Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Got a computer infected with a trojan or 2


  • Please log in to reply
15 replies to this topic

#1 Plague02

Plague02

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 27 July 2012 - 10:46 AM

My mom's computer got something nasty. At first, MSE wouldn't start up. Then, I got it to start, it would detect sirefef, but then it would reboot in 1 minute saying it received a critical error. I had to uninstall MSE to keep this from happening.

I installed AVG, and now it doesn't reboot, but it says that it has detected dropper.generic_c.MMI. But, it doesn't fix the problem because it is in services.exe. So, I am in over my head on trying to remove this one. I saw some other post that looked like people were able to get this resolved by posting here. I am hoping that I could have the same luck. Thanks

Windows 7 64 bit.

Please let me know what other information you need.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 AM

Posted 27 July 2012 - 11:36 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Plague02

Plague02
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 27 July 2012 - 07:05 PM

TDSS output


15:38:29.0323 3252 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
15:38:29.0884 3252 ============================================================
15:38:29.0884 3252 Current date / time: 2012/07/27 15:38:29.0884
15:38:29.0884 3252 SystemInfo:
15:38:29.0884 3252
15:38:29.0884 3252 OS Version: 6.1.7600 ServicePack: 0.0
15:38:29.0884 3252 Product type: Workstation
15:38:29.0884 3252 ComputerName: PAT-PC
15:38:29.0884 3252 UserName: Pat
15:38:29.0884 3252 Windows directory: C:\Windows
15:38:29.0884 3252 System windows directory: C:\Windows
15:38:29.0884 3252 Running under WOW64
15:38:29.0884 3252 Processor architecture: Intel x64
15:38:29.0884 3252 Number of processors: 4
15:38:29.0884 3252 Page size: 0x1000
15:38:29.0884 3252 Boot type: Normal boot
15:38:29.0884 3252 ============================================================
15:38:30.0461 3252 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:38:30.0477 3252 ============================================================
15:38:30.0477 3252 \Device\Harddisk0\DR0:
15:38:30.0477 3252 MBR partitions:
15:38:30.0477 3252 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
15:38:30.0477 3252 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x236AFAB0
15:38:30.0477 3252 ============================================================
15:38:30.0555 3252 C: <-> \Device\Harddisk0\DR0\Partition1
15:38:30.0555 3252 ============================================================
15:38:30.0555 3252 Initialize success
15:38:30.0555 3252 ============================================================
15:39:07.0589 3112 ============================================================
15:39:07.0589 3112 Scan started
15:39:07.0589 3112 Mode: Manual; TDLFS;
15:39:07.0589 3112 ============================================================
15:39:09.0196 3112 1394ohci (69aa89a20dee08bfa650aab6ce37bd10) C:\Windows\system32\DRIVERS\1394ohci.sys
15:39:09.0196 3112 1394ohci - ok
15:39:09.0259 3112 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
15:39:09.0259 3112 ACPI - ok
15:39:09.0290 3112 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
15:39:09.0290 3112 AcpiPmi - ok
15:39:09.0415 3112 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:39:09.0415 3112 AdobeARMservice - ok
15:39:09.0602 3112 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:39:09.0602 3112 AdobeFlashPlayerUpdateSvc - ok
15:39:09.0680 3112 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:39:09.0695 3112 adp94xx - ok
15:39:09.0758 3112 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:39:09.0758 3112 adpahci - ok
15:39:09.0805 3112 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:39:09.0805 3112 adpu320 - ok
15:39:09.0851 3112 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:39:09.0851 3112 AeLookupSvc - ok
15:39:09.0929 3112 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
15:39:09.0929 3112 AERTFilters - ok
15:39:10.0007 3112 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
15:39:10.0023 3112 AFD - ok
15:39:10.0070 3112 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
15:39:10.0070 3112 agp440 - ok
15:39:10.0132 3112 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:39:10.0132 3112 ALG - ok
15:39:10.0179 3112 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
15:39:10.0179 3112 aliide - ok
15:39:10.0210 3112 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
15:39:10.0210 3112 amdide - ok
15:39:10.0257 3112 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:39:10.0257 3112 AmdK8 - ok
15:39:10.0273 3112 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:39:10.0273 3112 AmdPPM - ok
15:39:10.0319 3112 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
15:39:10.0335 3112 amdsata - ok
15:39:10.0397 3112 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:39:10.0397 3112 amdsbs - ok
15:39:10.0429 3112 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
15:39:10.0429 3112 amdxata - ok
15:39:10.0475 3112 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
15:39:10.0475 3112 AppID - ok
15:39:10.0507 3112 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:39:10.0507 3112 AppIDSvc - ok
15:39:10.0585 3112 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
15:39:10.0585 3112 Appinfo - ok
15:39:10.0678 3112 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:39:10.0678 3112 Apple Mobile Device - ok
15:39:10.0709 3112 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:39:10.0709 3112 arc - ok
15:39:10.0741 3112 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:39:10.0741 3112 arcsas - ok
15:39:10.0772 3112 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:39:10.0772 3112 AsyncMac - ok
15:39:10.0819 3112 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
15:39:10.0819 3112 atapi - ok
15:39:10.0897 3112 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
15:39:10.0897 3112 AudioEndpointBuilder - ok
15:39:10.0912 3112 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
15:39:10.0928 3112 AudioSrv - ok
15:39:11.0006 3112 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
15:39:11.0006 3112 AxInstSV - ok
15:39:11.0068 3112 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:39:11.0068 3112 b06bdrv - ok
15:39:11.0146 3112 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:39:11.0146 3112 b57nd60a - ok
15:39:11.0287 3112 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
15:39:11.0287 3112 BBSvc - ok
15:39:11.0443 3112 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
15:39:11.0474 3112 BCM43XX - ok
15:39:11.0567 3112 BcmVWL (d224b2e6bb543f1d8f1177d57fec2950) C:\Windows\system32\DRIVERS\bcmvwl64.sys
15:39:11.0567 3112 BcmVWL - ok
15:39:11.0599 3112 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:39:11.0599 3112 BDESVC - ok
15:39:11.0630 3112 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:39:11.0630 3112 Beep - ok
15:39:11.0677 3112 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:39:11.0677 3112 blbdrive - ok
15:39:11.0801 3112 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:39:11.0817 3112 Bonjour Service - ok
15:39:11.0848 3112 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
15:39:11.0848 3112 bowser - ok
15:39:11.0895 3112 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:39:11.0895 3112 BrFiltLo - ok
15:39:11.0911 3112 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:39:11.0911 3112 BrFiltUp - ok
15:39:11.0942 3112 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
15:39:11.0942 3112 Browser - ok
15:39:12.0004 3112 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:39:12.0004 3112 Brserid - ok
15:39:12.0035 3112 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:39:12.0035 3112 BrSerWdm - ok
15:39:12.0067 3112 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:39:12.0067 3112 BrUsbMdm - ok
15:39:12.0082 3112 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:39:12.0082 3112 BrUsbSer - ok
15:39:12.0129 3112 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
15:39:12.0129 3112 BthEnum - ok
15:39:12.0160 3112 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:39:12.0160 3112 BTHMODEM - ok
15:39:12.0191 3112 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
15:39:12.0207 3112 BthPan - ok
15:39:12.0254 3112 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\system32\Drivers\BTHport.sys
15:39:12.0269 3112 BTHPORT - ok
15:39:12.0316 3112 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:39:12.0316 3112 bthserv - ok
15:39:12.0347 3112 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\system32\Drivers\BTHUSB.sys
15:39:12.0347 3112 BTHUSB - ok
15:39:12.0394 3112 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
15:39:12.0394 3112 btwaudio - ok
15:39:12.0425 3112 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\DRIVERS\btwavdt.sys
15:39:12.0425 3112 btwavdt - ok
15:39:12.0550 3112 btwdins (d65aa164acd0f6706dbcfbbcc9731584) c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:39:12.0566 3112 btwdins - ok
15:39:12.0597 3112 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
15:39:12.0597 3112 btwl2cap - ok
15:39:12.0628 3112 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
15:39:12.0628 3112 btwrchid - ok
15:39:12.0659 3112 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:39:12.0659 3112 cdfs - ok
15:39:12.0691 3112 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
15:39:12.0691 3112 cdrom - ok
15:39:12.0753 3112 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
15:39:12.0753 3112 CertPropSvc - ok
15:39:12.0784 3112 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:39:12.0784 3112 circlass - ok
15:39:12.0847 3112 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:39:12.0847 3112 CLFS - ok
15:39:12.0909 3112 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:39:12.0909 3112 clr_optimization_v2.0.50727_32 - ok
15:39:12.0956 3112 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:39:12.0956 3112 clr_optimization_v2.0.50727_64 - ok
15:39:13.0081 3112 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:39:13.0081 3112 clr_optimization_v4.0.30319_32 - ok
15:39:13.0174 3112 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:39:13.0174 3112 clr_optimization_v4.0.30319_64 - ok
15:39:13.0205 3112 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:39:13.0205 3112 CmBatt - ok
15:39:13.0221 3112 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
15:39:13.0221 3112 cmdide - ok
15:39:13.0299 3112 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
15:39:13.0299 3112 CNG - ok
15:39:13.0346 3112 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:39:13.0346 3112 Compbatt - ok
15:39:13.0361 3112 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:39:13.0361 3112 CompositeBus - ok
15:39:13.0377 3112 COMSysApp - ok
15:39:13.0408 3112 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:39:13.0408 3112 crcdisk - ok
15:39:13.0486 3112 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
15:39:13.0486 3112 CryptSvc - ok
15:39:13.0549 3112 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
15:39:13.0549 3112 CtClsFlt - ok
15:39:13.0595 3112 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
15:39:13.0595 3112 dc3d - ok
15:39:13.0673 3112 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
15:39:13.0673 3112 DcomLaunch - ok
15:39:13.0705 3112 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:39:13.0720 3112 defragsvc - ok
15:39:13.0767 3112 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
15:39:13.0767 3112 DfsC - ok
15:39:13.0829 3112 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
15:39:13.0829 3112 Dhcp - ok
15:39:13.0861 3112 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:39:13.0861 3112 discache - ok
15:39:13.0907 3112 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:39:13.0907 3112 Disk - ok
15:39:13.0985 3112 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
15:39:13.0985 3112 Dnscache - ok
15:39:14.0079 3112 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
15:39:14.0079 3112 DockLoginService - ok
15:39:14.0141 3112 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
15:39:14.0141 3112 dot3svc - ok
15:39:14.0173 3112 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
15:39:14.0173 3112 DPS - ok
15:39:14.0219 3112 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:39:14.0219 3112 drmkaud - ok
15:39:14.0360 3112 DXGKrnl (24ce1ecf9d0ae0301775b07f5fea175b) C:\Windows\System32\drivers\dxgkrnl.sys
15:39:14.0375 3112 DXGKrnl - ok
15:39:14.0407 3112 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:39:14.0422 3112 EapHost - ok
15:39:14.0609 3112 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:39:14.0656 3112 ebdrv - ok
15:39:14.0750 3112 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
15:39:14.0750 3112 EFS - ok
15:39:14.0828 3112 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
15:39:14.0843 3112 ehRecvr - ok
15:39:14.0875 3112 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:39:14.0875 3112 ehSched - ok
15:39:14.0999 3112 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:39:14.0999 3112 elxstor - ok
15:39:15.0015 3112 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
15:39:15.0015 3112 ErrDev - ok
15:39:15.0077 3112 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:39:15.0077 3112 EventSystem - ok
15:39:15.0109 3112 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:39:15.0124 3112 exfat - ok
15:39:15.0155 3112 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:39:15.0171 3112 fastfat - ok
15:39:15.0233 3112 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
15:39:15.0249 3112 Fax - ok
15:39:15.0265 3112 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:39:15.0265 3112 fdc - ok
15:39:15.0280 3112 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:39:15.0296 3112 fdPHost - ok
15:39:15.0296 3112 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:39:15.0296 3112 FDResPub - ok
15:39:15.0327 3112 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:39:15.0343 3112 FileInfo - ok
15:39:15.0358 3112 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:39:15.0358 3112 Filetrace - ok
15:39:15.0389 3112 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:39:15.0389 3112 flpydisk - ok
15:39:15.0421 3112 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
15:39:15.0421 3112 FltMgr - ok
15:39:15.0499 3112 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
15:39:15.0499 3112 FontCache - ok
15:39:15.0577 3112 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:39:15.0577 3112 FontCache3.0.0.0 - ok
15:39:15.0639 3112 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:39:15.0639 3112 FsDepends - ok
15:39:15.0686 3112 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
15:39:15.0686 3112 fssfltr - ok
15:39:15.0842 3112 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:39:15.0857 3112 fsssvc - ok
15:39:15.0982 3112 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
15:39:15.0982 3112 Fs_Rec - ok
15:39:16.0045 3112 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:39:16.0045 3112 fvevol - ok
15:39:16.0076 3112 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:39:16.0076 3112 gagp30kx - ok
15:39:16.0201 3112 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
15:39:16.0216 3112 GamesAppService - ok
15:39:16.0263 3112 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:39:16.0263 3112 GEARAspiWDM - ok
15:39:16.0325 3112 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
15:39:16.0341 3112 gpsvc - ok
15:39:16.0435 3112 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:39:16.0435 3112 gupdate - ok
15:39:16.0450 3112 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:39:16.0450 3112 gupdatem - ok
15:39:16.0481 3112 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:39:16.0481 3112 gusvc - ok
15:39:16.0513 3112 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:39:16.0513 3112 hcw85cir - ok
15:39:16.0544 3112 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:39:16.0544 3112 HDAudBus - ok
15:39:16.0591 3112 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
15:39:16.0591 3112 HECIx64 - ok
15:39:16.0622 3112 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:39:16.0622 3112 HidBatt - ok
15:39:16.0637 3112 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:39:16.0637 3112 HidBth - ok
15:39:16.0653 3112 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:39:16.0653 3112 HidIr - ok
15:39:16.0700 3112 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:39:16.0700 3112 hidserv - ok
15:39:16.0762 3112 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
15:39:16.0762 3112 HidUsb - ok
15:39:16.0793 3112 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
15:39:16.0793 3112 hkmsvc - ok
15:39:16.0825 3112 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
15:39:16.0825 3112 HomeGroupListener - ok
15:39:16.0871 3112 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
15:39:16.0871 3112 HomeGroupProvider - ok
15:39:16.0918 3112 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
15:39:16.0918 3112 HpSAMD - ok
15:39:16.0965 3112 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
15:39:16.0981 3112 HTTP - ok
15:39:16.0996 3112 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
15:39:16.0996 3112 hwpolicy - ok
15:39:17.0043 3112 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
15:39:17.0043 3112 i8042prt - ok
15:39:17.0105 3112 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
15:39:17.0105 3112 iaStor - ok
15:39:17.0168 3112 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
15:39:17.0183 3112 iaStorV - ok
15:39:17.0277 3112 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:39:17.0293 3112 idsvc - ok
15:39:17.0807 3112 igfx (09ce164afa8483e41808784d7fca154e) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:39:18.0041 3112 igfx - ok
15:39:18.0166 3112 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:39:18.0166 3112 iirsp - ok
15:39:18.0260 3112 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
15:39:18.0275 3112 IKEEXT - ok
15:39:18.0322 3112 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
15:39:18.0322 3112 Impcd - ok
15:39:18.0447 3112 IntcAzAudAddService (697c927e0de2abaf1a5f455033f687cd) C:\Windows\system32\drivers\RTKVHD64.sys
15:39:18.0463 3112 IntcAzAudAddService - ok
15:39:18.0572 3112 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
15:39:18.0572 3112 IntcDAud - ok
15:39:18.0603 3112 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
15:39:18.0603 3112 intelide - ok
15:39:18.0650 3112 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:39:18.0650 3112 intelppm - ok
15:39:18.0665 3112 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:39:18.0681 3112 IPBusEnum - ok
15:39:18.0712 3112 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:39:18.0712 3112 IpFilterDriver - ok
15:39:18.0743 3112 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:39:18.0743 3112 IPMIDRV - ok
15:39:18.0775 3112 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:39:18.0775 3112 IPNAT - ok
15:39:18.0899 3112 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
15:39:18.0915 3112 iPod Service - ok
15:39:18.0946 3112 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:39:18.0946 3112 IRENUM - ok
15:39:18.0977 3112 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
15:39:18.0977 3112 isapnp - ok
15:39:19.0009 3112 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
15:39:19.0009 3112 iScsiPrt - ok
15:39:19.0055 3112 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:39:19.0055 3112 kbdclass - ok
15:39:19.0087 3112 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
15:39:19.0087 3112 kbdhid - ok
15:39:19.0118 3112 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:39:19.0118 3112 KeyIso - ok
15:39:19.0133 3112 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
15:39:19.0133 3112 KSecDD - ok
15:39:19.0149 3112 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
15:39:19.0149 3112 KSecPkg - ok
15:39:19.0196 3112 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:39:19.0196 3112 ksthunk - ok
15:39:19.0243 3112 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:39:19.0243 3112 KtmRm - ok
15:39:19.0274 3112 L1C (39918db0efcf045a1ce6fabbf339f975) C:\Windows\system32\DRIVERS\L1C62x64.sys
15:39:19.0289 3112 L1C - ok
15:39:19.0336 3112 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
15:39:19.0336 3112 LanmanServer - ok
15:39:19.0367 3112 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
15:39:19.0367 3112 LanmanWorkstation - ok
15:39:19.0804 3112 LeapFrog Connect Device Service (3c879d04bb6466e2853c3155b635cc45) C:\Users\Pat\Desktop\LeapFrog Connect\CommandService.exe
15:39:19.0851 3112 LeapFrog Connect Device Service - ok
15:39:20.0007 3112 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:39:20.0007 3112 lltdio - ok
15:39:20.0054 3112 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:39:20.0054 3112 lltdsvc - ok
15:39:20.0069 3112 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:39:20.0069 3112 lmhosts - ok
15:39:20.0179 3112 LMS (7485fbcef9136f530953575e2977859d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:39:20.0179 3112 LMS - ok
15:39:20.0225 3112 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:39:20.0241 3112 LSI_FC - ok
15:39:20.0272 3112 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:39:20.0272 3112 LSI_SAS - ok
15:39:20.0319 3112 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:39:20.0319 3112 LSI_SAS2 - ok
15:39:20.0350 3112 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:39:20.0350 3112 LSI_SCSI - ok
15:39:20.0397 3112 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:39:20.0397 3112 luafv - ok
15:39:20.0428 3112 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
15:39:20.0428 3112 Mcx2Svc - ok
15:39:20.0444 3112 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:39:20.0444 3112 megasas - ok
15:39:20.0475 3112 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:39:20.0475 3112 MegaSR - ok
15:39:20.0522 3112 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:39:20.0522 3112 MMCSS - ok
15:39:20.0553 3112 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:39:20.0553 3112 Modem - ok
15:39:20.0584 3112 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:39:20.0584 3112 monitor - ok
15:39:20.0631 3112 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:39:20.0631 3112 mouclass - ok
15:39:20.0662 3112 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:39:20.0662 3112 mouhid - ok
15:39:20.0678 3112 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
15:39:20.0693 3112 mountmgr - ok
15:39:20.0709 3112 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
15:39:20.0709 3112 mpio - ok
15:39:20.0740 3112 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:39:20.0740 3112 mpsdrv - ok
15:39:20.0771 3112 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
15:39:20.0771 3112 MRxDAV - ok
15:39:20.0803 3112 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:39:20.0803 3112 mrxsmb - ok
15:39:20.0849 3112 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:39:20.0865 3112 mrxsmb10 - ok
15:39:20.0896 3112 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:39:20.0896 3112 mrxsmb20 - ok
15:39:20.0927 3112 msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys
15:39:20.0943 3112 msahci - ok
15:39:20.0974 3112 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
15:39:20.0974 3112 msdsm - ok
15:39:21.0021 3112 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:39:21.0021 3112 MSDTC - ok
15:39:21.0052 3112 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:39:21.0052 3112 Msfs - ok
15:39:21.0083 3112 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:39:21.0083 3112 mshidkmdf - ok
15:39:21.0115 3112 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
15:39:21.0115 3112 msisadrv - ok
15:39:21.0146 3112 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:39:21.0146 3112 MSiSCSI - ok
15:39:21.0146 3112 msiserver - ok
15:39:21.0177 3112 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:39:21.0177 3112 MSKSSRV - ok
15:39:21.0193 3112 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:39:21.0208 3112 MSPCLOCK - ok
15:39:21.0224 3112 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:39:21.0224 3112 MSPQM - ok
15:39:21.0239 3112 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
15:39:21.0255 3112 MsRPC - ok
15:39:21.0271 3112 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
15:39:21.0271 3112 mssmbios - ok
15:39:21.0286 3112 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:39:21.0302 3112 MSTEE - ok
15:39:21.0317 3112 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:39:21.0317 3112 MTConfig - ok
15:39:21.0333 3112 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:39:21.0333 3112 Mup - ok
15:39:21.0395 3112 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
15:39:21.0395 3112 napagent - ok
15:39:21.0458 3112 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:39:21.0458 3112 NativeWifiP - ok
15:39:21.0536 3112 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
15:39:21.0536 3112 NDIS - ok
15:39:21.0583 3112 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:39:21.0583 3112 NdisCap - ok
15:39:21.0614 3112 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:39:21.0614 3112 NdisTapi - ok
15:39:21.0614 3112 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
15:39:21.0629 3112 Ndisuio - ok
15:39:21.0661 3112 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:39:21.0661 3112 NdisWan - ok
15:39:21.0707 3112 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
15:39:21.0707 3112 NDProxy - ok
15:39:21.0754 3112 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:39:21.0754 3112 NetBIOS - ok
15:39:21.0785 3112 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
15:39:21.0785 3112 NetBT - ok
15:39:21.0832 3112 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:39:21.0832 3112 Netlogon - ok
15:39:21.0879 3112 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:39:21.0895 3112 Netman - ok
15:39:21.0926 3112 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:39:21.0941 3112 netprofm - ok
15:39:22.0004 3112 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:39:22.0004 3112 NetTcpPortSharing - ok
15:39:22.0035 3112 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:39:22.0035 3112 nfrd960 - ok
15:39:22.0082 3112 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
15:39:22.0082 3112 NlaSvc - ok
15:39:22.0113 3112 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:39:22.0113 3112 Npfs - ok
15:39:22.0144 3112 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:39:22.0144 3112 nsi - ok
15:39:22.0160 3112 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:39:22.0160 3112 nsiproxy - ok
15:39:22.0269 3112 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
15:39:22.0300 3112 Ntfs - ok
15:39:22.0409 3112 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys
15:39:22.0409 3112 NuidFltr - ok
15:39:22.0425 3112 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:39:22.0425 3112 Null - ok
15:39:22.0472 3112 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
15:39:22.0472 3112 nvraid - ok
15:39:22.0519 3112 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
15:39:22.0519 3112 nvstor - ok
15:39:22.0565 3112 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
15:39:22.0565 3112 nv_agp - ok
15:39:22.0597 3112 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
15:39:22.0597 3112 ohci1394 - ok
15:39:22.0706 3112 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:39:22.0706 3112 ose - ok
15:39:23.0049 3112 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:39:23.0158 3112 osppsvc - ok
15:39:23.0267 3112 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:39:23.0283 3112 p2pimsvc - ok
15:39:23.0314 3112 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:39:23.0330 3112 p2psvc - ok
15:39:23.0377 3112 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:39:23.0377 3112 Parport - ok
15:39:23.0408 3112 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
15:39:23.0408 3112 partmgr - ok
15:39:23.0439 3112 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:39:23.0455 3112 PcaSvc - ok
15:39:23.0533 3112 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
15:39:23.0548 3112 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
15:39:23.0579 3112 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
15:39:23.0579 3112 pci - ok
15:39:23.0611 3112 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
15:39:23.0611 3112 pciide - ok
15:39:23.0642 3112 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:39:23.0657 3112 pcmcia - ok
15:39:23.0673 3112 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:39:23.0673 3112 pcw - ok
15:39:23.0704 3112 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:39:23.0720 3112 PEAUTH - ok
15:39:23.0813 3112 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:39:23.0813 3112 PerfHost - ok
15:39:23.0938 3112 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
15:39:23.0954 3112 pla - ok
15:39:24.0016 3112 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
15:39:24.0032 3112 PlugPlay - ok
15:39:24.0063 3112 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:39:24.0063 3112 PNRPAutoReg - ok
15:39:24.0094 3112 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:39:24.0094 3112 PNRPsvc - ok
15:39:24.0141 3112 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
15:39:24.0157 3112 PolicyAgent - ok
15:39:24.0188 3112 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:39:24.0188 3112 Power - ok
15:39:24.0250 3112 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
15:39:24.0266 3112 PptpMiniport - ok
15:39:24.0297 3112 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:39:24.0297 3112 Processor - ok
15:39:24.0328 3112 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
15:39:24.0344 3112 ProfSvc - ok
15:39:24.0359 3112 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:39:24.0359 3112 ProtectedStorage - ok
15:39:24.0406 3112 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
15:39:24.0406 3112 Psched - ok
15:39:24.0453 3112 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:39:24.0453 3112 PxHlpa64 - ok
15:39:24.0562 3112 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:39:24.0578 3112 ql2300 - ok
15:39:24.0703 3112 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:39:24.0703 3112 ql40xx - ok
15:39:24.0749 3112 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:39:24.0765 3112 QWAVE - ok
15:39:24.0796 3112 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:39:24.0796 3112 QWAVEdrv - ok
15:39:24.0812 3112 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:39:24.0812 3112 RasAcd - ok
15:39:24.0843 3112 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:39:24.0843 3112 RasAgileVpn - ok
15:39:24.0890 3112 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:39:24.0890 3112 RasAuto - ok
15:39:24.0921 3112 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:39:24.0921 3112 Rasl2tp - ok
15:39:24.0983 3112 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
15:39:24.0983 3112 RasMan - ok
15:39:25.0015 3112 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:39:25.0015 3112 RasPppoe - ok
15:39:25.0046 3112 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:39:25.0046 3112 RasSstp - ok
15:39:25.0077 3112 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
15:39:25.0077 3112 rdbss - ok
15:39:25.0093 3112 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:39:25.0093 3112 rdpbus - ok
15:39:25.0108 3112 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:39:25.0108 3112 RDPCDD - ok
15:39:25.0155 3112 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:39:25.0155 3112 RDPENCDD - ok
15:39:25.0186 3112 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:39:25.0186 3112 RDPREFMP - ok
15:39:25.0217 3112 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
15:39:25.0217 3112 RDPWD - ok
15:39:25.0249 3112 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
15:39:25.0249 3112 rdyboost - ok
15:39:25.0295 3112 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:39:25.0295 3112 RemoteAccess - ok
15:39:25.0327 3112 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:39:25.0327 3112 RemoteRegistry - ok
15:39:25.0373 3112 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:39:25.0373 3112 RFCOMM - ok
15:39:25.0405 3112 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:39:25.0405 3112 RpcEptMapper - ok
15:39:25.0436 3112 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:39:25.0436 3112 RpcLocator - ok
15:39:25.0483 3112 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
15:39:25.0483 3112 RpcSs - ok
15:39:25.0529 3112 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:39:25.0529 3112 rspndr - ok
15:39:25.0576 3112 RSUSBSTOR (22d6b47d004a6568c500680be2972854) C:\Windows\system32\Drivers\RtsUStor.sys
15:39:25.0576 3112 RSUSBSTOR - ok
15:39:25.0607 3112 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:39:25.0607 3112 SamSs - ok
15:39:25.0639 3112 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
15:39:25.0639 3112 sbp2port - ok
15:39:25.0685 3112 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:39:25.0685 3112 SCardSvr - ok
15:39:25.0717 3112 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
15:39:25.0717 3112 scfilter - ok
15:39:25.0795 3112 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
15:39:25.0810 3112 Schedule - ok
15:39:25.0841 3112 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
15:39:25.0841 3112 SCPolicySvc - ok
15:39:25.0873 3112 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
15:39:25.0873 3112 SDRSVC - ok
15:39:26.0013 3112 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
15:39:26.0013 3112 SeaPort - ok
15:39:26.0060 3112 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:39:26.0075 3112 secdrv - ok
15:39:26.0091 3112 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
15:39:26.0107 3112 seclogon - ok
15:39:26.0122 3112 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:39:26.0122 3112 SENS - ok
15:39:26.0138 3112 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:39:26.0153 3112 SensrSvc - ok
15:39:26.0169 3112 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:39:26.0169 3112 Serenum - ok
15:39:26.0200 3112 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:39:26.0200 3112 Serial - ok
15:39:26.0231 3112 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:39:26.0231 3112 sermouse - ok
15:39:26.0263 3112 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
15:39:26.0263 3112 SessionEnv - ok
15:39:26.0294 3112 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
15:39:26.0294 3112 sffdisk - ok
15:39:26.0309 3112 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:39:26.0309 3112 sffp_mmc - ok
15:39:26.0325 3112 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
15:39:26.0325 3112 sffp_sd - ok
15:39:26.0341 3112 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:39:26.0341 3112 sfloppy - ok
15:39:26.0465 3112 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:39:26.0481 3112 SftService - ok
15:39:26.0590 3112 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
15:39:26.0590 3112 ShellHWDetection - ok
15:39:26.0653 3112 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:39:26.0653 3112 SiSRaid2 - ok
15:39:26.0668 3112 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:39:26.0668 3112 SiSRaid4 - ok
15:39:26.0699 3112 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:39:26.0699 3112 Smb - ok
15:39:26.0746 3112 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:39:26.0746 3112 SNMPTRAP - ok
15:39:26.0746 3112 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:39:26.0746 3112 spldr - ok
15:39:26.0809 3112 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
15:39:26.0809 3112 Spooler - ok
15:39:26.0996 3112 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
15:39:27.0027 3112 sppsvc - ok
15:39:27.0121 3112 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:39:27.0121 3112 sppuinotify - ok
15:39:27.0199 3112 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
15:39:27.0199 3112 srv - ok
15:39:27.0230 3112 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
15:39:27.0245 3112 srv2 - ok
15:39:27.0277 3112 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
15:39:27.0277 3112 srvnet - ok
15:39:27.0323 3112 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:39:27.0323 3112 SSDPSRV - ok
15:39:27.0339 3112 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:39:27.0339 3112 SstpSvc - ok
15:39:27.0370 3112 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:39:27.0370 3112 stexstor - ok
15:39:27.0417 3112 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
15:39:27.0433 3112 stisvc - ok
15:39:27.0433 3112 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
15:39:27.0433 3112 swenum - ok
15:39:27.0495 3112 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:39:27.0511 3112 swprv - ok
15:39:27.0557 3112 SynTP (c25866bdf0e818e02bb8e76845d26e54) C:\Windows\system32\DRIVERS\SynTP.sys
15:39:27.0557 3112 SynTP - ok
15:39:27.0651 3112 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
15:39:27.0682 3112 SysMain - ok
15:39:27.0760 3112 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
15:39:27.0776 3112 TabletInputService - ok
15:39:27.0791 3112 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
15:39:27.0807 3112 TapiSrv - ok
15:39:27.0823 3112 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:39:27.0823 3112 TBS - ok
15:39:28.0010 3112 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
15:39:28.0041 3112 Tcpip - ok
15:39:28.0259 3112 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
15:39:28.0275 3112 TCPIP6 - ok
15:39:28.0369 3112 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
15:39:28.0369 3112 tcpipreg - ok
15:39:28.0384 3112 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:39:28.0384 3112 TDPIPE - ok
15:39:28.0415 3112 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
15:39:28.0415 3112 TDTCP - ok
15:39:28.0447 3112 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
15:39:28.0447 3112 tdx - ok
15:39:28.0462 3112 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
15:39:28.0462 3112 TermDD - ok
15:39:28.0509 3112 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
15:39:28.0525 3112 TermService - ok
15:39:28.0556 3112 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:39:28.0556 3112 Themes - ok
15:39:28.0571 3112 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:39:28.0571 3112 THREADORDER - ok
15:39:28.0603 3112 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:39:28.0603 3112 TrkWks - ok
15:39:28.0665 3112 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
15:39:28.0681 3112 TrustedInstaller - ok
15:39:28.0712 3112 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:39:28.0712 3112 tssecsrv - ok
15:39:28.0727 3112 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
15:39:28.0743 3112 tunnel - ok
15:39:28.0759 3112 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
15:39:28.0759 3112 TurboB - ok
15:39:28.0837 3112 TurboBoost (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
15:39:28.0837 3112 TurboBoost - ok
15:39:28.0868 3112 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:39:28.0868 3112 uagp35 - ok
15:39:28.0930 3112 udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
15:39:28.0930 3112 udfs - ok
15:39:28.0961 3112 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:39:28.0961 3112 UI0Detect - ok
15:39:28.0993 3112 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
15:39:28.0993 3112 uliagpkx - ok
15:39:29.0024 3112 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
15:39:29.0024 3112 umbus - ok
15:39:29.0039 3112 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:39:29.0039 3112 UmPass - ok
15:39:29.0227 3112 UNS (765f2dd351ba064f657751d8d75e58c0) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:39:29.0242 3112 UNS - ok
15:39:29.0367 3112 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:39:29.0367 3112 upnphost - ok
15:39:29.0429 3112 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
15:39:29.0429 3112 USBAAPL64 - ok
15:39:29.0476 3112 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
15:39:29.0476 3112 usbccgp - ok
15:39:29.0523 3112 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
15:39:29.0523 3112 usbcir - ok
15:39:29.0554 3112 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
15:39:29.0554 3112 usbehci - ok
15:39:29.0617 3112 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
15:39:29.0632 3112 usbhub - ok
15:39:29.0648 3112 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
15:39:29.0648 3112 usbohci - ok
15:39:29.0679 3112 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:39:29.0695 3112 usbprint - ok
15:39:29.0710 3112 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:39:29.0710 3112 usbscan - ok
15:39:29.0757 3112 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:39:29.0757 3112 USBSTOR - ok
15:39:29.0788 3112 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
15:39:29.0788 3112 usbuhci - ok
15:39:29.0851 3112 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
15:39:29.0851 3112 usbvideo - ok
15:39:29.0882 3112 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:39:29.0882 3112 UxSms - ok
15:39:29.0913 3112 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:39:29.0913 3112 VaultSvc - ok
15:39:29.0975 3112 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
15:39:29.0975 3112 vdrvroot - ok
15:39:30.0085 3112 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
15:39:30.0085 3112 vds - ok
15:39:30.0131 3112 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:39:30.0131 3112 vga - ok
15:39:30.0163 3112 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:39:30.0163 3112 VgaSave - ok
15:39:30.0194 3112 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
15:39:30.0194 3112 vhdmp - ok
15:39:30.0225 3112 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
15:39:30.0225 3112 viaide - ok
15:39:30.0256 3112 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
15:39:30.0256 3112 volmgr - ok
15:39:30.0287 3112 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
15:39:30.0287 3112 volmgrx - ok
15:39:30.0303 3112 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
15:39:30.0319 3112 volsnap - ok
15:39:30.0350 3112 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:39:30.0350 3112 vsmraid - ok
15:39:30.0443 3112 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
15:39:30.0459 3112 VSS - ok
15:39:30.0568 3112 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:39:30.0568 3112 vwifibus - ok
15:39:30.0584 3112 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:39:30.0584 3112 vwififlt - ok
15:39:30.0615 3112 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:39:30.0631 3112 W32Time - ok
15:39:30.0662 3112 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:39:30.0662 3112 WacomPen - ok
15:39:30.0693 3112 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:39:30.0693 3112 WANARP - ok
15:39:30.0709 3112 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:39:30.0709 3112 Wanarpv6 - ok
15:39:30.0833 3112 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:39:30.0849 3112 WatAdminSvc - ok
15:39:30.0943 3112 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
15:39:30.0958 3112 wbengine - ok
15:39:31.0067 3112 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:39:31.0067 3112 WbioSrvc - ok
15:39:31.0114 3112 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
15:39:31.0130 3112 wcncsvc - ok
15:39:31.0161 3112 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:39:31.0161 3112 WcsPlugInService - ok
15:39:31.0208 3112 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:39:31.0208 3112 Wd - ok
15:39:31.0255 3112 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:39:31.0270 3112 Wdf01000 - ok
15:39:31.0286 3112 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:39:31.0286 3112 WdiServiceHost - ok
15:39:31.0301 3112 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:39:31.0301 3112 WdiSystemHost - ok
15:39:31.0348 3112 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
15:39:31.0348 3112 WebClient - ok
15:39:31.0379 3112 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:39:31.0379 3112 Wecsvc - ok
15:39:31.0411 3112 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:39:31.0411 3112 wercplsupport - ok
15:39:31.0442 3112 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:39:31.0457 3112 WerSvc - ok
15:39:31.0520 3112 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:39:31.0520 3112 WfpLwf - ok
15:39:31.0551 3112 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
15:39:31.0551 3112 WimFltr - ok
15:39:31.0582 3112 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:39:31.0582 3112 WIMMount - ok
15:39:31.0582 3112 WinHttpAutoProxySvc - ok
15:39:31.0645 3112 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:39:31.0660 3112 Winmgmt - ok
15:39:31.0754 3112 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
15:39:31.0785 3112 WinRM - ok
15:39:31.0941 3112 WinUsb (4d52c872018af7e18d078978dcc3f6f2) C:\Windows\system32\DRIVERS\WinUsb.sys
15:39:31.0941 3112 WinUsb - ok
15:39:32.0019 3112 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:39:32.0035 3112 Wlansvc - ok
15:39:32.0144 3112 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:39:32.0144 3112 wlcrasvc - ok
15:39:32.0300 3112 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:39:32.0331 3112 wlidsvc - ok
15:39:32.0425 3112 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:39:32.0425 3112 WmiAcpi - ok
15:39:32.0503 3112 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:39:32.0503 3112 wmiApSrv - ok
15:39:32.0550 3112 WMPNetworkSvc - ok
15:39:32.0581 3112 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:39:32.0581 3112 WPCSvc - ok
15:39:32.0612 3112 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
15:39:32.0612 3112 WPDBusEnum - ok
15:39:32.0643 3112 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:39:32.0659 3112 ws2ifsl - ok
15:39:32.0659 3112 WSearch - ok
15:39:32.0752 3112 wsnm (68d154e4b704ba5076f4c790bc5fb4c9) C:\Program Files (x86)\VMware\VMware View\Client\bin\wsnm.exe
15:39:32.0752 3112 wsnm - ok
15:39:32.0799 3112 WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys
15:39:32.0799 3112 WudfPf - ok
15:39:32.0830 3112 WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:39:32.0830 3112 WUDFRd - ok
15:39:32.0877 3112 wudfsvc (27b9bee5aac00139e3a3af5d6227a0dc) C:\Windows\System32\WUDFSvc.dll
15:39:32.0877 3112 wudfsvc - ok
15:39:32.0908 3112 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:39:32.0908 3112 WwanSvc - ok
15:39:32.0955 3112 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:39:34.0063 3112 \Device\Harddisk0\DR0 - ok
15:39:34.0094 3112 Boot (0x1200) (836dccc9841d3bd1ada993f80295c293) \Device\Harddisk0\DR0\Partition0
15:39:34.0110 3112 \Device\Harddisk0\DR0\Partition0 - ok
15:39:34.0125 3112 Boot (0x1200) (2f99349ef008ff3a3708aab7d56fe76d) \Device\Harddisk0\DR0\Partition1
15:39:34.0125 3112 \Device\Harddisk0\DR0\Partition1 - ok
15:39:34.0125 3112 ============================================================
15:39:34.0125 3112 Scan finished
15:39:34.0125 3112 ============================================================
15:39:34.0141 2668 Detected object count: 0
15:39:34.0141 2668 Actual detected object count: 0


aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-27 15:45:52
-----------------------------
15:45:52.851 OS Version: Windows x64 6.1.7600
15:45:52.851 Number of processors: 4 586 0x2505
15:45:52.851 ComputerName: PAT-PC UserName: Pat
15:45:53.880 Initialize success
15:47:14.627 AVAST engine defs: 12072701
15:50:19.924 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:50:19.924 Disk 0 Vendor: TOSHIBA_ GJ00 Size: 305245MB BusType: 3
15:50:19.955 Disk 0 MBR read successfully
15:50:19.955 Disk 0 MBR scan
15:50:19.955 Disk 0 Windows 7 default MBR code
15:50:19.970 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
15:50:19.986 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
15:50:20.002 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290143 MB offset 30926848
15:50:20.033 Disk 0 scanning C:\Windows\system32\drivers
15:50:31.124 Service scanning
15:51:13.824 Modules scanning
15:51:13.824 Disk 0 trace - called modules:
15:51:13.902 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:51:13.902 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bf9060]
15:51:13.917 3 CLASSPNP.SYS[fffff88000cc143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800490a050]
15:51:14.807 AVAST engine scan C:\Windows
15:51:17.209 AVAST engine scan C:\Windows\system32
15:55:24.234 AVAST engine scan C:\Windows\system32\drivers
15:55:43.734 AVAST engine scan C:\Users\Pat
17:09:25.658 AVAST engine scan C:\ProgramData
17:13:43.496 Scan finished successfully
17:25:09.384 Disk 0 MBR has been saved successfully to "C:\Users\Pat\Desktop\MBR.dat"
17:25:09.384 The log file has been saved successfully to "C:\Users\Pat\Desktop\aswMBR.txt"

eset


C:\Sandbox\Pat\DefaultBox\user\current\Desktop\st-softonic-sntb.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Sandbox\Pat\DefaultBox\user\current\Desktop\st-softonic-sntb[1].exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Pat\AppData\Local\Temp\DropDownDeals-S-Setup_Suite1.exe probably a variant of Win32/Adware.ZPLYRL application cleaned by deleting - quarantined
C:\Users\Pat\AppData\Local\Temp\DropDownDeals-S-Setup_Suite1[1].exe probably a variant of Win32/Adware.ZPLYRL application cleaned by deleting - quarantined
C:\Users\Pat\AppData\Local\Temp\YontooSetup-S.exe probably a variant of Win32/Adware.SLITAT application cleaned by deleting - quarantined
C:\Users\Pat\AppData\Local\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Windows\Installer\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\U\80000000.@ Win64/Sirefef.AL trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 AM

Posted 28 July 2012 - 12:20 AM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{c614d3bf-243a-3fd7-a4fd-36cd3756874b}

Click on LOOK,post the generated log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Plague02

Plague02
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 28 July 2012 - 03:56 PM

Systemlook

SystemLook 30.07.11 by jpshortstuff
Log created at 11:17 on 28/07/2012 by Pat
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [21:43 23/07/2012] 014A9CB92514E27C0107614DF764BC06
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{c614d3bf-243a-3fd7-a4fd-36cd3756874b}"
C:\Users\Pat\AppData\Local\{c614d3bf-243a-3fd7-a4fd-36cd3756874b} d--hs-- [03:58 11/01/2012]
C:\Windows\Installer\{c614d3bf-243a-3fd7-a4fd-36cd3756874b} d--hs-- [03:58 11/01/2012]

-= EOF =-




MINI


MiniToolBox by Farbar Version: 23-07-2012
Ran by Pat (administrator) on 28-07-2012 at 12:32:54
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Atheros AR8152 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Broadcom Virtual Wireless Adapter = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.1.107 metric=1 publish=Yes
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.1.145 metric=1 publish=Yes


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Pat-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom Virtual Wireless Adapter
Physical Address. . . . . . . . . : 02-50-F2-00-00-01
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 5C-AC-4C-D2-7C-CC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : NB1-DL2.COM
Description . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : F0-4D-A2-41-AA-BE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : C4-46-19-95-6A-69
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::dcd7:5077:d180:4d7e%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.82(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, July 28, 2012 11:13:06 AM
Lease Expires . . . . . . . . . . : Sunday, July 29, 2012 11:13:06 AM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 197412377
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-E5-33-87-F0-4D-A2-41-AA-BE
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: homeportal
Address: 192.168.1.254

Name: google.com
Addresses: 2607:f8b0:4000:801::1002
74.125.227.132
74.125.227.133
74.125.227.134
74.125.227.135
74.125.227.136
74.125.227.137
74.125.227.142
74.125.227.128
74.125.227.129
74.125.227.130
74.125.227.131


Pinging google.com [74.125.227.133] with 32 bytes of data:
Reply from 74.125.227.133: bytes=32 time=25ms TTL=50
Reply from 74.125.227.133: bytes=32 time=23ms TTL=50

Ping statistics for 74.125.227.133:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 25ms, Average = 24ms
Server: homeportal
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=48ms TTL=42
Reply from 209.191.122.70: bytes=32 time=45ms TTL=42

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 45ms, Maximum = 48ms, Average = 46ms
Server: homeportal
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...02 50 f2 00 00 01 ......Broadcom Virtual Wireless Adapter
13...5c ac 4c d2 7c cc ......Bluetooth Device (Personal Area Network)
12...f0 4d a2 41 aa be ......Atheros AR8152 PCI-E Fast Ethernet Controller
11...c4 46 19 95 6a 69 ......DW1501 Wireless-N WLAN Half-Mini Card
1...........................Software Loopback Interface 1
24...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.82 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 192.168.1.107 192.168.1.82 26
169.254.0.0 255.255.0.0 192.168.1.145 192.168.1.82 26
192.168.1.0 255.255.255.0 On-link 192.168.1.82 281
192.168.1.82 255.255.255.255 On-link 192.168.1.82 281
192.168.1.255 255.255.255.255 On-link 192.168.1.82 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.82 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.82 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
169.254.0.0 255.255.0.0 192.168.1.107 1
169.254.0.0 255.255.0.0 192.168.1.145 1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::dcd7:5077:d180:4d7e/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [46592] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/27/2012 07:00:08 PM) (Source: Bonjour Service) (User: )
Description: Unknown DNS packet type 0FD6 from 89.204.171.189 :16465 to 128.107.57.140 :49154 length 568 on 0000000000000000 (ignored)

Error: (07/27/2012 06:08:32 PM) (Source: Bonjour Service) (User: )
Description: Unknown DNS packet type A7EF from 66.199.104.231 :16465 to 128.107.57.140 :49154 length 568 on 0000000000000000 (ignored)

Error: (07/27/2012 05:59:43 PM) (Source: Bonjour Service) (User: )
Description: Unknown DNS packet type 4393 from 76.17.220.69 :16465 to 128.107.57.140 :49154 length 568 on 0000000000000000 (ignored)

Error: (07/27/2012 05:34:44 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (07/27/2012 05:34:41 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (07/27/2012 05:34:41 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (07/27/2012 05:25:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (07/27/2012 05:25:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (07/27/2012 05:25:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (07/27/2012 04:06:08 PM) (Source: Bonjour Service) (User: )
Description: Unknown DNS packet type CEAB from 24.3.5.239 :16465 to 128.107.57.140 :49154 length 568 on 0000000000000000 (ignored)


System errors:
=============
Error: (07/28/2012 11:12:58 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (07/28/2012 11:12:58 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (07/28/2012 11:12:58 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/27/2012 03:22:33 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (07/27/2012 03:02:53 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (07/27/2012 03:02:52 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (07/27/2012 03:02:49 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/27/2012 02:47:20 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (07/27/2012 11:33:13 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (07/27/2012 11:33:12 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (07/27/2012 07:00:08 PM) (Source: Bonjour Service)(User: )
Description: Unknown DNS packet type 0FD6 from 89.204.171.189 :16465 to 128.107.57.140 :49154 length 568 on 0000000000000000 (ignored)

Error: (07/27/2012 06:08:32 PM) (Source: Bonjour Service)(User: )
Description: Unknown DNS packet type A7EF from 66.199.104.231 :16465 to 128.107.57.140 :49154 length 568 on 0000000000000000 (ignored)

Error: (07/27/2012 05:59:43 PM) (Source: Bonjour Service)(User: )
Description: Unknown DNS packet type 4393 from 76.17.220.69 :16465 to 128.107.57.140 :49154 length 568 on 0000000000000000 (ignored)

Error: (07/27/2012 05:34:44 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Pat\Desktop\esetsmartinstaller_enu.exe

Error: (07/27/2012 05:34:41 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Pat\Desktop\esetsmartinstaller_enu.exe

Error: (07/27/2012 05:34:41 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Pat\Desktop\esetsmartinstaller_enu.exe

Error: (07/27/2012 05:25:20 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Pat\Desktop\esetsmartinstaller_enu.exe

Error: (07/27/2012 05:25:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Pat\Desktop\esetsmartinstaller_enu.exe

Error: (07/27/2012 05:25:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Pat\Desktop\esetsmartinstaller_enu.exe

Error: (07/27/2012 04:06:08 PM) (Source: Bonjour Service)(User: )
Description: Unknown DNS packet type CEAB from 24.3.5.239 :16465 to 128.107.57.140 :49154 length 568 on 0000000000000000 (ignored)


=========================== Installed Programs ============================

Accidental Damage Services Agreement (Version: 2.0.0)
Adobe AIR (Version: 2.0.3.13070)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.268)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Banctec Service Agreement (Version: 2.0.0)
Bejeweled 3
Bing Bar (Version: 7.0.609.0)
Bonjour (Version: 3.0.0.10)
Canon Easy-WebPrint EX
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator EX 3.1
Canon MX310 series
Canon MX340 series MP Drivers
Canon MX340 series User Registration
Canon Speed Dial Utility
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Clone Wars
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell DataSafe Online (Version: 1.2.0011)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Version: 3.1.5907.39)
Dell Webcam Central (Version: 1.40.05)
Dream Day First Home (Version: 2.2.0.95)
Dream Day Honeymoon (Version: 2.2.0.95)
Dream Day Wedding (Version: 2.2.0.95)
DW WLAN Card (Version: 5.60.48.35)
ESET Online Scanner v3
ffdshow v1.2.4422 [2012-04-09] (Version: 1.2.4422.0)
Google Chrome (Version: 20.0.1132.57)
Google Drive (Version: 1.2.3123.250)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
iCloud (Version: 1.1.0.40)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2104)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Turbo Boost Technology Monitor (Version: 1.0.186.6)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 15.4.3502.0922)
LeapFrog Connect (Version: 3.2.19.13664)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
LoJack Factory Installer (Version: 1.0.0)
Mahjongg dimensions
Mahjongg Dimensions Deluxe: Tiles in Time (Version: 2.2.0.98)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.1.54.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft UI Engine (Version: 4.0.0318.1)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox (3.6.8) (Version: 3.6.8 (en-US))
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Nancy Drew: Secrets Can Kill Remastered (Version: 2.2.0.98)
Photo Story 3 for Windows (Version: 3.0.1115.11)
Quickset64 (Version: 10.6.2)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.6039)
Roxio Burn (Version: 1.01)
Safari (Version: 5.34.57.2)
Skype Toolbars (Version: 1.0.4051)
Skype™ 4.2 (Version: 4.2.169)
Synaptics Pointing Device Driver (Version: 15.0.20.0)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update Installer for WildTangent Games App
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 2.0.2 (Version: 2.0.2)
VMware View Client (Version: 4.0.0.1796)
VoiceOver Kit (Version: 1.42.128.0)
VS10Runtimex64 (Version: 1.0.0)
WIDCOMM Bluetooth Software (Version: 6.2.0.9600)
WildTangent Games (Version: 1.0.2.5)
WildTangent Games (Version: 1.0.3.0)
WildTangent Games App (Dell Games) (Version: 4.0.5.14)
WildTangent Games App (Version: 4.0.5.14)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Detect
Zuma's Revenge (Version: 2.2.0.97)

========================= Memory info: ===================================

Percentage of memory in use: 63%
Total physical RAM: 3892.52 MB
Available physical RAM: 1403.95 MB
Total Pagefile: 7783.19 MB
Available Pagefile: 5299.73 MB
Total Virtual: 4095.88 MB
Available Virtual: 3956.67 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:219.24 GB) NTFS

========================= Users: ========================================

User accounts for \\PAT-PC

Administrator Guest Pat


**** End of log ****




FSS


Farbar Service Scanner Version: 26-07-2012
Ran by Pat (administrator) on 28-07-2012 at 12:34:25
Running from "C:\Users\Pat\Downloads"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile. The key does not exist.
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile. The key does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-15 22:00] - [2011-12-27 22:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-08 21:57] - [2012-03-30 06:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 19:09] - [2009-07-13 20:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 18:36] - [2009-07-13 20:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-06-13 10:30] - [2012-04-24 00:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



Adware


# AdwCleaner v1.703 - Logfile created 07/28/2012 at 12:35:00
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Pat - PAT-PC
# Running from : C:\Users\Pat\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Pat\AppData\Local\Conduit
Folder Deleted : C:\Users\Pat\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Pat\AppData\Local\Temp\BabylonToolbar
Folder Deleted : C:\Users\Pat\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Pat\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Pat\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Pat\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\7kgohvd8.default\extensions\ffxtlbr@babylon.com
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files\Babylon
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
File Deleted : C:\Users\Pat\AppData\Local\Temp\Searchqu.ini
File Deleted : C:\Users\Pat\AppData\Local\Temp\searchqutoolbar-manifest.xml
File Deleted : C:\Users\Pat\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
File Deleted : C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\7kgohvd8.default\searchplugins\Search_Results.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3227975
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
[x64] Key Deleted : HKLM\SOFTWARE\DataMngr
[x64] Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v3.6.8 (en-US)

Profile name : default
File : C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\7kgohvd8.default\prefs.js

C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\7kgohvd8.default\user.js ... Deleted !

Deleted : user_pref("CT3227975.autoDisableScopes", -1);
Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Deleted : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=17425&tt=140612_dpl&babsrc=NT_def"[...]
Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Deleted : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=114022&tt=2912_7");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "b4b799a80000000000000250f2000001");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "b4b799a80000000000000250f2000001");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15542");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1716:01:08");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=17425&tt=140612_dpl&babsrc=KW_def&mntrId=[...]

-\\ Google Chrome v20.0.1132.57

File : C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "explicit_host": [ "hxxp://*.wajam.com/*", "hxxp://*/*", "hxxps://*/*" ],
Deleted : "name": "Wajam",
Deleted : "permissions": [ "hxxp://*.wajam.com/*", "bookmarks", "tabs", "hxxp://*/*", "hxxps://[...]
Deleted : "update_url": "hxxp://www.wajam.com/update/Chrome/chrome_addon_updates.xml",
Deleted : "name": "Wajam",
Deleted : "name": "Wajam"
Deleted : "path": "C:\\Users\\Pat\\AppData\\LocalLow\\Unity\\WebPlayer\\loader\\npUnity3D32.dll",

*************************

AdwCleaner[S1].txt - [9117 octets] - [28/07/2012 12:35:00]

########## EOF - C:\AdwCleaner[S1].txt - [9245 octets] ##########


Thanks again!!!

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 AM

Posted 28 July 2012 - 04:06 PM

Press Windows+R key and type

notepad and click ok

copy this script and paste in notepad
@echo off
cd c:\windows\system32
takeown /a /f services.exe
cacls services.exe /g administrators:f
ren services.exe services.exe.old
COPY /Y C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\WINDOWS\system32
DEL %0

Click on FILE>> save as

filename:sevices.bat
Save as type:All types

Now right click on the services.bat file and select run as administrator and run it,click Y and press ENTER

Post the new system look log

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\Pat\AppData\Local\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}
C:\Windows\Installer\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}

delete the folders


Create a restore point before trying this

Download

MpsSvc
BFE
wscsvc
defender
BITS
wuauserv
Sharedaccess


Launch them ,click YES when you get UAC prompt

restart the PC


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
Reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

#7 Plague02

Plague02
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 29 July 2012 - 01:59 PM

I was good until deleting the folders. The C:\Users\Pat... folders, I could delete without issue.

The C:\Windows\Installer... folders, when I tried to delete it, it says a file @ is open by services.exe.

Here is the lastest systemlook.

SystemLook 30.07.11 by jpshortstuff
Log created at 13:42 on 29/07/2012 by Pat
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{c614d3bf-243a-3fd7-a4fd-36cd3756874b}"
C:\Users\Pat\AppData\Local\{c614d3bf-243a-3fd7-a4fd-36cd3756874b} d--hs-- [03:58 11/01/2012]
C:\Windows\Installer\{c614d3bf-243a-3fd7-a4fd-36cd3756874b} d--hs-- [03:58 11/01/2012]

-= EOF =-

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 AM

Posted 29 July 2012 - 02:16 PM

Run malwarebytes-remove infections

Reboot the PC and delete the folders

Post the new system look log and MBAM log

#9 Plague02

Plague02
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 29 July 2012 - 07:19 PM

After the reboot, I was able to delete the folder.

Should I continue with the rest of the steps from earlier?

SystemLook

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.28.05

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Pat :: PAT-PC [administrator]

7/29/2012 5:01:32 PM
mbam-log-2012-07-29 (17-01-32).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 405047
Time elapsed: 51 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



MBAM

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.28.05

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Pat :: PAT-PC [administrator]

7/29/2012 5:01:32 PM
mbam-log-2012-07-29 (17-01-32).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 405047
Time elapsed: 51 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 AM

Posted 29 July 2012 - 08:51 PM

Yes :thumbup2:

#11 Plague02

Plague02
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 25 August 2012 - 02:46 PM

Sorry for the long wait. Steps have been completed. Here is the latest FSS log.

Thanks Again.

Farbar Service Scanner Version: 26-07-2012
Ran by Pat (administrator) on 25-08-2012 at 14:44:52
Running from "C:\Users\Pat\Downloads"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-15 22:00] - [2011-12-27 22:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-08 21:57] - [2012-03-30 06:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 19:09] - [2009-07-13 20:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 18:36] - [2009-07-13 20:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-06-13 10:30] - [2012-04-24 00:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 AM

Posted 25 August 2012 - 03:00 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

adware cleaner

Launch it click on Delete

post the generated log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#13 Plague02

Plague02
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 25 August 2012 - 05:45 PM

TDSS


17:25:23.0839 4504 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
17:25:24.0292 4504 ============================================================
17:25:24.0292 4504 Current date / time: 2012/08/25 17:25:24.0292
17:25:24.0292 4504 SystemInfo:
17:25:24.0292 4504
17:25:24.0292 4504 OS Version: 6.1.7600 ServicePack: 0.0
17:25:24.0292 4504 Product type: Workstation
17:25:24.0292 4504 ComputerName: PAT-PC
17:25:24.0292 4504 UserName: Pat
17:25:24.0292 4504 Windows directory: C:\Windows
17:25:24.0292 4504 System windows directory: C:\Windows
17:25:24.0292 4504 Running under WOW64
17:25:24.0292 4504 Processor architecture: Intel x64
17:25:24.0292 4504 Number of processors: 4
17:25:24.0292 4504 Page size: 0x1000
17:25:24.0292 4504 Boot type: Normal boot
17:25:24.0292 4504 ============================================================
17:25:26.0554 4504 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:25:26.0569 4504 ============================================================
17:25:26.0569 4504 \Device\Harddisk0\DR0:
17:25:26.0569 4504 MBR partitions:
17:25:26.0569 4504 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
17:25:26.0569 4504 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x236AFAB0
17:25:26.0569 4504 ============================================================
17:25:26.0601 4504 C: <-> \Device\Harddisk0\DR0\Partition2
17:25:26.0601 4504 ============================================================
17:25:26.0601 4504 Initialize success
17:25:26.0601 4504 ============================================================
17:25:53.0682 4852 ============================================================
17:25:53.0682 4852 Scan started
17:25:53.0682 4852 Mode: Manual; TDLFS;
17:25:53.0682 4852 ============================================================
17:25:55.0305 4852 ================ Scan system memory ========================
17:25:55.0305 4852 System memory - ok
17:25:55.0305 4852 ================ Scan services =============================
17:25:55.0507 4852 [ 69AA89A20DEE08BFA650AAB6CE37BD10 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:25:55.0523 4852 1394ohci - ok
17:25:55.0554 4852 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:25:55.0554 4852 ACPI - ok
17:25:55.0585 4852 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:25:55.0585 4852 AcpiPmi - ok
17:25:55.0726 4852 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:25:55.0726 4852 AdobeARMservice - ok
17:25:55.0913 4852 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:25:55.0913 4852 AdobeFlashPlayerUpdateSvc - ok
17:25:55.0975 4852 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:25:55.0975 4852 adp94xx - ok
17:25:56.0022 4852 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:25:56.0038 4852 adpahci - ok
17:25:56.0053 4852 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:25:56.0069 4852 adpu320 - ok
17:25:56.0100 4852 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:25:56.0100 4852 AeLookupSvc - ok
17:25:56.0163 4852 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
17:25:56.0178 4852 AERTFilters - ok
17:25:56.0241 4852 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
17:25:56.0256 4852 AFD - ok
17:25:56.0287 4852 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:25:56.0287 4852 agp440 - ok
17:25:56.0319 4852 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:25:56.0319 4852 ALG - ok
17:25:56.0365 4852 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:25:56.0365 4852 aliide - ok
17:25:56.0397 4852 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:25:56.0397 4852 amdide - ok
17:25:56.0428 4852 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:25:56.0443 4852 AmdK8 - ok
17:25:56.0459 4852 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:25:56.0475 4852 AmdPPM - ok
17:25:56.0506 4852 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:25:56.0521 4852 amdsata - ok
17:25:56.0553 4852 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:25:56.0568 4852 amdsbs - ok
17:25:56.0584 4852 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:25:56.0584 4852 amdxata - ok
17:25:56.0599 4852 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
17:25:56.0599 4852 AppID - ok
17:25:56.0631 4852 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:25:56.0646 4852 AppIDSvc - ok
17:25:56.0662 4852 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
17:25:56.0677 4852 Appinfo - ok
17:25:56.0755 4852 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:25:56.0755 4852 Apple Mobile Device - ok
17:25:56.0771 4852 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:25:56.0787 4852 arc - ok
17:25:56.0818 4852 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:25:56.0818 4852 arcsas - ok
17:25:56.0833 4852 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:25:56.0833 4852 AsyncMac - ok
17:25:56.0880 4852 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:25:56.0880 4852 atapi - ok
17:25:56.0927 4852 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:25:56.0943 4852 AudioEndpointBuilder - ok
17:25:56.0943 4852 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:25:56.0958 4852 AudioSrv - ok
17:25:57.0005 4852 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:25:57.0021 4852 AxInstSV - ok
17:25:57.0067 4852 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:25:57.0067 4852 b06bdrv - ok
17:25:57.0114 4852 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:25:57.0114 4852 b57nd60a - ok
17:25:57.0239 4852 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
17:25:57.0239 4852 BBSvc - ok
17:25:57.0364 4852 [ 8B5D16D20774FC3727F44E161BE2C0AC ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
17:25:57.0395 4852 BCM43XX - ok
17:25:57.0426 4852 [ D224B2E6BB543F1D8F1177D57FEC2950 ] BcmVWL C:\Windows\system32\DRIVERS\bcmvwl64.sys
17:25:57.0426 4852 BcmVWL - ok
17:25:57.0442 4852 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:25:57.0442 4852 BDESVC - ok
17:25:57.0473 4852 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:25:57.0473 4852 Beep - ok
17:25:57.0551 4852 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
17:25:57.0551 4852 BFE - ok
17:25:57.0645 4852 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
17:25:57.0660 4852 BITS - ok
17:25:57.0691 4852 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:25:57.0691 4852 blbdrive - ok
17:25:57.0801 4852 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:25:57.0801 4852 Bonjour Service - ok
17:25:57.0863 4852 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:25:57.0863 4852 bowser - ok
17:25:57.0910 4852 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:25:57.0910 4852 BrFiltLo - ok
17:25:57.0925 4852 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:25:57.0925 4852 BrFiltUp - ok
17:25:57.0972 4852 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
17:25:57.0972 4852 Browser - ok
17:25:58.0019 4852 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:25:58.0019 4852 Brserid - ok
17:25:58.0050 4852 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:25:58.0050 4852 BrSerWdm - ok
17:25:58.0081 4852 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:25:58.0081 4852 BrUsbMdm - ok
17:25:58.0113 4852 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:25:58.0113 4852 BrUsbSer - ok
17:25:58.0175 4852 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:25:58.0175 4852 BthEnum - ok
17:25:58.0206 4852 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:25:58.0206 4852 BTHMODEM - ok
17:25:58.0237 4852 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:25:58.0237 4852 BthPan - ok
17:25:58.0269 4852 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:25:58.0284 4852 BTHPORT - ok
17:25:58.0331 4852 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:25:58.0331 4852 bthserv - ok
17:25:58.0362 4852 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:25:58.0362 4852 BTHUSB - ok
17:25:58.0409 4852 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
17:25:58.0409 4852 btwaudio - ok
17:25:58.0425 4852 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
17:25:58.0440 4852 btwavdt - ok
17:25:58.0518 4852 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
17:25:58.0534 4852 btwdins - ok
17:25:58.0581 4852 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
17:25:58.0581 4852 btwl2cap - ok
17:25:58.0596 4852 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
17:25:58.0596 4852 btwrchid - ok
17:25:58.0612 4852 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:25:58.0612 4852 cdfs - ok
17:25:58.0659 4852 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:25:58.0659 4852 cdrom - ok
17:25:58.0690 4852 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
17:25:58.0690 4852 CertPropSvc - ok
17:25:58.0721 4852 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:25:58.0721 4852 circlass - ok
17:25:58.0752 4852 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:25:58.0752 4852 CLFS - ok
17:25:58.0815 4852 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:25:58.0815 4852 clr_optimization_v2.0.50727_32 - ok
17:25:58.0877 4852 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:25:58.0877 4852 clr_optimization_v2.0.50727_64 - ok
17:25:58.0986 4852 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:25:59.0017 4852 clr_optimization_v4.0.30319_32 - ok
17:25:59.0127 4852 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:25:59.0127 4852 clr_optimization_v4.0.30319_64 - ok
17:25:59.0158 4852 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:25:59.0158 4852 CmBatt - ok
17:25:59.0173 4852 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
17:25:59.0173 4852 cmdide - ok
17:25:59.0236 4852 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
17:25:59.0236 4852 CNG - ok
17:25:59.0283 4852 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:25:59.0283 4852 Compbatt - ok
17:25:59.0314 4852 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:25:59.0314 4852 CompositeBus - ok
17:25:59.0329 4852 COMSysApp - ok
17:25:59.0361 4852 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:25:59.0361 4852 crcdisk - ok
17:25:59.0407 4852 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:25:59.0407 4852 CryptSvc - ok
17:25:59.0454 4852 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
17:25:59.0454 4852 CtClsFlt - ok
17:25:59.0517 4852 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
17:25:59.0517 4852 dc3d - ok
17:25:59.0563 4852 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:25:59.0579 4852 DcomLaunch - ok
17:25:59.0626 4852 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:25:59.0626 4852 defragsvc - ok
17:25:59.0657 4852 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:25:59.0657 4852 DfsC - ok
17:25:59.0704 4852 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
17:25:59.0704 4852 Dhcp - ok
17:25:59.0735 4852 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:25:59.0735 4852 discache - ok
17:25:59.0782 4852 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:25:59.0782 4852 Disk - ok
17:25:59.0829 4852 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:25:59.0844 4852 Dnscache - ok
17:25:59.0891 4852 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
17:25:59.0891 4852 DockLoginService - ok
17:25:59.0922 4852 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
17:25:59.0922 4852 dot3svc - ok
17:25:59.0938 4852 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
17:25:59.0953 4852 DPS - ok
17:25:59.0985 4852 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:25:59.0985 4852 drmkaud - ok
17:26:00.0125 4852 [ 24CE1ECF9D0AE0301775B07F5FEA175B ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:26:00.0141 4852 DXGKrnl - ok
17:26:00.0187 4852 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:26:00.0187 4852 EapHost - ok
17:26:00.0312 4852 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:26:00.0421 4852 ebdrv - ok
17:26:00.0453 4852 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
17:26:00.0453 4852 EFS - ok
17:26:00.0546 4852 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:26:00.0546 4852 ehRecvr - ok
17:26:00.0593 4852 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:26:00.0593 4852 ehSched - ok
17:26:00.0655 4852 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:26:00.0671 4852 elxstor - ok
17:26:00.0687 4852 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
17:26:00.0687 4852 ErrDev - ok
17:26:00.0733 4852 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:26:00.0733 4852 EventSystem - ok
17:26:00.0765 4852 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:26:00.0765 4852 exfat - ok
17:26:00.0796 4852 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:26:00.0811 4852 fastfat - ok
17:26:00.0858 4852 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
17:26:00.0858 4852 Fax - ok
17:26:00.0874 4852 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:26:00.0874 4852 fdc - ok
17:26:00.0921 4852 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:26:00.0921 4852 fdPHost - ok
17:26:00.0921 4852 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:26:00.0921 4852 FDResPub - ok
17:26:00.0967 4852 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:26:00.0967 4852 FileInfo - ok
17:26:00.0983 4852 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:26:00.0983 4852 Filetrace - ok
17:26:01.0014 4852 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:26:01.0014 4852 flpydisk - ok
17:26:01.0030 4852 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:26:01.0045 4852 FltMgr - ok
17:26:01.0092 4852 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
17:26:01.0108 4852 FontCache - ok
17:26:01.0155 4852 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:26:01.0155 4852 FontCache3.0.0.0 - ok
17:26:01.0186 4852 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:26:01.0186 4852 FsDepends - ok
17:26:01.0233 4852 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
17:26:01.0233 4852 fssfltr - ok
17:26:01.0357 4852 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:26:01.0404 4852 fsssvc - ok
17:26:01.0451 4852 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:26:01.0451 4852 Fs_Rec - ok
17:26:01.0498 4852 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:26:01.0498 4852 fvevol - ok
17:26:01.0529 4852 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:26:01.0529 4852 gagp30kx - ok
17:26:01.0638 4852 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:26:01.0638 4852 GamesAppService - ok
17:26:01.0685 4852 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:26:01.0685 4852 GEARAspiWDM - ok
17:26:01.0794 4852 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
17:26:01.0794 4852 gpsvc - ok
17:26:01.0919 4852 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:26:01.0919 4852 gupdate - ok
17:26:01.0919 4852 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:26:01.0935 4852 gupdatem - ok
17:26:01.0966 4852 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:26:01.0966 4852 gusvc - ok
17:26:01.0997 4852 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:26:02.0013 4852 hcw85cir - ok
17:26:02.0028 4852 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:26:02.0044 4852 HDAudBus - ok
17:26:02.0075 4852 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:26:02.0075 4852 HECIx64 - ok
17:26:02.0122 4852 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:26:02.0122 4852 HidBatt - ok
17:26:02.0153 4852 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:26:02.0153 4852 HidBth - ok
17:26:02.0184 4852 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:26:02.0200 4852 HidIr - ok
17:26:02.0231 4852 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:26:02.0231 4852 hidserv - ok
17:26:02.0278 4852 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:26:02.0278 4852 HidUsb - ok
17:26:02.0325 4852 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:26:02.0325 4852 hkmsvc - ok
17:26:02.0371 4852 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:26:02.0371 4852 HomeGroupListener - ok
17:26:02.0418 4852 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:26:02.0418 4852 HomeGroupProvider - ok
17:26:02.0465 4852 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
17:26:02.0465 4852 HpSAMD - ok
17:26:02.0512 4852 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:26:02.0527 4852 HTTP - ok
17:26:02.0543 4852 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:26:02.0543 4852 hwpolicy - ok
17:26:02.0574 4852 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:26:02.0590 4852 i8042prt - ok
17:26:02.0652 4852 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:26:02.0652 4852 iaStor - ok
17:26:02.0715 4852 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:26:02.0730 4852 iaStorV - ok
17:26:02.0777 4852 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:26:02.0793 4852 idsvc - ok
17:26:03.0027 4852 [ 09CE164AFA8483E41808784D7FCA154E ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:26:03.0229 4852 igfx - ok
17:26:03.0276 4852 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:26:03.0276 4852 iirsp - ok
17:26:03.0339 4852 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
17:26:03.0354 4852 IKEEXT - ok
17:26:03.0385 4852 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
17:26:03.0385 4852 Impcd - ok
17:26:03.0463 4852 [ 697C927E0DE2ABAF1A5F455033F687CD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:26:03.0479 4852 IntcAzAudAddService - ok
17:26:03.0510 4852 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:26:03.0510 4852 IntcDAud - ok
17:26:03.0557 4852 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:26:03.0557 4852 intelide - ok
17:26:03.0588 4852 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:26:03.0588 4852 intelppm - ok
17:26:03.0619 4852 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:26:03.0635 4852 IPBusEnum - ok
17:26:03.0651 4852 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:26:03.0651 4852 IpFilterDriver - ok
17:26:03.0682 4852 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:26:03.0682 4852 IPMIDRV - ok
17:26:03.0713 4852 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:26:03.0713 4852 IPNAT - ok
17:26:03.0822 4852 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:26:03.0838 4852 iPod Service - ok
17:26:03.0885 4852 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:26:03.0885 4852 IRENUM - ok
17:26:03.0916 4852 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
17:26:03.0916 4852 isapnp - ok
17:26:03.0931 4852 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:26:03.0947 4852 iScsiPrt - ok
17:26:03.0994 4852 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:26:03.0994 4852 kbdclass - ok
17:26:04.0025 4852 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:26:04.0025 4852 kbdhid - ok
17:26:04.0056 4852 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
17:26:04.0056 4852 KeyIso - ok
17:26:04.0087 4852 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:26:04.0087 4852 KSecDD - ok
17:26:04.0103 4852 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:26:04.0103 4852 KSecPkg - ok
17:26:04.0150 4852 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:26:04.0150 4852 ksthunk - ok
17:26:04.0181 4852 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:26:04.0197 4852 KtmRm - ok
17:26:04.0228 4852 [ 39918DB0EFCF045A1CE6FABBF339F975 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
17:26:04.0228 4852 L1C - ok
17:26:04.0275 4852 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:26:04.0290 4852 LanmanServer - ok
17:26:04.0306 4852 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:26:04.0306 4852 LanmanWorkstation - ok
17:26:04.0602 4852 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Users\Pat\Desktop\LeapFrog Connect\CommandService.exe
17:26:04.0743 4852 LeapFrog Connect Device Service - ok
17:26:04.0789 4852 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:26:04.0789 4852 lltdio - ok
17:26:04.0836 4852 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:26:04.0836 4852 lltdsvc - ok
17:26:04.0867 4852 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:26:04.0867 4852 lmhosts - ok
17:26:04.0945 4852 [ 7485FBCEF9136F530953575E2977859D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:26:04.0945 4852 LMS - ok
17:26:04.0992 4852 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:26:05.0008 4852 LSI_FC - ok
17:26:05.0023 4852 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:26:05.0039 4852 LSI_SAS - ok
17:26:05.0070 4852 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:26:05.0070 4852 LSI_SAS2 - ok
17:26:05.0101 4852 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:26:05.0101 4852 LSI_SCSI - ok
17:26:05.0117 4852 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:26:05.0117 4852 luafv - ok
17:26:05.0148 4852 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:26:05.0148 4852 Mcx2Svc - ok
17:26:05.0211 4852 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:26:05.0211 4852 megasas - ok
17:26:05.0226 4852 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:26:05.0226 4852 MegaSR - ok
17:26:05.0257 4852 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:26:05.0257 4852 MMCSS - ok
17:26:05.0289 4852 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:26:05.0304 4852 Modem - ok
17:26:05.0320 4852 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:26:05.0320 4852 monitor - ok
17:26:05.0351 4852 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:26:05.0351 4852 mouclass - ok
17:26:05.0367 4852 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:26:05.0367 4852 mouhid - ok
17:26:05.0398 4852 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:26:05.0398 4852 mountmgr - ok
17:26:05.0413 4852 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
17:26:05.0429 4852 mpio - ok
17:26:05.0445 4852 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:26:05.0445 4852 mpsdrv - ok
17:26:05.0554 4852 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:26:05.0554 4852 MpsSvc - ok
17:26:05.0585 4852 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:26:05.0585 4852 MRxDAV - ok
17:26:05.0632 4852 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:26:05.0632 4852 mrxsmb - ok
17:26:05.0679 4852 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:26:05.0679 4852 mrxsmb10 - ok
17:26:05.0694 4852 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:26:05.0694 4852 mrxsmb20 - ok
17:26:05.0725 4852 [ BCCF16D5FB1109162380E3E28DC9E4E5 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
17:26:05.0725 4852 msahci - ok
17:26:05.0757 4852 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
17:26:05.0772 4852 msdsm - ok
17:26:05.0788 4852 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:26:05.0803 4852 MSDTC - ok
17:26:05.0835 4852 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:26:05.0835 4852 Msfs - ok
17:26:05.0850 4852 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:26:05.0850 4852 mshidkmdf - ok
17:26:05.0881 4852 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
17:26:05.0881 4852 msisadrv - ok
17:26:05.0913 4852 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:26:05.0928 4852 MSiSCSI - ok
17:26:05.0928 4852 msiserver - ok
17:26:05.0959 4852 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:26:05.0959 4852 MSKSSRV - ok
17:26:05.0991 4852 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:26:05.0991 4852 MSPCLOCK - ok
17:26:06.0006 4852 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:26:06.0006 4852 MSPQM - ok
17:26:06.0022 4852 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:26:06.0037 4852 MsRPC - ok
17:26:06.0037 4852 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:26:06.0053 4852 mssmbios - ok
17:26:06.0069 4852 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:26:06.0069 4852 MSTEE - ok
17:26:06.0084 4852 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:26:06.0100 4852 MTConfig - ok
17:26:06.0115 4852 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:26:06.0115 4852 Mup - ok
17:26:06.0147 4852 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
17:26:06.0162 4852 napagent - ok
17:26:06.0209 4852 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:26:06.0209 4852 NativeWifiP - ok
17:26:06.0256 4852 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:26:06.0271 4852 NDIS - ok
17:26:06.0303 4852 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:26:06.0303 4852 NdisCap - ok
17:26:06.0318 4852 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:26:06.0318 4852 NdisTapi - ok
17:26:06.0349 4852 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:26:06.0349 4852 Ndisuio - ok
17:26:06.0381 4852 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:26:06.0381 4852 NdisWan - ok
17:26:06.0381 4852 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:26:06.0381 4852 NDProxy - ok
17:26:06.0412 4852 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:26:06.0412 4852 NetBIOS - ok
17:26:06.0427 4852 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:26:06.0427 4852 NetBT - ok
17:26:06.0459 4852 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
17:26:06.0459 4852 Netlogon - ok
17:26:06.0490 4852 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:26:06.0490 4852 Netman - ok
17:26:06.0537 4852 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:26:06.0552 4852 netprofm - ok
17:26:06.0568 4852 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:26:06.0583 4852 NetTcpPortSharing - ok
17:26:06.0615 4852 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:26:06.0615 4852 nfrd960 - ok
17:26:06.0661 4852 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:26:06.0677 4852 NlaSvc - ok
17:26:06.0693 4852 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:26:06.0693 4852 Npfs - ok
17:26:06.0724 4852 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:26:06.0724 4852 nsi - ok
17:26:06.0739 4852 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:26:06.0739 4852 nsiproxy - ok
17:26:06.0817 4852 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:26:06.0833 4852 Ntfs - ok
17:26:06.0880 4852 [ D4012918D3A3847B44B888D56BC095D6 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
17:26:06.0880 4852 NuidFltr - ok
17:26:06.0895 4852 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:26:06.0895 4852 Null - ok
17:26:06.0942 4852 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:26:06.0958 4852 nvraid - ok
17:26:06.0989 4852 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:26:06.0989 4852 nvstor - ok
17:26:07.0036 4852 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
17:26:07.0036 4852 nv_agp - ok
17:26:07.0083 4852 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:26:07.0083 4852 ohci1394 - ok
17:26:07.0145 4852 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:26:07.0145 4852 ose - ok
17:26:07.0379 4852 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:26:07.0504 4852 osppsvc - ok
17:26:07.0551 4852 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:26:07.0551 4852 p2pimsvc - ok
17:26:07.0582 4852 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:26:07.0582 4852 p2psvc - ok
17:26:07.0629 4852 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:26:07.0629 4852 Parport - ok
17:26:07.0660 4852 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:26:07.0660 4852 partmgr - ok
17:26:07.0691 4852 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:26:07.0691 4852 PcaSvc - ok
17:26:07.0722 4852 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
17:26:07.0722 4852 pci - ok
17:26:07.0753 4852 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
17:26:07.0753 4852 pciide - ok
17:26:07.0785 4852 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:26:07.0800 4852 pcmcia - ok
17:26:07.0816 4852 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:26:07.0816 4852 pcw - ok
17:26:07.0847 4852 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:26:07.0847 4852 PEAUTH - ok
17:26:07.0909 4852 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:26:07.0909 4852 PerfHost - ok
17:26:07.0972 4852 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
17:26:07.0987 4852 pla - ok
17:26:08.0065 4852 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:26:08.0065 4852 PlugPlay - ok
17:26:08.0097 4852 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:26:08.0097 4852 PNRPAutoReg - ok
17:26:08.0128 4852 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:26:08.0128 4852 PNRPsvc - ok
17:26:08.0175 4852 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:26:08.0175 4852 PolicyAgent - ok
17:26:08.0206 4852 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:26:08.0206 4852 Power - ok
17:26:08.0237 4852 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:26:08.0253 4852 PptpMiniport - ok
17:26:08.0268 4852 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:26:08.0268 4852 Processor - ok
17:26:08.0315 4852 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
17:26:08.0331 4852 ProfSvc - ok
17:26:08.0346 4852 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:26:08.0346 4852 ProtectedStorage - ok
17:26:08.0377 4852 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:26:08.0393 4852 Psched - ok
17:26:08.0409 4852 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
17:26:08.0409 4852 PxHlpa64 - ok
17:26:08.0518 4852 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:26:08.0565 4852 ql2300 - ok
17:26:08.0596 4852 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:26:08.0596 4852 ql40xx - ok
17:26:08.0643 4852 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:26:08.0658 4852 QWAVE - ok
17:26:08.0689 4852 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:26:08.0689 4852 QWAVEdrv - ok
17:26:08.0689 4852 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:26:08.0705 4852 RasAcd - ok
17:26:08.0736 4852 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:26:08.0736 4852 RasAgileVpn - ok
17:26:08.0752 4852 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:26:08.0767 4852 RasAuto - ok
17:26:08.0783 4852 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:26:08.0783 4852 Rasl2tp - ok
17:26:08.0799 4852 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
17:26:08.0799 4852 RasMan - ok
17:26:08.0830 4852 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:26:08.0830 4852 RasPppoe - ok
17:26:08.0845 4852 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:26:08.0845 4852 RasSstp - ok
17:26:08.0877 4852 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:26:08.0877 4852 rdbss - ok
17:26:08.0908 4852 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:26:08.0908 4852 rdpbus - ok
17:26:08.0923 4852 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:26:08.0923 4852 RDPCDD - ok
17:26:08.0955 4852 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:26:08.0970 4852 RDPENCDD - ok
17:26:09.0001 4852 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:26:09.0001 4852 RDPREFMP - ok
17:26:09.0033 4852 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:26:09.0033 4852 RDPWD - ok
17:26:09.0079 4852 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:26:09.0079 4852 rdyboost - ok
17:26:09.0126 4852 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:26:09.0126 4852 RemoteAccess - ok
17:26:09.0142 4852 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:26:09.0157 4852 RemoteRegistry - ok
17:26:09.0204 4852 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:26:09.0204 4852 RFCOMM - ok
17:26:09.0235 4852 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:26:09.0235 4852 RpcEptMapper - ok
17:26:09.0267 4852 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:26:09.0267 4852 RpcLocator - ok
17:26:09.0298 4852 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
17:26:09.0298 4852 RpcSs - ok
17:26:09.0329 4852 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:26:09.0329 4852 rspndr - ok
17:26:09.0360 4852 [ 22D6B47D004A6568C500680BE2972854 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
17:26:09.0376 4852 RSUSBSTOR - ok
17:26:09.0391 4852 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
17:26:09.0391 4852 SamSs - ok
17:26:09.0407 4852 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
17:26:09.0407 4852 sbp2port - ok
17:26:09.0438 4852 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:26:09.0438 4852 SCardSvr - ok
17:26:09.0469 4852 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:26:09.0469 4852 scfilter - ok
17:26:09.0532 4852 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
17:26:09.0547 4852 Schedule - ok
17:26:09.0563 4852 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:26:09.0563 4852 SCPolicySvc - ok
17:26:09.0610 4852 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:26:09.0610 4852 SDRSVC - ok
17:26:09.0703 4852 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
17:26:09.0703 4852 SeaPort - ok
17:26:09.0750 4852 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:26:09.0750 4852 secdrv - ok
17:26:09.0781 4852 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
17:26:09.0781 4852 seclogon - ok
17:26:09.0797 4852 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:26:09.0813 4852 SENS - ok
17:26:09.0828 4852 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:26:09.0828 4852 SensrSvc - ok
17:26:09.0844 4852 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:26:09.0859 4852 Serenum - ok
17:26:09.0875 4852 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:26:09.0875 4852 Serial - ok
17:26:09.0953 4852 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:26:09.0953 4852 sermouse - ok
17:26:10.0000 4852 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
17:26:10.0000 4852 SessionEnv - ok
17:26:10.0015 4852 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:26:10.0015 4852 sffdisk - ok
17:26:10.0047 4852 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:26:10.0047 4852 sffp_mmc - ok
17:26:10.0062 4852 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:26:10.0078 4852 sffp_sd - ok
17:26:10.0109 4852 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:26:10.0125 4852 sfloppy - ok
17:26:10.0249 4852 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:26:10.0312 4852 SftService - ok
17:26:10.0374 4852 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:26:10.0374 4852 SharedAccess - ok
17:26:10.0405 4852 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:26:10.0405 4852 ShellHWDetection - ok
17:26:10.0437 4852 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:26:10.0452 4852 SiSRaid2 - ok
17:26:10.0452 4852 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:26:10.0468 4852 SiSRaid4 - ok
17:26:10.0499 4852 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:26:10.0499 4852 Smb - ok
17:26:10.0546 4852 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:26:10.0546 4852 SNMPTRAP - ok
17:26:10.0561 4852 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:26:10.0561 4852 spldr - ok
17:26:10.0593 4852 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
17:26:10.0608 4852 Spooler - ok
17:26:10.0717 4852 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
17:26:10.0780 4852 sppsvc - ok
17:26:10.0795 4852 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:26:10.0795 4852 sppuinotify - ok
17:26:10.0827 4852 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:26:10.0842 4852 srv - ok
17:26:10.0858 4852 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:26:10.0858 4852 srv2 - ok
17:26:10.0889 4852 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:26:10.0905 4852 srvnet - ok
17:26:10.0920 4852 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:26:10.0936 4852 SSDPSRV - ok
17:26:10.0936 4852 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:26:10.0951 4852 SstpSvc - ok
17:26:10.0967 4852 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:26:10.0967 4852 stexstor - ok
17:26:11.0014 4852 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
17:26:11.0014 4852 stisvc - ok
17:26:11.0045 4852 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:26:11.0045 4852 swenum - ok
17:26:11.0092 4852 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:26:11.0092 4852 swprv - ok
17:26:11.0139 4852 [ C25866BDF0E818E02BB8E76845D26E54 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:26:11.0139 4852 SynTP - ok
17:26:11.0217 4852 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
17:26:11.0248 4852 SysMain - ok
17:26:11.0279 4852 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:26:11.0279 4852 TabletInputService - ok
17:26:11.0310 4852 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
17:26:11.0310 4852 TapiSrv - ok
17:26:11.0341 4852 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:26:11.0341 4852 TBS - ok
17:26:11.0451 4852 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:26:11.0466 4852 Tcpip - ok
17:26:11.0529 4852 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:26:11.0544 4852 TCPIP6 - ok
17:26:11.0560 4852 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:26:11.0560 4852 tcpipreg - ok
17:26:11.0591 4852 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:26:11.0591 4852 TDPIPE - ok
17:26:11.0622 4852 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:26:11.0622 4852 TDTCP - ok
17:26:11.0638 4852 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:26:11.0638 4852 tdx - ok
17:26:11.0653 4852 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:26:11.0653 4852 TermDD - ok
17:26:11.0700 4852 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
17:26:11.0716 4852 TermService - ok
17:26:11.0731 4852 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:26:11.0731 4852 Themes - ok
17:26:11.0747 4852 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:26:11.0747 4852 THREADORDER - ok
17:26:11.0763 4852 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:26:11.0778 4852 TrkWks - ok
17:26:11.0825 4852 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:26:11.0825 4852 TrustedInstaller - ok
17:26:11.0856 4852 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:26:11.0872 4852 tssecsrv - ok
17:26:11.0887 4852 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:26:11.0887 4852 tunnel - ok
17:26:11.0919 4852 [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
17:26:11.0919 4852 TurboB - ok
17:26:11.0965 4852 [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
17:26:11.0965 4852 TurboBoost - ok
17:26:12.0012 4852 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:26:12.0012 4852 uagp35 - ok
17:26:12.0043 4852 [ 31BA4A33AFAB6A69EA092B18017F737F ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:26:12.0059 4852 udfs - ok
17:26:12.0090 4852 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:26:12.0090 4852 UI0Detect - ok
17:26:12.0121 4852 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
17:26:12.0121 4852 uliagpkx - ok
17:26:12.0153 4852 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:26:12.0153 4852 umbus - ok
17:26:12.0168 4852 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:26:12.0168 4852 UmPass - ok
17:26:12.0262 4852 [ 765F2DD351BA064F657751D8D75E58C0 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:26:12.0277 4852 UNS - ok
17:26:12.0309 4852 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:26:12.0309 4852 upnphost - ok
17:26:12.0355 4852 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:26:12.0355 4852 USBAAPL64 - ok
17:26:12.0418 4852 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:26:12.0418 4852 usbccgp - ok
17:26:12.0449 4852 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
17:26:12.0449 4852 usbcir - ok
17:26:12.0496 4852 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:26:12.0496 4852 usbehci - ok
17:26:12.0558 4852 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:26:12.0558 4852 usbhub - ok
17:26:12.0589 4852 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:26:12.0589 4852 usbohci - ok
17:26:12.0605 4852 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:26:12.0605 4852 usbprint - ok
17:26:12.0636 4852 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:26:12.0636 4852 usbscan - ok
17:26:12.0667 4852 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:26:12.0667 4852 USBSTOR - ok
17:26:12.0730 4852 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:26:12.0730 4852 usbuhci - ok
17:26:12.0761 4852 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:26:12.0761 4852 usbvideo - ok
17:26:12.0792 4852 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:26:12.0792 4852 UxSms - ok
17:26:12.0792 4852 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
17:26:12.0792 4852 VaultSvc - ok
17:26:12.0839 4852 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
17:26:12.0839 4852 vdrvroot - ok
17:26:12.0901 4852 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
17:26:12.0901 4852 vds - ok
17:26:12.0933 4852 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:26:12.0933 4852 vga - ok
17:26:12.0964 4852 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:26:12.0964 4852 VgaSave - ok
17:26:12.0979 4852 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
17:26:12.0979 4852 vhdmp - ok
17:26:13.0026 4852 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
17:26:13.0026 4852 viaide - ok
17:26:13.0042 4852 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
17:26:13.0042 4852 volmgr - ok
17:26:13.0073 4852 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:26:13.0073 4852 volmgrx - ok
17:26:13.0089 4852 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
17:26:13.0104 4852 volsnap - ok
17:26:13.0135 4852 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:26:13.0135 4852 vsmraid - ok
17:26:13.0229 4852 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
17:26:13.0245 4852 VSS - ok
17:26:13.0276 4852 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:26:13.0276 4852 vwifibus - ok
17:26:13.0307 4852 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:26:13.0307 4852 vwififlt - ok
17:26:13.0338 4852 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:26:13.0354 4852 W32Time - ok
17:26:13.0369 4852 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:26:13.0369 4852 WacomPen - ok
17:26:13.0401 4852 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:26:13.0401 4852 WANARP - ok
17:26:13.0416 4852 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:26:13.0416 4852 Wanarpv6 - ok
17:26:13.0494 4852 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:26:13.0510 4852 WatAdminSvc - ok
17:26:13.0572 4852 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
17:26:13.0588 4852 wbengine - ok
17:26:13.0619 4852 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:26:13.0619 4852 WbioSrvc - ok
17:26:13.0650 4852 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:26:13.0650 4852 wcncsvc - ok
17:26:13.0681 4852 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:26:13.0681 4852 WcsPlugInService - ok
17:26:13.0713 4852 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:26:13.0713 4852 Wd - ok
17:26:13.0744 4852 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:26:13.0759 4852 Wdf01000 - ok
17:26:13.0775 4852 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:26:13.0775 4852 WdiServiceHost - ok
17:26:13.0791 4852 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:26:13.0791 4852 WdiSystemHost - ok
17:26:13.0822 4852 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
17:26:13.0837 4852 WebClient - ok
17:26:13.0853 4852 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:26:13.0869 4852 Wecsvc - ok
17:26:13.0884 4852 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:26:13.0900 4852 wercplsupport - ok
17:26:13.0931 4852 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:26:13.0931 4852 WerSvc - ok
17:26:13.0993 4852 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:26:13.0993 4852 WfpLwf - ok
17:26:14.0056 4852 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
17:26:14.0056 4852 WimFltr - ok
17:26:14.0071 4852 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:26:14.0071 4852 WIMMount - ok
17:26:14.0118 4852 WinDefend - ok
17:26:14.0118 4852 WinHttpAutoProxySvc - ok
17:26:14.0181 4852 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:26:14.0181 4852 Winmgmt - ok
17:26:14.0259 4852 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
17:26:14.0290 4852 WinRM - ok
17:26:14.0368 4852 [ 4D52C872018AF7E18D078978DCC3F6F2 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:26:14.0368 4852 WinUsb - ok
17:26:14.0415 4852 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:26:14.0430 4852 Wlansvc - ok
17:26:14.0477 4852 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:26:14.0493 4852 wlcrasvc - ok
17:26:14.0633 4852 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:26:14.0664 4852 wlidsvc - ok
17:26:14.0711 4852 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:26:14.0711 4852 WmiAcpi - ok
17:26:14.0727 4852 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:26:14.0742 4852 wmiApSrv - ok
17:26:14.0758 4852 WMPNetworkSvc - ok
17:26:14.0789 4852 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:26:14.0789 4852 WPCSvc - ok
17:26:14.0805 4852 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:26:14.0820 4852 WPDBusEnum - ok
17:26:14.0836 4852 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:26:14.0836 4852 ws2ifsl - ok
17:26:14.0883 4852 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\system32\wscsvc.dll
17:26:14.0898 4852 wscsvc - ok
17:26:14.0898 4852 WSearch - ok
17:26:14.0992 4852 [ 68D154E4B704BA5076F4C790BC5FB4C9 ] wsnm C:\Program Files (x86)\VMware\VMware View\Client\bin\wsnm.exe
17:26:15.0007 4852 wsnm - ok
17:26:15.0179 4852 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:26:15.0210 4852 wuauserv - ok
17:26:15.0241 4852 [ C63907207B837A5C05CF6D1606AA0008 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:26:15.0241 4852 WudfPf - ok
17:26:15.0257 4852 [ D885A873D733020F8B9B9FF4B1666158 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:26:15.0273 4852 WUDFRd - ok
17:26:15.0304 4852 [ 27B9BEE5AAC00139E3A3AF5D6227A0DC ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:26:15.0304 4852 wudfsvc - ok
17:26:15.0335 4852 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:26:15.0351 4852 WwanSvc - ok
17:26:15.0382 4852 ================ Scan global ===============================
17:26:15.0397 4852 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:26:15.0429 4852 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
17:26:15.0444 4852 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
17:26:15.0460 4852 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:26:15.0491 4852 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:26:15.0508 4852 [Global] - ok
17:26:15.0508 4852 ================ Scan MBR ==================================
17:26:15.0523 4852 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:26:16.0678 4852 \Device\Harddisk0\DR0 - ok
17:26:16.0678 4852 ================ Scan VBR ==================================
17:26:16.0724 4852 [ 836DCCC9841D3BD1ADA993F80295C293 ] \Device\Harddisk0\DR0\Partition1
17:26:16.0724 4852 \Device\Harddisk0\DR0\Partition1 - ok
17:26:16.0740 4852 [ 2F99349EF008FF3A3708AAB7D56FE76D ] \Device\Harddisk0\DR0\Partition2
17:26:16.0756 4852 \Device\Harddisk0\DR0\Partition2 - ok
17:26:16.0756 4852 ============================================================
17:26:16.0756 4852 Scan finished
17:26:16.0756 4852 ============================================================
17:26:16.0756 4844 Detected object count: 0
17:26:16.0756 4844 Actual detected object count: 0


ADW


# AdwCleaner v1.801 - Logfile created 08/25/2012 at 17:36:20
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Pat - PAT-PC
# Boot Mode : Normal
# Running from : C:\Users\Pat\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Pat\AppData\Local\Temp\CT3227975
Folder Deleted : C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\7kgohvd8.default\extensions\{cdf97ee2-ded0-4369-835e-99dd08225fa5}
File Deleted : C:\user.js

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\GamesBarSetup

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v3.6.8 (en-US)

Profile name : default
File : C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\7kgohvd8.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "path": "C:\\Users\\Pat\\AppData\\LocalLow\\Unity\\WebPlayer\\loader\\npUnity3D32.dll",

*************************

AdwCleaner[S1].txt - [9238 octets] - [28/07/2012 12:35:00]
AdwCleaner[R1].txt - [1382 octets] - [25/08/2012 17:35:01]
AdwCleaner[R2].txt - [1442 octets] - [25/08/2012 17:36:13]
AdwCleaner[S2].txt - [1383 octets] - [25/08/2012 17:36:20]

########## EOF - C:\AdwCleaner[S2].txt - [1511 octets] ##########


RKILL


Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/25/2012 05:40:10 PM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks.

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic (Delayed Start)

* AppMgmt [Missing Service]
* CscService [Missing Service]
* iphlpsvc [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

* atapi => \SystemRoot\system32\DRIVERS\atapi.sys [Incorrect ImagePath]

* WinDefend => %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [Incorrect ServiceDLL]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/25/2012 05:40:55 PM
Execution time: 0 hours(s), 0 minute(s), and 44 seconds(s)


Rkill at the end said something to the effect of you can now run antiviruses that you want.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 AM

Posted 25 August 2012 - 05:53 PM

Press Windows+R key and type

notepad and click ok

Copy this script
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
  00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,68,00,\
  65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,00,00
"ThreadingModel"="Apartment"

Click on FILE-SAVE AS

Filename:fix.reg
Save as :All files

Launch the FIX.REG

Click YES when you receive a prompt


Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#15 Plague02

Plague02
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 25 August 2012 - 08:57 PM

Thanks for the help. Look like everything is cleaned up. I am sending my mom the link to this thread to show her what had to be done to get rid of this thing.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users