Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit issue


  • Please log in to reply
7 replies to this topic

#1 cerveaurongeur

cerveaurongeur

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:13 PM

Posted 20 July 2012 - 03:18 PM

I got hit by a virus a few days ago, it was one of those viruses that hides all files, simulatse a hard drive crash and tries to sell you file recovery software(can't remember the name of the company). I got rid of that virus all right, but while my programs were down, I also got some kind of rootkit problem. Now I have the redirect virus sending me to random sites whenever I try to go to URL either by link or direct entry. It isn't noticeable if I only have one or two tabs open, but the more I try to do, the slower my computer goes, and the more likely I am to redirect. My security software (AVG, Malwarebytes, Spybot, and I just downloaded SUPERantispyware) has failed to fix the problem. A GMER search revealed nothing. What can I do to ditch this problem?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:13 PM

Posted 20 July 2012 - 03:24 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 cerveaurongeur

cerveaurongeur
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:13 PM

Posted 20 July 2012 - 11:18 PM

11:32:20.0020 5672 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
11:32:22.0032 5672 ============================================================
11:32:22.0032 5672 Current date / time: 2012/07/19 11:32:22.0032
11:32:22.0032 5672 SystemInfo:
11:32:22.0032 5672
11:32:22.0032 5672 OS Version: 6.1.7601 ServicePack: 1.0
11:32:22.0032 5672 Product type: Workstation
11:32:22.0034 5672 ComputerName: TIMOTHY-PC
11:32:22.0035 5672 UserName: Timothy
11:32:22.0035 5672 Windows directory: C:\Windows
11:32:22.0035 5672 System windows directory: C:\Windows
11:32:22.0035 5672 Running under WOW64
11:32:22.0036 5672 Processor architecture: Intel x64
11:32:22.0036 5672 Number of processors: 4
11:32:22.0036 5672 Page size: 0x1000
11:32:22.0036 5672 Boot type: Normal boot
11:32:22.0036 5672 ============================================================
11:32:22.0834 5672 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:32:22.0845 5672 ============================================================
11:32:22.0845 5672 \Device\Harddisk0\DR0:
11:32:22.0845 5672 MBR partitions:
11:32:22.0845 5672 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
11:32:22.0845 5672 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x48A1E2B0
11:32:22.0846 5672 ============================================================
11:32:22.0877 5672 C: <-> \Device\Harddisk0\DR0\Partition1
11:32:22.0877 5672 ============================================================
11:32:22.0877 5672 Initialize success
11:32:22.0877 5672 ============================================================
11:32:31.0611 3416 ============================================================
11:32:31.0611 3416 Scan started
11:32:31.0611 3416 Mode: Manual;
11:32:31.0611 3416 ============================================================
11:32:32.0859 3416 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:32:32.0909 3416 1394ohci - ok
11:32:32.0977 3416 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:32:33.0222 3416 ACPI - ok
11:32:33.0250 3416 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:32:33.0278 3416 AcpiPmi - ok
11:32:33.0398 3416 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:32:33.0401 3416 AdobeARMservice - ok
11:32:33.0487 3416 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:32:33.0541 3416 adp94xx - ok
11:32:33.0616 3416 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:32:33.0659 3416 adpahci - ok
11:32:33.0721 3416 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:32:33.0728 3416 adpu320 - ok
11:32:33.0787 3416 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:32:33.0789 3416 AeLookupSvc - ok
11:32:33.0873 3416 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:32:33.0918 3416 AFD - ok
11:32:33.0979 3416 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:32:33.0983 3416 agp440 - ok
11:32:34.0013 3416 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:32:34.0017 3416 ALG - ok
11:32:34.0041 3416 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:32:34.0043 3416 aliide - ok
11:32:34.0062 3416 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:32:34.0063 3416 amdide - ok
11:32:34.0075 3416 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:32:34.0087 3416 AmdK8 - ok
11:32:34.0094 3416 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:32:34.0096 3416 AmdPPM - ok
11:32:34.0153 3416 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:32:34.0157 3416 amdsata - ok
11:32:34.0200 3416 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:32:34.0218 3416 amdsbs - ok
11:32:34.0234 3416 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:32:34.0236 3416 amdxata - ok
11:32:34.0291 3416 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:32:34.0294 3416 AppID - ok
11:32:34.0319 3416 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:32:34.0322 3416 AppIDSvc - ok
11:32:34.0340 3416 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:32:34.0343 3416 Appinfo - ok
11:32:34.0371 3416 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:32:34.0381 3416 arc - ok
11:32:34.0408 3416 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:32:34.0410 3416 arcsas - ok
11:32:34.0441 3416 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:32:34.0443 3416 AsyncMac - ok
11:32:34.0468 3416 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:32:34.0470 3416 atapi - ok
11:32:34.0560 3416 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:32:34.0588 3416 AudioEndpointBuilder - ok
11:32:34.0597 3416 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:32:34.0601 3416 AudioSrv - ok
11:32:35.0023 3416 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
11:32:35.0176 3416 AVGIDSAgent - ok
11:32:35.0355 3416 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:32:35.0401 3416 AVGIDSDriver - ok
11:32:35.0462 3416 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
11:32:35.0479 3416 AVGIDSFilter - ok
11:32:35.0541 3416 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
11:32:35.0544 3416 AVGIDSHA - ok
11:32:35.0608 3416 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
11:32:35.0644 3416 Avgldx64 - ok
11:32:35.0679 3416 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
11:32:35.0681 3416 Avgmfx64 - ok
11:32:35.0708 3416 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
11:32:35.0710 3416 Avgrkx64 - ok
11:32:35.0799 3416 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
11:32:35.0849 3416 Avgtdia - ok
11:32:35.0990 3416 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
11:32:36.0009 3416 avgwd - ok
11:32:36.0078 3416 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:32:36.0082 3416 AxInstSV - ok
11:32:36.0170 3416 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:32:36.0218 3416 b06bdrv - ok
11:32:36.0277 3416 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:32:36.0358 3416 b57nd60a - ok
11:32:36.0417 3416 b57xdbd (a424cb46a145e5aabf15621550976df2) C:\Windows\system32\DRIVERS\b57xdbd.sys
11:32:36.0433 3416 b57xdbd - ok
11:32:36.0459 3416 b57xdmp (be4e6fd5a898812b85d5817ad9754a9f) C:\Windows\system32\DRIVERS\b57xdmp.sys
11:32:36.0476 3416 b57xdmp - ok
11:32:36.0525 3416 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:32:36.0527 3416 BDESVC - ok
11:32:36.0566 3416 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:32:36.0569 3416 Beep - ok
11:32:36.0656 3416 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:32:36.0673 3416 BFE - ok
11:32:36.0784 3416 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
11:32:36.0821 3416 BITS - ok
11:32:36.0889 3416 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
11:32:36.0920 3416 blbdrive - ok
11:32:36.0961 3416 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:32:36.0965 3416 bowser - ok
11:32:36.0993 3416 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:32:37.0007 3416 BrFiltLo - ok
11:32:37.0013 3416 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:32:37.0015 3416 BrFiltUp - ok
11:32:37.0061 3416 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:32:37.0064 3416 Browser - ok
11:32:37.0114 3416 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:32:37.0147 3416 Brserid - ok
11:32:37.0159 3416 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:32:37.0163 3416 BrSerWdm - ok
11:32:37.0171 3416 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:32:37.0173 3416 BrUsbMdm - ok
11:32:37.0183 3416 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:32:37.0217 3416 BrUsbSer - ok
11:32:37.0280 3416 bScsiMSa (520408cfdb56de8cdb44b2f11b9c5b5c) C:\Windows\system32\DRIVERS\bScsiMSa.sys
11:32:37.0310 3416 bScsiMSa - ok
11:32:37.0332 3416 bScsiSDa (9f880f03f4a72215c8b77fd51322c297) C:\Windows\system32\DRIVERS\bScsiSDa.sys
11:32:37.0337 3416 bScsiSDa - ok
11:32:37.0359 3416 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:32:37.0364 3416 BTHMODEM - ok
11:32:37.0414 3416 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:32:37.0418 3416 bthserv - ok
11:32:37.0450 3416 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:32:37.0453 3416 cdfs - ok
11:32:37.0504 3416 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:32:37.0514 3416 cdrom - ok
11:32:37.0539 3416 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:32:37.0542 3416 CertPropSvc - ok
11:32:37.0574 3416 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:32:37.0592 3416 circlass - ok
11:32:37.0647 3416 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:32:37.0655 3416 CLFS - ok
11:32:37.0737 3416 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:32:37.0740 3416 clr_optimization_v2.0.50727_32 - ok
11:32:37.0789 3416 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:32:37.0794 3416 clr_optimization_v2.0.50727_64 - ok
11:32:37.0878 3416 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:32:37.0902 3416 clr_optimization_v4.0.30319_32 - ok
11:32:37.0965 3416 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:32:37.0976 3416 clr_optimization_v4.0.30319_64 - ok
11:32:38.0013 3416 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:32:38.0015 3416 CmBatt - ok
11:32:38.0031 3416 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:32:38.0034 3416 cmdide - ok
11:32:38.0117 3416 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
11:32:38.0155 3416 CNG - ok
11:32:38.0217 3416 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:32:38.0220 3416 Compbatt - ok
11:32:38.0253 3416 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:32:38.0270 3416 CompositeBus - ok
11:32:38.0302 3416 COMSysApp - ok
11:32:38.0313 3416 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:32:38.0318 3416 crcdisk - ok
11:32:38.0379 3416 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
11:32:38.0408 3416 CryptSvc - ok
11:32:38.0488 3416 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:32:38.0498 3416 DcomLaunch - ok
11:32:38.0560 3416 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:32:38.0616 3416 defragsvc - ok
11:32:38.0646 3416 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:32:38.0650 3416 DfsC - ok
11:32:38.0705 3416 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:32:38.0715 3416 Dhcp - ok
11:32:38.0750 3416 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:32:38.0753 3416 discache - ok
11:32:38.0796 3416 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:32:38.0807 3416 Disk - ok
11:32:38.0848 3416 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:32:38.0865 3416 Dnscache - ok
11:32:38.0904 3416 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:32:38.0919 3416 dot3svc - ok
11:32:38.0954 3416 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:32:38.0963 3416 DPS - ok
11:32:38.0989 3416 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:32:38.0991 3416 drmkaud - ok
11:32:39.0092 3416 DsiWMIService (4ab2a58816cc6be771f1d8c768b804c5) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
11:32:39.0112 3416 DsiWMIService - ok
11:32:39.0204 3416 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:32:39.0236 3416 DXGKrnl - ok
11:32:39.0258 3416 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:32:39.0262 3416 EapHost - ok
11:32:39.0474 3416 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:32:39.0535 3416 ebdrv - ok
11:32:39.0668 3416 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:32:39.0672 3416 EFS - ok
11:32:39.0771 3416 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:32:39.0796 3416 ehRecvr - ok
11:32:39.0828 3416 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:32:39.0851 3416 ehSched - ok
11:32:39.0920 3416 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:32:39.0941 3416 elxstor - ok
11:32:40.0072 3416 ePowerSvc (eb1c213a8550f066b2ccc29c9f41e2ae) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
11:32:40.0100 3416 ePowerSvc - ok
11:32:40.0200 3416 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:32:40.0203 3416 ErrDev - ok
11:32:40.0287 3416 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:32:40.0325 3416 EventSystem - ok
11:32:40.0567 3416 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:32:40.0606 3416 EvtEng - ok
11:32:40.0756 3416 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:32:40.0774 3416 exfat - ok
11:32:40.0812 3416 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:32:40.0830 3416 fastfat - ok
11:32:40.0911 3416 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:32:40.0930 3416 Fax - ok
11:32:40.0955 3416 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:32:40.0977 3416 fdc - ok
11:32:41.0018 3416 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:32:41.0020 3416 fdPHost - ok
11:32:41.0036 3416 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:32:41.0038 3416 FDResPub - ok
11:32:41.0068 3416 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:32:41.0071 3416 FileInfo - ok
11:32:41.0091 3416 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:32:41.0093 3416 Filetrace - ok
11:32:41.0107 3416 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:32:41.0132 3416 flpydisk - ok
11:32:41.0187 3416 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:32:41.0210 3416 FltMgr - ok
11:32:41.0322 3416 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:32:41.0356 3416 FontCache - ok
11:32:41.0441 3416 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:32:41.0446 3416 FontCache3.0.0.0 - ok
11:32:41.0495 3416 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:32:41.0497 3416 FsDepends - ok
11:32:41.0531 3416 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:32:41.0533 3416 Fs_Rec - ok
11:32:41.0576 3416 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:32:41.0582 3416 fvevol - ok
11:32:41.0603 3416 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:32:41.0606 3416 gagp30kx - ok
11:32:41.0691 3416 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:32:41.0723 3416 gpsvc - ok
11:32:41.0814 3416 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
11:32:41.0817 3416 GREGService - ok
11:32:41.0905 3416 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:32:41.0909 3416 gupdate - ok
11:32:41.0930 3416 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:32:41.0933 3416 gupdatem - ok
11:32:41.0966 3416 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:32:41.0970 3416 hcw85cir - ok
11:32:42.0023 3416 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:32:42.0043 3416 HdAudAddService - ok
11:32:42.0085 3416 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:32:42.0108 3416 HDAudBus - ok
11:32:42.0133 3416 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:32:42.0153 3416 HidBatt - ok
11:32:42.0178 3416 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:32:42.0180 3416 HidBth - ok
11:32:42.0197 3416 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:32:42.0227 3416 HidIr - ok
11:32:42.0266 3416 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:32:42.0269 3416 hidserv - ok
11:32:42.0299 3416 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:32:42.0303 3416 HidUsb - ok
11:32:42.0340 3416 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:32:42.0364 3416 hkmsvc - ok
11:32:42.0392 3416 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:32:42.0400 3416 HomeGroupListener - ok
11:32:42.0440 3416 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:32:42.0448 3416 HomeGroupProvider - ok
11:32:42.0467 3416 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:32:42.0469 3416 HpSAMD - ok
11:32:42.0546 3416 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:32:42.0569 3416 HTTP - ok
11:32:42.0584 3416 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:32:42.0586 3416 hwpolicy - ok
11:32:42.0611 3416 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:32:42.0613 3416 i8042prt - ok
11:32:42.0694 3416 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys
11:32:42.0698 3416 iaStor - ok
11:32:42.0817 3416 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:32:42.0820 3416 IAStorDataMgrSvc - ok
11:32:42.0899 3416 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:32:42.0916 3416 iaStorV - ok
11:32:43.0051 3416 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:32:43.0074 3416 idsvc - ok
11:32:43.0748 3416 igfx (795c99dc4f574c97c03d0bb39cf099ee) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:32:44.0022 3416 igfx - ok
11:32:44.0164 3416 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:32:44.0178 3416 iirsp - ok
11:32:44.0274 3416 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:32:44.0347 3416 IKEEXT - ok
11:32:44.0580 3416 IntcAzAudAddService (b60accd29f8fafc4a6344cd2bd5ca3a5) C:\Windows\system32\drivers\RTKVHD64.sys
11:32:44.0698 3416 IntcAzAudAddService - ok
11:32:44.0869 3416 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
11:32:44.0893 3416 IntcDAud - ok
11:32:44.0920 3416 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:32:44.0923 3416 intelide - ok
11:32:44.0963 3416 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:32:44.0967 3416 intelppm - ok
11:32:45.0010 3416 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:32:45.0015 3416 IPBusEnum - ok
11:32:45.0049 3416 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:32:45.0053 3416 IpFilterDriver - ok
11:32:45.0111 3416 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:32:45.0121 3416 iphlpsvc - ok
11:32:45.0149 3416 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:32:45.0152 3416 IPMIDRV - ok
11:32:45.0175 3416 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:32:45.0178 3416 IPNAT - ok
11:32:45.0217 3416 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:32:45.0219 3416 IRENUM - ok
11:32:45.0225 3416 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:32:45.0227 3416 isapnp - ok
11:32:45.0272 3416 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:32:45.0295 3416 iScsiPrt - ok
11:32:45.0378 3416 ISWKL (bf65e6d039ae37c988d5b2b680e7d718) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
11:32:45.0381 3416 ISWKL - ok
11:32:45.0493 3416 IswSvc (99148599fe4d0a5cd7c7eb74ed5a63e4) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
11:32:45.0523 3416 IswSvc - ok
11:32:45.0606 3416 k57nd60a (0469bff65bbdee9e46d0c45ee32a08bd) C:\Windows\system32\DRIVERS\k57nd60a.sys
11:32:45.0624 3416 k57nd60a - ok
11:32:45.0662 3416 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
11:32:45.0664 3416 kbdclass - ok
11:32:45.0696 3416 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
11:32:45.0713 3416 kbdhid - ok
11:32:45.0758 3416 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:32:45.0761 3416 KeyIso - ok
11:32:45.0809 3416 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
11:32:45.0813 3416 KSecDD - ok
11:32:45.0847 3416 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
11:32:45.0858 3416 KSecPkg - ok
11:32:45.0879 3416 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:32:45.0883 3416 ksthunk - ok
11:32:45.0943 3416 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:32:45.0962 3416 KtmRm - ok
11:32:46.0030 3416 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
11:32:46.0045 3416 LanmanServer - ok
11:32:46.0082 3416 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:32:46.0088 3416 LanmanWorkstation - ok
11:32:46.0175 3416 Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
11:32:46.0201 3416 Live Updater Service - ok
11:32:46.0245 3416 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:32:46.0248 3416 lltdio - ok
11:32:46.0304 3416 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:32:46.0326 3416 lltdsvc - ok
11:32:46.0353 3416 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:32:46.0356 3416 lmhosts - ok
11:32:46.0462 3416 LMS (d7e0bed3ea21d7bddd410ade51708d90) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:32:46.0495 3416 LMS - ok
11:32:46.0563 3416 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:32:46.0587 3416 LSI_FC - ok
11:32:46.0617 3416 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:32:46.0621 3416 LSI_SAS - ok
11:32:46.0634 3416 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:32:46.0638 3416 LSI_SAS2 - ok
11:32:46.0651 3416 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:32:46.0654 3416 LSI_SCSI - ok
11:32:46.0680 3416 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:32:46.0683 3416 luafv - ok
11:32:46.0713 3416 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:32:46.0717 3416 Mcx2Svc - ok
11:32:46.0722 3416 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:32:46.0724 3416 megasas - ok
11:32:46.0758 3416 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:32:46.0770 3416 MegaSR - ok
11:32:46.0828 3416 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
11:32:46.0847 3416 MEIx64 - ok
11:32:47.0013 3416 Microsoft SharePoint Workspace Audit Service - ok
11:32:47.0073 3416 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:32:47.0077 3416 MMCSS - ok
11:32:47.0095 3416 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:32:47.0098 3416 Modem - ok
11:32:47.0143 3416 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:32:47.0147 3416 monitor - ok
11:32:47.0174 3416 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:32:47.0176 3416 mouclass - ok
11:32:47.0200 3416 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:32:47.0217 3416 mouhid - ok
11:32:47.0260 3416 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:32:47.0262 3416 mountmgr - ok
11:32:47.0394 3416 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:32:47.0418 3416 MozillaMaintenance - ok
11:32:47.0451 3416 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:32:47.0460 3416 mpio - ok
11:32:47.0482 3416 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:32:47.0486 3416 mpsdrv - ok
11:32:47.0583 3416 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:32:47.0601 3416 MpsSvc - ok
11:32:47.0626 3416 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:32:47.0635 3416 MRxDAV - ok
11:32:47.0673 3416 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:32:47.0683 3416 mrxsmb - ok
11:32:47.0732 3416 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:32:47.0746 3416 mrxsmb10 - ok
11:32:47.0770 3416 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:32:47.0793 3416 mrxsmb20 - ok
11:32:47.0813 3416 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:32:47.0815 3416 msahci - ok
11:32:47.0842 3416 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:32:47.0876 3416 msdsm - ok
11:32:47.0918 3416 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:32:47.0929 3416 MSDTC - ok
11:32:47.0972 3416 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:32:47.0974 3416 Msfs - ok
11:32:47.0989 3416 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:32:47.0992 3416 mshidkmdf - ok
11:32:48.0011 3416 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:32:48.0029 3416 msisadrv - ok
11:32:48.0083 3416 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:32:48.0093 3416 MSiSCSI - ok
11:32:48.0097 3416 msiserver - ok
11:32:48.0130 3416 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:32:48.0132 3416 MSKSSRV - ok
11:32:48.0148 3416 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:32:48.0150 3416 MSPCLOCK - ok
11:32:48.0155 3416 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:32:48.0158 3416 MSPQM - ok
11:32:48.0204 3416 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:32:48.0236 3416 MsRPC - ok
11:32:48.0258 3416 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:32:48.0261 3416 mssmbios - ok
11:32:48.0277 3416 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:32:48.0279 3416 MSTEE - ok
11:32:48.0284 3416 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:32:48.0299 3416 MTConfig - ok
11:32:48.0319 3416 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:32:48.0321 3416 Mup - ok
11:32:48.0436 3416 MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:32:48.0457 3416 MyWiFiDHCPDNS - ok
11:32:48.0529 3416 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:32:48.0556 3416 napagent - ok
11:32:48.0612 3416 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:32:48.0625 3416 NativeWifiP - ok
11:32:48.0753 3416 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe
11:32:48.0777 3416 NAUpdate - ok
11:32:48.0863 3416 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
11:32:48.0883 3416 NDIS - ok
11:32:48.0902 3416 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:32:48.0904 3416 NdisCap - ok
11:32:48.0929 3416 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:32:48.0930 3416 NdisTapi - ok
11:32:48.0953 3416 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:32:48.0955 3416 Ndisuio - ok
11:32:48.0986 3416 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:32:48.0996 3416 NdisWan - ok
11:32:49.0025 3416 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:32:49.0027 3416 NDProxy - ok
11:32:49.0043 3416 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:32:49.0045 3416 NetBIOS - ok
11:32:49.0083 3416 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:32:49.0097 3416 NetBT - ok
11:32:49.0135 3416 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:32:49.0137 3416 Netlogon - ok
11:32:49.0196 3416 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:32:49.0214 3416 Netman - ok
11:32:49.0250 3416 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:32:49.0258 3416 netprofm - ok
11:32:49.0338 3416 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:32:49.0343 3416 NetTcpPortSharing - ok
11:32:49.0825 3416 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
11:32:50.0014 3416 NETwNs64 - ok
11:32:50.0136 3416 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:32:50.0138 3416 nfrd960 - ok
11:32:50.0199 3416 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:32:50.0225 3416 NlaSvc - ok
11:32:50.0285 3416 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:32:50.0289 3416 Npfs - ok
11:32:50.0317 3416 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:32:50.0322 3416 nsi - ok
11:32:50.0338 3416 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:32:50.0340 3416 nsiproxy - ok
11:32:50.0451 3416 NSL (18654d5e0dc33b7f0f895264a5de80da) C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
11:32:50.0475 3416 NSL - ok
11:32:50.0639 3416 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:32:50.0695 3416 Ntfs - ok
11:32:50.0770 3416 NTI IScheduleSvc (773eed20bbf50809437373c0285bfa5e) C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
11:32:50.0785 3416 NTI IScheduleSvc - ok
11:32:50.0911 3416 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
11:32:50.0914 3416 NTIDrvr - ok
11:32:50.0932 3416 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:32:50.0935 3416 Null - ok
11:32:50.0978 3416 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys
11:32:50.0999 3416 nusb3hub - ok
11:32:51.0041 3416 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:32:51.0093 3416 nusb3xhc - ok
11:32:51.0145 3416 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:32:51.0190 3416 nvraid - ok
11:32:51.0227 3416 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:32:51.0257 3416 nvstor - ok
11:32:51.0305 3416 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:32:51.0329 3416 nv_agp - ok
11:32:51.0341 3416 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:32:51.0356 3416 ohci1394 - ok
11:32:51.0443 3416 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:32:51.0476 3416 ose - ok
11:32:51.0822 3416 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:32:51.0954 3416 osppsvc - ok
11:32:52.0128 3416 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:32:52.0137 3416 p2pimsvc - ok
11:32:52.0205 3416 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:32:52.0242 3416 p2psvc - ok
11:32:52.0291 3416 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:32:52.0296 3416 Parport - ok
11:32:52.0333 3416 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:32:52.0337 3416 partmgr - ok
11:32:52.0360 3416 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:32:52.0368 3416 PcaSvc - ok
11:32:52.0401 3416 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:32:52.0418 3416 pci - ok
11:32:52.0442 3416 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:32:52.0444 3416 pciide - ok
11:32:52.0469 3416 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:32:52.0473 3416 pcmcia - ok
11:32:52.0493 3416 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:32:52.0496 3416 pcw - ok
11:32:52.0543 3416 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:32:52.0553 3416 PEAUTH - ok
11:32:52.0653 3416 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:32:52.0656 3416 PerfHost - ok
11:32:52.0781 3416 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:32:52.0828 3416 pla - ok
11:32:52.0896 3416 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:32:52.0913 3416 PlugPlay - ok
11:32:52.0929 3416 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:32:52.0935 3416 PNRPAutoReg - ok
11:32:52.0979 3416 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:32:52.0984 3416 PNRPsvc - ok
11:32:53.0056 3416 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:32:53.0066 3416 PolicyAgent - ok
11:32:53.0118 3416 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:32:53.0123 3416 Power - ok
11:32:53.0203 3416 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:32:53.0207 3416 PptpMiniport - ok
11:32:53.0231 3416 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:32:53.0235 3416 Processor - ok
11:32:53.0291 3416 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
11:32:53.0310 3416 ProfSvc - ok
11:32:53.0345 3416 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:32:53.0349 3416 ProtectedStorage - ok
11:32:53.0391 3416 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:32:53.0396 3416 Psched - ok
11:32:53.0550 3416 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:32:53.0599 3416 ql2300 - ok
11:32:53.0700 3416 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:32:53.0714 3416 ql40xx - ok
11:32:53.0762 3416 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:32:53.0777 3416 QWAVE - ok
11:32:53.0800 3416 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:32:53.0803 3416 QWAVEdrv - ok
11:32:53.0821 3416 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:32:53.0822 3416 RasAcd - ok
11:32:53.0871 3416 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:32:53.0873 3416 RasAgileVpn - ok
11:32:53.0905 3416 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:32:53.0909 3416 RasAuto - ok
11:32:53.0939 3416 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:32:53.0942 3416 Rasl2tp - ok
11:32:53.0969 3416 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:32:53.0977 3416 RasMan - ok
11:32:54.0004 3416 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:32:54.0007 3416 RasPppoe - ok
11:32:54.0029 3416 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:32:54.0031 3416 RasSstp - ok
11:32:54.0073 3416 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:32:54.0085 3416 rdbss - ok
11:32:54.0099 3416 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:32:54.0101 3416 rdpbus - ok
11:32:54.0136 3416 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:32:54.0138 3416 RDPCDD - ok
11:32:54.0159 3416 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:32:54.0160 3416 RDPENCDD - ok
11:32:54.0183 3416 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:32:54.0184 3416 RDPREFMP - ok
11:32:54.0228 3416 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
11:32:54.0246 3416 RDPWD - ok
11:32:54.0280 3416 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:32:54.0284 3416 rdyboost - ok
11:32:54.0451 3416 RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:32:54.0476 3416 RegSrvc - ok
11:32:54.0515 3416 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:32:54.0521 3416 RemoteAccess - ok
11:32:54.0566 3416 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:32:54.0575 3416 RemoteRegistry - ok
11:32:54.0608 3416 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:32:54.0611 3416 RpcEptMapper - ok
11:32:54.0643 3416 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:32:54.0645 3416 RpcLocator - ok
11:32:54.0700 3416 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:32:54.0707 3416 RpcSs - ok
11:32:54.0791 3416 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:32:54.0795 3416 rspndr - ok
11:32:54.0834 3416 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:32:54.0836 3416 SamSs - ok
11:32:54.0862 3416 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:32:54.0865 3416 sbp2port - ok
11:32:55.0035 3416 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
11:32:55.0058 3416 SBSDWSCService - ok
11:32:55.0101 3416 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:32:55.0120 3416 SCardSvr - ok
11:32:55.0171 3416 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:32:55.0173 3416 scfilter - ok
11:32:55.0263 3416 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:32:55.0286 3416 Schedule - ok
11:32:55.0327 3416 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:32:55.0328 3416 SCPolicySvc - ok
11:32:55.0358 3416 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
11:32:55.0360 3416 sdbus - ok
11:32:55.0386 3416 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:32:55.0395 3416 SDRSVC - ok
11:32:55.0422 3416 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:32:55.0451 3416 secdrv - ok
11:32:55.0468 3416 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:32:55.0472 3416 seclogon - ok
11:32:55.0491 3416 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:32:55.0495 3416 SENS - ok
11:32:55.0523 3416 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:32:55.0527 3416 SensrSvc - ok
11:32:55.0540 3416 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:32:55.0542 3416 Serenum - ok
11:32:55.0553 3416 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:32:55.0556 3416 Serial - ok
11:32:55.0576 3416 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:32:55.0578 3416 sermouse - ok
11:32:55.0613 3416 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:32:55.0637 3416 SessionEnv - ok
11:32:55.0648 3416 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:32:55.0668 3416 sffdisk - ok
11:32:55.0674 3416 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:32:55.0675 3416 sffp_mmc - ok
11:32:55.0680 3416 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:32:55.0682 3416 sffp_sd - ok
11:32:55.0704 3416 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:32:55.0715 3416 sfloppy - ok
11:32:55.0797 3416 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:32:55.0813 3416 SharedAccess - ok
11:32:55.0861 3416 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:32:55.0879 3416 ShellHWDetection - ok
11:32:55.0887 3416 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:32:55.0908 3416 SiSRaid2 - ok
11:32:55.0924 3416 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:32:55.0927 3416 SiSRaid4 - ok
11:32:55.0960 3416 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:32:55.0962 3416 Smb - ok
11:32:55.0996 3416 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:32:55.0999 3416 SNMPTRAP - ok
11:32:56.0031 3416 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:32:56.0032 3416 spldr - ok
11:32:56.0095 3416 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:32:56.0115 3416 Spooler - ok
11:32:56.0402 3416 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:32:56.0510 3416 sppsvc - ok
11:32:56.0633 3416 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:32:56.0640 3416 sppuinotify - ok
11:32:56.0712 3416 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:32:56.0726 3416 srv - ok
11:32:56.0792 3416 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:32:56.0809 3416 srv2 - ok
11:32:56.0838 3416 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:32:56.0847 3416 srvnet - ok
11:32:56.0895 3416 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:32:56.0913 3416 SSDPSRV - ok
11:32:56.0935 3416 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:32:56.0940 3416 SstpSvc - ok
11:32:56.0973 3416 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:32:56.0975 3416 stexstor - ok
11:32:57.0049 3416 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:32:57.0067 3416 stisvc - ok
11:32:57.0077 3416 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:32:57.0079 3416 swenum - ok
11:32:57.0273 3416 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:32:57.0293 3416 SwitchBoard - ok
11:32:57.0364 3416 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:32:57.0387 3416 swprv - ok
11:32:57.0541 3416 SynTP (ef51b22706db03f0857fade127c804ec) C:\Windows\system32\DRIVERS\SynTP.sys
11:32:57.0586 3416 SynTP - ok
11:32:57.0833 3416 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:32:57.0881 3416 SysMain - ok
11:32:57.0954 3416 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:32:57.0959 3416 TabletInputService - ok
11:32:57.0997 3416 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:32:58.0009 3416 TapiSrv - ok
11:32:58.0029 3416 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:32:58.0034 3416 TBS - ok
11:32:58.0201 3416 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:32:58.0251 3416 Tcpip - ok
11:32:58.0497 3416 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:32:58.0524 3416 TCPIP6 - ok
11:32:58.0598 3416 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:32:58.0600 3416 tcpipreg - ok
11:32:58.0618 3416 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:32:58.0620 3416 TDPIPE - ok
11:32:58.0651 3416 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:32:58.0653 3416 TDTCP - ok
11:32:58.0697 3416 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:32:58.0721 3416 tdx - ok
11:32:58.0748 3416 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:32:58.0751 3416 TermDD - ok
11:32:58.0825 3416 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:32:58.0851 3416 TermService - ok
11:32:58.0874 3416 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:32:58.0878 3416 Themes - ok
11:32:58.0917 3416 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:32:58.0920 3416 THREADORDER - ok
11:32:58.0948 3416 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:32:58.0973 3416 TrkWks - ok
11:32:59.0044 3416 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:32:59.0063 3416 TrustedInstaller - ok
11:32:59.0088 3416 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:32:59.0090 3416 tssecsrv - ok
11:32:59.0120 3416 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:32:59.0122 3416 TsUsbFlt - ok
11:32:59.0129 3416 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:32:59.0131 3416 TsUsbGD - ok
11:32:59.0188 3416 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:32:59.0191 3416 tunnel - ok
11:32:59.0213 3416 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:32:59.0215 3416 uagp35 - ok
11:32:59.0243 3416 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
11:32:59.0245 3416 UBHelper - ok
11:32:59.0288 3416 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:32:59.0298 3416 udfs - ok
11:32:59.0327 3416 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:32:59.0331 3416 UI0Detect - ok
11:32:59.0364 3416 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:32:59.0396 3416 uliagpkx - ok
11:32:59.0427 3416 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:32:59.0429 3416 umbus - ok
11:32:59.0449 3416 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:32:59.0496 3416 UmPass - ok
11:32:59.0776 3416 UNS (a678e5ddd974903dd71f503bdcaca218) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:32:59.0847 3416 UNS - ok
11:32:59.0995 3416 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:33:00.0016 3416 upnphost - ok
11:33:00.0093 3416 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
11:33:00.0098 3416 usbaudio - ok
11:33:00.0151 3416 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:33:00.0155 3416 usbccgp - ok
11:33:00.0201 3416 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:33:00.0212 3416 usbcir - ok
11:33:00.0233 3416 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:33:00.0253 3416 usbehci - ok
11:33:00.0311 3416 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:33:00.0329 3416 usbhub - ok
11:33:00.0368 3416 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:33:00.0379 3416 usbohci - ok
11:33:00.0403 3416 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
11:33:00.0422 3416 usbprint - ok
11:33:00.0469 3416 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:33:00.0474 3416 USBSTOR - ok
11:33:00.0483 3416 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:33:00.0487 3416 usbuhci - ok
11:33:00.0524 3416 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
11:33:00.0533 3416 usbvideo - ok
11:33:00.0565 3416 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:33:00.0569 3416 UxSms - ok
11:33:00.0612 3416 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:33:00.0614 3416 VaultSvc - ok
11:33:00.0640 3416 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:33:00.0642 3416 vdrvroot - ok
11:33:00.0690 3416 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:33:00.0714 3416 vds - ok
11:33:00.0735 3416 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:33:00.0737 3416 vga - ok
11:33:00.0760 3416 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:33:00.0762 3416 VgaSave - ok
11:33:00.0783 3416 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:33:00.0788 3416 vhdmp - ok
11:33:00.0796 3416 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:33:00.0799 3416 viaide - ok
11:33:00.0823 3416 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:33:00.0826 3416 volmgr - ok
11:33:00.0867 3416 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:33:00.0877 3416 volmgrx - ok
11:33:00.0930 3416 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:33:00.0964 3416 volsnap - ok
11:33:01.0070 3416 Vsdatant (239d8d72730226cd460bdc8ca0a23d43) C:\Windows\system32\DRIVERS\vsdatant.sys
11:33:01.0119 3416 Vsdatant - ok
11:33:01.0213 3416 vsmon - ok
11:33:01.0252 3416 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:33:01.0262 3416 vsmraid - ok
11:33:01.0407 3416 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:33:01.0471 3416 VSS - ok
11:33:01.0600 3416 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:33:01.0603 3416 vwifibus - ok
11:33:01.0628 3416 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:33:01.0631 3416 vwififlt - ok
11:33:01.0665 3416 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:33:01.0668 3416 vwifimp - ok
11:33:01.0721 3416 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:33:01.0748 3416 W32Time - ok
11:33:01.0776 3416 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:33:01.0779 3416 WacomPen - ok
11:33:01.0817 3416 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:33:01.0820 3416 WANARP - ok
11:33:01.0823 3416 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:33:01.0825 3416 Wanarpv6 - ok
11:33:01.0981 3416 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:33:02.0018 3416 WatAdminSvc - ok
11:33:02.0174 3416 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:33:02.0237 3416 wbengine - ok
11:33:02.0355 3416 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:33:02.0373 3416 WbioSrvc - ok
11:33:02.0425 3416 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:33:02.0436 3416 wcncsvc - ok
11:33:02.0456 3416 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:33:02.0460 3416 WcsPlugInService - ok
11:33:02.0501 3416 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:33:02.0503 3416 Wd - ok
11:33:02.0547 3416 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
11:33:02.0591 3416 WDC_SAM - ok
11:33:02.0657 3416 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:33:02.0670 3416 Wdf01000 - ok
11:33:02.0697 3416 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:33:02.0702 3416 WdiServiceHost - ok
11:33:02.0707 3416 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:33:02.0712 3416 WdiSystemHost - ok
11:33:02.0777 3416 wdkmd (5e1640435dd54d00451156ca5340b109) C:\Windows\system32\DRIVERS\WDKMD.sys
11:33:03.0000 3416 wdkmd - ok
11:33:03.0061 3416 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:33:03.0074 3416 WebClient - ok
11:33:03.0114 3416 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:33:03.0130 3416 Wecsvc - ok
11:33:03.0156 3416 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:33:03.0163 3416 wercplsupport - ok
11:33:03.0195 3416 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:33:03.0201 3416 WerSvc - ok
11:33:03.0238 3416 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:33:03.0240 3416 WfpLwf - ok
11:33:03.0261 3416 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:33:03.0264 3416 WIMMount - ok
11:33:03.0315 3416 WinDefend - ok
11:33:03.0328 3416 WinHttpAutoProxySvc - ok
11:33:03.0415 3416 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:33:03.0434 3416 Winmgmt - ok
11:33:03.0604 3416 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:33:03.0678 3416 WinRM - ok
11:33:03.0848 3416 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:33:03.0858 3416 WinUsb - ok
11:33:03.0966 3416 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:33:03.0992 3416 Wlansvc - ok
11:33:04.0061 3416 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:33:04.0065 3416 wlcrasvc - ok
11:33:04.0253 3416 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:33:04.0305 3416 wlidsvc - ok
11:33:04.0443 3416 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:33:04.0446 3416 WmiAcpi - ok
11:33:04.0516 3416 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:33:04.0521 3416 wmiApSrv - ok
11:33:04.0581 3416 WMPNetworkSvc - ok
11:33:04.0620 3416 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:33:04.0627 3416 WPCSvc - ok
11:33:04.0657 3416 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:33:04.0680 3416 WPDBusEnum - ok
11:33:04.0709 3416 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:33:04.0713 3416 ws2ifsl - ok
11:33:04.0744 3416 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
11:33:04.0769 3416 wscsvc - ok
11:33:04.0821 3416 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
11:33:04.0824 3416 WSDPrintDevice - ok
11:33:04.0831 3416 WSearch - ok
11:33:05.0033 3416 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
11:33:05.0091 3416 wuauserv - ok
11:33:05.0227 3416 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:33:05.0251 3416 WudfPf - ok
11:33:05.0295 3416 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:33:05.0304 3416 WUDFRd - ok
11:33:05.0336 3416 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:33:05.0343 3416 wudfsvc - ok
11:33:05.0383 3416 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:33:05.0399 3416 WwanSvc - ok
11:33:05.0467 3416 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:33:05.0500 3416 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
11:33:05.0500 3416 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
11:33:05.0528 3416 Boot (0x1200) (b136d946b0ce20bd07e3cb0f1f523617) \Device\Harddisk0\DR0\Partition0
11:33:05.0530 3416 \Device\Harddisk0\DR0\Partition0 - ok
11:33:05.0541 3416 Boot (0x1200) (a57ad610168bad5ac617bda52c71a364) \Device\Harddisk0\DR0\Partition1
11:33:05.0543 3416 \Device\Harddisk0\DR0\Partition1 - ok
11:33:05.0544 3416 ============================================================
11:33:05.0544 3416 Scan finished
11:33:05.0544 3416 ============================================================
11:33:05.0554 7952 Detected object count: 1
11:33:05.0555 7952 Actual detected object count: 1
11:33:20.0803 7952 \Device\Harddisk0\DR0\# - copied to quarantine
11:33:20.0804 7952 \Device\Harddisk0\DR0 - copied to quarantine
11:33:20.0915 7952 \Device\Harddisk0\DR0 - processing error
11:33:27.0722 7952 \Device\Harddisk0\DR0 - will be restored on reboot
11:33:27.0800 7952 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure Restore
11:34:19.0115 6208 Deinitialize success



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-20 23:49:12
-----------------------------
23:49:12.330 OS Version: Windows x64 6.1.7601 Service Pack 1
23:49:12.330 Number of processors: 4 586 0x2A07
23:49:12.330 ComputerName: TIMOTHY-PC UserName: Timothy
23:49:16.160 Initialize success
23:57:50.186 AVAST engine defs: 12072001
23:58:31.403 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:58:31.408 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
23:58:31.427 Disk 0 MBR read successfully
23:58:31.434 Disk 0 MBR scan
23:58:31.443 Disk 0 Windows 7 default MBR code
23:58:31.449 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15360 MB offset 2048
23:58:31.465 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31459328
23:58:31.478 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 595004 MB offset 31664128
23:58:31.505 Disk 0 scanning C:\Windows\system32\drivers
23:58:41.085 Service scanning
23:59:14.059 Modules scanning
23:59:14.076 Disk 0 trace - called modules:
23:59:14.125 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8006909334]<<iaStor.sys hal.dll
23:59:14.138 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80068f5060]
23:59:14.148 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a25050]
23:59:14.159 \Driver\iaStor[0xfffffa8004a0a490] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa8006909334
23:59:15.652 AVAST engine scan C:\Windows
23:59:18.574 AVAST engine scan C:\Windows\system32
00:01:54.539 AVAST engine scan C:\Windows\system32\drivers
00:02:12.836 AVAST engine scan C:\Users\Timothy
00:09:26.028 AVAST engine scan C:\ProgramData
00:10:57.605 Scan finished successfully
00:15:32.771 Disk 0 MBR has been saved successfully to "C:\Users\Timothy\Desktop\MBR.dat"
00:15:32.776 The log file has been saved successfully to "C:\Users\Timothy\Desktop\aswMBR.txt"


C:\Users\Timothy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\1fa06fc1-190c4c1a a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\Timothy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\dcfd067-7032e09e a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:13 PM

Posted 21 July 2012 - 06:46 AM

Run TDSSkiller again and post the new log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Create a restore point before trying this

Download

adware cleaner

Launch it click on Delete

post the generated log

#5 cerveaurongeur

cerveaurongeur
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:13 PM

Posted 21 July 2012 - 04:55 PM

11:23:11.0353 5616 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
11:23:13.0370 5616 ============================================================
11:23:13.0370 5616 Current date / time: 2012/07/21 11:23:13.0370
11:23:13.0370 5616 SystemInfo:
11:23:13.0370 5616
11:23:13.0371 5616 OS Version: 6.1.7601 ServicePack: 1.0
11:23:13.0371 5616 Product type: Workstation
11:23:13.0371 5616 ComputerName: TIMOTHY-PC
11:23:13.0371 5616 UserName: Timothy
11:23:13.0371 5616 Windows directory: C:\Windows
11:23:13.0371 5616 System windows directory: C:\Windows
11:23:13.0371 5616 Running under WOW64
11:23:13.0371 5616 Processor architecture: Intel x64
11:23:13.0371 5616 Number of processors: 4
11:23:13.0371 5616 Page size: 0x1000
11:23:13.0371 5616 Boot type: Normal boot
11:23:13.0371 5616 ============================================================
11:23:14.0264 5616 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:23:14.0268 5616 ============================================================
11:23:14.0268 5616 \Device\Harddisk0\DR0:
11:23:14.0273 5616 MBR partitions:
11:23:14.0273 5616 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
11:23:14.0273 5616 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x48A1E2B0
11:23:14.0273 5616 ============================================================
11:23:14.0295 5616 C: <-> \Device\Harddisk0\DR0\Partition1
11:23:14.0315 5616 ============================================================
11:23:14.0315 5616 Initialize success
11:23:14.0315 5616 ============================================================
11:23:40.0967 4048 ============================================================
11:23:40.0967 4048 Scan started
11:23:40.0967 4048 Mode: Manual;
11:23:40.0967 4048 ============================================================
11:23:41.0926 4048 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
11:23:41.0927 4048 !SASCORE - ok
11:23:42.0231 4048 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:23:42.0246 4048 1394ohci - ok
11:23:42.0294 4048 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:23:42.0313 4048 ACPI - ok
11:23:42.0344 4048 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:23:42.0346 4048 AcpiPmi - ok
11:23:42.0437 4048 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:23:42.0438 4048 AdobeARMservice - ok
11:23:42.0526 4048 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:23:42.0554 4048 adp94xx - ok
11:23:42.0677 4048 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:23:42.0695 4048 adpahci - ok
11:23:42.0770 4048 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:23:42.0773 4048 adpu320 - ok
11:23:42.0814 4048 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:23:42.0815 4048 AeLookupSvc - ok
11:23:42.0897 4048 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:23:42.0904 4048 AFD - ok
11:23:42.0963 4048 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:23:42.0965 4048 agp440 - ok
11:23:43.0008 4048 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:23:43.0010 4048 ALG - ok
11:23:43.0031 4048 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:23:43.0032 4048 aliide - ok
11:23:43.0036 4048 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:23:43.0038 4048 amdide - ok
11:23:43.0058 4048 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:23:43.0060 4048 AmdK8 - ok
11:23:43.0067 4048 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:23:43.0070 4048 AmdPPM - ok
11:23:43.0126 4048 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:23:43.0129 4048 amdsata - ok
11:23:43.0161 4048 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:23:43.0166 4048 amdsbs - ok
11:23:43.0184 4048 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:23:43.0185 4048 amdxata - ok
11:23:43.0218 4048 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:23:43.0220 4048 AppID - ok
11:23:43.0248 4048 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:23:43.0249 4048 AppIDSvc - ok
11:23:43.0290 4048 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:23:43.0291 4048 Appinfo - ok
11:23:43.0335 4048 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:23:43.0337 4048 arc - ok
11:23:43.0358 4048 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:23:43.0359 4048 arcsas - ok
11:23:43.0380 4048 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:23:43.0382 4048 AsyncMac - ok
11:23:43.0407 4048 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:23:43.0409 4048 atapi - ok
11:23:43.0501 4048 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:23:43.0506 4048 AudioEndpointBuilder - ok
11:23:43.0512 4048 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:23:43.0516 4048 AudioSrv - ok
11:23:44.0040 4048 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
11:23:44.0155 4048 AVGIDSAgent - ok
11:23:44.0349 4048 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:23:44.0352 4048 AVGIDSDriver - ok
11:23:44.0390 4048 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
11:23:44.0391 4048 AVGIDSFilter - ok
11:23:44.0469 4048 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
11:23:44.0470 4048 AVGIDSHA - ok
11:23:44.0548 4048 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
11:23:44.0558 4048 Avgldx64 - ok
11:23:44.0596 4048 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
11:23:44.0598 4048 Avgmfx64 - ok
11:23:44.0691 4048 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
11:23:44.0693 4048 Avgrkx64 - ok
11:23:44.0771 4048 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
11:23:44.0796 4048 Avgtdia - ok
11:23:44.0941 4048 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
11:23:44.0942 4048 avgwd - ok
11:23:44.0984 4048 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:23:44.0986 4048 AxInstSV - ok
11:23:45.0048 4048 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:23:45.0064 4048 b06bdrv - ok
11:23:45.0118 4048 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:23:45.0128 4048 b57nd60a - ok
11:23:45.0176 4048 b57xdbd (a424cb46a145e5aabf15621550976df2) C:\Windows\system32\DRIVERS\b57xdbd.sys
11:23:45.0178 4048 b57xdbd - ok
11:23:45.0187 4048 b57xdmp (be4e6fd5a898812b85d5817ad9754a9f) C:\Windows\system32\DRIVERS\b57xdmp.sys
11:23:45.0189 4048 b57xdmp - ok
11:23:45.0229 4048 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:23:45.0231 4048 BDESVC - ok
11:23:45.0272 4048 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:23:45.0274 4048 Beep - ok
11:23:45.0346 4048 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:23:45.0351 4048 BFE - ok
11:23:45.0449 4048 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
11:23:45.0455 4048 BITS - ok
11:23:45.0545 4048 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
11:23:45.0546 4048 blbdrive - ok
11:23:45.0644 4048 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:23:45.0672 4048 bowser - ok
11:23:45.0700 4048 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:23:45.0701 4048 BrFiltLo - ok
11:23:45.0705 4048 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:23:45.0706 4048 BrFiltUp - ok
11:23:45.0770 4048 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:23:45.0772 4048 Browser - ok
11:23:45.0795 4048 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:23:45.0800 4048 Brserid - ok
11:23:45.0806 4048 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:23:45.0808 4048 BrSerWdm - ok
11:23:45.0811 4048 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:23:45.0814 4048 BrUsbMdm - ok
11:23:45.0817 4048 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:23:45.0818 4048 BrUsbSer - ok
11:23:45.0875 4048 bScsiMSa (520408cfdb56de8cdb44b2f11b9c5b5c) C:\Windows\system32\DRIVERS\bScsiMSa.sys
11:23:45.0877 4048 bScsiMSa - ok
11:23:45.0906 4048 bScsiSDa (9f880f03f4a72215c8b77fd51322c297) C:\Windows\system32\DRIVERS\bScsiSDa.sys
11:23:45.0908 4048 bScsiSDa - ok
11:23:45.0933 4048 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:23:45.0935 4048 BTHMODEM - ok
11:23:45.0976 4048 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:23:45.0978 4048 bthserv - ok
11:23:46.0043 4048 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:23:46.0045 4048 cdfs - ok
11:23:46.0088 4048 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:23:46.0098 4048 cdrom - ok
11:23:46.0124 4048 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:23:46.0126 4048 CertPropSvc - ok
11:23:46.0157 4048 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:23:46.0159 4048 circlass - ok
11:23:46.0207 4048 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:23:46.0213 4048 CLFS - ok
11:23:46.0288 4048 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:23:46.0291 4048 clr_optimization_v2.0.50727_32 - ok
11:23:46.0354 4048 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:23:46.0379 4048 clr_optimization_v2.0.50727_64 - ok
11:23:46.0549 4048 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:23:46.0572 4048 clr_optimization_v4.0.30319_32 - ok
11:23:46.0617 4048 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:23:46.0621 4048 clr_optimization_v4.0.30319_64 - ok
11:23:46.0707 4048 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:23:46.0709 4048 CmBatt - ok
11:23:46.0725 4048 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:23:46.0726 4048 cmdide - ok
11:23:46.0793 4048 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
11:23:46.0813 4048 CNG - ok
11:23:46.0846 4048 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:23:46.0847 4048 Compbatt - ok
11:23:46.0882 4048 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:23:46.0883 4048 CompositeBus - ok
11:23:46.0895 4048 COMSysApp - ok
11:23:46.0910 4048 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:23:46.0912 4048 crcdisk - ok
11:23:46.0974 4048 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
11:23:46.0977 4048 CryptSvc - ok
11:23:47.0053 4048 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:23:47.0057 4048 DcomLaunch - ok
11:23:47.0121 4048 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:23:47.0131 4048 defragsvc - ok
11:23:47.0164 4048 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:23:47.0167 4048 DfsC - ok
11:23:47.0222 4048 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:23:47.0224 4048 Dhcp - ok
11:23:47.0281 4048 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:23:47.0281 4048 discache - ok
11:23:47.0325 4048 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:23:47.0327 4048 Disk - ok
11:23:47.0376 4048 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:23:47.0379 4048 Dnscache - ok
11:23:47.0434 4048 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:23:47.0446 4048 dot3svc - ok
11:23:47.0473 4048 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:23:47.0474 4048 DPS - ok
11:23:47.0518 4048 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:23:47.0519 4048 drmkaud - ok
11:23:47.0645 4048 DsiWMIService (4ab2a58816cc6be771f1d8c768b804c5) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
11:23:47.0648 4048 DsiWMIService - ok
11:23:47.0754 4048 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:23:47.0777 4048 DXGKrnl - ok
11:23:47.0831 4048 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:23:47.0833 4048 EapHost - ok
11:23:48.0128 4048 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:23:48.0206 4048 ebdrv - ok
11:23:48.0364 4048 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:23:48.0365 4048 EFS - ok
11:23:48.0448 4048 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:23:48.0497 4048 ehRecvr - ok
11:23:48.0535 4048 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:23:48.0556 4048 ehSched - ok
11:23:48.0651 4048 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:23:48.0678 4048 elxstor - ok
11:23:48.0832 4048 ePowerSvc (eb1c213a8550f066b2ccc29c9f41e2ae) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
11:23:48.0838 4048 ePowerSvc - ok
11:23:48.0973 4048 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:23:48.0975 4048 ErrDev - ok
11:23:49.0048 4048 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:23:49.0051 4048 EventSystem - ok
11:23:49.0297 4048 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:23:49.0329 4048 EvtEng - ok
11:23:49.0496 4048 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:23:49.0524 4048 exfat - ok
11:23:49.0560 4048 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:23:49.0576 4048 fastfat - ok
11:23:49.0660 4048 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:23:49.0688 4048 Fax - ok
11:23:49.0728 4048 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:23:49.0730 4048 fdc - ok
11:23:49.0769 4048 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:23:49.0770 4048 fdPHost - ok
11:23:49.0787 4048 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:23:49.0788 4048 FDResPub - ok
11:23:49.0807 4048 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:23:49.0809 4048 FileInfo - ok
11:23:49.0820 4048 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:23:49.0822 4048 Filetrace - ok
11:23:49.0847 4048 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:23:49.0849 4048 flpydisk - ok
11:23:49.0903 4048 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:23:49.0913 4048 FltMgr - ok
11:23:50.0081 4048 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:23:50.0119 4048 FontCache - ok
11:23:50.0215 4048 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:23:50.0217 4048 FontCache3.0.0.0 - ok
11:23:50.0257 4048 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:23:50.0259 4048 FsDepends - ok
11:23:50.0314 4048 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:23:50.0347 4048 Fs_Rec - ok
11:23:50.0400 4048 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:23:50.0405 4048 fvevol - ok
11:23:50.0454 4048 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:23:50.0455 4048 gagp30kx - ok
11:23:50.0523 4048 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:23:50.0529 4048 gpsvc - ok
11:23:50.0642 4048 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
11:23:50.0643 4048 GREGService - ok
11:23:50.0723 4048 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:23:50.0724 4048 gupdate - ok
11:23:50.0759 4048 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:23:50.0761 4048 gupdatem - ok
11:23:50.0794 4048 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:23:50.0797 4048 hcw85cir - ok
11:23:50.0846 4048 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:23:50.0869 4048 HdAudAddService - ok
11:23:50.0900 4048 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:23:50.0903 4048 HDAudBus - ok
11:23:50.0917 4048 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:23:50.0918 4048 HidBatt - ok
11:23:50.0940 4048 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:23:50.0942 4048 HidBth - ok
11:23:50.0947 4048 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:23:50.0948 4048 HidIr - ok
11:23:50.0983 4048 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:23:50.0985 4048 hidserv - ok
11:23:51.0039 4048 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:23:51.0040 4048 HidUsb - ok
11:23:51.0076 4048 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:23:51.0078 4048 hkmsvc - ok
11:23:51.0098 4048 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:23:51.0101 4048 HomeGroupListener - ok
11:23:51.0156 4048 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:23:51.0159 4048 HomeGroupProvider - ok
11:23:51.0195 4048 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:23:51.0223 4048 HpSAMD - ok
11:23:51.0303 4048 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:23:51.0311 4048 HTTP - ok
11:23:51.0335 4048 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:23:51.0335 4048 hwpolicy - ok
11:23:51.0360 4048 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:23:51.0362 4048 i8042prt - ok
11:23:51.0436 4048 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys
11:23:51.0439 4048 iaStor - ok
11:23:51.0579 4048 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:23:51.0580 4048 IAStorDataMgrSvc - ok
11:23:51.0656 4048 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:23:51.0674 4048 iaStorV - ok
11:23:51.0931 4048 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:23:51.0953 4048 idsvc - ok
11:23:52.0604 4048 igfx (795c99dc4f574c97c03d0bb39cf099ee) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:23:52.0843 4048 igfx - ok
11:23:52.0991 4048 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:23:52.0993 4048 iirsp - ok
11:23:53.0082 4048 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:23:53.0088 4048 IKEEXT - ok
11:23:53.0387 4048 IntcAzAudAddService (b60accd29f8fafc4a6344cd2bd5ca3a5) C:\Windows\system32\drivers\RTKVHD64.sys
11:23:53.0455 4048 IntcAzAudAddService - ok
11:23:53.0616 4048 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
11:23:53.0642 4048 IntcDAud - ok
11:23:53.0738 4048 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:23:53.0739 4048 intelide - ok
11:23:53.0833 4048 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:23:53.0864 4048 intelppm - ok
11:23:53.0905 4048 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:23:53.0907 4048 IPBusEnum - ok
11:23:53.0923 4048 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:23:53.0925 4048 IpFilterDriver - ok
11:23:53.0969 4048 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:23:53.0973 4048 iphlpsvc - ok
11:23:54.0009 4048 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:23:54.0011 4048 IPMIDRV - ok
11:23:54.0036 4048 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:23:54.0038 4048 IPNAT - ok
11:23:54.0079 4048 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:23:54.0080 4048 IRENUM - ok
11:23:54.0085 4048 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:23:54.0087 4048 isapnp - ok
11:23:54.0130 4048 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:23:54.0146 4048 iScsiPrt - ok
11:23:54.0228 4048 ISWKL (bf65e6d039ae37c988d5b2b680e7d718) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
11:23:54.0229 4048 ISWKL - ok
11:23:54.0323 4048 IswSvc (99148599fe4d0a5cd7c7eb74ed5a63e4) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
11:23:54.0328 4048 IswSvc - ok
11:23:54.0407 4048 k57nd60a (0469bff65bbdee9e46d0c45ee32a08bd) C:\Windows\system32\DRIVERS\k57nd60a.sys
11:23:54.0427 4048 k57nd60a - ok
11:23:54.0468 4048 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
11:23:54.0469 4048 kbdclass - ok
11:23:54.0501 4048 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
11:23:54.0502 4048 kbdhid - ok
11:23:54.0541 4048 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:23:54.0542 4048 KeyIso - ok
11:23:54.0580 4048 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
11:23:54.0582 4048 KSecDD - ok
11:23:54.0607 4048 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
11:23:54.0618 4048 KSecPkg - ok
11:23:54.0629 4048 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:23:54.0631 4048 ksthunk - ok
11:23:54.0689 4048 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:23:54.0723 4048 KtmRm - ok
11:23:54.0785 4048 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
11:23:54.0788 4048 LanmanServer - ok
11:23:54.0830 4048 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:23:54.0834 4048 LanmanWorkstation - ok
11:23:54.0909 4048 Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
11:23:54.0911 4048 Live Updater Service - ok
11:23:55.0038 4048 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:23:55.0040 4048 lltdio - ok
11:23:55.0096 4048 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:23:55.0111 4048 lltdsvc - ok
11:23:55.0157 4048 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:23:55.0158 4048 lmhosts - ok
11:23:55.0262 4048 LMS (d7e0bed3ea21d7bddd410ade51708d90) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:23:55.0264 4048 LMS - ok
11:23:55.0355 4048 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:23:55.0357 4048 LSI_FC - ok
11:23:55.0370 4048 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:23:55.0372 4048 LSI_SAS - ok
11:23:55.0385 4048 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:23:55.0387 4048 LSI_SAS2 - ok
11:23:55.0401 4048 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:23:55.0403 4048 LSI_SCSI - ok
11:23:55.0440 4048 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:23:55.0442 4048 luafv - ok
11:23:55.0485 4048 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:23:55.0487 4048 Mcx2Svc - ok
11:23:55.0495 4048 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:23:55.0496 4048 megasas - ok
11:23:55.0550 4048 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:23:55.0562 4048 MegaSR - ok
11:23:55.0621 4048 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
11:23:55.0622 4048 MEIx64 - ok
11:23:55.0758 4048 Microsoft SharePoint Workspace Audit Service - ok
11:23:55.0802 4048 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:23:55.0804 4048 MMCSS - ok
11:23:55.0823 4048 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:23:55.0824 4048 Modem - ok
11:23:55.0860 4048 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:23:55.0861 4048 monitor - ok
11:23:55.0891 4048 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:23:55.0893 4048 mouclass - ok
11:23:55.0929 4048 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:23:55.0930 4048 mouhid - ok
11:23:55.0956 4048 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:23:55.0958 4048 mountmgr - ok
11:23:56.0082 4048 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:23:56.0084 4048 MozillaMaintenance - ok
11:23:56.0112 4048 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:23:56.0120 4048 mpio - ok
11:23:56.0142 4048 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:23:56.0144 4048 mpsdrv - ok
11:23:56.0238 4048 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:23:56.0244 4048 MpsSvc - ok
11:23:56.0296 4048 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:23:56.0306 4048 MRxDAV - ok
11:23:56.0348 4048 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:23:56.0356 4048 mrxsmb - ok
11:23:56.0408 4048 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:23:56.0418 4048 mrxsmb10 - ok
11:23:56.0444 4048 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:23:56.0465 4048 mrxsmb20 - ok
11:23:56.0478 4048 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:23:56.0480 4048 msahci - ok
11:23:56.0504 4048 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:23:56.0514 4048 msdsm - ok
11:23:56.0570 4048 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:23:56.0579 4048 MSDTC - ok
11:23:56.0600 4048 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:23:56.0602 4048 Msfs - ok
11:23:56.0617 4048 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:23:56.0618 4048 mshidkmdf - ok
11:23:56.0628 4048 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:23:56.0629 4048 msisadrv - ok
11:23:56.0679 4048 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:23:56.0687 4048 MSiSCSI - ok
11:23:56.0689 4048 msiserver - ok
11:23:56.0759 4048 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:23:56.0760 4048 MSKSSRV - ok
11:23:56.0792 4048 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:23:56.0794 4048 MSPCLOCK - ok
11:23:56.0806 4048 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:23:56.0807 4048 MSPQM - ok
11:23:56.0856 4048 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:23:56.0872 4048 MsRPC - ok
11:23:56.0886 4048 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:23:56.0887 4048 mssmbios - ok
11:23:56.0905 4048 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:23:56.0907 4048 MSTEE - ok
11:23:56.0910 4048 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:23:56.0911 4048 MTConfig - ok
11:23:56.0936 4048 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:23:56.0937 4048 Mup - ok
11:23:57.0054 4048 MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:23:57.0070 4048 MyWiFiDHCPDNS - ok
11:23:57.0143 4048 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:23:57.0157 4048 napagent - ok
11:23:57.0214 4048 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:23:57.0229 4048 NativeWifiP - ok
11:23:57.0350 4048 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe
11:23:57.0353 4048 NAUpdate - ok
11:23:57.0454 4048 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
11:23:57.0464 4048 NDIS - ok
11:23:57.0486 4048 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:23:57.0487 4048 NdisCap - ok
11:23:57.0512 4048 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:23:57.0514 4048 NdisTapi - ok
11:23:57.0536 4048 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:23:57.0538 4048 Ndisuio - ok
11:23:57.0572 4048 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:23:57.0579 4048 NdisWan - ok
11:23:57.0598 4048 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:23:57.0600 4048 NDProxy - ok
11:23:57.0616 4048 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:23:57.0618 4048 NetBIOS - ok
11:23:57.0656 4048 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:23:57.0659 4048 NetBT - ok
11:23:57.0697 4048 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:23:57.0698 4048 Netlogon - ok
11:23:57.0757 4048 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:23:57.0760 4048 Netman - ok
11:23:57.0799 4048 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:23:57.0803 4048 netprofm - ok
11:23:57.0890 4048 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:23:57.0892 4048 NetTcpPortSharing - ok
11:23:58.0351 4048 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
11:23:58.0503 4048 NETwNs64 - ok
11:23:58.0644 4048 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:23:58.0646 4048 nfrd960 - ok
11:23:58.0697 4048 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:23:58.0702 4048 NlaSvc - ok
11:23:58.0724 4048 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:23:58.0725 4048 Npfs - ok
11:23:58.0745 4048 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:23:58.0746 4048 nsi - ok
11:23:58.0755 4048 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:23:58.0755 4048 nsiproxy - ok
11:23:58.0903 4048 NSL (18654d5e0dc33b7f0f895264a5de80da) C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
11:23:58.0904 4048 NSL - ok
11:23:59.0050 4048 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:23:59.0090 4048 Ntfs - ok
11:23:59.0165 4048 NTI IScheduleSvc (773eed20bbf50809437373c0285bfa5e) C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
11:23:59.0167 4048 NTI IScheduleSvc - ok
11:23:59.0284 4048 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
11:23:59.0285 4048 NTIDrvr - ok
11:23:59.0294 4048 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:23:59.0295 4048 Null - ok
11:23:59.0351 4048 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys
11:23:59.0353 4048 nusb3hub - ok
11:23:59.0391 4048 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:23:59.0398 4048 nusb3xhc - ok
11:23:59.0441 4048 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:23:59.0450 4048 nvraid - ok
11:23:59.0476 4048 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:23:59.0484 4048 nvstor - ok
11:23:59.0522 4048 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:23:59.0525 4048 nv_agp - ok
11:23:59.0533 4048 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:23:59.0535 4048 ohci1394 - ok
11:23:59.0627 4048 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:23:59.0636 4048 ose - ok
11:23:59.0996 4048 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:24:00.0085 4048 osppsvc - ok
11:24:00.0239 4048 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:24:00.0242 4048 p2pimsvc - ok
11:24:00.0291 4048 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:24:00.0294 4048 p2psvc - ok
11:24:00.0343 4048 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:24:00.0345 4048 Parport - ok
11:24:00.0383 4048 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:24:00.0385 4048 partmgr - ok
11:24:00.0402 4048 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:24:00.0404 4048 PcaSvc - ok
11:24:00.0439 4048 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:24:00.0445 4048 pci - ok
11:24:00.0463 4048 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:24:00.0464 4048 pciide - ok
11:24:00.0487 4048 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:24:00.0490 4048 pcmcia - ok
11:24:00.0510 4048 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:24:00.0512 4048 pcw - ok
11:24:00.0563 4048 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:24:00.0571 4048 PEAUTH - ok
11:24:00.0670 4048 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:24:00.0672 4048 PerfHost - ok
11:24:00.0800 4048 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:24:00.0831 4048 pla - ok
11:24:00.0903 4048 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:24:00.0907 4048 PlugPlay - ok
11:24:00.0924 4048 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:24:00.0927 4048 PNRPAutoReg - ok
11:24:00.0965 4048 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:24:00.0968 4048 PNRPsvc - ok
11:24:01.0031 4048 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:24:01.0035 4048 PolicyAgent - ok
11:24:01.0080 4048 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:24:01.0083 4048 Power - ok
11:24:01.0177 4048 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:24:01.0180 4048 PptpMiniport - ok
11:24:01.0201 4048 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:24:01.0203 4048 Processor - ok
11:24:01.0263 4048 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
11:24:01.0266 4048 ProfSvc - ok
11:24:01.0307 4048 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:24:01.0309 4048 ProtectedStorage - ok
11:24:01.0342 4048 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:24:01.0344 4048 Psched - ok
11:24:01.0467 4048 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:24:01.0501 4048 ql2300 - ok
11:24:02.0183 4048 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:24:02.0186 4048 ql40xx - ok
11:24:02.0232 4048 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:24:02.0247 4048 QWAVE - ok
11:24:02.0281 4048 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:24:02.0283 4048 QWAVEdrv - ok
11:24:02.0304 4048 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:24:02.0305 4048 RasAcd - ok
11:24:02.0341 4048 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:24:02.0343 4048 RasAgileVpn - ok
11:24:02.0377 4048 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:24:02.0379 4048 RasAuto - ok
11:24:02.0410 4048 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:24:02.0412 4048 Rasl2tp - ok
11:24:02.0439 4048 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:24:02.0447 4048 RasMan - ok
11:24:02.0487 4048 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:24:02.0489 4048 RasPppoe - ok
11:24:02.0511 4048 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:24:02.0513 4048 RasSstp - ok
11:24:02.0553 4048 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:24:02.0567 4048 rdbss - ok
11:24:02.0593 4048 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:24:02.0594 4048 rdpbus - ok
11:24:02.0609 4048 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:24:02.0609 4048 RDPCDD - ok
11:24:02.0631 4048 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:24:02.0632 4048 RDPENCDD - ok
11:24:02.0657 4048 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:24:02.0657 4048 RDPREFMP - ok
11:24:02.0762 4048 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
11:24:02.0806 4048 RDPWD - ok
11:24:02.0906 4048 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:24:02.0915 4048 rdyboost - ok
11:24:03.0077 4048 RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:24:03.0083 4048 RegSrvc - ok
11:24:03.0134 4048 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:24:03.0137 4048 RemoteAccess - ok
11:24:03.0173 4048 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:24:03.0182 4048 RemoteRegistry - ok
11:24:03.0216 4048 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:24:03.0218 4048 RpcEptMapper - ok
11:24:03.0250 4048 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:24:03.0252 4048 RpcLocator - ok
11:24:03.0303 4048 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:24:03.0308 4048 RpcSs - ok
11:24:03.0386 4048 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:24:03.0388 4048 rspndr - ok
11:24:03.0431 4048 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:24:03.0433 4048 SamSs - ok
11:24:03.0532 4048 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
11:24:03.0533 4048 SASDIFSV - ok
11:24:03.0556 4048 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
11:24:03.0557 4048 SASKUTIL - ok
11:24:03.0586 4048 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:24:03.0588 4048 sbp2port - ok
11:24:03.0723 4048 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
11:24:03.0735 4048 SBSDWSCService - ok
11:24:03.0775 4048 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:24:03.0792 4048 SCardSvr - ok
11:24:03.0845 4048 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:24:03.0846 4048 scfilter - ok
11:24:03.0945 4048 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:24:03.0967 4048 Schedule - ok
11:24:04.0001 4048 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:24:04.0002 4048 SCPolicySvc - ok
11:24:04.0033 4048 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
11:24:04.0035 4048 sdbus - ok
11:24:04.0061 4048 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:24:04.0063 4048 SDRSVC - ok
11:24:04.0074 4048 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:24:04.0075 4048 secdrv - ok
11:24:04.0086 4048 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:24:04.0089 4048 seclogon - ok
11:24:04.0110 4048 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:24:04.0112 4048 SENS - ok
11:24:04.0130 4048 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:24:04.0134 4048 SensrSvc - ok
11:24:04.0147 4048 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:24:04.0148 4048 Serenum - ok
11:24:04.0161 4048 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:24:04.0163 4048 Serial - ok
11:24:04.0168 4048 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:24:04.0169 4048 sermouse - ok
11:24:04.0199 4048 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:24:04.0221 4048 SessionEnv - ok
11:24:04.0244 4048 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:24:04.0245 4048 sffdisk - ok
11:24:04.0250 4048 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:24:04.0251 4048 sffp_mmc - ok
11:24:04.0255 4048 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:24:04.0256 4048 sffp_sd - ok
11:24:04.0278 4048 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:24:04.0280 4048 sfloppy - ok
11:24:04.0347 4048 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:24:04.0363 4048 SharedAccess - ok
11:24:04.0402 4048 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:24:04.0406 4048 ShellHWDetection - ok
11:24:04.0424 4048 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:24:04.0425 4048 SiSRaid2 - ok
11:24:04.0434 4048 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:24:04.0436 4048 SiSRaid4 - ok
11:24:04.0478 4048 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:24:04.0480 4048 Smb - ok
11:24:04.0503 4048 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:24:04.0506 4048 SNMPTRAP - ok
11:24:04.0516 4048 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:24:04.0517 4048 spldr - ok
11:24:04.0572 4048 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:24:04.0577 4048 Spooler - ok
11:24:04.0839 4048 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:24:04.0929 4048 sppsvc - ok
11:24:05.0062 4048 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:24:05.0065 4048 sppuinotify - ok
11:24:05.0143 4048 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:24:05.0174 4048 srv - ok
11:24:05.0246 4048 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:24:05.0259 4048 srv2 - ok
11:24:05.0291 4048 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:24:05.0298 4048 srvnet - ok
11:24:05.0348 4048 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:24:05.0350 4048 SSDPSRV - ok
11:24:05.0365 4048 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:24:05.0368 4048 SstpSvc - ok
11:24:05.0391 4048 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:24:05.0392 4048 stexstor - ok
11:24:05.0470 4048 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:24:05.0475 4048 stisvc - ok
11:24:05.0484 4048 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:24:05.0485 4048 swenum - ok
11:24:05.0830 4048 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:24:05.0851 4048 SwitchBoard - ok
11:24:05.0954 4048 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:24:05.0969 4048 swprv - ok
11:24:06.0137 4048 SynTP (ef51b22706db03f0857fade127c804ec) C:\Windows\system32\DRIVERS\SynTP.sys
11:24:06.0169 4048 SynTP - ok
11:24:06.0411 4048 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:24:06.0441 4048 SysMain - ok
11:24:06.0516 4048 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:24:06.0518 4048 TabletInputService - ok
11:24:06.0564 4048 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:24:06.0582 4048 TapiSrv - ok
11:24:06.0603 4048 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:24:06.0606 4048 TBS - ok
11:24:06.0808 4048 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:24:06.0914 4048 Tcpip - ok
11:24:07.0154 4048 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:24:07.0166 4048 TCPIP6 - ok
11:24:07.0260 4048 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:24:07.0262 4048 tcpipreg - ok
11:24:07.0272 4048 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:24:07.0273 4048 TDPIPE - ok
11:24:07.0302 4048 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:24:07.0304 4048 TDTCP - ok
11:24:07.0350 4048 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:24:07.0372 4048 tdx - ok
11:24:07.0388 4048 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:24:07.0390 4048 TermDD - ok
11:24:07.0473 4048 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:24:07.0498 4048 TermService - ok
11:24:07.0525 4048 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:24:07.0527 4048 Themes - ok
11:24:07.0568 4048 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:24:07.0570 4048 THREADORDER - ok
11:24:07.0601 4048 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:24:07.0603 4048 TrkWks - ok
11:24:07.0673 4048 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:24:07.0677 4048 TrustedInstaller - ok
11:24:07.0691 4048 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:24:07.0693 4048 tssecsrv - ok
11:24:07.0727 4048 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:24:07.0729 4048 TsUsbFlt - ok
11:24:07.0734 4048 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:24:07.0735 4048 TsUsbGD - ok
11:24:07.0796 4048 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:24:07.0818 4048 tunnel - ok
11:24:07.0842 4048 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:24:07.0843 4048 uagp35 - ok
11:24:07.0872 4048 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
11:24:07.0873 4048 UBHelper - ok
11:24:07.0913 4048 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:24:07.0917 4048 udfs - ok
11:24:07.0956 4048 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:24:07.0959 4048 UI0Detect - ok
11:24:07.0994 4048 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:24:08.0024 4048 uliagpkx - ok
11:24:08.0037 4048 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:24:08.0038 4048 umbus - ok
11:24:08.0042 4048 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:24:08.0043 4048 UmPass - ok
11:24:08.0309 4048 UNS (a678e5ddd974903dd71f503bdcaca218) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:24:08.0358 4048 UNS - ok
11:24:08.0514 4048 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:24:08.0517 4048 upnphost - ok
11:24:08.0590 4048 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
11:24:08.0591 4048 usbaudio - ok
11:24:08.0625 4048 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:24:08.0628 4048 usbccgp - ok
11:24:08.0663 4048 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:24:08.0664 4048 usbcir - ok
11:24:08.0685 4048 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:24:08.0686 4048 usbehci - ok
11:24:08.0728 4048 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:24:08.0745 4048 usbhub - ok
11:24:08.0774 4048 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:24:08.0776 4048 usbohci - ok
11:24:08.0799 4048 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
11:24:08.0800 4048 usbprint - ok
11:24:08.0832 4048 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:24:08.0834 4048 USBSTOR - ok
11:24:08.0839 4048 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:24:08.0841 4048 usbuhci - ok
11:24:08.0901 4048 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
11:24:08.0929 4048 usbvideo - ok
11:24:08.0961 4048 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:24:08.0963 4048 UxSms - ok
11:24:08.0997 4048 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:24:08.0999 4048 VaultSvc - ok
11:24:09.0025 4048 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:24:09.0027 4048 vdrvroot - ok
11:24:09.0081 4048 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:24:09.0129 4048 vds - ok
11:24:09.0164 4048 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:24:09.0166 4048 vga - ok
11:24:09.0179 4048 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:24:09.0181 4048 VgaSave - ok
11:24:09.0217 4048 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:24:09.0232 4048 vhdmp - ok
11:24:09.0239 4048 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:24:09.0240 4048 viaide - ok
11:24:09.0275 4048 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:24:09.0276 4048 volmgr - ok
11:24:09.0321 4048 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:24:09.0327 4048 volmgrx - ok
11:24:09.0393 4048 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:24:09.0426 4048 volsnap - ok
11:24:09.0513 4048 Vsdatant (239d8d72730226cd460bdc8ca0a23d43) C:\Windows\system32\DRIVERS\vsdatant.sys
11:24:09.0522 4048 Vsdatant - ok
11:24:09.0586 4048 vsmon - ok
11:24:09.0627 4048 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:24:09.0634 4048 vsmraid - ok
11:24:09.0799 4048 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:24:09.0844 4048 VSS - ok
11:24:09.0951 4048 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:24:09.0953 4048 vwifibus - ok
11:24:09.0980 4048 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:24:09.0984 4048 vwififlt - ok
11:24:10.0017 4048 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:24:10.0019 4048 vwifimp - ok
11:24:10.0071 4048 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:24:10.0099 4048 W32Time - ok
11:24:10.0128 4048 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:24:10.0131 4048 WacomPen - ok
11:24:10.0169 4048 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:24:10.0173 4048 WANARP - ok
11:24:10.0179 4048 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:24:10.0183 4048 Wanarpv6 - ok
11:24:10.0317 4048 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:24:10.0342 4048 WatAdminSvc - ok
11:24:10.0470 4048 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:24:10.0514 4048 wbengine - ok
11:24:10.0628 4048 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:24:10.0646 4048 WbioSrvc - ok
11:24:10.0693 4048 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:24:10.0700 4048 wcncsvc - ok
11:24:10.0718 4048 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:24:10.0721 4048 WcsPlugInService - ok
11:24:10.0763 4048 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:24:10.0765 4048 Wd - ok
11:24:10.0810 4048 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
11:24:10.0811 4048 WDC_SAM - ok
11:24:10.0873 4048 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:24:10.0883 4048 Wdf01000 - ok
11:24:10.0916 4048 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:24:10.0919 4048 WdiServiceHost - ok
11:24:10.0923 4048 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:24:10.0926 4048 WdiSystemHost - ok
11:24:10.0973 4048 wdkmd (5e1640435dd54d00451156ca5340b109) C:\Windows\system32\DRIVERS\WDKMD.sys
11:24:10.0975 4048 wdkmd - ok
11:24:11.0010 4048 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:24:11.0048 4048 WebClient - ok
11:24:11.0098 4048 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:24:11.0126 4048 Wecsvc - ok
11:24:11.0152 4048 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:24:11.0157 4048 wercplsupport - ok
11:24:11.0179 4048 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:24:11.0185 4048 WerSvc - ok
11:24:11.0221 4048 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:24:11.0223 4048 WfpLwf - ok
11:24:11.0245 4048 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:24:11.0248 4048 WIMMount - ok
11:24:11.0299 4048 WinDefend - ok
11:24:11.0313 4048 WinHttpAutoProxySvc - ok
11:24:11.0397 4048 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:24:11.0400 4048 Winmgmt - ok
11:24:11.0565 4048 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:24:11.0628 4048 WinRM - ok
11:24:11.0798 4048 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:24:11.0800 4048 WinUsb - ok
11:24:11.0894 4048 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:24:11.0911 4048 Wlansvc - ok
11:24:11.0979 4048 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:24:11.0982 4048 wlcrasvc - ok
11:24:12.0170 4048 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:24:12.0220 4048 wlidsvc - ok
11:24:12.0349 4048 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:24:12.0351 4048 WmiAcpi - ok
11:24:12.0422 4048 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:24:12.0426 4048 wmiApSrv - ok
11:24:12.0485 4048 WMPNetworkSvc - ok
11:24:12.0537 4048 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:24:12.0544 4048 WPCSvc - ok
11:24:12.0574 4048 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:24:12.0597 4048 WPDBusEnum - ok
11:24:12.0626 4048 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:24:12.0629 4048 ws2ifsl - ok
11:24:12.0661 4048 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
11:24:12.0666 4048 wscsvc - ok
11:24:12.0716 4048 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
11:24:12.0718 4048 WSDPrintDevice - ok
11:24:12.0726 4048 WSearch - ok
11:24:12.0933 4048 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
11:24:13.0007 4048 wuauserv - ok
11:24:13.0166 4048 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:24:13.0170 4048 WudfPf - ok
11:24:13.0222 4048 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:24:13.0226 4048 WUDFRd - ok
11:24:13.0265 4048 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:24:13.0269 4048 wudfsvc - ok
11:24:13.0311 4048 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:24:13.0328 4048 WwanSvc - ok
11:24:13.0395 4048 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
11:24:13.0429 4048 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
11:24:13.0429 4048 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
11:24:13.0467 4048 Boot (0x1200) (b136d946b0ce20bd07e3cb0f1f523617) \Device\Harddisk0\DR0\Partition0
11:24:13.0470 4048 \Device\Harddisk0\DR0\Partition0 - ok
11:24:13.0480 4048 Boot (0x1200) (a57ad610168bad5ac617bda52c71a364) \Device\Harddisk0\DR0\Partition1
11:24:13.0483 4048 \Device\Harddisk0\DR0\Partition1 - ok
11:24:13.0483 4048 ============================================================
11:24:13.0483 4048 Scan finished
11:24:13.0483 4048 ============================================================
11:24:13.0494 3308 Detected object count: 1
11:24:13.0494 3308 Actual detected object count: 1
11:24:29.0892 3308 \Device\Harddisk0\DR0\# - copied to quarantine
11:24:29.0893 3308 \Device\Harddisk0\DR0 - copied to quarantine
11:24:30.0021 3308 \Device\Harddisk0\DR0 - processing error
11:24:37.0975 3308 \Device\Harddisk0\DR0 - will be restored on reboot
11:24:38.0062 3308 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure Restore
11:24:48.0736 4940 Deinitialize success



MiniToolBox by Farbar Version: 15-07-2012
Ran by Timothy (administrator) on 21-07-2012 at 12:31:50
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15238 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6205 = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Wireless Network Connection 3" address=192.168.16.2 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Timothy-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : westell.com

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : A0-88-B4-0C-35-E5
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : A0-88-B4-0C-35-E5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6205
Physical Address. . . . . . . . . : A0-88-B4-0C-35-E4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9c72:f90c:ba17:d5c0%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.25(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, July 21, 2012 11:26:23 AM
Lease Expires . . . . . . . . . . : Sunday, July 22, 2012 12:29:27 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 312510644
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-76-77-43-B8-70-F4-8F-4C-42
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : B8-70-F4-8F-4C-42
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{1EF19524-B058-4B32-A7CF-38C1CD92F3C1}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3b:47b:b850:8970(Preferred)
Link-local IPv6 Address . . . . . : fe80::3b:47b:b850:8970%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2BFCFDB7-E478-47F1-A115-85CFD1F407AF}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.westell.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{33FF1A91-6C90-477C-8DBD-64A4063FFB5C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:800::1000
74.125.226.199
74.125.226.198
74.125.226.194
74.125.226.200
74.125.226.201
74.125.226.206
74.125.226.197
74.125.226.196
74.125.226.193
74.125.226.192
74.125.226.195


Pinging google.com [74.125.226.195] with 32 bytes of data:
Reply from 74.125.226.195: bytes=32 time=49ms TTL=55
Reply from 74.125.226.195: bytes=32 time=53ms TTL=55

Ping statistics for 74.125.226.195:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 49ms, Maximum = 53ms, Average = 51ms
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=158ms TTL=56
Reply from 72.30.38.140: bytes=32 time=135ms TTL=56

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 135ms, Maximum = 158ms, Average = 146ms
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
===========================================================================
Interface List
14...a0 88 b4 0c 35 e5 ......Microsoft Virtual WiFi Miniport Adapter #2
13...a0 88 b4 0c 35 e5 ......Microsoft Virtual WiFi Miniport Adapter
12...a0 88 b4 0c 35 e4 ......Intel® Centrino® Advanced-N 6205
11...b8 70 f4 8f 4c 42 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
15...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.25 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.25 281
192.168.1.25 255.255.255.255 On-link 192.168.1.25 281
192.168.1.255 255.255.255.255 On-link 192.168.1.25 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.25 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.25 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:4137:9e76:3b:47b:b850:8970/128
On-link
12 281 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::3b:47b:b850:8970/128
On-link
12 281 fe80::9c72:f90c:ba17:d5c0/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/21/2012 11:26:19 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/20/2012 11:48:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/20/2012 11:48:41 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/20/2012 11:48:41 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/20/2012 10:21:50 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/20/2012 10:21:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/20/2012 10:21:28 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/19/2012 01:03:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/19/2012 00:55:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (07/19/2012 11:46:59 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (07/19/2012 03:19:32 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR4.

Error: (07/19/2012 03:19:32 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR4.

Error: (07/19/2012 03:19:31 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR4.

Error: (07/19/2012 03:19:31 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR4.

Error: (07/19/2012 02:39:28 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (07/19/2012 02:39:28 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (07/19/2012 02:39:27 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (07/19/2012 02:39:27 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (07/19/2012 11:47:30 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (07/19/2012 11:47:30 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.


Microsoft Office Sessions:
=========================
Error: (07/21/2012 11:26:19 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/20/2012 11:48:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\$Recycle.Bin\S-1-5-21-920906787-174428531-3227117697-1001\$RD8AX22.exe

Error: (07/20/2012 11:48:41 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Timothy\Desktop\esetsmartinstaller_enu.exe

Error: (07/20/2012 11:48:41 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Timothy\Desktop\esetsmartinstaller_enu.exe

Error: (07/20/2012 10:21:50 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Timothy\Desktop\esetsmartinstaller_enu.exe

Error: (07/20/2012 10:21:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Timothy\Desktop\esetsmartinstaller_enu.exe

Error: (07/20/2012 10:21:28 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Timothy\Desktop\esetsmartinstaller_enu.exe

Error: (07/19/2012 01:03:31 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/19/2012 00:55:59 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (07/19/2012 11:46:59 AM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 3.1.0.4880)
Adobe Community Help (Version: 3.4.980)
Adobe Download Assistant (Version: 1.0.6)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.3.300.257)
Adobe Illustrator CS5.1 (Version: 15.1)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Photoshop CS5.1 (Version: 12.1)
Adobe Reader X (10.1.0) (Version: 10.1.0)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.2.6
AVG 2012 (Version: 12.0.2178)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2178)
Backup Manager V3 (Version: 3.0.0.85)
Best Buy pc app (Version: 3.2.0.0)
Bookshop Classics (Version: 3.00)
Broadcom Card Reader Driver Installer (Version: 14.6.1.2)
Broadcom Gigabit NetLink Controller (Version: 14.6.1.2)
CCleaner (Version: 3.20)
CyberLink PowerDVD 10 (Version: 10.0.2531.52)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ESET Online Scanner v3
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Gateway MyBackup (Version: 3.0.0.85)
Gateway Power Management (Version: 6.00.3006)
Gateway Recovery Management (Version: 5.00.3004)
Gateway Registration (Version: 1.03.3004)
Gateway ScreenSaver (Version: 1.1.1022.2010)
Gateway Updater (Version: 1.02.3005)
Google Chrome (Version: 20.0.1132.57)
Google Talk Plugin (Version: 3.2.4.8431)
Google Update Helper (Version: 1.3.21.115)
HomeMedia (Version: 2.0.8520)
Identity Card (Version: 1.00.3006)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2342)
Intel® PROSet/Wireless WiFi Software (Version: 14.00.1000)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
Intel® Wireless Display
Intel® Wireless Display (Version: 2.0.29.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 5.1.4)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero Control Center 10 (Version: 10.2.11100.1.1)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.18100.8.8)
Nero DiscSpeed 10 (Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (Version: 10.5.10000)
Nero Express 10 (Version: 10.2.12000.21.100)
Nero Express 10 Help (CHM) (Version: 10.5.10200)
Nero Multimedia Suite 10 Essentials (Version: 10.5.10300)
Nero StartSmart 10 (Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (Version: 10.5.10000)
Nero Update (Version: 1.0.0018)
Norton Safe Web Lite (Version: 1.2.0.6)
PDF Settings CS5 (Version: 10.0)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.6329)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.26.0)
Spybot - Search & Destroy (Version: 1.6.2)
SSH Secure Shell
SUPERAntiSpyware (Version: 5.5.1012)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.1.6.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VC 9.0 Runtime (Version: 1.0.0)
Video Web Camera (Version: 1.0.1523)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Welcome Center (Version: 1.02.3102)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
ZoneAlarm Firewall (Version: 10.1.065.000)
ZoneAlarm Free (Version: 10.1.065.000)
ZoneAlarm Security (Version: 10.1.065.000)
ZoneAlarm Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 3947.86 MB
Available physical RAM: 1864.25 MB
Total Pagefile: 7893.91 MB
Available Pagefile: 5224.8 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.54 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:581.06 GB) (Free:528.72 GB) NTFS

========================= Users: ========================================

User accounts for \\TIMOTHY-PC

Administrator Guest Timothy


**** End of log ****




Farbar Service Scanner Version: 19-07-2012
Ran by Timothy (administrator) on 21-07-2012 at 12:46:50
Running from "C:\Users\Timothy\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Destination is offline
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Demand
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




# AdwCleaner v1.703 - Logfile created 07/21/2012 at 12:49:08
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Timothy - TIMOTHY-PC
# Running from : C:\Users\Timothy\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Timothy\AppData\Roaming\Mozilla\Firefox\Profiles\7dq2remy.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v20.0.1132.57

File : C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1403 octets] - [21/07/2012 12:49:08]

########## EOF - C:\AdwCleaner[S1].txt - [1531 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:13 PM

Posted 21 July 2012 - 05:07 PM

If I'm not wrong,you're posting the same TDSSkiller log

Please run TDSSkiller once again and post the latest log located in C drive.I just want to check if it still detects rootkit.boot.sst.b

#7 cerveaurongeur

cerveaurongeur
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:13 PM

Posted 21 July 2012 - 08:15 PM

I found two logs from the old runs in my C folder, which I believe are the two logs I posted above. For some reason those logs show the exact same time, but they are not exactly the same.
I can't get TDSSkiller to run again. When I try to open it, it asks for administrator rights, shows the "working" cursor symbol for a moment, and then does nothing.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:13 PM

Posted 21 July 2012 - 08:55 PM

You still have MBR rootkit.

We need advanced tools to remove this one

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users