Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop seems to have many problems


  • Please log in to reply
5 replies to this topic

#1 rdowning

rdowning

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:36 AM

Posted 26 July 2012 - 08:48 AM

Hi all,

my laptop seems to have various issues including boot up is slow, windows explorer hanging, internet explorer hanging, opening emails slow / hanging, internet access being stopped, applications are slow to load up, regedit not opening, locked out of administrator account etc....

I have updated and ran the antivirus and security package which is Trend Micro Titanium Security 2012, it says there are no problems.

I have recently ran the windows tools such as error checking, defrag and disc-cleanup.

I have not provided any logs as I'm not sure which ones are needed.

Thanks for any help.
Rob

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:36 AM

Posted 26 July 2012 - 08:16 PM

Hello Rob and welcome,please run these now.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.



Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.


>>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.


Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.


>>>>
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now reboot to Normal and run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

Please ask any needed questions,post Minitool,TDSS,SAS and MBAM logs and Let us know how the PC is running now.

Edited by boopme, 26 July 2012 - 08:17 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 rdowning

rdowning
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:36 AM

Posted 27 July 2012 - 06:01 AM

Hi Boopme,

Thank you for a quick response, I'll be working through your instructions throughout the day and will post all logs and information requested thereafter.

Cheers,
Rob

#4 rdowning

rdowning
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:36 AM

Posted 27 July 2012 - 01:38 PM

Hi Boopme,

Here are those log's that were requested;


MiniToolBox by Farbar Version: 23-07-2012
Ran by Downing's (administrator) on 27-07-2012 at 12:05:36
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR5B91 Wireless Network Adapter = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Downings-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Atheros AR5B91 Wireless Network Adapter
Physical Address. . . . . . . . . : 00-22-5F-DC-B6-32
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::811f:20d2:5e0b:7f94%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.66(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 27 July 2012 08:34:45
Lease Expires . . . . . . . . . . : 28 July 2012 08:34:44
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 201335391
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-FA-B5-11-00-1F-16-B5-DE-66
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-1F-16-B5-DE-66
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{24A0BB6F-6F71-45C9-BEC5-27DA31F11B55}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : isatap.home
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:342a:3e52:3f57:febd(Preferred)
Link-local IPv6 Address . . . . . : fe80::342a:3e52:3f57:febd%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: api.home
Address: 192.168.1.254

Name: google.com
Addresses: 2a00:1450:4009:806::1002
173.194.41.72
173.194.41.66
173.194.41.73
173.194.41.71
173.194.41.67
173.194.41.69
173.194.41.68
173.194.41.64
173.194.41.70
173.194.41.78
173.194.41.65



Pinging google.com [173.194.41.67] with 32 bytes of data:

Reply from 173.194.41.67: bytes=32 time=31ms TTL=52

Reply from 173.194.41.67: bytes=32 time=33ms TTL=52



Ping statistics for 173.194.41.67:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 31ms, Maximum = 33ms, Average = 32ms

Server: api.home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=274ms TTL=45

Reply from 72.30.38.140: bytes=32 time=215ms TTL=46



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 215ms, Maximum = 274ms, Average = 244ms

Server: api.home
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 22 5f dc b6 32 ...... Atheros AR5B91 Wireless Network Adapter
10 ...00 1f 16 b5 de 66 ...... Broadcom NetLink ™ Gigabit Ethernet
1 ........................... Software Loopback Interface 1
13 ...00 00 00 00 00 00 00 e0 isatap.{24A0BB6F-6F71-45C9-BEC5-27DA31F11B55}
14 ...00 00 00 00 00 00 00 e0 isatap.home
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.66 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.66 281
192.168.1.66 255.255.255.255 On-link 192.168.1.66 281
192.168.1.255 255.255.255.255 On-link 192.168.1.66 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.66 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.66 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 38 ::/0 On-link
1 306 ::1/128 On-link
12 38 2001::/32 On-link
12 286 2001:0:5ef5:79fb:342a:3e52:3f57:febd/128
On-link
11 281 fe80::/64 On-link
12 286 fe80::/64 On-link
12 286 fe80::342a:3e52:3f57:febd/128
On-link
11 281 fe80::811f:20d2:5e0b:7f94/128
On-link
1 306 ff00::/8 On-link
12 286 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/27/2012 08:35:06 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2012 07:46:34 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2012 04:01:50 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.0.6002.18005 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: d20
Start Time: 01cd6b39726cf505
Termination Time: 189

Error: (07/26/2012 03:18:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2012 02:01:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2012 00:20:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2012 00:20:37 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (07/26/2012 11:37:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2012 11:34:42 AM) (Source: Application Hang) (User: )
Description: The program PhotoshopElementsEditor.exe version 6.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 9e0
Start Time: 01cd6b0c418139e0
Termination Time: 15

Error: (07/26/2012 11:33:55 AM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.0.6002.18005 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: c74
Start Time: 01cd6a7c26162feb
Termination Time: 6114


System errors:
=============
Error: (07/27/2012 00:05:17 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (07/27/2012 08:36:11 AM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (07/27/2012 08:35:06 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (07/27/2012 07:47:33 AM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (07/27/2012 07:46:34 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (07/26/2012 03:35:37 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (07/26/2012 03:19:03 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (07/26/2012 03:18:04 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (07/26/2012 02:02:51 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (07/26/2012 02:01:47 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058


Microsoft Office Sessions:
=========================
Error: (04/23/2012 11:03:25 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7390 seconds with 6300 seconds of active time. This session ended with a crash.

Error: (03/20/2011 08:54:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 42 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/20/2011 08:53:56 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 386 seconds with 360 seconds of active time. This session ended with a crash.

Error: (03/20/2011 08:47:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 2.1.5)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 2.7.0.19530)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Photoshop Elements 6.0 (Version: 6.0)
Adobe Reader 9.5.1 (Version: 9.5.1)
ALPS Touch Pad Driver (Version: 7.5.2015.1102)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Audacity 2.0
Backup Manager Basic (Version: 1.1.0.72)
Bejeweled Twist 1.0 (Version: 1.0)
Bonjour (Version: 3.0.0.10)
Bookworm Adventures Deluxe 1.0.1.100
Bookworm Deluxe 1.13
Broadcom Gigabit NetLink Controller (Version: 11.34.01)
Browser Guard v3.0 (Version: 3.0.0.0)
BufferChm (Version: 82.0.173.000)
Bulk Rename Utility 2.7.1.2
CleanUp!
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CustomerResearchQFolder (Version: 1.00.0000)
D3DX10 (Version: 15.4.2368.0902)
D6100_D7100_D7300_Help (Version: 82.0.233.000)
D7100 (Version: 82.0.233.000)
Destination Component (Version: 090.000.091.086)
DeviceDiscovery (Version: 110.0.180.000)
DeviceManagementQFolder (Version: 1.00.0000)
EasyBits Magic Desktop
eSupportQFolder (Version: 1.00.0000)
EZ Vinyl/Tape Converter 10 by Ion Audio
EZ Vinyl/Tape Converter 4.1 by MixMeister
FFmpeg v0.6.2 for Audacity
Google Update Helper (Version: 1.3.21.115)
HijackThis 2.0.2 (Version: 2.0.2)
HP Customer Participation Program 8.0 (Version: 8.0)
HP Deskjet & Photosmart Printer Driver Software 8.0.A (Version: 8.0)
HP Imaging Device Functions 8.0 (Version: 8.0)
HP Photosmart Essential (Version: 1.12.0.46)
HP Solution Center 8.0 (Version: 8.0)
HP Update (Version: 4.000.005.006)
HPProductAssistant (Version: 82.0.173.000)
HPSSupply (Version: 2.1.3.0000)
iCloud (Version: 1.1.0.40)
Identity Card (Version: 4.04.3001)
Infocenter (Version: 3.01.3000.0)
Intel® Graphics Media Accelerator Driver
Iomega Home Storage Manager (Version: 2.0.1.6)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Juniper Networks Host Checker (Version: 6.3.0.13725)
Juniper Networks Setup Client (Version: 1.3.2.12005)
Junk Mail filter update (Version: 15.4.3502.0922)
Kidizoom® Pro & Plus (Version: 1.00.0000)
LAME v3.99.3 (for Windows)
Launch Manager (Version: 2.0.00)
LG USB Modem Drivers (Version: 4.9.4)
Magic DVD Ripper V6.1.0
MarketResearch (Version: 82.0.174.000)
Media Player Codec Pack 4.1.3 (Version: 4.1.3)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Policies (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.50.1600.1)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (Version: 3.5.8080.0)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.35191)
MobileMe Control Panel (Version: 3.1.8.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
neroxml (Version: 1.0.0)
Norton Internet Security (Version: 16.0.0.125)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Packard Bell Customer Registration (Version: 1.07.3004)
Packard Bell MyBackup (Version: 1.1.0.72)
Packard Bell PowerSave Solution (Version: 4.01.3016)
Packard Bell Recovery Management (Version: 4.00.3008)
Picasa 3 (Version: 3.8)
QuickTime (Version: 7.72.80.56)
Rapport (Version: 3.5.1201.84)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
Realtek USB 2.0 Card Reader (Version: 6.0.6000.20125)
RealUpgrade 1.1 (Version: 1.1.0)
Runtime (Version: 1.00.0000)
Safari (Version: 5.34.57.2)
Segoe UI (Version: 15.4.2271.0615)
SES Driver (Version: 1.0.0)
SetUpMyPC (Version: 3.04.3002)
SF_CDA_ProductContext (Version: 82.0.233.000)
SF_CDA_Software (Version: 82.0.233.000)
SolutionCenter (Version: 82.0.188.000)
Sony Image Data Suite (Version: 3.1.00.14251)
Sony Picture Utility (Version: 4.2.13.15120)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
Status (Version: 110.0.180.000)
Toolbox (Version: 82.0.173.000)
TrayApp (Version: 110.0.180.000)
Trend Micro RUBotted 2.0 Beta (Version: 2.0.0.1030)
Trend Micro Titanium (Version: 5.00)
Trend Micro Titanium Internet Security 2012 (Version: 5.2)
UnloadSupport (Version: 1.00.0000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Updator (Version: 3.02.3003.0)
Video Web Camera (Version: 1.7.23.310)
Vista Shortcut Manager (Version: 2.0)
VLC media player 2.0.2 (Version: 2.0.2)
VoiceOver Kit (Version: 1.42.128.0)
WD Link (Version: 1.00.03)
WebReg (Version: 82.0.173.000)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinPcap 4.1.1 (Version: 4.1.0.1753)

========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 2999.92 MB
Available physical RAM: 1405.2 MB
Total Pagefile: 6202.1 MB
Available Pagefile: 4624.72 MB
Total Virtual: 2047.88 MB
Available Virtual: 1942.22 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:223.12 GB) (Free:124.21 GB) NTFS

========================= Users: ========================================

User accounts for \\DOWNINGS-PC

Administrator Downing's Guest


**** End of log ****


The LAN settings were already unchecked.


FixExe.reg was successful



Note: On starting rkill.exe the security centre was turned off and the help page "working in safe mode" opened.

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 27/07/2012 at 12:32:23.
Operating System: Windows Vista ™ Home Premium


Processes terminated by Rkill or while it was running:

xe


Rkill completed on 27/07/2012 at 12:32:25.


12:37:46.0194 1456 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
12:37:46.0381 1456 ============================================================
12:37:46.0381 1456 Current date / time: 2012/07/27 12:37:46.0381
12:37:46.0381 1456 SystemInfo:
12:37:46.0381 1456
12:37:46.0381 1456 OS Version: 6.0.6002 ServicePack: 2.0
12:37:46.0381 1456 Product type: Workstation
12:37:46.0381 1456 ComputerName: DOWNINGS-PC
12:37:46.0381 1456 UserName: Downing's
12:37:46.0381 1456 Windows directory: C:\Windows
12:37:46.0381 1456 System windows directory: C:\Windows
12:37:46.0381 1456 Processor architecture: Intel x86
12:37:46.0381 1456 Number of processors: 2
12:37:46.0381 1456 Page size: 0x1000
12:37:46.0381 1456 Boot type: Safe boot with network
12:37:46.0381 1456 ============================================================
12:37:46.0833 1456 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:37:46.0833 1456 ============================================================
12:37:46.0833 1456 \Device\Harddisk0\DR0:
12:37:46.0833 1456 MBR partitions:
12:37:46.0833 1456 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x1BE3C800
12:37:46.0833 1456 ============================================================
12:37:46.0880 1456 C: <-> \Device\Harddisk0\DR0\Partition0
12:37:46.0880 1456 ============================================================
12:37:46.0880 1456 Initialize success
12:37:46.0880 1456 ============================================================
12:39:22.0478 1112 ============================================================
12:39:22.0478 1112 Scan started
12:39:22.0478 1112 Mode: Manual; TDLFS;
12:39:22.0478 1112 ============================================================
12:39:22.0962 1112 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
12:39:22.0978 1112 ACPI - ok
12:39:23.0118 1112 AdobeActiveFileMonitor6.0 (e8fe4fce23d2809bd88bcc1d0f8408ce) C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
12:39:23.0134 1112 AdobeActiveFileMonitor6.0 - ok
12:39:23.0212 1112 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:39:23.0243 1112 AdobeFlashPlayerUpdateSvc - ok
12:39:23.0336 1112 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
12:39:23.0352 1112 adp94xx - ok
12:39:23.0368 1112 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
12:39:23.0383 1112 adpahci - ok
12:39:23.0399 1112 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
12:39:23.0414 1112 adpu160m - ok
12:39:23.0430 1112 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
12:39:23.0430 1112 adpu320 - ok
12:39:23.0477 1112 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
12:39:23.0492 1112 AeLookupSvc - ok
12:39:23.0539 1112 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
12:39:23.0555 1112 AFD - ok
12:39:23.0617 1112 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
12:39:23.0617 1112 agp440 - ok
12:39:23.0633 1112 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
12:39:23.0633 1112 aic78xx - ok
12:39:23.0664 1112 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
12:39:23.0680 1112 ALG - ok
12:39:23.0695 1112 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
12:39:23.0695 1112 aliide - ok
12:39:23.0711 1112 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
12:39:23.0711 1112 amdagp - ok
12:39:23.0726 1112 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
12:39:23.0726 1112 amdide - ok
12:39:23.0742 1112 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
12:39:23.0742 1112 AmdK7 - ok
12:39:23.0758 1112 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
12:39:23.0758 1112 AmdK8 - ok
12:39:23.0898 1112 Amsp (feb0b5022c012a4a68dabcb711faff03) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
12:39:23.0898 1112 Amsp - ok
12:39:23.0945 1112 ApfiltrService (f5621e9033cf5b3dae91691f74d2c41f) C:\Windows\system32\DRIVERS\Apfiltr.sys
12:39:23.0945 1112 ApfiltrService - ok
12:39:23.0992 1112 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
12:39:24.0007 1112 Appinfo - ok
12:39:24.0101 1112 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:39:24.0101 1112 Apple Mobile Device - ok
12:39:24.0148 1112 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
12:39:24.0148 1112 arc - ok
12:39:24.0194 1112 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
12:39:24.0194 1112 arcsas - ok
12:39:24.0257 1112 ASPI (b979979ab8027f7f53fb16ec4229b7db) C:\Windows\System32\DRIVERS\ASPI32.sys
12:39:24.0257 1112 ASPI - ok
12:39:24.0288 1112 ASPI32 (b979979ab8027f7f53fb16ec4229b7db) C:\Windows\system32\drivers\ASPI32.sys
12:39:24.0288 1112 ASPI32 - ok
12:39:24.0428 1112 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:39:24.0460 1112 aspnet_state - ok
12:39:24.0491 1112 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
12:39:24.0491 1112 AsyncMac - ok
12:39:24.0506 1112 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
12:39:24.0506 1112 atapi - ok
12:39:24.0584 1112 athr (acdb46b1a467752a2f280c68c8461556) C:\Windows\system32\DRIVERS\athr.sys
12:39:24.0631 1112 athr - ok
12:39:24.0694 1112 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
12:39:24.0709 1112 AudioEndpointBuilder - ok
12:39:24.0725 1112 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
12:39:24.0725 1112 Audiosrv - ok
12:39:24.0787 1112 b57nd60x (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\Windows\system32\DRIVERS\b57nd60x.sys
12:39:24.0803 1112 b57nd60x - ok
12:39:24.0818 1112 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
12:39:24.0818 1112 Beep - ok
12:39:24.0865 1112 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
12:39:24.0881 1112 BFE - ok
12:39:24.0928 1112 bhound6 (401a873517ccdefe0bf79d143f15d473) C:\Windows\system32\DRIVERS\bhound6.sys
12:39:24.0928 1112 bhound6 - ok
12:39:25.0021 1112 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
12:39:25.0208 1112 BITS - ok
12:39:25.0240 1112 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
12:39:25.0240 1112 blbdrive - ok
12:39:25.0364 1112 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
12:39:25.0380 1112 Bonjour Service - ok
12:39:25.0427 1112 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
12:39:25.0427 1112 bowser - ok
12:39:25.0474 1112 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
12:39:25.0474 1112 BrFiltLo - ok
12:39:25.0489 1112 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
12:39:25.0489 1112 BrFiltUp - ok
12:39:25.0520 1112 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
12:39:25.0520 1112 Browser - ok
12:39:25.0536 1112 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
12:39:25.0536 1112 Brserid - ok
12:39:25.0552 1112 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
12:39:25.0567 1112 BrSerWdm - ok
12:39:25.0567 1112 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
12:39:25.0583 1112 BrUsbMdm - ok
12:39:25.0598 1112 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
12:39:25.0598 1112 BrUsbSer - ok
12:39:25.0614 1112 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
12:39:25.0614 1112 BTHMODEM - ok
12:39:25.0661 1112 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
12:39:25.0661 1112 cdfs - ok
12:39:25.0692 1112 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
12:39:25.0692 1112 cdrom - ok
12:39:25.0754 1112 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
12:39:25.0754 1112 CertPropSvc - ok
12:39:25.0786 1112 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
12:39:25.0786 1112 circlass - ok
12:39:25.0817 1112 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
12:39:25.0832 1112 CLFS - ok
12:39:25.0879 1112 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:39:25.0879 1112 clr_optimization_v2.0.50727_32 - ok
12:39:25.0988 1112 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:39:26.0129 1112 clr_optimization_v4.0.30319_32 - ok
12:39:26.0176 1112 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
12:39:26.0191 1112 CmBatt - ok
12:39:26.0207 1112 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
12:39:26.0207 1112 cmdide - ok
12:39:26.0222 1112 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
12:39:26.0222 1112 Compbatt - ok
12:39:26.0222 1112 COMSysApp - ok
12:39:26.0238 1112 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
12:39:26.0254 1112 crcdisk - ok
12:39:26.0254 1112 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
12:39:26.0269 1112 Crusoe - ok
12:39:26.0316 1112 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
12:39:26.0316 1112 CryptSvc - ok
12:39:26.0394 1112 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
12:39:26.0425 1112 DcomLaunch - ok
12:39:26.0441 1112 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
12:39:26.0441 1112 DfsC - ok
12:39:26.0581 1112 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
12:39:26.0644 1112 DFSR - ok
12:39:26.0784 1112 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
12:39:26.0784 1112 Dhcp - ok
12:39:26.0831 1112 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
12:39:26.0831 1112 disk - ok
12:39:26.0878 1112 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
12:39:26.0878 1112 DKbFltr - ok
12:39:26.0924 1112 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
12:39:26.0924 1112 Dnscache - ok
12:39:26.0956 1112 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
12:39:26.0971 1112 dot3svc - ok
12:39:27.0018 1112 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
12:39:27.0018 1112 Dot4 - ok
12:39:27.0034 1112 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:39:27.0034 1112 Dot4Print - ok
12:39:27.0065 1112 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
12:39:27.0065 1112 dot4usb - ok
12:39:27.0112 1112 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
12:39:27.0112 1112 DPS - ok
12:39:27.0143 1112 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
12:39:27.0143 1112 drmkaud - ok
12:39:27.0205 1112 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
12:39:27.0252 1112 DXGKrnl - ok
12:39:27.0283 1112 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
12:39:27.0299 1112 E1G60 - ok
12:39:27.0314 1112 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
12:39:27.0314 1112 EapHost - ok
12:39:27.0392 1112 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
12:39:27.0392 1112 Ecache - ok
12:39:27.0455 1112 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
12:39:27.0470 1112 ehRecvr - ok
12:39:27.0486 1112 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
12:39:27.0486 1112 ehSched - ok
12:39:27.0502 1112 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
12:39:27.0502 1112 ehstart - ok
12:39:27.0548 1112 ElRawDisk (9c64c2a950195f9bc3a09a499648b01c) C:\Windows\system32\drivers\ElRawDsk.sys
12:39:27.0548 1112 ElRawDisk - ok
12:39:27.0611 1112 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
12:39:27.0626 1112 elxstor - ok
12:39:27.0673 1112 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
12:39:27.0704 1112 EMDMgmt - ok
12:39:27.0798 1112 ePowerSvc (2072cbe938dd355c4a52e9a4dcf5439f) C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe
12:39:27.0829 1112 ePowerSvc - ok
12:39:27.0907 1112 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
12:39:27.0907 1112 ErrDev - ok
12:39:27.0954 1112 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
12:39:27.0954 1112 EventSystem - ok
12:39:28.0016 1112 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
12:39:28.0016 1112 exfat - ok
12:39:28.0048 1112 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
12:39:28.0048 1112 fastfat - ok
12:39:28.0079 1112 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
12:39:28.0079 1112 fdc - ok
12:39:28.0110 1112 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
12:39:28.0110 1112 fdPHost - ok
12:39:28.0126 1112 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
12:39:28.0126 1112 FDResPub - ok
12:39:28.0157 1112 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
12:39:28.0172 1112 FileInfo - ok
12:39:28.0188 1112 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
12:39:28.0188 1112 Filetrace - ok
12:39:28.0282 1112 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:39:28.0328 1112 FLEXnet Licensing Service - ok
12:39:28.0344 1112 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
12:39:28.0344 1112 flpydisk - ok
12:39:28.0375 1112 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
12:39:28.0391 1112 FltMgr - ok
12:39:28.0500 1112 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
12:39:28.0531 1112 FontCache - ok
12:39:28.0609 1112 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:39:28.0609 1112 FontCache3.0.0.0 - ok
12:39:28.0640 1112 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
12:39:28.0640 1112 Fs_Rec - ok
12:39:28.0672 1112 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
12:39:28.0672 1112 gagp30kx - ok
12:39:28.0703 1112 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:39:28.0703 1112 GEARAspiWDM - ok
12:39:28.0750 1112 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
12:39:28.0781 1112 gpsvc - ok
12:39:28.0890 1112 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
12:39:28.0890 1112 gupdate - ok
12:39:28.0906 1112 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
12:39:28.0906 1112 gupdatem - ok
12:39:28.0952 1112 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:39:28.0952 1112 gusvc - ok
12:39:29.0015 1112 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
12:39:29.0030 1112 HdAudAddService - ok
12:39:29.0077 1112 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:39:29.0093 1112 HDAudBus - ok
12:39:29.0124 1112 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
12:39:29.0124 1112 HidBth - ok
12:39:29.0140 1112 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
12:39:29.0140 1112 HidIr - ok
12:39:29.0171 1112 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
12:39:29.0171 1112 hidserv - ok
12:39:29.0202 1112 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
12:39:29.0202 1112 HidUsb - ok
12:39:29.0233 1112 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
12:39:29.0233 1112 hkmsvc - ok
12:39:29.0249 1112 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
12:39:29.0249 1112 HpCISSs - ok
12:39:29.0405 1112 hpqcxs08 (ed377b3c83fdea8d906109a085d219ba) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
12:39:29.0405 1112 hpqcxs08 - ok
12:39:29.0436 1112 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
12:39:29.0452 1112 hpqddsvc - ok
12:39:29.0483 1112 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\Windows\system32\DRIVERS\HPZius12.sys
12:39:29.0483 1112 HPZius12 - ok
12:39:29.0530 1112 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
12:39:29.0530 1112 HSFHWAZL - ok
12:39:29.0592 1112 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
12:39:29.0639 1112 HSF_DPV - ok
12:39:29.0686 1112 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
12:39:29.0717 1112 HTTP - ok
12:39:29.0748 1112 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
12:39:29.0748 1112 i2omp - ok
12:39:29.0795 1112 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
12:39:29.0795 1112 i8042prt - ok
12:39:29.0842 1112 iaStor (71ecc07bc7c5e24c3dd01d8a29a24054) C:\Windows\system32\DRIVERS\iaStor.sys
12:39:29.0842 1112 iaStor - ok
12:39:29.0873 1112 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
12:39:29.0873 1112 iaStorV - ok
12:39:29.0966 1112 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:39:29.0998 1112 idsvc - ok
12:39:30.0434 1112 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
12:39:30.0590 1112 igfx - ok
12:39:30.0715 1112 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
12:39:30.0715 1112 iirsp - ok
12:39:30.0762 1112 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
12:39:30.0778 1112 IKEEXT - ok
12:39:30.0824 1112 IntcHdmiAddService (092a78e9c6f71bf0e22379503b90e800) C:\Windows\system32\drivers\IntcHdmi.sys
12:39:30.0840 1112 IntcHdmiAddService - ok
12:39:30.0887 1112 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
12:39:30.0902 1112 intelide - ok
12:39:30.0934 1112 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
12:39:30.0934 1112 intelppm - ok
12:39:30.0980 1112 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
12:39:30.0996 1112 IPBusEnum - ok
12:39:31.0012 1112 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:39:31.0012 1112 IpFilterDriver - ok
12:39:31.0058 1112 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
12:39:31.0058 1112 iphlpsvc - ok
12:39:31.0090 1112 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
12:39:31.0090 1112 IPMIDRV - ok
12:39:31.0105 1112 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
12:39:31.0121 1112 IPNAT - ok
12:39:31.0230 1112 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe
12:39:31.0277 1112 iPod Service - ok
12:39:31.0324 1112 irda (e50a95179211b12946f7e035d60af560) C:\Windows\system32\DRIVERS\irda.sys
12:39:31.0324 1112 irda - ok
12:39:31.0339 1112 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
12:39:31.0339 1112 IRENUM - ok
12:39:31.0370 1112 Irmon (cbb0d940221a281bcfeaea695bd1cda5) C:\Windows\System32\irmon.dll
12:39:31.0370 1112 Irmon - ok
12:39:31.0386 1112 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
12:39:31.0386 1112 isapnp - ok
12:39:31.0433 1112 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
12:39:31.0433 1112 iScsiPrt - ok
12:39:31.0448 1112 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
12:39:31.0464 1112 iteatapi - ok
12:39:31.0464 1112 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
12:39:31.0480 1112 iteraid - ok
12:39:31.0526 1112 k57nd60x (eac21e8014c7e6ee341afffb7e2bbd54) C:\Windows\system32\DRIVERS\k57nd60x.sys
12:39:31.0526 1112 k57nd60x - ok
12:39:31.0558 1112 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
12:39:31.0558 1112 kbdclass - ok
12:39:31.0589 1112 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
12:39:31.0589 1112 kbdhid - ok
12:39:31.0620 1112 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:39:31.0620 1112 KeyIso - ok
12:39:31.0682 1112 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
12:39:31.0698 1112 KSecDD - ok
12:39:31.0760 1112 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
12:39:31.0776 1112 KtmRm - ok
12:39:31.0823 1112 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
12:39:31.0823 1112 LanmanServer - ok
12:39:31.0885 1112 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
12:39:31.0901 1112 LanmanWorkstation - ok
12:39:31.0932 1112 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
12:39:31.0932 1112 lltdio - ok
12:39:31.0963 1112 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
12:39:31.0963 1112 lltdsvc - ok
12:39:31.0979 1112 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
12:39:31.0994 1112 lmhosts - ok
12:39:32.0010 1112 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
12:39:32.0010 1112 LSI_FC - ok
12:39:32.0041 1112 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
12:39:32.0041 1112 LSI_SAS - ok
12:39:32.0072 1112 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
12:39:32.0072 1112 LSI_SCSI - ok
12:39:32.0088 1112 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
12:39:32.0104 1112 luafv - ok
12:39:32.0228 1112 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files\Common Files\Motive\McciCMService.exe
12:39:32.0244 1112 McciCMService - ok
12:39:32.0260 1112 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
12:39:32.0260 1112 Mcx2Svc - ok
12:39:32.0306 1112 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
12:39:32.0322 1112 megasas - ok
12:39:32.0369 1112 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
12:39:32.0384 1112 MegaSR - ok
12:39:32.0462 1112 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
12:39:32.0462 1112 Microsoft Office Groove Audit Service - ok
12:39:32.0494 1112 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
12:39:32.0494 1112 MMCSS - ok
12:39:32.0509 1112 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
12:39:32.0509 1112 Modem - ok
12:39:32.0556 1112 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
12:39:32.0556 1112 monitor - ok
12:39:32.0572 1112 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
12:39:32.0572 1112 mouclass - ok
12:39:32.0587 1112 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
12:39:32.0603 1112 mouhid - ok
12:39:32.0618 1112 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
12:39:32.0618 1112 MountMgr - ok
12:39:32.0650 1112 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
12:39:32.0650 1112 mpio - ok
12:39:32.0665 1112 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
12:39:32.0665 1112 mpsdrv - ok
12:39:32.0712 1112 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
12:39:32.0728 1112 MpsSvc - ok
12:39:32.0759 1112 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
12:39:32.0759 1112 Mraid35x - ok
12:39:32.0868 1112 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
12:39:32.0868 1112 MREMP50 - ok
12:39:32.0884 1112 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
12:39:32.0884 1112 MRESP50 - ok
12:39:32.0915 1112 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
12:39:32.0915 1112 MRxDAV - ok
12:39:32.0930 1112 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:39:32.0930 1112 mrxsmb - ok
12:39:32.0977 1112 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:39:32.0977 1112 mrxsmb10 - ok
12:39:32.0993 1112 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:39:32.0993 1112 mrxsmb20 - ok
12:39:33.0055 1112 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
12:39:33.0055 1112 msahci - ok
12:39:33.0071 1112 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
12:39:33.0071 1112 msdsm - ok
12:39:33.0102 1112 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
12:39:33.0102 1112 MSDTC - ok
12:39:33.0133 1112 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
12:39:33.0133 1112 Msfs - ok
12:39:33.0180 1112 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
12:39:33.0180 1112 msisadrv - ok
12:39:33.0196 1112 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
12:39:33.0196 1112 MSiSCSI - ok
12:39:33.0211 1112 msiserver - ok
12:39:33.0242 1112 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
12:39:33.0242 1112 MSKSSRV - ok
12:39:33.0258 1112 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
12:39:33.0258 1112 MSPCLOCK - ok
12:39:33.0258 1112 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
12:39:33.0274 1112 MSPQM - ok
12:39:33.0305 1112 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
12:39:33.0305 1112 MsRPC - ok
12:39:33.0320 1112 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
12:39:33.0320 1112 mssmbios - ok
12:39:33.0336 1112 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
12:39:33.0336 1112 MSTEE - ok
12:39:33.0352 1112 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
12:39:33.0367 1112 Mup - ok
12:39:33.0461 1112 MWAgent (fb496283b885730a16db9af0c7d33fc3) C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWASER.EXE
12:39:33.0523 1112 MWAgent - ok
12:39:33.0554 1112 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
12:39:33.0570 1112 napagent - ok
12:39:33.0632 1112 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
12:39:33.0632 1112 NativeWifiP - ok
12:39:33.0710 1112 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
12:39:33.0726 1112 NDIS - ok
12:39:33.0742 1112 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
12:39:33.0742 1112 NdisTapi - ok
12:39:33.0757 1112 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
12:39:33.0757 1112 Ndisuio - ok
12:39:33.0788 1112 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
12:39:33.0788 1112 NdisWan - ok
12:39:33.0804 1112 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
12:39:33.0804 1112 NDProxy - ok
12:39:33.0866 1112 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
12:39:33.0866 1112 Net Driver HPZ12 - ok
12:39:33.0882 1112 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
12:39:33.0882 1112 NetBIOS - ok
12:39:33.0898 1112 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
12:39:33.0898 1112 netbt - ok
12:39:33.0929 1112 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:39:33.0929 1112 Netlogon - ok
12:39:33.0976 1112 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
12:39:33.0991 1112 Netman - ok
12:39:34.0100 1112 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:39:34.0147 1112 NetMsmqActivator - ok
12:39:34.0147 1112 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:39:34.0163 1112 NetPipeActivator - ok
12:39:34.0194 1112 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
12:39:34.0194 1112 netprofm - ok
12:39:34.0210 1112 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:39:34.0210 1112 NetTcpActivator - ok
12:39:34.0210 1112 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:39:34.0225 1112 NetTcpPortSharing - ok
12:39:34.0272 1112 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
12:39:34.0272 1112 nfrd960 - ok
12:39:34.0288 1112 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
12:39:34.0288 1112 NlaSvc - ok
12:39:34.0334 1112 NPF (b9730495e0cf674680121e34bd95a73b) C:\Windows\system32\drivers\npf.sys
12:39:34.0350 1112 NPF - ok
12:39:34.0366 1112 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
12:39:34.0366 1112 Npfs - ok
12:39:34.0381 1112 NSCIRDA (6d8d2e5652fc2442c810c5d8be784148) C:\Windows\system32\DRIVERS\nscirda.sys
12:39:34.0397 1112 NSCIRDA - ok
12:39:34.0412 1112 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
12:39:34.0412 1112 nsi - ok
12:39:34.0428 1112 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
12:39:34.0428 1112 nsiproxy - ok
12:39:34.0490 1112 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
12:39:34.0537 1112 Ntfs - ok
12:39:34.0584 1112 NTI IScheduleSvc (0f0f75069c8016645dfcae93a190cacf) C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
12:39:34.0584 1112 NTI IScheduleSvc - ok
12:39:34.0600 1112 NTIDrvr (6dcaa65f49ef3b97a5cffc0cb5de1c2f) C:\Windows\system32\drivers\NTIDrvr.sys
12:39:34.0600 1112 NTIDrvr - ok
12:39:34.0631 1112 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
12:39:34.0631 1112 ntrigdigi - ok
12:39:34.0662 1112 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
12:39:34.0662 1112 Null - ok
12:39:34.0693 1112 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
12:39:34.0693 1112 nvraid - ok
12:39:34.0709 1112 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
12:39:34.0709 1112 nvstor - ok
12:39:34.0724 1112 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
12:39:34.0724 1112 nv_agp - ok
12:39:34.0834 1112 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:39:34.0865 1112 odserv - ok
12:39:34.0912 1112 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
12:39:34.0912 1112 ohci1394 - ok
12:39:34.0958 1112 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:39:34.0958 1112 ose - ok
12:39:35.0005 1112 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:39:35.0036 1112 p2pimsvc - ok
12:39:35.0052 1112 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:39:35.0052 1112 p2psvc - ok
12:39:35.0083 1112 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
12:39:35.0083 1112 Parport - ok
12:39:35.0130 1112 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
12:39:35.0130 1112 partmgr - ok
12:39:35.0177 1112 Partner Service (3c6e7d73b0e9bc21d5e4b531ab7ec091) C:\ProgramData\Partner\partner.exe
12:39:35.0177 1112 Partner Service - ok
12:39:35.0192 1112 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
12:39:35.0192 1112 Parvdm - ok
12:39:35.0224 1112 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
12:39:35.0224 1112 PcaSvc - ok
12:39:35.0255 1112 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
12:39:35.0270 1112 pci - ok
12:39:35.0286 1112 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
12:39:35.0286 1112 pciide - ok
12:39:35.0333 1112 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
12:39:35.0333 1112 pcmcia - ok
12:39:35.0364 1112 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
12:39:35.0364 1112 pcouffin - ok
12:39:35.0426 1112 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
12:39:35.0473 1112 PEAUTH - ok
12:39:35.0567 1112 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
12:39:35.0629 1112 pla - ok
12:39:35.0738 1112 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
12:39:35.0754 1112 PlugPlay - ok
12:39:35.0785 1112 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
12:39:35.0801 1112 Pml Driver HPZ12 - ok
12:39:35.0832 1112 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:39:35.0848 1112 PNRPAutoReg - ok
12:39:35.0848 1112 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:39:35.0863 1112 PNRPsvc - ok
12:39:35.0910 1112 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
12:39:35.0926 1112 PolicyAgent - ok
12:39:35.0972 1112 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
12:39:35.0988 1112 PptpMiniport - ok
12:39:35.0988 1112 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
12:39:36.0004 1112 Processor - ok
12:39:36.0035 1112 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
12:39:36.0035 1112 ProfSvc - ok
12:39:36.0066 1112 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:39:36.0066 1112 ProtectedStorage - ok
12:39:36.0097 1112 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
12:39:36.0097 1112 PSched - ok
12:39:36.0144 1112 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
12:39:36.0160 1112 PxHelp20 - ok
12:39:36.0222 1112 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
12:39:36.0269 1112 ql2300 - ok
12:39:36.0300 1112 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
12:39:36.0300 1112 ql40xx - ok
12:39:36.0331 1112 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
12:39:36.0347 1112 QWAVE - ok
12:39:36.0362 1112 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
12:39:36.0362 1112 QWAVEdrv - ok
12:39:36.0456 1112 RapiMgr (70dbdab246c18b78e2200d6401d038be) C:\Windows\WindowsMobile\rapimgr.dll
12:39:36.0456 1112 RapiMgr - ok
12:39:36.0643 1112 RapportCerberus_34302 (6b6f0a77365667912360ff1d5e984f25) C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys
12:39:36.0659 1112 RapportCerberus_34302 - ok
12:39:36.0784 1112 RapportEI (a5a800faa8ab5f7f19743cd60cc1cbed) C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
12:39:36.0784 1112 RapportEI - ok
12:39:36.0862 1112 RapportIaso (35199ec35edc7dcba71fda711dfb05c0) c:\programdata\trusteer\rapport\store\exts\rapportms\39624\rapportiaso.sys
12:39:36.0877 1112 RapportIaso - ok
12:39:36.0908 1112 RapportKELL (e5adfe497baf93eac2be20a58c40c874) C:\Windows\system32\Drivers\RapportKELL.sys
12:39:36.0908 1112 RapportKELL - ok
12:39:36.0971 1112 RapportMgmtService (c862053be4168c0bb6191af76b9fc878) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
12:39:37.0033 1112 RapportMgmtService - ok
12:39:37.0080 1112 RapportPG (fe69d9bc32dccb4b49885070d6518275) C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
12:39:37.0080 1112 RapportPG - ok
12:39:37.0111 1112 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
12:39:37.0111 1112 RasAcd - ok
12:39:37.0127 1112 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
12:39:37.0142 1112 RasAuto - ok
12:39:37.0158 1112 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:39:37.0158 1112 Rasl2tp - ok
12:39:37.0189 1112 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
12:39:37.0205 1112 RasMan - ok
12:39:37.0236 1112 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
12:39:37.0236 1112 RasPppoe - ok
12:39:37.0252 1112 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
12:39:37.0252 1112 RasSstp - ok
12:39:37.0283 1112 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
12:39:37.0298 1112 rdbss - ok
12:39:37.0314 1112 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:39:37.0314 1112 RDPCDD - ok
12:39:37.0345 1112 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
12:39:37.0361 1112 rdpdr - ok
12:39:37.0361 1112 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
12:39:37.0361 1112 RDPENCDD - ok
12:39:37.0392 1112 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
12:39:37.0408 1112 RDPWD - ok
12:39:37.0454 1112 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
12:39:37.0454 1112 RemoteAccess - ok
12:39:37.0486 1112 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
12:39:37.0486 1112 RemoteRegistry - ok
12:39:37.0579 1112 rpcapd (a780d3eaa74582ea1deb6bd9c7a3d9c9) C:\Program Files\WinPcap\rpcapd.exe
12:39:37.0579 1112 rpcapd - ok
12:39:37.0610 1112 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
12:39:37.0610 1112 RpcLocator - ok
12:39:37.0657 1112 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\System32\rpcss.dll
12:39:37.0657 1112 RpcSs - ok
12:39:37.0688 1112 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
12:39:37.0688 1112 rspndr - ok
12:39:37.0720 1112 RTSTOR (d97d8259293b7a82cb891f37f997df3f) C:\Windows\system32\drivers\RTSTOR.SYS
12:39:37.0735 1112 RTSTOR - ok
12:39:37.0844 1112 RUBotSrv (a0eea6f631349d0e0b7a6caa7e099cb0) C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe
12:39:37.0860 1112 RUBotSrv - ok
12:39:37.0891 1112 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:39:37.0891 1112 SamSs - ok
12:39:37.0922 1112 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
12:39:37.0922 1112 sbp2port - ok
12:39:37.0969 1112 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
12:39:37.0985 1112 SCardSvr - ok
12:39:38.0032 1112 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
12:39:38.0078 1112 Schedule - ok
12:39:38.0110 1112 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
12:39:38.0110 1112 SCPolicySvc - ok
12:39:38.0141 1112 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
12:39:38.0141 1112 sdbus - ok
12:39:38.0156 1112 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
12:39:38.0156 1112 SDRSVC - ok
12:39:38.0188 1112 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
12:39:38.0188 1112 secdrv - ok
12:39:38.0203 1112 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
12:39:38.0203 1112 seclogon - ok
12:39:38.0219 1112 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
12:39:38.0219 1112 SENS - ok
12:39:38.0234 1112 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
12:39:38.0234 1112 Serenum - ok
12:39:38.0250 1112 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
12:39:38.0250 1112 Serial - ok
12:39:38.0281 1112 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
12:39:38.0281 1112 sermouse - ok
12:39:38.0297 1112 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
12:39:38.0312 1112 SessionEnv - ok
12:39:38.0312 1112 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
12:39:38.0328 1112 sffdisk - ok
12:39:38.0344 1112 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
12:39:38.0344 1112 sffp_mmc - ok
12:39:38.0359 1112 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
12:39:38.0359 1112 sffp_sd - ok
12:39:38.0375 1112 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
12:39:38.0375 1112 sfloppy - ok
12:39:38.0406 1112 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
12:39:38.0422 1112 SharedAccess - ok
12:39:38.0484 1112 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
12:39:38.0484 1112 ShellHWDetection - ok
12:39:38.0500 1112 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
12:39:38.0515 1112 sisagp - ok
12:39:38.0531 1112 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
12:39:38.0531 1112 SiSRaid2 - ok
12:39:38.0562 1112 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
12:39:38.0562 1112 SiSRaid4 - ok
12:39:38.0718 1112 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
12:39:38.0796 1112 slsvc - ok
12:39:38.0921 1112 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
12:39:38.0921 1112 SLUINotify - ok
12:39:38.0968 1112 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
12:39:38.0968 1112 Smb - ok
12:39:38.0999 1112 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
12:39:38.0999 1112 SNMPTRAP - ok
12:39:39.0030 1112 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
12:39:39.0030 1112 spldr - ok
12:39:39.0061 1112 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
12:39:39.0061 1112 Spooler - ok
12:39:39.0155 1112 SQLWriter (8e6e5cfa06769a417b03fd6faa29e010) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:39:39.0155 1112 SQLWriter - ok
12:39:39.0202 1112 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
12:39:39.0217 1112 srv - ok
12:39:39.0264 1112 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
12:39:39.0280 1112 srv2 - ok
12:39:39.0295 1112 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
12:39:39.0295 1112 srvnet - ok
12:39:39.0326 1112 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
12:39:39.0342 1112 SSDPSRV - ok
12:39:39.0358 1112 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
12:39:39.0358 1112 SstpSvc - ok
12:39:39.0404 1112 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
12:39:39.0436 1112 stisvc - ok
12:39:39.0451 1112 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
12:39:39.0451 1112 swenum - ok
12:39:39.0482 1112 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
12:39:39.0498 1112 swprv - ok
12:39:39.0514 1112 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
12:39:39.0514 1112 Symc8xx - ok
12:39:39.0529 1112 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
12:39:39.0529 1112 Sym_hi - ok
12:39:39.0545 1112 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
12:39:39.0560 1112 Sym_u3 - ok
12:39:39.0607 1112 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
12:39:39.0623 1112 SysMain - ok
12:39:39.0654 1112 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
12:39:39.0654 1112 TabletInputService - ok
12:39:39.0685 1112 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
12:39:39.0701 1112 TapiSrv - ok
12:39:39.0763 1112 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
12:39:39.0763 1112 TBS - ok
12:39:39.0841 1112 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
12:39:39.0888 1112 Tcpip - ok
12:39:39.0904 1112 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
12:39:39.0904 1112 Tcpip6 - ok
12:39:39.0935 1112 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
12:39:39.0935 1112 tcpipreg - ok
12:39:39.0950 1112 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
12:39:39.0966 1112 TDPIPE - ok
12:39:39.0982 1112 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
12:39:39.0982 1112 TDTCP - ok
12:39:40.0013 1112 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
12:39:40.0013 1112 tdx - ok
12:39:40.0044 1112 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
12:39:40.0044 1112 TermDD - ok
12:39:40.0091 1112 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
12:39:40.0106 1112 TermService - ok
12:39:40.0169 1112 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
12:39:40.0169 1112 Themes - ok
12:39:40.0184 1112 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
12:39:40.0184 1112 THREADORDER - ok
12:39:40.0231 1112 tmactmon (e8e528896ff2595cfada88749cd72ef8) C:\Windows\system32\DRIVERS\tmactmon.sys
12:39:40.0231 1112 tmactmon - ok
12:39:40.0247 1112 tmcomm (1837512d4aab862bd297a2ef035fba14) C:\Windows\system32\DRIVERS\tmcomm.sys
12:39:40.0262 1112 tmcomm - ok
12:39:40.0278 1112 tmevtmgr (dbac510d1c7cc66b7a78eb2264f3072e) C:\Windows\system32\DRIVERS\tmevtmgr.sys
12:39:40.0278 1112 tmevtmgr - ok
12:39:40.0309 1112 tmtdi (a6e20b094a8d3e3f46d10bbe7e1ebb82) C:\Windows\system32\DRIVERS\tmtdi.sys
12:39:40.0309 1112 tmtdi - ok
12:39:40.0340 1112 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
12:39:40.0340 1112 TrkWks - ok
12:39:40.0403 1112 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
12:39:40.0403 1112 TrustedInstaller - ok
12:39:40.0418 1112 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:39:40.0434 1112 tssecsrv - ok
12:39:40.0450 1112 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
12:39:40.0450 1112 tunmp - ok
12:39:40.0481 1112 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
12:39:40.0481 1112 tunnel - ok
12:39:40.0496 1112 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
12:39:40.0496 1112 uagp35 - ok
12:39:40.0528 1112 UBHelper (d79c0b9bb011218b93705cbf77fa3e5e) C:\Windows\system32\drivers\UBHelper.sys
12:39:40.0528 1112 UBHelper - ok
12:39:40.0559 1112 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
12:39:40.0559 1112 udfs - ok
12:39:40.0590 1112 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
12:39:40.0606 1112 UI0Detect - ok
12:39:40.0621 1112 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
12:39:40.0621 1112 uliagpkx - ok
12:39:40.0637 1112 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
12:39:40.0652 1112 uliahci - ok
12:39:40.0668 1112 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
12:39:40.0668 1112 UlSata - ok
12:39:40.0684 1112 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
12:39:40.0684 1112 ulsata2 - ok
12:39:40.0699 1112 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
12:39:40.0715 1112 umbus - ok
12:39:40.0730 1112 UMPass (88bd96a1baeed33ee8bdf9499c07a841) C:\Windows\system32\DRIVERS\umpass.sys
12:39:40.0730 1112 UMPass - ok
12:39:40.0762 1112 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
12:39:40.0777 1112 upnphost - ok
12:39:40.0808 1112 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
12:39:40.0808 1112 USBAAPL - ok
12:39:40.0840 1112 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
12:39:40.0855 1112 usbaudio - ok
12:39:40.0886 1112 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
12:39:40.0886 1112 usbccgp - ok
12:39:40.0902 1112 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
12:39:40.0918 1112 usbcir - ok
12:39:40.0949 1112 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
12:39:40.0964 1112 usbehci - ok
12:39:40.0980 1112 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
12:39:40.0980 1112 usbhub - ok
12:39:40.0996 1112 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
12:39:40.0996 1112 usbohci - ok
12:39:41.0027 1112 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
12:39:41.0027 1112 usbprint - ok
12:39:41.0042 1112 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:39:41.0042 1112 USBSTOR - ok
12:39:41.0058 1112 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
12:39:41.0058 1112 usbuhci - ok
12:39:41.0074 1112 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
12:39:41.0074 1112 usbvideo - ok
12:39:41.0105 1112 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
12:39:41.0105 1112 UxSms - ok
12:39:41.0136 1112 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
12:39:41.0167 1112 vds - ok
12:39:41.0183 1112 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
12:39:41.0183 1112 vga - ok
12:39:41.0198 1112 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
12:39:41.0198 1112 VgaSave - ok
12:39:41.0214 1112 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
12:39:41.0214 1112 viaagp - ok
12:39:41.0230 1112 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
12:39:41.0230 1112 ViaC7 - ok
12:39:41.0245 1112 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
12:39:41.0245 1112 viaide - ok
12:39:41.0261 1112 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
12:39:41.0261 1112 volmgr - ok
12:39:41.0292 1112 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
12:39:41.0308 1112 volmgrx - ok
12:39:41.0354 1112 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
12:39:41.0386 1112 volsnap - ok
12:39:41.0432 1112 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
12:39:41.0432 1112 vsmraid - ok
12:39:41.0495 1112 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
12:39:41.0542 1112 VSS - ok
12:39:41.0588 1112 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
12:39:41.0604 1112 W32Time - ok
12:39:41.0651 1112 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
12:39:41.0651 1112 WacomPen - ok
12:39:41.0682 1112 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:39:41.0682 1112 Wanarp - ok
12:39:41.0682 1112 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:39:41.0682 1112 Wanarpv6 - ok
12:39:41.0760 1112 WcesComm (779f9c90d3fe9c70b6ffd8ef035f3e83) C:\Windows\WindowsMobile\wcescomm.dll
12:39:41.0776 1112 WcesComm - ok
12:39:41.0822 1112 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
12:39:41.0838 1112 wcncsvc - ok
12:39:41.0854 1112 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
12:39:41.0869 1112 WcsPlugInService - ok
12:39:41.0885 1112 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
12:39:41.0885 1112 Wd - ok
12:39:41.0916 1112 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
12:39:41.0932 1112 WDC_SAM - ok
12:39:41.0963 1112 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
12:39:41.0978 1112 Wdf01000 - ok
12:39:41.0994 1112 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
12:39:42.0010 1112 WdiServiceHost - ok
12:39:42.0010 1112 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
12:39:42.0010 1112 WdiSystemHost - ok
12:39:42.0056 1112 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
12:39:42.0056 1112 WebClient - ok
12:39:42.0088 1112 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
12:39:42.0103 1112 Wecsvc - ok
12:39:42.0103 1112 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
12:39:42.0119 1112 wercplsupport - ok
12:39:42.0134 1112 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
12:39:42.0150 1112 WerSvc - ok
12:39:42.0197 1112 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
12:39:42.0244 1112 winachsf - ok
12:39:42.0306 1112 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
12:39:42.0306 1112 WinDefend - ok
12:39:42.0337 1112 WinHttpAutoProxySvc - ok
12:39:42.0400 1112 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
12:39:42.0400 1112 Winmgmt - ok
12:39:42.0478 1112 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
12:39:42.0556 1112 WinRM - ok
12:39:42.0618 1112 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
12:39:42.0618 1112 winusb - ok
12:39:42.0665 1112 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
12:39:42.0680 1112 Wlansvc - ok
12:39:42.0805 1112 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:39:42.0868 1112 wlidsvc - ok
12:39:42.0992 1112 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
12:39:42.0992 1112 WmiAcpi - ok
12:39:43.0055 1112 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
12:39:43.0055 1112 wmiApSrv - ok
12:39:43.0164 1112 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
12:39:43.0195 1112 WMPNetworkSvc - ok
12:39:43.0226 1112 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
12:39:43.0226 1112 WPCSvc - ok
12:39:43.0273 1112 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
12:39:43.0273 1112 WPDBusEnum - ok
12:39:43.0320 1112 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
12:39:43.0336 1112 WpdUsb - ok
12:39:43.0492 1112 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:39:43.0554 1112 WPFFontCache_v0400 - ok
12:39:43.0585 1112 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
12:39:43.0585 1112 ws2ifsl - ok
12:39:43.0616 1112 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
12:39:43.0616 1112 wscsvc - ok
12:39:43.0616 1112 WSearch - ok
12:39:43.0726 1112 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
12:39:43.0819 1112 wuauserv - ok
12:39:43.0960 1112 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:39:43.0960 1112 WUDFRd - ok
12:39:43.0991 1112 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
12:39:43.0991 1112 wudfsvc - ok
12:39:44.0022 1112 MBR (0x1B8) (beedf9b7f43a72a91456f7131afc11b2) \Device\Harddisk0\DR0
12:39:44.0365 1112 \Device\Harddisk0\DR0 - ok
12:39:44.0428 1112 Boot (0x1200) (d74b44a89f060535df363ba43aebd7d6) \Device\Harddisk0\DR0\Partition0
12:39:44.0428 1112 \Device\Harddisk0\DR0\Partition0 - ok
12:39:44.0428 1112 ============================================================
12:39:44.0428 1112 Scan finished
12:39:44.0428 1112 ============================================================
12:39:44.0443 1076 Detected object count: 0
12:39:44.0443 1076 Actual detected object count: 0
12:44:13.0653 1640 Deinitialize success

Note: TDSSKiller did not need to reboot


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/27/2012 at 02:52 PM

Application Version : 5.5.1012

Core Rules Database Version : 8970
Trace Rules Database Version: 6782

Scan type : Complete Scan
Total Scan Time : 01:18:25

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC Off - Administrator

Memory items scanned : 393
Memory threats detected : 0
Registry items scanned : 35164
Registry threats detected : 0
File items scanned : 170079
File threats detected : 2

Trojan.Agent/Gen-Tracur
C:\WINDOWS\SYSTEM32\DISCHANDLER.EXE

Worm.Mytob Variant
C:\WINDOWS\SYSTEM32\TEST2.EXE


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.27.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Downing's :: DOWNINGS-PC [administrator]

27/07/2012 18:00:00
mbam-log-2012-07-27 (18-00-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218770
Time elapsed: 10 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Note: Not sure whether it is of any use but I have had Malwarebytes Anti-Malware installed previously on this laptop and removed it because it never seemed to find anything. I would have previously done a straight download and installation without changing the file name as requested. May this have already impacted on the installation this time round??


In regards to how the laptop is running now;

the boot / load takes some 5 minutes from start to finish, this is as it was before these scans.
windows explorer appears to be much quicker, it does still hang between windows
internet explorer is incredibly slow and non-responsive with pages hanging, timer just spinning, back button slow
I use safari which seems to be much more responsive then IE

Cheers,
Rob

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:36 AM

Posted 27 July 2012 - 07:18 PM

Hello, Looks like we have cleaned it.. I see some errors in the event log.
I feel it is best to start a new topic now in the Vista forum up top. Post the

========================= Event log errors: ===============================

Application errors:

AND
System errors:
=============
from the MinitoolBox log above along with this
the boot / load takes some 5 minutes from start to finish, this is as it was before these scans.
windows explorer appears to be much quicker, it does still hang between windows
internet explorer is incredibly slow and non-responsive with pages hanging, timer just spinning, back button slow
I use safari which seems to be much more responsive then IE



There are some sytem errors and I cannot fix them.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 rdowning

rdowning
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:36 AM

Posted 28 July 2012 - 01:28 AM

Hi Boopme,

Thanks for your time and your help in cleaning the laptop, it really is appreciated.

Rob




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users