Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer infected with trojan Alureon.E


  • Please log in to reply
30 replies to this topic

#1 iamzim

iamzim

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:34 PM

Posted 14 June 2012 - 04:27 PM

I use Windows 7 64 bit.

I run Microsoft Security Essentials on my computer. When my computer was initially infected, MSE would not work so I uninstalled and then reinstalled it. In its scans, it finds the Alureon.E trojan. I tell it to remove it, but each time I receive this message: Error code 0x800704ec. This program is blocked by group policy. For more information, contact your system administrator. There is a a prompt asking to restart the computer to complete the cleaning, but doing so does not seem to make a differene because Alureon.E still pops up on the MSE scan.

My Windows Firewall is disabled and I cannot turn it back on. (Windows Firewall can't change some of your settings. Error code 0x80070424)
I am currently using Internet Explorer 9 64 bit because when I try to launch Chrome or Firefox, neither will open.

I've run Malwarebytes Anti-Malware, Spybot - Search & Destroy, and TDSSkiller (TDSS did not find anything?) to try to find and kill Alureon.E, but, I really do not know what I am doing, so here I am. Any help I can get would be greatly appreciated! Just tell me what to do and I'll follow it to a T.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:34 PM

Posted 14 June 2012 - 04:45 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 iamzim

iamzim
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:34 PM

Posted 15 June 2012 - 02:25 AM

Thank you for the fast reply! Okay, here's what I got. I'll edit with the other logs.

TDSS log:

02:35:00.0167 5792 TDSS rootkit removing tool 2.7.39.0 Jun 14 2012 08:11:46
02:35:00.0479 5792 ============================================================
02:35:00.0479 5792 Current date / time: 2012/06/15 02:35:00.0479
02:35:00.0479 5792 SystemInfo:
02:35:00.0479 5792
02:35:00.0495 5792 OS Version: 6.1.7601 ServicePack: 1.0
02:35:00.0495 5792 Product type: Workstation
02:35:00.0495 5792 ComputerName: AMANDA-PC
02:35:00.0495 5792 UserName: Amanda
02:35:00.0495 5792 Windows directory: C:\Windows
02:35:00.0495 5792 System windows directory: C:\Windows
02:35:00.0495 5792 Running under WOW64
02:35:00.0495 5792 Processor architecture: Intel x64
02:35:00.0495 5792 Number of processors: 4
02:35:00.0495 5792 Page size: 0x1000
02:35:00.0495 5792 Boot type: Normal boot
02:35:00.0495 5792 ============================================================
02:35:00.0994 5792 Drive \Device\Harddisk0\DR0 - Size: 0xE8D4A50000 (931.32 Gb), SectorSize: 0x200, Cylinders: 0x1DAE8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:35:01.0010 5792 Drive \Device\Harddisk1\DR1 - Size: 0x3C7C00000 (15.12 Gb), SectorSize: 0x200, Cylinders: 0x7B5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
02:35:01.0041 5792 ============================================================
02:35:01.0041 5792 \Device\Harddisk0\DR0:
02:35:01.0041 5792 MBR partitions:
02:35:01.0041 5792 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
02:35:01.0041 5792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72FCC800
02:35:01.0041 5792 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72FFF000, BlocksNum 0x16A1280
02:35:01.0041 5792 \Device\Harddisk1\DR1:
02:35:01.0041 5792 MBR partitions:
02:35:01.0041 5792 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x1E3DFC1
02:35:01.0041 5792 ============================================================
02:35:01.0134 5792 C: <-> \Device\Harddisk0\DR0\Partition1
02:35:01.0212 5792 D: <-> \Device\Harddisk0\DR0\Partition2
02:35:01.0212 5792 ============================================================
02:35:01.0212 5792 Initialize success
02:35:01.0212 5792 ============================================================
02:35:37.0451 5264 ============================================================
02:35:37.0451 5264 Scan started
02:35:37.0451 5264 Mode: Manual; TDLFS;
02:35:37.0451 5264 ============================================================
02:35:37.0919 5264 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
02:35:37.0935 5264 1394ohci - ok
02:35:38.0044 5264 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
02:35:38.0044 5264 ACDaemon - ok
02:35:38.0075 5264 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
02:35:38.0091 5264 ACPI - ok
02:35:38.0138 5264 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
02:35:38.0138 5264 AcpiPmi - ok
02:35:38.0247 5264 ACPService (92996a91e5afe1b763f95e6c59914d16) C:\Program Files (x86)\Philips\CamSuite\1.0.9.0\ACPService.exe
02:35:38.0262 5264 ACPService - ok
02:35:38.0403 5264 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:35:38.0403 5264 AdobeARMservice - ok
02:35:38.0528 5264 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
02:35:38.0543 5264 AdobeFlashPlayerUpdateSvc - ok
02:35:38.0652 5264 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
02:35:38.0668 5264 adp94xx - ok
02:35:38.0699 5264 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
02:35:38.0715 5264 adpahci - ok
02:35:38.0746 5264 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
02:35:38.0746 5264 adpu320 - ok
02:35:38.0762 5264 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
02:35:38.0777 5264 AeLookupSvc - ok
02:35:38.0840 5264 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
02:35:38.0855 5264 AFD - ok
02:35:38.0918 5264 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
02:35:38.0918 5264 agp440 - ok
02:35:38.0964 5264 ahcix64s (aa3f73ccbf498bd56800f840d75e40e4) C:\Windows\system32\DRIVERS\ahcix64s.sys
02:35:38.0964 5264 ahcix64s - ok
02:35:38.0980 5264 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
02:35:38.0980 5264 ALG - ok
02:35:38.0996 5264 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
02:35:38.0996 5264 aliide - ok
02:35:39.0042 5264 AMD External Events Utility (a592ca3ec9a5af7f74d5169d556b976f) C:\Windows\system32\atiesrxx.exe
02:35:39.0042 5264 AMD External Events Utility - ok
02:35:39.0167 5264 AMD FUEL Service - ok
02:35:39.0198 5264 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
02:35:39.0198 5264 amdide - ok
02:35:39.0214 5264 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
02:35:39.0214 5264 amdiox64 - ok
02:35:39.0245 5264 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
02:35:39.0245 5264 AmdK8 - ok
02:35:39.0760 5264 amdkmdag (1512ceedc3657082f396a0818528b5e8) C:\Windows\system32\DRIVERS\atikmdag.sys
02:35:39.0807 5264 amdkmdag - ok
02:35:39.0963 5264 amdkmdap (3d00276750e2d6f35228e12868cf1a46) C:\Windows\system32\DRIVERS\atikmpag.sys
02:35:39.0963 5264 amdkmdap - ok
02:35:39.0994 5264 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
02:35:39.0994 5264 AmdPPM - ok
02:35:40.0025 5264 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
02:35:40.0041 5264 amdsata - ok
02:35:40.0088 5264 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
02:35:40.0088 5264 amdsbs - ok
02:35:40.0103 5264 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
02:35:40.0103 5264 amdxata - ok
02:35:40.0197 5264 AMD_RAIDXpert (2b8d1c23d204c0e70eff48a3ffa1c67b) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
02:35:40.0290 5264 AMD_RAIDXpert - ok
02:35:40.0384 5264 AODDriver4.01 (0e2ba6dc63e9cf3bf275856735a3e3be) c:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
02:35:40.0384 5264 AODDriver4.01 - ok
02:35:40.0415 5264 AODDriver4.1 (0e2ba6dc63e9cf3bf275856735a3e3be) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
02:35:40.0415 5264 AODDriver4.1 - ok
02:35:40.0478 5264 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
02:35:40.0478 5264 AppID - ok
02:35:40.0493 5264 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
02:35:40.0493 5264 AppIDSvc - ok
02:35:40.0540 5264 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
02:35:40.0540 5264 Appinfo - ok
02:35:40.0602 5264 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
02:35:40.0618 5264 Apple Mobile Device - ok
02:35:40.0634 5264 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
02:35:40.0634 5264 arc - ok
02:35:40.0665 5264 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
02:35:40.0665 5264 arcsas - ok
02:35:40.0774 5264 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
02:35:40.0774 5264 aspnet_state - ok
02:35:40.0805 5264 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
02:35:40.0805 5264 AsyncMac - ok
02:35:40.0868 5264 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
02:35:40.0868 5264 atapi - ok
02:35:40.0992 5264 athr (7d89b0c443f6068e5b27aa3b972069ff) C:\Windows\system32\DRIVERS\athrx.sys
02:35:40.0992 5264 athr - ok
02:35:41.0117 5264 AtiHdmiService (d481083348138b4933acfe95812db71c) C:\Windows\system32\drivers\AtiHdmi.sys
02:35:41.0117 5264 AtiHdmiService - ok
02:35:41.0616 5264 atikmdag (1512ceedc3657082f396a0818528b5e8) C:\Windows\system32\DRIVERS\atikmdag.sys
02:35:41.0663 5264 atikmdag - ok
02:35:41.0741 5264 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
02:35:41.0741 5264 AtiPcie - ok
02:35:41.0813 5264 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
02:35:41.0816 5264 AudioEndpointBuilder - ok
02:35:41.0822 5264 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
02:35:41.0825 5264 AudioSrv - ok
02:35:41.0872 5264 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
02:35:41.0873 5264 AxInstSV - ok
02:35:41.0936 5264 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
02:35:41.0949 5264 b06bdrv - ok
02:35:42.0003 5264 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
02:35:42.0007 5264 b57nd60a - ok
02:35:42.0115 5264 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
02:35:42.0119 5264 BBSvc - ok
02:35:42.0181 5264 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
02:35:42.0186 5264 BBUpdate - ok
02:35:42.0226 5264 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
02:35:42.0227 5264 BDESVC - ok
02:35:42.0259 5264 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
02:35:42.0260 5264 Beep - ok
02:35:42.0402 5264 BingDesktopUpdate (1b63f2b7ca6b5290cc124cdd07520bc9) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
02:35:42.0403 5264 BingDesktopUpdate - ok
02:35:42.0463 5264 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
02:35:42.0468 5264 BITS - ok
02:35:42.0505 5264 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
02:35:42.0506 5264 blbdrive - ok
02:35:42.0607 5264 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
02:35:42.0614 5264 Bonjour Service - ok
02:35:42.0656 5264 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
02:35:42.0657 5264 bowser - ok
02:35:42.0685 5264 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:35:42.0686 5264 BrFiltLo - ok
02:35:42.0693 5264 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:35:42.0694 5264 BrFiltUp - ok
02:35:42.0732 5264 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
02:35:42.0734 5264 Browser - ok
02:35:42.0768 5264 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
02:35:42.0772 5264 Brserid - ok
02:35:42.0790 5264 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
02:35:42.0792 5264 BrSerWdm - ok
02:35:42.0808 5264 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
02:35:42.0809 5264 BrUsbMdm - ok
02:35:42.0822 5264 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
02:35:42.0823 5264 BrUsbSer - ok
02:35:42.0835 5264 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
02:35:42.0836 5264 BTHMODEM - ok
02:35:42.0882 5264 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
02:35:42.0886 5264 bthserv - ok
02:35:42.0917 5264 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS
02:35:42.0919 5264 BVRPMPR5a64 - ok
02:35:42.0961 5264 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
02:35:42.0964 5264 cdfs - ok
02:35:43.0016 5264 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
02:35:43.0019 5264 cdrom - ok
02:35:43.0068 5264 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
02:35:43.0071 5264 CertPropSvc - ok
02:35:43.0129 5264 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
02:35:43.0131 5264 circlass - ok
02:35:43.0178 5264 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
02:35:43.0195 5264 CLFS - ok
02:35:43.0275 5264 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:35:43.0279 5264 clr_optimization_v2.0.50727_32 - ok
02:35:43.0330 5264 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:35:43.0334 5264 clr_optimization_v2.0.50727_64 - ok
02:35:43.0437 5264 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:35:43.0441 5264 clr_optimization_v4.0.30319_32 - ok
02:35:43.0494 5264 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:35:43.0497 5264 clr_optimization_v4.0.30319_64 - ok
02:35:43.0517 5264 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
02:35:43.0519 5264 CmBatt - ok
02:35:43.0551 5264 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
02:35:43.0553 5264 cmdide - ok
02:35:43.0618 5264 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
02:35:43.0664 5264 CNG - ok
02:35:43.0712 5264 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
02:35:43.0714 5264 Compbatt - ok
02:35:43.0748 5264 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
02:35:43.0749 5264 CompositeBus - ok
02:35:43.0770 5264 COMSysApp - ok
02:35:43.0794 5264 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
02:35:43.0796 5264 crcdisk - ok
02:35:43.0851 5264 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
02:35:43.0853 5264 CryptSvc - ok
02:35:43.0922 5264 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
02:35:43.0933 5264 DcomLaunch - ok
02:35:43.0998 5264 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
02:35:44.0001 5264 defragsvc - ok
02:35:44.0037 5264 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
02:35:44.0038 5264 DfsC - ok
02:35:44.0104 5264 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
02:35:44.0110 5264 Dhcp - ok
02:35:44.0172 5264 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
02:35:44.0174 5264 discache - ok
02:35:44.0197 5264 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
02:35:44.0200 5264 Disk - ok
02:35:44.0241 5264 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
02:35:44.0246 5264 Dnscache - ok
02:35:44.0290 5264 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
02:35:44.0297 5264 dot3svc - ok
02:35:44.0350 5264 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
02:35:44.0354 5264 Dot4 - ok
02:35:44.0418 5264 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
02:35:44.0421 5264 Dot4Print - ok
02:35:44.0439 5264 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
02:35:44.0441 5264 dot4usb - ok
02:35:44.0474 5264 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
02:35:44.0478 5264 DPS - ok
02:35:44.0515 5264 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
02:35:44.0517 5264 drmkaud - ok
02:35:44.0603 5264 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
02:35:44.0613 5264 DXGKrnl - ok
02:35:44.0650 5264 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
02:35:44.0651 5264 EapHost - ok
02:35:44.0851 5264 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
02:35:44.0908 5264 ebdrv - ok
02:35:45.0011 5264 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
02:35:45.0014 5264 EFS - ok
02:35:45.0104 5264 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
02:35:45.0137 5264 ehRecvr - ok
02:35:45.0177 5264 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
02:35:45.0181 5264 ehSched - ok
02:35:45.0278 5264 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
02:35:45.0298 5264 elxstor - ok
02:35:45.0322 5264 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
02:35:45.0324 5264 ErrDev - ok
02:35:45.0396 5264 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
02:35:45.0403 5264 EventSystem - ok
02:35:45.0440 5264 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
02:35:45.0445 5264 exfat - ok
02:35:45.0476 5264 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
02:35:45.0480 5264 fastfat - ok
02:35:45.0492 5264 FastUserSwitchingCompatibility - ok
02:35:45.0552 5264 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
02:35:45.0564 5264 Fax - ok
02:35:45.0600 5264 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
02:35:45.0602 5264 fdc - ok
02:35:45.0621 5264 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
02:35:45.0624 5264 fdPHost - ok
02:35:45.0644 5264 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
02:35:45.0646 5264 FDResPub - ok
02:35:45.0664 5264 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
02:35:45.0666 5264 FileInfo - ok
02:35:45.0677 5264 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
02:35:45.0679 5264 Filetrace - ok
02:35:45.0816 5264 FLEXnet Licensing Service (d60ef46dc0e757fe5eb579db95b88954) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
02:35:45.0849 5264 FLEXnet Licensing Service - ok
02:35:46.0040 5264 FLEXnet Licensing Service 64 (5cee6cd43ae5844c49300ea0b1e557ee) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
02:35:46.0145 5264 FLEXnet Licensing Service 64 - ok
02:35:46.0225 5264 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
02:35:46.0227 5264 flpydisk - ok
02:35:46.0283 5264 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
02:35:46.0288 5264 FltMgr - ok
02:35:46.0404 5264 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
02:35:46.0423 5264 FontCache - ok
02:35:46.0504 5264 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:35:46.0506 5264 FontCache3.0.0.0 - ok
02:35:46.0539 5264 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
02:35:46.0541 5264 FsDepends - ok
02:35:46.0574 5264 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
02:35:46.0576 5264 Fs_Rec - ok
02:35:46.0633 5264 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
02:35:46.0639 5264 fvevol - ok
02:35:46.0670 5264 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
02:35:46.0673 5264 gagp30kx - ok
02:35:46.0756 5264 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
02:35:46.0762 5264 GameConsoleService - ok
02:35:46.0795 5264 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
02:35:46.0796 5264 GEARAspiWDM - ok
02:35:46.0861 5264 GManager (bab3d4a08950b54d7a7f17708990b6b4) C:\Windows\system32\GManager.exe
02:35:46.0868 5264 GManager - ok
02:35:46.0940 5264 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
02:35:46.0946 5264 gpsvc - ok
02:35:47.0019 5264 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:35:47.0021 5264 gupdate - ok
02:35:47.0043 5264 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:35:47.0046 5264 gupdatem - ok
02:35:47.0070 5264 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
02:35:47.0072 5264 hcw85cir - ok
02:35:47.0127 5264 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
02:35:47.0130 5264 HDAudBus - ok
02:35:47.0150 5264 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
02:35:47.0152 5264 HidBatt - ok
02:35:47.0175 5264 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
02:35:47.0177 5264 HidBth - ok
02:35:47.0195 5264 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
02:35:47.0197 5264 HidIr - ok
02:35:47.0219 5264 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
02:35:47.0220 5264 hidserv - ok
02:35:47.0243 5264 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
02:35:47.0254 5264 HidUsb - ok
02:35:47.0289 5264 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
02:35:47.0291 5264 hkmsvc - ok
02:35:47.0331 5264 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
02:35:47.0334 5264 HomeGroupListener - ok
02:35:47.0368 5264 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
02:35:47.0372 5264 HomeGroupProvider - ok
02:35:47.0470 5264 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
02:35:47.0475 5264 hpqcxs08 - ok
02:35:47.0515 5264 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
02:35:47.0518 5264 hpqddsvc - ok
02:35:47.0579 5264 hpqwmiex (fdf273a845f1ffcceadf363aaf47582f) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
02:35:47.0583 5264 hpqwmiex - ok
02:35:47.0625 5264 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
02:35:47.0628 5264 HpSAMD - ok
02:35:47.0727 5264 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
02:35:47.0738 5264 HTTP - ok
02:35:47.0777 5264 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
02:35:47.0779 5264 hwpolicy - ok
02:35:47.0813 5264 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
02:35:47.0816 5264 i8042prt - ok
02:35:47.0859 5264 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
02:35:47.0873 5264 iaStorV - ok
02:35:47.0991 5264 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:35:48.0014 5264 idsvc - ok
02:35:48.0031 5264 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
02:35:48.0032 5264 iirsp - ok
02:35:48.0093 5264 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
02:35:48.0097 5264 IKEEXT - ok
02:35:48.0228 5264 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
02:35:48.0239 5264 IntcAzAudAddService - ok
02:35:48.0333 5264 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
02:35:48.0335 5264 intelide - ok
02:35:48.0383 5264 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
02:35:48.0385 5264 intelppm - ok
02:35:48.0419 5264 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
02:35:48.0423 5264 IPBusEnum - ok
02:35:48.0459 5264 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:35:48.0461 5264 IpFilterDriver - ok
02:35:48.0498 5264 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
02:35:48.0500 5264 IPMIDRV - ok
02:35:48.0534 5264 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
02:35:48.0536 5264 IPNAT - ok
02:35:48.0679 5264 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
02:35:48.0692 5264 iPod Service - ok
02:35:48.0714 5264 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
02:35:48.0715 5264 IRENUM - ok
02:35:48.0732 5264 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
02:35:48.0733 5264 isapnp - ok
02:35:48.0784 5264 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
02:35:48.0791 5264 iScsiPrt - ok
02:35:48.0822 5264 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
02:35:48.0823 5264 kbdclass - ok
02:35:48.0865 5264 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
02:35:48.0866 5264 kbdhid - ok
02:35:48.0899 5264 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:35:48.0903 5264 KeyIso - ok
02:35:48.0926 5264 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
02:35:48.0930 5264 KSecDD - ok
02:35:48.0962 5264 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
02:35:48.0965 5264 KSecPkg - ok
02:35:48.0979 5264 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
02:35:48.0980 5264 ksthunk - ok
02:35:49.0017 5264 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
02:35:49.0025 5264 KtmRm - ok
02:35:49.0094 5264 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
02:35:49.0101 5264 LanmanServer - ok
02:35:49.0155 5264 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
02:35:49.0162 5264 LanmanWorkstation - ok
02:35:49.0233 5264 LightScribeService (2238b91ac1a12cc6cc4c4fed41258b2a) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
02:35:49.0235 5264 LightScribeService - ok
02:35:49.0269 5264 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
02:35:49.0271 5264 lltdio - ok
02:35:49.0331 5264 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
02:35:49.0350 5264 lltdsvc - ok
02:35:49.0379 5264 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
02:35:49.0382 5264 lmhosts - ok
02:35:49.0433 5264 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
02:35:49.0437 5264 LSI_FC - ok
02:35:49.0474 5264 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
02:35:49.0476 5264 LSI_SAS - ok
02:35:49.0490 5264 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:35:49.0492 5264 LSI_SAS2 - ok
02:35:49.0516 5264 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:35:49.0518 5264 LSI_SCSI - ok
02:35:49.0569 5264 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
02:35:49.0571 5264 luafv - ok
02:35:49.0587 5264 LVPr2M64 - ok
02:35:49.0664 5264 LVRS64 (ef586b959f747e74c76603ff16ae417b) C:\Windows\system32\DRIVERS\lvrs64.sys
02:35:49.0680 5264 LVRS64 - ok
02:35:49.0935 5264 LVUVC64 (edf73bfa1bd24d74d1d64dc0ed28a7cd) C:\Windows\system32\DRIVERS\lvuvc64.sys
02:35:50.0020 5264 LVUVC64 - ok
02:35:50.0098 5264 MBAMProtector - ok
02:35:50.0222 5264 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
02:35:50.0247 5264 MBAMService - ok
02:35:50.0329 5264 MCTDesktopSvr (3e23a0792d5ee0a072961e9e9f347368) C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
02:35:50.0332 5264 MCTDesktopSvr - ok
02:35:50.0384 5264 mctkmd (1bcdb4163f9f75f3c560447145e48062) C:\Windows\system32\drivers\mctkmd64.sys
02:35:50.0387 5264 mctkmd - ok
02:35:50.0401 5264 mctkmdldr (7e622c16ca2798b352c0b31dbb208cbd) C:\Windows\system32\drivers\mctkmdldr64.sys
02:35:50.0403 5264 mctkmdldr - ok
02:35:50.0451 5264 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
02:35:50.0456 5264 Mcx2Svc - ok
02:35:50.0485 5264 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
02:35:50.0487 5264 megasas - ok
02:35:50.0529 5264 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
02:35:50.0533 5264 MegaSR - ok
02:35:50.0615 5264 MemeoBackgroundService (9547f37d0e899fd71b52b2afd4437c79) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
02:35:50.0617 5264 MemeoBackgroundService - ok
02:35:50.0777 5264 mi-raysat_3dsmax2012_64 (0af89452a8ce3928168f4e5b2208c68b) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
02:35:50.0841 5264 mi-raysat_3dsmax2012_64 - ok
02:35:50.0874 5264 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
02:35:50.0876 5264 MMCSS - ok
02:35:50.0897 5264 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
02:35:50.0899 5264 Modem - ok
02:35:50.0957 5264 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
02:35:50.0957 5264 monitor - ok
02:35:51.0008 5264 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
02:35:51.0009 5264 mouclass - ok
02:35:51.0032 5264 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
02:35:51.0043 5264 mouhid - ok
02:35:51.0083 5264 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
02:35:51.0085 5264 mountmgr - ok
02:35:51.0156 5264 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
02:35:51.0159 5264 MozillaMaintenance - ok
02:35:51.0218 5264 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
02:35:51.0222 5264 MpFilter - ok
02:35:51.0265 5264 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
02:35:51.0270 5264 mpio - ok
02:35:51.0293 5264 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
02:35:51.0297 5264 mpsdrv - ok
02:35:51.0336 5264 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
02:35:51.0340 5264 MRxDAV - ok
02:35:51.0384 5264 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
02:35:51.0387 5264 mrxsmb - ok
02:35:51.0435 5264 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:35:51.0440 5264 mrxsmb10 - ok
02:35:51.0482 5264 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:35:51.0485 5264 mrxsmb20 - ok
02:35:51.0510 5264 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
02:35:51.0512 5264 msahci - ok
02:35:51.0557 5264 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
02:35:51.0561 5264 msdsm - ok
02:35:51.0606 5264 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
02:35:51.0612 5264 MSDTC - ok
02:35:51.0645 5264 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
02:35:51.0646 5264 Msfs - ok
02:35:51.0666 5264 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
02:35:51.0667 5264 mshidkmdf - ok
02:35:51.0674 5264 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
02:35:51.0675 5264 msisadrv - ok
02:35:51.0704 5264 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
02:35:51.0708 5264 MSiSCSI - ok
02:35:51.0711 5264 msiserver - ok
02:35:51.0743 5264 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
02:35:51.0744 5264 MSKSSRV - ok
02:35:51.0818 5264 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
02:35:51.0819 5264 MsMpSvc - ok
02:35:51.0848 5264 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
02:35:51.0849 5264 MSPCLOCK - ok
02:35:51.0857 5264 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
02:35:51.0858 5264 MSPQM - ok
02:35:51.0909 5264 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
02:35:51.0929 5264 MsRPC - ok
02:35:51.0952 5264 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
02:35:51.0953 5264 mssmbios - ok
02:35:52.0035 5264 MSSQL$SQLEXPRESS - ok
02:35:52.0143 5264 MSSQLServerADHelper100 (7a2a8c975356858eb38466a6b1592e8d) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
02:35:52.0146 5264 MSSQLServerADHelper100 - ok
02:35:52.0166 5264 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
02:35:52.0168 5264 MSTEE - ok
02:35:52.0183 5264 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
02:35:52.0185 5264 MTConfig - ok
02:35:52.0212 5264 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
02:35:52.0215 5264 Mup - ok
02:35:52.0284 5264 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
02:35:52.0294 5264 napagent - ok
02:35:52.0345 5264 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
02:35:52.0350 5264 NativeWifiP - ok
02:35:52.0442 5264 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
02:35:52.0465 5264 NDIS - ok
02:35:52.0484 5264 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
02:35:52.0485 5264 NdisCap - ok
02:35:52.0517 5264 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
02:35:52.0518 5264 NdisTapi - ok
02:35:52.0551 5264 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
02:35:52.0551 5264 Ndisuio - ok
02:35:52.0598 5264 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
02:35:52.0601 5264 NdisWan - ok
02:35:52.0637 5264 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
02:35:52.0639 5264 NDProxy - ok
02:35:52.0701 5264 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
02:35:52.0704 5264 Net Driver HPZ12 - ok
02:35:52.0724 5264 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
02:35:52.0726 5264 NetBIOS - ok
02:35:52.0785 5264 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
02:35:52.0790 5264 NetBT - ok
02:35:52.0821 5264 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:35:52.0825 5264 Netlogon - ok
02:35:52.0886 5264 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
02:35:52.0894 5264 Netman - ok
02:35:52.0973 5264 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:35:52.0978 5264 NetMsmqActivator - ok
02:35:52.0986 5264 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:35:52.0989 5264 NetPipeActivator - ok
02:35:53.0036 5264 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
02:35:53.0045 5264 netprofm - ok
02:35:53.0058 5264 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:35:53.0061 5264 NetTcpActivator - ok
02:35:53.0070 5264 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:35:53.0071 5264 NetTcpPortSharing - ok
02:35:53.0121 5264 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
02:35:53.0123 5264 nfrd960 - ok
02:35:53.0164 5264 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
02:35:53.0167 5264 NisDrv - ok
02:35:53.0247 5264 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
02:35:53.0254 5264 NisSrv - ok
02:35:53.0318 5264 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
02:35:53.0326 5264 NlaSvc - ok
02:35:53.0377 5264 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
02:35:53.0379 5264 Npfs - ok
02:35:53.0405 5264 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
02:35:53.0409 5264 nsi - ok
02:35:53.0426 5264 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
02:35:53.0427 5264 nsiproxy - ok
02:35:53.0574 5264 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
02:35:53.0599 5264 Ntfs - ok
02:35:53.0700 5264 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
02:35:53.0702 5264 Null - ok
02:35:53.0756 5264 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
02:35:53.0758 5264 nvraid - ok
02:35:53.0779 5264 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
02:35:53.0784 5264 nvstor - ok
02:35:53.0806 5264 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
02:35:53.0810 5264 nv_agp - ok
02:35:53.0926 5264 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
02:35:53.0941 5264 odserv - ok
02:35:53.0983 5264 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
02:35:53.0986 5264 ohci1394 - ok
02:35:54.0036 5264 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:35:54.0038 5264 ose - ok
02:35:54.0085 5264 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
02:35:54.0089 5264 p2pimsvc - ok
02:35:54.0134 5264 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
02:35:54.0138 5264 p2psvc - ok
02:35:54.0188 5264 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
02:35:54.0191 5264 Parport - ok
02:35:54.0237 5264 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
02:35:54.0240 5264 partmgr - ok
02:35:54.0271 5264 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
02:35:54.0277 5264 PcaSvc - ok
02:35:54.0308 5264 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
02:35:54.0311 5264 pci - ok
02:35:54.0327 5264 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
02:35:54.0329 5264 pciide - ok
02:35:54.0363 5264 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
02:35:54.0368 5264 pcmcia - ok
02:35:54.0402 5264 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
02:35:54.0405 5264 pcw - ok
02:35:54.0460 5264 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
02:35:54.0470 5264 PEAUTH - ok
02:35:54.0552 5264 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
02:35:54.0555 5264 PerfHost - ok
02:35:54.0636 5264 phaudlwr (fe8af03efec0387fbbfcfd32e328db9a) C:\Windows\system32\DRIVERS\phaudlwr.sys
02:35:54.0640 5264 phaudlwr - ok
02:35:54.0726 5264 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
02:35:54.0761 5264 pla - ok
02:35:54.0822 5264 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
02:35:54.0833 5264 PlugPlay - ok
02:35:54.0886 5264 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
02:35:54.0887 5264 Pml Driver HPZ12 - ok
02:35:54.0910 5264 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
02:35:54.0912 5264 PNRPAutoReg - ok
02:35:54.0942 5264 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
02:35:54.0946 5264 PNRPsvc - ok
02:35:54.0984 5264 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
02:35:54.0988 5264 PolicyAgent - ok
02:35:55.0023 5264 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
02:35:55.0026 5264 Power - ok
02:35:55.0079 5264 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
02:35:55.0082 5264 PptpMiniport - ok
02:35:55.0144 5264 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
02:35:55.0146 5264 Processor - ok
02:35:55.0171 5264 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
02:35:55.0174 5264 ProfSvc - ok
02:35:55.0211 5264 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:35:55.0212 5264 ProtectedStorage - ok
02:35:55.0252 5264 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
02:35:55.0254 5264 Psched - ok
02:35:55.0305 5264 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
02:35:55.0308 5264 PxHlpa64 - ok
02:35:55.0434 5264 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
02:35:55.0463 5264 ql2300 - ok
02:35:55.0568 5264 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
02:35:55.0572 5264 ql40xx - ok
02:35:55.0621 5264 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
02:35:55.0630 5264 QWAVE - ok
02:35:55.0669 5264 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
02:35:55.0674 5264 QWAVEdrv - ok
02:35:55.0695 5264 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
02:35:55.0697 5264 RasAcd - ok
02:35:55.0744 5264 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
02:35:55.0746 5264 RasAgileVpn - ok
02:35:55.0773 5264 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
02:35:55.0779 5264 RasAuto - ok
02:35:55.0819 5264 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
02:35:55.0822 5264 Rasl2tp - ok
02:35:55.0885 5264 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
02:35:55.0925 5264 RasMan - ok
02:35:55.0964 5264 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
02:35:55.0966 5264 RasPppoe - ok
02:35:56.0014 5264 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
02:35:56.0016 5264 RasSstp - ok
02:35:56.0068 5264 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
02:35:56.0074 5264 rdbss - ok
02:35:56.0115 5264 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
02:35:56.0117 5264 rdpbus - ok
02:35:56.0135 5264 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
02:35:56.0136 5264 RDPCDD - ok
02:35:56.0162 5264 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
02:35:56.0163 5264 RDPENCDD - ok
02:35:56.0172 5264 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
02:35:56.0173 5264 RDPREFMP - ok
02:35:56.0209 5264 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
02:35:56.0212 5264 RDPWD - ok
02:35:56.0265 5264 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
02:35:56.0271 5264 rdyboost - ok
02:35:56.0317 5264 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
02:35:56.0322 5264 RemoteAccess - ok
02:35:56.0358 5264 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
02:35:56.0366 5264 RemoteRegistry - ok
02:35:56.0414 5264 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
02:35:56.0416 5264 RimUsb - ok
02:35:56.0440 5264 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
02:35:56.0445 5264 RpcEptMapper - ok
02:35:56.0461 5264 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
02:35:56.0465 5264 RpcLocator - ok
02:35:56.0529 5264 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
02:35:56.0540 5264 RpcSs - ok
02:35:56.0626 5264 RsFx0105 (c9fe05a63c500abe3afa5786504c4d36) C:\Windows\system32\DRIVERS\RsFx0105.sys
02:35:56.0645 5264 RsFx0105 - ok
02:35:56.0690 5264 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
02:35:56.0692 5264 rspndr - ok
02:35:56.0735 5264 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\Windows\system32\DRIVERS\Rt64win7.sys
02:35:56.0739 5264 RTL8167 - ok
02:35:56.0778 5264 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:35:56.0781 5264 SamSs - ok
02:35:56.0818 5264 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
02:35:56.0822 5264 sbp2port - ok
02:35:56.0996 5264 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
02:35:57.0006 5264 SBSDWSCService - ok
02:35:57.0043 5264 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
02:35:57.0047 5264 SCardSvr - ok
02:35:57.0110 5264 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
02:35:57.0112 5264 scfilter - ok
02:35:57.0212 5264 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
02:35:57.0221 5264 Schedule - ok
02:35:57.0267 5264 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
02:35:57.0268 5264 SCPolicySvc - ok
02:35:57.0315 5264 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
02:35:57.0323 5264 SDRSVC - ok
02:35:57.0359 5264 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
02:35:57.0360 5264 secdrv - ok
02:35:57.0404 5264 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
02:35:57.0410 5264 seclogon - ok
02:35:57.0436 5264 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
02:35:57.0441 5264 SENS - ok
02:35:57.0462 5264 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
02:35:57.0467 5264 SensrSvc - ok
02:35:57.0492 5264 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
02:35:57.0494 5264 Serenum - ok
02:35:57.0544 5264 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
02:35:57.0547 5264 Serial - ok
02:35:57.0577 5264 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
02:35:57.0579 5264 sermouse - ok
02:35:57.0621 5264 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
02:35:57.0623 5264 SessionEnv - ok
02:35:57.0662 5264 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
02:35:57.0664 5264 sffdisk - ok
02:35:57.0688 5264 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
02:35:57.0690 5264 sffp_mmc - ok
02:35:57.0717 5264 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
02:35:57.0719 5264 sffp_sd - ok
02:35:57.0736 5264 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
02:35:57.0738 5264 sfloppy - ok
02:35:57.0797 5264 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
02:35:57.0802 5264 ShellHWDetection - ok
02:35:57.0824 5264 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:35:57.0826 5264 SiSRaid2 - ok
02:35:57.0849 5264 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
02:35:57.0850 5264 SiSRaid4 - ok
02:35:58.0122 5264 Skype C2C Service (4ca43b85f22c7739311788b651a779cb) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
02:35:58.0142 5264 Skype C2C Service - ok
02:35:58.0249 5264 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe
02:35:58.0251 5264 SkypeUpdate - ok
02:35:58.0395 5264 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
02:35:58.0398 5264 Smb - ok
02:35:58.0452 5264 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
02:35:58.0458 5264 SNMPTRAP - ok
02:35:58.0665 5264 SPC1330 (88cc2a38b87925e1f6a6bb515014d05c) C:\Windows\system32\DRIVERS\spc1330.sys
02:35:58.0744 5264 SPC1330 - ok
02:35:58.0789 5264 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
02:35:58.0790 5264 spldr - ok
02:35:58.0858 5264 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
02:35:58.0870 5264 Spooler - ok
02:35:59.0109 5264 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
02:35:59.0134 5264 sppsvc - ok
02:35:59.0181 5264 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
02:35:59.0182 5264 sppuinotify - ok
02:35:59.0325 5264 SQLAgent$SQLEXPRESS (45e65fb17a4cd5facbd3ca16c8334c82) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
02:35:59.0349 5264 SQLAgent$SQLEXPRESS - ok
02:35:59.0458 5264 SQLBrowser (10d936dced9eacd1a1b3fcdda6d7a4eb) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
02:35:59.0462 5264 SQLBrowser - ok
02:35:59.0529 5264 SQLWriter (f92e5f93be572b512da3c016b675ede0) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
02:35:59.0532 5264 SQLWriter - ok
02:35:59.0606 5264 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
02:35:59.0614 5264 srv - ok
02:35:59.0660 5264 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
02:35:59.0667 5264 srv2 - ok
02:35:59.0693 5264 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
02:35:59.0697 5264 srvnet - ok
02:35:59.0738 5264 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
02:35:59.0745 5264 SSDPSRV - ok
02:35:59.0773 5264 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
02:35:59.0777 5264 SstpSvc - ok
02:35:59.0818 5264 Steam Client Service - ok
02:35:59.0852 5264 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
02:35:59.0853 5264 stexstor - ok
02:35:59.0917 5264 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
02:35:59.0923 5264 stisvc - ok
02:35:59.0955 5264 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
02:35:59.0955 5264 swenum - ok
02:36:00.0057 5264 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
02:36:00.0139 5264 SwitchBoard - ok
02:36:00.0167 5264 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
02:36:00.0171 5264 swprv - ok
02:36:00.0307 5264 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
02:36:00.0321 5264 SysMain - ok
02:36:00.0480 5264 t1pusb64 (0b57e93661834bbb0c1fe7cc9f259c11) C:\Windows\system32\drivers\t1pusb64.sys
02:36:00.0484 5264 t1pusb64 - ok
02:36:00.0528 5264 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
02:36:00.0534 5264 TabletInputService - ok
02:36:00.0766 5264 TabletServicePen (37bea19dbd43301fd987f5d277dfbea5) C:\Windows\system32\Pen_Tablet.exe
02:36:01.0091 5264 TabletServicePen - ok
02:36:01.0214 5264 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
02:36:01.0234 5264 TapiSrv - ok
02:36:01.0273 5264 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
02:36:01.0280 5264 TBS - ok
02:36:01.0428 5264 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
02:36:01.0499 5264 Tcpip - ok
02:36:01.0681 5264 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
02:36:01.0694 5264 TCPIP6 - ok
02:36:01.0754 5264 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
02:36:01.0756 5264 tcpipreg - ok
02:36:01.0798 5264 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
02:36:01.0800 5264 TDPIPE - ok
02:36:01.0835 5264 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
02:36:01.0837 5264 TDTCP - ok
02:36:01.0882 5264 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
02:36:01.0884 5264 tdx - ok
02:36:01.0914 5264 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
02:36:01.0917 5264 TermDD - ok
02:36:01.0978 5264 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
02:36:01.0992 5264 TermService - ok
02:36:02.0023 5264 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
02:36:02.0025 5264 Themes - ok
02:36:02.0065 5264 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
02:36:02.0069 5264 THREADORDER - ok
02:36:02.0096 5264 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
02:36:02.0102 5264 TrkWks - ok
02:36:02.0150 5264 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
02:36:02.0154 5264 TrustedInstaller - ok
02:36:02.0204 5264 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
02:36:02.0207 5264 tssecsrv - ok
02:36:02.0249 5264 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
02:36:02.0252 5264 TsUsbFlt - ok
02:36:02.0307 5264 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
02:36:02.0310 5264 tunnel - ok
02:36:02.0346 5264 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
02:36:02.0350 5264 uagp35 - ok
02:36:02.0391 5264 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
02:36:02.0396 5264 udfs - ok
02:36:02.0421 5264 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
02:36:02.0424 5264 UI0Detect - ok
02:36:02.0446 5264 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
02:36:02.0448 5264 uliagpkx - ok
02:36:02.0497 5264 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
02:36:02.0499 5264 umbus - ok
02:36:02.0532 5264 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
02:36:02.0534 5264 UmPass - ok
02:36:02.0583 5264 UMVPFSrv - ok
02:36:02.0626 5264 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
02:36:02.0631 5264 upnphost - ok
02:36:02.0680 5264 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
02:36:02.0682 5264 usbaudio - ok
02:36:02.0729 5264 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
02:36:02.0732 5264 usbccgp - ok
02:36:02.0773 5264 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
02:36:02.0776 5264 usbcir - ok
02:36:02.0815 5264 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
02:36:02.0816 5264 usbehci - ok
02:36:02.0854 5264 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys
02:36:02.0856 5264 usbfilter - ok
02:36:02.0934 5264 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
02:36:02.0940 5264 usbhub - ok
02:36:02.0976 5264 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
02:36:02.0978 5264 usbohci - ok
02:36:03.0020 5264 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
02:36:03.0022 5264 usbprint - ok
02:36:03.0046 5264 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
02:36:03.0047 5264 usbscan - ok
02:36:03.0085 5264 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:36:03.0086 5264 USBSTOR - ok
02:36:03.0112 5264 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
02:36:03.0114 5264 usbuhci - ok
02:36:03.0159 5264 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
02:36:03.0165 5264 usbvideo - ok
02:36:03.0192 5264 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
02:36:03.0197 5264 UxSms - ok
02:36:03.0221 5264 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:36:03.0225 5264 VaultSvc - ok
02:36:03.0265 5264 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
02:36:03.0267 5264 vdrvroot - ok
02:36:03.0340 5264 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
02:36:03.0382 5264 vds - ok
02:36:03.0419 5264 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
02:36:03.0422 5264 vga - ok
02:36:03.0445 5264 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
02:36:03.0446 5264 VgaSave - ok
02:36:03.0487 5264 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
02:36:03.0493 5264 vhdmp - ok
02:36:03.0511 5264 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
02:36:03.0513 5264 viaide - ok
02:36:03.0540 5264 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
02:36:03.0544 5264 volmgr - ok
02:36:03.0602 5264 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
02:36:03.0618 5264 volmgrx - ok
02:36:03.0656 5264 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
02:36:03.0676 5264 volsnap - ok
02:36:03.0724 5264 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
02:36:03.0728 5264 vsmraid - ok
02:36:03.0864 5264 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
02:36:03.0880 5264 VSS - ok
02:36:03.0995 5264 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
02:36:03.0996 5264 vwifibus - ok
02:36:04.0013 5264 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
02:36:04.0015 5264 vwififlt - ok
02:36:04.0041 5264 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
02:36:04.0041 5264 vwifimp - ok
02:36:04.0077 5264 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
02:36:04.0082 5264 W32Time - ok
02:36:04.0123 5264 wacmoumonitor (37e4600e2cdad3c1a3613a25b97d457c) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
02:36:04.0124 5264 wacmoumonitor - ok
02:36:04.0163 5264 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
02:36:04.0165 5264 wacommousefilter - ok
02:36:04.0187 5264 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
02:36:04.0189 5264 WacomPen - ok
02:36:04.0212 5264 wacomvhid (53b03e71e88109a5c3c074a33889258a) C:\Windows\system32\DRIVERS\wacomvhid.sys
02:36:04.0213 5264 wacomvhid - ok
02:36:04.0240 5264 WacomVKHid (8b4255329edfba3ecfbd0714476fad38) C:\Windows\system32\DRIVERS\WacomVKHid.sys
02:36:04.0240 5264 WacomVKHid - ok
02:36:04.0294 5264 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
02:36:04.0295 5264 WANARP - ok
02:36:04.0299 5264 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
02:36:04.0300 5264 Wanarpv6 - ok
02:36:04.0406 5264 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
02:36:04.0417 5264 WatAdminSvc - ok
02:36:04.0546 5264 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
02:36:04.0572 5264 wbengine - ok
02:36:04.0687 5264 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
02:36:04.0696 5264 WbioSrvc - ok
02:36:04.0760 5264 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
02:36:04.0769 5264 wcncsvc - ok
02:36:04.0786 5264 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
02:36:04.0793 5264 WcsPlugInService - ok
02:36:04.0826 5264 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
02:36:04.0828 5264 Wd - ok
02:36:04.0869 5264 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
02:36:04.0871 5264 WDC_SAM - ok
02:36:04.0964 5264 WDDMService (e6050fe6b60fa91188b8abdb5b1e339f) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
02:36:04.0969 5264 WDDMService - ok
02:36:05.0040 5264 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
02:36:05.0065 5264 Wdf01000 - ok
02:36:05.0205 5264 WDFME (b83d5071b32a70bebdb3330bfa7acb80) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
02:36:05.0307 5264 WDFME - ok
02:36:05.0404 5264 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
02:36:05.0410 5264 WdiServiceHost - ok
02:36:05.0417 5264 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
02:36:05.0423 5264 WdiSystemHost - ok
02:36:05.0468 5264 WDSC (517de2c5568cba6b2a24a557ac60c30b) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
02:36:05.0490 5264 WDSC - ok
02:36:05.0534 5264 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
02:36:05.0539 5264 WebClient - ok
02:36:05.0561 5264 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
02:36:05.0566 5264 Wecsvc - ok
02:36:05.0583 5264 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
02:36:05.0585 5264 wercplsupport - ok
02:36:05.0610 5264 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
02:36:05.0613 5264 WerSvc - ok
02:36:05.0664 5264 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
02:36:05.0664 5264 WfpLwf - ok
02:36:05.0680 5264 wiazwvpe - ok
02:36:05.0704 5264 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
02:36:05.0705 5264 WIMMount - ok
02:36:05.0713 5264 WinHttpAutoProxySvc - ok
02:36:05.0778 5264 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
02:36:05.0783 5264 Winmgmt - ok
02:36:05.0947 5264 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
02:36:05.0992 5264 WinRM - ok
02:36:06.0107 5264 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
02:36:06.0110 5264 WinUsb - ok
02:36:06.0182 5264 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
02:36:06.0190 5264 Wlansvc - ok
02:36:06.0211 5264 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
02:36:06.0213 5264 WmiAcpi - ok
02:36:06.0249 5264 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
02:36:06.0252 5264 wmiApSrv - ok
02:36:06.0297 5264 WMPNetworkSvc - ok
02:36:06.0312 5264 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
02:36:06.0318 5264 WPCSvc - ok
02:36:06.0370 5264 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
02:36:06.0377 5264 WPDBusEnum - ok
02:36:06.0408 5264 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
02:36:06.0411 5264 ws2ifsl - ok
02:36:06.0418 5264 WSearch - ok
02:36:06.0603 5264 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
02:36:06.0622 5264 wuauserv - ok
02:36:06.0696 5264 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
02:36:06.0699 5264 WudfPf - ok
02:36:06.0743 5264 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
02:36:06.0746 5264 WUDFRd - ok
02:36:06.0798 5264 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
02:36:06.0804 5264 wudfsvc - ok
02:36:06.0834 5264 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
02:36:06.0844 5264 WwanSvc - ok
02:36:06.0893 5264 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
02:36:06.0896 5264 xusb21 - ok
02:36:07.0004 5264 {55662437-DA8C-40c0-AADA-2C816A897A49} (74983addca2d9618512c088d856d6615) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
02:36:07.0007 5264 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
02:36:07.0049 5264 MBR (0x1B8) (1bb1462097f8fa16fdfca55c20a30ef4) \Device\Harddisk0\DR0
02:36:07.0391 5264 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
02:36:07.0391 5264 \Device\Harddisk0\DR0 - detected TDSS File System (1)
02:36:07.0402 5264 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk1\DR1
02:36:07.0607 5264 \Device\Harddisk1\DR1 - ok
02:36:07.0691 5264 Boot (0x1200) (684425478dd3e7d901f57c6528f3b338) \Device\Harddisk0\DR0\Partition0
02:36:07.0694 5264 \Device\Harddisk0\DR0\Partition0 - ok
02:36:07.0714 5264 Boot (0x1200) (b60b5ae7133595e970dfd2f429dc5abd) \Device\Harddisk0\DR0\Partition1
02:36:07.0716 5264 \Device\Harddisk0\DR0\Partition1 - ok
02:36:07.0752 5264 Boot (0x1200) (59407deae64e4c7275b397578280cf32) \Device\Harddisk0\DR0\Partition2
02:36:07.0755 5264 \Device\Harddisk0\DR0\Partition2 - ok
02:36:07.0763 5264 Boot (0x1200) (e14fb610d882983393ba54defbf27d5a) \Device\Harddisk1\DR1\Partition0
02:36:07.0765 5264 \Device\Harddisk1\DR1\Partition0 - ok
02:36:07.0766 5264 ============================================================
02:36:07.0766 5264 Scan finished
02:36:07.0766 5264 ============================================================
02:36:07.0794 4824 Detected object count: 1
02:36:07.0794 4824 Actual detected object count: 1
02:38:35.0700 4824 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
02:38:35.0793 4824 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
02:38:35.0801 4824 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
02:38:35.0802 4824 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
02:38:35.0804 4824 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
02:38:35.0807 4824 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
02:38:35.0954 4824 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
02:38:35.0986 4824 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
02:38:36.0029 4824 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
02:38:36.0088 4824 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
02:38:36.0166 4824 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
02:38:36.0253 4824 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
02:38:36.0286 4824 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
02:38:36.0362 4824 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
02:38:36.0366 4824 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
02:38:36.0369 4824 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
02:38:36.0374 4824 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
02:38:36.0421 4824 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
02:38:36.0563 4824 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
02:38:36.0750 4824 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
02:38:36.0909 4824 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
02:38:36.0982 4824 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
02:38:37.0832 4824 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
02:38:37.0837 4824 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
02:38:37.0840 4824 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine




after restarting from the blue screen, aswMBR log
aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-15 03:57:26
-----------------------------
03:57:26.111 OS Version: Windows x64 6.1.7601 Service Pack 1
03:57:26.111 Number of processors: 4 586 0x402
03:57:26.112 ComputerName: AMANDA-PC UserName: Amanda
03:57:28.273 Initialize success
03:57:38.023 AVAST engine defs: 12061401
03:57:40.769 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000066
03:57:40.769 Disk 0 Vendor: WDC_____ 01.0 Size: 953674MB BusType: 8
03:57:40.800 Disk 0 MBR read successfully
03:57:40.800 Disk 0 MBR scan
03:57:40.847 Disk 0 unknown MBR code
03:57:40.878 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
03:57:40.956 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 941977 MB offset 206848
03:57:41.018 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11586 MB offset 1929375744
03:57:41.096 Disk 0 Partition 4 00 17 Hidd HPFS/NTFS NTFS 1 MB offset 1953122304
03:57:41.533 Disk 0 scanning C:\Windows\system32\drivers
03:58:14.543 Service scanning
03:58:48.036 Service FastUserSwitchingCompatibility C:\Windows\C:\Windows\system32\FastUserSwitchingCompatibilityex.dll **LOCKED** 123
03:59:26.537 Modules scanning
03:59:26.553 Disk 0 trace - called modules:
03:59:26.584 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll ahcix64s.sys
03:59:26.599 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80082c5060]
03:59:26.615 3 CLASSPNP.SYS[fffff8800199943f] -> nt!IofCallDriver -> \Device\00000066[0xfffffa80075259c0]
03:59:30.312 AVAST engine scan C:\Windows
03:59:53.806 AVAST engine scan C:\Windows\system32
04:08:47.966 AVAST engine scan C:\Windows\system32\drivers
04:09:27.824 AVAST engine scan C:\Users\Amanda
04:15:50.197 AVAST engine scan C:\ProgramData
04:18:00.519 File: C:\ProgramData\Microsoft\Windows\DRM\C132.tmp.dat **INFECTED** Win32:Malware-gen
04:20:07.269 Scan finished successfully
04:20:58.734 Disk 0 MBR has been saved successfully to "C:\Users\Amanda\Desktop\MBR.dat"
04:20:58.796 The log file has been saved successfully to "C:\Users\Amanda\Desktop\aswMBR2.txt"

Edited by iamzim, 15 June 2012 - 03:27 AM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:34 PM

Posted 15 June 2012 - 10:34 AM

ESET log :thumbup2:

#5 iamzim

iamzim
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:34 PM

Posted 15 June 2012 - 01:33 PM

ESET is still scanning. I left the computer to run overnight with it running; it's at 46% at the moment.

Edited by iamzim, 16 June 2012 - 12:42 AM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:34 PM

Posted 15 June 2012 - 02:22 PM

:thumbup2:

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:34 PM

Posted 16 June 2012 - 12:43 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#8 iamzim

iamzim
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:34 PM

Posted 16 June 2012 - 12:45 AM

I think the reason the scanner seemed like it was taking forever was because my computer drifted off to sleep, silly me.

Here is the ESET Online Scanner list:
C:\ProgramData\Microsoft\Windows\DRM\C132.tmp.dat a variant of Win32/Kryptik.AGNZ trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.06.2012_02.35.00\tdlfs0000\tsk0006.dta Win64/Olmasco.W trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.06.2012_02.35.00\tdlfs0000\tsk0007.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.06.2012_02.35.00\tdlfs0000\tsk0010.dta Win64/Olmasco.R trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.06.2012_02.35.00\tdlfs0000\tsk0011.dta Win32/Olmasco.Q trojan cleaned by deleting - quarantined
C:\Users\TaylorGS\Documents\AiAtlanta\Programs\Modo_4\modo_by_PP\Virtual\STUBEXE\@PROGRAMFILES@\Bonjour\mDNSResponder.exe probably a variant of Win32/Agent.CUXTNVS trojan cleaned by deleting - quarantined

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:34 PM

Posted 16 June 2012 - 12:46 AM

Please see my previous reply :thumbup2:

#10 iamzim

iamzim
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:34 PM

Posted 17 June 2012 - 12:41 PM

Here we go:

FSS log:
Farbar Service Scanner Version: 09-06-2012
Ran by TaylorGS (ATTENTION: The logged in user is not administrator) on 17-06-2012 at 13:33:35
Running from "C:\Users\TaylorGS\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Nsi Service is not running. Checking service configuration:
The start type of Nsi service is OK.
The ImagePath of Nsi service is OK.
Checking ServiceDll: ATTENTION!=====> Unable to open Nsi registry key. The service key does not exist.

nsiproxy Service is not running. Checking service configuration:
The start type of nsiproxy service is OK.
The ImagePath of nsiproxy service is OK.

tdx Service is not running. Checking service configuration:
The start type of tdx service is OK.
The ImagePath of tdx service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.


Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.

winmgmt Service is not running. Checking service configuration:
The start type of winmgmt service is OK.
The ImagePath of winmgmt: "%systemroot%\system32\svchost.exe -k netsvcs".
The ServiceDll of winmgmt service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\Windows\system32\wuaueng.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.

cryptsvc Service is not running. Checking service configuration:
The start type of cryptsvc service is OK.
The ImagePath of cryptsvc service is OK.
The ServiceDll of cryptsvc service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.

PlugPlay Service is not running. Checking service configuration:
The start type of PlugPlay service is OK.
The ImagePath of PlugPlay service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-06-15 02:42] - [2012-04-24 01:37] - 0184320 ____A (Microsoft Corporation) 4F5414602E2544A4554D95517948B705

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


mini toolbox log:
MiniToolBox by Farbar Version: 09-06-2012
Ran by TaylorGS (ATTENTION: The logged in user is not administrator) on 17-06-2012 at 13:35:23
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



127.0.0.1 activate.adobe.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com

There are 15218 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================



# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Amanda-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 06-26-82-58-3A-37
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Physical Address. . . . . . . . . : 00-26-82-58-3A-37
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a5e3:a3a6:681f:a114%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, June 17, 2012 2:46:47 AM
Lease Expires . . . . . . . . . . : Monday, June 18, 2012 1:32:37 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 201336450
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-56-71-00-D8-D3-85-77-6E-26
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : D8-D3-85-77-6E-26
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{FA94D0AA-568A-4DCA-BB37-6E76DD2CA3F1}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 22:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 24:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 26:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E29D7A26-DAF3-4F3F-8796-4482F6715FF1}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4002:802::1007
74.125.130.113
74.125.130.102
74.125.130.101
74.125.130.138
74.125.130.139
74.125.130.100


Pinging google.com [74.125.45.113] with 32 bytes of data:
Reply from 74.125.45.113: bytes=32 time=14ms TTL=53
Reply from 74.125.45.113: bytes=32 time=20ms TTL=53

Ping statistics for 74.125.45.113:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 20ms, Average = 17ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=176ms TTL=50
Reply from 72.30.38.140: bytes=32 time=98ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 98ms, Maximum = 176ms, Average = 137ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...06 26 82 58 3a 37 ......Microsoft Virtual WiFi Miniport Adapter
11...00 26 82 58 3a 37 ......Atheros 802.11 a/b/g/n Dualband Wireless Network Module
10...d8 d3 85 77 6e 26 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
33...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
34...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::a5e3:a3a6:681f:a114/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be %SystemRoot%\system32\NLAapi.dll

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ================================

Could not start eventlog service, could not read events.

System error 5 has occurred.

Access is denied.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20
AC3Filter 1.63b (Version: 1.63b)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.1)
Adobe Acrobat 9 Pro - English, Français, Deutsch (Version: 9.5.1)
Adobe Acrobat 9.5.1 - CPSID_83708
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Creative Suite 5 Design Premium (Version: 5.0)
Adobe Creative Suite 5 Master Collection (Version: 5.0)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.235)
Adobe Media Player (Version: 1.8)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
AMD Accelerated Video Transcoding (Version: 2.00.0001)
AMD APP SDK Runtime (Version: 10.0.898.1)
AMD Catalyst Install Manager (Version: 3.0.868.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0214.2218.39913)
AMD Media Foundation Decoders (Version: 1.0.70214.2220)
AMD Steady Video Plug-In (Version: 2.04.0000)
AMD USB Filter Driver (Version: 1.0.11.86)
AMD VISION Engine Control Center (Version: 2012.0214.2218.39913)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ArcSoft WebCam Companion 2
Autodesk 3ds Max 2012 64-bit - English (Version: 14.0)
Autodesk Backburner 2012.0.0 (Version: 2012.0.0)
Autodesk DirectConnect 2010 R1 (Version: 4.0.418.0)
Autodesk DirectConnect 2012 64-bit (Version: 6.0.443.0)
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit
Autodesk MatchMover 2011 32-bit (Version: 13.00.0000)
Autodesk MatchMover 2012 64-bit (Version: 14.00.0000)
Autodesk Material Library 2012 (Version: 2.5.0.8)
Autodesk Material Library Base Resolution Image Library 2012 (Version: 2.5.0.8)
Autodesk Material Library Medium Resolution Image Library 2012 (Version: 2.5.0.8)
Autodesk Maya 2011 32-bit (Version: 13.00.0000)
Autodesk Maya 2011 English Documentation 32-bit (Version: 13.0)
Autodesk Maya 2012 64-bit (Version: 14.0.0.0)
Autodesk Mudbox 2011 32-bit (Version: 2011.0.0)
Autodesk Mudbox 2012 64-bit - English (Version: 6.0.0.0)
Autodesk Softimage 2011 64-bit (Version: 1.00.0000)
Bass Audio Decoder (remove only)
Bing Bar (Version: 7.0.850.0)
Bing Desktop (Version: 1.0.45.0)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 140.0.212.000)
CameraHelperMsi (Version: 13.25.1010.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0214.2218.39913)
Catalyst Control Center InstallProxy (Version: 2009.1201.2247.40849)
Catalyst Control Center InstallProxy (Version: 2012.0214.2218.39913)
Catalyst Control Center Localization All (Version: 2012.0214.2218.39913)
ccc-utility64 (Version: 2012.0214.2218.39913)
CCC Help Chinese Standard (Version: 2012.0214.2217.39913)
CCC Help Chinese Traditional (Version: 2012.0214.2217.39913)
CCC Help Czech (Version: 2012.0214.2217.39913)
CCC Help Danish (Version: 2012.0214.2217.39913)
CCC Help Dutch (Version: 2012.0214.2217.39913)
CCC Help English (Version: 2012.0214.2217.39913)
CCC Help Finnish (Version: 2012.0214.2217.39913)
CCC Help French (Version: 2012.0214.2217.39913)
CCC Help German (Version: 2012.0214.2217.39913)
CCC Help Greek (Version: 2012.0214.2217.39913)
CCC Help Hungarian (Version: 2012.0214.2217.39913)
CCC Help Italian (Version: 2012.0214.2217.39913)
CCC Help Japanese (Version: 2012.0214.2217.39913)
CCC Help Korean (Version: 2012.0214.2217.39913)
CCC Help Norwegian (Version: 2012.0214.2217.39913)
CCC Help Polish (Version: 2012.0214.2217.39913)
CCC Help Portuguese (Version: 2012.0214.2217.39913)
CCC Help Russian (Version: 2012.0214.2217.39913)
CCC Help Spanish (Version: 2012.0214.2217.39913)
CCC Help Swedish (Version: 2012.0214.2217.39913)
CCC Help Thai (Version: 2012.0214.2217.39913)
CCC Help Turkish (Version: 2012.0214.2217.39913)
CCleaner (Version: 2.34)
CD Audio Reader Filter (remove only)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Composite 2011 (Version: 6.0.0)
Composite 2012 64-bit (Version: 7.0.0)
Copy (Version: 140.0.212.000)
Coupon Printer for Windows (Version: 5.0.0.0)
CyberLink DVD Suite Deluxe (Version: 7.0.2115)
DCoder Image Source (remove only)
Defraggler (Version: 1.21)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
DirectVobSub (remove only)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
DJ_AIO_05_F4400_Software_Min (Version: 140.0.690.000)
Dropbox (Version: 1.2.52)
DScaler 5 Mpeg Decoders
EasyBits GO
ESET Online Scanner v3
F4400 (Version: 140.0.696.000)
ffdshow v1.1.4222 [2012-01-03] (Version: 1.1.4222.0)
FFMPEG Core Files (remove only)
FileAdvisor (Version: 2.0.3330)
Gabest MPEG Splitter (remove only)
Google Chrome (Version: 19.0.1084.56)
Google SketchUp 8 (Version: 3.0.4811)
Google Update Helper (Version: 1.3.21.111)
GPBaseService2 (Version: 140.0.211.000)
Haali Media Splitter
HiJackThis (Version: 1.0.0)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5 (Version: 14.0)
HP Games (Version: 1.0.0.71)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP MediaSmart DVD (Version: 3.1.3317)
HP Odometer (Version: 2.10.0000)
HP Photo Creations (Version: 1.0.0.2024)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Support Assistant (Version: 4.2.5.3)
HP Support Information (Version: 10.1.0002)
HP Update (Version: 5.003.001.001)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
Hulu Desktop (Version: 0.9.9)
HydraVision (Version: 4.2.128.0)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.1.5.3)
Java™ 7 Update 2 (64-bit) (Version: 7.0.20)
Java™ 7 Update 2 (Version: 7.0.20)
LabelPrint (Version: 2.5.2017)
LAV Filters 0.49 (Version: 0.49)
LightScribe System Software (Version: 1.18.8.1)
LWS Help_main (Version: 13.25.1016.0)
LWS Webcam Software (Version: 13.20.1168.0)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Marmoset Toolbag
Marmoset Toolbag 1.02
Memeo Instant Backup (Version: 4.60.0.7252)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Common Files (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Native Client (Version: 10.3.5500.0)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.3.5500.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft SQL Server VSS Writer (Version: 10.3.5500.0)
Microsoft Visual C++ Compilers 2010 Standard - enu - x86 (Version: 10.0.40219)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 Express - ENU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31119)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31124)
Microsoft Works (Version: 9.7.0621)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit (Version: 2.60.0216.1828)
OpenAL
OpenRL Redistributable 1.0 R2 x64 (Version: 1.0.29020.0)
OpenRL Redistributable 1.0 R2 x86 (Version: 1.0.29020.0)
OpenSource AVI Splitter (remove only)
OpenSource DTS/AC3/DD+ Source Filter (remove only)
OpenSource Flash Video Splitter (remove only)
PDF Settings CS5 (Version: 10.0)
Pen Tablet
Philips CamSuite (Version: 1.0.9.0)
Philips Intelligent Agent (Version: 2.2)
Philips SPC1330NC Webcam (Version: 1.0.0.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Power2Go (Version: 6.0.3304)
PowerDirector (Version: 7.0.3503)
PxMergeModule (Version: 1.00.0000)
Python 2.7 (64-bit) (Version: 2.7.150)
QuickTime (Version: 7.71.80.42)
RAIDXpert (Version: 3.2.1540.5)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
Realtek High Definition Audio Driver (Version: 6.0.1.6196)
RealUpgrade 1.1 (Version: 1.1.0)
Recovery Manager (Version: 5.5.2216)
Revo Uninstaller 1.92 (Version: 1.92)
Scan (Version: 140.0.80.000)
SEE2 UV150 11.05.0505.1159 (Version: 11.05.0505.1159)
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (Version: 10.3.5500.0)
Skype Click to Call (Version: 6.0.10201)
Skype™ 5.8 (Version: 5.8.158)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.213.000)
Spybot - Search & Destroy (Version: 1.6.2)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0)
Status (Version: 140.0.212.000)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
The Elder Scrolls V: Skyrim
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
Unity Web Player (Version: )
Unreal Development Kit: 2011-06
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WD SmartWare (Version: 1.4.5.5)
WebReg (Version: 140.0.212.017)
WinRAR 4.10 (32-bit) (Version: 4.10.0)
WinZip 16.0 (Version: 16.0.9661)
WinZip Self-Extractor
WinZipBar Toolbar (Version: 6.8.5.1)
x264vfw - H.264/MPEG-4 AVC codec (remove only)
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only)
xNormal 3.17.8
Xvid Video Codec (Version: 1.3.2)
ZBrush 4R2 (Version: 4.2)
Zoom Player (remove only)

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 8183.89 MB
Available physical RAM: 5864.03 MB
Total Pagefile: 16365.97 MB
Available Pagefile: 12986.69 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.58 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:919.9 GB) (Free:655.67 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.31 GB) (Free:1.62 GB) NTFS

========================= Users: ========================================

User accounts for \\AMANDA-PC

Administrator Amanda Guest
TaylorGS The misc


**** End of log ****

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:34 PM

Posted 17 June 2012 - 01:04 PM

Create a restore point before trying this

Download

MpsSvc
wscsvc
defender
BFE
NSI

Launch them ,click YES when you get UAC prompt

restart the PC and post the new FSS log

#12 iamzim

iamzim
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:34 PM

Posted 17 June 2012 - 03:21 PM

When I try to launch the registration entries, I clicked YES to continue, but I then receive a message that says "Cannot import C:\Users\TaylorGS\Downloads\MpsSvc.reg: Error accessing the registry."

Do I need to be on the main admin account to run these? If so, do I need to create a new restore point on the main admin account?

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:34 PM

Posted 17 June 2012 - 03:26 PM

We have to launch the registry keys on account which has admin privileges

#14 iamzim

iamzim
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:34 PM

Posted 17 June 2012 - 03:37 PM

Gotcha. Okay, here's the new FSS log:



Farbar Service Scanner Version: 09-06-2012
Ran by TaylorGS (ATTENTION: The logged in user is not administrator) on 17-06-2012 at 16:36:07
Running from "C:\Users\TaylorGS\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Nsi Service is not running. Checking service configuration:
The start type of Nsi service is OK.
The ImagePath of Nsi service is OK.
Checking ServiceDll: ATTENTION!=====> Unable to open Nsi registry key. The service key does not exist.

nsiproxy Service is not running. Checking service configuration:
The start type of nsiproxy service is OK.
The ImagePath of nsiproxy service is OK.

tdx Service is not running. Checking service configuration:
The start type of tdx service is OK.
The ImagePath of tdx service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.


Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.

winmgmt Service is not running. Checking service configuration:
The start type of winmgmt service is OK.
The ImagePath of winmgmt: "%systemroot%\system32\svchost.exe -k netsvcs".
The ServiceDll of winmgmt service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\Windows\system32\wuaueng.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.

cryptsvc Service is not running. Checking service configuration:
The start type of cryptsvc service is OK.
The ImagePath of cryptsvc service is OK.
The ServiceDll of cryptsvc service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

PlugPlay Service is not running. Checking service configuration:
The start type of PlugPlay service is OK.
The ImagePath of PlugPlay service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-06-15 02:42] - [2012-04-24 01:37] - 0184320 ____A (Microsoft Corporation) 4F5414602E2544A4554D95517948B705

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:34 PM

Posted 17 June 2012 - 04:13 PM

Please run FSS from admin account,Any tools we run should be from administrator acct if not account with admin privileges




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users