Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan: Generic29.DFS


  • Please log in to reply
16 replies to this topic

#1 Rendlog82

Rendlog82

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 07 August 2012 - 04:05 PM

So I have a virus, the other day my computer shut it self down went to blue screen then restarted. It kept doing that till i started in safe mode. Ran AVG in safe mode and cured 14 things. Then it blue screened one more time and then allowed me to start regularly. Ran AVG in normal mode and it found Trojan Horse Generic29.DFS. Did a little search (also have had experience before) and these things never get fully deleted with programs like AVG. Was wondering if someone could help me fully get rid of this virus. I have a 64bit Windows 7 Dell PC.

Thanks.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:26 PM

Posted 07 August 2012 - 04:21 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Rendlog82

Rendlog82
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 07 August 2012 - 07:43 PM

TDSSKiller log: I did not change the options when it found things so I cured one and skipped the other

16:27:41.0729 1120 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
16:27:42.0034 1120 ============================================================
16:27:42.0034 1120 Current date / time: 2012/08/07 16:27:42.0034
16:27:42.0034 1120 SystemInfo:
16:27:42.0034 1120
16:27:42.0034 1120 OS Version: 6.1.7601 ServicePack: 1.0
16:27:42.0034 1120 Product type: Workstation
16:27:42.0034 1120 ComputerName: RYAN-PC
16:27:42.0035 1120 UserName: Ryan
16:27:42.0035 1120 Windows directory: C:\Windows
16:27:42.0035 1120 System windows directory: C:\Windows
16:27:42.0035 1120 Running under WOW64
16:27:42.0035 1120 Processor architecture: Intel x64
16:27:42.0035 1120 Number of processors: 2
16:27:42.0035 1120 Page size: 0x1000
16:27:42.0035 1120 Boot type: Normal boot
16:27:42.0035 1120 ============================================================
16:27:44.0361 1120 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:27:44.0385 1120 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C0F00000 (1863.01 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:27:44.0417 1120 ============================================================
16:27:44.0417 1120 \Device\Harddisk0\DR0:
16:27:44.0422 1120 MBR partitions:
16:27:44.0422 1120 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1B9F000
16:27:44.0422 1120 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1BB3000, BlocksNum 0x387D2800
16:27:44.0422 1120 \Device\Harddisk1\DR1:
16:27:44.0423 1120 GPT partitions:
16:27:44.0424 1120 \Device\Harddisk1\DR1\Partition0: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {8B07B285-E7FA-4BC6-93A0-C5F0C8C69A61}, Name: EFI System Partition, StartLBA 0x28, BlocksNum 0x64000
16:27:44.0424 1120 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {02DC55DF-2A5C-4888-80A6-764B588E92B1}, Name: Basic data partition, StartLBA 0x64800, BlocksNum 0xE8DA2800
16:27:44.0424 1120 MBR partitions:
16:27:44.0424 1120 ============================================================
16:27:44.0478 1120 C: <-> \Device\Harddisk0\DR0\Partition1
16:27:44.0492 1120 J: <-> \Device\Harddisk1\DR1\Partition1
16:27:44.0519 1120 ============================================================
16:27:44.0519 1120 Initialize success
16:27:44.0519 1120 ============================================================
16:28:22.0689 6840 ============================================================
16:28:22.0690 6840 Scan started
16:28:22.0690 6840 Mode: Manual; TDLFS;
16:28:22.0690 6840 ============================================================
16:28:24.0515 6840 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
16:28:24.0534 6840 !SASCORE - ok
16:28:24.0701 6840 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:28:24.0711 6840 1394ohci - ok
16:28:24.0748 6840 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:28:24.0752 6840 ACPI - ok
16:28:24.0777 6840 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:28:24.0785 6840 AcpiPmi - ok
16:28:24.0993 6840 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:28:24.0994 6840 AdobeARMservice - ok
16:28:25.0189 6840 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:28:25.0191 6840 AdobeFlashPlayerUpdateSvc - ok
16:28:25.0221 6840 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:28:25.0227 6840 adp94xx - ok
16:28:25.0272 6840 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:28:25.0275 6840 adpahci - ok
16:28:25.0308 6840 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:28:25.0311 6840 adpu320 - ok
16:28:25.0353 6840 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:28:25.0354 6840 AeLookupSvc - ok
16:28:25.0410 6840 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:28:25.0424 6840 AFD - ok
16:28:25.0443 6840 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:28:25.0444 6840 agp440 - ok
16:28:25.0460 6840 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:28:25.0466 6840 ALG - ok
16:28:25.0491 6840 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:28:25.0492 6840 aliide - ok
16:28:25.0628 6840 AMD External Events Utility (9c616ba191b80f5cd1a1b9553e107100) C:\Windows\system32\atiesrxx.exe
16:28:25.0736 6840 AMD External Events Utility - ok
16:28:25.0774 6840 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:28:25.0775 6840 amdide - ok
16:28:25.0794 6840 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:28:25.0803 6840 AmdK8 - ok
16:28:26.0521 6840 amdkmdag (5165e83751b8ff40e5e4925996fcc506) C:\Windows\system32\DRIVERS\atikmdag.sys
16:28:26.0739 6840 amdkmdag - ok
16:28:26.0969 6840 amdkmdap (86ab3cf484260c4318f3a6e8b035f422) C:\Windows\system32\DRIVERS\atikmpag.sys
16:28:27.0008 6840 amdkmdap - ok
16:28:27.0040 6840 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:28:27.0047 6840 AmdPPM - ok
16:28:27.0162 6840 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:28:27.0169 6840 amdsata - ok
16:28:27.0196 6840 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:28:27.0200 6840 amdsbs - ok
16:28:27.0226 6840 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:28:27.0228 6840 amdxata - ok
16:28:27.0249 6840 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:28:27.0260 6840 AppID - ok
16:28:27.0299 6840 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:28:27.0306 6840 AppIDSvc - ok
16:28:27.0347 6840 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:28:27.0353 6840 Appinfo - ok
16:28:27.0535 6840 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:28:27.0584 6840 Apple Mobile Device - ok
16:28:27.0646 6840 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:28:27.0647 6840 arc - ok
16:28:27.0692 6840 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:28:27.0694 6840 arcsas - ok
16:28:27.0808 6840 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:28:27.0810 6840 aspnet_state - ok
16:28:27.0847 6840 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:28:27.0848 6840 AsyncMac - ok
16:28:27.0871 6840 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:28:27.0872 6840 atapi - ok
16:28:27.0905 6840 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:28:27.0919 6840 AudioEndpointBuilder - ok
16:28:27.0925 6840 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:28:27.0928 6840 AudioSrv - ok
16:28:28.0492 6840 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
16:28:28.0695 6840 AVGIDSAgent - ok
16:28:28.0846 6840 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
16:28:28.0848 6840 AVGIDSDriver - ok
16:28:28.0856 6840 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
16:28:28.0857 6840 AVGIDSEH - ok
16:28:28.0868 6840 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
16:28:28.0869 6840 AVGIDSFilter - ok
16:28:28.0888 6840 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
16:28:28.0891 6840 Avgldx64 - ok
16:28:28.0902 6840 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
16:28:28.0904 6840 Avgmfx64 - ok
16:28:28.0997 6840 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
16:28:28.0998 6840 Avgrkx64 - ok
16:28:29.0025 6840 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
16:28:29.0029 6840 Avgtdia - ok
16:28:29.0171 6840 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
16:28:29.0173 6840 avgwd - ok
16:28:29.0236 6840 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:28:29.0244 6840 AxInstSV - ok
16:28:29.0306 6840 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:28:29.0315 6840 b06bdrv - ok
16:28:29.0657 6840 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:28:29.0668 6840 b57nd60a - ok
16:28:29.0680 6840 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:28:29.0682 6840 BDESVC - ok
16:28:29.0694 6840 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:28:29.0700 6840 Beep - ok
16:28:29.0820 6840 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:28:29.0911 6840 BITS - ok
16:28:29.0923 6840 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:28:29.0930 6840 blbdrive - ok
16:28:30.0041 6840 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:28:30.0051 6840 Bonjour Service - ok
16:28:30.0089 6840 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:28:30.0097 6840 bowser - ok
16:28:30.0117 6840 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:28:30.0123 6840 BrFiltLo - ok
16:28:30.0145 6840 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:28:30.0151 6840 BrFiltUp - ok
16:28:30.0175 6840 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:28:30.0182 6840 BridgeMP - ok
16:28:30.0259 6840 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:28:30.0267 6840 Browser - ok
16:28:30.0294 6840 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:28:30.0304 6840 Brserid - ok
16:28:30.0323 6840 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:28:30.0331 6840 BrSerWdm - ok
16:28:30.0343 6840 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:28:30.0350 6840 BrUsbMdm - ok
16:28:30.0365 6840 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:28:30.0372 6840 BrUsbSer - ok
16:28:30.0389 6840 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:28:30.0396 6840 BTHMODEM - ok
16:28:30.0491 6840 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:28:30.0498 6840 bthserv - ok
16:28:30.0520 6840 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:28:30.0527 6840 cdfs - ok
16:28:30.0545 6840 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:28:30.0553 6840 cdrom - ok
16:28:30.0568 6840 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:28:30.0576 6840 CertPropSvc - ok
16:28:30.0596 6840 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:28:30.0603 6840 circlass - ok
16:28:30.0632 6840 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:28:30.0636 6840 CLFS - ok
16:28:30.0840 6840 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:28:30.0842 6840 clr_optimization_v2.0.50727_32 - ok
16:28:30.0911 6840 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:28:30.0913 6840 clr_optimization_v2.0.50727_64 - ok
16:28:31.0050 6840 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:28:31.0052 6840 clr_optimization_v4.0.30319_32 - ok
16:28:31.0081 6840 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:28:31.0083 6840 clr_optimization_v4.0.30319_64 - ok
16:28:31.0105 6840 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:28:31.0112 6840 CmBatt - ok
16:28:31.0118 6840 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:28:31.0118 6840 cmdide - ok
16:28:31.0172 6840 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:28:31.0177 6840 CNG - ok
16:28:31.0194 6840 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:28:31.0196 6840 Compbatt - ok
16:28:31.0214 6840 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:28:31.0221 6840 CompositeBus - ok
16:28:31.0224 6840 COMSysApp - ok
16:28:31.0245 6840 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:28:31.0246 6840 crcdisk - ok
16:28:31.0289 6840 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
16:28:31.0292 6840 CryptSvc - ok
16:28:31.0544 6840 DAUpdaterSvc (80861969541971176e005d2c09dae851) C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
16:28:31.0597 6840 DAUpdaterSvc - ok
16:28:31.0644 6840 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:28:31.0649 6840 DcomLaunch - ok
16:28:31.0739 6840 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:28:31.0761 6840 defragsvc - ok
16:28:31.0780 6840 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:28:31.0788 6840 DfsC - ok
16:28:31.0806 6840 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:28:31.0813 6840 Dhcp - ok
16:28:31.0832 6840 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:28:31.0839 6840 discache - ok
16:28:31.0852 6840 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:28:31.0854 6840 Disk - ok
16:28:31.0856 6840 dlcc_device - ok
16:28:31.0877 6840 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:28:31.0884 6840 Dnscache - ok
16:28:31.0896 6840 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:28:31.0904 6840 dot3svc - ok
16:28:31.0919 6840 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:28:31.0921 6840 DPS - ok
16:28:31.0949 6840 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:28:31.0958 6840 drmkaud - ok
16:28:32.0010 6840 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:28:32.0034 6840 dtsoftbus01 - ok
16:28:32.0101 6840 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:28:32.0110 6840 DXGKrnl - ok
16:28:32.0118 6840 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:28:32.0179 6840 EapHost - ok
16:28:32.0347 6840 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:28:32.0406 6840 ebdrv - ok
16:28:32.0569 6840 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:28:32.0596 6840 EFS - ok
16:28:32.0662 6840 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:28:32.0671 6840 ehRecvr - ok
16:28:32.0704 6840 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:28:32.0708 6840 ehSched - ok
16:28:32.0752 6840 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:28:32.0755 6840 elxstor - ok
16:28:32.0764 6840 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:28:32.0772 6840 ErrDev - ok
16:28:32.0805 6840 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:28:32.0809 6840 EventSystem - ok
16:28:32.0834 6840 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:28:32.0842 6840 exfat - ok
16:28:32.0875 6840 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:28:32.0884 6840 fastfat - ok
16:28:32.0933 6840 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:28:32.0982 6840 Fax - ok
16:28:33.0052 6840 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:28:33.0059 6840 fdc - ok
16:28:33.0078 6840 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:28:33.0084 6840 fdPHost - ok
16:28:33.0091 6840 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:28:33.0097 6840 FDResPub - ok
16:28:33.0105 6840 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:28:33.0106 6840 FileInfo - ok
16:28:33.0130 6840 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:28:33.0137 6840 Filetrace - ok
16:28:33.0168 6840 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:28:33.0175 6840 flpydisk - ok
16:28:33.0267 6840 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:28:33.0271 6840 FltMgr - ok
16:28:33.0375 6840 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:28:33.0425 6840 FontCache - ok
16:28:33.0484 6840 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:28:33.0486 6840 FontCache3.0.0.0 - ok
16:28:33.0517 6840 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:28:33.0519 6840 FsDepends - ok
16:28:33.0531 6840 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:28:33.0533 6840 Fs_Rec - ok
16:28:33.0545 6840 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:28:33.0548 6840 fvevol - ok
16:28:33.0587 6840 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:28:33.0589 6840 gagp30kx - ok
16:28:33.0631 6840 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:28:33.0633 6840 GEARAspiWDM - ok
16:28:33.0734 6840 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
16:28:33.0849 6840 GoToAssist - ok
16:28:33.0902 6840 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:28:33.0916 6840 gpsvc - ok
16:28:33.0979 6840 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:28:33.0981 6840 gupdate - ok
16:28:33.0989 6840 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:28:33.0990 6840 gupdatem - ok
16:28:34.0020 6840 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:28:34.0027 6840 hcw85cir - ok
16:28:34.0128 6840 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:28:34.0138 6840 HdAudAddService - ok
16:28:34.0153 6840 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:28:34.0155 6840 HDAudBus - ok
16:28:34.0174 6840 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
16:28:34.0175 6840 HECIx64 - ok
16:28:34.0195 6840 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:28:34.0202 6840 HidBatt - ok
16:28:34.0222 6840 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:28:34.0231 6840 HidBth - ok
16:28:34.0249 6840 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:28:34.0256 6840 HidIr - ok
16:28:34.0317 6840 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
16:28:34.0323 6840 hidserv - ok
16:28:34.0344 6840 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:28:34.0351 6840 HidUsb - ok
16:28:34.0360 6840 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:28:34.0402 6840 hkmsvc - ok
16:28:34.0433 6840 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:28:34.0436 6840 HomeGroupListener - ok
16:28:34.0459 6840 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:28:34.0462 6840 HomeGroupProvider - ok
16:28:34.0489 6840 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:28:34.0491 6840 HpSAMD - ok
16:28:34.0603 6840 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:28:34.0637 6840 HTTP - ok
16:28:34.0650 6840 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:28:34.0651 6840 hwpolicy - ok
16:28:34.0886 6840 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:28:34.0894 6840 i8042prt - ok
16:28:34.0938 6840 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:28:34.0942 6840 iaStorV - ok
16:28:35.0085 6840 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:28:35.0131 6840 IDriverT - ok
16:28:35.0298 6840 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:28:35.0313 6840 idsvc - ok
16:28:35.0794 6840 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:28:35.0958 6840 igfx - ok
16:28:36.0052 6840 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:28:36.0054 6840 iirsp - ok
16:28:36.0121 6840 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:28:36.0135 6840 IKEEXT - ok
16:28:36.0161 6840 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
16:28:36.0170 6840 Impcd - ok
16:28:36.0361 6840 IntcAzAudAddService (e9befd8c6a1db3b544b61647dda35f62) C:\Windows\system32\drivers\RTKVHD64.sys
16:28:36.0419 6840 IntcAzAudAddService - ok
16:28:36.0477 6840 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
16:28:36.0485 6840 IntcDAud - ok
16:28:36.0534 6840 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:28:36.0534 6840 intelide - ok
16:28:36.0587 6840 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:28:36.0589 6840 intelppm - ok
16:28:36.0626 6840 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:28:36.0673 6840 IPBusEnum - ok
16:28:36.0693 6840 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:28:36.0700 6840 IpFilterDriver - ok
16:28:36.0753 6840 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:28:36.0759 6840 iphlpsvc - ok
16:28:36.0775 6840 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:28:36.0782 6840 IPMIDRV - ok
16:28:36.0815 6840 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:28:36.0823 6840 IPNAT - ok
16:28:36.0907 6840 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
16:28:36.0990 6840 iPod Service - ok
16:28:37.0019 6840 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:28:37.0026 6840 IRENUM - ok
16:28:37.0041 6840 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:28:37.0042 6840 isapnp - ok
16:28:37.0061 6840 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:28:37.0064 6840 iScsiPrt - ok
16:28:37.0091 6840 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
16:28:37.0094 6840 k57nd60a - ok
16:28:37.0109 6840 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:28:37.0111 6840 kbdclass - ok
16:28:37.0136 6840 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:28:37.0143 6840 kbdhid - ok
16:28:37.0233 6840 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:28:37.0234 6840 KeyIso - ok
16:28:37.0258 6840 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:28:37.0260 6840 KSecDD - ok
16:28:37.0270 6840 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:28:37.0273 6840 KSecPkg - ok
16:28:37.0278 6840 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:28:37.0285 6840 ksthunk - ok
16:28:37.0304 6840 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:28:37.0334 6840 KtmRm - ok
16:28:37.0376 6840 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
16:28:37.0405 6840 LanmanServer - ok
16:28:37.0442 6840 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:28:37.0450 6840 LanmanWorkstation - ok
16:28:37.0463 6840 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:28:37.0471 6840 lltdio - ok
16:28:37.0493 6840 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:28:37.0524 6840 lltdsvc - ok
16:28:37.0547 6840 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:28:37.0553 6840 lmhosts - ok
16:28:37.0567 6840 LPDSVC (5dcd36fc4a6ecbf6e7f9b3bf7e0d0f55) C:\Windows\system32\lpdsvc.dll
16:28:37.0639 6840 LPDSVC - ok
16:28:37.0734 6840 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:28:37.0760 6840 LSI_FC - ok
16:28:37.0784 6840 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:28:37.0800 6840 LSI_SAS - ok
16:28:37.0826 6840 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:28:37.0828 6840 LSI_SAS2 - ok
16:28:37.0879 6840 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:28:37.0881 6840 LSI_SCSI - ok
16:28:37.0937 6840 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:28:37.0945 6840 luafv - ok
16:28:37.0996 6840 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
16:28:37.0997 6840 MBAMProtector - ok
16:28:38.0264 6840 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:28:38.0338 6840 MBAMService - ok
16:28:38.0409 6840 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:28:38.0416 6840 Mcx2Svc - ok
16:28:38.0449 6840 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:28:38.0450 6840 megasas - ok
16:28:38.0476 6840 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:28:38.0480 6840 MegaSR - ok
16:28:38.0546 6840 Microsoft SharePoint Workspace Audit Service - ok
16:28:38.0582 6840 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:28:38.0584 6840 MMCSS - ok
16:28:38.0604 6840 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:28:38.0611 6840 Modem - ok
16:28:38.0632 6840 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:28:38.0633 6840 monitor - ok
16:28:38.0640 6840 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:28:38.0641 6840 mouclass - ok
16:28:38.0651 6840 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:28:38.0658 6840 mouhid - ok
16:28:38.0676 6840 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:28:38.0678 6840 mountmgr - ok
16:28:38.0732 6840 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:28:38.0804 6840 MozillaMaintenance - ok
16:28:38.0886 6840 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:28:38.0889 6840 mpio - ok
16:28:38.0897 6840 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:28:38.0905 6840 mpsdrv - ok
16:28:38.0927 6840 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:28:38.0935 6840 MRxDAV - ok
16:28:38.0964 6840 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:28:38.0973 6840 mrxsmb - ok
16:28:39.0019 6840 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:28:39.0041 6840 mrxsmb10 - ok
16:28:39.0054 6840 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:28:39.0062 6840 mrxsmb20 - ok
16:28:39.0108 6840 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:28:39.0110 6840 msahci - ok
16:28:39.0159 6840 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:28:39.0161 6840 msdsm - ok
16:28:39.0208 6840 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:28:39.0220 6840 MSDTC - ok
16:28:39.0245 6840 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:28:39.0251 6840 Msfs - ok
16:28:39.0260 6840 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:28:39.0267 6840 mshidkmdf - ok
16:28:39.0274 6840 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:28:39.0275 6840 msisadrv - ok
16:28:39.0333 6840 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:28:39.0341 6840 MSiSCSI - ok
16:28:39.0345 6840 msiserver - ok
16:28:39.0369 6840 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:28:39.0376 6840 MSKSSRV - ok
16:28:39.0394 6840 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:28:39.0401 6840 MSPCLOCK - ok
16:28:39.0420 6840 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:28:39.0426 6840 MSPQM - ok
16:28:39.0463 6840 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:28:39.0468 6840 MsRPC - ok
16:28:39.0476 6840 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:28:39.0477 6840 mssmbios - ok
16:28:39.0495 6840 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:28:39.0502 6840 MSTEE - ok
16:28:39.0511 6840 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:28:39.0549 6840 MTConfig - ok
16:28:39.0575 6840 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:28:39.0576 6840 Mup - ok
16:28:39.0606 6840 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:28:39.0612 6840 napagent - ok
16:28:39.0638 6840 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:28:39.0648 6840 NativeWifiP - ok
16:28:39.0703 6840 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
16:28:39.0711 6840 NDIS - ok
16:28:39.0737 6840 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:28:39.0745 6840 NdisCap - ok
16:28:39.0790 6840 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:28:39.0797 6840 NdisTapi - ok
16:28:39.0851 6840 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:28:39.0858 6840 Ndisuio - ok
16:28:39.0949 6840 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:28:39.0970 6840 NdisWan - ok
16:28:40.0009 6840 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:28:40.0017 6840 NDProxy - ok
16:28:40.0037 6840 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:28:40.0044 6840 NetBIOS - ok
16:28:40.0057 6840 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:28:40.0066 6840 NetBT - ok
16:28:40.0110 6840 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:28:40.0112 6840 Netlogon - ok
16:28:40.0148 6840 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:28:40.0159 6840 Netman - ok
16:28:40.0251 6840 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:28:40.0253 6840 NetMsmqActivator - ok
16:28:40.0257 6840 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:28:40.0258 6840 NetPipeActivator - ok
16:28:40.0289 6840 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:28:40.0294 6840 netprofm - ok
16:28:40.0297 6840 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:28:40.0299 6840 NetTcpActivator - ok
16:28:40.0301 6840 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:28:40.0303 6840 NetTcpPortSharing - ok
16:28:40.0336 6840 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:28:40.0338 6840 nfrd960 - ok
16:28:40.0368 6840 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:28:40.0397 6840 NlaSvc - ok
16:28:40.0632 6840 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
16:28:40.0939 6840 NOBU - ok
16:28:41.0127 6840 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:28:41.0133 6840 Npfs - ok
16:28:41.0147 6840 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:28:41.0153 6840 nsi - ok
16:28:41.0173 6840 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:28:41.0181 6840 nsiproxy - ok
16:28:41.0263 6840 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:28:41.0290 6840 Ntfs - ok
16:28:41.0403 6840 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:28:41.0409 6840 Null - ok
16:28:41.0501 6840 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
16:28:41.0503 6840 NVHDA - ok
16:28:41.0921 6840 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:28:42.0104 6840 nvlddmkm - ok
16:28:42.0270 6840 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:28:42.0272 6840 nvraid - ok
16:28:42.0320 6840 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:28:42.0323 6840 nvstor - ok
16:28:42.0340 6840 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:28:42.0342 6840 nv_agp - ok
16:28:42.0370 6840 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:28:42.0377 6840 ohci1394 - ok
16:28:42.0478 6840 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:28:42.0529 6840 ose - ok
16:28:42.0932 6840 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:28:43.0007 6840 osppsvc - ok
16:28:43.0108 6840 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:28:43.0112 6840 p2pimsvc - ok
16:28:43.0141 6840 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:28:43.0196 6840 p2psvc - ok
16:28:43.0234 6840 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:28:43.0242 6840 Parport - ok
16:28:43.0252 6840 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
16:28:43.0253 6840 partmgr - ok
16:28:43.0290 6840 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:28:43.0304 6840 PcaSvc - ok
16:28:43.0326 6840 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:28:43.0328 6840 pci - ok
16:28:43.0336 6840 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:28:43.0337 6840 pciide - ok
16:28:43.0356 6840 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:28:43.0359 6840 pcmcia - ok
16:28:43.0372 6840 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:28:43.0373 6840 pcw - ok
16:28:43.0395 6840 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:28:43.0407 6840 PEAUTH - ok
16:28:43.0449 6840 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:28:43.0456 6840 PerfHost - ok
16:28:43.0555 6840 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:28:43.0635 6840 pla - ok
16:28:43.0795 6840 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:28:43.0816 6840 PlugPlay - ok
16:28:43.0829 6840 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:28:43.0836 6840 PNRPAutoReg - ok
16:28:43.0849 6840 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:28:43.0851 6840 PNRPsvc - ok
16:28:43.0893 6840 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:28:43.0903 6840 PolicyAgent - ok
16:28:43.0963 6840 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:28:43.0966 6840 Power - ok
16:28:43.0999 6840 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:28:44.0007 6840 PptpMiniport - ok
16:28:44.0017 6840 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:28:44.0024 6840 Processor - ok
16:28:44.0046 6840 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
16:28:44.0055 6840 ProfSvc - ok
16:28:44.0098 6840 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:28:44.0099 6840 ProtectedStorage - ok
16:28:44.0107 6840 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:28:44.0109 6840 Psched - ok
16:28:44.0124 6840 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:28:44.0135 6840 PxHlpa64 - ok
16:28:44.0241 6840 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:28:44.0274 6840 ql2300 - ok
16:28:44.0429 6840 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:28:44.0431 6840 ql40xx - ok
16:28:44.0472 6840 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:28:44.0484 6840 QWAVE - ok
16:28:44.0496 6840 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:28:44.0504 6840 QWAVEdrv - ok
16:28:44.0525 6840 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:28:44.0532 6840 RasAcd - ok
16:28:44.0561 6840 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:28:44.0569 6840 RasAgileVpn - ok
16:28:44.0652 6840 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:28:44.0708 6840 RasAuto - ok
16:28:44.0722 6840 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:28:44.0731 6840 Rasl2tp - ok
16:28:44.0750 6840 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:28:44.0762 6840 RasMan - ok
16:28:44.0791 6840 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:28:44.0801 6840 RasPppoe - ok
16:28:44.0817 6840 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:28:44.0825 6840 RasSstp - ok
16:28:44.0884 6840 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:28:44.0894 6840 rdbss - ok
16:28:44.0920 6840 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
16:28:44.0927 6840 rdpbus - ok
16:28:44.0949 6840 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:28:44.0956 6840 RDPCDD - ok
16:28:44.0961 6840 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:28:44.0968 6840 RDPENCDD - ok
16:28:44.0973 6840 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:28:44.0980 6840 RDPREFMP - ok
16:28:45.0028 6840 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
16:28:45.0037 6840 RDPWD - ok
16:28:45.0049 6840 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:28:45.0052 6840 rdyboost - ok
16:28:45.0112 6840 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:28:45.0121 6840 RemoteAccess - ok
16:28:45.0137 6840 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:28:45.0148 6840 RemoteRegistry - ok
16:28:45.0283 6840 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
16:28:45.0365 6840 RoxMediaDB12OEM - ok
16:28:45.0418 6840 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
16:28:45.0454 6840 RoxWatch12 - ok
16:28:45.0562 6840 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:28:45.0608 6840 RpcEptMapper - ok
16:28:45.0639 6840 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:28:45.0645 6840 RpcLocator - ok
16:28:45.0701 6840 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:28:45.0704 6840 RpcSs - ok
16:28:45.0774 6840 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:28:45.0782 6840 rspndr - ok
16:28:45.0837 6840 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:28:45.0839 6840 SamSs - ok
16:28:45.0927 6840 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
16:28:45.0956 6840 SASDIFSV - ok
16:28:45.0959 6840 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
16:28:45.0970 6840 SASKUTIL - ok
16:28:46.0040 6840 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:28:46.0070 6840 sbp2port - ok
16:28:46.0100 6840 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:28:46.0138 6840 SCardSvr - ok
16:28:46.0173 6840 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:28:46.0181 6840 scfilter - ok
16:28:46.0303 6840 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:28:46.0345 6840 Schedule - ok
16:28:46.0367 6840 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:28:46.0368 6840 SCPolicySvc - ok
16:28:46.0382 6840 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:28:46.0413 6840 SDRSVC - ok
16:28:46.0555 6840 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:28:46.0562 6840 secdrv - ok
16:28:46.0574 6840 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:28:46.0583 6840 seclogon - ok
16:28:46.0592 6840 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:28:46.0594 6840 SENS - ok
16:28:46.0603 6840 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:28:46.0609 6840 SensrSvc - ok
16:28:46.0630 6840 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:28:46.0637 6840 Serenum - ok
16:28:46.0655 6840 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:28:46.0662 6840 Serial - ok
16:28:46.0680 6840 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:28:46.0687 6840 sermouse - ok
16:28:46.0718 6840 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:28:46.0772 6840 SessionEnv - ok
16:28:46.0810 6840 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:28:46.0817 6840 sffdisk - ok
16:28:47.0001 6840 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:28:47.0008 6840 sffp_mmc - ok
16:28:47.0089 6840 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:28:47.0095 6840 sffp_sd - ok
16:28:47.0154 6840 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:28:47.0160 6840 sfloppy - ok
16:28:47.0374 6840 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
16:28:47.0434 6840 SftService - ok
16:28:47.0524 6840 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:28:47.0560 6840 SharedAccess - ok
16:28:47.0610 6840 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:28:47.0622 6840 ShellHWDetection - ok
16:28:47.0640 6840 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:28:47.0641 6840 SiSRaid2 - ok
16:28:47.0653 6840 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:28:47.0654 6840 SiSRaid4 - ok
16:28:47.0703 6840 SmartDefragDriver (dd0443bc6cc78a19fd399817f8c51401) C:\Windows\system32\Drivers\SmartDefragDriver.sys
16:28:47.0704 6840 SmartDefragDriver - ok
16:28:47.0772 6840 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:28:47.0781 6840 Smb - ok
16:28:47.0807 6840 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:28:47.0839 6840 SNMPTRAP - ok
16:28:47.0867 6840 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:28:47.0869 6840 spldr - ok
16:28:47.0885 6840 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:28:47.0899 6840 Spooler - ok
16:28:48.0082 6840 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:28:48.0143 6840 sppsvc - ok
16:28:48.0294 6840 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:28:48.0327 6840 sppuinotify - ok
16:28:48.0460 6840 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:28:48.0472 6840 srv - ok
16:28:48.0486 6840 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:28:48.0496 6840 srv2 - ok
16:28:48.0509 6840 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:28:48.0518 6840 srvnet - ok
16:28:48.0545 6840 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:28:48.0553 6840 SSDPSRV - ok
16:28:48.0570 6840 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:28:48.0600 6840 SstpSvc - ok
16:28:48.0641 6840 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:28:48.0642 6840 stexstor - ok
16:28:48.0675 6840 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:28:48.0716 6840 stisvc - ok
16:28:48.0818 6840 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
16:28:48.0890 6840 stllssvr - ok
16:28:48.0926 6840 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:28:48.0928 6840 swenum - ok
16:28:49.0028 6840 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:28:49.0081 6840 SwitchBoard - ok
16:28:49.0182 6840 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:28:49.0217 6840 swprv - ok
16:28:49.0294 6840 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:28:49.0324 6840 SysMain - ok
16:28:49.0393 6840 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:28:49.0400 6840 TabletInputService - ok
16:28:49.0415 6840 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:28:49.0427 6840 TapiSrv - ok
16:28:49.0436 6840 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:28:49.0438 6840 TBS - ok
16:28:49.0535 6840 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
16:28:49.0603 6840 Tcpip - ok
16:28:50.0106 6840 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
16:28:50.0126 6840 TCPIP6 - ok
16:28:50.0208 6840 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:28:50.0215 6840 tcpipreg - ok
16:28:50.0231 6840 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:28:50.0238 6840 TDPIPE - ok
16:28:50.0296 6840 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:28:50.0302 6840 TDTCP - ok
16:28:50.0324 6840 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:28:50.0332 6840 tdx - ok
16:28:50.0345 6840 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
16:28:50.0346 6840 TermDD - ok
16:28:50.0380 6840 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:28:50.0396 6840 TermService - ok
16:28:50.0410 6840 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:28:50.0419 6840 Themes - ok
16:28:50.0436 6840 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:28:50.0438 6840 THREADORDER - ok
16:28:50.0447 6840 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:28:50.0458 6840 TrkWks - ok
16:28:50.0493 6840 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:28:50.0502 6840 TrustedInstaller - ok
16:28:50.0531 6840 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:28:50.0538 6840 tssecsrv - ok
16:28:50.0559 6840 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:28:50.0567 6840 TsUsbFlt - ok
16:28:50.0576 6840 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
16:28:50.0583 6840 TsUsbGD - ok
16:28:50.0609 6840 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:28:50.0617 6840 tunnel - ok
16:28:50.0639 6840 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:28:50.0640 6840 uagp35 - ok
16:28:50.0660 6840 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:28:50.0670 6840 udfs - ok
16:28:50.0703 6840 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:28:50.0731 6840 UI0Detect - ok
16:28:50.0766 6840 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:28:50.0768 6840 uliagpkx - ok
16:28:50.0792 6840 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:28:50.0801 6840 umbus - ok
16:28:50.0824 6840 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:28:50.0831 6840 UmPass - ok
16:28:50.0862 6840 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:28:50.0892 6840 upnphost - ok
16:28:51.0000 6840 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
16:28:51.0007 6840 USBAAPL64 - ok
16:28:51.0063 6840 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
16:28:51.0071 6840 usbccgp - ok
16:28:51.0104 6840 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:28:51.0113 6840 usbcir - ok
16:28:51.0137 6840 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
16:28:51.0138 6840 usbehci - ok
16:28:51.0234 6840 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys
16:28:51.0238 6840 usbhub - ok
16:28:51.0255 6840 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:28:51.0261 6840 usbohci - ok
16:28:51.0275 6840 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:28:51.0281 6840 usbprint - ok
16:28:51.0302 6840 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:28:51.0309 6840 usbscan - ok
16:28:51.0319 6840 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:28:51.0327 6840 USBSTOR - ok
16:28:51.0346 6840 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:28:51.0353 6840 usbuhci - ok
16:28:51.0387 6840 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:28:51.0396 6840 UxSms - ok
16:28:51.0468 6840 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:28:51.0469 6840 VaultSvc - ok
16:28:51.0516 6840 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:28:51.0517 6840 vdrvroot - ok
16:28:51.0553 6840 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:28:51.0565 6840 vds - ok
16:28:51.0587 6840 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:28:51.0594 6840 vga - ok
16:28:51.0614 6840 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:28:51.0622 6840 VgaSave - ok
16:28:51.0684 6840 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:28:51.0686 6840 vhdmp - ok
16:28:51.0702 6840 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:28:51.0703 6840 viaide - ok
16:28:51.0721 6840 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:28:51.0723 6840 volmgr - ok
16:28:51.0744 6840 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:28:51.0749 6840 volmgrx - ok
16:28:51.0758 6840 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:28:51.0762 6840 volsnap - ok
16:28:51.0775 6840 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:28:51.0777 6840 vsmraid - ok
16:28:51.0828 6840 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:28:51.0920 6840 VSS - ok
16:28:52.0077 6840 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
16:28:52.0085 6840 vwifibus - ok
16:28:52.0103 6840 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:28:52.0157 6840 W32Time - ok
16:28:52.0187 6840 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:28:52.0194 6840 WacomPen - ok
16:28:52.0214 6840 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:28:52.0221 6840 WANARP - ok
16:28:52.0225 6840 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:28:52.0226 6840 Wanarpv6 - ok
16:28:52.0419 6840 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:28:52.0621 6840 WatAdminSvc - ok
16:28:52.0679 6840 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:28:52.0737 6840 wbengine - ok
16:28:52.0877 6840 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:28:52.0886 6840 WbioSrvc - ok
16:28:52.0903 6840 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:28:52.0939 6840 wcncsvc - ok
16:28:52.0965 6840 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:28:53.0000 6840 WcsPlugInService - ok
16:28:53.0093 6840 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:28:53.0095 6840 Wd - ok
16:28:53.0120 6840 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:28:53.0126 6840 Wdf01000 - ok
16:28:53.0139 6840 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:28:53.0174 6840 WdiServiceHost - ok
16:28:53.0176 6840 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:28:53.0178 6840 WdiSystemHost - ok
16:28:53.0211 6840 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:28:53.0220 6840 WebClient - ok
16:28:53.0231 6840 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:28:53.0264 6840 Wecsvc - ok
16:28:53.0377 6840 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:28:53.0379 6840 wercplsupport - ok
16:28:53.0407 6840 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:28:53.0409 6840 WerSvc - ok
16:28:53.0454 6840 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:28:53.0460 6840 WfpLwf - ok
16:28:53.0535 6840 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
16:28:53.0537 6840 WimFltr - ok
16:28:53.0556 6840 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:28:53.0557 6840 WIMMount - ok
16:28:53.0636 6840 WinDefend - ok
16:28:53.0643 6840 WinHttpAutoProxySvc - ok
16:28:53.0728 6840 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:28:53.0757 6840 Winmgmt - ok
16:28:53.0895 6840 WinRing0_1_2_0 (0c0195c48b6b8582fa6f6373032118da) C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys
16:28:53.0944 6840 WinRing0_1_2_0 - ok
16:28:54.0144 6840 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:28:54.0229 6840 WinRM - ok
16:28:54.0516 6840 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:28:54.0523 6840 WinUsb - ok
16:28:54.0608 6840 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:28:54.0646 6840 Wlansvc - ok
16:28:54.0707 6840 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:28:54.0709 6840 wlcrasvc - ok
16:28:54.0847 6840 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:28:55.0110 6840 wlidsvc - ok
16:28:55.0229 6840 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:28:55.0236 6840 WmiAcpi - ok
16:28:55.0277 6840 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:28:55.0307 6840 wmiApSrv - ok
16:28:55.0355 6840 WMPNetworkSvc - ok
16:28:55.0387 6840 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:28:55.0393 6840 WPCSvc - ok
16:28:55.0407 6840 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:28:55.0415 6840 WPDBusEnum - ok
16:28:55.0428 6840 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:28:55.0435 6840 ws2ifsl - ok
16:28:55.0463 6840 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
16:28:55.0470 6840 wscsvc - ok
16:28:55.0474 6840 WSearch - ok
16:28:55.0535 6840 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
16:28:55.0575 6840 wuauserv - ok
16:28:55.0636 6840 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:28:55.0643 6840 WudfPf - ok
16:28:55.0653 6840 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:28:55.0662 6840 WUDFRd - ok
16:28:55.0694 6840 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:28:55.0701 6840 wudfsvc - ok
16:28:55.0717 6840 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:28:55.0788 6840 WwanSvc - ok
16:28:55.0825 6840 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
16:28:55.0910 6840 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
16:28:55.0910 6840 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
16:28:55.0974 6840 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:28:55.0974 6840 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:28:55.0978 6840 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
16:28:56.0091 6840 \Device\Harddisk1\DR1 - ok
16:28:56.0094 6840 Boot (0x1200) (dc934c74b2585379e3dfb1188432c7fc) \Device\Harddisk0\DR0\Partition0
16:28:56.0095 6840 \Device\Harddisk0\DR0\Partition0 - ok
16:28:56.0105 6840 Boot (0x1200) (7ec8d00eebb419f580927c7880f793fe) \Device\Harddisk0\DR0\Partition1
16:28:56.0106 6840 \Device\Harddisk0\DR0\Partition1 - ok
16:28:56.0109 6840 Boot (0x1200) (58299b799d6b4effc6d9bd70558c30d1) \Device\Harddisk1\DR1\Partition0
16:28:56.0110 6840 \Device\Harddisk1\DR1\Partition0 - ok
16:28:56.0113 6840 Boot (0x1200) (71bbcde695ec746496f91f61f3b7f1b3) \Device\Harddisk1\DR1\Partition1
16:28:56.0115 6840 \Device\Harddisk1\DR1\Partition1 - ok
16:28:56.0115 6840 ============================================================
16:28:56.0115 6840 Scan finished
16:28:56.0115 6840 ============================================================
16:28:56.0123 7100 Detected object count: 2
16:28:56.0123 7100 Actual detected object count: 2
16:29:28.0758 7100 \Device\Harddisk0\DR0\# - copied to quarantine
16:29:28.0759 7100 \Device\Harddisk0\DR0 - copied to quarantine
16:29:28.0828 7100 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
16:29:28.0831 7100 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
16:29:28.0859 7100 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
16:29:28.0864 7100 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
16:29:28.0876 7100 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
16:29:28.0907 7100 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
16:29:28.0908 7100 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
16:29:28.0909 7100 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
16:29:28.0910 7100 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
16:29:28.0911 7100 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
16:29:28.0913 7100 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
16:29:28.0914 7100 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
16:29:28.0915 7100 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
16:29:28.0916 7100 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
16:29:28.0927 7100 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
16:29:28.0928 7100 \Device\Harddisk0\DR0 - ok
16:29:28.0996 7100 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
16:29:28.0997 7100 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:29:28.0997 7100 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
16:29:52.0194 3540 Deinitialize success

#4 Rendlog82

Rendlog82
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 07 August 2012 - 07:44 PM

aswMBR log: I just exited after scan was done

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-07 16:30:30
-----------------------------
16:30:30.472 OS Version: Windows x64 6.1.7601 Service Pack 1
16:30:30.472 Number of processors: 2 586 0x2505
16:30:30.474 ComputerName: RYAN-PC UserName: Ryan
16:30:31.455 Initialize success
16:31:14.283 AVAST engine defs: 12080701
16:31:19.012 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:31:19.014 Disk 0 Vendor: ST3500413AS JC47 Size: 476940MB BusType: 3
16:31:19.015 Device \Driver\atapi -> MajorFunction fffffa8004ad45e8
16:31:19.038 Disk 0 MBR read successfully
16:31:19.040 Disk 0 MBR scan
16:31:19.043 Disk 0 Windows VISTA default MBR code
16:31:19.045 Disk 0 MBR hidden
16:31:19.047 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
16:31:19.055 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 14142 MB offset 81920
16:31:19.068 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 462757 MB offset 29044736
16:31:19.135 Disk 0 scanning C:\Windows\system32\drivers
16:31:32.040 Service scanning
16:31:58.388 Modules scanning
16:31:58.393 Disk 0 trace - called modules:
16:31:58.399 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80062b27a0]<<65163298.sys >>UNKNOWN [0xfffffa8004ad45e8]<<
16:31:58.402 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a13060]
16:31:58.405 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa800453e670]
16:31:58.408 5 ACPI.sys[fffff88000f527a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004543060]
16:31:58.412 \Driver\atapi[0xfffffa800457ee70] -> IRP_MJ_CREATE -> 0xfffffa8004ad45e8
16:32:01.869 AVAST engine scan C:\Windows
16:32:07.601 AVAST engine scan C:\Windows\system32
16:37:49.815 AVAST engine scan C:\Windows\system32\drivers
16:38:05.415 AVAST engine scan C:\Users\Ryan
18:05:36.882 AVAST engine scan C:\ProgramData
18:10:40.088 Scan finished successfully
18:12:40.909 Disk 0 MBR has been saved successfully to "C:\Users\Ryan\Documents\MBR.dat"
18:12:40.913 The log file has been saved successfully to "C:\Users\Ryan\Documents\aswMBR.txt"

#5 Rendlog82

Rendlog82
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 08 August 2012 - 02:16 AM

ESET log:

C:\Program Files (x86)\DealPly\vn-zugo.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric1.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.08.2012_16.27.42\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.08.2012_16.27.42\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.08.2012_16.27.42\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.08.2012_16.27.42\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.08.2012_16.27.42\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.LA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.08.2012_16.27.42\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.08.2012_16.27.42\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\07.08.2012_16.27.42\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.03.2012_13.17.15\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\27.03.2012_13.30.11\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\Windows\Temp\Main.class a variant of Java/Exploit.CVE-2011-3544.BK trojan cleaned by deleting - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:26 PM

Posted 08 August 2012 - 06:03 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

post the generated log

Edited by narenxp, 08 August 2012 - 06:03 AM.


#7 Rendlog82

Rendlog82
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 08 August 2012 - 04:45 PM

Mini Tools log:


MiniToolBox by Farbar Version: 23-07-2012
Ran by Ryan (administrator) on 08-08-2012 at 16:18:45
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


94.63.147.16 www.google.com
94.63.147.17 www.bing.com


========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Ryan-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 78-2B-CB-96-59-3C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b9f8:71c7:a027:2848%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, August 08, 2012 4:13:29 PM
Lease Expires . . . . . . . . . . : Thursday, August 09, 2012 4:13:28 PM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 242756555
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-93-CF-2B-78-2B-CB-96-59-3C
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{F4A1FE04-C926-48B3-90C3-B7DEAD7225DD}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 10.0.0.1

Name: google.com
Addresses: 2607:f8b0:4009:800::1002
74.125.225.41
74.125.225.32
74.125.225.34
74.125.225.36
74.125.225.46
74.125.225.33
74.125.225.39
74.125.225.40
74.125.225.35
74.125.225.38
74.125.225.37


Pinging google.com [74.125.225.37] with 32 bytes of data:
Reply from 74.125.225.37: bytes=32 time=7ms TTL=57
Reply from 74.125.225.37: bytes=32 time=8ms TTL=57

Ping statistics for 74.125.225.37:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 7ms, Maximum = 8ms, Average = 7ms
Server: UnKnown
Address: 10.0.0.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=57ms TTL=54
Reply from 72.30.38.140: bytes=32 time=60ms TTL=54

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 57ms, Maximum = 60ms, Average = 58ms
Server: UnKnown
Address: 10.0.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...78 2b cb 96 59 3c ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.4 20
10.0.0.0 255.255.255.0 On-link 10.0.0.4 276
10.0.0.4 255.255.255.255 On-link 10.0.0.4 276
10.0.0.255 255.255.255.255 On-link 10.0.0.4 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.4 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.4 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::b9f8:71c7:a027:2848/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/08/2012 04:14:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2012 11:45:16 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/08/2012 09:18:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8034

Error: (08/08/2012 09:18:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8034

Error: (08/08/2012 09:18:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/08/2012 09:18:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7035

Error: (08/08/2012 09:18:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7035

Error: (08/08/2012 09:18:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/08/2012 09:18:12 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6021

Error: (08/08/2012 09:18:12 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6021


System errors:
=============
Error: (08/08/2012 04:15:49 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (08/08/2012 04:15:49 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (08/08/2012 04:15:49 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (08/08/2012 04:15:49 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (08/08/2012 04:15:49 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (08/08/2012 04:15:49 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (08/08/2012 04:15:49 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (08/08/2012 04:15:49 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (08/08/2012 04:15:38 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (08/08/2012 04:15:38 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (08/08/2012 04:14:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2012 11:45:16 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Ryan\Downloads\esetsmartinstaller_enu.exe

Error: (08/08/2012 09:18:14 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8034

Error: (08/08/2012 09:18:14 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8034

Error: (08/08/2012 09:18:14 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/08/2012 09:18:13 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7035

Error: (08/08/2012 09:18:13 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7035

Error: (08/08/2012 09:18:13 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/08/2012 09:18:12 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6021

Error: (08/08/2012 09:18:12 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6021


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
7-Zip 9.20
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Creative Suite 5.5 Master Collection (Version: 5.5)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.3.300.270)
Adobe Reader X (10.1.2) MUI (Version: 10.1.2)
Adobe Story (Version: 1.0.571)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.938.1)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70611.1329)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.1913)
Bonjour (Version: 3.0.0.10)
BOSS (Version: 2.1.0)
BSR Screen Recorder 5
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0611.1251.21046)
Catalyst Control Center Graphics Previews Common (Version: 2012.0611.1251.21046)
Catalyst Control Center InstallProxy (Version: 2012.0611.1251.21046)
Catalyst Control Center Localization All (Version: 2012.0611.1251.21046)
ccc-utility64 (Version: 2012.0611.1251.21046)
CCC Help Chinese Standard (Version: 2012.0611.1250.21046)
CCC Help Chinese Traditional (Version: 2012.0611.1250.21046)
CCC Help Czech (Version: 2012.0611.1250.21046)
CCC Help Danish (Version: 2012.0611.1250.21046)
CCC Help Dutch (Version: 2012.0611.1250.21046)
CCC Help English (Version: 2012.0611.1250.21046)
CCC Help Finnish (Version: 2012.0611.1250.21046)
CCC Help French (Version: 2012.0611.1250.21046)
CCC Help German (Version: 2012.0611.1250.21046)
CCC Help Greek (Version: 2012.0611.1250.21046)
CCC Help Hungarian (Version: 2012.0611.1250.21046)
CCC Help Italian (Version: 2012.0611.1250.21046)
CCC Help Japanese (Version: 2012.0611.1250.21046)
CCC Help Korean (Version: 2012.0611.1250.21046)
CCC Help Norwegian (Version: 2012.0611.1250.21046)
CCC Help Polish (Version: 2012.0611.1250.21046)
CCC Help Portuguese (Version: 2012.0611.1250.21046)
CCC Help Russian (Version: 2012.0611.1250.21046)
CCC Help Spanish (Version: 2012.0611.1250.21046)
CCC Help Swedish (Version: 2012.0611.1250.21046)
CCC Help Thai (Version: 2012.0611.1250.21046)
CCC Help Turkish (Version: 2012.0611.1250.21046)
Consumer In-Home Service Agreement (Version: 2.0.0)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.40.2.0131)
Dead Rising 2: Off The Record (Version: 1.0.0001.131)
DealPly (Version: )
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell DataSafe Online (Version: 2.1.19634)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Marketplace Webslice IE8 (Version: 8.0)
Dell MusicStage (Version: 1.4.162.0)
Dell Photo AIO Printer 924
Dell PhotoStage (Version: 1.5.0.30)
Dell Stage (Version: 1.5.420.0)
Dell VideoStage (Version: 1.1.1.1408)
DirectX 9 Runtime (Version: 1.00.0000)
DiskAid 4.72 (Version: 4.72)
Dragon Age II (Version: 1.03)
Dragon Age: Origins (Version: 1.00)
Dropbox (Version: 1.4.7)
Escape From Horrorland
ESET Online Scanner v3
Explorer Suite III
Fallout New Vegas (Version: 1.4.0.525)
ffdshow [rev 3154] [2009-12-09] (Version: 1.0)
Fraps
Game Booster 3 (Version: 3.5)
Google Chrome (Version: 21.0.1180.60)
Google Update Helper (Version: 1.3.21.115)
GoToAssist 8.0.0.514
Granny Crowd Scene 2.7.0.9 (Version: 2.7.0.9)
iCloud (Version: 1.1.0.40)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2104)
Internet Explorer (Version: 8)
Internet TV for Windows Media Center (Version: 4.2.2.0)
iRip (Version: 1.1.0)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
LEGO® Harry Potter™: Years 1-4 (Version: 1.0.0.0)
LEGO® Harry Potter™: Years 5-7 (Version: 1.0.0.0)
Life Quest 2 - Metropoville (Version: 1.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Morrowind
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.6.915.87)
Myst III: Exile
Nancy Drew - The Captive Curse (Version: 1.0)
Nancy Drew: Alibi in Ashes
Network Play System (Patching)
Nexus Mod Manager (Version: 0.19.0)
NVIDIA HD Audio Driver 1.2.23.3 (Version: 1.2.23.3)
NVIDIA Install Application (Version: 2.275.80.0)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Texture Tools 2 - 64 bit (Version: 2.0)
Oblivion - Horse Armor Pack (Version: 1.00.0000)
Oblivion - Knights of the Nine (Version: 1.00.0000)
Oblivion - Mehrunes Razor (Version: 1.00.0000)
Oblivion - Orrery (Version: 1.00.0000)
Oblivion - Spell Tomes (Version: 1.00.0000)
Oblivion - Thieves Den (Version: 1.00.0000)
Oblivion - Vile Lair (Version: 1.00.0000)
Oblivion - Wizard's Tower (Version: 1.00.0000)
Oblivion (Version: 1.00.0000)
Oblivion mod manager 1.1.12
Origin (Version: 8.5.0.4554)
PDF Settings CS5 (Version: 10.0)
PhotoShowExpress (Version: 2.0.063)
PxMergeModule (Version: 1.00.0000)
Python 2.7 comtypes-0.6.2
Python 2.7 pywin32-216
Python 2.7.2 (Version: 2.7.2150)
QuickTime (Version: 7.72.80.56)
R4Ge'S DATR 4.52
RBVirtualFolder64Inst (Version: 1.00.0000)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.6043)
RealUpgrade 1.1 (Version: 1.1.0)
RollerCoaster Tycoon 2
RollerCoaster Tycoon 2: Time Twister (Version: 1.00.000)
RollerCoaster Tycoon 2: Wacky Worlds
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
s3pe - Sims3 Package Editor (x64) (Version: 11-1001-1447)
SimPE 0.72 (alpha)
Sims 2 Collection Creator v2.01
Sims2Pack Clean Installer
Singles2 (Version: 1.4)
SlimDX Redistributable (March 2009) (Version: 2.0.7.41)
Smart Defrag 2 (Version: 2.3)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SPORE™ (Version: 1.05.0001)
SPORE™ Creepy & Cute Parts Pack (Version: 1.00.0000)
SPORE™ Galactic Adventures (Version: 1.01.0001)
Spotify (Version: 0.8.4.107.g4fa0003f)
Spybot - Search & Destroy (Version: 1.6.2)
SUPERAntiSpyware (Version: 5.0.1146)
System Requirements Lab CYRI (Version: 4.5.1.0)
TES Construction Set
The Sims 2 Family Fun Stuff
The Sims 2 Glamour Life Stuff
The Sims 2 Nightlife
The Sims 2 Open For Business
The Sims 2 Pets
The Sims 2 University
The Sims Makin' Magic
The Sims Medieval (Version: 1.3.13)
The Sims™ 2 Apartment Life
The Sims™ 2 Bon Voyage (Version: 1.0.0.0)
The Sims™ 2 Celebration! Stuff
The Sims™ 2 FreeTime
The Sims™ 2 H&M® Fashion Stuff
The Sims™ 2 IKEA® Home Stuff
The Sims™ 2 Kitchen & Bath Interior Design Stuff
The Sims™ 2 Mansion and Garden Stuff
The Sims™ 2 Seasons
The Sims™ 2 Teen Style Stuff
The Sims™ 3 (Version: 1.36.45)
The Sims™ 3 Ambitions (Version: 4.0.87)
The Sims™ 3 Fast Lane Stuff (Version: 5.0.44)
The Sims™ 3 Generations (Version: 8.0.152)
The Sims™ 3 High-End Loft Stuff (Version: 3.0.38)
The Sims™ 3 Late Night (Version: 6.5.1)
The Sims™ 3 Outdoor Living Stuff (Version: 7.0.55)
The Sims™ 3 Pets (Version: 10.0.96)
The Sims™ 3 Showtime (Version: 12.0.273)
The Sims™ 3 World Adventures (Version: 2.0.86)
TransMac version 9.1 (Version: 9.1)
TrustedID (Version: 5.0)
TSR RigFix (Version: 1.0.6)
TSR Workshop (Version: 2.0.19)
Unity Web Player (Version: )
Unofficial Oblivion Patch v3.2.0 (Version: 3.2.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC (Version: 1.0.0.0)
VLC media player 1.1.5 (Version: 1.1.5)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
WinRAR archiver
WinZip 15.5 (Version: 15.5.9579)
Wrye Bash (Version: 2.9.4.2)
wxPython 2.8.12.1 (ansi) for Python 2.7 (Version: 2.8.12.1-ansi)
Zoo Tycoon 2 - Extinct Animals (Version: 1.00.0000)
Zoo Tycoon 2 Endangered Species

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 3959.12 MB
Available physical RAM: 2309.59 MB
Total Pagefile: 7916.43 MB
Available Pagefile: 5871.62 MB
Total Virtual: 4095.88 MB
Available Virtual: 3955.16 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.91 GB) (Free:101.92 GB) NTFS
2 Drive d: (THESIMSEP7) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS
8 Drive j: (New Volume) (Fixed) (Total:1862.82 GB) (Free:1647.11 GB) NTFS

========================= Users: ========================================

User accounts for \\RYAN-PC

Administrator Guest Mcx1-RYAN-PC
Ryan


**** End of log ****

#8 Rendlog82

Rendlog82
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 08 August 2012 - 04:46 PM

FSS Log:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Ryan (administrator) on 08-08-2012 at 16:18:45
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


94.63.147.16 www.google.com
94.63.147.17 www.bing.com


========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Ryan-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 78-2B-CB-96-59-3C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b9f8:71c7:a027:2848%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, August 08, 2012 4:13:29 PM
Lease Expires . . . . . . . . . . : Thursday, August 09, 2012 4:13:28 PM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 242756555
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-93-CF-2B-78-2B-CB-96-59-3C
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{F4A1FE04-C926-48B3-90C3-B7DEAD7225DD}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 10.0.0.1

Name: google.com
Addresses: 2607:f8b0:4009:800::1002
74.125.225.41
74.125.225.32
74.125.225.34
74.125.225.36
74.125.225.46
74.125.225.33
74.125.225.39
74.125.225.40
74.125.225.35
74.125.225.38
74.125.225.37


Pinging google.com [74.125.225.37] with 32 bytes of data:
Reply from 74.125.225.37: bytes=32 time=7ms TTL=57
Reply from 74.125.225.37: bytes=32 time=8ms TTL=57

Ping statistics for 74.125.225.37:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 7ms, Maximum = 8ms, Average = 7ms
Server: UnKnown
Address: 10.0.0.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=57ms TTL=54
Reply from 72.30.38.140: bytes=32 time=60ms TTL=54

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 57ms, Maximum = 60ms, Average = 58ms
Server: UnKnown
Address: 10.0.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...78 2b cb 96 59 3c ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.4 20
10.0.0.0 255.255.255.0 On-link 10.0.0.4 276
10.0.0.4 255.255.255.255 On-link 10.0.0.4 276
10.0.0.255 255.255.255.255 On-link 10.0.0.4 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.4 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.4 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::b9f8:71c7:a027:2848/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/08/2012 04:14:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2012 11:45:16 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/08/2012 09:18:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8034

Error: (08/08/2012 09:18:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8034

Error: (08/08/2012 09:18:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/08/2012 09:18:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7035

Error: (08/08/2012 09:18:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7035

Error: (08/08/2012 09:18:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/08/2012 09:18:12 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6021

Error: (08/08/2012 09:18:12 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6021


System errors:
=============
Error: (08/08/2012 04:15:49 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (08/08/2012 04:15:49 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (08/08/2012 04:15:49 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (08/08/2012 04:15:49 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (08/08/2012 04:15:49 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (08/08/2012 04:15:49 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (08/08/2012 04:15:49 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (08/08/2012 04:15:49 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (08/08/2012 04:15:38 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (08/08/2012 04:15:38 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (08/08/2012 04:14:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2012 11:45:16 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Ryan\Downloads\esetsmartinstaller_enu.exe

Error: (08/08/2012 09:18:14 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8034

Error: (08/08/2012 09:18:14 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8034

Error: (08/08/2012 09:18:14 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/08/2012 09:18:13 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7035

Error: (08/08/2012 09:18:13 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7035

Error: (08/08/2012 09:18:13 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/08/2012 09:18:12 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6021

Error: (08/08/2012 09:18:12 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6021


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
7-Zip 9.20
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Creative Suite 5.5 Master Collection (Version: 5.5)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.3.300.270)
Adobe Reader X (10.1.2) MUI (Version: 10.1.2)
Adobe Story (Version: 1.0.571)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.938.1)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70611.1329)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.1913)
Bonjour (Version: 3.0.0.10)
BOSS (Version: 2.1.0)
BSR Screen Recorder 5
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0611.1251.21046)
Catalyst Control Center Graphics Previews Common (Version: 2012.0611.1251.21046)
Catalyst Control Center InstallProxy (Version: 2012.0611.1251.21046)
Catalyst Control Center Localization All (Version: 2012.0611.1251.21046)
ccc-utility64 (Version: 2012.0611.1251.21046)
CCC Help Chinese Standard (Version: 2012.0611.1250.21046)
CCC Help Chinese Traditional (Version: 2012.0611.1250.21046)
CCC Help Czech (Version: 2012.0611.1250.21046)
CCC Help Danish (Version: 2012.0611.1250.21046)
CCC Help Dutch (Version: 2012.0611.1250.21046)
CCC Help English (Version: 2012.0611.1250.21046)
CCC Help Finnish (Version: 2012.0611.1250.21046)
CCC Help French (Version: 2012.0611.1250.21046)
CCC Help German (Version: 2012.0611.1250.21046)
CCC Help Greek (Version: 2012.0611.1250.21046)
CCC Help Hungarian (Version: 2012.0611.1250.21046)
CCC Help Italian (Version: 2012.0611.1250.21046)
CCC Help Japanese (Version: 2012.0611.1250.21046)
CCC Help Korean (Version: 2012.0611.1250.21046)
CCC Help Norwegian (Version: 2012.0611.1250.21046)
CCC Help Polish (Version: 2012.0611.1250.21046)
CCC Help Portuguese (Version: 2012.0611.1250.21046)
CCC Help Russian (Version: 2012.0611.1250.21046)
CCC Help Spanish (Version: 2012.0611.1250.21046)
CCC Help Swedish (Version: 2012.0611.1250.21046)
CCC Help Thai (Version: 2012.0611.1250.21046)
CCC Help Turkish (Version: 2012.0611.1250.21046)
Consumer In-Home Service Agreement (Version: 2.0.0)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.40.2.0131)
Dead Rising 2: Off The Record (Version: 1.0.0001.131)
DealPly (Version: )
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell DataSafe Online (Version: 2.1.19634)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Marketplace Webslice IE8 (Version: 8.0)
Dell MusicStage (Version: 1.4.162.0)
Dell Photo AIO Printer 924
Dell PhotoStage (Version: 1.5.0.30)
Dell Stage (Version: 1.5.420.0)
Dell VideoStage (Version: 1.1.1.1408)
DirectX 9 Runtime (Version: 1.00.0000)
DiskAid 4.72 (Version: 4.72)
Dragon Age II (Version: 1.03)
Dragon Age: Origins (Version: 1.00)
Dropbox (Version: 1.4.7)
Escape From Horrorland
ESET Online Scanner v3
Explorer Suite III
Fallout New Vegas (Version: 1.4.0.525)
ffdshow [rev 3154] [2009-12-09] (Version: 1.0)
Fraps
Game Booster 3 (Version: 3.5)
Google Chrome (Version: 21.0.1180.60)
Google Update Helper (Version: 1.3.21.115)
GoToAssist 8.0.0.514
Granny Crowd Scene 2.7.0.9 (Version: 2.7.0.9)
iCloud (Version: 1.1.0.40)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2104)
Internet Explorer (Version: 8)
Internet TV for Windows Media Center (Version: 4.2.2.0)
iRip (Version: 1.1.0)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
LEGO® Harry Potter™: Years 1-4 (Version: 1.0.0.0)
LEGO® Harry Potter™: Years 5-7 (Version: 1.0.0.0)
Life Quest 2 - Metropoville (Version: 1.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Morrowind
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.6.915.87)
Myst III: Exile
Nancy Drew - The Captive Curse (Version: 1.0)
Nancy Drew: Alibi in Ashes
Network Play System (Patching)
Nexus Mod Manager (Version: 0.19.0)
NVIDIA HD Audio Driver 1.2.23.3 (Version: 1.2.23.3)
NVIDIA Install Application (Version: 2.275.80.0)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Texture Tools 2 - 64 bit (Version: 2.0)
Oblivion - Horse Armor Pack (Version: 1.00.0000)
Oblivion - Knights of the Nine (Version: 1.00.0000)
Oblivion - Mehrunes Razor (Version: 1.00.0000)
Oblivion - Orrery (Version: 1.00.0000)
Oblivion - Spell Tomes (Version: 1.00.0000)
Oblivion - Thieves Den (Version: 1.00.0000)
Oblivion - Vile Lair (Version: 1.00.0000)
Oblivion - Wizard's Tower (Version: 1.00.0000)
Oblivion (Version: 1.00.0000)
Oblivion mod manager 1.1.12
Origin (Version: 8.5.0.4554)
PDF Settings CS5 (Version: 10.0)
PhotoShowExpress (Version: 2.0.063)
PxMergeModule (Version: 1.00.0000)
Python 2.7 comtypes-0.6.2
Python 2.7 pywin32-216
Python 2.7.2 (Version: 2.7.2150)
QuickTime (Version: 7.72.80.56)
R4Ge'S DATR 4.52
RBVirtualFolder64Inst (Version: 1.00.0000)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.6043)
RealUpgrade 1.1 (Version: 1.1.0)
RollerCoaster Tycoon 2
RollerCoaster Tycoon 2: Time Twister (Version: 1.00.000)
RollerCoaster Tycoon 2: Wacky Worlds
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
s3pe - Sims3 Package Editor (x64) (Version: 11-1001-1447)
SimPE 0.72 (alpha)
Sims 2 Collection Creator v2.01
Sims2Pack Clean Installer
Singles2 (Version: 1.4)
SlimDX Redistributable (March 2009) (Version: 2.0.7.41)
Smart Defrag 2 (Version: 2.3)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SPORE™ (Version: 1.05.0001)
SPORE™ Creepy & Cute Parts Pack (Version: 1.00.0000)
SPORE™ Galactic Adventures (Version: 1.01.0001)
Spotify (Version: 0.8.4.107.g4fa0003f)
Spybot - Search & Destroy (Version: 1.6.2)
SUPERAntiSpyware (Version: 5.0.1146)
System Requirements Lab CYRI (Version: 4.5.1.0)
TES Construction Set
The Sims 2 Family Fun Stuff
The Sims 2 Glamour Life Stuff
The Sims 2 Nightlife
The Sims 2 Open For Business
The Sims 2 Pets
The Sims 2 University
The Sims Makin' Magic
The Sims Medieval (Version: 1.3.13)
The Sims™ 2 Apartment Life
The Sims™ 2 Bon Voyage (Version: 1.0.0.0)
The Sims™ 2 Celebration! Stuff
The Sims™ 2 FreeTime
The Sims™ 2 H&M® Fashion Stuff
The Sims™ 2 IKEA® Home Stuff
The Sims™ 2 Kitchen & Bath Interior Design Stuff
The Sims™ 2 Mansion and Garden Stuff
The Sims™ 2 Seasons
The Sims™ 2 Teen Style Stuff
The Sims™ 3 (Version: 1.36.45)
The Sims™ 3 Ambitions (Version: 4.0.87)
The Sims™ 3 Fast Lane Stuff (Version: 5.0.44)
The Sims™ 3 Generations (Version: 8.0.152)
The Sims™ 3 High-End Loft Stuff (Version: 3.0.38)
The Sims™ 3 Late Night (Version: 6.5.1)
The Sims™ 3 Outdoor Living Stuff (Version: 7.0.55)
The Sims™ 3 Pets (Version: 10.0.96)
The Sims™ 3 Showtime (Version: 12.0.273)
The Sims™ 3 World Adventures (Version: 2.0.86)
TransMac version 9.1 (Version: 9.1)
TrustedID (Version: 5.0)
TSR RigFix (Version: 1.0.6)
TSR Workshop (Version: 2.0.19)
Unity Web Player (Version: )
Unofficial Oblivion Patch v3.2.0 (Version: 3.2.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC (Version: 1.0.0.0)
VLC media player 1.1.5 (Version: 1.1.5)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
WinRAR archiver
WinZip 15.5 (Version: 15.5.9579)
Wrye Bash (Version: 2.9.4.2)
wxPython 2.8.12.1 (ansi) for Python 2.7 (Version: 2.8.12.1-ansi)
Zoo Tycoon 2 - Extinct Animals (Version: 1.00.0000)
Zoo Tycoon 2 Endangered Species

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 3959.12 MB
Available physical RAM: 2309.59 MB
Total Pagefile: 7916.43 MB
Available Pagefile: 5871.62 MB
Total Virtual: 4095.88 MB
Available Virtual: 3955.16 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.91 GB) (Free:101.92 GB) NTFS
2 Drive d: (THESIMSEP7) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS
8 Drive j: (New Volume) (Fixed) (Total:1862.82 GB) (Free:1647.11 GB) NTFS

========================= Users: ========================================

User accounts for \\RYAN-PC

Administrator Guest Mcx1-RYAN-PC
Ryan


**** End of log ****

#9 Rendlog82

Rendlog82
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 08 August 2012 - 04:47 PM

Cant find adwcleaner log though...

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:26 PM

Posted 09 August 2012 - 12:38 AM

I want you to run TDSSkiller and ASWMBR again and post the new logs

#11 Rendlog82

Rendlog82
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 09 August 2012 - 11:56 AM

TDSS Log:

01:49:35.0118 5436 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
01:49:35.0383 5436 ============================================================
01:49:35.0399 5436 Current date / time: 2012/08/09 01:49:35.0383
01:49:35.0399 5436 SystemInfo:
01:49:35.0399 5436
01:49:35.0399 5436 OS Version: 6.1.7601 ServicePack: 1.0
01:49:35.0399 5436 Product type: Workstation
01:49:35.0399 5436 ComputerName: RYAN-PC
01:49:35.0399 5436 UserName: Ryan
01:49:35.0399 5436 Windows directory: C:\Windows
01:49:35.0399 5436 System windows directory: C:\Windows
01:49:35.0399 5436 Running under WOW64
01:49:35.0399 5436 Processor architecture: Intel x64
01:49:35.0399 5436 Number of processors: 2
01:49:35.0399 5436 Page size: 0x1000
01:49:35.0399 5436 Boot type: Normal boot
01:49:35.0399 5436 ============================================================
01:49:37.0146 5436 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:49:37.0146 5436 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C0F00000 (1863.01 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
01:49:37.0162 5436 ============================================================
01:49:37.0162 5436 \Device\Harddisk0\DR0:
01:49:37.0177 5436 MBR partitions:
01:49:37.0177 5436 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1B9F000
01:49:37.0177 5436 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1BB3000, BlocksNum 0x387D2800
01:49:37.0177 5436 \Device\Harddisk1\DR1:
01:49:37.0177 5436 GPT partitions:
01:49:37.0177 5436 \Device\Harddisk1\DR1\Partition0: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {8B07B285-E7FA-4BC6-93A0-C5F0C8C69A61}, Name: EFI System Partition, StartLBA 0x28, BlocksNum 0x64000
01:49:37.0177 5436 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {02DC55DF-2A5C-4888-80A6-764B588E92B1}, Name: Basic data partition, StartLBA 0x64800, BlocksNum 0xE8DA2800
01:49:37.0177 5436 MBR partitions:
01:49:37.0177 5436 ============================================================
01:49:37.0271 5436 C: <-> \Device\Harddisk0\DR0\Partition1
01:49:37.0286 5436 J: <-> \Device\Harddisk1\DR1\Partition1
01:49:37.0286 5436 ============================================================
01:49:37.0286 5436 Initialize success
01:49:37.0286 5436 ============================================================
01:49:43.0792 3672 ============================================================
01:49:43.0792 3672 Scan started
01:49:43.0792 3672 Mode: Manual; TDLFS;
01:49:43.0792 3672 ============================================================
01:49:46.0631 3672 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
01:49:46.0631 3672 !SASCORE - ok
01:49:46.0709 3672 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
01:49:46.0724 3672 1394ohci - ok
01:49:46.0740 3672 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
01:49:46.0740 3672 ACPI - ok
01:49:46.0771 3672 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
01:49:46.0771 3672 AcpiPmi - ok
01:49:46.0912 3672 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:49:46.0912 3672 AdobeARMservice - ok
01:49:47.0021 3672 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:49:47.0036 3672 AdobeFlashPlayerUpdateSvc - ok
01:49:47.0052 3672 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
01:49:47.0068 3672 adp94xx - ok
01:49:47.0114 3672 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
01:49:47.0114 3672 adpahci - ok
01:49:47.0130 3672 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
01:49:47.0130 3672 adpu320 - ok
01:49:47.0161 3672 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
01:49:47.0161 3672 AeLookupSvc - ok
01:49:47.0224 3672 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
01:49:47.0224 3672 AFD - ok
01:49:47.0239 3672 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
01:49:47.0239 3672 agp440 - ok
01:49:47.0255 3672 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
01:49:47.0255 3672 ALG - ok
01:49:47.0286 3672 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
01:49:47.0286 3672 aliide - ok
01:49:47.0317 3672 AMD External Events Utility (9c616ba191b80f5cd1a1b9553e107100) C:\Windows\system32\atiesrxx.exe
01:49:47.0333 3672 AMD External Events Utility - ok
01:49:47.0348 3672 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
01:49:47.0348 3672 amdide - ok
01:49:47.0364 3672 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
01:49:47.0364 3672 AmdK8 - ok
01:49:47.0598 3672 amdkmdag (5165e83751b8ff40e5e4925996fcc506) C:\Windows\system32\DRIVERS\atikmdag.sys
01:49:47.0879 3672 amdkmdag - ok
01:49:47.0988 3672 amdkmdap (86ab3cf484260c4318f3a6e8b035f422) C:\Windows\system32\DRIVERS\atikmpag.sys
01:49:47.0988 3672 amdkmdap - ok
01:49:48.0019 3672 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
01:49:48.0019 3672 AmdPPM - ok
01:49:48.0066 3672 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
01:49:48.0066 3672 amdsata - ok
01:49:48.0082 3672 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
01:49:48.0082 3672 amdsbs - ok
01:49:48.0113 3672 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
01:49:48.0113 3672 amdxata - ok
01:49:48.0144 3672 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
01:49:48.0144 3672 AppID - ok
01:49:48.0175 3672 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
01:49:48.0175 3672 AppIDSvc - ok
01:49:48.0175 3672 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
01:49:48.0175 3672 Appinfo - ok
01:49:48.0300 3672 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:49:48.0300 3672 Apple Mobile Device - ok
01:49:48.0347 3672 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
01:49:48.0347 3672 arc - ok
01:49:48.0362 3672 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
01:49:48.0362 3672 arcsas - ok
01:49:48.0440 3672 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:49:48.0472 3672 aspnet_state - ok
01:49:48.0472 3672 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
01:49:48.0487 3672 AsyncMac - ok
01:49:48.0487 3672 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
01:49:48.0487 3672 atapi - ok
01:49:48.0534 3672 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
01:49:48.0534 3672 AudioEndpointBuilder - ok
01:49:48.0534 3672 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
01:49:48.0550 3672 AudioSrv - ok
01:49:48.0815 3672 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
01:49:48.0908 3672 AVGIDSAgent - ok
01:49:49.0018 3672 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
01:49:49.0018 3672 AVGIDSDriver - ok
01:49:49.0049 3672 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
01:49:49.0049 3672 AVGIDSEH - ok
01:49:49.0064 3672 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
01:49:49.0064 3672 AVGIDSFilter - ok
01:49:49.0111 3672 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
01:49:49.0111 3672 Avgldx64 - ok
01:49:49.0127 3672 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
01:49:49.0127 3672 Avgmfx64 - ok
01:49:49.0174 3672 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
01:49:49.0174 3672 Avgrkx64 - ok
01:49:49.0189 3672 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
01:49:49.0189 3672 Avgtdia - ok
01:49:49.0330 3672 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
01:49:49.0345 3672 avgwd - ok
01:49:49.0361 3672 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
01:49:49.0361 3672 AxInstSV - ok
01:49:49.0408 3672 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
01:49:49.0408 3672 b06bdrv - ok
01:49:49.0454 3672 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
01:49:49.0470 3672 b57nd60a - ok
01:49:49.0486 3672 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
01:49:49.0486 3672 BDESVC - ok
01:49:49.0501 3672 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
01:49:49.0501 3672 Beep - ok
01:49:49.0532 3672 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
01:49:49.0548 3672 BITS - ok
01:49:49.0548 3672 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
01:49:49.0564 3672 blbdrive - ok
01:49:49.0626 3672 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
01:49:49.0626 3672 Bonjour Service - ok
01:49:49.0673 3672 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
01:49:49.0673 3672 bowser - ok
01:49:49.0688 3672 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
01:49:49.0688 3672 BrFiltLo - ok
01:49:49.0704 3672 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
01:49:49.0720 3672 BrFiltUp - ok
01:49:49.0751 3672 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
01:49:49.0751 3672 BridgeMP - ok
01:49:49.0782 3672 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
01:49:49.0782 3672 Browser - ok
01:49:49.0813 3672 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
01:49:49.0813 3672 Brserid - ok
01:49:49.0829 3672 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
01:49:49.0829 3672 BrSerWdm - ok
01:49:49.0844 3672 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
01:49:49.0844 3672 BrUsbMdm - ok
01:49:49.0860 3672 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
01:49:49.0860 3672 BrUsbSer - ok
01:49:49.0876 3672 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
01:49:49.0876 3672 BTHMODEM - ok
01:49:49.0891 3672 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
01:49:49.0907 3672 bthserv - ok
01:49:49.0907 3672 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
01:49:49.0907 3672 cdfs - ok
01:49:49.0922 3672 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
01:49:49.0922 3672 cdrom - ok
01:49:49.0938 3672 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
01:49:49.0938 3672 CertPropSvc - ok
01:49:49.0969 3672 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
01:49:49.0969 3672 circlass - ok
01:49:50.0000 3672 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
01:49:50.0000 3672 CLFS - ok
01:49:50.0078 3672 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:49:50.0078 3672 clr_optimization_v2.0.50727_32 - ok
01:49:50.0125 3672 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:49:50.0125 3672 clr_optimization_v2.0.50727_64 - ok
01:49:50.0172 3672 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:49:50.0250 3672 clr_optimization_v4.0.30319_32 - ok
01:49:50.0312 3672 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:49:50.0312 3672 clr_optimization_v4.0.30319_64 - ok
01:49:50.0328 3672 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
01:49:50.0328 3672 CmBatt - ok
01:49:50.0344 3672 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
01:49:50.0344 3672 cmdide - ok
01:49:50.0390 3672 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
01:49:50.0406 3672 CNG - ok
01:49:50.0422 3672 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
01:49:50.0422 3672 Compbatt - ok
01:49:50.0453 3672 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
01:49:50.0453 3672 CompositeBus - ok
01:49:50.0453 3672 COMSysApp - ok
01:49:50.0484 3672 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
01:49:50.0484 3672 crcdisk - ok
01:49:50.0515 3672 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
01:49:50.0515 3672 CryptSvc - ok
01:49:50.0640 3672 DAUpdaterSvc (80861969541971176e005d2c09dae851) C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
01:49:50.0640 3672 DAUpdaterSvc - ok
01:49:50.0671 3672 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
01:49:50.0687 3672 DcomLaunch - ok
01:49:50.0702 3672 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
01:49:50.0702 3672 defragsvc - ok
01:49:50.0718 3672 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
01:49:50.0718 3672 DfsC - ok
01:49:50.0734 3672 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
01:49:50.0734 3672 Dhcp - ok
01:49:50.0749 3672 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
01:49:50.0749 3672 discache - ok
01:49:50.0765 3672 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
01:49:50.0765 3672 Disk - ok
01:49:50.0765 3672 dlcc_device - ok
01:49:50.0780 3672 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
01:49:50.0780 3672 Dnscache - ok
01:49:50.0796 3672 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
01:49:50.0812 3672 dot3svc - ok
01:49:50.0827 3672 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
01:49:50.0827 3672 DPS - ok
01:49:50.0858 3672 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
01:49:50.0858 3672 drmkaud - ok
01:49:50.0921 3672 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
01:49:50.0921 3672 dtsoftbus01 - ok
01:49:50.0983 3672 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
01:49:50.0983 3672 DXGKrnl - ok
01:49:51.0014 3672 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
01:49:51.0014 3672 EapHost - ok
01:49:51.0108 3672 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
01:49:51.0186 3672 ebdrv - ok
01:49:51.0295 3672 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
01:49:51.0295 3672 EFS - ok
01:49:51.0420 3672 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
01:49:51.0436 3672 ehRecvr - ok
01:49:51.0451 3672 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
01:49:51.0451 3672 ehSched - ok
01:49:51.0514 3672 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
01:49:51.0514 3672 elxstor - ok
01:49:51.0529 3672 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
01:49:51.0529 3672 ErrDev - ok
01:49:51.0592 3672 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
01:49:51.0592 3672 EventSystem - ok
01:49:51.0623 3672 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
01:49:51.0623 3672 exfat - ok
01:49:51.0654 3672 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
01:49:51.0654 3672 fastfat - ok
01:49:51.0701 3672 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
01:49:51.0701 3672 Fax - ok
01:49:51.0732 3672 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
01:49:51.0732 3672 fdc - ok
01:49:51.0748 3672 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
01:49:51.0748 3672 fdPHost - ok
01:49:51.0763 3672 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
01:49:51.0763 3672 FDResPub - ok
01:49:51.0794 3672 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
01:49:51.0794 3672 FileInfo - ok
01:49:51.0794 3672 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
01:49:51.0810 3672 Filetrace - ok
01:49:51.0826 3672 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
01:49:51.0826 3672 flpydisk - ok
01:49:51.0841 3672 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
01:49:51.0841 3672 FltMgr - ok
01:49:51.0888 3672 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
01:49:51.0904 3672 FontCache - ok
01:49:51.0966 3672 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:49:51.0966 3672 FontCache3.0.0.0 - ok
01:49:52.0138 3672 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
01:49:52.0138 3672 FsDepends - ok
01:49:52.0153 3672 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
01:49:52.0153 3672 Fs_Rec - ok
01:49:52.0169 3672 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
01:49:52.0169 3672 fvevol - ok
01:49:52.0200 3672 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
01:49:52.0200 3672 gagp30kx - ok
01:49:52.0247 3672 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:49:52.0247 3672 GEARAspiWDM - ok
01:49:52.0356 3672 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
01:49:52.0356 3672 GoToAssist - ok
01:49:52.0403 3672 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
01:49:52.0434 3672 gpsvc - ok
01:49:52.0512 3672 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:49:52.0512 3672 gupdate - ok
01:49:52.0528 3672 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:49:52.0528 3672 gupdatem - ok
01:49:52.0606 3672 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
01:49:52.0621 3672 hcw85cir - ok
01:49:52.0684 3672 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
01:49:52.0684 3672 HdAudAddService - ok
01:49:52.0699 3672 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
01:49:52.0699 3672 HDAudBus - ok
01:49:52.0715 3672 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
01:49:52.0715 3672 HECIx64 - ok
01:49:52.0746 3672 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
01:49:52.0746 3672 HidBatt - ok
01:49:52.0762 3672 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
01:49:52.0762 3672 HidBth - ok
01:49:52.0777 3672 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
01:49:52.0777 3672 HidIr - ok
01:49:52.0824 3672 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
01:49:52.0824 3672 hidserv - ok
01:49:52.0824 3672 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
01:49:52.0824 3672 HidUsb - ok
01:49:52.0840 3672 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
01:49:52.0840 3672 hkmsvc - ok
01:49:52.0855 3672 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
01:49:52.0855 3672 HomeGroupListener - ok
01:49:52.0871 3672 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
01:49:52.0886 3672 HomeGroupProvider - ok
01:49:52.0902 3672 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
01:49:52.0902 3672 HpSAMD - ok
01:49:52.0933 3672 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
01:49:52.0949 3672 HTTP - ok
01:49:52.0949 3672 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
01:49:52.0949 3672 hwpolicy - ok
01:49:52.0964 3672 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
01:49:52.0964 3672 i8042prt - ok
01:49:53.0120 3672 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
01:49:53.0120 3672 iaStorV - ok
01:49:53.0276 3672 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
01:49:53.0276 3672 IDriverT - ok
01:49:53.0354 3672 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:49:53.0370 3672 idsvc - ok
01:49:53.0682 3672 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
01:49:53.0900 3672 igfx - ok
01:49:54.0181 3672 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
01:49:54.0181 3672 iirsp - ok
01:49:54.0228 3672 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
01:49:54.0244 3672 IKEEXT - ok
01:49:54.0259 3672 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
01:49:54.0259 3672 Impcd - ok
01:49:54.0571 3672 IntcAzAudAddService (e9befd8c6a1db3b544b61647dda35f62) C:\Windows\system32\drivers\RTKVHD64.sys
01:49:54.0587 3672 IntcAzAudAddService - ok
01:49:54.0696 3672 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
01:49:54.0696 3672 IntcDAud - ok
01:49:54.0727 3672 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
01:49:54.0727 3672 intelide - ok
01:49:54.0743 3672 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
01:49:54.0743 3672 intelppm - ok
01:49:54.0790 3672 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
01:49:54.0790 3672 IPBusEnum - ok
01:49:54.0821 3672 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:49:54.0821 3672 IpFilterDriver - ok
01:49:54.0899 3672 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
01:49:54.0914 3672 iphlpsvc - ok
01:49:54.0930 3672 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
01:49:54.0930 3672 IPMIDRV - ok
01:49:55.0008 3672 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
01:49:55.0008 3672 IPNAT - ok
01:49:55.0102 3672 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
01:49:55.0102 3672 iPod Service - ok
01:49:55.0117 3672 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
01:49:55.0117 3672 IRENUM - ok
01:49:55.0133 3672 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
01:49:55.0133 3672 isapnp - ok
01:49:55.0148 3672 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
01:49:55.0164 3672 iScsiPrt - ok
01:49:55.0180 3672 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
01:49:55.0180 3672 k57nd60a - ok
01:49:55.0195 3672 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
01:49:55.0195 3672 kbdclass - ok
01:49:55.0242 3672 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
01:49:55.0242 3672 kbdhid - ok
01:49:55.0351 3672 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:49:55.0351 3672 KeyIso - ok
01:49:55.0429 3672 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
01:49:55.0429 3672 KSecDD - ok
01:49:55.0460 3672 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
01:49:55.0460 3672 KSecPkg - ok
01:49:55.0476 3672 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
01:49:55.0476 3672 ksthunk - ok
01:49:55.0538 3672 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
01:49:55.0538 3672 KtmRm - ok
01:49:55.0570 3672 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
01:49:55.0570 3672 LanmanServer - ok
01:49:55.0585 3672 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
01:49:55.0601 3672 LanmanWorkstation - ok
01:49:55.0616 3672 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
01:49:55.0616 3672 lltdio - ok
01:49:55.0632 3672 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
01:49:55.0632 3672 lltdsvc - ok
01:49:55.0648 3672 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
01:49:55.0648 3672 lmhosts - ok
01:49:55.0663 3672 LPDSVC (5dcd36fc4a6ecbf6e7f9b3bf7e0d0f55) C:\Windows\system32\lpdsvc.dll
01:49:55.0663 3672 LPDSVC - ok
01:49:55.0804 3672 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
01:49:55.0804 3672 LSI_FC - ok
01:49:55.0819 3672 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
01:49:55.0835 3672 LSI_SAS - ok
01:49:55.0850 3672 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
01:49:55.0850 3672 LSI_SAS2 - ok
01:49:55.0882 3672 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
01:49:55.0882 3672 LSI_SCSI - ok
01:49:55.0897 3672 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
01:49:55.0897 3672 luafv - ok
01:49:55.0944 3672 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
01:49:55.0944 3672 MBAMProtector - ok
01:49:56.0256 3672 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
01:49:56.0256 3672 MBAMService - ok
01:49:56.0303 3672 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
01:49:56.0303 3672 Mcx2Svc - ok
01:49:56.0318 3672 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
01:49:56.0334 3672 megasas - ok
01:49:56.0350 3672 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
01:49:56.0350 3672 MegaSR - ok
01:49:56.0428 3672 Microsoft SharePoint Workspace Audit Service - ok
01:49:56.0521 3672 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
01:49:56.0521 3672 MMCSS - ok
01:49:56.0552 3672 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
01:49:56.0552 3672 Modem - ok
01:49:56.0568 3672 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
01:49:56.0568 3672 monitor - ok
01:49:56.0584 3672 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
01:49:56.0584 3672 mouclass - ok
01:49:56.0599 3672 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
01:49:56.0599 3672 mouhid - ok
01:49:56.0615 3672 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
01:49:56.0615 3672 mountmgr - ok
01:49:56.0677 3672 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:49:56.0693 3672 MozillaMaintenance - ok
01:49:56.0708 3672 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
01:49:56.0708 3672 mpio - ok
01:49:56.0724 3672 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
01:49:56.0724 3672 mpsdrv - ok
01:49:56.0740 3672 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
01:49:56.0740 3672 MRxDAV - ok
01:49:56.0771 3672 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
01:49:56.0771 3672 mrxsmb - ok
01:49:56.0927 3672 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:49:56.0927 3672 mrxsmb10 - ok
01:49:56.0942 3672 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:49:56.0942 3672 mrxsmb20 - ok
01:49:56.0974 3672 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
01:49:56.0974 3672 msahci - ok
01:49:57.0005 3672 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
01:49:57.0005 3672 msdsm - ok
01:49:57.0067 3672 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
01:49:57.0067 3672 MSDTC - ok
01:49:57.0083 3672 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
01:49:57.0083 3672 Msfs - ok
01:49:57.0098 3672 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
01:49:57.0098 3672 mshidkmdf - ok
01:49:57.0098 3672 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
01:49:57.0098 3672 msisadrv - ok
01:49:57.0114 3672 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
01:49:57.0130 3672 MSiSCSI - ok
01:49:57.0130 3672 msiserver - ok
01:49:57.0161 3672 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
01:49:57.0161 3672 MSKSSRV - ok
01:49:57.0176 3672 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
01:49:57.0176 3672 MSPCLOCK - ok
01:49:57.0192 3672 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
01:49:57.0192 3672 MSPQM - ok
01:49:57.0208 3672 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
01:49:57.0223 3672 MsRPC - ok
01:49:57.0239 3672 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
01:49:57.0239 3672 mssmbios - ok
01:49:57.0254 3672 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
01:49:57.0254 3672 MSTEE - ok
01:49:57.0270 3672 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
01:49:57.0270 3672 MTConfig - ok
01:49:57.0286 3672 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
01:49:57.0301 3672 Mup - ok
01:49:57.0457 3672 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
01:49:57.0457 3672 napagent - ok
01:49:57.0488 3672 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
01:49:57.0488 3672 NativeWifiP - ok
01:49:57.0535 3672 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
01:49:57.0551 3672 NDIS - ok
01:49:57.0566 3672 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
01:49:57.0566 3672 NdisCap - ok
01:49:57.0598 3672 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
01:49:57.0598 3672 NdisTapi - ok
01:49:57.0629 3672 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
01:49:57.0629 3672 Ndisuio - ok
01:49:57.0644 3672 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
01:49:57.0644 3672 NdisWan - ok
01:49:57.0676 3672 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
01:49:57.0676 3672 NDProxy - ok
01:49:57.0676 3672 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
01:49:57.0676 3672 NetBIOS - ok
01:49:57.0691 3672 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
01:49:57.0691 3672 NetBT - ok
01:49:57.0785 3672 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:49:57.0785 3672 Netlogon - ok
01:49:57.0956 3672 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
01:49:57.0972 3672 Netman - ok
01:49:58.0019 3672 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:49:58.0034 3672 NetMsmqActivator - ok
01:49:58.0034 3672 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:49:58.0034 3672 NetPipeActivator - ok
01:49:58.0066 3672 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
01:49:58.0066 3672 netprofm - ok
01:49:58.0066 3672 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:49:58.0081 3672 NetTcpActivator - ok
01:49:58.0081 3672 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:49:58.0081 3672 NetTcpPortSharing - ok
01:49:58.0159 3672 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
01:49:58.0159 3672 nfrd960 - ok
01:49:58.0206 3672 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
01:49:58.0222 3672 NlaSvc - ok
01:49:58.0861 3672 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
01:49:58.0908 3672 NOBU - ok
01:49:58.0955 3672 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
01:49:58.0955 3672 Npfs - ok
01:49:58.0986 3672 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
01:49:58.0986 3672 nsi - ok
01:49:59.0033 3672 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
01:49:59.0033 3672 nsiproxy - ok
01:49:59.0251 3672 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
01:49:59.0267 3672 Ntfs - ok
01:49:59.0345 3672 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
01:49:59.0345 3672 Null - ok
01:49:59.0407 3672 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
01:49:59.0407 3672 NVHDA - ok
01:50:00.0296 3672 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:50:00.0499 3672 nvlddmkm - ok
01:50:00.0686 3672 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
01:50:00.0686 3672 nvraid - ok
01:50:00.0764 3672 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
01:50:00.0764 3672 nvstor - ok
01:50:00.0827 3672 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
01:50:00.0827 3672 nv_agp - ok
01:50:00.0858 3672 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
01:50:00.0858 3672 ohci1394 - ok
01:50:00.0967 3672 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:50:00.0983 3672 ose - ok
01:50:01.0295 3672 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:50:01.0373 3672 osppsvc - ok
01:50:01.0482 3672 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
01:50:01.0482 3672 p2pimsvc - ok
01:50:01.0513 3672 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
01:50:01.0513 3672 p2psvc - ok
01:50:01.0544 3672 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
01:50:01.0544 3672 Parport - ok
01:50:01.0560 3672 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
01:50:01.0560 3672 partmgr - ok
01:50:01.0576 3672 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
01:50:01.0576 3672 PcaSvc - ok
01:50:01.0654 3672 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
01:50:01.0654 3672 pci - ok
01:50:01.0669 3672 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
01:50:01.0669 3672 pciide - ok
01:50:01.0685 3672 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
01:50:01.0700 3672 pcmcia - ok
01:50:01.0700 3672 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
01:50:01.0700 3672 pcw - ok
01:50:01.0732 3672 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
01:50:01.0732 3672 PEAUTH - ok
01:50:01.0794 3672 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
01:50:01.0810 3672 PerfHost - ok
01:50:01.0919 3672 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
01:50:01.0950 3672 pla - ok
01:50:01.0981 3672 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
01:50:01.0981 3672 PlugPlay - ok
01:50:01.0997 3672 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
01:50:01.0997 3672 PNRPAutoReg - ok
01:50:02.0012 3672 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
01:50:02.0012 3672 PNRPsvc - ok
01:50:02.0137 3672 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
01:50:02.0153 3672 PolicyAgent - ok
01:50:02.0184 3672 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
01:50:02.0184 3672 Power - ok
01:50:02.0231 3672 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
01:50:02.0231 3672 PptpMiniport - ok
01:50:02.0246 3672 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
01:50:02.0246 3672 Processor - ok
01:50:02.0278 3672 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
01:50:02.0278 3672 ProfSvc - ok
01:50:02.0340 3672 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:50:02.0340 3672 ProtectedStorage - ok
01:50:02.0356 3672 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
01:50:02.0356 3672 Psched - ok
01:50:02.0371 3672 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
01:50:02.0371 3672 PxHlpa64 - ok
01:50:02.0434 3672 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
01:50:02.0496 3672 ql2300 - ok
01:50:02.0574 3672 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
01:50:02.0574 3672 ql40xx - ok
01:50:02.0621 3672 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
01:50:02.0621 3672 QWAVE - ok
01:50:02.0636 3672 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
01:50:02.0636 3672 QWAVEdrv - ok
01:50:02.0652 3672 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
01:50:02.0668 3672 RasAcd - ok
01:50:02.0683 3672 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
01:50:02.0683 3672 RasAgileVpn - ok
01:50:02.0699 3672 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
01:50:02.0699 3672 RasAuto - ok
01:50:02.0714 3672 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
01:50:02.0714 3672 Rasl2tp - ok
01:50:02.0730 3672 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
01:50:02.0746 3672 RasMan - ok
01:50:02.0746 3672 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
01:50:02.0761 3672 RasPppoe - ok
01:50:02.0761 3672 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
01:50:02.0761 3672 RasSstp - ok
01:50:02.0792 3672 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
01:50:02.0792 3672 rdbss - ok
01:50:02.0808 3672 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
01:50:02.0808 3672 rdpbus - ok
01:50:02.0839 3672 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
01:50:02.0839 3672 RDPCDD - ok
01:50:02.0839 3672 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
01:50:02.0839 3672 RDPENCDD - ok
01:50:02.0839 3672 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
01:50:02.0855 3672 RDPREFMP - ok
01:50:03.0026 3672 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
01:50:03.0026 3672 RDPWD - ok
01:50:03.0042 3672 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
01:50:03.0042 3672 rdyboost - ok
01:50:03.0089 3672 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
01:50:03.0104 3672 RemoteAccess - ok
01:50:03.0120 3672 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
01:50:03.0120 3672 RemoteRegistry - ok
01:50:03.0354 3672 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
01:50:03.0370 3672 RoxMediaDB12OEM - ok
01:50:03.0401 3672 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
01:50:03.0401 3672 RoxWatch12 - ok
01:50:03.0557 3672 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
01:50:03.0557 3672 RpcEptMapper - ok
01:50:03.0572 3672 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
01:50:03.0572 3672 RpcLocator - ok
01:50:03.0619 3672 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
01:50:03.0619 3672 RpcSs - ok
01:50:03.0791 3672 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
01:50:03.0791 3672 rspndr - ok
01:50:03.0822 3672 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:50:03.0838 3672 SamSs - ok
01:50:04.0040 3672 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
01:50:04.0040 3672 SASDIFSV - ok
01:50:04.0134 3672 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
01:50:04.0134 3672 SASKUTIL - ok
01:50:04.0243 3672 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
01:50:04.0243 3672 sbp2port - ok
01:50:04.0306 3672 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
01:50:04.0306 3672 SCardSvr - ok
01:50:04.0321 3672 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
01:50:04.0321 3672 scfilter - ok
01:50:04.0352 3672 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
01:50:04.0384 3672 Schedule - ok
01:50:04.0399 3672 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
01:50:04.0399 3672 SCPolicySvc - ok
01:50:04.0415 3672 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
01:50:04.0415 3672 SDRSVC - ok
01:50:04.0446 3672 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
01:50:04.0446 3672 secdrv - ok
01:50:04.0462 3672 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
01:50:04.0462 3672 seclogon - ok
01:50:04.0462 3672 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
01:50:04.0477 3672 SENS - ok
01:50:04.0477 3672 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
01:50:04.0477 3672 SensrSvc - ok
01:50:04.0493 3672 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
01:50:04.0493 3672 Serenum - ok
01:50:04.0508 3672 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
01:50:04.0508 3672 Serial - ok
01:50:04.0524 3672 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
01:50:04.0540 3672 sermouse - ok
01:50:04.0571 3672 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
01:50:04.0571 3672 SessionEnv - ok
01:50:04.0602 3672 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
01:50:04.0602 3672 sffdisk - ok
01:50:04.0618 3672 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
01:50:04.0618 3672 sffp_mmc - ok
01:50:04.0633 3672 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
01:50:04.0633 3672 sffp_sd - ok
01:50:04.0633 3672 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
01:50:04.0633 3672 sfloppy - ok
01:50:05.0008 3672 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
01:50:05.0023 3672 SftService - ok
01:50:05.0195 3672 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
01:50:05.0195 3672 SharedAccess - ok
01:50:05.0242 3672 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
01:50:05.0242 3672 ShellHWDetection - ok
01:50:05.0288 3672 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
01:50:05.0288 3672 SiSRaid2 - ok
01:50:05.0320 3672 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
01:50:05.0320 3672 SiSRaid4 - ok
01:50:05.0382 3672 SmartDefragDriver (dd0443bc6cc78a19fd399817f8c51401) C:\Windows\system32\Drivers\SmartDefragDriver.sys
01:50:05.0382 3672 SmartDefragDriver - ok
01:50:05.0398 3672 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
01:50:05.0398 3672 Smb - ok
01:50:05.0444 3672 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
01:50:05.0444 3672 SNMPTRAP - ok
01:50:05.0476 3672 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
01:50:05.0476 3672 spldr - ok
01:50:05.0491 3672 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
01:50:05.0491 3672 Spooler - ok
01:50:06.0100 3672 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
01:50:06.0146 3672 sppsvc - ok
01:50:06.0240 3672 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
01:50:06.0240 3672 sppuinotify - ok
01:50:06.0318 3672 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
01:50:06.0334 3672 srv - ok
01:50:06.0505 3672 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
01:50:06.0521 3672 srv2 - ok
01:50:06.0536 3672 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
01:50:06.0536 3672 srvnet - ok
01:50:06.0630 3672 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
01:50:06.0646 3672 SSDPSRV - ok
01:50:06.0692 3672 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
01:50:06.0692 3672 SstpSvc - ok
01:50:06.0755 3672 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
01:50:06.0770 3672 stexstor - ok
01:50:07.0036 3672 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
01:50:07.0051 3672 stisvc - ok
01:50:07.0238 3672 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
01:50:07.0238 3672 stllssvr - ok
01:50:07.0270 3672 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
01:50:07.0270 3672 swenum - ok
01:50:07.0504 3672 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
01:50:07.0504 3672 SwitchBoard - ok
01:50:07.0535 3672 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
01:50:07.0550 3672 swprv - ok
01:50:07.0628 3672 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
01:50:07.0660 3672 SysMain - ok
01:50:08.0190 3672 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
01:50:08.0206 3672 TabletInputService - ok
01:50:08.0299 3672 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
01:50:08.0299 3672 TapiSrv - ok
01:50:08.0330 3672 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
01:50:08.0330 3672 TBS - ok
01:50:08.0627 3672 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
01:50:08.0674 3672 Tcpip - ok
01:50:09.0251 3672 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
01:50:09.0266 3672 TCPIP6 - ok
01:50:09.0641 3672 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
01:50:09.0656 3672 tcpipreg - ok
01:50:09.0656 3672 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
01:50:09.0672 3672 TDPIPE - ok
01:50:09.0719 3672 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
01:50:09.0719 3672 TDTCP - ok
01:50:09.0734 3672 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
01:50:09.0734 3672 tdx - ok
01:50:09.0750 3672 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
01:50:09.0750 3672 TermDD - ok
01:50:09.0766 3672 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
01:50:09.0781 3672 TermService - ok
01:50:09.0781 3672 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
01:50:09.0781 3672 Themes - ok
01:50:09.0812 3672 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
01:50:09.0812 3672 THREADORDER - ok
01:50:09.0844 3672 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
01:50:09.0859 3672 TrkWks - ok
01:50:09.0906 3672 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
01:50:09.0906 3672 TrustedInstaller - ok
01:50:09.0937 3672 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
01:50:09.0937 3672 tssecsrv - ok
01:50:09.0953 3672 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
01:50:09.0953 3672 TsUsbFlt - ok
01:50:09.0968 3672 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
01:50:09.0984 3672 TsUsbGD - ok
01:50:10.0000 3672 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
01:50:10.0000 3672 tunnel - ok
01:50:10.0015 3672 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
01:50:10.0031 3672 uagp35 - ok
01:50:10.0046 3672 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
01:50:10.0046 3672 udfs - ok
01:50:10.0109 3672 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
01:50:10.0109 3672 UI0Detect - ok
01:50:10.0124 3672 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
01:50:10.0140 3672 uliagpkx - ok
01:50:10.0156 3672 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
01:50:10.0156 3672 umbus - ok
01:50:10.0187 3672 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
01:50:10.0187 3672 UmPass - ok
01:50:10.0218 3672 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
01:50:10.0218 3672 upnphost - ok
01:50:10.0265 3672 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
01:50:10.0312 3672 USBAAPL64 - ok
01:50:10.0358 3672 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
01:50:10.0358 3672 usbccgp - ok
01:50:10.0390 3672 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
01:50:10.0405 3672 usbcir - ok
01:50:10.0421 3672 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
01:50:10.0421 3672 usbehci - ok
01:50:10.0608 3672 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys
01:50:10.0624 3672 usbhub - ok
01:50:10.0670 3672 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
01:50:10.0670 3672 usbohci - ok
01:50:10.0686 3672 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
01:50:10.0686 3672 usbprint - ok
01:50:10.0717 3672 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
01:50:10.0717 3672 usbscan - ok
01:50:10.0717 3672 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:50:10.0717 3672 USBSTOR - ok
01:50:10.0764 3672 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
01:50:10.0764 3672 usbuhci - ok
01:50:10.0780 3672 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
01:50:10.0795 3672 UxSms - ok
01:50:10.0842 3672 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:50:10.0842 3672 VaultSvc - ok
01:50:10.0858 3672 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
01:50:10.0858 3672 vdrvroot - ok
01:50:10.0889 3672 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
01:50:10.0889 3672 vds - ok
01:50:10.0904 3672 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
01:50:10.0920 3672 vga - ok
01:50:10.0936 3672 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
01:50:10.0936 3672 VgaSave - ok
01:50:10.0967 3672 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
01:50:10.0967 3672 vhdmp - ok
01:50:10.0998 3672 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
01:50:10.0998 3672 viaide - ok
01:50:11.0014 3672 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
01:50:11.0014 3672 volmgr - ok
01:50:11.0029 3672 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
01:50:11.0045 3672 volmgrx - ok
01:50:11.0045 3672 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
01:50:11.0045 3672 volsnap - ok
01:50:11.0060 3672 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
01:50:11.0076 3672 vsmraid - ok
01:50:11.0154 3672 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
01:50:11.0170 3672 VSS - ok
01:50:11.0341 3672 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
01:50:11.0341 3672 vwifibus - ok
01:50:11.0372 3672 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
01:50:11.0372 3672 W32Time - ok
01:50:11.0404 3672 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
01:50:11.0404 3672 WacomPen - ok
01:50:11.0435 3672 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
01:50:11.0435 3672 WANARP - ok
01:50:11.0435 3672 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
01:50:11.0435 3672 Wanarpv6 - ok
01:50:11.0981 3672 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
01:50:12.0043 3672 WatAdminSvc - ok
01:50:12.0121 3672 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
01:50:12.0137 3672 wbengine - ok
01:50:12.0184 3672 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
01:50:12.0184 3672 WbioSrvc - ok
01:50:12.0199 3672 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
01:50:12.0215 3672 wcncsvc - ok
01:50:12.0215 3672 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
01:50:12.0215 3672 WcsPlugInService - ok
01:50:12.0262 3672 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
01:50:12.0262 3672 Wd - ok
01:50:12.0293 3672 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
01:50:12.0308 3672 Wdf01000 - ok
01:50:12.0308 3672 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
01:50:12.0324 3672 WdiServiceHost - ok
01:50:12.0324 3672 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
01:50:12.0324 3672 WdiSystemHost - ok
01:50:12.0340 3672 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
01:50:12.0340 3672 WebClient - ok
01:50:12.0355 3672 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
01:50:12.0355 3672 Wecsvc - ok
01:50:12.0371 3672 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
01:50:12.0371 3672 wercplsupport - ok
01:50:12.0386 3672 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
01:50:12.0386 3672 WerSvc - ok
01:50:12.0449 3672 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
01:50:12.0449 3672 WfpLwf - ok
01:50:12.0480 3672 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
01:50:12.0496 3672 WimFltr - ok
01:50:12.0511 3672 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
01:50:12.0511 3672 WIMMount - ok
01:50:12.0574 3672 WinDefend - ok
01:50:12.0589 3672 WinHttpAutoProxySvc - ok
01:50:12.0636 3672 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
01:50:12.0636 3672 Winmgmt - ok
01:50:12.0745 3672 WinRing0_1_2_0 (0c0195c48b6b8582fa6f6373032118da) C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys
01:50:12.0745 3672 WinRing0_1_2_0 - ok
01:50:12.0808 3672 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
01:50:12.0839 3672 WinRM - ok
01:50:12.0979 3672 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
01:50:12.0979 3672 WinUsb - ok
01:50:13.0088 3672 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
01:50:13.0104 3672 Wlansvc - ok
01:50:13.0151 3672 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
01:50:13.0151 3672 wlcrasvc - ok
01:50:13.0447 3672 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:50:13.0494 3672 wlidsvc - ok
01:50:13.0572 3672 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
01:50:13.0572 3672 WmiAcpi - ok
01:50:13.0634 3672 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
01:50:13.0634 3672 wmiApSrv - ok
01:50:13.0697 3672 WMPNetworkSvc - ok
01:50:13.0744 3672 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
01:50:13.0744 3672 WPCSvc - ok
01:50:13.0744 3672 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
01:50:13.0759 3672 WPDBusEnum - ok
01:50:13.0775 3672 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
01:50:13.0775 3672 ws2ifsl - ok
01:50:13.0806 3672 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
01:50:13.0806 3672 wscsvc - ok
01:50:13.0806 3672 WSearch - ok
01:50:14.0056 3672 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
01:50:14.0118 3672 wuauserv - ok
01:50:14.0180 3672 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
01:50:14.0196 3672 WudfPf - ok
01:50:14.0196 3672 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
01:50:14.0212 3672 WUDFRd - ok
01:50:14.0227 3672 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
01:50:14.0227 3672 wudfsvc - ok
01:50:14.0243 3672 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
01:50:14.0243 3672 WwanSvc - ok
01:50:14.0305 3672 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
01:50:14.0914 3672 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
01:50:14.0914 3672 \Device\Harddisk0\DR0 - detected TDSS File System (1)
01:50:14.0929 3672 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
01:50:15.0054 3672 \Device\Harddisk1\DR1 - ok
01:50:15.0070 3672 Boot (0x1200) (dc934c74b2585379e3dfb1188432c7fc) \Device\Harddisk0\DR0\Partition0
01:50:15.0085 3672 \Device\Harddisk0\DR0\Partition0 - ok
01:50:15.0085 3672 Boot (0x1200) (7ec8d00eebb419f580927c7880f793fe) \Device\Harddisk0\DR0\Partition1
01:50:15.0116 3672 \Device\Harddisk0\DR0\Partition1 - ok
01:50:15.0116 3672 Boot (0x1200) (58299b799d6b4effc6d9bd70558c30d1) \Device\Harddisk1\DR1\Partition0
01:50:15.0116 3672 \Device\Harddisk1\DR1\Partition0 - ok
01:50:15.0132 3672 Boot (0x1200) (71bbcde695ec746496f91f61f3b7f1b3) \Device\Harddisk1\DR1\Partition1
01:50:15.0132 3672 \Device\Harddisk1\DR1\Partition1 - ok
01:50:15.0132 3672 ============================================================
01:50:15.0132 3672 Scan finished
01:50:15.0132 3672 ============================================================
01:50:15.0132 5512 Detected object count: 1
01:50:15.0132 5512 Actual detected object count: 1
01:50:24.0211 5512 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
01:50:24.0211 5512 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
01:50:26.0941 3920 Deinitialize success

AWSMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-09 10:38:15
-----------------------------
10:38:15.219 OS Version: Windows x64 6.1.7601 Service Pack 1
10:38:15.219 Number of processors: 2 586 0x2505
10:38:15.219 ComputerName: RYAN-PC UserName: Ryan
10:38:20.120 Initialize success
10:38:27.892 AVAST engine defs: 12080801
10:38:31.567 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:38:31.567 Disk 0 Vendor: ST3500413AS JC47 Size: 476940MB BusType: 3
10:38:31.614 Disk 0 MBR read successfully
10:38:31.614 Disk 0 MBR scan
10:38:31.614 Disk 0 Windows VISTA default MBR code
10:38:31.614 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
10:38:31.677 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 14142 MB offset 81920
10:38:31.692 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 462757 MB offset 29044736
10:38:31.801 Disk 0 scanning C:\Windows\system32\drivers
10:38:49.416 Service scanning
10:39:41.524 Modules scanning
10:39:41.524 Disk 0 trace - called modules:
10:39:41.534 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
10:39:41.874 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a7b060]
10:39:41.874 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa8004534580]
10:39:41.874 5 ACPI.sys[fffff88000f357a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004536060]
10:40:11.666 AVAST engine scan C:\Windows
10:40:59.620 AVAST engine scan C:\Windows\system32
10:47:16.504 AVAST engine scan C:\Windows\system32\drivers
10:47:50.211 AVAST engine scan C:\Users\Ryan
11:44:28.407 AVAST engine scan C:\ProgramData
11:51:18.348 Scan finished successfully
11:53:57.655 Disk 0 MBR has been saved successfully to "C:\Users\Ryan\Desktop\MBR.dat"
11:53:57.655 The log file has been saved successfully to "C:\Users\Ryan\Desktop\aswMBR.txt"

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:26 PM

Posted 09 August 2012 - 01:14 PM

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

Hosts fix

Run it,restart the PC

#13 Rendlog82

Rendlog82
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 10 August 2012 - 03:34 PM

FSS Log

Farbar Service Scanner Version: 06-08-2012
Ran by Ryan (administrator) on 10-08-2012 at 15:33:26
Running from "C:\Users\Ryan\Desktop\PC Maintnence"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:26 PM

Posted 10 August 2012 - 04:11 PM

Run TDSSkiller again and select delete

01:50:24.0211 5512 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

Download

MpsSvc
BFE


Launch them ,click YES when you get UAC prompt

restart the PC and post the new FSS log

#15 Rendlog82

Rendlog82
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 10 August 2012 - 04:57 PM

Farbar Service Scanner Version: 06-08-2012
Ran by Ryan (administrator) on 10-08-2012 at 16:56:16
Running from "C:\Users\Ryan\Desktop\PC Maintnence"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users