Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win 7 Laptop very slow, crashes often


  • This topic is locked This topic is locked
30 replies to this topic

#1 etech0

etech0

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 05 July 2012 - 11:32 PM

Hi!

I have a Lenovo IdeaPad running Windows 7, that's about 6 months old. Recently, it got very slow, and now it crashes often. I ran a virus scan, and found nothing. Is there a way to find out why this is, and how to fix it?

Thanks!!!!

BC AdBot (Login to Remove)

 


#2 etech0

etech0
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 06 July 2012 - 12:09 AM

Here is my DDS log: (FYI: I'm running 64bit windows)

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Esti at 1:06:06 on 2012-07-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8136.5449 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
C:\Program Files\CrashPlan\CrashPlanService.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Lenovo\RobustIntelligentCompanion\LenovoR.I.C.Tray.exe
C:\Users\Esti\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Belvedere\Belvedere.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe
C:\Users\Esti\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Users\Esti\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Users\Esti\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler64.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Everything\Everything.exe
C:\Users\Esti\AppData\Roaming\cubby\cubby.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Users\Esti\Documents\EstiDocs\setupfiles\Autoruns (find autorun programs) !p\autoruns.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://lenovo.msn.com
mWinlogon: Userinit=userinit.exe
BHO: AutorunsDisabled - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [LenovoR.I.C.Tray] C:\Program Files (x86)\Lenovo\RobustIntelligentCompanion\LenovoR.I.C.Tray.exe
uRun: [Google Update] "C:\Users\Esti\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [LogMeIn Cubby] "C:\Users\Esti\AppData\Roaming\cubby\cubby.exe" -hidden
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Everything] "C:\Program Files (x86)\Everything\Everything.exe" -startup
StartupFolder: C:\Users\Esti\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DEFAUL~1.LNK - C:\Users\Esti\Documents\EstiDocs\development\Current\batch files\AHK\default.ahk
StartupFolder: C:\Users\Esti\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Esti\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Esti\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
StartupFolder: C:\Users\Esti\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BELVED~1.LNK - C:\Program Files (x86)\Belvedere\Belvedere.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\Lenovo\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CRASHP~1.LNK -
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1 68.237.161.12
TCP: Interfaces\{04D1A4EC-9F2A-4941-8DBB-CCC84F58EC64} : DhcpNameServer = 150.100.50.201
TCP: Interfaces\{10F03378-32D7-4D86-96A0-6ED7AD517F00} : DhcpNameServer = 192.168.1.1 68.237.161.12
TCP: Interfaces\{10F03378-32D7-4D86-96A0-6ED7AD517F00}\341626C65675966496 : DhcpNameServer = 10.240.205.161 10.240.205.162
TCP: Interfaces\{10F03378-32D7-4D86-96A0-6ED7AD517F00}\36F6572747563797 : DhcpNameServer = 71.250.0.12 68.237.161.12
TCP: Interfaces\{10F03378-32D7-4D86-96A0-6ED7AD517F00}\75942554C45435356414D494C495E4544574541425 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{10F03378-32D7-4D86-96A0-6ED7AD517F00}\876696E696479777966696 : DhcpNameServer = 10.240.205.161 10.240.205.162
TCP: Interfaces\{10F03378-32D7-4D86-96A0-6ED7AD517F00}\C696E6B6379737 : DhcpNameServer = 167.206.245.129 167.206.245.130
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: AutorunsDisabled - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun-x64: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun-x64: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
mRun-x64: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
mRun-x64: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [Everything] "C:\Program Files (x86)\Everything\Everything.exe" -startup
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
AppInit_DLLs-X64: C:\windows\SysWOW64\nvinit.dll
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
Hosts: 216.239.32.20 www.google.ae # bck9
Hosts: 216.239.32.20 www.google.at # bck9
Hosts: 216.239.32.20 www.google.be # bck9
Hosts: 216.239.32.20 www.google.ca # bck9
Hosts: 216.239.32.20 www.google.ch # bck9
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Esti\AppData\Roaming\Mozilla\Firefox\Profiles\gpq3hf6i.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B87c67930-ef60-4e5e-88b7-f55e84991ca6%7D&mid=8d10651b9b1c47d08623b1915f0721d1-b983af378c8fc0945bc0ed7e858fbc1f9704b5d3&ds=is016&v=11.1.0.7&lang=en&pr=sa&d=2012-05-23%2014%3A30%3A50&sap=ku&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Esti\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\Esti\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Esti\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 fbfmon;fbfmon;C:\windows\system32\drivers\fbfmon.sys --> C:\windows\system32\drivers\fbfmon.sys [?]
R0 LHDmgr;LHDmgr;C:\windows\system32\DRIVERS\LhdX64.sys --> C:\windows\system32\DRIVERS\LhdX64.sys [?]
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?]
R0 nvpciflt;nvpciflt;C:\windows\system32\DRIVERS\nvpciflt.sys --> C:\windows\system32\DRIVERS\nvpciflt.sys [?]
R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?]
R1 bckd;bckd;C:\windows\system32\drivers\bckd.sys --> C:\windows\system32\drivers\bckd.sys [?]
R1 BPntDrv;BPntDrv;C:\windows\system32\drivers\BPntDrv.sys --> C:\windows\system32\drivers\BPntDrv.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R1 winioex;winioex;C:\windows\system32\drivers\winioex.sys --> C:\windows\system32\drivers\winioex.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 bckwfs;Blue Coat K9 Web Protection;C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2012-2-13 2122000]
R2 CrashPlanService;CrashPlan Backup Service;C:\Program Files\CrashPlan\CrashPlanService.exe [2011-3-16 222720]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-31 13336]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\windows\system32\drivers\LMIRfsDriver.sys --> C:\windows\system32\drivers\LMIRfsDriver.sys [?]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-31 2009704]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-10-31 2656280]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\system32\DRIVERS\AcpiVpc.sys --> C:\windows\system32\DRIVERS\AcpiVpc.sys [?]
R3 BTWAMPFL;BTWAMPFL;C:\windows\system32\DRIVERS\btwampfl.sys --> C:\windows\system32\DRIVERS\btwampfl.sys [?]
R3 BTWDPAN;Bluetooth Personal Area Network;C:\windows\system32\DRIVERS\btwdpan.sys --> C:\windows\system32\DRIVERS\btwdpan.sys [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\system32\DRIVERS\btwl2cap.sys --> C:\windows\system32\DRIVERS\btwl2cap.sys [?]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\system32\DRIVERS\clwvd.sys --> C:\windows\system32\DRIVERS\clwvd.sys [?]
R3 DelayMan;ACPI DelayMan Filter Service;C:\windows\system32\DRIVERS\delayman.sys --> C:\windows\system32\DRIVERS\delayman.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
R3 JMCR;JMCR;C:\windows\system32\DRIVERS\jmcr.sys --> C:\windows\system32\DRIVERS\jmcr.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\windows\system32\DRIVERS\k57nd60a.sys --> C:\windows\system32\DRIVERS\k57nd60a.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\NETwNs64.sys --> C:\windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\system32\DRIVERS\nusb3hub.sys --> C:\windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\system32\DRIVERS\nusb3xhc.sys --> C:\windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 SPUVCbv;SPUVCb Driver Service;C:\windows\system32\Drivers\usbvideo.sys --> C:\windows\system32\Drivers\usbvideo.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\windows\system32\DRIVERS\WDKMD.sys --> C:\windows\system32\DRIVERS\WDKMD.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-31 136176]
S2 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-5 250056]
S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-5-21 276288]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-31 136176]
S3 ICDUSB3;ICDUSB3;C:\windows\system32\Drivers\ICDUSB3.sys --> C:\windows\system32\Drivers\ICDUSB3.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\windows\system32\DRIVERS\MpNWMon.sys --> C:\windows\system32\DRIVERS\MpNWMon.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
S3 SliceDisk5;SliceDisk5;C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [2012-4-10 31824]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\system32\DRIVERS\wdcsam64.sys --> C:\windows\system32\DRIVERS\wdcsam64.sys [?]
S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]
S4 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-12-7 375176]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-07-06 04:40:45 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8071985B-0980-4F0E-AFB9-753F05B2F22F}\mpengine.dll
2012-07-04 20:05:25 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ADE69464-2A1B-437B-96BB-E0FEA1B6FC5C}\gapaengine.dll
2012-07-04 20:05:05 9013136 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-04 03:11:16 -------- d-----w- C:\TeenokeDatabase
2012-06-27 13:41:27 -------- d-----w- C:\Users\Esti\New folder (2)
2012-06-27 04:03:11 -------- d-----w- C:\Users\Esti\AppData\Local\MicrosoftStore
2012-06-26 19:01:57 -------- d-----w- C:\Program Files\CCleaner
2012-06-25 03:15:04 121344 ----a-w- C:\windows\System32\IntelOpenCL64.dll
2012-06-25 03:15:02 86528 ----a-w- C:\windows\SysWow64\IntelOpenCL32.dll
2012-06-24 03:58:04 -------- d-----w- C:\Users\Esti\AppData\Local\Macromedia
2012-06-24 02:45:05 2622464 ----a-w- C:\windows\System32\wucltux.dll
2012-06-24 02:44:15 99840 ----a-w- C:\windows\System32\wudriver.dll
2012-06-24 02:43:19 186752 ----a-w- C:\windows\System32\wuwebv.dll
2012-06-24 02:43:08 36864 ----a-w- C:\windows\System32\wuapp.exe
2012-06-21 16:56:26 -------- d-----w- C:\Program Files\Defraggler
2012-06-20 20:51:45 0 ----a-w- C:\windows\SysWow64\REN2ACD.tmp
2012-06-20 20:51:45 0 ----a-w- C:\windows\SysWow64\REN2ABD.tmp
2012-06-20 20:48:48 -------- d-----w- C:\MATS
2012-06-20 02:20:31 -------- d-sh--w- C:\found.003
2012-06-17 07:03:41 -------- d-sh--w- C:\found.002
2012-06-14 23:48:53 -------- d-sh--w- C:\found.001
2012-06-14 22:30:55 -------- d-sh--w- C:\found.000
2012-06-14 18:00:16 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2012-06-14 17:58:01 -------- d-----w- C:\be2a90c5f33ce8c101242d897c0e48
2012-06-13 20:14:29 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe
2012-06-11 04:47:29 -------- d-----w- C:\temp
2012-06-11 01:05:59 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-11 01:05:59 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
.
==================== Find3M ====================
.
2012-06-24 02:18:46 426184 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-06-24 02:18:45 70344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-21 16:17:56 276288 ----a-w- C:\windows\SysWow64\IntelCpHeciSvc.exe
2012-05-21 16:17:54 5890880 ----a-w- C:\windows\System32\GfxUI.exe
2012-05-21 16:17:54 509248 ----a-w- C:\windows\System32\igfxsrvc.exe
2012-05-21 16:17:54 440128 ----a-w- C:\windows\System32\igfxpers.exe
2012-05-21 16:17:54 398656 ----a-w- C:\windows\System32\hkcmd.exe
2012-05-21 16:17:54 249664 ----a-w- C:\windows\System32\igfxext.exe
2012-05-21 16:17:54 184640 ----a-w- C:\windows\System32\difx64.exe
2012-05-21 16:17:54 170304 ----a-w- C:\windows\System32\igfxtray.exe
2012-05-21 16:13:16 90112 ----a-w- C:\windows\System32\igfxCoIn_v2761.dll
2012-05-21 16:04:30 8089088 ----a-w- C:\windows\System32\igdumd64.dll
2012-05-21 16:04:20 14759520 ----a-w- C:\windows\System32\drivers\igdkmd64.sys
2012-05-21 16:03:32 79360 ----a-w- C:\windows\System32\igdde64.dll
2012-05-21 15:59:40 6122496 ----a-w- C:\windows\SysWow64\igdumd32.dll
2012-05-21 15:57:52 58880 ----a-w- C:\windows\SysWow64\igdde32.dll
2012-05-21 15:55:06 9606144 ----a-w- C:\windows\System32\igd10umd64.dll
2012-05-21 15:43:30 7795712 ----a-w- C:\windows\SysWow64\igd10umd32.dll
2012-05-21 14:58:20 18138624 ----a-w- C:\windows\System32\ig4icd64.dll
2012-05-21 14:47:36 13214720 ----a-w- C:\windows\SysWow64\ig4icd32.dll
2012-05-21 14:43:50 388608 ----a-w- C:\windows\System32\igfxpph.dll
2012-05-21 14:43:46 28672 ----a-w- C:\windows\System32\igfxexps.dll
2012-05-21 14:43:30 62976 ----a-w- C:\windows\System32\igfxsrvc.dll
2012-05-21 14:43:04 110592 ----a-w- C:\windows\System32\hccutils.dll
2012-05-21 14:42:56 172032 ----a-w- C:\windows\System32\gfxSrvc.dll
2012-05-21 14:42:54 9216 ----a-w- C:\windows\System32\IGFXDEVLib.dll
2012-05-21 14:42:54 436224 ----a-w- C:\windows\System32\igfxdev.dll
2012-05-21 14:42:18 286208 ----a-w- C:\windows\System32\igfxrenu.lrc
2012-05-21 14:42:12 9007616 ----a-w- C:\windows\System32\igfxress.dll
2012-05-21 14:42:12 142336 ----a-w- C:\windows\System32\igfxdo.dll
2012-05-21 14:40:58 25088 ----a-w- C:\windows\SysWow64\igfxexps32.dll
2012-05-21 14:39:56 325632 ----a-w- C:\windows\SysWow64\igfxdv32.dll
2012-05-21 01:17:23 87456 ----a-w- C:\windows\System32\LMIRfsClientNP.dll
2012-05-21 01:17:23 80768 ----a-w- C:\windows\System32\LMIinit.dll
2012-05-21 01:17:23 34688 ----a-w- C:\windows\System32\LMIport.dll
2012-05-18 02:06:48 2311680 ----a-w- C:\windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-05-15 01:32:33 3146752 ----a-w- C:\windows\System32\win32k.sys
2012-05-07 00:39:11 12872 ----a-w- C:\windows\System32\bootdelete.exe
2012-05-04 11:06:22 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\windows\System32\profsvc.dll
2012-04-28 03:55:21 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys
2012-04-26 05:41:56 77312 ----a-w- C:\windows\System32\rdpwsx.dll
2012-04-26 05:41:55 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll
2012-04-24 05:37:37 184320 ----a-w- C:\windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
2012-04-18 03:18:31 721912 ----a-w- C:\Users\Esti\gotomypc_428.exe
2012-04-07 12:31:40 3216384 ----a-w- C:\windows\System32\msi.dll
2012-04-07 11:26:29 2342400 ----a-w- C:\windows\SysWow64\msi.dll
.
============= FINISH: 1:06:40.80 ===============

Attached Files



#3 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:04:05 AM

Posted 09 July 2012 - 09:20 PM

Hello etech0

My name is Cody and I'll be helping you clean up your computer.

I will reply as soon as possible (typically within 24 hours, if any longer you will be notified).

Some points for you to keep in mind:

  • Do NOT run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: When you post your reply, do not use the Posted Image button but use the Posted Image button instead.

In the upper right hand corner of the topic you will see the Posted Image button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Edited by TheShooter93, 09 July 2012 - 09:21 PM.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#4 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:04:05 AM

Posted 12 July 2012 - 01:40 PM

Hello etech0,

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#5 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:04:05 AM

Posted 16 July 2012 - 11:39 AM

Hello etech0,

It's been at least 72 hours since my last post. Are you still there?

If you need more time, let me know.

But if you don't respond to this post within 48 hours the thread will be closed due to inactivity.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#6 etech0

etech0
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 16 July 2012 - 05:00 PM

******this is a continuation of post http://www.bleepingcomputer.com/forums/topic459511.html/page__p__2753807__fromsearch__1#entry2753807

Hi Cody,

So sorry about the delay!

I ran TDSSKiller, and it found no results. Here is the log. What's the next step?

Thanks for all your help!

17:49:12.0853 5112 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
17:49:13.0463 5112 ============================================================
17:49:13.0463 5112 Current date / time: 2012/07/16 17:49:13.0463
17:49:13.0463 5112 SystemInfo:
17:49:13.0463 5112
17:49:13.0463 5112 OS Version: 6.1.7601 ServicePack: 1.0
17:49:13.0463 5112 Product type: Workstation
17:49:13.0463 5112 ComputerName: ESTI-LAPTOP
17:49:13.0463 5112 UserName: Esti
17:49:13.0463 5112 Windows directory: C:\windows
17:49:13.0463 5112 System windows directory: C:\windows
17:49:13.0463 5112 Running under WOW64
17:49:13.0463 5112 Processor architecture: Intel x64
17:49:13.0463 5112 Number of processors: 8
17:49:13.0463 5112 Page size: 0x1000
17:49:13.0463 5112 Boot type: Normal boot
17:49:13.0463 5112 ============================================================
17:49:14.0309 5112 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:49:14.0319 5112 Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1472000 (2794.52 Gb), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:49:14.0579 5112 ============================================================
17:49:14.0579 5112 \Device\Harddisk0\DR0:
17:49:14.0579 5112 MBR partitions:
17:49:14.0579 5112 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
17:49:14.0579 5112 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x51D61000
17:49:14.0609 5112 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x51DC6000, BlocksNum 0x39FE000
17:49:14.0609 5112 \Device\Harddisk1\DR1:
17:49:14.0609 5112 MBR partitions:
17:49:14.0609 5112 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2BAA0A20
17:49:14.0609 5112 ============================================================
17:49:14.0739 5112 C: <-> \Device\Harddisk0\DR0\Partition1
17:49:14.0819 5112 D: <-> \Device\Harddisk0\DR0\Partition2
17:49:14.0949 5112 E: <-> \Device\Harddisk1\DR1\Partition0
17:49:14.0949 5112 ============================================================
17:49:14.0949 5112 Initialize success
17:49:14.0949 5112 ============================================================
17:49:16.0417 3844 ============================================================
17:49:16.0417 3844 Scan started
17:49:16.0417 3844 Mode: Manual;
17:49:16.0417 3844 ============================================================
17:49:19.0615 3844 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
17:49:19.0631 3844 1394ohci - ok
17:49:20.0691 3844 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
17:49:20.0707 3844 ACPI - ok
17:49:20.0847 3844 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
17:49:20.0863 3844 AcpiPmi - ok
17:49:21.0159 3844 ACPIVPC (5bbff8b826ec38d32c26334e079c7efc) C:\windows\system32\DRIVERS\AcpiVpc.sys
17:49:21.0191 3844 ACPIVPC - ok
17:49:21.0924 3844 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:49:21.0971 3844 AdobeARMservice - ok
17:49:22.0985 3844 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:49:23.0016 3844 AdobeFlashPlayerUpdateSvc - ok
17:49:24.0264 3844 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
17:49:24.0638 3844 adp94xx - ok
17:49:24.0841 3844 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
17:49:24.0997 3844 adpahci - ok
17:49:25.0137 3844 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
17:49:25.0169 3844 adpu320 - ok
17:49:25.0481 3844 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
17:49:25.0481 3844 AeLookupSvc - ok
17:49:26.0027 3844 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
17:49:26.0073 3844 AFD - ok
17:49:26.0557 3844 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
17:49:26.0666 3844 agp440 - ok
17:49:26.0791 3844 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
17:49:26.0807 3844 ALG - ok
17:49:26.0916 3844 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
17:49:26.0931 3844 aliide - ok
17:49:27.0087 3844 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
17:49:27.0103 3844 amdide - ok
17:49:27.0337 3844 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
17:49:27.0368 3844 AmdK8 - ok
17:49:27.0446 3844 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
17:49:27.0462 3844 AmdPPM - ok
17:49:28.0055 3844 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
17:49:28.0476 3844 amdsata - ok
17:49:28.0616 3844 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
17:49:28.0647 3844 amdsbs - ok
17:49:28.0741 3844 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
17:49:28.0741 3844 amdxata - ok
17:49:28.0803 3844 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
17:49:28.0819 3844 AppID - ok
17:49:29.0006 3844 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
17:49:29.0006 3844 AppIDSvc - ok
17:49:29.0240 3844 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
17:49:29.0271 3844 Appinfo - ok
17:49:29.0505 3844 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
17:49:29.0537 3844 arc - ok
17:49:29.0755 3844 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
17:49:29.0771 3844 arcsas - ok
17:49:30.0363 3844 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:49:30.0800 3844 aspnet_state - ok
17:49:30.0987 3844 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
17:49:31.0003 3844 AsyncMac - ok
17:49:31.0284 3844 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
17:49:31.0284 3844 atapi - ok
17:49:32.0256 3844 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
17:49:32.0476 3844 AudioEndpointBuilder - ok
17:49:32.0496 3844 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
17:49:32.0506 3844 AudioSrv - ok
17:49:32.0886 3844 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\windows\system32\DRIVERS\AVGIDSEH.Sys
17:49:32.0896 3844 AVGIDSEH - ok
17:49:33.0686 3844 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\windows\system32\DRIVERS\avgldx64.sys
17:49:33.0866 3844 Avgldx64 - ok
17:49:34.0026 3844 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\windows\system32\DRIVERS\avgmfx64.sys
17:49:34.0057 3844 Avgmfx64 - ok
17:49:34.0338 3844 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\windows\system32\DRIVERS\avgrkx64.sys
17:49:34.0385 3844 Avgrkx64 - ok
17:49:34.0931 3844 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\windows\system32\DRIVERS\avgtdia.sys
17:49:35.0243 3844 Avgtdia - ok
17:49:36.0803 3844 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
17:49:36.0849 3844 avgwd - ok
17:49:37.0224 3844 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
17:49:37.0255 3844 AxInstSV - ok
17:49:38.0300 3844 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
17:49:38.0565 3844 b06bdrv - ok
17:49:39.0392 3844 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
17:49:39.0439 3844 b57nd60a - ok
17:49:39.0501 3844 bckd (795447bc205e6417fc516f2e39e5e9ab) C:\windows\system32\drivers\bckd.sys
17:49:39.0517 3844 bckd - ok
17:49:40.0547 3844 bckwfs (8eaedc04e03db8d1265a29fa8d7d9872) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
17:49:40.0625 3844 bckwfs - ok
17:49:41.0857 3844 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
17:49:41.0904 3844 BDESVC - ok
17:49:42.0653 3844 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
17:49:42.0668 3844 Beep - ok
17:49:42.0949 3844 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
17:49:42.0980 3844 BFE - ok
17:49:43.0511 3844 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
17:49:43.0791 3844 BITS - ok
17:49:44.0244 3844 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
17:49:44.0696 3844 blbdrive - ok
17:49:44.0961 3844 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
17:49:44.0977 3844 bowser - ok
17:49:45.0351 3844 BPntDrv (aaa4f992f879977a000fe8b8c730cd2c) C:\windows\system32\drivers\BPntDrv.sys
17:49:45.0367 3844 BPntDrv - ok
17:49:45.0507 3844 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
17:49:45.0523 3844 BrFiltLo - ok
17:49:45.0570 3844 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
17:49:45.0585 3844 BrFiltUp - ok
17:49:46.0740 3844 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
17:49:46.0771 3844 Browser - ok
17:49:47.0457 3844 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
17:49:47.0801 3844 Brserid - ok
17:49:48.0128 3844 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
17:49:48.0534 3844 BrSerWdm - ok
17:49:48.0643 3844 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
17:49:48.0721 3844 BrUsbMdm - ok
17:49:48.0893 3844 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
17:49:48.0971 3844 BrUsbSer - ok
17:49:49.0361 3844 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
17:49:49.0454 3844 BthEnum - ok
17:49:50.0000 3844 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
17:49:50.0125 3844 BTHMODEM - ok
17:49:50.0921 3844 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
17:49:51.0030 3844 BthPan - ok
17:49:52.0044 3844 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
17:49:52.0371 3844 BTHPORT - ok
17:49:52.0808 3844 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
17:49:52.0839 3844 bthserv - ok
17:49:53.0229 3844 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
17:49:53.0401 3844 BTHUSB - ok
17:49:55.0023 3844 BTWAMPFL (f8cfafbd5bf8b3ddb0d3c2943a5af8ce) C:\windows\system32\DRIVERS\btwampfl.sys
17:49:55.0211 3844 BTWAMPFL - ok
17:49:56.0000 3844 btwaudio (44770a3c07ebd5d6d7cd7dba915b49bc) C:\windows\system32\drivers\btwaudio.sys
17:49:56.0120 3844 btwaudio - ok
17:49:56.0590 3844 btwavdt (75b59923087ae6eb064d13d8f58a02b6) C:\windows\system32\DRIVERS\btwavdt.sys
17:49:56.0760 3844 btwavdt - ok
17:49:58.0608 3844 btwdins (e1c1bcc8211e3ae2b524deef071faf2a) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
17:49:58.0670 3844 btwdins - ok
17:49:59.0201 3844 BTWDPAN (e06fe51893b481a200214760c0de2621) C:\windows\system32\DRIVERS\btwdpan.sys
17:49:59.0466 3844 BTWDPAN - ok
17:49:59.0700 3844 btwl2cap (b9354f9f111c64f2495b60f1e24cb453) C:\windows\system32\DRIVERS\btwl2cap.sys
17:49:59.0715 3844 btwl2cap - ok
17:49:59.0887 3844 btwrchid (9555e15f828760341751e9183bd34e60) C:\windows\system32\DRIVERS\btwrchid.sys
17:49:59.0903 3844 btwrchid - ok
17:50:01.0026 3844 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
17:50:01.0088 3844 cdfs - ok
17:50:01.0665 3844 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
17:50:01.0837 3844 cdrom - ok
17:50:02.0180 3844 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
17:50:02.0461 3844 CertPropSvc - ok
17:50:02.0695 3844 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
17:50:02.0711 3844 circlass - ok
17:50:03.0179 3844 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
17:50:03.0272 3844 CLFS - ok
17:50:04.0130 3844 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:50:05.0331 3844 clr_optimization_v2.0.50727_32 - ok
17:50:05.0971 3844 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:50:06.0330 3844 clr_optimization_v2.0.50727_64 - ok
17:50:07.0001 3844 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:50:07.0827 3844 clr_optimization_v4.0.30319_32 - ok
17:50:08.0264 3844 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:50:08.0748 3844 clr_optimization_v4.0.30319_64 - ok
17:50:08.0873 3844 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\windows\system32\DRIVERS\clwvd.sys
17:50:08.0888 3844 clwvd - ok
17:50:09.0044 3844 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
17:50:09.0076 3844 CmBatt - ok
17:50:09.0122 3844 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
17:50:09.0138 3844 cmdide - ok
17:50:10.0417 3844 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys
17:50:10.0480 3844 CNG - ok
17:50:10.0636 3844 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
17:50:10.0651 3844 Compbatt - ok
17:50:10.0745 3844 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
17:50:10.0760 3844 CompositeBus - ok
17:50:10.0792 3844 COMSysApp - ok
17:50:12.0196 3844 cphs (474425a857cd259222f649922db45870) C:\windows\SysWow64\IntelCpHeciSvc.exe
17:50:13.0038 3844 cphs - ok
17:50:14.0302 3844 CrashPlanService (2ccc97e81ffb6263a038709d3d28dd48) C:\Program Files\CrashPlan\CrashPlanService.exe
17:50:14.0458 3844 CrashPlanService - ok
17:50:14.0504 3844 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
17:50:14.0520 3844 crcdisk - ok
17:50:14.0629 3844 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
17:50:14.0645 3844 CryptSvc - ok
17:50:14.0848 3844 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
17:50:14.0879 3844 DcomLaunch - ok
17:50:14.0941 3844 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
17:50:14.0941 3844 defragsvc - ok
17:50:15.0019 3844 DelayMan (ffd82c1c4abb5b0859eb081664dbda11) C:\windows\system32\DRIVERS\delayman.sys
17:50:15.0035 3844 DelayMan - ok
17:50:15.0222 3844 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
17:50:15.0222 3844 DfsC - ok
17:50:15.0316 3844 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
17:50:15.0331 3844 Dhcp - ok
17:50:15.0394 3844 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
17:50:15.0394 3844 discache - ok
17:50:15.0456 3844 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
17:50:15.0456 3844 Disk - ok
17:50:15.0518 3844 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
17:50:15.0534 3844 Dnscache - ok
17:50:15.0612 3844 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
17:50:15.0643 3844 dot3svc - ok
17:50:15.0721 3844 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
17:50:15.0721 3844 DPS - ok
17:50:15.0846 3844 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
17:50:15.0862 3844 drmkaud - ok
17:50:16.0049 3844 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
17:50:16.0096 3844 DXGKrnl - ok
17:50:16.0174 3844 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
17:50:16.0174 3844 EapHost - ok
17:50:16.0642 3844 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
17:50:16.0938 3844 ebdrv - ok
17:50:19.0028 3844 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
17:50:19.0028 3844 EFS - ok
17:50:19.0200 3844 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
17:50:19.0231 3844 ehRecvr - ok
17:50:19.0278 3844 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
17:50:19.0278 3844 ehSched - ok
17:50:19.0403 3844 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
17:50:19.0450 3844 elxstor - ok
17:50:19.0481 3844 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
17:50:19.0496 3844 ErrDev - ok
17:50:19.0574 3844 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
17:50:19.0574 3844 EventSystem - ok
17:50:20.0152 3844 EvtEng (54fc81b0162478a72a93dbbeafb35671) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:50:20.0339 3844 EvtEng - ok
17:50:21.0088 3844 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
17:50:21.0197 3844 exfat - ok
17:50:21.0836 3844 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
17:50:22.0086 3844 fastfat - ok
17:50:22.0320 3844 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
17:50:22.0367 3844 Fax - ok
17:50:22.0429 3844 fbfmon (0bdd7984db7aaff6dfefd11d82d473db) C:\windows\system32\drivers\fbfmon.sys
17:50:22.0429 3844 fbfmon - ok
17:50:22.0445 3844 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
17:50:22.0460 3844 fdc - ok
17:50:22.0538 3844 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
17:50:22.0538 3844 fdPHost - ok
17:50:22.0585 3844 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
17:50:22.0585 3844 FDResPub - ok
17:50:22.0632 3844 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
17:50:22.0648 3844 FileInfo - ok
17:50:22.0679 3844 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
17:50:22.0694 3844 Filetrace - ok
17:50:22.0757 3844 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
17:50:22.0772 3844 flpydisk - ok
17:50:22.0835 3844 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
17:50:22.0882 3844 FltMgr - ok
17:50:23.0069 3844 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
17:50:23.0116 3844 FontCache - ok
17:50:23.0318 3844 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:50:23.0350 3844 FontCache3.0.0.0 - ok
17:50:23.0412 3844 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
17:50:23.0412 3844 FsDepends - ok
17:50:23.0506 3844 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
17:50:23.0506 3844 Fs_Rec - ok
17:50:23.0568 3844 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
17:50:23.0599 3844 fvevol - ok
17:50:23.0646 3844 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
17:50:23.0677 3844 gagp30kx - ok
17:50:23.0818 3844 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
17:50:23.0864 3844 gpsvc - ok
17:50:24.0379 3844 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:50:24.0395 3844 gupdate - ok
17:50:24.0410 3844 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:50:24.0410 3844 gupdatem - ok
17:50:24.0707 3844 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:50:24.0769 3844 gusvc - ok
17:50:24.0816 3844 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
17:50:24.0847 3844 hcw85cir - ok
17:50:24.0925 3844 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
17:50:25.0003 3844 HdAudAddService - ok
17:50:25.0034 3844 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
17:50:25.0050 3844 HDAudBus - ok
17:50:25.0066 3844 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
17:50:25.0081 3844 HidBatt - ok
17:50:25.0222 3844 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
17:50:25.0268 3844 HidBth - ok
17:50:25.0300 3844 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
17:50:25.0315 3844 HidIr - ok
17:50:25.0362 3844 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
17:50:25.0362 3844 hidserv - ok
17:50:25.0424 3844 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
17:50:25.0440 3844 HidUsb - ok
17:50:25.0502 3844 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
17:50:25.0502 3844 hkmsvc - ok
17:50:25.0549 3844 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
17:50:25.0612 3844 HomeGroupListener - ok
17:50:26.0142 3844 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
17:50:26.0189 3844 HomeGroupProvider - ok
17:50:26.0267 3844 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
17:50:26.0298 3844 HpSAMD - ok
17:50:26.0454 3844 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
17:50:26.0485 3844 HTTP - ok
17:50:26.0532 3844 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
17:50:26.0532 3844 hwpolicy - ok
17:50:26.0579 3844 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
17:50:26.0594 3844 i8042prt - ok
17:50:26.0719 3844 iaStor (d469b77687e12fe43e344806740b624d) C:\windows\system32\DRIVERS\iaStor.sys
17:50:26.0735 3844 iaStor - ok
17:50:27.0047 3844 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:50:27.0047 3844 IAStorDataMgrSvc - ok
17:50:27.0874 3844 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
17:50:27.0936 3844 iaStorV - ok
17:50:28.0030 3844 ICDUSB3 (55836a07c030748b47c613dc30f724d5) C:\windows\system32\Drivers\ICDUSB3.sys
17:50:28.0045 3844 ICDUSB3 - ok
17:50:28.0342 3844 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:50:28.0513 3844 idsvc - ok
17:50:31.0009 3844 igfx (72a89ffab63239771dee03c15ae7cafd) C:\windows\system32\DRIVERS\igdkmd64.sys
17:50:31.0540 3844 igfx - ok
17:50:31.0898 3844 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
17:50:31.0914 3844 iirsp - ok
17:50:32.0070 3844 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
17:50:32.0132 3844 IKEEXT - ok
17:50:32.0585 3844 IntcAzAudAddService (1ce438b31551746ab450d8ffa403bdb5) C:\windows\system32\drivers\RTKVHD64.sys
17:50:32.0850 3844 IntcAzAudAddService - ok
17:50:34.0238 3844 IntcDAud (6c9fffeca9fed31347d211c5d1ffbd2d) C:\windows\system32\DRIVERS\IntcDAud.sys
17:50:34.0285 3844 IntcDAud - ok
17:50:34.0316 3844 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
17:50:34.0332 3844 intelide - ok
17:50:34.0363 3844 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
17:50:34.0363 3844 intelppm - ok
17:50:34.0410 3844 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
17:50:34.0426 3844 IPBusEnum - ok
17:50:34.0457 3844 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
17:50:34.0488 3844 IpFilterDriver - ok
17:50:34.0628 3844 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
17:50:34.0644 3844 iphlpsvc - ok
17:50:34.0691 3844 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
17:50:34.0706 3844 IPMIDRV - ok
17:50:34.0769 3844 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
17:50:34.0800 3844 IPNAT - ok
17:50:34.0878 3844 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
17:50:34.0894 3844 IRENUM - ok
17:50:34.0956 3844 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
17:50:34.0972 3844 isapnp - ok
17:50:35.0034 3844 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
17:50:35.0081 3844 iScsiPrt - ok
17:50:35.0159 3844 JMCR (e56417c56b6a7316b6f527c890a1860d) C:\windows\system32\DRIVERS\jmcr.sys
17:50:35.0206 3844 JMCR - ok
17:50:35.0330 3844 k57nd60a (455b75c19bf3f1f2ee3ac10e1169826c) C:\windows\system32\DRIVERS\k57nd60a.sys
17:50:35.0377 3844 k57nd60a - ok
17:50:35.0440 3844 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
17:50:35.0455 3844 kbdclass - ok
17:50:35.0518 3844 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys
17:50:35.0533 3844 kbdhid - ok
17:50:35.0596 3844 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
17:50:35.0596 3844 KeyIso - ok
17:50:35.0642 3844 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys
17:50:35.0658 3844 KSecDD - ok
17:50:35.0736 3844 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys
17:50:35.0767 3844 KSecPkg - ok
17:50:35.0814 3844 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
17:50:35.0830 3844 ksthunk - ok
17:50:36.0422 3844 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
17:50:36.0594 3844 KtmRm - ok
17:50:37.0046 3844 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
17:50:37.0171 3844 LanmanServer - ok
17:50:37.0655 3844 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
17:50:37.0686 3844 LanmanWorkstation - ok
17:50:37.0951 3844 LHDmgr (be166935083f9c38edfdc21b9a7a679b) C:\windows\system32\DRIVERS\LhdX64.sys
17:50:37.0998 3844 LHDmgr - ok
17:50:38.0622 3844 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
17:50:38.0653 3844 lltdio - ok
17:50:39.0854 3844 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
17:50:39.0948 3844 lltdsvc - ok
17:50:40.0010 3844 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
17:50:40.0010 3844 lmhosts - ok
17:50:40.0244 3844 LMIGuardianSvc (d55a7d0553c7102f63872936c7a9d9db) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
17:50:40.0354 3844 LMIGuardianSvc - ok
17:50:40.0478 3844 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
17:50:40.0478 3844 LMIInfo - ok
17:50:40.0603 3844 LMIMaint (a7d256c8847df6e88bddb55f87e54f46) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
17:50:40.0634 3844 LMIMaint - ok
17:50:40.0697 3844 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\windows\system32\DRIVERS\lmimirr.sys
17:50:40.0712 3844 lmimirr - ok
17:50:40.0744 3844 LMIRfsClientNP - ok
17:50:40.0775 3844 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\windows\system32\drivers\LMIRfsDriver.sys
17:50:40.0775 3844 LMIRfsDriver - ok
17:50:40.0884 3844 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:50:40.0884 3844 LMS - ok
17:50:41.0024 3844 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
17:50:41.0087 3844 LogMeIn - ok
17:50:41.0165 3844 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
17:50:41.0196 3844 LSI_FC - ok
17:50:41.0227 3844 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
17:50:41.0305 3844 LSI_SAS - ok
17:50:41.0336 3844 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
17:50:41.0368 3844 LSI_SAS2 - ok
17:50:41.0414 3844 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
17:50:41.0477 3844 LSI_SCSI - ok
17:50:41.0617 3844 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
17:50:41.0648 3844 luafv - ok
17:50:41.0789 3844 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\windows\system32\DRIVERS\mcdbus.sys
17:50:41.0836 3844 mcdbus - ok
17:50:41.0898 3844 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
17:50:41.0914 3844 Mcx2Svc - ok
17:50:41.0976 3844 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
17:50:41.0992 3844 megasas - ok
17:50:42.0070 3844 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
17:50:42.0101 3844 MegaSR - ok
17:50:42.0241 3844 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys
17:50:42.0257 3844 MEIx64 - ok
17:50:43.0396 3844 Microsoft SharePoint Workspace Audit Service - ok
17:50:43.0536 3844 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
17:50:43.0598 3844 MMCSS - ok
17:50:43.0645 3844 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
17:50:43.0661 3844 Modem - ok
17:50:43.0848 3844 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
17:50:43.0848 3844 monitor - ok
17:50:44.0004 3844 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
17:50:44.0035 3844 mouclass - ok
17:50:44.0066 3844 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
17:50:44.0082 3844 mouhid - ok
17:50:44.0269 3844 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
17:50:44.0285 3844 mountmgr - ok
17:50:44.0519 3844 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
17:50:44.0581 3844 mpio - ok
17:50:44.0659 3844 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\windows\system32\DRIVERS\MpNWMon.sys
17:50:44.0675 3844 MpNWMon - ok
17:50:44.0862 3844 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
17:50:44.0878 3844 mpsdrv - ok
17:50:45.0143 3844 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
17:50:45.0174 3844 MpsSvc - ok
17:50:45.0236 3844 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
17:50:45.0314 3844 MRxDAV - ok
17:50:45.0408 3844 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
17:50:45.0455 3844 mrxsmb - ok
17:50:45.0548 3844 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
17:50:45.0580 3844 mrxsmb10 - ok
17:50:45.0642 3844 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
17:50:45.0642 3844 mrxsmb20 - ok
17:50:45.0689 3844 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
17:50:45.0689 3844 msahci - ok
17:50:45.0782 3844 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
17:50:46.0001 3844 msdsm - ok
17:50:46.0048 3844 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
17:50:46.0079 3844 MSDTC - ok
17:50:46.0157 3844 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
17:50:46.0172 3844 Msfs - ok
17:50:46.0219 3844 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
17:50:46.0235 3844 mshidkmdf - ok
17:50:46.0313 3844 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
17:50:46.0328 3844 msisadrv - ok
17:50:47.0233 3844 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
17:50:47.0405 3844 MSiSCSI - ok
17:50:47.0405 3844 msiserver - ok
17:50:47.0498 3844 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
17:50:47.0514 3844 MSKSSRV - ok
17:50:47.0545 3844 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
17:50:47.0561 3844 MSPCLOCK - ok
17:50:47.0592 3844 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
17:50:47.0608 3844 MSPQM - ok
17:50:48.0528 3844 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
17:50:48.0575 3844 MsRPC - ok
17:50:48.0731 3844 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
17:50:48.0731 3844 mssmbios - ok
17:50:48.0762 3844 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
17:50:48.0778 3844 MSTEE - ok
17:50:48.0824 3844 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
17:50:48.0856 3844 MTConfig - ok
17:50:48.0949 3844 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
17:50:48.0980 3844 Mup - ok
17:50:49.0573 3844 MyWiFiDHCPDNS (4bbb9d9c4df259fae2d172c5bb25ddd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:50:49.0620 3844 MyWiFiDHCPDNS - ok
17:50:49.0745 3844 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
17:50:49.0792 3844 napagent - ok
17:50:49.0901 3844 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
17:50:49.0916 3844 NativeWifiP - ok
17:50:50.0104 3844 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\windows\system32\drivers\ndis.sys
17:50:50.0119 3844 NDIS - ok
17:50:50.0245 3844 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
17:50:50.0265 3844 NdisCap - ok
17:50:50.0395 3844 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
17:50:50.0435 3844 NdisTapi - ok
17:50:50.0615 3844 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
17:50:50.0625 3844 Ndisuio - ok
17:50:50.0655 3844 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
17:50:50.0705 3844 NdisWan - ok
17:50:50.0825 3844 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
17:50:50.0845 3844 NDProxy - ok
17:50:50.0955 3844 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
17:50:50.0975 3844 NetBIOS - ok
17:50:51.0065 3844 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
17:50:51.0095 3844 NetBT - ok
17:50:51.0205 3844 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
17:50:51.0205 3844 Netlogon - ok
17:50:51.0495 3844 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
17:50:51.0525 3844 Netman - ok
17:50:52.0320 3844 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:50:52.0710 3844 NetMsmqActivator - ok
17:50:52.0741 3844 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:50:52.0756 3844 NetPipeActivator - ok
17:50:52.0897 3844 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
17:50:52.0928 3844 netprofm - ok
17:50:52.0928 3844 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:50:52.0944 3844 NetTcpActivator - ok
17:50:52.0944 3844 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:50:52.0944 3844 NetTcpPortSharing - ok
17:50:54.0301 3844 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\windows\system32\DRIVERS\NETwNs64.sys
17:50:54.0753 3844 NETwNs64 - ok
17:50:56.0672 3844 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
17:50:56.0703 3844 nfrd960 - ok
17:50:56.0797 3844 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
17:50:56.0828 3844 NlaSvc - ok
17:50:56.0875 3844 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
17:50:56.0906 3844 Npfs - ok
17:50:56.0953 3844 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
17:50:56.0953 3844 nsi - ok
17:50:56.0984 3844 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
17:50:56.0984 3844 nsiproxy - ok
17:50:57.0296 3844 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
17:50:57.0358 3844 Ntfs - ok
17:50:57.0811 3844 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
17:50:57.0826 3844 Null - ok
17:50:57.0889 3844 nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\windows\system32\DRIVERS\nusb3hub.sys
17:50:57.0920 3844 nusb3hub - ok
17:50:57.0967 3844 nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\windows\system32\DRIVERS\nusb3xhc.sys
17:50:58.0014 3844 nusb3xhc - ok
17:51:00.0010 3844 nvlddmkm (e56852a3743c2fbc46c9af4b687522ca) C:\windows\system32\DRIVERS\nvlddmkm.sys
17:51:00.0416 3844 nvlddmkm - ok
17:51:01.0227 3844 nvpciflt (d38952a15d728eb5ac9c6618a65fdfde) C:\windows\system32\DRIVERS\nvpciflt.sys
17:51:01.0227 3844 nvpciflt - ok
17:51:02.0038 3844 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
17:51:02.0241 3844 nvraid - ok
17:51:02.0959 3844 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
17:51:03.0146 3844 nvstor - ok
17:51:03.0676 3844 NVSvc (dd9ac38bd31d8adbc3138bd868b52289) C:\windows\system32\nvvsvc.exe
17:51:03.0723 3844 NVSvc - ok
17:51:04.0349 3844 nvUpdatusService (7c804b02415a58b0c01e79da44be2e32) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
17:51:04.0409 3844 nvUpdatusService - ok
17:51:06.0543 3844 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
17:51:06.0684 3844 nv_agp - ok
17:51:07.0058 3844 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
17:51:07.0074 3844 ohci1394 - ok
17:51:08.0041 3844 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:51:08.0368 3844 ose64 - ok
17:51:09.0273 3844 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:51:14.0936 3844 osppsvc - ok
17:51:17.0853 3844 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
17:51:17.0853 3844 p2pimsvc - ok
17:51:18.0602 3844 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
17:51:18.0618 3844 p2psvc - ok
17:51:19.0304 3844 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
17:51:19.0554 3844 Parport - ok
17:51:20.0006 3844 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
17:51:20.0006 3844 partmgr - ok
17:51:20.0848 3844 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
17:51:20.0911 3844 PcaSvc - ok
17:51:21.0847 3844 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
17:51:21.0894 3844 pci - ok
17:51:22.0050 3844 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
17:51:22.0065 3844 pciide - ok
17:51:22.0767 3844 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
17:51:23.0188 3844 pcmcia - ok
17:51:23.0438 3844 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
17:51:23.0438 3844 pcw - ok
17:51:23.0906 3844 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
17:51:24.0031 3844 PEAUTH - ok
17:51:25.0045 3844 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
17:51:25.0045 3844 PerfHost - ok
17:51:25.0934 3844 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
17:51:25.0996 3844 pla - ok
17:51:26.0324 3844 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
17:51:26.0418 3844 PlugPlay - ok
17:51:26.0714 3844 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
17:51:26.0714 3844 PNRPAutoReg - ok
17:51:27.0042 3844 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
17:51:27.0057 3844 PNRPsvc - ok
17:51:27.0634 3844 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
17:51:27.0946 3844 PolicyAgent - ok
17:51:28.0695 3844 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
17:51:28.0742 3844 Power - ok
17:51:29.0569 3844 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
17:51:29.0631 3844 PptpMiniport - ok
17:51:29.0694 3844 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
17:51:29.0725 3844 Processor - ok
17:51:29.0834 3844 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
17:51:29.0834 3844 ProfSvc - ok
17:51:30.0068 3844 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
17:51:30.0068 3844 ProtectedStorage - ok
17:51:30.0645 3844 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
17:51:30.0645 3844 Psched - ok
17:51:30.0942 3844 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\windows\system32\Drivers\PxHlpa64.sys
17:51:31.0191 3844 PxHlpa64 - ok
17:51:31.0878 3844 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
17:51:32.0502 3844 ql2300 - ok
17:51:33.0890 3844 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
17:51:33.0968 3844 ql40xx - ok
17:51:34.0436 3844 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
17:51:34.0670 3844 QWAVE - ok
17:51:34.0888 3844 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
17:51:34.0888 3844 QWAVEdrv - ok
17:51:35.0013 3844 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
17:51:35.0029 3844 RasAcd - ok
17:51:35.0528 3844 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
17:51:35.0622 3844 RasAgileVpn - ok
17:51:36.0714 3844 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
17:51:36.0760 3844 RasAuto - ok
17:51:37.0244 3844 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
17:51:37.0587 3844 Rasl2tp - ok
17:51:37.0696 3844 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
17:51:37.0899 3844 RasMan - ok
17:51:37.0946 3844 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
17:51:38.0227 3844 RasPppoe - ok
17:51:38.0523 3844 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
17:51:38.0710 3844 RasSstp - ok
17:51:38.0960 3844 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
17:51:39.0350 3844 rdbss - ok
17:51:39.0600 3844 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
17:51:39.0615 3844 rdpbus - ok
17:51:39.0662 3844 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
17:51:39.0662 3844 RDPCDD - ok
17:51:39.0709 3844 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
17:51:39.0709 3844 RDPENCDD - ok
17:51:39.0771 3844 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
17:51:39.0771 3844 RDPREFMP - ok
17:51:40.0302 3844 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
17:51:40.0504 3844 RDPWD - ok
17:51:41.0082 3844 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
17:51:41.0082 3844 rdyboost - ok
17:51:43.0172 3844 RegSrvc (a436f5e7d80bbdbb0826d0f176d5bea8) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:51:43.0468 3844 RegSrvc - ok
17:51:43.0858 3844 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
17:51:43.0936 3844 RemoteAccess - ok
17:51:44.0108 3844 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
17:51:44.0108 3844 RemoteRegistry - ok
17:51:44.0716 3844 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
17:51:44.0732 3844 RFCOMM - ok
17:51:45.0028 3844 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
17:51:45.0231 3844 RpcEptMapper - ok
17:51:45.0372 3844 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
17:51:45.0387 3844 RpcLocator - ok
17:51:45.0481 3844 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
17:51:45.0496 3844 RpcSs - ok
17:51:45.0559 3844 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
17:51:45.0559 3844 rspndr - ok
17:51:45.0933 3844 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\windows\system32\DRIVERS\Rt64win7.sys
17:51:45.0964 3844 RTL8167 - ok
17:51:46.0105 3844 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
17:51:46.0105 3844 SamSs - ok
17:51:46.0635 3844 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
17:51:47.0134 3844 sbp2port - ok
17:51:47.0727 3844 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
17:51:47.0727 3844 SCardSvr - ok
17:51:48.0320 3844 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
17:51:48.0367 3844 scfilter - ok
17:51:49.0131 3844 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
17:51:49.0162 3844 Schedule - ok
17:51:49.0552 3844 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
17:51:49.0552 3844 SCPolicySvc - ok
17:51:49.0646 3844 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\DRIVERS\sdbus.sys
17:51:49.0662 3844 sdbus - ok
17:51:49.0786 3844 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
17:51:50.0114 3844 SDRSVC - ok
17:51:50.0223 3844 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
17:51:50.0223 3844 secdrv - ok
17:51:50.0379 3844 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
17:51:50.0754 3844 seclogon - ok
17:51:51.0066 3844 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
17:51:51.0128 3844 SENS - ok
17:51:51.0362 3844 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
17:51:51.0424 3844 SensrSvc - ok
17:51:51.0705 3844 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
17:51:51.0783 3844 Serenum - ok
17:51:52.0579 3844 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
17:51:52.0657 3844 Serial - ok
17:51:52.0844 3844 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
17:51:52.0860 3844 sermouse - ok
17:51:53.0468 3844 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
17:51:53.0499 3844 SessionEnv - ok
17:51:53.0608 3844 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
17:51:53.0624 3844 sffdisk - ok
17:51:53.0811 3844 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
17:51:53.0827 3844 sffp_mmc - ok
17:51:54.0092 3844 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
17:51:54.0435 3844 sffp_sd - ok
17:51:54.0544 3844 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
17:51:54.0560 3844 sfloppy - ok
17:51:56.0650 3844 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
17:51:56.0978 3844 SharedAccess - ok
17:51:57.0898 3844 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
17:51:57.0976 3844 ShellHWDetection - ok
17:51:58.0273 3844 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
17:51:58.0444 3844 SiSRaid2 - ok
17:51:58.0554 3844 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
17:51:58.0569 3844 SiSRaid4 - ok
17:51:58.0850 3844 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
17:51:58.0866 3844 Smb - ok
17:51:59.0146 3844 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
17:51:59.0146 3844 SNMPTRAP - ok
17:51:59.0302 3844 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
17:51:59.0334 3844 spldr - ok
17:51:59.0864 3844 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
17:51:59.0895 3844 Spooler - ok
17:52:04.0653 3844 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
17:52:05.0012 3844 sppsvc - ok
17:52:05.0979 3844 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
17:52:06.0323 3844 sppuinotify - ok
17:52:07.0196 3844 SPUVCbv (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
17:52:07.0274 3844 SPUVCbv - ok
17:52:07.0727 3844 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
17:52:07.0820 3844 srv - ok
17:52:07.0961 3844 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
17:52:07.0992 3844 srv2 - ok
17:52:08.0600 3844 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
17:52:08.0647 3844 srvnet - ok
17:52:08.0897 3844 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
17:52:08.0897 3844 SSDPSRV - ok
17:52:09.0021 3844 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
17:52:09.0084 3844 SstpSvc - ok
17:52:09.0271 3844 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
17:52:09.0302 3844 stexstor - ok
17:52:10.0301 3844 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
17:52:10.0722 3844 stisvc - ok
17:52:10.0956 3844 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
17:52:10.0971 3844 swenum - ok
17:52:11.0954 3844 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:52:13.0140 3844 SwitchBoard - ok
17:52:13.0608 3844 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
17:52:13.0670 3844 swprv - ok
17:52:14.0591 3844 SynTP (126ae059261c9234cd697f441f2c85ca) C:\windows\system32\DRIVERS\SynTP.sys
17:52:14.0996 3844 SynTP - ok
17:52:15.0745 3844 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
17:52:16.0119 3844 SysMain - ok
17:52:17.0633 3844 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
17:52:17.0695 3844 TabletInputService - ok
17:52:17.0898 3844 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
17:52:17.0929 3844 TapiSrv - ok
17:52:18.0116 3844 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
17:52:18.0132 3844 TBS - ok
17:52:19.0052 3844 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
17:52:19.0130 3844 Tcpip - ok
17:52:20.0191 3844 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
17:52:20.0222 3844 TCPIP6 - ok
17:52:21.0018 3844 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
17:52:21.0018 3844 tcpipreg - ok
17:52:21.0174 3844 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
17:52:21.0189 3844 TDPIPE - ok
17:52:21.0299 3844 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
17:52:21.0751 3844 TDTCP - ok
17:52:22.0016 3844 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
17:52:22.0032 3844 tdx - ok
17:52:23.0030 3844 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
17:52:23.0249 3844 TermDD - ok
17:52:23.0810 3844 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
17:52:24.0060 3844 TermService - ok
17:52:25.0043 3844 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
17:52:25.0245 3844 Themes - ok
17:52:25.0823 3844 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
17:52:25.0823 3844 THREADORDER - ok
17:52:26.0025 3844 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
17:52:26.0025 3844 TrkWks - ok
17:52:26.0930 3844 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
17:52:27.0242 3844 TrustedInstaller - ok
17:52:27.0476 3844 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
17:52:27.0476 3844 tssecsrv - ok
17:52:27.0601 3844 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
17:52:27.0648 3844 TsUsbFlt - ok
17:52:27.0679 3844 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
17:52:27.0695 3844 TsUsbGD - ok
17:52:28.0662 3844 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
17:52:28.0709 3844 tunnel - ok
17:52:28.0958 3844 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
17:52:28.0989 3844 uagp35 - ok
17:52:29.0411 3844 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
17:52:29.0473 3844 udfs - ok
17:52:29.0567 3844 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
17:52:29.0567 3844 UI0Detect - ok
17:52:29.0645 3844 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
17:52:29.0676 3844 uliagpkx - ok
17:52:29.0832 3844 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
17:52:30.0097 3844 umbus - ok
17:52:30.0128 3844 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
17:52:30.0144 3844 UmPass - ok
17:52:31.0283 3844 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:52:31.0407 3844 UNS - ok
17:52:33.0233 3844 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
17:52:33.0420 3844 upnphost - ok
17:52:33.0794 3844 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\windows\system32\drivers\usbaudio.sys
17:52:34.0137 3844 usbaudio - ok
17:52:34.0520 3844 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
17:52:34.0540 3844 usbccgp - ok
17:52:34.0570 3844 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
17:52:34.0590 3844 usbcir - ok
17:52:34.0700 3844 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
17:52:34.0980 3844 usbehci - ok
17:52:35.0340 3844 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
17:52:35.0920 3844 usbhub - ok
17:52:35.0980 3844 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
17:52:36.0000 3844 usbohci - ok
17:52:36.0050 3844 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\drivers\usbprint.sys
17:52:36.0060 3844 usbprint - ok
17:52:37.0020 3844 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
17:52:37.0035 3844 USBSTOR - ok
17:52:37.0207 3844 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
17:52:37.0363 3844 usbuhci - ok
17:52:37.0410 3844 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
17:52:37.0425 3844 usbvideo - ok
17:52:38.0096 3844 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\windows\system32\DRIVERS\usb8023x.sys
17:52:38.0112 3844 usb_rndisx - ok
17:52:38.0658 3844 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
17:52:38.0705 3844 UxSms - ok
17:52:39.0017 3844 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
17:52:39.0017 3844 VaultSvc - ok
17:52:39.0110 3844 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
17:52:39.0126 3844 vdrvroot - ok
17:52:39.0266 3844 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
17:52:39.0531 3844 vds - ok
17:52:39.0828 3844 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
17:52:39.0843 3844 vga - ok
17:52:39.0937 3844 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
17:52:39.0968 3844 VgaSave - ok
17:52:40.0031 3844 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
17:52:40.0046 3844 vhdmp - ok
17:52:40.0343 3844 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
17:52:40.0358 3844 viaide - ok
17:52:40.0514 3844 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
17:52:40.0717 3844 volmgr - ok
17:52:41.0279 3844 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
17:52:41.0357 3844 volmgrx - ok
17:52:41.0481 3844 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
17:52:41.0528 3844 volsnap - ok
17:52:42.0527 3844 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
17:52:42.0870 3844 vsmraid - ok
17:52:43.0463 3844 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
17:52:43.0525 3844 VSS - ok
17:52:44.0711 3844 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
17:52:44.0726 3844 vwifibus - ok
17:52:44.0960 3844 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
17:52:45.0257 3844 vwififlt - ok
17:52:45.0381 3844 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
17:52:45.0381 3844 vwifimp - ok
17:52:45.0943 3844 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
17:52:45.0959 3844 W32Time - ok
17:52:46.0115 3844 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
17:52:46.0130 3844 WacomPen - ok
17:52:46.0567 3844 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
17:52:46.0848 3844 WANARP - ok
17:52:46.0879 3844 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
17:52:46.0879 3844 Wanarpv6 - ok
17:52:47.0487 3844 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
17:52:48.0174 3844 WatAdminSvc - ok
17:52:48.0486 3844 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
17:52:48.0891 3844 wbengine - ok
17:52:49.0983 3844 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
17:52:49.0999 3844 WbioSrvc - ok
17:52:50.0483 3844 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
17:52:50.0732 3844 wcncsvc - ok
17:52:50.0857 3844 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
17:52:50.0857 3844 WcsPlugInService - ok
17:52:50.0997 3844 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
17:52:51.0044 3844 Wd - ok
17:52:51.0107 3844 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys
17:52:51.0153 3844 WDC_SAM - ok
17:52:51.0278 3844 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
17:52:51.0356 3844 Wdf01000 - ok
17:52:51.0731 3844 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
17:52:51.0777 3844 WdiServiceHost - ok
17:52:51.0777 3844 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
17:52:51.0777 3844 WdiSystemHost - ok
17:52:51.0871 3844 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\windows\system32\DRIVERS\WDKMD.sys
17:52:51.0887 3844 wdkmd - ok
17:52:51.0949 3844 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
17:52:52.0011 3844 WebClient - ok
17:52:52.0089 3844 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
17:52:52.0136 3844 Wecsvc - ok
17:52:52.0183 3844 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
17:52:52.0199 3844 wercplsupport - ok
17:52:52.0261 3844 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
17:52:52.0261 3844 WerSvc - ok
17:52:52.0370 3844 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
17:52:52.0386 3844 WfpLwf - ok
17:52:52.0495 3844 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
17:52:52.0511 3844 WIMMount - ok
17:52:52.0573 3844 WinDefend - ok
17:52:52.0589 3844 WinHttpAutoProxySvc - ok
17:52:52.0620 3844 winioex (fef576b25641012fa927b0a2703c51f9) C:\windows\system32\drivers\winioex.sys
17:52:52.0651 3844 winioex - ok
17:52:52.0807 3844 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
17:52:52.0854 3844 Winmgmt - ok
17:52:53.0228 3844 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
17:52:53.0291 3844 WinRM - ok
17:52:53.0556 3844 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
17:52:53.0571 3844 WinUsb - ok
17:52:53.0774 3844 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
17:52:53.0790 3844 Wlansvc - ok
17:52:53.0852 3844 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:52:53.0883 3844 wlcrasvc - ok
17:52:54.0398 3844 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:52:54.0461 3844 wlidsvc - ok
17:52:54.0710 3844 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
17:52:54.0710 3844 WmiAcpi - ok
17:52:54.0851 3844 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
17:52:54.0882 3844 wmiApSrv - ok
17:52:54.0929 3844 WMPNetworkSvc - ok
17:52:54.0991 3844 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
17:52:54.0991 3844 WPCSvc - ok
17:52:55.0053 3844 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
17:52:55.0085 3844 WPDBusEnum - ok
17:52:55.0131 3844 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
17:52:55.0147 3844 ws2ifsl - ok
17:52:55.0178 3844 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
17:52:55.0194 3844 wscsvc - ok
17:52:55.0209 3844 WSearch - ok
17:52:55.0287 3844 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
17:52:55.0334 3844 wsvd - ok
17:52:55.0724 3844 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
17:52:55.0787 3844 wuauserv - ok
17:52:56.0785 3844 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
17:52:56.0847 3844 WudfPf - ok
17:52:56.0894 3844 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
17:52:56.0957 3844 WUDFRd - ok
17:52:57.0159 3844 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
17:52:57.0191 3844 wudfsvc - ok
17:52:57.0487 3844 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
17:52:57.0518 3844 WwanSvc - ok
17:52:57.0612 3844 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:52:58.0251 3844 \Device\Harddisk0\DR0 - ok
17:52:58.0283 3844 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
17:52:58.0283 3844 \Device\Harddisk1\DR1 - ok
17:52:58.0283 3844 Boot (0x1200) (3899debefed0ad06b0ff63cffcd4085e) \Device\Harddisk0\DR0\Partition0
17:52:58.0298 3844 \Device\Harddisk0\DR0\Partition0 - ok
17:52:58.0314 3844 Boot (0x1200) (54d1d3f9938906b00ca2b78893e0603a) \Device\Harddisk0\DR0\Partition1
17:52:58.0329 3844 \Device\Harddisk0\DR0\Partition1 - ok
17:52:58.0361 3844 Boot (0x1200) (65a090cc34045658fa1f60a40353029d) \Device\Harddisk0\DR0\Partition2
17:52:58.0361 3844 \Device\Harddisk0\DR0\Partition2 - ok
17:52:58.0376 3844 Boot (0x1200) (f9b6095d23a958cf80df16794de75af2) \Device\Harddisk1\DR1\Partition0
17:52:58.0376 3844 \Device\Harddisk1\DR1\Partition0 - ok
17:52:58.0376 3844 ============================================================
17:52:58.0376 3844 Scan finished
17:52:58.0376 3844 ============================================================
17:52:58.0392 2544 Detected object count: 0
17:52:58.0392 2544 Actual detected object count: 0

#7 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,962 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:05 AM

Posted 21 July 2012 - 12:38 AM

Hello etech0,

I found your reply to this topic and merged it to the original topic and also removed the closing reply Elise wrote.

A few things to note: When responding to a topic, please use the Add Reply button Posted Image found near the bottom right of the topic. Starting new topics creates confusion for all concerned and delays the assistance you receive, as it did in this case. If you know you will be unable to reply to your topic, please post a note to your topic informing your helper so he knows that you haven't abandoned the topic.

Back to you TheShooter93 and coach,

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#8 etech0

etech0
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 22 July 2012 - 12:16 AM

Thanks for your response!

Just FYI, the reason I started a new topic was because the first one had been closed, so I could not respond to it. The reason I was delayed in responding was because I thought I would get an email when an answer was posted, but that does not seem to be working. I am now checking this post a couple of times a day, and anticipating an answer.

By the way, I tried repairing Windows, and my laptop is now a drop faster, but not much, and it still keeps freezing.

#9 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:04:05 AM

Posted 22 July 2012 - 10:51 AM

Hello etech0,

Does your computer crash/perform slowly in Safe Mode?

While the computer is turning on, tap F8 repeatedly until a black screen with white text appears. Using your arrow keys highlight the option Safe Mode and hit Enter.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#10 etech0

etech0
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 22 July 2012 - 12:45 PM

Hello Cody,

In safe mode, it seems to be a little faster, but still crashes often.
There's not really very much I can do in safe mode, though, to prove speed.

#11 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:04:05 AM

Posted 22 July 2012 - 01:54 PM

Hello etech0,

Follow the directions HERE on how to perform a clean boot.

After doing this, how is the computer?

If you have any questions, let me know.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#12 etech0

etech0
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 22 July 2012 - 02:15 PM

Hi!

It still seems to be somewhat slow, and after a while it froze.

#13 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:04:05 AM

Posted 22 July 2012 - 05:53 PM

Hello etech0,

I didn't see anything blatantly malicious in your log, though you do have a lot of software running at startup.

Please download and install Speccy.

Take a screenshot of the "summary" tab once the program has finished loading, and attach it in your next post.

---------------------------------------------------------

I also need you to verify that Microsoft Security Essentials is running at startup, as it does not appear to be based on your log.

If it's not, you need to enable it to do so.

If you need help doing this, let me know.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#14 etech0

etech0
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 22 July 2012 - 06:20 PM

Thanks for your reply.

Actually, I'm now using AVG. It should be running at startup - it seems to be, anyways.

Attached is that screenshot - if you want screenshots of any other tabs, let me know.
Attached File  Capture.PNG   74.26KB   2 downloads

I just noticed a LogMeIn driver in the list - I no longer use LogMeIn, and thought I'd uninstalled it!

#15 etech0

etech0
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 22 July 2012 - 06:26 PM

Would the log I posted originally be outdated if I repaired Windows? Should I post a new one?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users