETLINE-060310C UserName: Gary
22:12:24.628 Initialize success
22:28:23.039 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:28:23.039 Disk 0 Vendor: WDC_WD7501AALS-00E3A0 05.01D05 Size: 715404MB BusType: 3
22:28:23.039 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
22:28:23.039 Disk 1 Vendor: WDC_WD5001AALS-00E3A0 05.01D05 Size: 476940MB BusType: 3
22:28:23.054 Disk 1 MBR read successfully
22:28:23.054 Disk 1 MBR scan
22:28:23.070 Disk 1 Windows 7 default MBR code
22:28:23.070 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:28:23.085 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
22:28:23.101 Disk 1 scanning C:\Windows\system32\drivers
22:28:27.235 Service scanning
22:28:35.706 Modules scanning
22:28:35.706 Disk 1 trace - called modules:
22:28:35.706 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
22:28:36.221 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8006b99060]
22:28:36.221 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa80068c9e40]
22:28:36.221 5 ACPI.sys[fffff88000d687a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa80068d5060]
22:28:36.221 Scan finished successfully
22:28:56.953 Disk 1 MBR has been saved successfully to "C:\Users\Gary\Desktop\MBR.dat"
22:28:56.953 The log file has been saved successfully to "C:\Users\Gary\Desktop\aswMBR.txt"













#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:23 AM

Posted 11 June 2012 - 10:10 PM

I agree nothing real bad there,Gary.. I did see a bunch of Flight Sim errors.. I would uninstall.. see if that helps then re install..
Microsoft Flight Simulator X (Version: 10.0.61355.0)
Microsoft Flight Simulator X SDK SP1A (Version: 10.0.61355.0)
Microsoft Flight Simulator X Service Pack 1 (Version: 10.0.61355.0)
Microsoft Flight Simulator X Service Pack 2 (Version: 10.0.61472.0)


Lets clear the Temp files
Run TFC by OT (Temp File Cleaner)
Please download TFC by Old Timer and save it to your desktop.
alternate download link

Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.



Java SE Runtime Environment (JRE) Version 7
Version Number: 7.0. Update 4



Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
    64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u4-windows-i586.exe (or jre-7u4-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 GaryGranath

GaryGranath
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, in the infamous Durham Triangle
  • Local time:01:23 AM

Posted 12 June 2012 - 08:47 PM

Oh boy. Uninstalling FSX is really an ambitious thing. I'm anxious just thinking about it. I have many, many, many addon aircraft, sceneries, textures, meshes, and so on. It has been my experience that if I merely
tweak something, everything goes down the tubes. I am not a young man anymore so I don't think as clearly as I used to and my ability to diagnose things isn't as sharp. I foresee a bag of snakes if I reinstall FS
and have to get all my custom mods running again.

My stomach is churning. I could literally be looking at weeks to get back to the stable Flight Sim operation I have now. Reinstall FSX would have to be an absolute last resort for me.

The performance issue I think I have isn't limited to when I'm running FS, so it seems reasonably unlikely that FS is involved. What do you think? Have we pretty much exhausted the standard tools for finding malware,
spyware, and viruses?

The toolset of choice has probably changed since I got help for bugs on my wife's Win XP system 2 1/2 years ago. We ran Hijack This, Malwarebytes, GMER, and Combofix. Maybe that's best for XP, or the tools you've
had me use are preferred over those older ones. Can we explore a few other options before an FS reinstall?

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:23 AM

Posted 12 June 2012 - 08:55 PM

OK, I can appreciate what you are saying so lets start a new topic. Get a deeper look and perhaps avoid it.

Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 GaryGranath

GaryGranath
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, in the infamous Durham Triangle
  • Local time:01:23 AM

Posted 11 August 2012 - 12:21 PM

I've had some serious health problems and haven't been able to get back to this for quite awhile. But I followed your directions as well as I could and posted the DDS files on the Removal Log forum. GMER didn't present me with a full set of checkboxes and GMER didn't find any problems using the three options I was able to select.

Maybe there isn't any malware on my system. I don't know. Although a phoney MSE Alert popped up since I last posted here so maybe we can pursue that. Do you want to try that? I have a screenshot.

GG

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:23 AM

Posted 11 August 2012 - 09:18 PM

Hope you feel better. Let the Malware folks review the logs and you will know what's up.

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 5 days and ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users