Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Generic29.dfs and PUPIFUNWEB Products


  • Please log in to reply
14 replies to this topic

#1 tink2725

tink2725

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:39 AM

Posted 20 August 2012 - 11:34 AM

Hello,

My mom's laptop has problems with popups ect. I scanned with AVG Anti Virus and Malware bytes. So far I havn't gotten rid of everything.
HP Pavilian G6 64 bit
Windows 7
I have it running the Malware bytes right now (3rdtime) and it finds:
C:user/owner/appdata/local/micrsoft/windtemp/internet files/contentie5/05yxa794/gasclance.exe

C:Windows svchost.exe
C:windows svchost.exe

Please any help is apreciated!
Tam

Edited by Orange Blossom, 20 August 2012 - 12:09 PM.
Moved from Windows 7 to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:39 AM

Posted 20 August 2012 - 11:37 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 tink2725

tink2725
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:39 AM

Posted 20 August 2012 - 12:03 PM

TDS scan...

12:58:21.0185 5484 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
12:58:21.0455 5484 ============================================================
12:58:21.0455 5484 Current date / time: 2012/08/20 12:58:21.0455
12:58:21.0455 5484 SystemInfo:
12:58:21.0455 5484
12:58:21.0471 5484 OS Version: 6.1.7601 ServicePack: 1.0
12:58:21.0471 5484 Product type: Workstation
12:58:21.0471 5484 ComputerName: OWNER-HP
12:58:21.0471 5484 UserName: owner
12:58:21.0471 5484 Windows directory: C:\Windows
12:58:21.0471 5484 System windows directory: C:\Windows
12:58:21.0471 5484 Running under WOW64
12:58:21.0471 5484 Processor architecture: Intel x64
12:58:21.0471 5484 Number of processors: 2
12:58:21.0471 5484 Page size: 0x1000
12:58:21.0471 5484 Boot type: Normal boot
12:58:21.0471 5484 ============================================================
12:58:22.0582 5484 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:58:22.0582 5484 ============================================================
12:58:22.0582 5484 \Device\Harddisk0\DR0:
12:58:22.0582 5484 MBR partitions:
12:58:22.0582 5484 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
12:58:22.0582 5484 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x22236800
12:58:22.0582 5484 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2229A800, BlocksNum 0x29A4000
12:58:22.0582 5484 ============================================================
12:58:22.0613 5484 C: <-> \Device\Harddisk0\DR0\Partition2
12:58:22.0644 5484 D: <-> \Device\Harddisk0\DR0\Partition3
12:58:22.0644 5484 ============================================================
12:58:22.0644 5484 Initialize success
12:58:22.0644 5484 ============================================================
12:58:25.0604 6040 ============================================================
12:58:25.0604 6040 Scan started
12:58:25.0604 6040 Mode: Manual;
12:58:25.0604 6040 ============================================================
12:58:26.0365 6040 ================ Scan system memory ========================
12:58:26.0365 6040 System memory - ok
12:58:26.0365 6040 ================ Scan services =============================
12:58:26.0583 6040 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:58:26.0712 6040 1394ohci - ok
12:58:26.0795 6040 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:58:26.0811 6040 ACPI - ok
12:58:26.0842 6040 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:58:26.0925 6040 AcpiPmi - ok
12:58:27.0039 6040 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:58:27.0055 6040 AdobeARMservice - ok
12:58:27.0205 6040 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:58:27.0205 6040 AdobeFlashPlayerUpdateSvc - ok
12:58:27.0304 6040 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:58:27.0335 6040 adp94xx - ok
12:58:27.0387 6040 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:58:27.0449 6040 adpahci - ok
12:58:27.0501 6040 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:58:27.0532 6040 adpu320 - ok
12:58:27.0584 6040 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:58:27.0584 6040 AeLookupSvc - ok
12:58:27.0631 6040 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:58:27.0647 6040 AFD - ok
12:58:27.0714 6040 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:58:27.0730 6040 agp440 - ok
12:58:27.0761 6040 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:58:27.0776 6040 ALG - ok
12:58:27.0844 6040 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:58:27.0859 6040 aliide - ok
12:58:27.0911 6040 [ 3DE8DC285540733818588CC94E7FC96E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:58:27.0911 6040 AMD External Events Utility - ok
12:58:27.0974 6040 AMD FUEL Service - ok
12:58:28.0010 6040 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:58:28.0010 6040 amdide - ok
12:58:28.0057 6040 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
12:58:28.0072 6040 amdiox64 - ok
12:58:28.0122 6040 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:58:28.0122 6040 AmdK8 - ok
12:58:28.0434 6040 [ 42D53DAF85F948C39CE1351A8F5B5808 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:58:28.0730 6040 amdkmdag - ok
12:58:28.0870 6040 [ 75182B5784015B271932088551616A96 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:58:29.0042 6040 amdkmdap - ok
12:58:29.0104 6040 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:58:29.0104 6040 AmdPPM - ok
12:58:29.0167 6040 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:58:29.0182 6040 amdsata - ok
12:58:29.0198 6040 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:58:29.0214 6040 amdsbs - ok
12:58:29.0229 6040 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:58:29.0229 6040 amdxata - ok
12:58:29.0260 6040 [ BB4FE7889DB9CBBE61A308E99697F53C ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
12:58:29.0260 6040 amd_sata - ok
12:58:29.0276 6040 [ 5631CBA53F1CBEA3F9E88348E6723391 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
12:58:29.0276 6040 amd_xata - ok
12:58:29.0323 6040 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:58:29.0323 6040 AppID - ok
12:58:29.0370 6040 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:58:29.0370 6040 AppIDSvc - ok
12:58:29.0401 6040 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:58:29.0401 6040 Appinfo - ok
12:58:29.0448 6040 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
12:58:29.0448 6040 arc - ok
12:58:29.0479 6040 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:58:29.0479 6040 arcsas - ok
12:58:29.0541 6040 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:58:29.0557 6040 AsyncMac - ok
12:58:29.0604 6040 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:58:29.0604 6040 atapi - ok
12:58:29.0697 6040 [ CBD14F698DEF12EE3557604B726CB8EB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:58:29.0728 6040 AtiHDAudioService - ok
12:58:29.0791 6040 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:58:29.0806 6040 AudioEndpointBuilder - ok
12:58:29.0822 6040 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:58:29.0838 6040 AudioSrv - ok
12:58:30.0150 6040 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
12:58:30.0290 6040 AVGIDSAgent - ok
12:58:30.0368 6040 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
12:58:30.0368 6040 AVGIDSDriver - ok
12:58:30.0415 6040 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
12:58:30.0415 6040 AVGIDSFilter - ok
12:58:30.0446 6040 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
12:58:30.0446 6040 AVGIDSHA - ok
12:58:30.0493 6040 [ 59955B4C288DD2A8B9FD2CD5158355C5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
12:58:30.0493 6040 Avgldx64 - ok
12:58:30.0540 6040 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
12:58:30.0540 6040 Avgmfx64 - ok
12:58:30.0586 6040 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
12:58:30.0586 6040 Avgrkx64 - ok
12:58:30.0618 6040 [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
12:58:30.0696 6040 Avgtdia - ok
12:58:30.0742 6040 [ E964EA70249DDE1343C8F694B52575EE ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
12:58:30.0820 6040 avgtp - ok
12:58:30.0883 6040 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
12:58:30.0930 6040 avgwd - ok
12:58:31.0054 6040 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:58:31.0070 6040 AxInstSV - ok
12:58:31.0164 6040 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:58:31.0226 6040 b06bdrv - ok
12:58:31.0288 6040 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:58:31.0382 6040 b57nd60a - ok
12:58:31.0460 6040 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
12:58:31.0476 6040 BCM43XX - ok
12:58:31.0507 6040 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:58:31.0507 6040 BDESVC - ok
12:58:31.0538 6040 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:58:31.0538 6040 Beep - ok
12:58:31.0585 6040 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:58:31.0600 6040 BFE - ok
12:58:31.0647 6040 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
12:58:31.0678 6040 BITS - ok
12:58:31.0725 6040 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:58:31.0788 6040 blbdrive - ok
12:58:31.0834 6040 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:58:31.0834 6040 bowser - ok
12:58:31.0912 6040 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:58:31.0975 6040 BrFiltLo - ok
12:58:32.0006 6040 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:58:32.0006 6040 BrFiltUp - ok
12:58:32.0068 6040 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:58:32.0068 6040 Browser - ok
12:58:32.0162 6040 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:58:32.0162 6040 Brserid - ok
12:58:32.0209 6040 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:58:32.0240 6040 BrSerWdm - ok
12:58:32.0271 6040 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:58:32.0271 6040 BrUsbMdm - ok
12:58:32.0302 6040 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:58:32.0380 6040 BrUsbSer - ok
12:58:32.0412 6040 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:58:32.0443 6040 BTHMODEM - ok
12:58:32.0521 6040 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:58:32.0521 6040 bthserv - ok
12:58:32.0552 6040 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:58:32.0568 6040 cdfs - ok
12:58:32.0614 6040 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:58:32.0614 6040 cdrom - ok
12:58:32.0833 6040 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:58:32.0833 6040 CertPropSvc - ok
12:58:32.0989 6040 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
12:58:33.0082 6040 circlass - ok
12:58:33.0160 6040 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:58:33.0160 6040 CLFS - ok
12:58:33.0628 6040 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:58:33.0660 6040 clr_optimization_v2.0.50727_32 - ok
12:58:33.0738 6040 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:58:33.0738 6040 clr_optimization_v2.0.50727_64 - ok
12:58:34.0081 6040 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:58:34.0081 6040 clr_optimization_v4.0.30319_32 - ok
12:58:34.0221 6040 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:58:34.0237 6040 clr_optimization_v4.0.30319_64 - ok
12:58:34.0377 6040 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
12:58:34.0393 6040 clwvd - ok
12:58:34.0502 6040 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:58:34.0518 6040 CmBatt - ok
12:58:34.0580 6040 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:58:34.0642 6040 cmdide - ok
12:58:34.0736 6040 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:58:34.0752 6040 CNG - ok
12:58:34.0845 6040 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:58:34.0861 6040 Compbatt - ok
12:58:34.0876 6040 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:58:34.0939 6040 CompositeBus - ok
12:58:34.0954 6040 COMSysApp - ok
12:58:34.0986 6040 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:58:34.0986 6040 crcdisk - ok
12:58:35.0095 6040 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:58:35.0110 6040 CryptSvc - ok
12:58:35.0298 6040 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:58:35.0298 6040 cvhsvc - ok
12:58:35.0391 6040 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:58:35.0391 6040 DcomLaunch - ok
12:58:35.0422 6040 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:58:35.0438 6040 defragsvc - ok
12:58:35.0500 6040 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:58:35.0500 6040 DfsC - ok
12:58:35.0532 6040 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:58:35.0563 6040 Dhcp - ok
12:58:35.0610 6040 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:58:35.0610 6040 discache - ok
12:58:35.0656 6040 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
12:58:35.0656 6040 Disk - ok
12:58:35.0688 6040 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:58:35.0703 6040 Dnscache - ok
12:58:35.0734 6040 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:58:35.0734 6040 dot3svc - ok
12:58:35.0734 6040 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:58:35.0750 6040 DPS - ok
12:58:35.0812 6040 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:58:35.0844 6040 drmkaud - ok
12:58:35.0922 6040 [ A4F408AD1065C7AD2ED332C68025B435 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:58:35.0953 6040 DXGKrnl - ok
12:58:36.0046 6040 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:58:36.0046 6040 EapHost - ok
12:58:36.0234 6040 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:58:36.0390 6040 ebdrv - ok
12:58:36.0421 6040 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:58:36.0421 6040 EFS - ok
12:58:36.0499 6040 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:58:36.0499 6040 ehRecvr - ok
12:58:36.0530 6040 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:58:36.0530 6040 ehSched - ok
12:58:36.0655 6040 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:58:36.0670 6040 elxstor - ok
12:58:36.0702 6040 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:58:36.0717 6040 ErrDev - ok
12:58:36.0811 6040 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:58:36.0826 6040 EventSystem - ok
12:58:36.0920 6040 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:58:36.0920 6040 exfat - ok
12:58:36.0936 6040 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:58:36.0951 6040 fastfat - ok
12:58:36.0982 6040 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:58:37.0029 6040 Fax - ok
12:58:37.0107 6040 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
12:58:37.0138 6040 fdc - ok
12:58:37.0185 6040 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:58:37.0201 6040 fdPHost - ok
12:58:37.0216 6040 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:58:37.0232 6040 FDResPub - ok
12:58:37.0279 6040 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:58:37.0279 6040 FileInfo - ok
12:58:37.0310 6040 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:58:37.0310 6040 Filetrace - ok
12:58:37.0326 6040 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:58:37.0357 6040 flpydisk - ok
12:58:37.0372 6040 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:58:37.0372 6040 FltMgr - ok
12:58:37.0450 6040 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:58:37.0466 6040 FontCache - ok
12:58:37.0560 6040 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:58:37.0575 6040 FontCache3.0.0.0 - ok
12:58:37.0669 6040 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:58:37.0669 6040 FsDepends - ok
12:58:37.0747 6040 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:58:37.0747 6040 Fs_Rec - ok
12:58:37.0794 6040 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:58:37.0794 6040 fvevol - ok
12:58:37.0840 6040 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:58:37.0856 6040 gagp30kx - ok
12:58:37.0981 6040 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
12:58:37.0981 6040 GamesAppService - ok
12:58:38.0059 6040 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:58:38.0090 6040 gpsvc - ok
12:58:38.0230 6040 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:58:38.0246 6040 gupdate - ok
12:58:38.0262 6040 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:58:38.0277 6040 gupdatem - ok
12:58:38.0340 6040 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:58:38.0340 6040 gusvc - ok
12:58:38.0402 6040 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:58:38.0464 6040 hcw85cir - ok
12:58:38.0511 6040 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:58:38.0605 6040 HdAudAddService - ok
12:58:38.0636 6040 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:58:38.0636 6040 HDAudBus - ok
12:58:38.0683 6040 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:58:38.0683 6040 HidBatt - ok
12:58:38.0714 6040 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:58:38.0714 6040 HidBth - ok
12:58:38.0745 6040 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
12:58:38.0745 6040 HidIr - ok
12:58:38.0808 6040 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:58:38.0808 6040 hidserv - ok
12:58:38.0839 6040 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:58:38.0839 6040 HidUsb - ok
12:58:38.0886 6040 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:58:38.0886 6040 hkmsvc - ok
12:58:38.0932 6040 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:58:38.0979 6040 HomeGroupListener - ok
12:58:39.0042 6040 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:58:39.0057 6040 HomeGroupProvider - ok
12:58:39.0135 6040 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
12:58:39.0135 6040 HP Support Assistant Service - ok
12:58:39.0213 6040 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
12:58:39.0244 6040 HPClientSvc - ok
12:58:39.0354 6040 [ 02CE63D8DD5E6DD5CEFF336191C0859E ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
12:58:39.0354 6040 HPDrvMntSvc.exe - ok
12:58:39.0400 6040 [ E7C7829BA0395E48F8C8FE16B8832344 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
12:58:39.0416 6040 hpqwmiex - ok
12:58:39.0463 6040 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:58:39.0463 6040 HpSAMD - ok
12:58:39.0603 6040 [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
12:58:39.0634 6040 HPWMISVC - ok
12:58:39.0697 6040 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:58:39.0697 6040 HTTP - ok
12:58:39.0744 6040 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:58:39.0744 6040 hwpolicy - ok
12:58:39.0853 6040 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:58:39.0868 6040 i8042prt - ok
12:58:39.0931 6040 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:58:39.0978 6040 iaStorV - ok
12:58:40.0118 6040 [ 634BCD82FB1CE4B475B3D64935F3D2CC ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
12:58:40.0165 6040 IconMan_R - ok
12:58:40.0258 6040 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:58:40.0274 6040 idsvc - ok
12:58:40.0321 6040 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:58:40.0336 6040 iirsp - ok
12:58:40.0399 6040 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:58:40.0414 6040 IKEEXT - ok
12:58:40.0461 6040 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:58:40.0461 6040 intelide - ok
12:58:40.0508 6040 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
12:58:40.0508 6040 intelppm - ok
12:58:40.0524 6040 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:58:40.0539 6040 IPBusEnum - ok
12:58:40.0570 6040 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:58:40.0586 6040 IpFilterDriver - ok
12:58:40.0617 6040 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:58:40.0633 6040 iphlpsvc - ok
12:58:40.0664 6040 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:58:40.0664 6040 IPMIDRV - ok
12:58:40.0680 6040 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:58:40.0695 6040 IPNAT - ok
12:58:40.0742 6040 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:58:40.0742 6040 IRENUM - ok
12:58:40.0789 6040 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:58:40.0804 6040 isapnp - ok
12:58:40.0836 6040 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:58:40.0851 6040 iScsiPrt - ok
12:58:40.0929 6040 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:58:41.0007 6040 kbdclass - ok
12:58:41.0038 6040 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:58:41.0038 6040 kbdhid - ok
12:58:41.0070 6040 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:58:41.0070 6040 KeyIso - ok
12:58:41.0101 6040 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:58:41.0101 6040 KSecDD - ok
12:58:41.0132 6040 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:58:41.0132 6040 KSecPkg - ok
12:58:41.0179 6040 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:58:41.0179 6040 ksthunk - ok
12:58:41.0226 6040 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:58:41.0241 6040 KtmRm - ok
12:58:41.0288 6040 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:58:41.0288 6040 LanmanServer - ok
12:58:41.0335 6040 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:58:41.0335 6040 LanmanWorkstation - ok
12:58:41.0382 6040 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:58:41.0382 6040 lltdio - ok
12:58:41.0428 6040 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:58:41.0444 6040 lltdsvc - ok
12:58:41.0460 6040 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:58:41.0475 6040 lmhosts - ok
12:58:41.0522 6040 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:58:41.0538 6040 LSI_FC - ok
12:58:41.0600 6040 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:58:41.0600 6040 LSI_SAS - ok
12:58:41.0647 6040 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:58:41.0662 6040 LSI_SAS2 - ok
12:58:41.0694 6040 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:58:41.0694 6040 LSI_SCSI - ok
12:58:41.0740 6040 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:58:41.0740 6040 luafv - ok
12:58:41.0834 6040 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:58:41.0834 6040 MBAMProtector - ok
12:58:41.0865 6040 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:58:41.0881 6040 MBAMService - ok
12:58:41.0928 6040 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:58:41.0928 6040 Mcx2Svc - ok
12:58:41.0974 6040 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
12:58:41.0990 6040 megasas - ok
12:58:42.0052 6040 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:58:42.0052 6040 MegaSR - ok
12:58:42.0084 6040 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:58:42.0084 6040 MMCSS - ok
12:58:42.0099 6040 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:58:42.0115 6040 Modem - ok
12:58:42.0130 6040 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:58:42.0130 6040 monitor - ok
12:58:42.0224 6040 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:58:42.0255 6040 mouclass - ok
12:58:42.0302 6040 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:58:42.0349 6040 mouhid - ok
12:58:42.0380 6040 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:58:42.0380 6040 mountmgr - ok
12:58:42.0411 6040 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:58:42.0427 6040 mpio - ok
12:58:42.0442 6040 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:58:42.0442 6040 mpsdrv - ok
12:58:42.0489 6040 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:58:42.0505 6040 MpsSvc - ok
12:58:42.0520 6040 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:58:42.0536 6040 MRxDAV - ok
12:58:42.0567 6040 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:58:42.0567 6040 mrxsmb - ok
12:58:42.0598 6040 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:58:42.0614 6040 mrxsmb10 - ok
12:58:42.0630 6040 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:58:42.0630 6040 mrxsmb20 - ok
12:58:42.0661 6040 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:58:42.0676 6040 msahci - ok
12:58:42.0723 6040 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:58:42.0723 6040 msdsm - ok
12:58:42.0770 6040 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:58:42.0770 6040 MSDTC - ok
12:58:42.0817 6040 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:58:42.0832 6040 Msfs - ok
12:58:42.0848 6040 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:58:42.0848 6040 mshidkmdf - ok
12:58:42.0879 6040 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:58:42.0879 6040 msisadrv - ok
12:58:42.0926 6040 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:58:42.0926 6040 MSiSCSI - ok
12:58:42.0942 6040 msiserver - ok
12:58:42.0973 6040 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:58:42.0973 6040 MSKSSRV - ok
12:58:42.0988 6040 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:58:42.0988 6040 MSPCLOCK - ok
12:58:43.0004 6040 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:58:43.0004 6040 MSPQM - ok
12:58:43.0035 6040 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:58:43.0051 6040 MsRPC - ok
12:58:43.0082 6040 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:58:43.0082 6040 mssmbios - ok
12:58:43.0113 6040 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:58:43.0113 6040 MSTEE - ok
12:58:43.0113 6040 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:58:43.0176 6040 MTConfig - ok
12:58:43.0176 6040 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:58:43.0191 6040 Mup - ok
12:58:43.0222 6040 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:58:43.0238 6040 napagent - ok
12:58:43.0285 6040 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:58:43.0300 6040 NativeWifiP - ok
12:58:43.0347 6040 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:58:43.0347 6040 NDIS - ok
12:58:43.0363 6040 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:58:43.0378 6040 NdisCap - ok
12:58:43.0394 6040 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:58:43.0410 6040 NdisTapi - ok
12:58:43.0472 6040 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:58:43.0472 6040 Ndisuio - ok
12:58:43.0503 6040 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:58:43.0519 6040 NdisWan - ok
12:58:43.0534 6040 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:58:43.0550 6040 NDProxy - ok
12:58:43.0597 6040 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:58:43.0597 6040 NetBIOS - ok
12:58:43.0612 6040 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:58:43.0612 6040 NetBT - ok
12:58:43.0675 6040 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:58:43.0675 6040 Netlogon - ok
12:58:43.0737 6040 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:58:43.0737 6040 Netman - ok
12:58:43.0768 6040 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:58:43.0784 6040 netprofm - ok
12:58:43.0893 6040 [ 31609B481CC202BFB441E37FEBCDEA05 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
12:58:43.0940 6040 netr28x - ok
12:58:43.0971 6040 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:58:43.0971 6040 NetTcpPortSharing - ok
12:58:44.0018 6040 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:58:44.0034 6040 nfrd960 - ok
12:58:44.0096 6040 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:58:44.0096 6040 NlaSvc - ok
12:58:44.0143 6040 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:58:44.0143 6040 Npfs - ok
12:58:44.0190 6040 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:58:44.0190 6040 nsi - ok
12:58:44.0221 6040 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:58:44.0221 6040 nsiproxy - ok
12:58:44.0299 6040 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:58:44.0346 6040 Ntfs - ok
12:58:44.0377 6040 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:58:44.0377 6040 Null - ok
12:58:44.0408 6040 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
12:58:44.0439 6040 NVENETFD - ok
12:58:44.0486 6040 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:58:44.0502 6040 nvraid - ok
12:58:44.0533 6040 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:58:44.0533 6040 nvstor - ok
12:58:44.0564 6040 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:58:44.0611 6040 nv_agp - ok
12:58:44.0642 6040 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:58:44.0642 6040 ohci1394 - ok
12:58:44.0673 6040 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:58:44.0689 6040 ose - ok
12:58:44.0845 6040 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:58:44.0907 6040 osppsvc - ok
12:58:44.0938 6040 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:58:44.0954 6040 p2pimsvc - ok
12:58:44.0970 6040 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:58:44.0970 6040 p2psvc - ok
12:58:45.0001 6040 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
12:58:45.0032 6040 Parport - ok
12:58:45.0063 6040 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:58:45.0063 6040 partmgr - ok
12:58:45.0094 6040 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:58:45.0110 6040 PcaSvc - ok
12:58:45.0141 6040 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:58:45.0141 6040 pci - ok
12:58:45.0188 6040 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:58:45.0204 6040 pciide - ok
12:58:45.0219 6040 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:58:45.0235 6040 pcmcia - ok
12:58:45.0250 6040 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:58:45.0266 6040 pcw - ok
12:58:45.0297 6040 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:58:45.0297 6040 PEAUTH - ok
12:58:45.0453 6040 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:58:45.0469 6040 PerfHost - ok
12:58:45.0578 6040 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:58:45.0609 6040 pla - ok
12:58:45.0718 6040 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:58:45.0734 6040 PlugPlay - ok
12:58:45.0781 6040 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:58:45.0796 6040 PNRPAutoReg - ok
12:58:45.0828 6040 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:58:45.0828 6040 PNRPsvc - ok
12:58:45.0874 6040 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:58:45.0890 6040 PolicyAgent - ok
12:58:45.0906 6040 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:58:45.0906 6040 Power - ok
12:58:45.0952 6040 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:58:45.0952 6040 PptpMiniport - ok
12:58:45.0952 6040 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
12:58:46.0015 6040 Processor - ok
12:58:46.0030 6040 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:58:46.0046 6040 ProfSvc - ok
12:58:46.0062 6040 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:58:46.0062 6040 ProtectedStorage - ok
12:58:46.0124 6040 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:58:46.0124 6040 Psched - ok
12:58:46.0186 6040 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:58:46.0218 6040 ql2300 - ok
12:58:46.0249 6040 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:58:46.0249 6040 ql40xx - ok
12:58:46.0296 6040 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:58:46.0311 6040 QWAVE - ok
12:58:46.0327 6040 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:58:46.0327 6040 QWAVEdrv - ok
12:58:46.0358 6040 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:58:46.0374 6040 RasAcd - ok
12:58:46.0436 6040 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:58:46.0436 6040 RasAgileVpn - ok
12:58:46.0452 6040 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:58:46.0452 6040 RasAuto - ok
12:58:46.0483 6040 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:58:46.0483 6040 Rasl2tp - ok
12:58:46.0498 6040 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:58:46.0514 6040 RasMan - ok
12:58:46.0530 6040 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:58:46.0545 6040 RasPppoe - ok
12:58:46.0561 6040 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:58:46.0561 6040 RasSstp - ok
12:58:46.0592 6040 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:58:46.0592 6040 rdbss - ok
12:58:46.0623 6040 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
12:58:46.0670 6040 rdpbus - ok
12:58:46.0686 6040 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:58:46.0686 6040 RDPCDD - ok
12:58:46.0732 6040 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:58:46.0732 6040 RDPENCDD - ok
12:58:46.0748 6040 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:58:46.0748 6040 RDPREFMP - ok
12:58:46.0764 6040 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:58:46.0764 6040 RDPWD - ok
12:58:46.0810 6040 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:58:46.0826 6040 rdyboost - ok
12:58:46.0857 6040 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:58:46.0857 6040 RemoteAccess - ok
12:58:46.0904 6040 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:58:46.0904 6040 RemoteRegistry - ok
12:58:46.0966 6040 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:58:46.0982 6040 RpcEptMapper - ok
12:58:46.0982 6040 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:58:46.0998 6040 RpcLocator - ok
12:58:47.0029 6040 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:58:47.0029 6040 RpcSs - ok
12:58:47.0091 6040 [ C897D551EE0DFCD8E638BF78E21D4D7F ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
12:58:47.0107 6040 RSPCIESTOR - ok
12:58:47.0138 6040 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:58:47.0138 6040 rspndr - ok
12:58:47.0200 6040 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:58:47.0232 6040 RTL8167 - ok
12:58:47.0263 6040 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:58:47.0263 6040 SamSs - ok
12:58:47.0341 6040 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:58:47.0356 6040 sbp2port - ok
12:58:47.0403 6040 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:58:47.0403 6040 SCardSvr - ok
12:58:47.0419 6040 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:58:47.0419 6040 scfilter - ok
12:58:47.0497 6040 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:58:47.0512 6040 Schedule - ok
12:58:47.0544 6040 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:58:47.0544 6040 SCPolicySvc - ok
12:58:47.0622 6040 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
12:58:47.0637 6040 sdbus - ok
12:58:47.0700 6040 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:58:47.0715 6040 SDRSVC - ok
12:58:47.0778 6040 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:58:47.0778 6040 secdrv - ok
12:58:47.0840 6040 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:58:47.0840 6040 seclogon - ok
12:58:47.0871 6040 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:58:47.0887 6040 SENS - ok
12:58:47.0934 6040 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:58:47.0934 6040 SensrSvc - ok
12:58:47.0980 6040 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
12:58:47.0980 6040 Serenum - ok
12:58:47.0996 6040 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
12:58:47.0996 6040 Serial - ok
12:58:48.0027 6040 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:58:48.0027 6040 sermouse - ok
12:58:48.0105 6040 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:58:48.0105 6040 SessionEnv - ok
12:58:48.0152 6040 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:58:48.0152 6040 sffdisk - ok
12:58:48.0183 6040 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:58:48.0183 6040 sffp_mmc - ok
12:58:48.0214 6040 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:58:48.0214 6040 sffp_sd - ok
12:58:48.0277 6040 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:58:48.0339 6040 sfloppy - ok
12:58:48.0402 6040 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
12:58:48.0402 6040 Sftfs - ok
12:58:48.0604 6040 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:58:48.0620 6040 sftlist - ok
12:58:48.0682 6040 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:58:48.0682 6040 Sftplay - ok
12:58:48.0714 6040 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:58:48.0714 6040 Sftredir - ok
12:58:48.0745 6040 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
12:58:48.0760 6040 Sftvol - ok
12:58:48.0776 6040 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:58:48.0776 6040 sftvsa - ok
12:58:48.0807 6040 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:58:48.0823 6040 SharedAccess - ok
12:58:48.0854 6040 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:58:48.0854 6040 ShellHWDetection - ok
12:58:48.0932 6040 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:58:48.0932 6040 SiSRaid2 - ok
12:58:48.0979 6040 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:58:48.0979 6040 SiSRaid4 - ok
12:58:49.0026 6040 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:58:49.0041 6040 Smb - ok
12:58:49.0150 6040 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:58:49.0150 6040 SNMPTRAP - ok
12:58:49.0182 6040 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:58:49.0182 6040 spldr - ok
12:58:49.0275 6040 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:58:49.0291 6040 Spooler - ok
12:58:49.0384 6040 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:58:49.0447 6040 sppsvc - ok
12:58:49.0478 6040 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:58:49.0478 6040 sppuinotify - ok
12:58:49.0525 6040 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:58:49.0540 6040 srv - ok
12:58:49.0556 6040 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:58:49.0572 6040 srv2 - ok
12:58:49.0634 6040 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
12:58:49.0665 6040 SrvHsfHDA - ok
12:58:49.0728 6040 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
12:58:49.0759 6040 SrvHsfV92 - ok
12:58:49.0790 6040 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
12:58:49.0806 6040 SrvHsfWinac - ok
12:58:49.0837 6040 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:58:49.0852 6040 srvnet - ok
12:58:49.0899 6040 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:58:49.0899 6040 SSDPSRV - ok
12:58:49.0915 6040 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:58:49.0915 6040 SstpSvc - ok
12:58:50.0024 6040 [ 7BF818B11C1FEDC3E76D233124470A30 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
12:58:50.0024 6040 STacSV - ok
12:58:50.0055 6040 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:58:50.0055 6040 stexstor - ok
12:58:50.0118 6040 [ EBC1A5E076A9BE314D3D9E8ED19ABB0A ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
12:58:50.0149 6040 STHDA - ok
12:58:50.0211 6040 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:58:50.0211 6040 stisvc - ok
12:58:50.0242 6040 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:58:50.0242 6040 swenum - ok
12:58:50.0305 6040 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:58:50.0305 6040 swprv - ok
12:58:50.0445 6040 [ CC13EE4AF170ABB99F6449CBB62AB219 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:58:50.0508 6040 SynTP - ok
12:58:50.0570 6040 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:58:50.0617 6040 SysMain - ok
12:58:50.0648 6040 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:58:50.0648 6040 TabletInputService - ok
12:58:50.0679 6040 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:58:50.0695 6040 TapiSrv - ok
12:58:50.0710 6040 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:58:50.0726 6040 TBS - ok
12:58:50.0788 6040 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:58:50.0835 6040 Tcpip - ok
12:58:50.0882 6040 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:58:50.0898 6040 TCPIP6 - ok
12:58:50.0944 6040 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:58:50.0944 6040 tcpipreg - ok
12:58:50.0976 6040 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:58:50.0976 6040 TDPIPE - ok
12:58:51.0007 6040 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:58:51.0022 6040 TDTCP - ok
12:58:51.0054 6040 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:58:51.0069 6040 tdx - ok
12:58:51.0100 6040 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:58:51.0116 6040 TermDD - ok
12:58:51.0163 6040 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:58:51.0178 6040 TermService - ok
12:58:51.0194 6040 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:58:51.0210 6040 Themes - ok
12:58:51.0256 6040 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:58:51.0272 6040 THREADORDER - ok
12:58:51.0303 6040 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:58:51.0319 6040 TrkWks - ok
12:58:51.0350 6040 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:58:51.0350 6040 TrustedInstaller - ok
12:58:51.0381 6040 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:58:51.0397 6040 tssecsrv - ok
12:58:51.0412 6040 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:58:51.0444 6040 TsUsbFlt - ok
12:58:51.0522 6040 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:58:51.0818 6040 TsUsbGD - ok
12:58:51.0974 6040 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:58:51.0974 6040 tunnel - ok
12:58:52.0036 6040 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:58:52.0036 6040 uagp35 - ok
12:58:52.0083 6040 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:58:52.0099 6040 udfs - ok
12:58:52.0161 6040 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:58:52.0161 6040 UI0Detect - ok
12:58:52.0208 6040 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:58:52.0208 6040 uliagpkx - ok
12:58:52.0255 6040 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:58:52.0255 6040 umbus - ok
12:58:52.0286 6040 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
12:58:52.0317 6040 UmPass - ok
12:58:52.0380 6040 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:58:52.0395 6040 upnphost - ok
12:58:52.0395 6040 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:58:52.0458 6040 usbccgp - ok
12:58:52.0489 6040 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:58:52.0489 6040 usbcir - ok
12:58:52.0536 6040 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:58:52.0582 6040 usbehci - ok
12:58:52.0629 6040 [ B7037444DC5138FC7D3D3968B4DE5C4B ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
12:58:52.0629 6040 usbfilter - ok
12:58:52.0660 6040 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
12:58:52.0723 6040 usbhub - ok
12:58:52.0738 6040 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:58:52.0801 6040 usbohci - ok
12:58:52.0848 6040 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
12:58:52.0848 6040 usbprint - ok
12:58:52.0879 6040 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:58:52.0879 6040 USBSTOR - ok
12:58:52.0894 6040 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:58:52.0910 6040 usbuhci - ok
12:58:52.0957 6040 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:58:52.0957 6040 usbvideo - ok
12:58:52.0988 6040 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:58:52.0988 6040 UxSms - ok
12:58:53.0004 6040 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:58:53.0004 6040 VaultSvc - ok
12:58:53.0035 6040 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:58:53.0035 6040 vdrvroot - ok
12:58:53.0066 6040 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:58:53.0082 6040 vds - ok
12:58:53.0097 6040 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:58:53.0097 6040 vga - ok
12:58:53.0113 6040 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:58:53.0144 6040 VgaSave - ok
12:58:53.0160 6040 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:58:53.0175 6040 vhdmp - ok
12:58:53.0191 6040 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:58:53.0206 6040 viaide - ok
12:58:53.0222 6040 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:58:53.0222 6040 volmgr - ok
12:58:53.0284 6040 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:58:53.0300 6040 volmgrx - ok
12:58:53.0425 6040 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:58:53.0425 6040 volsnap - ok
12:58:53.0472 6040 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:58:53.0472 6040 vsmraid - ok
12:58:53.0565 6040 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:58:53.0581 6040 VSS - ok
12:58:53.0721 6040 [ EF51747440486C23BD466311048BD924 ] vToolbarUpdater12.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
12:58:53.0737 6040 vToolbarUpdater12.2.0 - ok
12:58:53.0768 6040 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:58:53.0768 6040 vwifibus - ok
12:58:53.0784 6040 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:58:53.0799 6040 vwififlt - ok
12:58:53.0830 6040 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:58:53.0846 6040 W32Time - ok
12:58:53.0893 6040 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:58:53.0893 6040 WacomPen - ok
12:58:53.0955 6040 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:58:53.0955 6040 WANARP - ok
12:58:53.0955 6040 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:58:53.0955 6040 Wanarpv6 - ok
12:58:54.0064 6040 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:58:54.0080 6040 WatAdminSvc - ok
12:58:54.0189 6040 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:58:54.0220 6040 wbengine - ok
12:58:54.0267 6040 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:58:54.0283 6040 WbioSrvc - ok
12:58:54.0330 6040 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:58:54.0330 6040 wcncsvc - ok
12:58:54.0361 6040 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:58:54.0361 6040 WcsPlugInService - ok
12:58:54.0408 6040 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
12:58:54.0408 6040 Wd - ok
12:58:54.0501 6040 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:58:54.0517 6040 Wdf01000 - ok
12:58:54.0532 6040 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:58:54.0532 6040 WdiServiceHost - ok
12:58:54.0548 6040 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:58:54.0548 6040 WdiSystemHost - ok
12:58:54.0579 6040 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:58:54.0579 6040 WebClient - ok
12:58:54.0610 6040 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:58:54.0626 6040 Wecsvc - ok
12:58:54.0642 6040 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:58:54.0657 6040 wercplsupport - ok
12:58:54.0688 6040 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:58:54.0688 6040 WerSvc - ok
12:58:54.0720 6040 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:58:54.0720 6040 WfpLwf - ok
12:58:54.0751 6040 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:58:54.0751 6040 WIMMount - ok
12:58:54.0782 6040 WinDefend - ok
12:58:54.0798 6040 WinHttpAutoProxySvc - ok
12:58:54.0860 6040 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:58:54.0860 6040 Winmgmt - ok
12:58:54.0922 6040 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:58:54.0954 6040 WinRM - ok
12:58:55.0000 6040 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:58:55.0016 6040 Wlansvc - ok
12:58:55.0094 6040 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:58:55.0094 6040 wlcrasvc - ok
12:58:55.0203 6040 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:58:55.0234 6040 wlidsvc - ok
12:58:55.0250 6040 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:58:55.0250 6040 WmiAcpi - ok
12:58:55.0281 6040 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:58:55.0281 6040 wmiApSrv - ok
12:58:55.0312 6040 WMPNetworkSvc - ok
12:58:55.0344 6040 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:58:55.0359 6040 WPCSvc - ok
12:58:55.0390 6040 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:58:55.0390 6040 WPDBusEnum - ok
12:58:55.0437 6040 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:58:55.0437 6040 ws2ifsl - ok
12:58:55.0437 6040 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
12:58:55.0453 6040 wscsvc - ok
12:58:55.0453 6040 WSearch - ok
12:58:55.0562 6040 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:58:55.0609 6040 wuauserv - ok
12:58:55.0702 6040 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:58:55.0702 6040 WudfPf - ok
12:58:55.0765 6040 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:58:55.0796 6040 wudfsvc - ok
12:58:55.0874 6040 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
12:58:55.0890 6040 WwanSvc - ok
12:58:55.0890 6040 ================ Scan global ===============================
12:58:55.0952 6040 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:58:55.0983 6040 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:58:55.0999 6040 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:58:56.0014 6040 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:58:56.0046 6040 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:58:56.0061 6040 [Global] - ok
12:58:56.0061 6040 ================ Scan MBR ==================================
12:58:56.0077 6040 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:58:56.0077 6040 Suspicious mbr (Forged): \Device\Harddisk0\DR0
12:58:56.0124 6040 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
12:58:56.0139 6040 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
12:58:56.0139 6040 ================ Scan VBR ==================================
12:58:56.0139 6040 [ 56C3BA65F6CB7D73D4BB1B8BF36F132A ] \Device\Harddisk0\DR0\Partition1
12:58:56.0139 6040 \Device\Harddisk0\DR0\Partition1 - ok
12:58:56.0186 6040 [ 69605E61B15F51E2E5741F023C3F9FBF ] \Device\Harddisk0\DR0\Partition2
12:58:56.0186 6040 \Device\Harddisk0\DR0\Partition2 - ok
12:58:56.0233 6040 [ 3A31710B2ADD713BF10BAAE541473F49 ] \Device\Harddisk0\DR0\Partition3
12:58:56.0233 6040 \Device\Harddisk0\DR0\Partition3 - ok
12:58:56.0233 6040 ============================================================
12:58:56.0233 6040 Scan finished
12:58:56.0233 6040 ============================================================
12:58:56.0248 5976 Detected object count: 1
12:58:56.0248 5976 Actual detected object count: 1
13:00:48.0872 5976 \Device\Harddisk0\DR0\# - copied to quarantine
13:00:48.0877 5976 \Device\Harddisk0\DR0 - copied to quarantine
13:00:48.0922 5976 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
13:00:48.0927 5976 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
13:00:48.0932 5976 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
13:00:48.0937 5976 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
13:00:48.0947 5976 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
13:00:48.0957 5976 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
13:00:48.0957 5976 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
13:00:48.0962 5976 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
13:00:48.0962 5976 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
13:00:48.0967 5976 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
13:00:48.0967 5976 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
13:00:48.0972 5976 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
13:00:48.0972 5976 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
13:00:48.0972 5976 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
13:00:49.0002 5976 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
13:00:49.0012 5976 \Device\Harddisk0\DR0 - ok
13:00:49.0462 5976 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
13:00:55.0703 1400 Deinitialize success



Doing the rest of the scans for now here is the first one... Thanks

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:39 AM

Posted 20 August 2012 - 12:06 PM

I want you to restart the PC and run TDSSkiller again and post the new log with other scan results.

#5 tink2725

tink2725
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:39 AM

Posted 20 August 2012 - 12:12 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-20 12:59:50
-----------------------------
12:59:50.644 OS Version: Windows x64 6.1.7601 Service Pack 1
12:59:50.644 Number of processors: 2 586 0x100
12:59:50.645 ComputerName: OWNER-HP UserName: owner
12:59:53.589 Initialize success
13:02:05.296 AVAST engine defs: 12082000
13:02:54.460 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000068
13:02:54.460 Disk 0 Vendor: ST320LM0 2AJ1 Size: 305245MB BusType: 11
13:02:54.460 Device \Driver\amd_sata -> MajorFunction fffffa8004a775e8
13:02:54.470 Disk 0 MBR read successfully
13:02:54.470 Disk 0 MBR scan
13:02:54.470 Disk 0 Windows 7 default MBR code
13:02:54.500 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
13:02:54.550 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 279661 MB offset 409600
13:02:54.580 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 21320 MB offset 573155328
13:02:54.600 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 4063 MB offset 616818688
13:02:54.640 Disk 0 scanning C:\Windows\system32\drivers
13:03:15.133 Service scanning
13:03:16.340 Service 15815634 C:\Windows\system32\drivers\24044582.sys **HIDDEN**
13:04:26.716 Modules scanning
13:04:26.729 Disk 0 trace - called modules:
13:04:26.739 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys >>UNKNOWN [0xfffffa80065b5810]<<95092950.sys >>UNKNOWN [0xfffffa8004a775e8]<<
13:04:26.747 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800461e060]
13:04:26.760 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa800411fac0]
13:04:26.768 5 amd_xata.sys[fffff8800110ab3f] -> nt!IofCallDriver -> \Device\00000068[0xfffffa8003667930]
13:04:26.774 \Driver\amd_sata[0xfffffa80049c56b0] -> IRP_MJ_CREATE -> 0xfffffa8004a775e8
13:04:31.215 AVAST engine scan C:\Windows
13:04:36.274 AVAST engine scan C:\Windows\system32
13:08:39.818 AVAST engine scan C:\Windows\system32\drivers
13:08:59.116 AVAST engine scan C:\Users\owner
13:09:43.045 Disk 0 MBR has been saved successfully to "C:\Users\owner\Desktop\MBR.dat"
13:09:43.061 The log file has been saved successfully to "C:\Users\owner\Desktop\aswMBR.txt"


Ok will do

#6 tink2725

tink2725
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:39 AM

Posted 20 August 2012 - 12:19 PM

New scan doing the online one now...

13:17:31.0691 3716 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
13:17:31.0971 3716 ============================================================
13:17:31.0971 3716 Current date / time: 2012/08/20 13:17:31.0971
13:17:31.0971 3716 SystemInfo:
13:17:31.0971 3716
13:17:31.0971 3716 OS Version: 6.1.7601 ServicePack: 1.0
13:17:31.0971 3716 Product type: Workstation
13:17:31.0971 3716 ComputerName: OWNER-HP
13:17:31.0971 3716 UserName: owner
13:17:31.0971 3716 Windows directory: C:\Windows
13:17:31.0971 3716 System windows directory: C:\Windows
13:17:31.0971 3716 Running under WOW64
13:17:31.0971 3716 Processor architecture: Intel x64
13:17:31.0971 3716 Number of processors: 2
13:17:31.0971 3716 Page size: 0x1000
13:17:31.0971 3716 Boot type: Normal boot
13:17:31.0971 3716 ============================================================
13:17:35.0123 3716 BG loaded
13:17:36.0183 3716 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:17:36.0215 3716 ============================================================
13:17:36.0215 3716 \Device\Harddisk0\DR0:
13:17:36.0230 3716 MBR partitions:
13:17:36.0230 3716 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
13:17:36.0230 3716 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x22236800
13:17:36.0230 3716 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2229A800, BlocksNum 0x29A4000
13:17:36.0246 3716 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x24C3E800, BlocksNum 0x7EF800
13:17:36.0246 3716 ============================================================
13:17:36.0371 3716 C: <-> \Device\Harddisk0\DR0\Partition2
13:17:36.0495 3716 D: <-> \Device\Harddisk0\DR0\Partition3
13:17:36.0558 3716 E: <-> \Device\Harddisk0\DR0\Partition4
13:17:36.0558 3716 ============================================================
13:17:36.0558 3716 Initialize success
13:17:36.0558 3716 ============================================================
13:17:40.0411 1168 ============================================================
13:17:40.0411 1168 Scan started
13:17:40.0411 1168 Mode: Manual;
13:17:40.0411 1168 ============================================================
13:17:40.0739 1168 ================ Scan system memory ========================
13:17:40.0739 1168 System memory - ok
13:17:40.0739 1168 ================ Scan services =============================
13:17:41.0877 1168 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:17:41.0893 1168 1394ohci - ok
13:17:41.0924 1168 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:17:41.0940 1168 ACPI - ok
13:17:41.0971 1168 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:17:42.0002 1168 AcpiPmi - ok
13:17:42.0096 1168 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:17:42.0096 1168 AdobeARMservice - ok
13:17:42.0267 1168 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:17:42.0299 1168 AdobeFlashPlayerUpdateSvc - ok
13:17:42.0361 1168 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:17:42.0377 1168 adp94xx - ok
13:17:42.0423 1168 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:17:42.0455 1168 adpahci - ok
13:17:42.0501 1168 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:17:42.0517 1168 adpu320 - ok
13:17:42.0548 1168 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:17:42.0548 1168 AeLookupSvc - ok
13:17:42.0657 1168 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:17:42.0673 1168 AFD - ok
13:17:42.0751 1168 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:17:42.0782 1168 agp440 - ok
13:17:42.0829 1168 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:17:42.0860 1168 ALG - ok
13:17:42.0938 1168 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:17:42.0954 1168 aliide - ok
13:17:43.0016 1168 [ 3DE8DC285540733818588CC94E7FC96E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:17:43.0016 1168 AMD External Events Utility - ok
13:17:43.0141 1168 AMD FUEL Service - ok
13:17:43.0188 1168 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:17:43.0219 1168 amdide - ok
13:17:43.0250 1168 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
13:17:43.0250 1168 amdiox64 - ok
13:17:43.0344 1168 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:17:43.0344 1168 AmdK8 - ok
13:17:43.0671 1168 [ 42D53DAF85F948C39CE1351A8F5B5808 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:17:43.0734 1168 amdkmdag - ok
13:17:43.0796 1168 [ 75182B5784015B271932088551616A96 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:17:43.0796 1168 amdkmdap - ok
13:17:43.0843 1168 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:17:43.0843 1168 AmdPPM - ok
13:17:43.0874 1168 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:17:43.0874 1168 amdsata - ok
13:17:43.0890 1168 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:17:43.0890 1168 amdsbs - ok
13:17:43.0937 1168 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:17:43.0952 1168 amdxata - ok
13:17:43.0983 1168 [ BB4FE7889DB9CBBE61A308E99697F53C ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
13:17:43.0983 1168 amd_sata - ok
13:17:44.0015 1168 [ 5631CBA53F1CBEA3F9E88348E6723391 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
13:17:44.0015 1168 amd_xata - ok
13:17:44.0061 1168 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:17:44.0061 1168 AppID - ok
13:17:44.0108 1168 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:17:44.0108 1168 AppIDSvc - ok
13:17:44.0171 1168 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:17:44.0171 1168 Appinfo - ok
13:17:44.0217 1168 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
13:17:44.0233 1168 arc - ok
13:17:44.0280 1168 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:17:44.0295 1168 arcsas - ok
13:17:44.0327 1168 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:17:44.0342 1168 AsyncMac - ok
13:17:44.0389 1168 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:17:44.0389 1168 atapi - ok
13:17:44.0483 1168 [ CBD14F698DEF12EE3557604B726CB8EB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
13:17:44.0498 1168 AtiHDAudioService - ok
13:17:44.0561 1168 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:17:44.0576 1168 AudioEndpointBuilder - ok
13:17:44.0592 1168 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:17:44.0607 1168 AudioSrv - ok
13:17:45.0060 1168 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
13:17:45.0091 1168 AVGIDSAgent - ok
13:17:45.0138 1168 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
13:17:45.0153 1168 AVGIDSDriver - ok
13:17:45.0185 1168 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
13:17:45.0185 1168 AVGIDSFilter - ok
13:17:45.0216 1168 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
13:17:45.0216 1168 AVGIDSHA - ok
13:17:45.0247 1168 [ 59955B4C288DD2A8B9FD2CD5158355C5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
13:17:45.0247 1168 Avgldx64 - ok
13:17:45.0294 1168 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
13:17:45.0294 1168 Avgmfx64 - ok
13:17:45.0341 1168 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
13:17:45.0341 1168 Avgrkx64 - ok
13:17:45.0372 1168 [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
13:17:45.0372 1168 Avgtdia - ok
13:17:45.0450 1168 [ E964EA70249DDE1343C8F694B52575EE ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
13:17:45.0450 1168 avgtp - ok
13:17:45.0512 1168 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
13:17:45.0512 1168 avgwd - ok
13:17:45.0590 1168 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:17:45.0590 1168 AxInstSV - ok
13:17:45.0668 1168 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:17:45.0684 1168 b06bdrv - ok
13:17:45.0777 1168 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:17:45.0793 1168 b57nd60a - ok
13:17:45.0933 1168 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
13:17:45.0949 1168 BCM43XX - ok
13:17:45.0980 1168 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:17:45.0980 1168 BDESVC - ok
13:17:46.0027 1168 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:17:46.0027 1168 Beep - ok
13:17:46.0074 1168 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:17:46.0089 1168 BFE - ok
13:17:46.0167 1168 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
13:17:46.0183 1168 BITS - ok
13:17:46.0277 1168 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
13:17:46.0277 1168 blbdrive - ok
13:17:46.0339 1168 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:17:46.0339 1168 bowser - ok
13:17:46.0386 1168 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:17:46.0401 1168 BrFiltLo - ok
13:17:46.0433 1168 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:17:46.0448 1168 BrFiltUp - ok
13:17:46.0495 1168 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:17:46.0495 1168 Browser - ok
13:17:46.0542 1168 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:17:46.0557 1168 Brserid - ok
13:17:46.0589 1168 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:17:46.0589 1168 BrSerWdm - ok
13:17:46.0604 1168 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:17:46.0604 1168 BrUsbMdm - ok
13:17:46.0635 1168 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:17:46.0635 1168 BrUsbSer - ok
13:17:46.0667 1168 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:17:46.0667 1168 BTHMODEM - ok
13:17:46.0698 1168 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:17:46.0713 1168 bthserv - ok
13:17:46.0729 1168 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:17:46.0729 1168 cdfs - ok
13:17:46.0760 1168 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:17:46.0760 1168 cdrom - ok
13:17:46.0807 1168 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:17:46.0807 1168 CertPropSvc - ok
13:17:46.0838 1168 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
13:17:46.0838 1168 circlass - ok
13:17:46.0885 1168 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:17:46.0885 1168 CLFS - ok
13:17:47.0025 1168 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:17:47.0025 1168 clr_optimization_v2.0.50727_32 - ok
13:17:47.0072 1168 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:17:47.0072 1168 clr_optimization_v2.0.50727_64 - ok
13:17:47.0150 1168 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:17:47.0181 1168 clr_optimization_v4.0.30319_32 - ok
13:17:47.0228 1168 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:17:47.0244 1168 clr_optimization_v4.0.30319_64 - ok
13:17:47.0275 1168 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
13:17:47.0275 1168 clwvd - ok
13:17:47.0291 1168 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
13:17:47.0291 1168 CmBatt - ok
13:17:47.0322 1168 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:17:47.0322 1168 cmdide - ok
13:17:47.0369 1168 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:17:47.0369 1168 CNG - ok
13:17:47.0400 1168 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:17:47.0400 1168 Compbatt - ok
13:17:47.0431 1168 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:17:47.0431 1168 CompositeBus - ok
13:17:47.0447 1168 COMSysApp - ok
13:17:47.0478 1168 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:17:47.0478 1168 crcdisk - ok
13:17:47.0525 1168 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:17:47.0525 1168 CryptSvc - ok
13:17:47.0681 1168 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:17:47.0696 1168 cvhsvc - ok
13:17:47.0743 1168 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:17:47.0759 1168 DcomLaunch - ok
13:17:47.0805 1168 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:17:47.0821 1168 defragsvc - ok
13:17:47.0852 1168 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:17:47.0852 1168 DfsC - ok
13:17:47.0899 1168 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:17:47.0899 1168 Dhcp - ok
13:17:47.0915 1168 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:17:47.0915 1168 discache - ok
13:17:47.0961 1168 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
13:17:47.0961 1168 Disk - ok
13:17:47.0993 1168 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:17:47.0993 1168 Dnscache - ok
13:17:48.0024 1168 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:17:48.0039 1168 dot3svc - ok
13:17:48.0055 1168 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:17:48.0055 1168 DPS - ok
13:17:48.0071 1168 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:17:48.0086 1168 drmkaud - ok
13:17:48.0117 1168 [ A4F408AD1065C7AD2ED332C68025B435 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:17:48.0133 1168 DXGKrnl - ok
13:17:48.0164 1168 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:17:48.0164 1168 EapHost - ok
13:17:48.0351 1168 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:17:48.0383 1168 ebdrv - ok
13:17:48.0414 1168 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:17:48.0414 1168 EFS - ok
13:17:48.0476 1168 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:17:48.0492 1168 ehRecvr - ok
13:17:48.0507 1168 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:17:48.0507 1168 ehSched - ok
13:17:48.0554 1168 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:17:48.0570 1168 elxstor - ok
13:17:48.0601 1168 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:17:48.0601 1168 ErrDev - ok
13:17:48.0648 1168 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:17:48.0663 1168 EventSystem - ok
13:17:48.0663 1168 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:17:48.0679 1168 exfat - ok
13:17:48.0695 1168 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:17:48.0695 1168 fastfat - ok
13:17:48.0726 1168 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:17:48.0741 1168 Fax - ok
13:17:48.0757 1168 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
13:17:48.0757 1168 fdc - ok
13:17:48.0804 1168 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:17:48.0804 1168 fdPHost - ok
13:17:48.0819 1168 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:17:48.0819 1168 FDResPub - ok
13:17:48.0851 1168 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:17:48.0866 1168 FileInfo - ok
13:17:48.0882 1168 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:17:48.0882 1168 Filetrace - ok
13:17:48.0897 1168 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:17:48.0897 1168 flpydisk - ok
13:17:48.0929 1168 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:17:48.0929 1168 FltMgr - ok
13:17:48.0991 1168 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:17:49.0022 1168 FontCache - ok
13:17:49.0053 1168 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:17:49.0069 1168 FontCache3.0.0.0 - ok
13:17:49.0116 1168 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:17:49.0116 1168 FsDepends - ok
13:17:49.0163 1168 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:17:49.0163 1168 Fs_Rec - ok
13:17:49.0194 1168 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:17:49.0194 1168 fvevol - ok
13:17:49.0225 1168 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:17:49.0241 1168 gagp30kx - ok
13:17:49.0303 1168 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
13:17:49.0319 1168 GamesAppService - ok
13:17:49.0365 1168 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:17:49.0381 1168 gpsvc - ok
13:17:49.0475 1168 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:17:49.0475 1168 gupdate - ok
13:17:49.0490 1168 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:17:49.0490 1168 gupdatem - ok
13:17:49.0553 1168 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:17:49.0553 1168 gusvc - ok
13:17:49.0599 1168 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:17:49.0599 1168 hcw85cir - ok
13:17:49.0631 1168 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:17:49.0646 1168 HdAudAddService - ok
13:17:49.0693 1168 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:17:49.0693 1168 HDAudBus - ok
13:17:49.0724 1168 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:17:49.0755 1168 HidBatt - ok
13:17:49.0787 1168 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:17:49.0787 1168 HidBth - ok
13:17:49.0833 1168 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
13:17:49.0833 1168 HidIr - ok
13:17:49.0865 1168 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:17:49.0865 1168 hidserv - ok
13:17:49.0911 1168 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:17:49.0911 1168 HidUsb - ok
13:17:49.0958 1168 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:17:49.0958 1168 hkmsvc - ok
13:17:49.0989 1168 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:17:49.0989 1168 HomeGroupListener - ok
13:17:50.0036 1168 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:17:50.0036 1168 HomeGroupProvider - ok
13:17:50.0114 1168 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
13:17:50.0114 1168 HP Support Assistant Service - ok
13:17:50.0161 1168 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
13:17:50.0177 1168 HPClientSvc - ok
13:17:50.0223 1168 [ 02CE63D8DD5E6DD5CEFF336191C0859E ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
13:17:50.0239 1168 HPDrvMntSvc.exe - ok
13:17:50.0286 1168 [ E7C7829BA0395E48F8C8FE16B8832344 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
13:17:50.0301 1168 hpqwmiex - ok
13:17:50.0348 1168 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:17:50.0348 1168 HpSAMD - ok
13:17:50.0426 1168 [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
13:17:50.0426 1168 HPWMISVC - ok
13:17:50.0457 1168 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:17:50.0473 1168 HTTP - ok
13:17:50.0504 1168 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:17:50.0504 1168 hwpolicy - ok
13:17:50.0535 1168 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:17:50.0535 1168 i8042prt - ok
13:17:50.0598 1168 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:17:50.0613 1168 iaStorV - ok
13:17:50.0754 1168 [ 634BCD82FB1CE4B475B3D64935F3D2CC ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
13:17:50.0785 1168 IconMan_R - ok
13:17:50.0847 1168 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:17:50.0879 1168 idsvc - ok
13:17:50.0910 1168 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:17:50.0910 1168 iirsp - ok
13:17:50.0941 1168 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:17:50.0941 1168 IKEEXT - ok
13:17:50.0988 1168 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:17:50.0988 1168 intelide - ok
13:17:51.0035 1168 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
13:17:51.0035 1168 intelppm - ok
13:17:51.0066 1168 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:17:51.0081 1168 IPBusEnum - ok
13:17:51.0097 1168 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:17:51.0128 1168 IpFilterDriver - ok
13:17:51.0159 1168 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:17:51.0175 1168 iphlpsvc - ok
13:17:51.0191 1168 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:17:51.0191 1168 IPMIDRV - ok
13:17:51.0206 1168 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:17:51.0206 1168 IPNAT - ok
13:17:51.0237 1168 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:17:51.0237 1168 IRENUM - ok
13:17:51.0269 1168 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:17:51.0284 1168 isapnp - ok
13:17:51.0315 1168 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:17:51.0315 1168 iScsiPrt - ok
13:17:51.0331 1168 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
13:17:51.0331 1168 kbdclass - ok
13:17:51.0362 1168 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:17:51.0362 1168 kbdhid - ok
13:17:51.0378 1168 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:17:51.0378 1168 KeyIso - ok
13:17:51.0409 1168 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:17:51.0409 1168 KSecDD - ok
13:17:51.0425 1168 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:17:51.0440 1168 KSecPkg - ok
13:17:51.0456 1168 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:17:51.0456 1168 ksthunk - ok
13:17:51.0503 1168 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:17:51.0503 1168 KtmRm - ok
13:17:51.0549 1168 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:17:51.0549 1168 LanmanServer - ok
13:17:51.0581 1168 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:17:51.0581 1168 LanmanWorkstation - ok
13:17:51.0627 1168 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:17:51.0627 1168 lltdio - ok
13:17:51.0659 1168 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:17:51.0674 1168 lltdsvc - ok
13:17:51.0705 1168 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:17:51.0705 1168 lmhosts - ok
13:17:51.0752 1168 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:17:51.0752 1168 LSI_FC - ok
13:17:51.0768 1168 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:17:51.0783 1168 LSI_SAS - ok
13:17:51.0799 1168 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:17:51.0799 1168 LSI_SAS2 - ok
13:17:51.0830 1168 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:17:51.0830 1168 LSI_SCSI - ok
13:17:51.0861 1168 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:17:51.0861 1168 luafv - ok
13:17:51.0939 1168 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:17:51.0939 1168 MBAMProtector - ok
13:17:51.0986 1168 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:17:52.0002 1168 MBAMService - ok
13:17:52.0017 1168 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:17:52.0033 1168 Mcx2Svc - ok
13:17:52.0064 1168 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
13:17:52.0064 1168 megasas - ok
13:17:52.0095 1168 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:17:52.0111 1168 MegaSR - ok
13:17:52.0127 1168 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:17:52.0127 1168 MMCSS - ok
13:17:52.0158 1168 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:17:52.0173 1168 Modem - ok
13:17:52.0189 1168 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:17:52.0189 1168 monitor - ok
13:17:52.0205 1168 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:17:52.0205 1168 mouclass - ok
13:17:52.0236 1168 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:17:52.0236 1168 mouhid - ok
13:17:52.0267 1168 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:17:52.0267 1168 mountmgr - ok
13:17:52.0298 1168 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:17:52.0298 1168 mpio - ok
13:17:52.0329 1168 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:17:52.0329 1168 mpsdrv - ok
13:17:52.0376 1168 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:17:52.0392 1168 MpsSvc - ok
13:17:52.0423 1168 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:17:52.0423 1168 MRxDAV - ok
13:17:52.0454 1168 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:17:52.0454 1168 mrxsmb - ok
13:17:52.0470 1168 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:17:52.0485 1168 mrxsmb10 - ok
13:17:52.0501 1168 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:17:52.0501 1168 mrxsmb20 - ok
13:17:52.0532 1168 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:17:52.0532 1168 msahci - ok
13:17:52.0579 1168 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:17:52.0595 1168 msdsm - ok
13:17:52.0641 1168 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:17:52.0641 1168 MSDTC - ok
13:17:52.0673 1168 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:17:52.0673 1168 Msfs - ok
13:17:52.0704 1168 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:17:52.0704 1168 mshidkmdf - ok
13:17:52.0735 1168 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:17:52.0751 1168 msisadrv - ok
13:17:52.0782 1168 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:17:52.0782 1168 MSiSCSI - ok
13:17:52.0797 1168 msiserver - ok
13:17:52.0829 1168 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:17:52.0829 1168 MSKSSRV - ok
13:17:52.0844 1168 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:17:52.0844 1168 MSPCLOCK - ok
13:17:52.0860 1168 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:17:52.0860 1168 MSPQM - ok
13:17:52.0875 1168 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:17:52.0875 1168 MsRPC - ok
13:17:52.0907 1168 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:17:52.0907 1168 mssmbios - ok
13:17:52.0938 1168 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:17:52.0938 1168 MSTEE - ok
13:17:52.0969 1168 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:17:52.0969 1168 MTConfig - ok
13:17:52.0969 1168 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:17:52.0969 1168 Mup - ok
13:17:53.0016 1168 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:17:53.0016 1168 napagent - ok
13:17:53.0078 1168 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:17:53.0078 1168 NativeWifiP - ok
13:17:53.0141 1168 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:17:53.0156 1168 NDIS - ok
13:17:53.0187 1168 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:17:53.0187 1168 NdisCap - ok
13:17:53.0219 1168 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:17:53.0219 1168 NdisTapi - ok
13:17:53.0250 1168 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:17:53.0250 1168 Ndisuio - ok
13:17:53.0281 1168 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:17:53.0281 1168 NdisWan - ok
13:17:53.0297 1168 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:17:53.0297 1168 NDProxy - ok
13:17:53.0328 1168 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:17:53.0328 1168 NetBIOS - ok
13:17:53.0343 1168 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:17:53.0343 1168 NetBT - ok
13:17:53.0359 1168 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:17:53.0359 1168 Netlogon - ok
13:17:53.0406 1168 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:17:53.0406 1168 Netman - ok
13:17:53.0421 1168 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:17:53.0421 1168 netprofm - ok
13:17:53.0515 1168 [ 31609B481CC202BFB441E37FEBCDEA05 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
13:17:53.0531 1168 netr28x - ok
13:17:53.0577 1168 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:17:53.0593 1168 NetTcpPortSharing - ok
13:17:53.0624 1168 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:17:53.0640 1168 nfrd960 - ok
13:17:53.0671 1168 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:17:53.0687 1168 NlaSvc - ok
13:17:53.0718 1168 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:17:53.0718 1168 Npfs - ok
13:17:53.0718 1168 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:17:53.0733 1168 nsi - ok
13:17:53.0749 1168 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:17:53.0749 1168 nsiproxy - ok
13:17:53.0843 1168 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:17:53.0858 1168 Ntfs - ok
13:17:53.0905 1168 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:17:53.0905 1168 Null - ok
13:17:53.0967 1168 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
13:17:53.0967 1168 NVENETFD - ok
13:17:53.0999 1168 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:17:53.0999 1168 nvraid - ok
13:17:54.0014 1168 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:17:54.0014 1168 nvstor - ok
13:17:54.0061 1168 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:17:54.0092 1168 nv_agp - ok
13:17:54.0123 1168 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:17:54.0139 1168 ohci1394 - ok
13:17:54.0170 1168 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:17:54.0186 1168 ose - ok
13:17:54.0357 1168 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:17:54.0451 1168 osppsvc - ok
13:17:54.0560 1168 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:17:54.0591 1168 p2pimsvc - ok
13:17:54.0654 1168 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:17:54.0701 1168 p2psvc - ok
13:17:54.0747 1168 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
13:17:54.0763 1168 Parport - ok
13:17:54.0810 1168 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:17:54.0810 1168 partmgr - ok
13:17:54.0872 1168 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:17:54.0888 1168 PcaSvc - ok
13:17:54.0966 1168 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:17:54.0966 1168 pci - ok
13:17:55.0013 1168 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:17:55.0044 1168 pciide - ok
13:17:55.0091 1168 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:17:55.0106 1168 pcmcia - ok
13:17:55.0153 1168 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:17:55.0169 1168 pcw - ok
13:17:55.0184 1168 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:17:55.0200 1168 PEAUTH - ok
13:17:55.0777 1168 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:17:55.0777 1168 PerfHost - ok
13:17:55.0839 1168 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:17:55.0855 1168 pla - ok
13:17:55.0917 1168 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:17:55.0933 1168 PlugPlay - ok
13:17:55.0964 1168 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:17:55.0980 1168 PNRPAutoReg - ok
13:17:55.0995 1168 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:17:56.0011 1168 PNRPsvc - ok
13:17:56.0042 1168 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:17:56.0058 1168 PolicyAgent - ok
13:17:56.0089 1168 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:17:56.0089 1168 Power - ok
13:17:56.0120 1168 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:17:56.0120 1168 PptpMiniport - ok
13:17:56.0167 1168 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
13:17:56.0198 1168 Processor - ok
13:17:56.0292 1168 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:17:56.0292 1168 ProfSvc - ok
13:17:56.0354 1168 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:17:56.0354 1168 ProtectedStorage - ok
13:17:56.0432 1168 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:17:56.0432 1168 Psched - ok
13:17:56.0510 1168 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:17:56.0541 1168 ql2300 - ok
13:17:56.0573 1168 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:17:56.0573 1168 ql40xx - ok
13:17:56.0604 1168 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:17:56.0619 1168 QWAVE - ok
13:17:56.0635 1168 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:17:56.0635 1168 QWAVEdrv - ok
13:17:56.0651 1168 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:17:56.0651 1168 RasAcd - ok
13:17:56.0697 1168 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:17:56.0697 1168 RasAgileVpn - ok
13:17:56.0729 1168 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:17:56.0729 1168 RasAuto - ok
13:17:56.0760 1168 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:17:56.0760 1168 Rasl2tp - ok
13:17:56.0807 1168 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:17:56.0822 1168 RasMan - ok
13:17:56.0838 1168 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:17:56.0838 1168 RasPppoe - ok
13:17:56.0885 1168 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:17:56.0885 1168 RasSstp - ok
13:17:56.0900 1168 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:17:56.0916 1168 rdbss - ok
13:17:56.0931 1168 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
13:17:56.0931 1168 rdpbus - ok
13:17:56.0963 1168 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:17:56.0963 1168 RDPCDD - ok
13:17:56.0978 1168 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:17:56.0978 1168 RDPENCDD - ok
13:17:56.0994 1168 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:17:56.0994 1168 RDPREFMP - ok
13:17:57.0009 1168 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:17:57.0025 1168 RDPWD - ok
13:17:57.0025 1168 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:17:57.0025 1168 rdyboost - ok
13:17:57.0056 1168 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:17:57.0072 1168 RemoteAccess - ok
13:17:57.0103 1168 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:17:57.0103 1168 RemoteRegistry - ok
13:17:57.0134 1168 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:17:57.0134 1168 RpcEptMapper - ok
13:17:57.0150 1168 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:17:57.0165 1168 RpcLocator - ok
13:17:57.0197 1168 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:17:57.0212 1168 RpcSs - ok
13:17:57.0259 1168 [ C897D551EE0DFCD8E638BF78E21D4D7F ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
13:17:57.0259 1168 RSPCIESTOR - ok
13:17:57.0290 1168 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:17:57.0290 1168 rspndr - ok
13:17:57.0321 1168 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:17:57.0337 1168 RTL8167 - ok
13:17:57.0353 1168 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:17:57.0353 1168 SamSs - ok
13:17:57.0368 1168 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:17:57.0368 1168 sbp2port - ok
13:17:57.0399 1168 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:17:57.0399 1168 SCardSvr - ok
13:17:57.0431 1168 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:17:57.0431 1168 scfilter - ok
13:17:57.0462 1168 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:17:57.0462 1168 Schedule - ok
13:17:57.0493 1168 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:17:57.0493 1168 SCPolicySvc - ok
13:17:57.0540 1168 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
13:17:57.0540 1168 sdbus - ok
13:17:57.0571 1168 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:17:57.0571 1168 SDRSVC - ok
13:17:57.0602 1168 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:17:57.0602 1168 secdrv - ok
13:17:57.0618 1168 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:17:57.0633 1168 seclogon - ok
13:17:57.0649 1168 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:17:57.0665 1168 SENS - ok
13:17:57.0680 1168 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:17:57.0696 1168 SensrSvc - ok
13:17:57.0727 1168 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
13:17:57.0743 1168 Serenum - ok
13:17:57.0758 1168 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
13:17:57.0758 1168 Serial - ok
13:17:57.0805 1168 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:17:57.0805 1168 sermouse - ok
13:17:57.0852 1168 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:17:57.0867 1168 SessionEnv - ok
13:17:57.0883 1168 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:17:57.0883 1168 sffdisk - ok
13:17:57.0899 1168 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:17:57.0899 1168 sffp_mmc - ok
13:17:57.0930 1168 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:17:57.0945 1168 sffp_sd - ok
13:17:57.0961 1168 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:17:57.0961 1168 sfloppy - ok
13:17:58.0008 1168 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
13:17:58.0023 1168 Sftfs - ok
13:17:58.0101 1168 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:17:58.0117 1168 sftlist - ok
13:17:58.0148 1168 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:17:58.0148 1168 Sftplay - ok
13:17:58.0164 1168 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:17:58.0164 1168 Sftredir - ok
13:17:58.0211 1168 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
13:17:58.0211 1168 Sftvol - ok
13:17:58.0226 1168 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:17:58.0226 1168 sftvsa - ok
13:17:58.0242 1168 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:17:58.0257 1168 SharedAccess - ok
13:17:58.0289 1168 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:17:58.0304 1168 ShellHWDetection - ok
13:17:58.0335 1168 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:17:58.0335 1168 SiSRaid2 - ok
13:17:58.0367 1168 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:17:58.0367 1168 SiSRaid4 - ok
13:17:58.0413 1168 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:17:58.0413 1168 Smb - ok
13:17:58.0476 1168 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:17:58.0476 1168 SNMPTRAP - ok
13:17:58.0491 1168 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:17:58.0491 1168 spldr - ok
13:17:58.0538 1168 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:17:58.0538 1168 Spooler - ok
13:17:58.0679 1168 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:17:58.0710 1168 sppsvc - ok
13:17:58.0741 1168 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:17:58.0741 1168 sppuinotify - ok
13:17:58.0772 1168 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:17:58.0788 1168 srv - ok
13:17:58.0835 1168 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:17:58.0835 1168 srv2 - ok
13:17:58.0881 1168 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:17:58.0897 1168 SrvHsfHDA - ok
13:17:58.0944 1168 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:17:58.0959 1168 SrvHsfV92 - ok
13:17:58.0991 1168 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:17:59.0006 1168 SrvHsfWinac - ok
13:17:59.0022 1168 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:17:59.0022 1168 srvnet - ok
13:17:59.0069 1168 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:17:59.0084 1168 SSDPSRV - ok
13:17:59.0084 1168 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:17:59.0100 1168 SstpSvc - ok
13:17:59.0162 1168 [ 7BF818B11C1FEDC3E76D233124470A30 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
13:17:59.0162 1168 STacSV - ok
13:17:59.0178 1168 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:17:59.0193 1168 stexstor - ok
13:17:59.0225 1168 [ EBC1A5E076A9BE314D3D9E8ED19ABB0A ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
13:17:59.0240 1168 STHDA - ok
13:17:59.0271 1168 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:17:59.0287 1168 stisvc - ok
13:17:59.0303 1168 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:17:59.0303 1168 swenum - ok
13:17:59.0318 1168 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:17:59.0334 1168 swprv - ok
13:17:59.0381 1168 [ CC13EE4AF170ABB99F6449CBB62AB219 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:17:59.0396 1168 SynTP - ok
13:17:59.0443 1168 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:17:59.0459 1168 SysMain - ok
13:17:59.0490 1168 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:17:59.0490 1168 TabletInputService - ok
13:17:59.0505 1168 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:17:59.0505 1168 TapiSrv - ok
13:17:59.0521 1168 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:17:59.0537 1168 TBS - ok
13:17:59.0583 1168 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:17:59.0599 1168 Tcpip - ok
13:17:59.0630 1168 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:17:59.0646 1168 TCPIP6 - ok
13:17:59.0661 1168 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:17:59.0661 1168 tcpipreg - ok
13:17:59.0677 1168 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:17:59.0677 1168 TDPIPE - ok
13:17:59.0724 1168 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:17:59.0724 1168 TDTCP - ok
13:17:59.0755 1168 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:17:59.0755 1168 tdx - ok
13:17:59.0786 1168 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:17:59.0786 1168 TermDD - ok
13:17:59.0833 1168 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:17:59.0849 1168 TermService - ok
13:17:59.0864 1168 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:17:59.0864 1168 Themes - ok
13:17:59.0880 1168 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:17:59.0880 1168 THREADORDER - ok
13:17:59.0942 1168 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:17:59.0942 1168 TrkWks - ok
13:17:59.0989 1168 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:18:00.0005 1168 TrustedInstaller - ok
13:18:00.0036 1168 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:18:00.0051 1168 tssecsrv - ok
13:18:00.0067 1168 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:18:00.0083 1168 TsUsbFlt - ok
13:18:00.0098 1168 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:18:00.0098 1168 TsUsbGD - ok
13:18:00.0145 1168 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:18:00.0145 1168 tunnel - ok
13:18:00.0161 1168 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:18:00.0176 1168 uagp35 - ok
13:18:00.0207 1168 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:18:00.0207 1168 udfs - ok
13:18:00.0254 1168 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:18:00.0270 1168 UI0Detect - ok
13:18:00.0301 1168 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:18:00.0301 1168 uliagpkx - ok
13:18:00.0332 1168 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:18:00.0332 1168 umbus - ok
13:18:00.0363 1168 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
13:18:00.0363 1168 UmPass - ok
13:18:00.0395 1168 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:18:00.0395 1168 upnphost - ok
13:18:00.0426 1168 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:18:00.0426 1168 usbccgp - ok
13:18:00.0457 1168 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:18:00.0457 1168 usbcir - ok
13:18:00.0488 1168 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:18:00.0488 1168 usbehci - ok
13:18:00.0535 1168 [ B7037444DC5138FC7D3D3968B4DE5C4B ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
13:18:00.0535 1168 usbfilter - ok
13:18:00.0566 1168 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
13:18:00.0566 1168 usbhub - ok
13:18:00.0582 1168 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:18:00.0597 1168 usbohci - ok
13:18:00.0613 1168 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
13:18:00.0613 1168 usbprint - ok
13:18:00.0629 1168 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:18:00.0644 1168 USBSTOR - ok
13:18:00.0660 1168 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:18:00.0660 1168 usbuhci - ok
13:18:00.0691 1168 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
13:18:00.0691 1168 usbvideo - ok
13:18:00.0722 1168 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:18:00.0722 1168 UxSms - ok
13:18:00.0738 1168 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:18:00.0738 1168 VaultSvc - ok
13:18:00.0769 1168 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:18:00.0785 1168 vdrvroot - ok
13:18:00.0800 1168 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:18:00.0816 1168 vds - ok
13:18:00.0847 1168 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:18:00.0847 1168 vga - ok
13:18:00.0863 1168 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:18:00.0863 1168 VgaSave - ok
13:18:00.0878 1168 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:18:00.0878 1168 vhdmp - ok
13:18:00.0909 1168 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:18:00.0909 1168 viaide - ok
13:18:00.0925 1168 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:18:00.0925 1168 volmgr - ok
13:18:00.0941 1168 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:18:00.0956 1168 volmgrx - ok
13:18:00.0987 1168 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:18:00.0987 1168 volsnap - ok
13:18:01.0019 1168 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:18:01.0019 1168 vsmraid - ok
13:18:01.0065 1168 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:18:01.0081 1168 VSS - ok
13:18:01.0159 1168 [ EF51747440486C23BD466311048BD924 ] vToolbarUpdater12.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
13:18:01.0175 1168 vToolbarUpdater12.2.0 - ok
13:18:01.0190 1168 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:18:01.0190 1168 vwifibus - ok
13:18:01.0221 1168 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:18:01.0221 1168 vwififlt - ok
13:18:01.0253 1168 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:18:01.0268 1168 W32Time - ok
13:18:01.0299 1168 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:18:01.0299 1168 WacomPen - ok
13:18:01.0346 1168 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:18:01.0346 1168 WANARP - ok
13:18:01.0362 1168 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:18:01.0362 1168 Wanarpv6 - ok
13:18:01.0471 1168 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:18:01.0487 1168 WatAdminSvc - ok
13:18:01.0565 1168 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:18:01.0580 1168 wbengine - ok
13:18:01.0611 1168 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:18:01.0611 1168 WbioSrvc - ok
13:18:01.0627 1168 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:18:01.0627 1168 wcncsvc - ok
13:18:01.0658 1168 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:18:01.0658 1168 WcsPlugInService - ok
13:18:01.0674 1168 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
13:18:01.0689 1168 Wd - ok
13:18:01.0721 1168 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:18:01.0721 1168 Wdf01000 - ok
13:18:01.0736 1168 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:18:01.0736 1168 WdiServiceHost - ok
13:18:01.0736 1168 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:18:01.0752 1168 WdiSystemHost - ok
13:18:01.0767 1168 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:18:01.0767 1168 WebClient - ok
13:18:01.0799 1168 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:18:01.0799 1168 Wecsvc - ok
13:18:01.0814 1168 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:18:01.0814 1168 wercplsupport - ok
13:18:01.0845 1168 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:18:01.0861 1168 WerSvc - ok
13:18:01.0861 1168 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:18:01.0861 1168 WfpLwf - ok
13:18:01.0877 1168 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:18:01.0877 1168 WIMMount - ok
13:18:01.0908 1168 WinDefend - ok
13:18:01.0923 1168 WinHttpAutoProxySvc - ok
13:18:02.0017 1168 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:18:02.0017 1168 Winmgmt - ok
13:18:02.0095 1168 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:18:02.0126 1168 WinRM - ok
13:18:02.0189 1168 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:18:02.0204 1168 Wlansvc - ok
13:18:02.0235 1168 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:18:02.0251 1168 wlcrasvc - ok
13:18:02.0423 1168 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:18:02.0423 1168 wlidsvc - ok
13:18:02.0469 1168 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:18:02.0469 1168 WmiAcpi - ok
13:18:02.0501 1168 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:18:02.0516 1168 wmiApSrv - ok
13:18:02.0547 1168 WMPNetworkSvc - ok
13:18:02.0579 1168 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:18:02.0579 1168 WPCSvc - ok
13:18:02.0594 1168 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:18:02.0594 1168 WPDBusEnum - ok
13:18:02.0625 1168 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:18:02.0641 1168 ws2ifsl - ok
13:18:02.0657 1168 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
13:18:02.0672 1168 wscsvc - ok
13:18:02.0688 1168 WSearch - ok
13:18:02.0828 1168 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:18:02.0859 1168 wuauserv - ok
13:18:02.0875 1168 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:18:02.0875 1168 WudfPf - ok
13:18:02.0906 1168 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:18:02.0906 1168 wudfsvc - ok
13:18:02.0937 1168 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
13:18:02.0937 1168 WwanSvc - ok
13:18:02.0953 1168 ================ Scan global ===============================
13:18:02.0984 1168 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:18:03.0000 1168 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:18:03.0015 1168 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:18:03.0031 1168 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:18:03.0078 1168 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:18:03.0093 1168 [Global] - ok
13:18:03.0093 1168 ================ Scan MBR ==================================
13:18:03.0093 1168 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:18:04.0326 1168 \Device\Harddisk0\DR0 - ok
13:18:04.0326 1168 ================ Scan VBR ==================================
13:18:04.0357 1168 [ 56C3BA65F6CB7D73D4BB1B8BF36F132A ] \Device\Harddisk0\DR0\Partition1
13:18:04.0357 1168 \Device\Harddisk0\DR0\Partition1 - ok
13:18:04.0373 1168 [ 69605E61B15F51E2E5741F023C3F9FBF ] \Device\Harddisk0\DR0\Partition2
13:18:04.0388 1168 \Device\Harddisk0\DR0\Partition2 - ok
13:18:04.0419 1168 [ 3A31710B2ADD713BF10BAAE541473F49 ] \Device\Harddisk0\DR0\Partition3
13:18:04.0419 1168 \Device\Harddisk0\DR0\Partition3 - ok
13:18:04.0451 1168 [ 73666B9C99C0E3A50CE54F298416598E ] \Device\Harddisk0\DR0\Partition4
13:18:04.0451 1168 \Device\Harddisk0\DR0\Partition4 - ok
13:18:04.0451 1168 ============================================================
13:18:04.0451 1168 Scan finished
13:18:04.0451 1168 ============================================================
13:18:04.0466 0204 Detected object count: 0
13:18:04.0466 0204 Actual detected object count: 0

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:39 AM

Posted 20 August 2012 - 12:36 PM

After finishing ESET scan,continue with these instructions

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

Edited by narenxp, 20 August 2012 - 12:36 PM.


#8 tink2725

tink2725
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:39 AM

Posted 20 August 2012 - 02:30 PM

C:\TDSSKiller_Quarantine\20.08.2012_12.58.21\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\20.08.2012_12.58.21\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\20.08.2012_12.58.21\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\20.08.2012_12.58.21\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\20.08.2012_12.58.21\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.NP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\20.08.2012_12.58.21\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\20.08.2012_12.58.21\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\20.08.2012_12.58.21\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined


ESET Scan off to do the rest..

#9 tink2725

tink2725
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:39 AM

Posted 20 August 2012 - 03:40 PM

clean Malware byte. Other scan is below and doing next item..
MiniToolBox by Farbar Version: 23-07-2012
Ran by owner (administrator) on 20-08-2012 at 16:38:53
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Ralink RT5390 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : owner-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : netgear.com
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 78-E3-B5-65-BF-D4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Ralink RT5390 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 64-27-37-33-1C-9F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7465:d765:9ab8:bf74%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.9(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, August 20, 2012 1:16:11 PM
Lease Expires . . . . . . . . . . : Tuesday, August 21, 2012 1:16:15 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 241444663
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-A5-68-A2-64-27-37-33-1C-9F
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{057EA3D5-5194-4DC4-A0FA-9E43AF0626BD}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:309a:2654:3f57:fef6(Preferred)
Link-local IPv6 Address . . . . . : fe80::309a:2654:3f57:fef6%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:800::1007
74.125.226.201
74.125.226.195
74.125.226.197
74.125.226.206
74.125.226.192
74.125.226.196
74.125.226.199
74.125.226.198
74.125.226.194
74.125.226.200
74.125.226.193


Pinging google.com [74.125.226.194] with 32 bytes of data:
Reply from 74.125.226.194: bytes=32 time=16ms TTL=55
Reply from 74.125.226.194: bytes=32 time=19ms TTL=55

Ping statistics for 74.125.226.194:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 16ms, Maximum = 19ms, Average = 17ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=77ms TTL=51
Reply from 98.138.253.109: bytes=32 time=118ms TTL=51

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 77ms, Maximum = 118ms, Average = 97ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=7ms TTL=128
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 3ms, Maximum = 7ms, Average = 5ms
===========================================================================
Interface List
12...78 e3 b5 65 bf d4 ......Realtek PCIe FE Family Controller
11...64 27 37 33 1c 9f ......Ralink RT5390 802.11b/g/n WiFi Adapter
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.9 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.9 286
192.168.1.9 255.255.255.255 On-link 192.168.1.9 286
192.168.1.255 255.255.255.255 On-link 192.168.1.9 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.9 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.9 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:9d38:953c:309a:2654:3f57:fef6/128
On-link
11 286 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::309a:2654:3f57:fef6/128
On-link
11 286 fe80::7465:d765:9ab8:bf74/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/20/2012 01:20:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/20/2012 01:20:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/20/2012 01:20:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/20/2012 01:20:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/20/2012 01:17:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2012 01:04:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/20/2012 01:04:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/20/2012 01:04:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/20/2012 01:04:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/20/2012 01:04:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (08/18/2012 09:14:41 PM) (Source: Service Control Manager) (User: )
Description: The Norton Internet Security service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (08/17/2012 01:38:32 PM) (Source: BugCheck) (User: )
Description: 0x0000001e (0xffffffffc0000005, 0xfffff80002c747ef, 0x0000000000000000, 0x000000007efa0000)C:\Windows\MEMORY.DMP081712-19032-01

Error: (08/17/2012 01:17:49 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/17/2012 01:17:49 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/17/2012 01:17:23 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/17/2012 01:17:17 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (08/17/2012 01:17:09 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/15/2012 09:52:29 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/15/2012 09:52:29 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/15/2012 09:51:59 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (08/20/2012 01:20:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\Desktop\esetsmartinstaller_enu.exe

Error: (08/20/2012 01:20:19 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\Desktop\esetsmartinstaller_enu.exe

Error: (08/20/2012 01:20:19 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\Desktop\esetsmartinstaller_enu.exe

Error: (08/20/2012 01:20:19 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\Desktop\esetsmartinstaller_enu.exe

Error: (08/20/2012 01:17:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2012 01:04:40 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\Desktop\esetsmartinstaller_enu.exe

Error: (08/20/2012 01:04:30 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\Desktop\esetsmartinstaller_enu.exe

Error: (08/20/2012 01:04:30 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\Desktop\esetsmartinstaller_enu.exe

Error: (08/20/2012 01:04:30 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\Desktop\esetsmartinstaller_enu.exe

Error: (08/20/2012 01:04:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\Desktop\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
AMD APP SDK Runtime (Version: 2.5.775.2)
AMD Catalyst Install Manager (Version: 3.0.847.0)
AMD Fuel (Version: 2011.0915.1431.24206)
AMD Media Foundation Decoders (Version: 1.0.60915.1416)
AMD Steady Video Plug-In (Version: 2.02.0000)
AMD VISION Engine Control Center (Version: 2011.0915.1431.24206)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
Bejeweled 3 (Version: 2.2.0.97)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blio (Version: 2.2.8188)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0915.1431.24206)
Catalyst Control Center InstallProxy (Version: 2011.0915.1431.24206)
Catalyst Control Center Localization All (Version: 2011.0915.1431.24206)
ccc-utility64 (Version: 2011.0915.1431.24206)
CCC Help Chinese Standard (Version: 2011.0915.1430.24206)
CCC Help Chinese Traditional (Version: 2011.0915.1430.24206)
CCC Help Czech (Version: 2011.0915.1430.24206)
CCC Help Danish (Version: 2011.0915.1430.24206)
CCC Help Dutch (Version: 2011.0915.1430.24206)
CCC Help English (Version: 2011.0915.1430.24206)
CCC Help Finnish (Version: 2011.0915.1430.24206)
CCC Help French (Version: 2011.0915.1430.24206)
CCC Help German (Version: 2011.0915.1430.24206)
CCC Help Greek (Version: 2011.0915.1430.24206)
CCC Help Hungarian (Version: 2011.0915.1430.24206)
CCC Help Italian (Version: 2011.0915.1430.24206)
CCC Help Japanese (Version: 2011.0915.1430.24206)
CCC Help Korean (Version: 2011.0915.1430.24206)
CCC Help Norwegian (Version: 2011.0915.1430.24206)
CCC Help Polish (Version: 2011.0915.1430.24206)
CCC Help Portuguese (Version: 2011.0915.1430.24206)
CCC Help Russian (Version: 2011.0915.1430.24206)
CCC Help Spanish (Version: 2011.0915.1430.24206)
CCC Help Swedish (Version: 2011.0915.1430.24206)
CCC Help Thai (Version: 2011.0915.1430.24206)
CCC Help Turkish (Version: 2011.0915.1430.24206)
Chuzzle Deluxe (Version: 2.2.0.95)
Cradle of Rome 2 (Version: 2.2.0.98)
CyberLink YouCam (Version: 3.5.0.4422)
D3DX10 (Version: 15.4.2368.0902)
Dora's World Adventure (Version: 2.2.0.95)
ESET Online Scanner v3
ESU for Microsoft Windows 7 SP1 (Version: 2.1.1)
Evernote v. 4.2.3 (Version: 4.2.3.22)
Farm Frenzy (Version: 2.2.0.98)
Farmscapes (Version: 2.2.0.98)
FATE (Version: 2.2.0.97)
Final Drive Fury (Version: 2.2.0.95)
Google Chrome (Version: 21.0.1180.79)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
Hoyle Card Games (Version: 2.2.0.95)
HP Application Assistant (Version: 1.0.409.3882)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (Version: 6.0.1.8)
HP Documentation (Version: 1.1.0.0)
HP Games (Version: 1.0.2.5)
HP Launch Box (Version: 1.1.5)
HP MovieStore (Version: 2.1.091)
HP MovieStore (Version: 2.1.21091.0)
HP On Screen Display (Version: 1.3.5)
HP Power Manager (Version: 1.4.7)
HP Quick Launch (Version: 2.7.2)
HP QuickWeb (Version: 3.1.1.10197)
HP Recovery Manager (Version: 2.0.0)
HP Security Assistant (Version: 2.0.1)
HP Setup (Version: 9.0.15076.3891)
HP Setup Manager (Version: 1.2.14901.3869)
HP Software Framework (Version: 4.5.10.1)
HP Support Assistant (Version: 6.1.12.1)
IDT Audio (Version: 1.0.6365.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 34 (Version: 6.0.340)
Jewel Match 3 (Version: 2.2.0.98)
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (Version: 2.2.0.98)
John Deere Drive Green (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Letters from Nowhere 2 (Version: 2.2.0.97)
Luxor HD (Version: 2.2.0.98)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.5139.5005)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
opensource (Version: 1.0.14960.3876)
Penguins! (Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.98)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.98)
Ralink RT5390 802.11b/g/n WiFi Adapter (Version: 3.2.13.0)
Realtek Ethernet Controller Driver (Version: 7.46.610.2011)
Realtek PCIE Card Reader (Version: 6.1.7601.84)
RollerCoaster Tycoon 3: Platinum (Version: 2.2.0.98)
Skype™ 5.5 (Version: 5.5.117)
swMSM (Version: 12.0.0.1)
Synaptics TouchPad Driver (Version: 15.3.17.0)
The Treasures of Mystery Island: The Ghost Ship (Version: 2.2.0.98)
Torchlight (Version: 2.2.0.98)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.98)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
WildTangent Games App (HP Games) (Version: 4.0.5.32)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zuma's Revenge (Version: 2.2.0.98)

========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 3562.91 MB
Available physical RAM: 1871.15 MB
Total Pagefile: 7124 MB
Available Pagefile: 5218.79 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.55 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:273.11 GB) (Free:219.88 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:20.82 GB) (Free:2.25 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32

========================= Users: ========================================

User accounts for \\OWNER-HP

Administrator Guest owner


**** End of log ****

#10 tink2725

tink2725
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:39 AM

Posted 20 August 2012 - 03:43 PM

Here is the next scan, Doing Adaware now..

Farbar Service Scanner Version: 06-08-2012
Ran by owner (administrator) on 20-08-2012 at 16:41:48
Running from "C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PE7HG72S"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#11 tink2725

tink2725
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:39 AM

Posted 20 August 2012 - 03:44 PM

AdaWare here:
# AdwCleaner v1.801 - Logfile created 08/20/2012 at 16:43:57
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : owner - OWNER-HP
# Boot Mode : Normal
# Running from : C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5YXA794\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\owner\AppData\Local\AVG Secure Search
Folder Found : C:\Users\owner\AppData\Local\Temp\avg@toolbar
Folder Found : C:\Users\owner\AppData\LocalLow\AVG Secure Search
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\Program Files (x86)\AVG Secure Search
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search

***** [Registry] *****

Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\IGearSettings
Key Found : HKLM\SOFTWARE\AVG Secure Search
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[x64] Key Found : HKCU\Software\AVG Secure Search
[x64] Key Found : HKCU\Software\IGearSettings
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
[x64] Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
[x64] Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
[x64] Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
[x64] Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
[x64] Key Found : HKLM\SOFTWARE\Classes\S
[x64] Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[x64] Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[x64] Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[x64] Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[x64] Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.79

File : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [6931 octets] - [20/08/2012 16:43:57]

########## EOF - C:\AdwCleaner[R1].txt - [7059 octets] ##########


How does it look?

#12 tink2725

tink2725
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:39 AM

Posted 20 August 2012 - 04:23 PM

I think I posted incorrect log, Here is the correct one:
# AdwCleaner v1.801 - Logfile created 08/20/2012 at 17:19:57
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : owner - OWNER-HP
# Boot Mode : Normal
# Running from : C:\Users\owner\Documents\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\AVG Secure Search
Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search

***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.79

File : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [7004 octets] - [20/08/2012 16:43:57]
AdwCleaner[R2].txt - [6994 octets] - [20/08/2012 16:46:09]
AdwCleaner[R3].txt - [7054 octets] - [20/08/2012 17:13:10]
AdwCleaner[R4].txt - [7114 octets] - [20/08/2012 17:15:39]
AdwCleaner[S1].txt - [5493 octets] - [20/08/2012 17:15:48]
AdwCleaner[R5].txt - [1241 octets] - [20/08/2012 17:19:38]
AdwCleaner[S2].txt - [1182 octets] - [20/08/2012 17:19:57]

########## EOF - C:\AdwCleaner[S2].txt - [1310 octets] ##########

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:39 AM

Posted 20 August 2012 - 08:51 PM

Looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#14 tink2725

tink2725
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:39 AM

Posted 21 August 2012 - 07:26 AM

Thanks for your help NarenXP

I have told my mom to not let others use her computer. She always has problems when she does that.
I told her again no letting others on it and watch what she clicks on.
Thanks again :)
Tam

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:39 AM

Posted 21 August 2012 - 07:30 AM

You're welcome :)

I used to advice my mom too,she never hears it :lol:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users