Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Virus and trojan dropper bcminer


  • Please log in to reply
26 replies to this topic

#1 out4bounty

out4bounty

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 19 August 2012 - 06:15 PM

Hi there I ran malwarebytes it does find three items it does remove them but it still finds the same three items over and over again. when I reboot I see three ms command prompt load up quick on a restart need help please im stuck im running windows 7 also I cant turn on the firewall I get error 0x80070424.
malwarebytes log
trojan dropper bcminer
rootkit 0 access
rootkit 0 access


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.19.07

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
LEVNHARD :: LEVNHARD-HP [administrator]

8/19/2012 6:48:31 PM
mbam-log-2012-08-19 (18-48-31).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213447
Time elapsed: 8 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Windows\Installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
C:\Windows\Installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\000000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\80000032.@ (Rootkit.0Access) -> Quarantined and deleted successfully.

(end)

Edited by out4bounty, 19 August 2012 - 07:59 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:31 PM

Posted 19 August 2012 - 09:49 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 out4bounty

out4bounty
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 20 August 2012 - 12:30 AM

thanks for your help and responce heres my logs

23:21:29.0481 5380 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
23:21:29.0761 5380 ============================================================
23:21:29.0761 5380 Current date / time: 2012/08/19 23:21:29.0761
23:21:29.0761 5380 SystemInfo:
23:21:29.0761 5380
23:21:29.0761 5380 OS Version: 6.1.7600 ServicePack: 0.0
23:21:29.0761 5380 Product type: Workstation
23:21:29.0761 5380 ComputerName: LEVNHARD-HP
23:21:29.0761 5380 UserName: LEVNHARD
23:21:29.0761 5380 Windows directory: C:\Windows
23:21:29.0761 5380 System windows directory: C:\Windows
23:21:29.0761 5380 Running under WOW64
23:21:29.0761 5380 Processor architecture: Intel x64
23:21:29.0761 5380 Number of processors: 2
23:21:29.0761 5380 Page size: 0x1000
23:21:29.0761 5380 Boot type: Normal boot
23:21:29.0761 5380 ============================================================
23:21:30.0891 5380 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:21:30.0901 5380 ============================================================
23:21:30.0901 5380 \Device\Harddisk0\DR0:
23:21:30.0901 5380 MBR partitions:
23:21:30.0901 5380 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
23:21:30.0901 5380 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x230F1800
23:21:30.0901 5380 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23155800, BlocksNum 0x22A5000
23:21:30.0901 5380 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
23:21:30.0901 5380 ============================================================
23:21:30.0931 5380 C: <-> \Device\Harddisk0\DR0\Partition2
23:21:30.0971 5380 D: <-> \Device\Harddisk0\DR0\Partition3
23:21:30.0971 5380 ============================================================
23:21:30.0971 5380 Initialize success
23:21:30.0971 5380 ============================================================
23:21:54.0801 6064 ============================================================
23:21:54.0801 6064 Scan started
23:21:54.0801 6064 Mode: Manual; TDLFS;
23:21:54.0801 6064 ============================================================
23:21:56.0143 6064 ================ Scan services =============================
23:21:56.0343 6064 [ 1b00662092f9f9568b995902f0cc40d5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
23:21:56.0343 6064 1394ohci - ok
23:21:56.0413 6064 [ 6f11e88748cdefd2f76aa215f97ddfe5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
23:21:56.0423 6064 ACPI - ok
23:21:56.0463 6064 [ 63b05a0420ce4bf0e4af6dcc7cada254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
23:21:56.0463 6064 AcpiPmi - ok
23:21:56.0593 6064 [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:21:56.0593 6064 AdobeARMservice - ok
23:21:56.0783 6064 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:21:56.0793 6064 AdobeFlashPlayerUpdateSvc - ok
23:21:56.0863 6064 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:21:56.0893 6064 adp94xx - ok
23:21:56.0933 6064 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:21:56.0943 6064 adpahci - ok
23:21:56.0973 6064 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:21:56.0983 6064 adpu320 - ok
23:21:57.0023 6064 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:21:57.0033 6064 AeLookupSvc - ok
23:21:57.0133 6064 [ d1e343bc00136ce03c4d403194d06a80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
23:21:57.0133 6064 AERTFilters - ok
23:21:57.0213 6064 [ db9d6c6b2cd95a9ca414d045b627422e ] AFD C:\Windows\system32\drivers\afd.sys
23:21:57.0223 6064 AFD - ok
23:21:57.0283 6064 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
23:21:57.0283 6064 agp440 - ok
23:21:57.0323 6064 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
23:21:57.0323 6064 ALG - ok
23:21:57.0373 6064 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
23:21:57.0383 6064 aliide - ok
23:21:57.0443 6064 [ 4609419a19891c706455c1a747431af9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:21:57.0443 6064 AMD External Events Utility - ok
23:21:57.0473 6064 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\DRIVERS\amdide.sys
23:21:57.0473 6064 amdide - ok
23:21:57.0513 6064 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:21:57.0513 6064 AmdK8 - ok
23:21:57.0783 6064 [ 4bffead896affbc80c86f62cd18f17c9 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
23:21:57.0943 6064 amdkmdag - ok
23:21:58.0013 6064 [ a7155a832f24cf5b048f6048380636ec ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
23:21:58.0023 6064 amdkmdap - ok
23:21:58.0083 6064 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:21:58.0083 6064 AmdPPM - ok
23:21:58.0103 6064 [ 53d8d46d51d390abdb54eca623165cb7 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
23:21:58.0103 6064 amdsata - ok
23:21:58.0163 6064 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:21:58.0163 6064 amdsbs - ok
23:21:58.0203 6064 [ 75c51148154e34eb3d7bb84749a758d5 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
23:21:58.0203 6064 amdxata - ok
23:21:58.0273 6064 [ 42fd751b27fa0e9c69bb39f39e409594 ] AppID C:\Windows\system32\drivers\appid.sys
23:21:58.0283 6064 AppID - ok
23:21:58.0313 6064 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:21:58.0323 6064 AppIDSvc - ok
23:21:58.0333 6064 [ d065be66822847b7f127d1f90158376e ] Appinfo C:\Windows\System32\appinfo.dll
23:21:58.0343 6064 Appinfo - ok
23:21:58.0393 6064 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys
23:21:58.0393 6064 arc - ok
23:21:58.0423 6064 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:21:58.0423 6064 arcsas - ok
23:21:58.0463 6064 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:21:58.0473 6064 AsyncMac - ok
23:21:58.0513 6064 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\DRIVERS\atapi.sys
23:21:58.0513 6064 atapi - ok
23:21:58.0623 6064 [ 40734f3a5eec4c4ac6a1faf10b293714 ] athr C:\Windows\system32\DRIVERS\athrx.sys
23:21:58.0713 6064 athr - ok
23:21:58.0803 6064 [ 2d648572ba9a610952fcafba1e119c2d ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
23:21:58.0803 6064 AtiHdmiService - ok
23:21:58.0863 6064 [ c07a040d6b5a42dd41ee386cf90974c8 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
23:21:58.0863 6064 AtiPcie - ok
23:21:58.0933 6064 [ 07721a77180edd4d39ccb865bf63c7fd ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:21:58.0963 6064 AudioEndpointBuilder - ok
23:21:59.0003 6064 [ 07721a77180edd4d39ccb865bf63c7fd ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:21:59.0003 6064 AudioSrv - ok
23:21:59.0085 6064 [ b20b5fa5ca050e9926e4d1db81501b32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:21:59.0095 6064 AxInstSV - ok
23:21:59.0145 6064 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:21:59.0165 6064 b06bdrv - ok
23:21:59.0235 6064 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:21:59.0245 6064 b57nd60a - ok
23:21:59.0275 6064 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:21:59.0275 6064 BDESVC - ok
23:21:59.0295 6064 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:21:59.0305 6064 Beep - ok
23:21:59.0345 6064 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:21:59.0345 6064 blbdrive - ok
23:21:59.0385 6064 [ 19d20159708e152267e53b66677a4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:21:59.0385 6064 bowser - ok
23:21:59.0415 6064 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:21:59.0415 6064 BrFiltLo - ok
23:21:59.0435 6064 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:21:59.0435 6064 BrFiltUp - ok
23:21:59.0465 6064 [ 94fbc06f294d58d02361918418f996e3 ] Browser C:\Windows\System32\browser.dll
23:21:59.0475 6064 Browser - ok
23:21:59.0505 6064 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:21:59.0515 6064 Brserid - ok
23:21:59.0545 6064 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:21:59.0545 6064 BrSerWdm - ok
23:21:59.0565 6064 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:21:59.0565 6064 BrUsbMdm - ok
23:21:59.0585 6064 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:21:59.0595 6064 BrUsbSer - ok
23:21:59.0615 6064 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:21:59.0615 6064 BTHMODEM - ok
23:21:59.0675 6064 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
23:21:59.0685 6064 bthserv - ok
23:21:59.0715 6064 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:21:59.0715 6064 cdfs - ok
23:21:59.0785 6064 [ 83d2d75e1efb81b3450c18131443f7db ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:21:59.0795 6064 cdrom - ok
23:21:59.0865 6064 [ 312e2f82af11e79906898ac3e3d58a1f ] CertPropSvc C:\Windows\System32\certprop.dll
23:21:59.0865 6064 CertPropSvc - ok
23:21:59.0955 6064 [ 533328a3d9a9c286682525842547540c ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
23:21:59.0955 6064 CinemaNow Service - ok
23:22:00.0015 6064 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:22:00.0025 6064 circlass - ok
23:22:00.0065 6064 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
23:22:00.0075 6064 CLFS - ok
23:22:00.0155 6064 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:22:00.0155 6064 clr_optimization_v2.0.50727_32 - ok
23:22:00.0215 6064 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:22:00.0225 6064 clr_optimization_v2.0.50727_64 - ok
23:22:00.0305 6064 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:22:00.0315 6064 clr_optimization_v4.0.30319_32 - ok
23:22:00.0415 6064 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:22:00.0415 6064 clr_optimization_v4.0.30319_64 - ok
23:22:00.0475 6064 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:22:00.0475 6064 CmBatt - ok
23:22:00.0495 6064 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
23:22:00.0495 6064 cmdide - ok
23:22:00.0555 6064 [ ca7720b73446fddec5c69519c1174c98 ] CNG C:\Windows\system32\Drivers\cng.sys
23:22:00.0565 6064 CNG - ok
23:22:00.0615 6064 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:22:00.0615 6064 Compbatt - ok
23:22:00.0665 6064 [ f26b3a86f6fa87ca360b879581ab4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:22:00.0675 6064 CompositeBus - ok
23:22:00.0695 6064 COMSysApp - ok
23:22:00.0745 6064 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:22:00.0755 6064 crcdisk - ok
23:22:00.0845 6064 [ f02786b66375292e58c8777082d4396d ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:22:00.0855 6064 CryptSvc - ok
23:22:00.0945 6064 [ 72794d112cbaff3bc0c29bf7350d4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
23:22:00.0985 6064 cvhsvc - ok
23:22:01.0065 6064 [ 7266972e86890e2b30c0c322e906b027 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:22:01.0085 6064 DcomLaunch - ok
23:22:01.0155 6064 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
23:22:01.0165 6064 defragsvc - ok
23:22:01.0195 6064 [ 9c253ce7311ca60fc11c774692a13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:22:01.0205 6064 DfsC - ok
23:22:01.0265 6064 [ 113212d25d0c9bb8901a9833774da97f ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
23:22:01.0265 6064 dg_ssudbus - ok
23:22:01.0335 6064 [ ce3b9562d997f69b330d181a8875960f ] Dhcp C:\Windows\system32\dhcpcore.dll
23:22:01.0345 6064 Dhcp - ok
23:22:01.0365 6064 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
23:22:01.0365 6064 discache - ok
23:22:01.0425 6064 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:22:01.0435 6064 Disk - ok
23:22:01.0495 6064 [ 85cf424c74a1d5ec33533e1dbff9920a ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:22:01.0495 6064 Dnscache - ok
23:22:01.0535 6064 [ 14452acdb09b70964c8c21bf80a13acb ] dot3svc C:\Windows\System32\dot3svc.dll
23:22:01.0535 6064 dot3svc - ok
23:22:01.0565 6064 [ 8c2ba6bea949ee6e68385f5692bafb94 ] DPS C:\Windows\system32\dps.dll
23:22:01.0575 6064 DPS - ok
23:22:01.0635 6064 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:22:01.0635 6064 drmkaud - ok
23:22:01.0695 6064 [ 1633b9abf52784a1331476397a48cbef ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:22:01.0725 6064 DXGKrnl - ok
23:22:01.0785 6064 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:22:01.0785 6064 EapHost - ok
23:22:01.0905 6064 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:22:02.0005 6064 ebdrv - ok
23:22:02.0065 6064 [ 156f6159457d0aa7e59b62681b56eb90 ] EFS C:\Windows\System32\lsass.exe
23:22:02.0065 6064 EFS - ok
23:22:02.0135 6064 [ 47c071994c3f649f23d9cd075ac9304a ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:22:02.0165 6064 ehRecvr - ok
23:22:02.0225 6064 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
23:22:02.0225 6064 ehSched - ok
23:22:02.0275 6064 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:22:02.0295 6064 elxstor - ok
23:22:02.0325 6064 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
23:22:02.0325 6064 ErrDev - ok
23:22:02.0395 6064 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
23:22:02.0405 6064 EventSystem - ok
23:22:02.0435 6064 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
23:22:02.0445 6064 exfat - ok
23:22:02.0475 6064 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:22:02.0485 6064 fastfat - ok
23:22:02.0535 6064 [ d607b2f1bee3992aa6c2c92c0a2f0855 ] Fax C:\Windows\system32\fxssvc.exe
23:22:02.0575 6064 Fax - ok
23:22:02.0615 6064 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:22:02.0615 6064 fdc - ok
23:22:02.0635 6064 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:22:02.0645 6064 fdPHost - ok
23:22:02.0665 6064 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:22:02.0665 6064 FDResPub - ok
23:22:02.0685 6064 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:22:02.0685 6064 FileInfo - ok
23:22:02.0705 6064 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:22:02.0705 6064 Filetrace - ok
23:22:02.0725 6064 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:22:02.0735 6064 flpydisk - ok
23:22:02.0765 6064 [ f7866af72abbaf84b1fa5aa195378c59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:22:02.0765 6064 FltMgr - ok
23:22:02.0855 6064 [ cb5e4b9c319e3c6bb363eb7e58a4a051 ] FontCache C:\Windows\system32\FntCache.dll
23:22:02.0905 6064 FontCache - ok
23:22:02.0955 6064 [ 8d89e3131c27fdd6932189cb785e1b7a ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:22:02.0965 6064 FontCache3.0.0.0 - ok
23:22:02.0985 6064 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:22:02.0985 6064 FsDepends - ok
23:22:03.0035 6064 [ d3e3f93d67821a2db2b3d9fac2dc2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:22:03.0035 6064 Fs_Rec - ok
23:22:03.0105 6064 [ ae87ba80d0ec3b57126ed2cdc15b24ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:22:03.0115 6064 fvevol - ok
23:22:03.0135 6064 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:22:03.0135 6064 gagp30kx - ok
23:22:03.0235 6064 [ ce16683cfd11fe70bde435dda5ea1fca ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
23:22:03.0235 6064 GameConsoleService - ok
23:22:03.0285 6064 [ fe5ab4525bc2ec68b9119a6e5d40128b ] gpsvc C:\Windows\System32\gpsvc.dll
23:22:03.0315 6064 gpsvc - ok
23:22:03.0425 6064 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:22:03.0425 6064 gupdate - ok
23:22:03.0455 6064 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:22:03.0455 6064 gupdatem - ok
23:22:03.0525 6064 [ 5d4bc124faae6730ac002cdb67bf1a1c ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:22:03.0525 6064 gusvc - ok
23:22:03.0565 6064 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:22:03.0565 6064 hcw85cir - ok
23:22:03.0605 6064 [ 6410f6f415b2a5a9037224c41da8bf12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:22:03.0615 6064 HdAudAddService - ok
23:22:03.0665 6064 [ 0a49913402747a0b67de940fb42cbdbb ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:22:03.0665 6064 HDAudBus - ok
23:22:03.0685 6064 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:22:03.0685 6064 HidBatt - ok
23:22:03.0715 6064 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:22:03.0715 6064 HidBth - ok
23:22:03.0735 6064 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:22:03.0735 6064 HidIr - ok
23:22:03.0755 6064 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll
23:22:03.0765 6064 hidserv - ok
23:22:03.0825 6064 [ b3bf6b5b50006def50b66306d99fcf6f ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:22:03.0825 6064 HidUsb - ok
23:22:03.0855 6064 [ efa58ede58dd74388ffd04cb32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:22:03.0865 6064 hkmsvc - ok
23:22:03.0885 6064 [ 046b2673767ca626e2cfb7fdf735e9e8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:22:03.0895 6064 HomeGroupListener - ok
23:22:03.0935 6064 [ 06a7422224d9865a5613710a089987df ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:22:03.0945 6064 HomeGroupProvider - ok
23:22:04.0055 6064 [ 13bb1114451c63bfb41ba7daa4d70a29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
23:22:04.0055 6064 HP Support Assistant Service - ok
23:22:04.0125 6064 [ 3a09322a8aa8b0c79036686a0ebe7b4c ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
23:22:04.0125 6064 HP Wireless Assistant Service - ok
23:22:04.0185 6064 [ bcc4a8b2e2e902f52e7f2e7d8e125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
23:22:04.0185 6064 HPDrvMntSvc.exe - ok
23:22:04.0265 6064 [ ec9739a46f1f83c6e52a7a4697f44a65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
23:22:04.0305 6064 hpqwmiex - ok
23:22:04.0345 6064 [ 0886d440058f203eba0e1825e4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
23:22:04.0345 6064 HpSAMD - ok
23:22:04.0445 6064 [ f630dd7564ebb7248a13b1cc774d9ea6 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
23:22:04.0445 6064 HPWMISVC - ok
23:22:04.0525 6064 [ cee049cac4efa7f4e1e4ad014414a5d4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:22:04.0555 6064 HTTP - ok
23:22:04.0585 6064 [ f17766a19145f111856378df337a5d79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:22:04.0585 6064 hwpolicy - ok
23:22:04.0635 6064 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:22:04.0645 6064 i8042prt - ok
23:22:04.0705 6064 [ b75e45c564e944a2657167d197ab29da ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:22:04.0715 6064 iaStorV - ok
23:22:04.0785 6064 [ 2f2be70d3e02b6fa877921ab9516d43c ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:22:04.0825 6064 idsvc - ok
23:22:05.0055 6064 [ a87261ef1546325b559374f5689cf5bc ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
23:22:05.0225 6064 igfx - ok
23:22:05.0267 6064 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:22:05.0267 6064 iirsp - ok
23:22:05.0347 6064 [ c5b4683680df085b57bc53e5ef34861f ] IKEEXT C:\Windows\System32\ikeext.dll
23:22:05.0387 6064 IKEEXT - ok
23:22:05.0487 6064 [ b88e24bd77a0ce2cffee2facf1151be0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:22:05.0577 6064 IntcAzAudAddService - ok
23:22:05.0607 6064 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\DRIVERS\intelide.sys
23:22:05.0607 6064 intelide - ok
23:22:05.0667 6064 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:22:05.0667 6064 intelppm - ok
23:22:05.0727 6064 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:22:05.0737 6064 IPBusEnum - ok
23:22:05.0757 6064 [ 722dd294df62483cecaae6e094b4d695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:22:05.0767 6064 IpFilterDriver - ok
23:22:05.0787 6064 [ e2b4a4494db7cb9b89b55ca268c337c5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:22:05.0787 6064 IPMIDRV - ok
23:22:05.0837 6064 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:22:05.0837 6064 IPNAT - ok
23:22:05.0887 6064 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:22:05.0887 6064 IRENUM - ok
23:22:05.0907 6064 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
23:22:05.0907 6064 isapnp - ok
23:22:05.0947 6064 [ fa4d2557de56d45b0a346f93564be6e1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:22:05.0957 6064 iScsiPrt - ok
23:22:06.0007 6064 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:22:06.0007 6064 kbdclass - ok
23:22:06.0057 6064 [ 6def98f8541e1b5dceb2c822a11f7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:22:06.0067 6064 kbdhid - ok
23:22:06.0087 6064 [ 156f6159457d0aa7e59b62681b56eb90 ] KeyIso C:\Windows\system32\lsass.exe
23:22:06.0087 6064 KeyIso - ok
23:22:06.0227 6064 [ 162a5e3a691b903111526147c8d29e6d ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
23:22:06.0237 6064 Kodak AiO Network Discovery Service - ok
23:22:06.0307 6064 [ b5e53fca219a6491e9a1ba146a5d2452 ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
23:22:06.0337 6064 Kodak AiO Status Monitor Service - ok
23:22:06.0377 6064 [ 4f4b5fde429416877de7143044582eb5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:22:06.0377 6064 KSecDD - ok
23:22:06.0397 6064 [ 6f40465a44ecdc1731befafec5bdd03c ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:22:06.0407 6064 KSecPkg - ok
23:22:06.0457 6064 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:22:06.0457 6064 ksthunk - ok
23:22:06.0537 6064 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
23:22:06.0547 6064 KtmRm - ok
23:22:06.0617 6064 [ 81f1d04d4d0e433099365127375fd501 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:22:06.0617 6064 LanmanServer - ok
23:22:06.0657 6064 [ 27026eac8818e8a6c00a1cad2f11d29a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:22:06.0657 6064 LanmanWorkstation - ok
23:22:06.0737 6064 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:22:06.0737 6064 lltdio - ok
23:22:06.0807 6064 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:22:06.0817 6064 lltdsvc - ok
23:22:06.0837 6064 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:22:06.0847 6064 lmhosts - ok
23:22:06.0907 6064 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:22:06.0907 6064 LSI_FC - ok
23:22:06.0937 6064 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:22:06.0937 6064 LSI_SAS - ok
23:22:06.0967 6064 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:22:06.0967 6064 LSI_SAS2 - ok
23:22:06.0987 6064 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:22:06.0997 6064 LSI_SCSI - ok
23:22:07.0047 6064 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
23:22:07.0047 6064 luafv - ok
23:22:07.0087 6064 [ f84c8f1000bc11e3b7b23cbd3baff111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:22:07.0097 6064 Mcx2Svc - ok
23:22:07.0127 6064 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:22:07.0127 6064 megasas - ok
23:22:07.0167 6064 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:22:07.0177 6064 MegaSR - ok
23:22:07.0207 6064 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
23:22:07.0217 6064 MMCSS - ok
23:22:07.0247 6064 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:22:07.0257 6064 Modem - ok
23:22:07.0307 6064 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:22:07.0307 6064 monitor - ok
23:22:07.0357 6064 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:22:07.0357 6064 mouclass - ok
23:22:07.0407 6064 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:22:07.0407 6064 mouhid - ok
23:22:07.0427 6064 [ 791af66c4d0e7c90a3646066386fb571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:22:07.0427 6064 mountmgr - ok
23:22:07.0457 6064 [ 609d1d87649ecc19796f4d76d4c15cea ] mpio C:\Windows\system32\DRIVERS\mpio.sys
23:22:07.0467 6064 mpio - ok
23:22:07.0497 6064 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:22:07.0497 6064 mpsdrv - ok
23:22:07.0517 6064 [ 30524261bb51d96d6fcbac20c810183c ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:22:07.0527 6064 MRxDAV - ok
23:22:07.0557 6064 [ 040d62a9d8ad28922632137acdd984f2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:22:07.0567 6064 mrxsmb - ok
23:22:07.0607 6064 [ f0067552f8f9b33d7c59403ab808a3cb ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:22:07.0607 6064 mrxsmb10 - ok
23:22:07.0627 6064 [ 3c142d31de9f2f193218a53fe2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:22:07.0637 6064 mrxsmb20 - ok
23:22:07.0667 6064 [ 5e939cf91ea4a841dbafe4627e0292bb ] msahci C:\Windows\system32\DRIVERS\msahci.sys
23:22:07.0667 6064 msahci - ok
23:22:07.0707 6064 [ 8d27b597229aed79430fb9db3bcbfbd0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
23:22:07.0717 6064 msdsm - ok
23:22:07.0747 6064 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
23:22:07.0757 6064 MSDTC - ok
23:22:07.0787 6064 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:22:07.0787 6064 Msfs - ok
23:22:07.0807 6064 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:22:07.0817 6064 mshidkmdf - ok
23:22:07.0847 6064 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
23:22:07.0847 6064 msisadrv - ok
23:22:07.0907 6064 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:22:07.0917 6064 MSiSCSI - ok
23:22:07.0927 6064 msiserver - ok
23:22:07.0997 6064 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:22:07.0997 6064 MSKSSRV - ok
23:22:08.0007 6064 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:22:08.0017 6064 MSPCLOCK - ok
23:22:08.0027 6064 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:22:08.0037 6064 MSPQM - ok
23:22:08.0067 6064 [ 89cb141aa8616d8c6a4610fa26c60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:22:08.0077 6064 MsRPC - ok
23:22:08.0117 6064 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:22:08.0117 6064 mssmbios - ok
23:22:08.0147 6064 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:22:08.0147 6064 MSTEE - ok
23:22:08.0172 6064 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:22:08.0175 6064 MTConfig - ok
23:22:08.0213 6064 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:22:08.0213 6064 Mup - ok
23:22:08.0239 6064 [ 4987e079a4530fa737a128be54b63b12 ] napagent C:\Windows\system32\qagentRT.dll
23:22:08.0249 6064 napagent - ok
23:22:08.0309 6064 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:22:08.0319 6064 NativeWifiP - ok
23:22:08.0379 6064 [ cad515dbd07d082bb317d9928ce8962c ] NDIS C:\Windows\system32\drivers\ndis.sys
23:22:08.0409 6064 NDIS - ok
23:22:08.0439 6064 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:22:08.0439 6064 NdisCap - ok
23:22:08.0499 6064 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:22:08.0499 6064 NdisTapi - ok
23:22:08.0539 6064 [ f105ba1e22bf1f2ee8f005d4305e4bec ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:22:08.0539 6064 Ndisuio - ok
23:22:08.0559 6064 [ 557dfab9ca1fcb036ac77564c010dad3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:22:08.0571 6064 NdisWan - ok
23:22:08.0588 6064 [ 659b74fb74b86228d6338d643cd3e3cf ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:22:08.0590 6064 NDProxy - ok
23:22:08.0631 6064 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:22:08.0631 6064 NetBIOS - ok
23:22:08.0661 6064 [ 9162b273a44ab9dce5b44362731d062a ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:22:08.0661 6064 NetBT - ok
23:22:08.0681 6064 [ 156f6159457d0aa7e59b62681b56eb90 ] Netlogon C:\Windows\system32\lsass.exe
23:22:08.0691 6064 Netlogon - ok
23:22:08.0751 6064 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
23:22:08.0771 6064 Netman - ok
23:22:08.0801 6064 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
23:22:08.0821 6064 netprofm - ok
23:22:08.0851 6064 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:22:08.0861 6064 NetTcpPortSharing - ok
23:22:09.0041 6064 [ 64428dfdaf6e88366cb51f45a79c5f69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
23:22:09.0211 6064 netw5v64 - ok
23:22:09.0251 6064 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:22:09.0251 6064 nfrd960 - ok
23:22:09.0321 6064 [ d9a0ce66046d6efa0c61baa885cba0a8 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:22:09.0331 6064 NlaSvc - ok
23:22:09.0411 6064 [ 351533acc2a069b94e80bbfc177e8fdf ] NPF C:\Windows\system32\drivers\npf.sys
23:22:09.0411 6064 NPF - ok
23:22:09.0431 6064 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:22:09.0431 6064 Npfs - ok
23:22:09.0451 6064 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:22:09.0461 6064 nsi - ok
23:22:09.0471 6064 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:22:09.0471 6064 nsiproxy - ok
23:22:09.0561 6064 [ 378e0e0dfea67d98ae6ea53adbbd76bc ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:22:09.0631 6064 Ntfs - ok
23:22:09.0661 6064 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
23:22:09.0661 6064 Null - ok
23:22:09.0691 6064 [ a4d9c9a608a97f59307c2f2600edc6a4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:22:09.0701 6064 nvraid - ok
23:22:09.0741 6064 [ 6c1d5f70e7a6a3fd1c90d840edc048b9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:22:09.0751 6064 nvstor - ok
23:22:09.0791 6064 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
23:22:09.0791 6064 nv_agp - ok
23:22:09.0871 6064 [ 785f487a64950f3cb8e9f16253ba3b7b ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:22:09.0881 6064 odserv - ok
23:22:09.0921 6064 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:22:09.0921 6064 ohci1394 - ok
23:22:09.0991 6064 [ 9d10f99a6712e28f8acd5641e3a7ea6b ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:22:09.0991 6064 ose - ok
23:22:10.0201 6064 [ 61bffb5f57ad12f83ab64b7181829b34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:22:10.0381 6064 osppsvc - ok
23:22:10.0431 6064 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:22:10.0441 6064 p2pimsvc - ok
23:22:10.0481 6064 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:22:10.0501 6064 p2psvc - ok
23:22:10.0541 6064 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:22:10.0551 6064 Parport - ok
23:22:10.0601 6064 [ 90061b1acfe8ccaa5345750ffe08d8b8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:22:10.0601 6064 partmgr - ok
23:22:10.0681 6064 [ 7c0582921913d00180ec2b8518ba135c ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys
23:22:10.0691 6064 pbfilter - ok
23:22:10.0721 6064 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:22:10.0731 6064 PcaSvc - ok
23:22:10.0751 6064 [ f36f6504009f2fb0dfd1b17a116ad74b ] pci C:\Windows\system32\DRIVERS\pci.sys
23:22:10.0751 6064 pci - ok
23:22:10.0791 6064 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\DRIVERS\pciide.sys
23:22:10.0801 6064 pciide - ok
23:22:10.0831 6064 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:22:10.0841 6064 pcmcia - ok
23:22:10.0861 6064 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:22:10.0861 6064 pcw - ok
23:22:10.0901 6064 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:22:10.0921 6064 PEAUTH - ok
23:22:11.0011 6064 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:22:11.0011 6064 PerfHost - ok
23:22:11.0121 6064 [ 557e9a86f65f0de18c9b6751dfe9d3f1 ] pla C:\Windows\system32\pla.dll
23:22:11.0181 6064 pla - ok
23:22:11.0223 6064 [ 98b1721b8718164293b9701b98c52d77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:22:11.0243 6064 PlugPlay - ok
23:22:11.0263 6064 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:22:11.0263 6064 PNRPAutoReg - ok
23:22:11.0293 6064 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:22:11.0293 6064 PNRPsvc - ok
23:22:11.0343 6064 [ 166eb40d1f5b47e615de3d0fffe5f243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:22:11.0353 6064 PolicyAgent - ok
23:22:11.0393 6064 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
23:22:11.0403 6064 Power - ok
23:22:11.0463 6064 [ 27cc19e81ba5e3403c48302127bda717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:22:11.0473 6064 PptpMiniport - ok
23:22:11.0503 6064 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:22:11.0503 6064 Processor - ok
23:22:11.0553 6064 [ 97293447431311c06703368ad0f6c4be ] ProfSvc C:\Windows\system32\profsvc.dll
23:22:11.0563 6064 ProfSvc - ok
23:22:11.0583 6064 [ 156f6159457d0aa7e59b62681b56eb90 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:22:11.0583 6064 ProtectedStorage - ok
23:22:11.0613 6064 [ ee992183bd8eaefd9973f352e587a299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:22:11.0623 6064 Psched - ok
23:22:11.0693 6064 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:22:11.0763 6064 ql2300 - ok
23:22:11.0783 6064 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:22:11.0783 6064 ql40xx - ok
23:22:11.0833 6064 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
23:22:11.0843 6064 QWAVE - ok
23:22:11.0863 6064 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:22:11.0863 6064 QWAVEdrv - ok
23:22:11.0883 6064 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:22:11.0883 6064 RasAcd - ok
23:22:11.0933 6064 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:22:11.0943 6064 RasAgileVpn - ok
23:22:11.0963 6064 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
23:22:11.0963 6064 RasAuto - ok
23:22:12.0003 6064 [ 87a6e852a22991580d6d39adc4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:22:12.0003 6064 Rasl2tp - ok
23:22:12.0023 6064 [ 47394ed3d16d053f5906efe5ab51cc83 ] RasMan C:\Windows\System32\rasmans.dll
23:22:12.0033 6064 RasMan - ok
23:22:12.0053 6064 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:22:12.0063 6064 RasPppoe - ok
23:22:12.0103 6064 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:22:12.0113 6064 RasSstp - ok
23:22:12.0133 6064 [ 3bac8142102c15d59a87757c1d41dce5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:22:12.0143 6064 rdbss - ok
23:22:12.0173 6064 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:22:12.0173 6064 rdpbus - ok
23:22:12.0193 6064 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:22:12.0193 6064 RDPCDD - ok
23:22:12.0263 6064 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:22:12.0263 6064 RDPENCDD - ok
23:22:12.0283 6064 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:22:12.0293 6064 RDPREFMP - ok
23:22:12.0333 6064 [ 447de7e3dea39d422c1504f245b668b1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:22:12.0343 6064 RDPWD - ok
23:22:12.0393 6064 [ 634b9a2181d98f15941236886164ec8b ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:22:12.0393 6064 rdyboost - ok
23:22:12.0463 6064 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:22:12.0473 6064 RemoteAccess - ok
23:22:12.0513 6064 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:22:12.0523 6064 RemoteRegistry - ok
23:22:12.0573 6064 [ b60f58f175de20a6739194e85b035178 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
23:22:12.0583 6064 rpcapd - ok
23:22:12.0603 6064 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:22:12.0603 6064 RpcEptMapper - ok
23:22:12.0633 6064 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
23:22:12.0633 6064 RpcLocator - ok
23:22:12.0673 6064 [ 7266972e86890e2b30c0c322e906b027 ] RpcSs C:\Windows\system32\rpcss.dll
23:22:12.0683 6064 RpcSs - ok
23:22:12.0743 6064 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:22:12.0753 6064 rspndr - ok
23:22:12.0823 6064 [ 22d6b47d004a6568c500680be2972854 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
23:22:12.0823 6064 RSUSBSTOR - ok
23:22:12.0863 6064 [ 4fbda07ef0a3097ce14c5cabf723b278 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
23:22:12.0873 6064 RTL8167 - ok
23:22:12.0943 6064 [ 5fff3e71b4724bb10918fd6dd7413d99 ] RtVOsdService C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
23:22:12.0943 6064 RtVOsdService - ok
23:22:12.0963 6064 [ 156f6159457d0aa7e59b62681b56eb90 ] SamSs C:\Windows\system32\lsass.exe
23:22:12.0973 6064 SamSs - ok
23:22:12.0993 6064 [ e3bbb89983daf5622c1d50cf49f28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
23:22:12.0993 6064 sbp2port - ok
23:22:13.0033 6064 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:22:13.0043 6064 SCardSvr - ok
23:22:13.0073 6064 [ c94da20c7e3ba1dca269bc8460d98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:22:13.0073 6064 scfilter - ok
23:22:13.0183 6064 [ 624d0f5ff99428bb90a5b8a4123e918e ] Schedule C:\Windows\system32\schedsvc.dll
23:22:13.0233 6064 Schedule - ok
23:22:13.0263 6064 [ 312e2f82af11e79906898ac3e3d58a1f ] SCPolicySvc C:\Windows\System32\certprop.dll
23:22:13.0273 6064 SCPolicySvc - ok
23:22:13.0323 6064 [ 54e47ad086782d3ae9417c155cdceb9b ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
23:22:13.0323 6064 sdbus - ok
23:22:13.0363 6064 [ 765a27c3279ce11d14cb9e4f5869fca5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:22:13.0373 6064 SDRSVC - ok
23:22:13.0413 6064 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:22:13.0423 6064 secdrv - ok
23:22:13.0443 6064 [ 463b386ebc70f98da5dff85f7e654346 ] seclogon C:\Windows\system32\seclogon.dll
23:22:13.0443 6064 seclogon - ok
23:22:13.0463 6064 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\System32\sens.dll
23:22:13.0473 6064 SENS - ok
23:22:13.0513 6064 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:22:13.0523 6064 SensrSvc - ok
23:22:13.0573 6064 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:22:13.0573 6064 Serenum - ok
23:22:13.0603 6064 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:22:13.0613 6064 Serial - ok
23:22:13.0633 6064 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:22:13.0643 6064 sermouse - ok
23:22:13.0703 6064 [ c3bc61ce47ff6f4e88ab8a3b429a36af ] SessionEnv C:\Windows\system32\sessenv.dll
23:22:13.0703 6064 SessionEnv - ok
23:22:13.0723 6064 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
23:22:13.0733 6064 sffdisk - ok
23:22:13.0753 6064 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:22:13.0753 6064 sffp_mmc - ok
23:22:13.0773 6064 [ 178298f767fe638c9fedcbdef58bb5e4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
23:22:13.0773 6064 sffp_sd - ok
23:22:13.0833 6064 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:22:13.0833 6064 sfloppy - ok
23:22:13.0893 6064 [ c6cc9297bd53e5229653303e556aa539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
23:22:13.0923 6064 Sftfs - ok
23:22:14.0003 6064 [ 13693b6354dd6e72dc5131da7d764b90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
23:22:14.0013 6064 sftlist - ok
23:22:14.0043 6064 [ 390aa7bc52cee43f6790cdea1e776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
23:22:14.0043 6064 Sftplay - ok
23:22:14.0073 6064 [ 617e29a0b0a2807466560d4c4e338d3e ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
23:22:14.0073 6064 Sftredir - ok
23:22:14.0093 6064 [ 8f571f016fa1976f445147e9e6c8ae9b ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
23:22:14.0093 6064 Sftvol - ok
23:22:14.0113 6064 [ c3cddd18f43d44ab713cf8c4916f7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
23:22:14.0123 6064 sftvsa - ok
23:22:14.0173 6064 [ 0298ac45d0efffb2db4baa7dd186e7bf ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:22:14.0173 6064 ShellHWDetection - ok
23:22:14.0213 6064 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:22:14.0213 6064 SiSRaid2 - ok
23:22:14.0253 6064 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:22:14.0253 6064 SiSRaid4 - ok
23:22:14.0343 6064 [ c70aebd3608ed9fcea2a1bae83567ffc ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:22:14.0343 6064 SkypeUpdate - ok
23:22:14.0393 6064 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:22:14.0393 6064 Smb - ok
23:22:14.0453 6064 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:22:14.0463 6064 SNMPTRAP - ok
23:22:14.0483 6064 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:22:14.0483 6064 spldr - ok
23:22:14.0533 6064 [ f8e1fa03cb70d54a9892ac88b91d1e7b ] Spooler C:\Windows\System32\spoolsv.exe
23:22:14.0563 6064 Spooler - ok
23:22:14.0683 6064 [ 913d843498553a1bc8f8dbad6358e49f ] sppsvc C:\Windows\system32\sppsvc.exe
23:22:14.0813 6064 sppsvc - ok
23:22:14.0833 6064 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:22:14.0843 6064 sppuinotify - ok
23:22:14.0883 6064 [ 2408c0366d96bcdf63e8f1c78e4a29c5 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:22:14.0883 6064 srv - ok
23:22:14.0913 6064 [ 76548f7b818881b47d8d1ae1be9c11f8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:22:14.0923 6064 srv2 - ok
23:22:14.0983 6064 [ 0c4540311e11664b245a263e1154cef8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
23:22:14.0993 6064 SrvHsfHDA - ok
23:22:15.0063 6064 [ 02071d207a9858fbe3a48cbfd59c4a04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
23:22:15.0113 6064 SrvHsfV92 - ok
23:22:15.0153 6064 [ 18e40c245dbfaf36fd0134a7ef2df396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
23:22:15.0183 6064 SrvHsfWinac - ok
23:22:15.0233 6064 [ 0af6e19d39c70844c5caa8fb0183c36e ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:22:15.0243 6064 srvnet - ok
23:22:15.0293 6064 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:22:15.0303 6064 SSDPSRV - ok
23:22:15.0323 6064 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:22:15.0333 6064 SstpSvc - ok
23:22:15.0393 6064 [ 78cd64791f8634cf7b582fd085e57c4b ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
23:22:15.0393 6064 ssudmdm - ok
23:22:15.0413 6064 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:22:15.0423 6064 stexstor - ok
23:22:15.0473 6064 [ decacb6921ded1a38642642685d77dac ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
23:22:15.0473 6064 StillCam - ok
23:22:15.0543 6064 [ 52d0e33b681bd0f33fdc08812fee4f7d ] stisvc C:\Windows\System32\wiaservc.dll
23:22:15.0573 6064 stisvc - ok
23:22:15.0603 6064 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:22:15.0603 6064 swenum - ok
23:22:15.0643 6064 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
23:22:15.0663 6064 swprv - ok
23:22:15.0773 6064 [ 961cfac2a5318e212f459d651f28e0a4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:22:15.0845 6064 SynTP - ok
23:22:16.0035 6064 [ 3c1284516a62078fb68f768de4f1a7be ] SysMain C:\Windows\system32\sysmain.dll
23:22:16.0125 6064 SysMain - ok
23:22:16.0205 6064 [ 238935c3cf2854886dc7cbb2a0e2cc66 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:22:16.0215 6064 TabletInputService - ok
23:22:16.0235 6064 [ 884264ac597b690c5707c89723bb8e7b ] TapiSrv C:\Windows\System32\tapisrv.dll
23:22:16.0255 6064 TapiSrv - ok
23:22:16.0275 6064 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
23:22:16.0285 6064 TBS - ok
23:22:16.0395 6064 [ 624c5b3aa4c99b3184bb922d9ece3ff0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:22:16.0465 6064 Tcpip - ok
23:22:16.0575 6064 [ 624c5b3aa4c99b3184bb922d9ece3ff0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:22:16.0605 6064 TCPIP6 - ok
23:22:16.0625 6064 [ 76d078af6f587b162d50210f761eb9ed ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:22:16.0635 6064 tcpipreg - ok
23:22:16.0655 6064 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:22:16.0655 6064 TDPIPE - ok
23:22:16.0695 6064 [ 7518f7bcfd4b308abc9192bacaf6c970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:22:16.0705 6064 TDTCP - ok
23:22:16.0725 6064 [ 079125c4b17b01fcaeebce0bcb290c0f ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:22:16.0735 6064 tdx - ok
23:22:16.0905 6064 [ a4d2ce94b028ef1e437cf4ac3d8ff26c ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
23:22:16.0995 6064 TeamViewer7 - ok
23:22:17.0025 6064 [ c448651339196c0e869a355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:22:17.0025 6064 TermDD - ok
23:22:17.0085 6064 [ 0f05ec2887bfe197ad82a13287d2f404 ] TermService C:\Windows\System32\termsrv.dll
23:22:17.0115 6064 TermService - ok
23:22:17.0135 6064 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
23:22:17.0145 6064 Themes - ok
23:22:17.0155 6064 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
23:22:17.0165 6064 THREADORDER - ok
23:22:17.0185 6064 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
23:22:17.0195 6064 TrkWks - ok
23:22:17.0245 6064 [ 840f7fb849f5887a49ba18c13b2da920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:22:17.0255 6064 TrustedInstaller - ok
23:22:17.0275 6064 [ 61b96c26131e37b24e93327a0bd1fb95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:22:17.0275 6064 tssecsrv - ok
23:22:17.0345 6064 [ 3836171a2cdf3af8ef10856db9835a70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:22:17.0345 6064 tunnel - ok
23:22:17.0385 6064 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:22:17.0385 6064 uagp35 - ok
23:22:17.0425 6064 [ c06e6f4679ceb8f430b90a51d76d8d3c ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:22:17.0435 6064 udfs - ok
23:22:17.0495 6064 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:22:17.0505 6064 UI0Detect - ok
23:22:17.0525 6064 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
23:22:17.0535 6064 uliagpkx - ok
23:22:17.0595 6064 [ eab6c35e62b1b0db0d1b48b671d3a117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:22:17.0595 6064 umbus - ok
23:22:17.0615 6064 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:22:17.0625 6064 UmPass - ok
23:22:17.0645 6064 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
23:22:17.0675 6064 upnphost - ok
23:22:17.0695 6064 [ 537a4e03d7103c12d42dfd8ffdb5bdc9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:22:17.0705 6064 usbccgp - ok
23:22:17.0755 6064 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
23:22:17.0755 6064 usbcir - ok
23:22:17.0785 6064 [ fbb21ebe49f6d560db37ac25fbc68e66 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:22:17.0795 6064 usbehci - ok
23:22:17.0845 6064 [ 2c780746dc44a28fe67004dc58173f05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
23:22:17.0855 6064 usbfilter - ok
23:22:17.0915 6064 [ 6b7a8a99c4a459e73c286a6763ea24cc ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:22:17.0915 6064 usbhub - ok
23:22:17.0945 6064 [ 8c88aa7617b4cbc2e4bed61d26b33a27 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:22:17.0945 6064 usbohci - ok
23:22:17.0975 6064 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:22:17.0985 6064 usbprint - ok
23:22:18.0015 6064 [ f39983647bc1f3e6100778ddfe9dce29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:22:18.0025 6064 USBSTOR - ok
23:22:18.0045 6064 [ 0b5b3b2df3fd1709618acfa50b8392b0 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:22:18.0045 6064 usbuhci - ok
23:22:18.0115 6064 [ 7cb8c573c6e4a2714402cc0a36eab4fe ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
23:22:18.0125 6064 usbvideo - ok
23:22:18.0195 6064 [ 70d05ee263568a742d14e1876df80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
23:22:18.0195 6064 usb_rndisx - ok
23:22:18.0225 6064 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
23:22:18.0235 6064 UxSms - ok
23:22:18.0245 6064 [ 156f6159457d0aa7e59b62681b56eb90 ] VaultSvc C:\Windows\system32\lsass.exe
23:22:18.0255 6064 VaultSvc - ok
23:22:18.0315 6064 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
23:22:18.0315 6064 vdrvroot - ok
23:22:18.0345 6064 [ 44d73e0bbc1d3c8981304ba15135c2f2 ] vds C:\Windows\System32\vds.exe
23:22:18.0375 6064 vds - ok
23:22:18.0395 6064 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:22:18.0395 6064 vga - ok
23:22:18.0425 6064 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
23:22:18.0425 6064 VgaSave - ok
23:22:18.0465 6064 [ c82e748660f62a242b2dfac1442f22a4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
23:22:18.0475 6064 vhdmp - ok
23:22:18.0495 6064 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
23:22:18.0495 6064 viaide - ok
23:22:18.0525 6064 [ 2b1a3dae2b4e70dbba822b7a03fbd4a3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
23:22:18.0525 6064 volmgr - ok
23:22:18.0555 6064 [ 99b0cbb569ca79acaed8c91461d765fb ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:22:18.0565 6064 volmgrx - ok
23:22:18.0595 6064 [ 58f82eed8ca24b461441f9c3e4f0bf5c ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
23:22:18.0605 6064 volsnap - ok
23:22:18.0625 6064 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:22:18.0635 6064 vsmraid - ok
23:22:18.0705 6064 [ 787898bf9fb6d7bd87a36e2d95c899ba ] VSS C:\Windows\system32\vssvc.exe
23:22:18.0765 6064 VSS - ok
23:22:18.0785 6064 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:22:18.0785 6064 vwifibus - ok
23:22:18.0835 6064 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:22:18.0845 6064 vwififlt - ok
23:22:18.0905 6064 [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:22:18.0905 6064 vwifimp - ok
23:22:18.0935 6064 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
23:22:18.0955 6064 W32Time - ok
23:22:19.0005 6064 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:22:19.0005 6064 WacomPen - ok
23:22:19.0065 6064 [ 47ca49400643effd3f1c9a27e1d69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:22:19.0065 6064 WANARP - ok
23:22:19.0075 6064 [ 47ca49400643effd3f1c9a27e1d69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:22:19.0085 6064 Wanarpv6 - ok
23:22:19.0195 6064 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:22:19.0245 6064 WatAdminSvc - ok
23:22:19.0305 6064 [ 5ab1bb85bd8b5089cc5d64200dedae68 ] wbengine C:\Windows\system32\wbengine.exe
23:22:19.0335 6064 wbengine - ok
23:22:19.0375 6064 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:22:19.0385 6064 WbioSrvc - ok
23:22:19.0425 6064 [ dd1bae8ebfc653824d29ccf8c9054d68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:22:19.0445 6064 wcncsvc - ok
23:22:19.0465 6064 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:22:19.0475 6064 WcsPlugInService - ok
23:22:19.0505 6064 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:22:19.0505 6064 Wd - ok
23:22:19.0565 6064 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:22:19.0595 6064 Wdf01000 - ok
23:22:19.0615 6064 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:22:19.0625 6064 WdiServiceHost - ok
23:22:19.0625 6064 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:22:19.0635 6064 WdiSystemHost - ok
23:22:19.0675 6064 [ 733006127f235be7c35354ebee7b9a7b ] WebClient C:\Windows\System32\webclnt.dll
23:22:19.0685 6064 WebClient - ok
23:22:19.0705 6064 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:22:19.0715 6064 Wecsvc - ok
23:22:19.0735 6064 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:22:19.0745 6064 wercplsupport - ok
23:22:19.0795 6064 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:22:19.0805 6064 WerSvc - ok
23:22:19.0865 6064 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:22:19.0865 6064 WfpLwf - ok
23:22:19.0895 6064 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:22:19.0895 6064 WIMMount - ok
23:22:19.0905 6064 WinHttpAutoProxySvc - ok
23:22:19.0975 6064 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:22:19.0985 6064 Winmgmt - ok
23:22:20.0065 6064 [ 41fbb751936b387f9179e7f03a74fe29 ] WinRM C:\Windows\system32\WsmSvc.dll
23:22:20.0135 6064 WinRM - ok
23:22:20.0225 6064 [ 817eaff5d38674edd7713b9dfb8e9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:22:20.0235 6064 WinUsb - ok
23:22:20.0285 6064 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
23:22:20.0315 6064 Wlansvc - ok
23:22:20.0415 6064 [ 98f138897ef4246381d197cb81846d62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:22:20.0485 6064 wlidsvc - ok
23:22:20.0545 6064 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:22:20.0545 6064 WmiAcpi - ok
23:22:20.0575 6064 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:22:20.0585 6064 wmiApSrv - ok
23:22:20.0605 6064 WMPNetworkSvc - ok
23:22:20.0635 6064 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:22:20.0645 6064 WPCSvc - ok
23:22:20.0655 6064 [ 2e57ddf2880a7e52e76f41c7e96d327b ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:22:20.0665 6064 WPDBusEnum - ok
23:22:20.0695 6064 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:22:20.0695 6064 ws2ifsl - ok
23:22:20.0745 6064 [ 8d918b1db190a4d9b1753a66fa8c96e8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
23:22:20.0755 6064 WSDPrintDevice - ok
23:22:20.0765 6064 [ 4a2a5c50dd1a63577d3aca94269fbc7f ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
23:22:20.0765 6064 WSDScan - ok
23:22:20.0775 6064 WSearch - ok
23:22:20.0805 6064 [ 7cadc74271dd6461c452c271b30bd378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:22:20.0805 6064 WudfPf - ok
23:22:20.0835 6064 [ 3b197af0fff08aa66b6b2241ca538d64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:22:20.0845 6064 WUDFRd - ok
23:22:20.0865 6064 [ b551d6637aa0e132c18ac6e504f7b79b ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:22:20.0875 6064 wudfsvc - ok
23:22:20.0895 6064 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
23:22:20.0905 6064 WwanSvc - ok
23:22:20.0965 6064 [ b3eeacf62445e24fbb2cd4b0fb4db026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
23:22:20.0975 6064 yukonw7 - ok
23:22:21.0015 6064 ================ Scan global ===============================
23:22:21.0055 6064 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
23:22:21.0105 6064 (0cb6ebf4b461a6043353c570bd72a1e1) C:\Windows\system32\winsrv.dll
23:22:21.0125 6064 (0cb6ebf4b461a6043353c570bd72a1e1) C:\Windows\system32\winsrv.dll
23:22:21.0145 6064 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
23:22:21.0205 6064 (014a9cb92514e27c0107614df764bc06) C:\Windows\system32\services.exe
23:22:21.0225 6064 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
23:22:21.0225 6064 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
23:22:21.0225 6064 ================ Scan MBR ==================================
23:22:21.0235 6064 MBR (0x1B8) (9991d9d3e6a93df21b4d7ea50e0b4a82) \Device\Harddisk0\DR0
23:22:21.0725 6064 \Device\Harddisk0\DR0 - ok
23:22:21.0725 6064 ================ Scan VBR ==================================
23:22:21.0725 6064 Boot (0x1200) (9db8dee9d65ee884a31d5ba665bbdc01) \Device\Harddisk0\DR0\Partition1
23:22:21.0735 6064 \Device\Harddisk0\DR0\Partition1 - ok
23:22:21.0765 6064 Boot (0x1200) (50a5266a8596590650f4c1999ddb2eca) \Device\Harddisk0\DR0\Partition2
23:22:21.0765 6064 \Device\Harddisk0\DR0\Partition2 - ok
23:22:21.0805 6064 Boot (0x1200) (88a6b7d528f9426f64677c7f552bb115) \Device\Harddisk0\DR0\Partition3
23:22:21.0805 6064 \Device\Harddisk0\DR0\Partition3 - ok
23:22:21.0825 6064 Boot (0x1200) (e8ed9e3a2ca554ba9c76b2d52a8a8816) \Device\Harddisk0\DR0\Partition4
23:22:21.0825 6064 \Device\Harddisk0\DR0\Partition4 - ok
23:22:21.0825 6064 ============================================================
23:22:21.0825 6064 Scan finished
23:22:21.0825 6064 ============================================================
23:22:21.0845 3684 Detected object count: 1
23:22:21.0845 3684 Actual detected object count: 1
23:23:41.0534 3684 C:\Windows\system32\services.exe - copied to quarantine
23:23:41.0975 3684 C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
23:23:41.0975 3684 C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
23:23:42.0005 3684 C:\Windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\@ - copied to quarantine
23:23:42.0025 3684 C:\Windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\L\00000004.@ - copied to quarantine
23:23:42.0025 3684 C:\Windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\L\201d3dde - copied to quarantine
23:23:42.0025 3684 C:\Windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\00000004.@ - copied to quarantine
23:23:42.0025 3684 C:\Windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\00000008.@ - copied to quarantine
23:23:42.0035 3684 C:\Windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\000000cb.@ - copied to quarantine
23:23:42.0035 3684 C:\Windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\80000000.@ - copied to quarantine
23:23:42.0035 3684 C:\Windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\80000032.@ - copied to quarantine
23:23:42.0035 3684 C:\Windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\80000064.@ - copied to quarantine
23:23:42.0055 3684 C:\Users\LEVNHARD\AppData\Local\{cd7802cc-a39a-b44f-b31f-f3425259e786}\@ - copied to quarantine
23:23:53.0035 3684 Backup copy found, using it..
23:23:53.0165 3684 C:\Windows\assembly\GAC_32\desktop.ini - will be deleted on reboot
23:23:53.0175 3684 C:\Windows\assembly\GAC_64\desktop.ini - will be deleted on reboot
23:23:53.0185 3684 C:\Windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\@ - will be deleted on reboot
23:23:53.0185 3684 C:\Windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\00000004.@ - will be deleted on reboot
23:23:53.0185 3684 C:\Windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\00000008.@ - will be deleted on reboot
23:23:53.0185 3684 C:\Windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\000000cb.@ - will be deleted on reboot
23:23:53.0185 3684 C:\Windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\80000000.@ - will be deleted on reboot
23:23:53.0185 3684 C:\Windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\80000032.@ - will be deleted on reboot
23:23:53.0185 3684 C:\Windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\80000064.@ - will be deleted on reboot
23:23:53.0245 3684 C:\Users\LEVNHARD\AppData\Local\{cd7802cc-a39a-b44f-b31f-f3425259e786}\@ - will be deleted on reboot
23:23:53.0245 3684 C:\Windows\system32\services.exe - will be cured on reboot
23:23:53.0245 3684 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure
23:24:14.0927 4884 Deinitialize success

#4 out4bounty

out4bounty
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 20 August 2012 - 12:31 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-19 23:25:14
-----------------------------
23:25:14.993 OS Version: Windows x64 6.1.7600
23:25:14.993 Number of processors: 2 586 0x603
23:25:14.993 ComputerName: LEVNHARD-HP UserName: LEVNHARD
23:25:17.183 Initialize success
23:26:06.700 AVAST engine defs: 12081900
23:26:12.692 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005b
23:26:12.702 Disk 0 Vendor: ST932032 0005 Size: 305245MB BusType: 11
23:26:12.712 Disk 0 MBR read successfully
23:26:12.722 Disk 0 MBR scan
23:26:12.732 Disk 0 unknown MBR code
23:26:12.742 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
23:26:12.752 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287203 MB offset 409600
23:26:12.792 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17738 MB offset 588601344
23:26:12.822 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 624928768
23:26:12.882 Disk 0 scanning C:\Windows\system32\drivers
23:26:31.442 Service scanning
23:26:32.024 Service 95148837 C:\Windows\system32\drivers\02893559.sys **HIDDEN**
23:27:01.535 Modules scanning
23:27:01.904 Disk 0 trace - called modules:
23:27:01.970 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
23:27:01.977 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80042e2740]
23:27:01.985 3 CLASSPNP.SYS[fffff8800197743f] -> nt!IofCallDriver -> [0xfffffa800426d8a0]
23:27:01.991 5 amdxata.sys[fffff880010787a8] -> nt!IofCallDriver -> \Device\0000005b[0xfffffa800426b060]
23:27:05.120 AVAST engine scan C:\Windows
23:27:07.700 AVAST engine scan C:\Windows\system32
23:29:27.211 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
23:29:29.863 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
23:31:27.761 AVAST engine scan C:\Windows\system32\drivers
23:31:48.206 AVAST engine scan C:\Users\LEVNHARD
23:33:38.719 Disk 0 MBR has been saved successfully to "C:\Users\LEVNHARD\Desktop\MBR.dat"
23:33:38.726 The log file has been saved successfully to "C:\Users\LEVNHARD\Desktop\aswMBR.txt"

#5 out4bounty

out4bounty
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 20 August 2012 - 12:32 AM

C:\TDSSKiller_Quarantine\19.08.2012_23.21.29\zasubsys0000\file0000\tsk0000.dta Win64/Patched.B.Gen trojan deleted - quarantined
C:\TDSSKiller_Quarantine\19.08.2012_23.21.29\zasubsys0000\zafs0000\tsk0000.dta Win32/Sirefef.EZ trojan deleted - quarantined
C:\TDSSKiller_Quarantine\19.08.2012_23.21.29\zasubsys0000\zafs0000\tsk0001.dta Win64/Sirefef.AD trojan deleted - quarantined
C:\TDSSKiller_Quarantine\19.08.2012_23.21.29\zasubsys0000\zafs0000\tsk0006.dta Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.08.2012_23.21.29\zasubsys0000\zafs0000\tsk0007.dta Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.08.2012_23.21.29\zasubsys0000\zafs0000\tsk0008.dta Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.08.2012_23.21.29\zasubsys0000\zafs0000\tsk0009.dta a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Users\LEVNHARD\AppData\Local\Temp\ICReinstall\cnet_wrar401_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\LEVNHARD\AppData\Local\Temp\is1598539481\zgInstaller.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\LEVNHARD\AppData\Local\Temp\Low\xawosenmrc.exe multiple threats cleaned by deleting - quarantined
C:\Users\LEVNHARD\AppData\Local\Temp\Low\xroawscenm.exe multiple threats cleaned by deleting - quarantined
C:\Users\LEVNHARD\Documents\DDoS\Jays Booter 5.8 (2).exe a variant of MSIL/Injector.YY trojan cleaned by deleting - quarantined
C:\Users\LEVNHARD\Music\Hardcore\cnet_wrar401_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Windows\Installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\000000cb.@ Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\Windows\Installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\80000000.@ Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\Windows\Installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
Operating memory multiple threats

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:31 PM

Posted 20 August 2012 - 12:32 AM

Restart the PC ,run TDSSkiller and aswmbr again,post the new TDSSkiller,ASWMBR log

#7 out4bounty

out4bounty
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 20 August 2012 - 01:18 AM

01:48:59.0599 3692 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
01:48:59.0848 3692 ============================================================
01:48:59.0848 3692 Current date / time: 2012/08/20 01:48:59.0848
01:48:59.0848 3692 SystemInfo:
01:48:59.0848 3692
01:48:59.0848 3692 OS Version: 6.1.7600 ServicePack: 0.0
01:48:59.0848 3692 Product type: Workstation
01:48:59.0848 3692 ComputerName: LEVNHARD-HP
01:48:59.0848 3692 UserName: LEVNHARD
01:48:59.0848 3692 Windows directory: C:\Windows
01:48:59.0848 3692 System windows directory: C:\Windows
01:48:59.0848 3692 Running under WOW64
01:48:59.0848 3692 Processor architecture: Intel x64
01:48:59.0848 3692 Number of processors: 2
01:48:59.0848 3692 Page size: 0x1000
01:48:59.0848 3692 Boot type: Normal boot
01:48:59.0848 3692 ============================================================
01:49:01.0299 3692 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:49:01.0315 3692 ============================================================
01:49:01.0315 3692 \Device\Harddisk0\DR0:
01:49:01.0315 3692 MBR partitions:
01:49:01.0315 3692 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
01:49:01.0315 3692 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x230F1800
01:49:01.0315 3692 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23155800, BlocksNum 0x22A5000
01:49:01.0315 3692 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
01:49:01.0315 3692 ============================================================
01:49:01.0330 3692 C: <-> \Device\Harddisk0\DR0\Partition2
01:49:01.0377 3692 D: <-> \Device\Harddisk0\DR0\Partition3
01:49:01.0377 3692 ============================================================
01:49:01.0377 3692 Initialize success
01:49:01.0377 3692 ============================================================
01:49:03.0031 3796 ============================================================
01:49:03.0031 3796 Scan started
01:49:03.0031 3796 Mode: Manual;
01:49:03.0031 3796 ============================================================
01:49:04.0513 3796 ================ Scan services =============================
01:49:04.0715 3796 [ 1b00662092f9f9568b995902f0cc40d5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
01:49:04.0731 3796 1394ohci - ok
01:49:04.0793 3796 [ 6f11e88748cdefd2f76aa215f97ddfe5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
01:49:04.0793 3796 ACPI - ok
01:49:04.0840 3796 [ 63b05a0420ce4bf0e4af6dcc7cada254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
01:49:04.0840 3796 AcpiPmi - ok
01:49:04.0996 3796 [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:49:04.0996 3796 AdobeARMservice - ok
01:49:05.0168 3796 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:49:05.0183 3796 AdobeFlashPlayerUpdateSvc - ok
01:49:05.0261 3796 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
01:49:05.0277 3796 adp94xx - ok
01:49:05.0324 3796 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
01:49:05.0339 3796 adpahci - ok
01:49:05.0371 3796 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
01:49:05.0371 3796 adpu320 - ok
01:49:05.0402 3796 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:49:05.0402 3796 AeLookupSvc - ok
01:49:05.0511 3796 [ d1e343bc00136ce03c4d403194d06a80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
01:49:05.0511 3796 AERTFilters - ok
01:49:05.0589 3796 [ db9d6c6b2cd95a9ca414d045b627422e ] AFD C:\Windows\system32\drivers\afd.sys
01:49:05.0605 3796 AFD - ok
01:49:05.0651 3796 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
01:49:05.0667 3796 agp440 - ok
01:49:05.0698 3796 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
01:49:05.0698 3796 ALG - ok
01:49:05.0745 3796 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
01:49:05.0745 3796 aliide - ok
01:49:05.0807 3796 [ 4609419a19891c706455c1a747431af9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
01:49:05.0807 3796 AMD External Events Utility - ok
01:49:05.0807 3796 Scan interrupted by user!
01:49:05.0807 3796 ================ Scan global ===============================
01:49:05.0807 3796 Scan interrupted by user!
01:49:05.0807 3796 ================ Scan MBR ==================================
01:49:05.0807 3796 Scan interrupted by user!
01:49:05.0807 3796 ================ Scan VBR ==================================
01:49:05.0807 3796 Scan interrupted by user!
01:49:05.0807 3796 ============================================================
01:49:05.0807 3796 Scan finished
01:49:05.0807 3796 ============================================================
01:49:05.0839 1324 Detected object count: 0
01:49:05.0839 1324 Actual detected object count: 0
01:49:13.0592 3784 ============================================================
01:49:13.0592 3784 Scan started
01:49:13.0592 3784 Mode: Manual; TDLFS;
01:49:13.0592 3784 ============================================================
01:49:13.0826 3784 ================ Scan services =============================
01:49:14.0013 3784 [ 1b00662092f9f9568b995902f0cc40d5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
01:49:14.0029 3784 1394ohci - ok
01:49:14.0075 3784 [ 6f11e88748cdefd2f76aa215f97ddfe5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
01:49:14.0075 3784 ACPI - ok
01:49:14.0091 3784 [ 63b05a0420ce4bf0e4af6dcc7cada254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
01:49:14.0091 3784 AcpiPmi - ok
01:49:14.0200 3784 [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:49:14.0200 3784 AdobeARMservice - ok
01:49:14.0341 3784 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:49:14.0341 3784 AdobeFlashPlayerUpdateSvc - ok
01:49:14.0372 3784 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
01:49:14.0387 3784 adp94xx - ok
01:49:14.0419 3784 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
01:49:14.0419 3784 adpahci - ok
01:49:14.0450 3784 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
01:49:14.0450 3784 adpu320 - ok
01:49:14.0481 3784 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:49:14.0481 3784 AeLookupSvc - ok
01:49:14.0559 3784 [ d1e343bc00136ce03c4d403194d06a80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
01:49:14.0559 3784 AERTFilters - ok
01:49:14.0621 3784 [ db9d6c6b2cd95a9ca414d045b627422e ] AFD C:\Windows\system32\drivers\afd.sys
01:49:14.0621 3784 AFD - ok
01:49:14.0668 3784 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
01:49:14.0668 3784 agp440 - ok
01:49:14.0684 3784 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
01:49:14.0699 3784 ALG - ok
01:49:14.0715 3784 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
01:49:14.0715 3784 aliide - ok
01:49:14.0746 3784 [ 4609419a19891c706455c1a747431af9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
01:49:14.0746 3784 AMD External Events Utility - ok
01:49:14.0762 3784 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\DRIVERS\amdide.sys
01:49:14.0777 3784 amdide - ok
01:49:14.0809 3784 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
01:49:14.0824 3784 AmdK8 - ok
01:49:15.0027 3784 [ 4bffead896affbc80c86f62cd18f17c9 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
01:49:15.0183 3784 amdkmdag - ok
01:49:15.0261 3784 [ a7155a832f24cf5b048f6048380636ec ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
01:49:15.0261 3784 amdkmdap - ok
01:49:15.0339 3784 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
01:49:15.0339 3784 AmdPPM - ok
01:49:15.0370 3784 [ 53d8d46d51d390abdb54eca623165cb7 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
01:49:15.0370 3784 amdsata - ok
01:49:15.0417 3784 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
01:49:15.0433 3784 amdsbs - ok
01:49:15.0464 3784 [ 75c51148154e34eb3d7bb84749a758d5 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
01:49:15.0464 3784 amdxata - ok
01:49:15.0542 3784 [ 42fd751b27fa0e9c69bb39f39e409594 ] AppID C:\Windows\system32\drivers\appid.sys
01:49:15.0542 3784 AppID - ok
01:49:15.0573 3784 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:49:15.0589 3784 AppIDSvc - ok
01:49:15.0604 3784 [ d065be66822847b7f127d1f90158376e ] Appinfo C:\Windows\System32\appinfo.dll
01:49:15.0604 3784 Appinfo - ok
01:49:15.0651 3784 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys
01:49:15.0651 3784 arc - ok
01:49:15.0682 3784 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
01:49:15.0682 3784 arcsas - ok
01:49:15.0729 3784 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:49:15.0729 3784 AsyncMac - ok
01:49:15.0776 3784 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\DRIVERS\atapi.sys
01:49:15.0776 3784 atapi - ok
01:49:15.0916 3784 [ 40734f3a5eec4c4ac6a1faf10b293714 ] athr C:\Windows\system32\DRIVERS\athrx.sys
01:49:15.0994 3784 athr - ok
01:49:16.0057 3784 [ 2d648572ba9a610952fcafba1e119c2d ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
01:49:16.0072 3784 AtiHdmiService - ok
01:49:16.0119 3784 [ c07a040d6b5a42dd41ee386cf90974c8 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
01:49:16.0119 3784 AtiPcie - ok
01:49:16.0197 3784 [ 07721a77180edd4d39ccb865bf63c7fd ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:49:16.0228 3784 AudioEndpointBuilder - ok
01:49:16.0259 3784 [ 07721a77180edd4d39ccb865bf63c7fd ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:49:16.0259 3784 AudioSrv - ok
01:49:16.0353 3784 [ b20b5fa5ca050e9926e4d1db81501b32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:49:16.0353 3784 AxInstSV - ok
01:49:16.0400 3784 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
01:49:16.0415 3784 b06bdrv - ok
01:49:16.0478 3784 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:49:16.0493 3784 b57nd60a - ok
01:49:16.0540 3784 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
01:49:16.0540 3784 BDESVC - ok
01:49:16.0556 3784 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
01:49:16.0556 3784 Beep - ok
01:49:16.0603 3784 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
01:49:16.0603 3784 blbdrive - ok
01:49:16.0649 3784 [ 19d20159708e152267e53b66677a4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:49:16.0649 3784 bowser - ok
01:49:16.0665 3784 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:49:16.0681 3784 BrFiltLo - ok
01:49:16.0696 3784 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:49:16.0696 3784 BrFiltUp - ok
01:49:16.0727 3784 [ 94fbc06f294d58d02361918418f996e3 ] Browser C:\Windows\System32\browser.dll
01:49:16.0727 3784 Browser - ok
01:49:16.0759 3784 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:49:16.0774 3784 Brserid - ok
01:49:16.0805 3784 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:49:16.0805 3784 BrSerWdm - ok
01:49:16.0821 3784 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:49:16.0821 3784 BrUsbMdm - ok
01:49:16.0852 3784 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:49:16.0852 3784 BrUsbSer - ok
01:49:16.0868 3784 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
01:49:16.0883 3784 BTHMODEM - ok
01:49:16.0930 3784 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
01:49:16.0930 3784 bthserv - ok
01:49:16.0946 3784 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:49:16.0961 3784 cdfs - ok
01:49:17.0024 3784 [ 83d2d75e1efb81b3450c18131443f7db ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
01:49:17.0024 3784 cdrom - ok
01:49:17.0086 3784 [ 312e2f82af11e79906898ac3e3d58a1f ] CertPropSvc C:\Windows\System32\certprop.dll
01:49:17.0086 3784 CertPropSvc - ok
01:49:17.0149 3784 [ 533328a3d9a9c286682525842547540c ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
01:49:17.0164 3784 CinemaNow Service - ok
01:49:17.0227 3784 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys
01:49:17.0227 3784 circlass - ok
01:49:17.0273 3784 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
01:49:17.0289 3784 CLFS - ok
01:49:17.0351 3784 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:49:17.0367 3784 clr_optimization_v2.0.50727_32 - ok
01:49:17.0429 3784 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:49:17.0429 3784 clr_optimization_v2.0.50727_64 - ok
01:49:17.0507 3784 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:49:17.0539 3784 clr_optimization_v4.0.30319_32 - ok
01:49:17.0663 3784 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:49:17.0663 3784 clr_optimization_v4.0.30319_64 - ok
01:49:17.0710 3784 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
01:49:17.0710 3784 CmBatt - ok
01:49:17.0741 3784 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
01:49:17.0741 3784 cmdide - ok
01:49:17.0804 3784 [ ca7720b73446fddec5c69519c1174c98 ] CNG C:\Windows\system32\Drivers\cng.sys
01:49:17.0819 3784 CNG - ok
01:49:17.0866 3784 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
01:49:17.0866 3784 Compbatt - ok
01:49:17.0913 3784 [ f26b3a86f6fa87ca360b879581ab4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
01:49:17.0913 3784 CompositeBus - ok
01:49:17.0944 3784 COMSysApp - ok
01:49:17.0991 3784 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
01:49:17.0991 3784 crcdisk - ok
01:49:18.0069 3784 [ f02786b66375292e58c8777082d4396d ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:49:18.0069 3784 CryptSvc - ok
01:49:18.0178 3784 [ 72794d112cbaff3bc0c29bf7350d4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
01:49:18.0209 3784 cvhsvc - ok
01:49:18.0272 3784 [ 7266972e86890e2b30c0c322e906b027 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:49:18.0287 3784 DcomLaunch - ok
01:49:18.0319 3784 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
01:49:18.0319 3784 defragsvc - ok
01:49:18.0381 3784 [ 9c253ce7311ca60fc11c774692a13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:49:18.0381 3784 DfsC - ok
01:49:18.0443 3784 [ 113212d25d0c9bb8901a9833774da97f ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
01:49:18.0443 3784 dg_ssudbus - ok
01:49:18.0506 3784 [ ce3b9562d997f69b330d181a8875960f ] Dhcp C:\Windows\system32\dhcpcore.dll
01:49:18.0506 3784 Dhcp - ok
01:49:18.0537 3784 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
01:49:18.0537 3784 discache - ok
01:49:18.0599 3784 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys
01:49:18.0599 3784 Disk - ok
01:49:18.0662 3784 [ 85cf424c74a1d5ec33533e1dbff9920a ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:49:18.0677 3784 Dnscache - ok
01:49:18.0709 3784 [ 14452acdb09b70964c8c21bf80a13acb ] dot3svc C:\Windows\System32\dot3svc.dll
01:49:18.0709 3784 dot3svc - ok
01:49:18.0724 3784 [ 8c2ba6bea949ee6e68385f5692bafb94 ] DPS C:\Windows\system32\dps.dll
01:49:18.0740 3784 DPS - ok
01:49:18.0787 3784 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:49:18.0787 3784 drmkaud - ok
01:49:18.0849 3784 [ 1633b9abf52784a1331476397a48cbef ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:49:18.0865 3784 DXGKrnl - ok
01:49:18.0911 3784 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
01:49:18.0911 3784 EapHost - ok
01:49:19.0021 3784 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
01:49:19.0114 3784 ebdrv - ok
01:49:19.0145 3784 [ 156f6159457d0aa7e59b62681b56eb90 ] EFS C:\Windows\System32\lsass.exe
01:49:19.0145 3784 EFS - ok
01:49:19.0208 3784 [ 47c071994c3f649f23d9cd075ac9304a ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:49:19.0239 3784 ehRecvr - ok
01:49:19.0286 3784 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
01:49:19.0286 3784 ehSched - ok
01:49:19.0333 3784 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
01:49:19.0364 3784 elxstor - ok
01:49:19.0379 3784 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
01:49:19.0395 3784 ErrDev - ok
01:49:19.0457 3784 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
01:49:19.0473 3784 EventSystem - ok
01:49:19.0504 3784 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
01:49:19.0504 3784 exfat - ok
01:49:19.0535 3784 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:49:19.0551 3784 fastfat - ok
01:49:19.0598 3784 [ d607b2f1bee3992aa6c2c92c0a2f0855 ] Fax C:\Windows\system32\fxssvc.exe
01:49:19.0645 3784 Fax - ok
01:49:19.0676 3784 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys
01:49:19.0676 3784 fdc - ok
01:49:19.0723 3784 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
01:49:19.0723 3784 fdPHost - ok
01:49:19.0754 3784 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
01:49:19.0754 3784 FDResPub - ok
01:49:19.0769 3784 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:49:19.0769 3784 FileInfo - ok
01:49:19.0785 3784 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:49:19.0785 3784 Filetrace - ok
01:49:19.0816 3784 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
01:49:19.0816 3784 flpydisk - ok
01:49:19.0847 3784 [ f7866af72abbaf84b1fa5aa195378c59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:49:19.0847 3784 FltMgr - ok
01:49:19.0925 3784 [ cb5e4b9c319e3c6bb363eb7e58a4a051 ] FontCache C:\Windows\system32\FntCache.dll
01:49:19.0972 3784 FontCache - ok
01:49:20.0035 3784 [ 8d89e3131c27fdd6932189cb785e1b7a ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:49:20.0035 3784 FontCache3.0.0.0 - ok
01:49:20.0066 3784 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:49:20.0066 3784 FsDepends - ok
01:49:20.0113 3784 [ d3e3f93d67821a2db2b3d9fac2dc2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:49:20.0113 3784 Fs_Rec - ok
01:49:20.0175 3784 [ ae87ba80d0ec3b57126ed2cdc15b24ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:49:20.0175 3784 fvevol - ok
01:49:20.0191 3784 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
01:49:20.0206 3784 gagp30kx - ok
01:49:20.0300 3784 [ ce16683cfd11fe70bde435dda5ea1fca ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
01:49:20.0300 3784 GameConsoleService - ok
01:49:20.0347 3784 [ fe5ab4525bc2ec68b9119a6e5d40128b ] gpsvc C:\Windows\System32\gpsvc.dll
01:49:20.0378 3784 gpsvc - ok
01:49:20.0487 3784 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:49:20.0487 3784 gupdate - ok
01:49:20.0518 3784 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:49:20.0518 3784 gupdatem - ok
01:49:20.0581 3784 [ 5d4bc124faae6730ac002cdb67bf1a1c ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
01:49:20.0581 3784 gusvc - ok
01:49:20.0643 3784 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:49:20.0659 3784 hcw85cir - ok
01:49:20.0690 3784 [ 6410f6f415b2a5a9037224c41da8bf12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:49:20.0690 3784 HdAudAddService - ok
01:49:20.0752 3784 [ 0a49913402747a0b67de940fb42cbdbb ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
01:49:20.0752 3784 HDAudBus - ok
01:49:20.0768 3784 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
01:49:20.0768 3784 HidBatt - ok
01:49:20.0799 3784 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
01:49:20.0799 3784 HidBth - ok
01:49:20.0830 3784 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
01:49:20.0830 3784 HidIr - ok
01:49:20.0861 3784 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll
01:49:20.0861 3784 hidserv - ok
01:49:20.0908 3784 [ b3bf6b5b50006def50b66306d99fcf6f ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
01:49:20.0908 3784 HidUsb - ok
01:49:20.0939 3784 [ efa58ede58dd74388ffd04cb32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:49:20.0939 3784 hkmsvc - ok
01:49:20.0971 3784 [ 046b2673767ca626e2cfb7fdf735e9e8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:49:20.0986 3784 HomeGroupListener - ok
01:49:21.0002 3784 [ 06a7422224d9865a5613710a089987df ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:49:21.0017 3784 HomeGroupProvider - ok
01:49:21.0127 3784 [ 13bb1114451c63bfb41ba7daa4d70a29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
01:49:21.0127 3784 HP Support Assistant Service - ok
01:49:21.0189 3784 [ 3a09322a8aa8b0c79036686a0ebe7b4c ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
01:49:21.0189 3784 HP Wireless Assistant Service - ok
01:49:21.0251 3784 [ bcc4a8b2e2e902f52e7f2e7d8e125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
01:49:21.0251 3784 HPDrvMntSvc.exe - ok
01:49:21.0329 3784 [ ec9739a46f1f83c6e52a7a4697f44a65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
01:49:21.0361 3784 hpqwmiex - ok
01:49:21.0392 3784 [ 0886d440058f203eba0e1825e4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
01:49:21.0392 3784 HpSAMD - ok
01:49:21.0485 3784 [ f630dd7564ebb7248a13b1cc774d9ea6 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
01:49:21.0485 3784 HPWMISVC - ok
01:49:21.0548 3784 [ cee049cac4efa7f4e1e4ad014414a5d4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:49:21.0579 3784 HTTP - ok
01:49:21.0595 3784 [ f17766a19145f111856378df337a5d79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:49:21.0595 3784 hwpolicy - ok
01:49:21.0673 3784 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
01:49:21.0673 3784 i8042prt - ok
01:49:21.0735 3784 [ b75e45c564e944a2657167d197ab29da ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:49:21.0751 3784 iaStorV - ok
01:49:21.0813 3784 [ 2f2be70d3e02b6fa877921ab9516d43c ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:49:21.0844 3784 idsvc - ok
01:49:22.0063 3784 [ a87261ef1546325b559374f5689cf5bc ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
01:49:22.0234 3784 igfx - ok
01:49:22.0265 3784 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
01:49:22.0265 3784 iirsp - ok
01:49:22.0343 3784 [ c5b4683680df085b57bc53e5ef34861f ] IKEEXT C:\Windows\System32\ikeext.dll
01:49:22.0375 3784 IKEEXT - ok
01:49:22.0484 3784 [ b88e24bd77a0ce2cffee2facf1151be0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
01:49:22.0499 3784 IntcAzAudAddService - ok
01:49:22.0546 3784 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\DRIVERS\intelide.sys
01:49:22.0546 3784 intelide - ok
01:49:22.0609 3784 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:49:22.0609 3784 intelppm - ok
01:49:22.0671 3784 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:49:22.0671 3784 IPBusEnum - ok
01:49:22.0702 3784 [ 722dd294df62483cecaae6e094b4d695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:49:22.0702 3784 IpFilterDriver - ok
01:49:22.0749 3784 [ e2b4a4494db7cb9b89b55ca268c337c5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
01:49:22.0749 3784 IPMIDRV - ok
01:49:22.0796 3784 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:49:22.0796 3784 IPNAT - ok
01:49:22.0843 3784 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:49:22.0843 3784 IRENUM - ok
01:49:22.0874 3784 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
01:49:22.0874 3784 isapnp - ok
01:49:22.0905 3784 [ fa4d2557de56d45b0a346f93564be6e1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
01:49:22.0905 3784 iScsiPrt - ok
01:49:22.0967 3784 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:49:22.0967 3784 kbdclass - ok
01:49:23.0014 3784 [ 6def98f8541e1b5dceb2c822a11f7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
01:49:23.0014 3784 kbdhid - ok
01:49:23.0045 3784 [ 156f6159457d0aa7e59b62681b56eb90 ] KeyIso C:\Windows\system32\lsass.exe
01:49:23.0045 3784 KeyIso - ok
01:49:23.0170 3784 [ 162a5e3a691b903111526147c8d29e6d ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
01:49:23.0186 3784 Kodak AiO Network Discovery Service - ok
01:49:23.0248 3784 [ b5e53fca219a6491e9a1ba146a5d2452 ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
01:49:23.0279 3784 Kodak AiO Status Monitor Service - ok
01:49:23.0326 3784 [ 4f4b5fde429416877de7143044582eb5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:49:23.0326 3784 KSecDD - ok
01:49:23.0342 3784 [ 6f40465a44ecdc1731befafec5bdd03c ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:49:23.0342 3784 KSecPkg - ok
01:49:23.0389 3784 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:49:23.0389 3784 ksthunk - ok
01:49:23.0451 3784 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
01:49:23.0467 3784 KtmRm - ok
01:49:23.0529 3784 [ 81f1d04d4d0e433099365127375fd501 ] LanmanServer C:\Windows\system32\srvsvc.dll
01:49:23.0545 3784 LanmanServer - ok
01:49:23.0576 3784 [ 27026eac8818e8a6c00a1cad2f11d29a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:49:23.0576 3784 LanmanWorkstation - ok
01:49:23.0638 3784 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:49:23.0654 3784 lltdio - ok
01:49:23.0716 3784 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:49:23.0716 3784 lltdsvc - ok
01:49:23.0747 3784 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:49:23.0747 3784 lmhosts - ok
01:49:23.0810 3784 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
01:49:23.0825 3784 LSI_FC - ok
01:49:23.0841 3784 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
01:49:23.0857 3784 LSI_SAS - ok
01:49:23.0872 3784 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:49:23.0872 3784 LSI_SAS2 - ok
01:49:23.0903 3784 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:49:23.0903 3784 LSI_SCSI - ok
01:49:23.0950 3784 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
01:49:23.0966 3784 luafv - ok
01:49:24.0028 3784 [ f84c8f1000bc11e3b7b23cbd3baff111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:49:24.0028 3784 Mcx2Svc - ok
01:49:24.0059 3784 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
01:49:24.0059 3784 megasas - ok
01:49:24.0106 3784 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
01:49:24.0106 3784 MegaSR - ok
01:49:24.0153 3784 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
01:49:24.0153 3784 MMCSS - ok
01:49:24.0200 3784 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
01:49:24.0200 3784 Modem - ok
01:49:24.0247 3784 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:49:24.0247 3784 monitor - ok
01:49:24.0278 3784 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:49:24.0278 3784 mouclass - ok
01:49:24.0325 3784 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:49:24.0325 3784 mouhid - ok
01:49:24.0356 3784 [ 791af66c4d0e7c90a3646066386fb571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:49:24.0356 3784 mountmgr - ok
01:49:24.0387 3784 [ 609d1d87649ecc19796f4d76d4c15cea ] mpio C:\Windows\system32\DRIVERS\mpio.sys
01:49:24.0387 3784 mpio - ok
01:49:24.0418 3784 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:49:24.0418 3784 mpsdrv - ok
01:49:24.0434 3784 [ 30524261bb51d96d6fcbac20c810183c ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:49:24.0449 3784 MRxDAV - ok
01:49:24.0481 3784 [ 040d62a9d8ad28922632137acdd984f2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:49:24.0481 3784 mrxsmb - ok
01:49:24.0512 3784 [ f0067552f8f9b33d7c59403ab808a3cb ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:49:24.0512 3784 mrxsmb10 - ok
01:49:24.0543 3784 [ 3c142d31de9f2f193218a53fe2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:49:24.0543 3784 mrxsmb20 - ok
01:49:24.0559 3784 [ 5e939cf91ea4a841dbafe4627e0292bb ] msahci C:\Windows\system32\DRIVERS\msahci.sys
01:49:24.0559 3784 msahci - ok
01:49:24.0590 3784 [ 8d27b597229aed79430fb9db3bcbfbd0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
01:49:24.0605 3784 msdsm - ok
01:49:24.0621 3784 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
01:49:24.0637 3784 MSDTC - ok
01:49:24.0652 3784 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:49:24.0652 3784 Msfs - ok
01:49:24.0683 3784 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:49:24.0683 3784 mshidkmdf - ok
01:49:24.0699 3784 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
01:49:24.0699 3784 msisadrv - ok
01:49:24.0761 3784 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:49:24.0761 3784 MSiSCSI - ok
01:49:24.0777 3784 msiserver - ok
01:49:24.0839 3784 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:49:24.0855 3784 MSKSSRV - ok
01:49:24.0871 3784 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:49:24.0871 3784 MSPCLOCK - ok
01:49:24.0886 3784 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:49:24.0886 3784 MSPQM - ok
01:49:24.0902 3784 [ 89cb141aa8616d8c6a4610fa26c60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:49:24.0917 3784 MsRPC - ok
01:49:24.0949 3784 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
01:49:24.0949 3784 mssmbios - ok
01:49:24.0964 3784 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:49:24.0964 3784 MSTEE - ok
01:49:24.0980 3784 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
01:49:24.0995 3784 MTConfig - ok
01:49:25.0042 3784 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
01:49:25.0042 3784 Mup - ok
01:49:25.0089 3784 [ 4987e079a4530fa737a128be54b63b12 ] napagent C:\Windows\system32\qagentRT.dll
01:49:25.0105 3784 napagent - ok
01:49:25.0183 3784 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:49:25.0183 3784 NativeWifiP - ok
01:49:25.0261 3784 [ cad515dbd07d082bb317d9928ce8962c ] NDIS C:\Windows\system32\drivers\ndis.sys
01:49:25.0292 3784 NDIS - ok
01:49:25.0323 3784 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:49:25.0323 3784 NdisCap - ok
01:49:25.0354 3784 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:49:25.0370 3784 NdisTapi - ok
01:49:25.0401 3784 [ f105ba1e22bf1f2ee8f005d4305e4bec ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:49:25.0401 3784 Ndisuio - ok
01:49:25.0432 3784 [ 557dfab9ca1fcb036ac77564c010dad3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:49:25.0432 3784 NdisWan - ok
01:49:25.0448 3784 [ 659b74fb74b86228d6338d643cd3e3cf ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:49:25.0448 3784 NDProxy - ok
01:49:25.0510 3784 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:49:25.0510 3784 NetBIOS - ok
01:49:25.0526 3784 [ 9162b273a44ab9dce5b44362731d062a ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:49:25.0541 3784 NetBT - ok
01:49:25.0557 3784 [ 156f6159457d0aa7e59b62681b56eb90 ] Netlogon C:\Windows\system32\lsass.exe
01:49:25.0557 3784 Netlogon - ok
01:49:25.0635 3784 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
01:49:25.0635 3784 Netman - ok
01:49:25.0666 3784 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
01:49:25.0682 3784 netprofm - ok
01:49:25.0713 3784 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:49:25.0729 3784 NetTcpPortSharing - ok
01:49:25.0900 3784 [ 64428dfdaf6e88366cb51f45a79c5f69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
01:49:26.0072 3784 netw5v64 - ok
01:49:26.0119 3784 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
01:49:26.0119 3784 nfrd960 - ok
01:49:26.0181 3784 [ d9a0ce66046d6efa0c61baa885cba0a8 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:49:26.0197 3784 NlaSvc - ok
01:49:26.0275 3784 [ 351533acc2a069b94e80bbfc177e8fdf ] NPF C:\Windows\system32\drivers\npf.sys
01:49:26.0275 3784 NPF - ok
01:49:26.0290 3784 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:49:26.0306 3784 Npfs - ok
01:49:26.0321 3784 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
01:49:26.0321 3784 nsi - ok
01:49:26.0337 3784 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:49:26.0337 3784 nsiproxy - ok
01:49:26.0399 3784 [ 378e0e0dfea67d98ae6ea53adbbd76bc ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:49:26.0462 3784 Ntfs - ok
01:49:26.0477 3784 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
01:49:26.0493 3784 Null - ok
01:49:26.0555 3784 [ a4d9c9a608a97f59307c2f2600edc6a4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:49:26.0571 3784 nvraid - ok
01:49:26.0602 3784 [ 6c1d5f70e7a6a3fd1c90d840edc048b9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:49:26.0618 3784 nvstor - ok
01:49:26.0649 3784 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
01:49:26.0665 3784 nv_agp - ok
01:49:26.0743 3784 [ 785f487a64950f3cb8e9f16253ba3b7b ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
01:49:26.0758 3784 odserv - ok
01:49:26.0805 3784 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
01:49:26.0805 3784 ohci1394 - ok
01:49:26.0883 3784 [ 9d10f99a6712e28f8acd5641e3a7ea6b ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:49:26.0883 3784 ose - ok
01:49:27.0086 3784 [ 61bffb5f57ad12f83ab64b7181829b34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:49:27.0257 3784 osppsvc - ok
01:49:27.0351 3784 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:49:27.0367 3784 p2pimsvc - ok
01:49:27.0382 3784 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
01:49:27.0413 3784 p2psvc - ok
01:49:27.0445 3784 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
01:49:27.0460 3784 Parport - ok
01:49:27.0507 3784 [ 90061b1acfe8ccaa5345750ffe08d8b8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:49:27.0507 3784 partmgr - ok
01:49:27.0601 3784 [ 7c0582921913d00180ec2b8518ba135c ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys
01:49:27.0601 3784 pbfilter - ok
01:49:27.0632 3784 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
01:49:27.0632 3784 PcaSvc - ok
01:49:27.0663 3784 [ f36f6504009f2fb0dfd1b17a116ad74b ] pci C:\Windows\system32\DRIVERS\pci.sys
01:49:27.0663 3784 pci - ok
01:49:27.0694 3784 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\DRIVERS\pciide.sys
01:49:27.0694 3784 pciide - ok
01:49:27.0725 3784 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
01:49:27.0741 3784 pcmcia - ok
01:49:27.0757 3784 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
01:49:27.0757 3784 pcw - ok
01:49:27.0788 3784 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:49:27.0788 3784 PEAUTH - ok
01:49:27.0881 3784 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:49:27.0881 3784 PerfHost - ok
01:49:27.0975 3784 [ 557e9a86f65f0de18c9b6751dfe9d3f1 ] pla C:\Windows\system32\pla.dll
01:49:28.0022 3784 pla - ok
01:49:28.0053 3784 [ 98b1721b8718164293b9701b98c52d77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:49:28.0053 3784 PlugPlay - ok
01:49:28.0069 3784 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:49:28.0069 3784 PNRPAutoReg - ok
01:49:28.0100 3784 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:49:28.0100 3784 PNRPsvc - ok
01:49:28.0147 3784 [ 166eb40d1f5b47e615de3d0fffe5f243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:49:28.0178 3784 PolicyAgent - ok
01:49:28.0209 3784 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
01:49:28.0225 3784 Power - ok
01:49:28.0287 3784 [ 27cc19e81ba5e3403c48302127bda717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:49:28.0287 3784 PptpMiniport - ok
01:49:28.0318 3784 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys
01:49:28.0318 3784 Processor - ok
01:49:28.0365 3784 [ 97293447431311c06703368ad0f6c4be ] ProfSvc C:\Windows\system32\profsvc.dll
01:49:28.0381 3784 ProfSvc - ok
01:49:28.0396 3784 [ 156f6159457d0aa7e59b62681b56eb90 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:49:28.0396 3784 ProtectedStorage - ok
01:49:28.0412 3784 [ ee992183bd8eaefd9973f352e587a299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:49:28.0412 3784 Psched - ok
01:49:28.0474 3784 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
01:49:28.0521 3784 ql2300 - ok
01:49:28.0552 3784 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
01:49:28.0552 3784 ql40xx - ok
01:49:28.0583 3784 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
01:49:28.0599 3784 QWAVE - ok
01:49:28.0630 3784 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:49:28.0630 3784 QWAVEdrv - ok
01:49:28.0646 3784 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:49:28.0646 3784 RasAcd - ok
01:49:28.0693 3784 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:49:28.0693 3784 RasAgileVpn - ok
01:49:28.0708 3784 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
01:49:28.0724 3784 RasAuto - ok
01:49:28.0739 3784 [ 87a6e852a22991580d6d39adc4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:49:28.0755 3784 Rasl2tp - ok
01:49:28.0771 3784 [ 47394ed3d16d053f5906efe5ab51cc83 ] RasMan C:\Windows\System32\rasmans.dll
01:49:28.0786 3784 RasMan - ok
01:49:28.0802 3784 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:49:28.0802 3784 RasPppoe - ok
01:49:28.0817 3784 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:49:28.0817 3784 RasSstp - ok
01:49:28.0833 3784 [ 3bac8142102c15d59a87757c1d41dce5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:49:28.0833 3784 rdbss - ok
01:49:28.0880 3784 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
01:49:28.0880 3784 rdpbus - ok
01:49:28.0895 3784 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:49:28.0895 3784 RDPCDD - ok
01:49:28.0958 3784 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:49:28.0958 3784 RDPENCDD - ok
01:49:28.0958 3784 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:49:28.0973 3784 RDPREFMP - ok
01:49:29.0020 3784 [ 447de7e3dea39d422c1504f245b668b1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:49:29.0020 3784 RDPWD - ok
01:49:29.0067 3784 [ 634b9a2181d98f15941236886164ec8b ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:49:29.0067 3784 rdyboost - ok
01:49:29.0129 3784 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:49:29.0145 3784 RemoteAccess - ok
01:49:29.0161 3784 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:49:29.0176 3784 RemoteRegistry - ok
01:49:29.0239 3784 [ b60f58f175de20a6739194e85b035178 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
01:49:29.0239 3784 rpcapd - ok
01:49:29.0254 3784 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:49:29.0254 3784 RpcEptMapper - ok
01:49:29.0270 3784 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
01:49:29.0285 3784 RpcLocator - ok
01:49:29.0317 3784 [ 7266972e86890e2b30c0c322e906b027 ] RpcSs C:\Windows\system32\rpcss.dll
01:49:29.0317 3784 RpcSs - ok
01:49:29.0379 3784 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:49:29.0379 3784 rspndr - ok
01:49:29.0457 3784 [ 22d6b47d004a6568c500680be2972854 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
01:49:29.0457 3784 RSUSBSTOR - ok
01:49:29.0504 3784 [ 4fbda07ef0a3097ce14c5cabf723b278 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
01:49:29.0504 3784 RTL8167 - ok
01:49:29.0566 3784 [ 5fff3e71b4724bb10918fd6dd7413d99 ] RtVOsdService C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
01:49:29.0582 3784 RtVOsdService - ok
01:49:29.0597 3784 [ 156f6159457d0aa7e59b62681b56eb90 ] SamSs C:\Windows\system32\lsass.exe
01:49:29.0597 3784 SamSs - ok
01:49:29.0629 3784 [ e3bbb89983daf5622c1d50cf49f28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
01:49:29.0629 3784 sbp2port - ok
01:49:29.0660 3784 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:49:29.0660 3784 SCardSvr - ok
01:49:29.0707 3784 [ c94da20c7e3ba1dca269bc8460d98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:49:29.0707 3784 scfilter - ok
01:49:29.0753 3784 [ 624d0f5ff99428bb90a5b8a4123e918e ] Schedule C:\Windows\system32\schedsvc.dll
01:49:29.0800 3784 Schedule - ok
01:49:29.0847 3784 [ 312e2f82af11e79906898ac3e3d58a1f ] SCPolicySvc C:\Windows\System32\certprop.dll
01:49:29.0847 3784 SCPolicySvc - ok
01:49:29.0894 3784 [ 54e47ad086782d3ae9417c155cdceb9b ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
01:49:29.0909 3784 sdbus - ok
01:49:29.0941 3784 [ 765a27c3279ce11d14cb9e4f5869fca5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:49:29.0956 3784 SDRSVC - ok
01:49:30.0003 3784 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:49:30.0003 3784 secdrv - ok
01:49:30.0019 3784 [ 463b386ebc70f98da5dff85f7e654346 ] seclogon C:\Windows\system32\seclogon.dll
01:49:30.0019 3784 seclogon - ok
01:49:30.0050 3784 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\System32\sens.dll
01:49:30.0050 3784 SENS - ok
01:49:30.0097 3784 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:49:30.0097 3784 SensrSvc - ok
01:49:30.0159 3784 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
01:49:30.0159 3784 Serenum - ok
01:49:30.0190 3784 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
01:49:30.0190 3784 Serial - ok
01:49:30.0206 3784 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
01:49:30.0206 3784 sermouse - ok
01:49:30.0253 3784 [ c3bc61ce47ff6f4e88ab8a3b429a36af ] SessionEnv C:\Windows\system32\sessenv.dll
01:49:30.0268 3784 SessionEnv - ok
01:49:30.0284 3784 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
01:49:30.0284 3784 sffdisk - ok
01:49:30.0299 3784 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
01:49:30.0315 3784 sffp_mmc - ok
01:49:30.0331 3784 [ 178298f767fe638c9fedcbdef58bb5e4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
01:49:30.0331 3784 sffp_sd - ok
01:49:30.0346 3784 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
01:49:30.0362 3784 sfloppy - ok
01:49:30.0393 3784 [ c6cc9297bd53e5229653303e556aa539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
01:49:30.0409 3784 Sftfs - ok
01:49:30.0487 3784 [ 13693b6354dd6e72dc5131da7d764b90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
01:49:30.0502 3784 sftlist - ok
01:49:30.0518 3784 [ 390aa7bc52cee43f6790cdea1e776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
01:49:30.0518 3784 Sftplay - ok
01:49:30.0533 3784 [ 617e29a0b0a2807466560d4c4e338d3e ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
01:49:30.0533 3784 Sftredir - ok
01:49:30.0565 3784 [ 8f571f016fa1976f445147e9e6c8ae9b ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
01:49:30.0565 3784 Sftvol - ok
01:49:30.0580 3784 [ c3cddd18f43d44ab713cf8c4916f7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
01:49:30.0596 3784 sftvsa - ok
01:49:30.0627 3784 [ 0298ac45d0efffb2db4baa7dd186e7bf ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:49:30.0627 3784 ShellHWDetection - ok
01:49:30.0658 3784 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:49:30.0658 3784 SiSRaid2 - ok
01:49:30.0705 3784 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
01:49:30.0705 3784 SiSRaid4 - ok
01:49:30.0799 3784 [ c70aebd3608ed9fcea2a1bae83567ffc ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
01:49:30.0799 3784 SkypeUpdate - ok
01:49:30.0845 3784 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:49:30.0845 3784 Smb - ok
01:49:30.0908 3784 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:49:30.0923 3784 SNMPTRAP - ok
01:49:30.0939 3784 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
01:49:30.0939 3784 spldr - ok
01:49:30.0986 3784 [ f8e1fa03cb70d54a9892ac88b91d1e7b ] Spooler C:\Windows\System32\spoolsv.exe
01:49:31.0017 3784 Spooler - ok
01:49:31.0142 3784 [ 913d843498553a1bc8f8dbad6358e49f ] sppsvc C:\Windows\system32\sppsvc.exe
01:49:31.0251 3784 sppsvc - ok
01:49:31.0282 3784 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:49:31.0282 3784 sppuinotify - ok
01:49:31.0313 3784 [ 2408c0366d96bcdf63e8f1c78e4a29c5 ] srv C:\Windows\system32\DRIVERS\srv.sys
01:49:31.0329 3784 srv - ok
01:49:31.0345 3784 [ 76548f7b818881b47d8d1ae1be9c11f8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:49:31.0360 3784 srv2 - ok
01:49:31.0423 3784 [ 0c4540311e11664b245a263e1154cef8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
01:49:31.0423 3784 SrvHsfHDA - ok
01:49:31.0501 3784 [ 02071d207a9858fbe3a48cbfd59c4a04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
01:49:31.0563 3784 SrvHsfV92 - ok
01:49:31.0594 3784 [ 18e40c245dbfaf36fd0134a7ef2df396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
01:49:31.0641 3784 SrvHsfWinac - ok
01:49:31.0672 3784 [ 0af6e19d39c70844c5caa8fb0183c36e ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:49:31.0672 3784 srvnet - ok
01:49:31.0735 3784 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:49:31.0735 3784 SSDPSRV - ok
01:49:31.0750 3784 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:49:31.0766 3784 SstpSvc - ok
01:49:31.0828 3784 [ 78cd64791f8634cf7b582fd085e57c4b ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
01:49:31.0828 3784 ssudmdm - ok
01:49:31.0844 3784 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
01:49:31.0859 3784 stexstor - ok
01:49:31.0906 3784 [ decacb6921ded1a38642642685d77dac ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
01:49:31.0906 3784 StillCam - ok
01:49:31.0969 3784 [ 52d0e33b681bd0f33fdc08812fee4f7d ] stisvc C:\Windows\System32\wiaservc.dll
01:49:32.0000 3784 stisvc - ok
01:49:32.0031 3784 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
01:49:32.0031 3784 swenum - ok
01:49:32.0062 3784 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
01:49:32.0093 3784 swprv - ok
01:49:32.0203 3784 [ 961cfac2a5318e212f459d651f28e0a4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
01:49:32.0218 3784 SynTP - ok
01:49:32.0265 3784 [ 3c1284516a62078fb68f768de4f1a7be ] SysMain C:\Windows\system32\sysmain.dll
01:49:32.0343 3784 SysMain - ok
01:49:32.0359 3784 [ 238935c3cf2854886dc7cbb2a0e2cc66 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:49:32.0374 3784 TabletInputService - ok
01:49:32.0390 3784 [ 884264ac597b690c5707c89723bb8e7b ] TapiSrv C:\Windows\System32\tapisrv.dll
01:49:32.0405 3784 TapiSrv - ok
01:49:32.0421 3784 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
01:49:32.0421 3784 TBS - ok
01:49:32.0530 3784 [ 624c5b3aa4c99b3184bb922d9ece3ff0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:49:32.0608 3784 Tcpip - ok
01:49:32.0702 3784 [ 624c5b3aa4c99b3184bb922d9ece3ff0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:49:32.0733 3784 TCPIP6 - ok
01:49:32.0764 3784 [ 76d078af6f587b162d50210f761eb9ed ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:49:32.0764 3784 tcpipreg - ok
01:49:32.0811 3784 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:49:32.0811 3784 TDPIPE - ok
01:49:32.0842 3784 [ 7518f7bcfd4b308abc9192bacaf6c970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:49:32.0858 3784 TDTCP - ok
01:49:32.0873 3784 [ 079125c4b17b01fcaeebce0bcb290c0f ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:49:32.0873 3784 tdx - ok
01:49:33.0029 3784 [ a4d2ce94b028ef1e437cf4ac3d8ff26c ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
01:49:33.0045 3784 TeamViewer7 - ok
01:49:33.0061 3784 [ c448651339196c0e869a355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
01:49:33.0061 3784 TermDD - ok
01:49:33.0092 3784 [ 0f05ec2887bfe197ad82a13287d2f404 ] TermService C:\Windows\System32\termsrv.dll
01:49:33.0139 3784 TermService - ok
01:49:33.0154 3784 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
01:49:33.0154 3784 Themes - ok
01:49:33.0170 3784 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
01:49:33.0185 3784 THREADORDER - ok
01:49:33.0201 3784 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
01:49:33.0201 3784 TrkWks - ok
01:49:33.0248 3784 [ 840f7fb849f5887a49ba18c13b2da920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:49:33.0263 3784 TrustedInstaller - ok
01:49:33.0279 3784 [ 61b96c26131e37b24e93327a0bd1fb95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:49:33.0279 3784 tssecsrv - ok
01:49:33.0341 3784 [ 3836171a2cdf3af8ef10856db9835a70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:49:33.0357 3784 tunnel - ok
01:49:33.0388 3784 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
01:49:33.0388 3784 uagp35 - ok
01:49:33.0435 3784 [ c06e6f4679ceb8f430b90a51d76d8d3c ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:49:33.0435 3784 udfs - ok
01:49:33.0482 3784 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:49:33.0482 3784 UI0Detect - ok
01:49:33.0513 3784 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
01:49:33.0513 3784 uliagpkx - ok
01:49:33.0575 3784 [ eab6c35e62b1b0db0d1b48b671d3a117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
01:49:33.0575 3784 umbus - ok
01:49:33.0607 3784 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
01:49:33.0607 3784 UmPass - ok
01:49:33.0638 3784 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
01:49:33.0638 3784 upnphost - ok
01:49:33.0669 3784 [ 537a4e03d7103c12d42dfd8ffdb5bdc9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:49:33.0669 3784 usbccgp - ok
01:49:33.0700 3784 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
01:49:33.0700 3784 usbcir - ok
01:49:33.0747 3784 [ fbb21ebe49f6d560db37ac25fbc68e66 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
01:49:33.0747 3784 usbehci - ok
01:49:33.0794 3784 [ 2c780746dc44a28fe67004dc58173f05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
01:49:33.0794 3784 usbfilter - ok
01:49:33.0856 3784 [ 6b7a8a99c4a459e73c286a6763ea24cc ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:49:33.0872 3784 usbhub - ok
01:49:33.0887 3784 [ 8c88aa7617b4cbc2e4bed61d26b33a27 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
01:49:33.0903 3784 usbohci - ok
01:49:33.0934 3784 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:49:33.0934 3784 usbprint - ok
01:49:33.0965 3784 [ f39983647bc1f3e6100778ddfe9dce29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:49:33.0965 3784 USBSTOR - ok
01:49:33.0997 3784 [ 0b5b3b2df3fd1709618acfa50b8392b0 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
01:49:33.0997 3784 usbuhci - ok
01:49:34.0059 3784 [ 7cb8c573c6e4a2714402cc0a36eab4fe ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
01:49:34.0059 3784 usbvideo - ok
01:49:34.0121 3784 [ 70d05ee263568a742d14e1876df80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
01:49:34.0121 3784 usb_rndisx - ok
01:49:34.0153 3784 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
01:49:34.0168 3784 UxSms - ok
01:49:34.0184 3784 [ 156f6159457d0aa7e59b62681b56eb90 ] VaultSvc C:\Windows\system32\lsass.exe
01:49:34.0184 3784 VaultSvc - ok
01:49:34.0246 3784 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
01:49:34.0246 3784 vdrvroot - ok
01:49:34.0277 3784 [ 44d73e0bbc1d3c8981304ba15135c2f2 ] vds C:\Windows\System32\vds.exe
01:49:34.0309 3784 vds - ok
01:49:34.0324 3784 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:49:34.0324 3784 vga - ok
01:49:34.0355 3784 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
01:49:34.0355 3784 VgaSave - ok
01:49:34.0387 3784 [ c82e748660f62a242b2dfac1442f22a4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
01:49:34.0402 3784 vhdmp - ok
01:49:34.0418 3784 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
01:49:34.0418 3784 viaide - ok
01:49:34.0449 3784 [ 2b1a3dae2b4e70dbba822b7a03fbd4a3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
01:49:34.0449 3784 volmgr - ok
01:49:34.0480 3784 [ 99b0cbb569ca79acaed8c91461d765fb ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:49:34.0480 3784 volmgrx - ok
01:49:34.0511 3784 [ 58f82eed8ca24b461441f9c3e4f0bf5c ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
01:49:34.0511 3784 volsnap - ok
01:49:34.0527 3784 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
01:49:34.0543 3784 vsmraid - ok
01:49:34.0605 3784 [ 787898bf9fb6d7bd87a36e2d95c899ba ] VSS C:\Windows\system32\vssvc.exe
01:49:34.0683 3784 VSS - ok
01:49:34.0699 3784 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
01:49:34.0714 3784 vwifibus - ok
01:49:34.0730 3784 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
01:49:34.0730 3784 vwififlt - ok
01:49:34.0792 3784 [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
01:49:34.0792 3784 vwifimp - ok
01:49:34.0823 3784 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
01:49:34.0839 3784 W32Time - ok
01:49:34.0870 3784 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
01:49:34.0870 3784 WacomPen - ok
01:49:34.0933 3784 [ 47ca49400643effd3f1c9a27e1d69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:49:34.0933 3784 WANARP - ok
01:49:34.0948 3784 [ 47ca49400643effd3f1c9a27e1d69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:49:34.0948 3784 Wanarpv6 - ok
01:49:35.0042 3784 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
01:49:35.0089 3784 WatAdminSvc - ok
01:49:35.0151 3784 [ 5ab1bb85bd8b5089cc5d64200dedae68 ] wbengine C:\Windows\system32\wbengine.exe
01:49:35.0213 3784 wbengine - ok
01:49:35.0245 3784 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:49:35.0245 3784 WbioSrvc - ok
01:49:35.0276 3784 [ dd1bae8ebfc653824d29ccf8c9054d68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:49:35.0276 3784 wcncsvc - ok
01:49:35.0291 3784 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:49:35.0307 3784 WcsPlugInService - ok
01:49:35.0338 3784 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys
01:49:35.0338 3784 Wd - ok
01:49:35.0401 3784 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:49:35.0416 3784 Wdf01000 - ok
01:49:35.0447 3784 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:49:35.0447 3784 WdiServiceHost - ok
01:49:35.0463 3784 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:49:35.0463 3784 WdiSystemHost - ok
01:49:35.0510 3784 [ 733006127f235be7c35354ebee7b9a7b ] WebClient C:\Windows\System32\webclnt.dll
01:49:35.0510 3784 WebClient - ok
01:49:35.0541 3784 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:49:35.0541 3784 Wecsvc - ok
01:49:35.0572 3784 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:49:35.0572 3784 wercplsupport - ok
01:49:35.0619 3784 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
01:49:35.0619 3784 WerSvc - ok
01:49:35.0666 3784 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:49:35.0666 3784 WfpLwf - ok
01:49:35.0681 3784 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:49:35.0697 3784 WIMMount - ok
01:49:35.0697 3784 WinHttpAutoProxySvc - ok
01:49:35.0759 3784 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:49:35.0775 3784 Winmgmt - ok
01:49:35.0853 3784 [ 41fbb751936b387f9179e7f03a74fe29 ] WinRM C:\Windows\system32\WsmSvc.dll
01:49:35.0915 3784 WinRM - ok
01:49:36.0009 3784 [ 817eaff5d38674edd7713b9dfb8e9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
01:49:36.0009 3784 WinUsb - ok
01:49:36.0056 3784 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
01:49:36.0087 3784 Wlansvc - ok
01:49:36.0196 3784 [ 98f138897ef4246381d197cb81846d62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:49:36.0243 3784 wlidsvc - ok
01:49:36.0305 3784 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
01:49:36.0305 3784 WmiAcpi - ok
01:49:36.0337 3784 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:49:36.0352 3784 wmiApSrv - ok
01:49:36.0368 3784 WMPNetworkSvc - ok
01:49:36.0430 3784 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:49:36.0446 3784 WPCSvc - ok
01:49:36.0461 3784 [ 2e57ddf2880a7e52e76f41c7e96d327b ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:49:36.0461 3784 WPDBusEnum - ok
01:49:36.0493 3784 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:49:36.0493 3784 ws2ifsl - ok
01:49:36.0539 3784 [ 8d918b1db190a4d9b1753a66fa8c96e8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
01:49:36.0555 3784 WSDPrintDevice - ok
01:49:36.0555 3784 [ 4a2a5c50dd1a63577d3aca94269fbc7f ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
01:49:36.0571 3784 WSDScan - ok
01:49:36.0571 3784 WSearch - ok
01:49:36.0633 3784 [ 7cadc74271dd6461c452c271b30bd378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:49:36.0649 3784 WudfPf - ok
01:49:36.0711 3784 [ 3b197af0fff08aa66b6b2241ca538d64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:49:36.0711 3784 WUDFRd - ok
01:49:36.0742 3784 [ b551d6637aa0e132c18ac6e504f7b79b ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:49:36.0742 3784 wudfsvc - ok
01:49:36.0773 3784 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
01:49:36.0773 3784 WwanSvc - ok
01:49:36.0836 3784 [ b3eeacf62445e24fbb2cd4b0fb4db026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
01:49:36.0836 3784 yukonw7 - ok
01:49:36.0883 3784 ================ Scan global ===============================
01:49:36.0914 3784 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
01:49:36.0961 3784 (0cb6ebf4b461a6043353c570bd72a1e1) C:\Windows\system32\winsrv.dll
01:49:36.0976 3784 (0cb6ebf4b461a6043353c570bd72a1e1) C:\Windows\system32\winsrv.dll
01:49:37.0007 3784 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
01:49:37.0070 3784 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
01:49:37.0070 3784 [Global] - ok
01:49:37.0070 3784 ================ Scan MBR ==================================
01:49:37.0085 3784 MBR (0x1B8) (9991d9d3e6a93df21b4d7ea50e0b4a82) \Device\Harddisk0\DR0
01:49:37.0585 3784 \Device\Harddisk0\DR0 - ok
01:49:37.0585 3784 ================ Scan VBR ==================================
01:49:37.0585 3784 Boot (0x1200) (9db8dee9d65ee884a31d5ba665bbdc01) \Device\Harddisk0\DR0\Partition1
01:49:37.0585 3784 \Device\Harddisk0\DR0\Partition1 - ok
01:49:37.0631 3784 Boot (0x1200) (50a5266a8596590650f4c1999ddb2eca) \Device\Harddisk0\DR0\Partition2
01:49:37.0631 3784 \Device\Harddisk0\DR0\Partition2 - ok
01:49:37.0663 3784 Boot (0x1200) (88a6b7d528f9426f64677c7f552bb115) \Device\Harddisk0\DR0\Partition3
01:49:37.0663 3784 \Device\Harddisk0\DR0\Partition3 - ok
01:49:37.0694 3784 Boot (0x1200) (e8ed9e3a2ca554ba9c76b2d52a8a8816) \Device\Harddisk0\DR0\Partition4
01:49:37.0694 3784 \Device\Harddisk0\DR0\Partition4 - ok
01:49:37.0694 3784 ============================================================
01:49:37.0694 3784 Scan finished
01:49:37.0694 3784 ============================================================
01:49:37.0709 2480 Detected object count: 0
01:49:37.0709 2480 Actual detected object count: 0
01:49:43.0591 2172 Deinitialize success

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-20 01:50:24
-----------------------------
01:50:24.658 OS Version: Windows x64 6.1.7600
01:50:24.658 Number of processors: 2 586 0x603
01:50:24.658 ComputerName: LEVNHARD-HP UserName: LEVNHARD
01:50:25.844 Initialize success
01:50:39.104 AVAST engine defs: 12081900
01:50:43.721 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005b
01:50:43.721 Disk 0 Vendor: ST932032 0005 Size: 305245MB BusType: 11
01:50:43.737 Disk 0 MBR read successfully
01:50:43.737 Disk 0 MBR scan
01:50:43.768 Disk 0 unknown MBR code
01:50:43.784 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
01:50:43.799 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287203 MB offset 409600
01:50:43.831 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17738 MB offset 588601344
01:50:43.909 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 624928768
01:50:44.018 Disk 0 scanning C:\Windows\system32\drivers
01:51:12.082 Service scanning
01:51:45.872 Modules scanning
01:51:45.888 Disk 0 trace - called modules:
01:51:45.903 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
01:51:45.919 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80042e4230]
01:51:45.919 3 CLASSPNP.SYS[fffff880018fc43f] -> nt!IofCallDriver -> [0xfffffa8004271040]
01:51:45.919 5 amdxata.sys[fffff880010a07a8] -> nt!IofCallDriver -> \Device\0000005b[0xfffffa800426d9c0]
01:51:47.401 AVAST engine scan C:\Windows
01:51:55.185 AVAST engine scan C:\Windows\system32
01:56:33.404 AVAST engine scan C:\Windows\system32\drivers
01:56:52.109 AVAST engine scan C:\Users\LEVNHARD
02:12:07.081 AVAST engine scan C:\ProgramData
02:16:14.061 Scan finished successfully
02:17:12.686 Disk 0 MBR has been saved successfully to "C:\Users\LEVNHARD\Desktop\MBR.dat"
02:17:12.702 The log file has been saved successfully to "C:\Users\LEVNHARD\Desktop\aswMBR2.txt"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:31 PM

Posted 20 August 2012 - 02:09 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

post the generated log

#9 out4bounty

out4bounty
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 20 August 2012 - 05:10 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by LEVNHARD (administrator) on 20-08-2012 at 06:09:12
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : LEVNHARD-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 6E-0F-6E-5C-51-51
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 4C-0F-6E-5C-51-51
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e1d8:f392:d599:bf27%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, August 20, 2012 1:44:50 AM
Lease Expires . . . . . . . . . . : Tuesday, August 21, 2012 1:44:55 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 323751790
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-79-41-79-3C-4A-92-4A-C2-95
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 3C-4A-92-4A-C2-95
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{19A23887-C1B7-4CCE-8C47-327DA43FA9E4}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4004:801::1006
74.125.228.71
74.125.228.72
74.125.228.65
74.125.228.70
74.125.228.64
74.125.228.67
74.125.228.66
74.125.228.69
74.125.228.78
74.125.228.68
74.125.228.73


Pinging google.com [74.125.228.72] with 32 bytes of data:
Reply from 74.125.228.72: bytes=32 time=17ms TTL=55
Reply from 74.125.228.72: bytes=32 time=13ms TTL=55

Ping statistics for 74.125.228.72:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 13ms, Maximum = 17ms, Average = 15ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=159ms TTL=51
Reply from 98.139.183.24: bytes=32 time=54ms TTL=51

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 54ms, Maximum = 159ms, Average = 106ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...6e 0f 6e 5c 51 51 ......Microsoft Virtual WiFi Miniport Adapter
13...4c 0f 6e 5c 51 51 ......Atheros AR9285 802.11b/g/n WiFi Adapter
11...3c 4a 92 4a c2 95 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 281 fe80::/64 On-link
13 281 fe80::e1d8:f392:d599:bf27/128
On-link
1 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/20/2012 02:55:41 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/20/2012 02:55:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/20/2012 02:55:18 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (08/20/2012 02:54:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/20/2012 02:54:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (08/20/2012 02:53:07 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Multiple requestedPrivileges elements are not allowed in manifest.

Error: (08/20/2012 01:55:07 AM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/19/2012 11:34:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/19/2012 11:34:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/19/2012 11:34:28 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.


System errors:
=============
Error: (08/20/2012 01:46:41 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/20/2012 01:46:41 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/20/2012 01:45:52 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/20/2012 01:45:51 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (08/20/2012 01:44:49 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/20/2012 01:44:49 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/20/2012 01:44:48 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (08/20/2012 01:44:47 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/20/2012 01:38:13 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/20/2012 01:38:13 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.1.3)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
aioscnnr (Version: 7.3.4.0)
AMD USB Filter Driver (Version: 1.0.15.94)
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.14.0.0)
Atheros Driver Installation Program (Version: 9.2)
ATI Catalyst Install Manager (Version: 3.0.765.0)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Blackhawk Striker 2 (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
C4USelfUpdater (Version: 1.00.0000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Full Existing (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Full New (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Light (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Previews Common (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0617.855.14122)
Catalyst Control Center InstallProxy (Version: 2010.0617.855.14122)
Catalyst Control Center Localization All (Version: 2010.0617.855.14122)
ccc-core-static (Version: 2010.0617.855.14122)
ccc-utility64 (Version: 2010.0617.855.14122)
CCC Help Chinese Standard (Version: 2010.0617.0854.14122)
CCC Help Chinese Traditional (Version: 2010.0617.0854.14122)
CCC Help Czech (Version: 2010.0617.0854.14122)
CCC Help Danish (Version: 2010.0617.0854.14122)
CCC Help Dutch (Version: 2010.0617.0854.14122)
CCC Help English (Version: 2010.0617.0854.14122)
CCC Help Finnish (Version: 2010.0617.0854.14122)
CCC Help French (Version: 2010.0617.0854.14122)
CCC Help German (Version: 2010.0617.0854.14122)
CCC Help Greek (Version: 2010.0617.0854.14122)
CCC Help Hungarian (Version: 2010.0617.0854.14122)
CCC Help Italian (Version: 2010.0617.0854.14122)
CCC Help Japanese (Version: 2010.0617.0854.14122)
CCC Help Korean (Version: 2010.0617.0854.14122)
CCC Help Norwegian (Version: 2010.0617.0854.14122)
CCC Help Polish (Version: 2010.0617.0854.14122)
CCC Help Portuguese (Version: 2010.0617.0854.14122)
CCC Help Russian (Version: 2010.0617.0854.14122)
CCC Help Spanish (Version: 2010.0617.0854.14122)
CCC Help Swedish (Version: 2010.0617.0854.14122)
CCC Help Thai (Version: 2010.0617.0854.14122)
CCC Help Turkish (Version: 2010.0617.0854.14122)
center (Version: 6.2.5.0)
Chuzzle Deluxe (Version: 2.2.0.95)
CinemaNow Media Manager (Version: 1.9.1.105)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Content Manager (Version: 2.61)
CyberLink DVD Suite (Version: 7.0.3003)
CyberLink MediaShow (Version: 5.0.1616)
CyberLink PowerDVD 9 (Version: 9.0.1.5122)
CyberLink YouCam (Version: 3.0.2511)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's Carnival Adventure (Version: 2.2.0.95)
Energy Star Digital Logo (Version: 1.0.1)
Escape Rosecliff Island (Version: 2.2.0.95)
ESET Online Scanner v3
essentials (Version: 6.0.14.0)
ESU for Microsoft Windows 7 (Version: 1.0.0)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
FATE (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
Google Chrome (Version: 21.0.1180.79)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3203.136)
Google Update Helper (Version: 1.3.21.115)
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP Advisor (Version: 3.4.10262.3295)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.1.1.0)
HP Game Console
HP Games (Version: 1.0.1.3)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP Photo Creations (Version: 1.0.0.3611)
HP Power Manager (Version: 1.0.3)
HP Quick Launch (Version: 2.3.6)
HP Setup (Version: 8.1.4186.3400)
HP Software Framework (Version: 4.0.108.1)
HP Support Assistant (Version: 6.1.12.1)
HP Wireless Assistant (Version: 4.0.9.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 31 (Version: 6.0.310)
Jewel Quest 3 (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 14.0.8117.416)
Kodak AIO Printer (Version: 7.5.0.0)
KODAK AiO Software (Version: 7.5.9.60)
LabelPrint (Version: 2.5.2907)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Media Player Codec Pack 4.1.1
MediaMonkey 4.0 (Version: 4.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyTomTom 3.2.0.700 (Version: 3.2.0.700)
ocr (Version: 6.2.3.50)
ooVoo (Version: 3.0.7031)
ooVoo toolbar, powered by Ask.com Updater (Version: 1.2.0.19709)
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.6904)
Plants vs. Zombies (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4204)
PowerDirector (Version: 8.0.3003)
PreReq (Version: 6.2.4.0)
QuickTime (Version: 7.72.80.56)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.18.322.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6122)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30120)
Recovery Manager (Version: 5.5.3023)
Roxio CinemaNow 2.0 (Version: 1.0.278)
RtVOsd (Version: 1.0.3)
Samsung Kies (Version: 2.1.0.11112_41)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.103.0)
SanDisk ImageMate (Version: 1.2.0.2)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.9 (Version: 5.9.123)
Synaptics Pointing Device Driver (Version: 15.1.6.64)
TeamViewer 7 (Version: 7.0.12979)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Vid-Saver (Version: 1.18.149.149)
Virtual Families (Version: 2.2.0.95)
Virtual Villagers - The Secret City (Version: 2.2.0.95)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
Wheel of Fortune 2 (Version: 2.2.0.95)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
Yahoo! Detect
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 3834.9 MB
Available physical RAM: 2349.63 MB
Total Pagefile: 7667.95 MB
Available Pagefile: 6029.82 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.54 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:280.47 GB) (Free:20.71 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:17.32 GB) (Free:2.51 GB) NTFS

========================= Users: ========================================

User accounts for \\LEVNHARD-HP

Administrator Guest LEVNHARD


**** End of log ****

#10 out4bounty

out4bounty
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 20 August 2012 - 05:12 AM

Farbar Service Scanner Version: 06-08-2012
Ran by LEVNHARD (administrator) on 20-08-2012 at 06:11:07
Running from "C:\Users\LEVNHARD\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RHLTNMAX"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-15 18:17] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-09 02:09] - [2012-03-30 07:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 20:09] - [2009-07-13 21:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 19:36] - [2009-07-13 21:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-06-12 22:41] - [2012-04-24 01:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#11 out4bounty

out4bounty
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 20 August 2012 - 05:27 AM

# AdwCleaner v1.801 - Logfile created 08/20/2012 at 06:26:56
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : LEVNHARD - LEVNHARD-HP
# Boot Mode : Normal
# Running from : C:\Users\LEVNHARD\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FOYPAO16\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

[x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.79

File : C:\Users\LEVNHARD\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [8830 octets] - [20/08/2012 06:12:05]
AdwCleaner[R2].txt - [8890 octets] - [20/08/2012 06:13:21]
AdwCleaner[S1].txt - [6831 octets] - [20/08/2012 06:13:43]
AdwCleaner[R3].txt - [1067 octets] - [20/08/2012 06:26:56]

########## EOF - C:\AdwCleaner[R3].txt - [1195 octets] ##########

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:31 PM

Posted 20 August 2012 - 05:29 AM

Download

MpsSvc
BFE
wscsvc
defender
wuauserv
BITS
Sharedaccess

Launch them ,click YES when you get UAC prompt

restart the PC


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Also download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

Edited by narenxp, 20 August 2012 - 05:30 AM.


#13 out4bounty

out4bounty
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 20 August 2012 - 05:30 AM

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.20.01

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
LEVNHARD :: LEVNHARD-HP [administrator]

8/20/2012 2:21:46 AM
mbam-log-2012-08-20 (02-21-46).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213710
Time elapsed: 5 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:31 PM

Posted 20 August 2012 - 05:32 AM

Check my previous instructions :thumbup2:

#15 out4bounty

out4bounty
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 20 August 2012 - 08:02 AM

Check my previous instructions :thumbup2:

I will do those tonight when I get home thanks for all your help

Edited by out4bounty, 20 August 2012 - 08:02 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users