Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Many Bad Messages


  • Please log in to reply
20 replies to this topic

#1 mynameisnotrobert

mynameisnotrobert

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 21 August 2012 - 03:53 PM

Hey all. This morning AVG started to notify me that my computer was infected by Trojan Horse Patched_c.LXT. AVG gave me no options but to ignore the threat, so i did. Later on, a different message appeared talking about Trojan Horse Generic15.bhgz. Any attempt to quarantine this failed, as it was dealing with system files and even with administrator privileges AVG could do nothing. I finally decided that it might be a good idea to research these viruses. I open google chrome and I get "The site's security certificate is signed using a weak signature algorithm" for www.google.com. I am pretty much stuck at this point. Any help would be greatly appreciated.

Edit: I am using Windows 7 Ultimate 64 bit.

Edited by mynameisnotrobert, 21 August 2012 - 03:54 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:29 AM

Posted 21 August 2012 - 03:59 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 mynameisnotrobert

mynameisnotrobert
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 21 August 2012 - 04:05 PM

Thanks for the quick reply! But the link for aswMBR seems to be broken...

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:29 AM

Posted 21 August 2012 - 04:17 PM

Yes it seems to be broken,run the other scans.

#5 mynameisnotrobert

mynameisnotrobert
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 21 August 2012 - 07:01 PM

Alright. Here is the TDSSKiller log:


17:06:37.0570 4600 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
17:06:37.0944 4600 ============================================================
17:06:37.0944 4600 Current date / time: 2012/08/21 17:06:37.0944
17:06:37.0944 4600 SystemInfo:
17:06:37.0944 4600
17:06:37.0944 4600 OS Version: 6.1.7600 ServicePack: 0.0
17:06:37.0944 4600 Product type: Workstation
17:06:37.0944 4600 ComputerName: VB46GIVMI6
17:06:37.0944 4600 UserName: [X]
17:06:37.0944 4600 Windows directory: E:\Windows
17:06:37.0944 4600 System windows directory: E:\Windows
17:06:37.0944 4600 Running under WOW64
17:06:37.0944 4600 Processor architecture: Intel x64
17:06:37.0944 4600 Number of processors: 4
17:06:37.0944 4600 Page size: 0x1000
17:06:37.0944 4600 Boot type: Normal boot
17:06:37.0944 4600 ============================================================
17:06:38.0989 4600 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:06:39.0005 4600 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:06:39.0020 4600 Drive \Device\Harddisk2\DR8 - Size: 0x1DD180000 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:06:39.0067 4600 ============================================================
17:06:39.0067 4600 \Device\Harddisk0\DR0:
17:06:39.0067 4600 MBR partitions:
17:06:39.0067 4600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x38C81BA4
17:06:39.0067 4600 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38C81BE3, BlocksNum 0x170305E
17:06:39.0067 4600 \Device\Harddisk1\DR1:
17:06:39.0067 4600 MBR partitions:
17:06:39.0067 4600 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
17:06:39.0067 4600 \Device\Harddisk2\DR8:
17:06:39.0067 4600 MBR partitions:
17:06:39.0067 4600 \Device\Harddisk2\DR8\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0xEE8BE0
17:06:39.0067 4600 ============================================================
17:06:39.0083 4600 C: <-> \Device\Harddisk0\DR0\Partition1
17:06:39.0098 4600 E: <-> \Device\Harddisk1\DR1\Partition1
17:06:39.0145 4600 D: <-> \Device\Harddisk0\DR0\Partition2
17:06:39.0145 4600 ============================================================
17:06:39.0145 4600 Initialize success
17:06:39.0145 4600 ============================================================
17:07:16.0457 3052 ============================================================
17:07:16.0457 3052 Scan started
17:07:16.0457 3052 Mode: Manual; TDLFS;
17:07:16.0457 3052 ============================================================
17:07:18.0048 3052 ================ Scan system memory ========================
17:07:18.0048 3052 System memory - ok
17:07:18.0048 3052 ================ Scan services =============================
17:07:18.0188 3052 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci E:\Windows\system32\DRIVERS\1394ohci.sys
17:07:18.0188 3052 1394ohci - ok
17:07:18.0235 3052 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI E:\Windows\system32\DRIVERS\ACPI.sys
17:07:18.0251 3052 ACPI - ok
17:07:18.0251 3052 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi E:\Windows\system32\DRIVERS\acpipmi.sys
17:07:18.0266 3052 AcpiPmi - ok
17:07:18.0407 3052 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:07:18.0407 3052 AdobeARMservice - ok
17:07:18.0438 3052 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx E:\Windows\system32\DRIVERS\adp94xx.sys
17:07:18.0454 3052 adp94xx - ok
17:07:18.0500 3052 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci E:\Windows\system32\DRIVERS\adpahci.sys
17:07:18.0532 3052 adpahci - ok
17:07:18.0594 3052 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 E:\Windows\system32\DRIVERS\adpu320.sys
17:07:18.0610 3052 adpu320 - ok
17:07:18.0688 3052 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc E:\Windows\System32\aelupsvc.dll
17:07:18.0688 3052 AeLookupSvc - ok
17:07:18.0734 3052 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD E:\Windows\system32\drivers\afd.sys
17:07:18.0750 3052 AFD - ok
17:07:18.0766 3052 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 E:\Windows\system32\DRIVERS\agp440.sys
17:07:18.0766 3052 agp440 - ok
17:07:18.0781 3052 [ 3290D6946B5E30E70414990574883DDB ] ALG E:\Windows\System32\alg.exe
17:07:18.0781 3052 ALG - ok
17:07:18.0797 3052 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide E:\Windows\system32\DRIVERS\aliide.sys
17:07:18.0812 3052 aliide - ok
17:07:18.0828 3052 [ 1FF8B4431C353CE385C875F194924C0C ] amdide E:\Windows\system32\DRIVERS\amdide.sys
17:07:18.0844 3052 amdide - ok
17:07:18.0875 3052 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 E:\Windows\system32\DRIVERS\amdk8.sys
17:07:18.0890 3052 AmdK8 - ok
17:07:18.0906 3052 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM E:\Windows\system32\DRIVERS\amdppm.sys
17:07:18.0906 3052 AmdPPM - ok
17:07:18.0922 3052 [ 7A4B413614C055935567CF88A9734D38 ] amdsata E:\Windows\system32\DRIVERS\amdsata.sys
17:07:18.0937 3052 amdsata - ok
17:07:18.0953 3052 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs E:\Windows\system32\DRIVERS\amdsbs.sys
17:07:18.0953 3052 amdsbs - ok
17:07:18.0968 3052 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata E:\Windows\system32\DRIVERS\amdxata.sys
17:07:18.0968 3052 amdxata - ok
17:07:19.0000 3052 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID E:\Windows\system32\drivers\appid.sys
17:07:19.0000 3052 AppID - ok
17:07:19.0015 3052 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc E:\Windows\System32\appidsvc.dll
17:07:19.0015 3052 AppIDSvc - ok
17:07:19.0031 3052 [ D065BE66822847B7F127D1F90158376E ] Appinfo E:\Windows\System32\appinfo.dll
17:07:19.0031 3052 Appinfo - ok
17:07:19.0140 3052 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:07:19.0140 3052 Apple Mobile Device - ok
17:07:19.0156 3052 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt E:\Windows\System32\appmgmts.dll
17:07:19.0171 3052 AppMgmt - ok
17:07:19.0187 3052 [ C484F8CEB1717C540242531DB7845C4E ] arc E:\Windows\system32\DRIVERS\arc.sys
17:07:19.0187 3052 arc - ok
17:07:19.0202 3052 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas E:\Windows\system32\DRIVERS\arcsas.sys
17:07:19.0202 3052 arcsas - ok
17:07:19.0280 3052 aspnet_state - ok
17:07:19.0312 3052 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac E:\Windows\system32\DRIVERS\asyncmac.sys
17:07:19.0312 3052 AsyncMac - ok
17:07:19.0327 3052 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi E:\Windows\system32\DRIVERS\atapi.sys
17:07:19.0327 3052 atapi - ok
17:07:19.0343 3052 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder E:\Windows\System32\Audiosrv.dll
17:07:19.0358 3052 AudioEndpointBuilder - ok
17:07:19.0358 3052 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv E:\Windows\System32\Audiosrv.dll
17:07:19.0374 3052 AudioSrv - ok
17:07:19.0608 3052 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent E:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
17:07:19.0639 3052 AVGIDSAgent - ok
17:07:19.0686 3052 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver E:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:07:19.0686 3052 AVGIDSDriver - ok
17:07:19.0686 3052 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter E:\Windows\system32\DRIVERS\avgidsfiltera.sys
17:07:19.0686 3052 AVGIDSFilter - ok
17:07:19.0733 3052 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA E:\Windows\system32\DRIVERS\avgidsha.sys
17:07:19.0733 3052 AVGIDSHA - ok
17:07:19.0748 3052 [ 59955B4C288DD2A8B9FD2CD5158355C5 ] Avgldx64 E:\Windows\system32\DRIVERS\avgldx64.sys
17:07:19.0748 3052 Avgldx64 - ok
17:07:19.0764 3052 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 E:\Windows\system32\DRIVERS\avgmfx64.sys
17:07:19.0764 3052 Avgmfx64 - ok
17:07:19.0795 3052 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 E:\Windows\system32\DRIVERS\avgrkx64.sys
17:07:19.0795 3052 Avgrkx64 - ok
17:07:19.0811 3052 [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia E:\Windows\system32\DRIVERS\avgtdia.sys
17:07:19.0811 3052 Avgtdia - ok
17:07:19.0842 3052 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd E:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
17:07:19.0842 3052 avgwd - ok
17:07:19.0873 3052 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV E:\Windows\System32\AxInstSV.dll
17:07:19.0873 3052 AxInstSV - ok
17:07:19.0920 3052 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv E:\Windows\system32\DRIVERS\bxvbda.sys
17:07:19.0920 3052 b06bdrv - ok
17:07:19.0936 3052 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a E:\Windows\system32\DRIVERS\b57nd60a.sys
17:07:19.0951 3052 b57nd60a - ok
17:07:19.0982 3052 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC E:\Windows\System32\bdesvc.dll
17:07:19.0982 3052 BDESVC - ok
17:07:19.0982 3052 [ 16A47CE2DECC9B099349A5F840654746 ] Beep E:\Windows\system32\drivers\Beep.sys
17:07:19.0982 3052 Beep - ok
17:07:20.0014 3052 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive E:\Windows\system32\DRIVERS\blbdrive.sys
17:07:20.0014 3052 blbdrive - ok
17:07:20.0138 3052 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service E:\Program Files\Bonjour\mDNSResponder.exe
17:07:20.0138 3052 Bonjour Service - ok
17:07:20.0185 3052 [ 19D20159708E152267E53B66677A4995 ] bowser E:\Windows\system32\DRIVERS\bowser.sys
17:07:20.0185 3052 bowser - ok
17:07:20.0201 3052 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo E:\Windows\system32\DRIVERS\BrFiltLo.sys
17:07:20.0201 3052 BrFiltLo - ok
17:07:20.0216 3052 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp E:\Windows\system32\DRIVERS\BrFiltUp.sys
17:07:20.0216 3052 BrFiltUp - ok
17:07:20.0248 3052 [ 5C2F352A4E961D72518261257AAE204B ] Bridge E:\Windows\system32\DRIVERS\bridge.sys
17:07:20.0248 3052 Bridge - ok
17:07:20.0263 3052 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP E:\Windows\system32\DRIVERS\bridge.sys
17:07:20.0263 3052 BridgeMP - ok
17:07:20.0279 3052 [ 94FBC06F294D58D02361918418F996E3 ] Browser E:\Windows\System32\browser.dll
17:07:20.0279 3052 Browser - ok
17:07:20.0310 3052 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid E:\Windows\System32\Drivers\Brserid.sys
17:07:20.0310 3052 Brserid - ok
17:07:20.0326 3052 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm E:\Windows\System32\Drivers\BrSerWdm.sys
17:07:20.0326 3052 BrSerWdm - ok
17:07:20.0341 3052 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm E:\Windows\System32\Drivers\BrUsbMdm.sys
17:07:20.0341 3052 BrUsbMdm - ok
17:07:20.0357 3052 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer E:\Windows\System32\Drivers\BrUsbSer.sys
17:07:20.0357 3052 BrUsbSer - ok
17:07:20.0372 3052 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM E:\Windows\system32\DRIVERS\bthmodem.sys
17:07:20.0388 3052 BTHMODEM - ok
17:07:20.0404 3052 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv E:\Windows\system32\bthserv.dll
17:07:20.0404 3052 bthserv - ok
17:07:20.0419 3052 [ B8BD2BB284668C84865658C77574381A ] cdfs E:\Windows\system32\DRIVERS\cdfs.sys
17:07:20.0419 3052 cdfs - ok
17:07:20.0450 3052 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom E:\Windows\system32\DRIVERS\cdrom.sys
17:07:20.0450 3052 cdrom - ok
17:07:20.0466 3052 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc E:\Windows\System32\certprop.dll
17:07:20.0466 3052 CertPropSvc - ok
17:07:20.0482 3052 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass E:\Windows\system32\DRIVERS\circlass.sys
17:07:20.0482 3052 circlass - ok
17:07:20.0513 3052 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS E:\Windows\system32\CLFS.sys
17:07:20.0513 3052 CLFS - ok
17:07:20.0544 3052 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 E:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:07:20.0544 3052 clr_optimization_v2.0.50727_32 - ok
17:07:20.0591 3052 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 E:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:07:20.0591 3052 clr_optimization_v2.0.50727_64 - ok
17:07:20.0684 3052 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:07:20.0684 3052 clr_optimization_v4.0.30319_32 - ok
17:07:20.0731 3052 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 E:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:07:20.0731 3052 clr_optimization_v4.0.30319_64 - ok
17:07:20.0747 3052 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt E:\Windows\system32\DRIVERS\CmBatt.sys
17:07:20.0747 3052 CmBatt - ok
17:07:20.0762 3052 [ E19D3F095812725D88F9001985B94EDD ] cmdide E:\Windows\system32\DRIVERS\cmdide.sys
17:07:20.0762 3052 cmdide - ok
17:07:20.0794 3052 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG E:\Windows\system32\Drivers\cng.sys
17:07:20.0809 3052 CNG - ok
17:07:20.0825 3052 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt E:\Windows\system32\DRIVERS\compbatt.sys
17:07:20.0825 3052 Compbatt - ok
17:07:20.0840 3052 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus E:\Windows\system32\DRIVERS\CompositeBus.sys
17:07:20.0856 3052 CompositeBus - ok
17:07:20.0856 3052 COMSysApp - ok
17:07:20.0872 3052 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk E:\Windows\system32\DRIVERS\crcdisk.sys
17:07:20.0872 3052 crcdisk - ok
17:07:20.0918 3052 [ F02786B66375292E58C8777082D4396D ] CryptSvc E:\Windows\system32\cryptsvc.dll
17:07:20.0918 3052 CryptSvc - ok
17:07:20.0950 3052 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC E:\Windows\system32\drivers\csc.sys
17:07:20.0950 3052 CSC - ok
17:07:20.0981 3052 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService E:\Windows\System32\cscsvc.dll
17:07:20.0981 3052 CscService - ok
17:07:21.0028 3052 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch E:\Windows\system32\rpcss.dll
17:07:21.0028 3052 DcomLaunch - ok
17:07:21.0059 3052 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc E:\Windows\System32\defragsvc.dll
17:07:21.0059 3052 defragsvc - ok
17:07:21.0106 3052 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC E:\Windows\system32\Drivers\dfsc.sys
17:07:21.0121 3052 DfsC - ok
17:07:21.0137 3052 [ CE3B9562D997F69B330D181A8875960F ] Dhcp E:\Windows\system32\dhcpcore.dll
17:07:21.0137 3052 Dhcp - ok
17:07:21.0184 3052 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache E:\Windows\system32\drivers\discache.sys
17:07:21.0184 3052 discache - ok
17:07:21.0215 3052 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk E:\Windows\system32\DRIVERS\disk.sys
17:07:21.0215 3052 Disk - ok
17:07:21.0262 3052 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache E:\Windows\System32\dnsrslvr.dll
17:07:21.0262 3052 Dnscache - ok
17:07:21.0277 3052 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc E:\Windows\System32\dot3svc.dll
17:07:21.0277 3052 dot3svc - ok
17:07:21.0324 3052 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 E:\Windows\system32\DRIVERS\Dot4.sys
17:07:21.0324 3052 Dot4 - ok
17:07:21.0371 3052 [ 85135AD27E79B689335C08167D917CDE ] Dot4Print E:\Windows\system32\DRIVERS\Dot4Prt.sys
17:07:21.0371 3052 Dot4Print - ok
17:07:21.0386 3052 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb E:\Windows\system32\DRIVERS\dot4usb.sys
17:07:21.0386 3052 dot4usb - ok
17:07:21.0418 3052 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS E:\Windows\system32\dps.dll
17:07:21.0418 3052 DPS - ok
17:07:21.0449 3052 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud E:\Windows\system32\drivers\drmkaud.sys
17:07:21.0449 3052 drmkaud - ok
17:07:21.0527 3052 [ 95A91D77BA6F4DAC59380FB19FFF9D60 ] DSDrv4 E:\PROGRA~2\DScaler\DSDrv4.sys
17:07:21.0527 3052 DSDrv4 - ok
17:07:21.0527 3052 [ A64CB62BACE27CDE2F1EC53D5AC63503 ] DSDrv4AMD64 E:\PROGRA~2\DScaler\DSDRV4~2.SYS
17:07:21.0527 3052 DSDrv4AMD64 - ok
17:07:21.0574 3052 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl E:\Windows\System32\drivers\dxgkrnl.sys
17:07:21.0589 3052 DXGKrnl - ok
17:07:21.0605 3052 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost E:\Windows\System32\eapsvc.dll
17:07:21.0605 3052 EapHost - ok
17:07:21.0683 3052 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv E:\Windows\system32\DRIVERS\evbda.sys
17:07:21.0730 3052 ebdrv - ok
17:07:21.0761 3052 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS E:\Windows\System32\lsass.exe
17:07:21.0761 3052 EFS - ok
17:07:21.0870 3052 [ AF2CCD0078F51BC498629D21AC73236B ] ehRecvr E:\Windows\ehome\ehRecvr.exe
17:07:21.0870 3052 ehRecvr - ok
17:07:21.0886 3052 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched E:\Windows\ehome\ehsched.exe
17:07:21.0901 3052 ehSched - ok
17:07:21.0948 3052 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO E:\Windows\system32\Drivers\ElbyCDIO.sys
17:07:21.0948 3052 ElbyCDIO - ok
17:07:21.0995 3052 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor E:\Windows\system32\DRIVERS\elxstor.sys
17:07:21.0995 3052 elxstor - ok
17:07:22.0010 3052 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev E:\Windows\system32\DRIVERS\errdev.sys
17:07:22.0010 3052 ErrDev - ok
17:07:22.0057 3052 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem E:\Windows\system32\es.dll
17:07:22.0057 3052 EventSystem - ok
17:07:22.0073 3052 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat E:\Windows\system32\drivers\exfat.sys
17:07:22.0073 3052 exfat - ok
17:07:22.0104 3052 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat E:\Windows\system32\drivers\fastfat.sys
17:07:22.0104 3052 fastfat - ok
17:07:22.0151 3052 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax E:\Windows\system32\fxssvc.exe
17:07:22.0151 3052 Fax - ok
17:07:22.0166 3052 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc E:\Windows\system32\DRIVERS\fdc.sys
17:07:22.0166 3052 fdc - ok
17:07:22.0182 3052 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost E:\Windows\system32\fdPHost.dll
17:07:22.0182 3052 fdPHost - ok
17:07:22.0198 3052 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub E:\Windows\system32\fdrespub.dll
17:07:22.0198 3052 FDResPub - ok
17:07:22.0229 3052 FileDisk - ok
17:07:22.0244 3052 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo E:\Windows\system32\drivers\fileinfo.sys
17:07:22.0244 3052 FileInfo - ok
17:07:22.0260 3052 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace E:\Windows\system32\drivers\filetrace.sys
17:07:22.0260 3052 Filetrace - ok
17:07:22.0291 3052 FingerPrint - ok
17:07:22.0307 3052 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk E:\Windows\system32\DRIVERS\flpydisk.sys
17:07:22.0307 3052 flpydisk - ok
17:07:22.0322 3052 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr E:\Windows\system32\drivers\fltmgr.sys
17:07:22.0322 3052 FltMgr - ok
17:07:22.0369 3052 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache E:\Windows\system32\FntCache.dll
17:07:22.0385 3052 FontCache - ok
17:07:22.0416 3052 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 E:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:07:22.0416 3052 FontCache3.0.0.0 - ok
17:07:22.0432 3052 [ D43703496149971890703B4B1B723EAC ] FsDepends E:\Windows\system32\drivers\FsDepends.sys
17:07:22.0432 3052 FsDepends - ok
17:07:22.0463 3052 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec E:\Windows\system32\drivers\Fs_Rec.sys
17:07:22.0463 3052 Fs_Rec - ok
17:07:22.0478 3052 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol E:\Windows\system32\DRIVERS\fvevol.sys
17:07:22.0478 3052 fvevol - ok
17:07:22.0494 3052 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx E:\Windows\system32\DRIVERS\gagp30kx.sys
17:07:22.0510 3052 gagp30kx - ok
17:07:22.0541 3052 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM E:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:07:22.0541 3052 GEARAspiWDM - ok
17:07:22.0588 3052 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc E:\Windows\System32\gpsvc.dll
17:07:22.0588 3052 gpsvc - ok
17:07:22.0650 3052 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:07:22.0650 3052 gupdate - ok
17:07:22.0666 3052 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:07:22.0666 3052 gupdatem - ok
17:07:22.0775 3052 [ D8239E3E365DE4AA306128316CD758ED ] Hauppauge WinTV Extender E:\PROGRA~2\WinTV\Extend\WINTVE~1.EXE
17:07:22.0775 3052 Hauppauge WinTV Extender - ok
17:07:22.0868 3052 [ 1DBBF9BE473F6CA2F2F4182FCCF563DC ] HauppaugeTVServer E:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE
17:07:22.0868 3052 HauppaugeTVServer - ok
17:07:22.0915 3052 [ 5BF776ABEDEA06B0779C82E9D54B58D7 ] hcmon E:\Windows\system32\drivers\hcmon.sys
17:07:22.0915 3052 hcmon - ok
17:07:22.0993 3052 [ EADBB46445D527377D4AE3EFBEEA25BB ] HCW85BDA E:\Windows\system32\drivers\HCW85BDA.sys
17:07:22.0993 3052 HCW85BDA - ok
17:07:23.0040 3052 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService E:\Windows\system32\drivers\HdAudio.sys
17:07:23.0040 3052 HdAudAddService - ok
17:07:23.0056 3052 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus E:\Windows\system32\DRIVERS\HDAudBus.sys
17:07:23.0056 3052 HDAudBus - ok
17:07:23.0071 3052 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt E:\Windows\system32\DRIVERS\HidBatt.sys
17:07:23.0071 3052 HidBatt - ok
17:07:23.0087 3052 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth E:\Windows\system32\DRIVERS\hidbth.sys
17:07:23.0102 3052 HidBth - ok
17:07:23.0102 3052 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr E:\Windows\system32\DRIVERS\hidir.sys
17:07:23.0118 3052 HidIr - ok
17:07:23.0134 3052 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv E:\Windows\system32\hidserv.dll
17:07:23.0134 3052 hidserv - ok
17:07:23.0196 3052 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb E:\Windows\system32\DRIVERS\hidusb.sys
17:07:23.0196 3052 HidUsb - ok
17:07:23.0212 3052 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc E:\Windows\system32\kmsvc.dll
17:07:23.0227 3052 hkmsvc - ok
17:07:23.0243 3052 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener E:\Windows\system32\ListSvc.dll
17:07:23.0243 3052 HomeGroupListener - ok
17:07:23.0274 3052 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider E:\Windows\system32\provsvc.dll
17:07:23.0274 3052 HomeGroupProvider - ok
17:07:23.0305 3052 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD E:\Windows\system32\DRIVERS\HpSAMD.sys
17:07:23.0305 3052 HpSAMD - ok
17:07:23.0336 3052 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP E:\Windows\system32\drivers\HTTP.sys
17:07:23.0352 3052 HTTP - ok
17:07:23.0368 3052 [ F17766A19145F111856378DF337A5D79 ] hwpolicy E:\Windows\system32\drivers\hwpolicy.sys
17:07:23.0368 3052 hwpolicy - ok
17:07:23.0383 3052 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt E:\Windows\system32\DRIVERS\i8042prt.sys
17:07:23.0383 3052 i8042prt - ok
17:07:23.0414 3052 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV E:\Windows\system32\DRIVERS\iaStorV.sys
17:07:23.0414 3052 iaStorV - ok
17:07:23.0461 3052 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc E:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:07:23.0477 3052 idsvc - ok
17:07:23.0633 3052 [ 24CC43ECDEEFD4C19FBBEE4951B647F1 ] igfx E:\Windows\system32\DRIVERS\igdkmd64.sys
17:07:23.0695 3052 igfx - ok
17:07:23.0711 3052 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp E:\Windows\system32\DRIVERS\iirsp.sys
17:07:23.0711 3052 iirsp - ok
17:07:23.0758 3052 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT E:\Windows\System32\ikeext.dll
17:07:23.0773 3052 IKEEXT - ok
17:07:23.0867 3052 [ 028E40182A6F0374978C755F85B9F07C ] IntcAzAudAddService E:\Windows\system32\drivers\RTKVHD64.sys
17:07:23.0882 3052 IntcAzAudAddService - ok
17:07:23.0882 3052 [ F00F20E70C6EC3AA366910083A0518AA ] intelide E:\Windows\system32\DRIVERS\intelide.sys
17:07:23.0882 3052 intelide - ok
17:07:23.0914 3052 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm E:\Windows\system32\DRIVERS\intelppm.sys
17:07:23.0914 3052 intelppm - ok
17:07:23.0929 3052 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum E:\Windows\system32\ipbusenum.dll
17:07:23.0929 3052 IPBusEnum - ok
17:07:23.0945 3052 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver E:\Windows\system32\DRIVERS\ipfltdrv.sys
17:07:23.0945 3052 IpFilterDriver - ok
17:07:23.0960 3052 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV E:\Windows\system32\DRIVERS\IPMIDrv.sys
17:07:23.0960 3052 IPMIDRV - ok
17:07:23.0960 3052 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT E:\Windows\system32\drivers\ipnat.sys
17:07:23.0960 3052 IPNAT - ok
17:07:24.0023 3052 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service E:\Program Files\iPod\bin\iPodService.exe
17:07:24.0038 3052 iPod Service - ok
17:07:24.0054 3052 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM E:\Windows\system32\drivers\irenum.sys
17:07:24.0054 3052 IRENUM - ok
17:07:24.0070 3052 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp E:\Windows\system32\DRIVERS\isapnp.sys
17:07:24.0070 3052 isapnp - ok
17:07:24.0101 3052 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt E:\Windows\system32\DRIVERS\msiscsi.sys
17:07:24.0101 3052 iScsiPrt - ok
17:07:24.0116 3052 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass E:\Windows\system32\DRIVERS\kbdclass.sys
17:07:24.0116 3052 kbdclass - ok
17:07:24.0148 3052 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid E:\Windows\system32\DRIVERS\kbdhid.sys
17:07:24.0148 3052 kbdhid - ok
17:07:24.0163 3052 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso E:\Windows\system32\lsass.exe
17:07:24.0163 3052 KeyIso - ok
17:07:24.0194 3052 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD E:\Windows\system32\Drivers\ksecdd.sys
17:07:24.0194 3052 KSecDD - ok
17:07:24.0210 3052 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg E:\Windows\system32\Drivers\ksecpkg.sys
17:07:24.0210 3052 KSecPkg - ok
17:07:24.0226 3052 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk E:\Windows\system32\drivers\ksthunk.sys
17:07:24.0226 3052 ksthunk - ok
17:07:24.0257 3052 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm E:\Windows\system32\msdtckrm.dll
17:07:24.0272 3052 KtmRm - ok
17:07:24.0319 3052 [ F33C5D79D3273530E1892A0922283A7B ] L8042Kbd E:\Windows\system32\DRIVERS\L8042Kbd.sys
17:07:24.0319 3052 L8042Kbd - ok
17:07:24.0335 3052 [ A6FE2E63441094074F57243FB0FDB45A ] L8042mou E:\Windows\system32\DRIVERS\L8042mou.Sys
17:07:24.0335 3052 L8042mou - ok
17:07:24.0335 3052 L8042PR2 - ok
17:07:24.0382 3052 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer E:\Windows\system32\srvsvc.dll
17:07:24.0382 3052 LanmanServer - ok
17:07:24.0413 3052 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation E:\Windows\System32\wkssvc.dll
17:07:24.0413 3052 LanmanWorkstation - ok
17:07:24.0506 3052 [ 88E52495B47C67126B510AF53FDB0BC7 ] LBTServ E:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
17:07:24.0506 3052 LBTServ - ok
17:07:24.0600 3052 [ 71C6A95A5F0CCC87298C4DD0F2C3635A ] LightScribeService E:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:07:24.0600 3052 LightScribeService - ok
17:07:24.0662 3052 [ 1538831CF8AD2979A04C423779465827 ] lltdio E:\Windows\system32\DRIVERS\lltdio.sys
17:07:24.0662 3052 lltdio - ok
17:07:24.0709 3052 [ C1185803384AB3FEED115F79F109427F ] lltdsvc E:\Windows\System32\lltdsvc.dll
17:07:24.0725 3052 lltdsvc - ok
17:07:24.0756 3052 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts E:\Windows\System32\lmhsvc.dll
17:07:24.0756 3052 lmhosts - ok
17:07:24.0772 3052 LMouFlt2 - ok
17:07:24.0787 3052 [ F518C34C137348B7DBE5343ACC646A1C ] LMouKE E:\Windows\system32\DRIVERS\LMouKE.Sys
17:07:24.0787 3052 LMouKE - ok
17:07:24.0818 3052 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC E:\Windows\system32\DRIVERS\lsi_fc.sys
17:07:24.0818 3052 LSI_FC - ok
17:07:24.0850 3052 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS E:\Windows\system32\DRIVERS\lsi_sas.sys
17:07:24.0850 3052 LSI_SAS - ok
17:07:24.0865 3052 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 E:\Windows\system32\DRIVERS\lsi_sas2.sys
17:07:24.0865 3052 LSI_SAS2 - ok
17:07:24.0865 3052 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI E:\Windows\system32\DRIVERS\lsi_scsi.sys
17:07:24.0865 3052 LSI_SCSI - ok
17:07:24.0896 3052 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv E:\Windows\system32\drivers\luafv.sys
17:07:24.0896 3052 luafv - ok
17:07:24.0943 3052 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector E:\Windows\system32\drivers\mbam.sys
17:07:24.0943 3052 MBAMProtector - ok
17:07:24.0990 3052 [ 43683E970F008C93C9429EF428147A54 ] MBAMService E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:07:24.0990 3052 MBAMService - ok
17:07:25.0037 3052 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus E:\Windows\system32\DRIVERS\mcdbus.sys
17:07:25.0037 3052 mcdbus - ok
17:07:25.0052 3052 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc E:\Windows\system32\Mcx2Svc.dll
17:07:25.0068 3052 Mcx2Svc - ok
17:07:25.0162 3052 [ E416E967E3FB6FB1E9AE12B9C7DAB526 ] MDM E:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
17:07:25.0162 3052 MDM - ok
17:07:25.0162 3052 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas E:\Windows\system32\DRIVERS\megasas.sys
17:07:25.0177 3052 megasas - ok
17:07:25.0177 3052 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR E:\Windows\system32\DRIVERS\MegaSR.sys
17:07:25.0193 3052 MegaSR - ok
17:07:25.0255 3052 Microsoft SharePoint Workspace Audit Service - ok
17:07:25.0286 3052 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS E:\Windows\system32\mmcss.dll
17:07:25.0286 3052 MMCSS - ok
17:07:25.0302 3052 [ 800BA92F7010378B09F9ED9270F07137 ] Modem E:\Windows\system32\drivers\modem.sys
17:07:25.0302 3052 Modem - ok
17:07:25.0333 3052 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor E:\Windows\system32\DRIVERS\monitor.sys
17:07:25.0333 3052 monitor - ok
17:07:25.0349 3052 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass E:\Windows\system32\DRIVERS\mouclass.sys
17:07:25.0349 3052 mouclass - ok
17:07:25.0380 3052 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid E:\Windows\system32\DRIVERS\mouhid.sys
17:07:25.0380 3052 mouhid - ok
17:07:25.0396 3052 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr E:\Windows\system32\drivers\mountmgr.sys
17:07:25.0396 3052 mountmgr - ok
17:07:25.0396 3052 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio E:\Windows\system32\DRIVERS\mpio.sys
17:07:25.0396 3052 mpio - ok
17:07:25.0411 3052 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv E:\Windows\system32\drivers\mpsdrv.sys
17:07:25.0411 3052 mpsdrv - ok
17:07:25.0427 3052 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV E:\Windows\system32\drivers\mrxdav.sys
17:07:25.0427 3052 MRxDAV - ok
17:07:25.0474 3052 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb E:\Windows\system32\DRIVERS\mrxsmb.sys
17:07:25.0474 3052 mrxsmb - ok
17:07:25.0489 3052 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 E:\Windows\system32\DRIVERS\mrxsmb10.sys
17:07:25.0489 3052 mrxsmb10 - ok
17:07:25.0505 3052 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 E:\Windows\system32\DRIVERS\mrxsmb20.sys
17:07:25.0505 3052 mrxsmb20 - ok
17:07:25.0520 3052 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci E:\Windows\system32\DRIVERS\msahci.sys
17:07:25.0520 3052 msahci - ok
17:07:25.0520 3052 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm E:\Windows\system32\DRIVERS\msdsm.sys
17:07:25.0536 3052 msdsm - ok
17:07:25.0552 3052 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC E:\Windows\System32\msdtc.exe
17:07:25.0552 3052 MSDTC - ok
17:07:25.0583 3052 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs E:\Windows\system32\drivers\Msfs.sys
17:07:25.0583 3052 Msfs - ok
17:07:25.0598 3052 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf E:\Windows\System32\drivers\mshidkmdf.sys
17:07:25.0598 3052 mshidkmdf - ok
17:07:25.0598 3052 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv E:\Windows\system32\DRIVERS\msisadrv.sys
17:07:25.0598 3052 msisadrv - ok
17:07:25.0645 3052 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI E:\Windows\system32\iscsiexe.dll
17:07:25.0645 3052 MSiSCSI - ok
17:07:25.0645 3052 msiserver - ok
17:07:25.0676 3052 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV E:\Windows\system32\drivers\MSKSSRV.sys
17:07:25.0676 3052 MSKSSRV - ok
17:07:25.0692 3052 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK E:\Windows\system32\drivers\MSPCLOCK.sys
17:07:25.0692 3052 MSPCLOCK - ok
17:07:25.0708 3052 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM E:\Windows\system32\drivers\MSPQM.sys
17:07:25.0708 3052 MSPQM - ok
17:07:25.0708 3052 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC E:\Windows\system32\drivers\MsRPC.sys
17:07:25.0723 3052 MsRPC - ok
17:07:25.0739 3052 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios E:\Windows\system32\DRIVERS\mssmbios.sys
17:07:25.0739 3052 mssmbios - ok
17:07:25.0754 3052 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE E:\Windows\system32\drivers\MSTEE.sys
17:07:25.0754 3052 MSTEE - ok
17:07:25.0754 3052 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig E:\Windows\system32\DRIVERS\MTConfig.sys
17:07:25.0770 3052 MTConfig - ok
17:07:25.0786 3052 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup E:\Windows\system32\Drivers\mup.sys
17:07:25.0786 3052 Mup - ok
17:07:25.0817 3052 [ 4987E079A4530FA737A128BE54B63B12 ] napagent E:\Windows\system32\qagentRT.dll
17:07:25.0832 3052 napagent - ok
17:07:25.0879 3052 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP E:\Windows\system32\DRIVERS\nwifi.sys
17:07:25.0879 3052 NativeWifiP - ok
17:07:25.0910 3052 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS E:\Windows\system32\drivers\ndis.sys
17:07:25.0926 3052 NDIS - ok
17:07:25.0942 3052 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap E:\Windows\system32\DRIVERS\ndiscap.sys
17:07:25.0942 3052 NdisCap - ok
17:07:25.0957 3052 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi E:\Windows\system32\DRIVERS\ndistapi.sys
17:07:25.0957 3052 NdisTapi - ok
17:07:25.0973 3052 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio E:\Windows\system32\DRIVERS\ndisuio.sys
17:07:25.0973 3052 Ndisuio - ok
17:07:25.0988 3052 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan E:\Windows\system32\DRIVERS\ndiswan.sys
17:07:25.0988 3052 NdisWan - ok
17:07:26.0004 3052 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy E:\Windows\system32\drivers\NDProxy.sys
17:07:26.0004 3052 NDProxy - ok
17:07:26.0020 3052 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS E:\Windows\system32\DRIVERS\netbios.sys
17:07:26.0020 3052 NetBIOS - ok
17:07:26.0035 3052 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT E:\Windows\system32\DRIVERS\netbt.sys
17:07:26.0035 3052 NetBT - ok
17:07:26.0035 3052 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon E:\Windows\system32\lsass.exe
17:07:26.0051 3052 Netlogon - ok
17:07:26.0066 3052 [ 847D3AE376C0817161A14A82C8922A9E ] Netman E:\Windows\System32\netman.dll
17:07:26.0082 3052 Netman - ok
17:07:26.0098 3052 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm E:\Windows\System32\netprofm.dll
17:07:26.0113 3052 netprofm - ok
17:07:26.0144 3052 [ B72BB9496A126FCFC7FC5945DED9B411 ] netr28x E:\Windows\system32\DRIVERS\netr28x.sys
17:07:26.0160 3052 netr28x - ok
17:07:26.0191 3052 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing E:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:07:26.0191 3052 NetTcpPortSharing - ok
17:07:26.0207 3052 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 E:\Windows\system32\DRIVERS\nfrd960.sys
17:07:26.0207 3052 nfrd960 - ok
17:07:26.0238 3052 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc E:\Windows\System32\nlasvc.dll
17:07:26.0238 3052 NlaSvc - ok
17:07:26.0332 3052 [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService E:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
17:07:26.0332 3052 NMIndexingService - ok
17:07:26.0347 3052 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs E:\Windows\system32\drivers\Npfs.sys
17:07:26.0347 3052 Npfs - ok
17:07:26.0378 3052 NPVR Recording Service - ok
17:07:26.0410 3052 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi E:\Windows\system32\nsisvc.dll
17:07:26.0410 3052 nsi - ok
17:07:26.0425 3052 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy E:\Windows\system32\drivers\nsiproxy.sys
17:07:26.0425 3052 nsiproxy - ok
17:07:26.0456 3052 [ 356698A13C4630D5B31C37378D469196 ] Ntfs E:\Windows\system32\drivers\Ntfs.sys
17:07:26.0472 3052 Ntfs - ok
17:07:26.0488 3052 [ 9899284589F75FA8724FF3D16AED75C1 ] Null E:\Windows\system32\drivers\Null.sys
17:07:26.0488 3052 Null - ok
17:07:26.0768 3052 [ CC1EFEA1F0AB17E59BD4B5BAFF3E5CB0 ] nvlddmkm E:\Windows\system32\DRIVERS\nvlddmkm.sys
17:07:26.0893 3052 nvlddmkm - ok
17:07:27.0002 3052 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid E:\Windows\system32\DRIVERS\nvraid.sys
17:07:27.0002 3052 nvraid - ok
17:07:27.0002 3052 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor E:\Windows\system32\DRIVERS\nvstor.sys
17:07:27.0002 3052 nvstor - ok
17:07:27.0049 3052 [ 39F933CA2798156B0B7A19D104B73B9A ] nvsvc E:\Windows\system32\nvvsvc.exe
17:07:27.0065 3052 nvsvc - ok
17:07:27.0158 3052 [ 4E5C5D88EB0A8D21824D5A3EB7327E69 ] nvUpdatusService E:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
17:07:27.0174 3052 nvUpdatusService - ok
17:07:27.0190 3052 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp E:\Windows\system32\DRIVERS\nv_agp.sys
17:07:27.0205 3052 nv_agp - ok
17:07:27.0221 3052 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 E:\Windows\system32\DRIVERS\ohci1394.sys
17:07:27.0221 3052 ohci1394 - ok
17:07:27.0283 3052 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose E:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:07:27.0283 3052 ose - ok
17:07:27.0470 3052 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:07:27.0486 3052 osppsvc - ok
17:07:27.0517 3052 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc E:\Windows\system32\pnrpsvc.dll
17:07:27.0533 3052 p2pimsvc - ok
17:07:27.0548 3052 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc E:\Windows\system32\p2psvc.dll
17:07:27.0548 3052 p2psvc - ok
17:07:27.0580 3052 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport E:\Windows\system32\DRIVERS\parport.sys
17:07:27.0580 3052 Parport - ok
17:07:27.0611 3052 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr E:\Windows\system32\drivers\partmgr.sys
17:07:27.0611 3052 partmgr - ok
17:07:27.0626 3052 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc E:\Windows\System32\pcasvc.dll
17:07:27.0642 3052 PcaSvc - ok
17:07:27.0658 3052 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci E:\Windows\system32\DRIVERS\pci.sys
17:07:27.0658 3052 pci - ok
17:07:27.0673 3052 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide E:\Windows\system32\DRIVERS\pciide.sys
17:07:27.0673 3052 pciide - ok
17:07:27.0689 3052 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia E:\Windows\system32\DRIVERS\pcmcia.sys
17:07:27.0689 3052 pcmcia - ok
17:07:27.0704 3052 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw E:\Windows\system32\drivers\pcw.sys
17:07:27.0704 3052 pcw - ok
17:07:27.0736 3052 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH E:\Windows\system32\drivers\peauth.sys
17:07:27.0736 3052 PEAUTH - ok
17:07:27.0782 3052 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc E:\Windows\system32\peerdistsvc.dll
17:07:27.0798 3052 PeerDistSvc - ok
17:07:27.0876 3052 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost E:\Windows\SysWow64\perfhost.exe
17:07:27.0876 3052 PerfHost - ok
17:07:27.0907 3052 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla E:\Windows\system32\pla.dll
17:07:27.0923 3052 pla - ok
17:07:27.0970 3052 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay E:\Windows\system32\umpnpmgr.dll
17:07:27.0970 3052 PlugPlay - ok
17:07:27.0985 3052 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg E:\Windows\system32\pnrpauto.dll
17:07:27.0985 3052 PNRPAutoReg - ok
17:07:28.0001 3052 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc E:\Windows\system32\pnrpsvc.dll
17:07:28.0016 3052 PNRPsvc - ok
17:07:28.0048 3052 [ 33328FA8A580885AB0065BE6DB266E9F ] Point64 E:\Windows\system32\DRIVERS\point64.sys
17:07:28.0048 3052 Point64 - ok
17:07:28.0079 3052 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent E:\Windows\System32\ipsecsvc.dll
17:07:28.0094 3052 PolicyAgent - ok
17:07:28.0126 3052 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power E:\Windows\system32\umpo.dll
17:07:28.0126 3052 Power - ok
17:07:28.0157 3052 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport E:\Windows\system32\DRIVERS\raspptp.sys
17:07:28.0157 3052 PptpMiniport - ok
17:07:28.0172 3052 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor E:\Windows\system32\DRIVERS\processr.sys
17:07:28.0172 3052 Processor - ok
17:07:28.0204 3052 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc E:\Windows\system32\profsvc.dll
17:07:28.0204 3052 ProfSvc - ok
17:07:28.0219 3052 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage E:\Windows\system32\lsass.exe
17:07:28.0219 3052 ProtectedStorage - ok
17:07:28.0250 3052 [ EE992183BD8EAEFD9973F352E587A299 ] Psched E:\Windows\system32\DRIVERS\pacer.sys
17:07:28.0250 3052 Psched - ok
17:07:28.0297 3052 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 E:\Windows\system32\DRIVERS\ql2300.sys
17:07:28.0313 3052 ql2300 - ok
17:07:28.0344 3052 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx E:\Windows\system32\DRIVERS\ql40xx.sys
17:07:28.0344 3052 ql40xx - ok
17:07:28.0360 3052 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE E:\Windows\system32\qwave.dll
17:07:28.0360 3052 QWAVE - ok
17:07:28.0375 3052 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv E:\Windows\system32\drivers\qwavedrv.sys
17:07:28.0375 3052 QWAVEdrv - ok
17:07:28.0391 3052 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd E:\Windows\system32\DRIVERS\rasacd.sys
17:07:28.0406 3052 RasAcd - ok
17:07:28.0422 3052 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn E:\Windows\system32\DRIVERS\AgileVpn.sys
17:07:28.0422 3052 RasAgileVpn - ok
17:07:28.0438 3052 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto E:\Windows\System32\rasauto.dll
17:07:28.0438 3052 RasAuto - ok
17:07:28.0453 3052 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp E:\Windows\system32\DRIVERS\rasl2tp.sys
17:07:28.0453 3052 Rasl2tp - ok
17:07:28.0469 3052 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan E:\Windows\System32\rasmans.dll
17:07:28.0484 3052 RasMan - ok
17:07:28.0500 3052 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe E:\Windows\system32\DRIVERS\raspppoe.sys
17:07:28.0500 3052 RasPppoe - ok
17:07:28.0516 3052 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp E:\Windows\system32\DRIVERS\rassstp.sys
17:07:28.0516 3052 RasSstp - ok
17:07:28.0531 3052 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss E:\Windows\system32\DRIVERS\rdbss.sys
17:07:28.0531 3052 rdbss - ok
17:07:28.0531 3052 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus E:\Windows\system32\DRIVERS\rdpbus.sys
17:07:28.0547 3052 rdpbus - ok
17:07:28.0547 3052 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD E:\Windows\system32\DRIVERS\RDPCDD.sys
17:07:28.0547 3052 RDPCDD - ok
17:07:28.0578 3052 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR E:\Windows\system32\drivers\rdpdr.sys
17:07:28.0578 3052 RDPDR - ok
17:07:28.0594 3052 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD E:\Windows\system32\drivers\rdpencdd.sys
17:07:28.0594 3052 RDPENCDD - ok
17:07:28.0609 3052 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP E:\Windows\system32\drivers\rdprefmp.sys
17:07:28.0609 3052 RDPREFMP - ok
17:07:28.0656 3052 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD E:\Windows\system32\drivers\RDPWD.sys
17:07:28.0656 3052 RDPWD - ok
17:07:28.0672 3052 [ 634B9A2181D98F15941236886164EC8B ] rdyboost E:\Windows\system32\drivers\rdyboost.sys
17:07:28.0672 3052 rdyboost - ok
17:07:28.0703 3052 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess E:\Windows\System32\mprdim.dll
17:07:28.0718 3052 RemoteAccess - ok
17:07:28.0734 3052 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry E:\Windows\system32\regsvc.dll
17:07:28.0734 3052 RemoteRegistry - ok
17:07:28.0750 3052 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper E:\Windows\System32\RpcEpMap.dll
17:07:28.0750 3052 RpcEptMapper - ok
17:07:28.0765 3052 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator E:\Windows\system32\locator.exe
17:07:28.0765 3052 RpcLocator - ok
17:07:28.0796 3052 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs E:\Windows\system32\rpcss.dll
17:07:28.0796 3052 RpcSs - ok
17:07:28.0812 3052 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr E:\Windows\system32\DRIVERS\rspndr.sys
17:07:28.0812 3052 rspndr - ok
17:07:28.0843 3052 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 E:\Windows\system32\DRIVERS\Rt64win7.sys
17:07:28.0859 3052 RTL8167 - ok
17:07:28.0874 3052 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap E:\Windows\system32\DRIVERS\vms3cap.sys
17:07:28.0874 3052 s3cap - ok
17:07:28.0890 3052 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs E:\Windows\system32\lsass.exe
17:07:28.0890 3052 SamSs - ok
17:07:28.0906 3052 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port E:\Windows\system32\DRIVERS\sbp2port.sys
17:07:28.0921 3052 sbp2port - ok
17:07:28.0952 3052 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr E:\Windows\System32\SCardSvr.dll
17:07:28.0952 3052 SCardSvr - ok
17:07:28.0968 3052 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter E:\Windows\system32\DRIVERS\scfilter.sys
17:07:28.0968 3052 scfilter - ok
17:07:29.0015 3052 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule E:\Windows\system32\schedsvc.dll
17:07:29.0030 3052 Schedule - ok
17:07:29.0046 3052 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc E:\Windows\System32\certprop.dll
17:07:29.0046 3052 SCPolicySvc - ok
17:07:29.0062 3052 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC E:\Windows\System32\SDRSVC.dll
17:07:29.0062 3052 SDRSVC - ok
17:07:29.0093 3052 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv E:\Windows\system32\drivers\secdrv.sys
17:07:29.0093 3052 secdrv - ok
17:07:29.0093 3052 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon E:\Windows\system32\seclogon.dll
17:07:29.0108 3052 seclogon - ok
17:07:29.0108 3052 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS E:\Windows\System32\sens.dll
17:07:29.0108 3052 SENS - ok
17:07:29.0108 3052 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc E:\Windows\system32\sensrsvc.dll
17:07:29.0124 3052 SensrSvc - ok
17:07:29.0140 3052 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum E:\Windows\system32\DRIVERS\serenum.sys
17:07:29.0140 3052 Serenum - ok
17:07:29.0155 3052 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial E:\Windows\system32\DRIVERS\serial.sys
17:07:29.0155 3052 Serial - ok
17:07:29.0171 3052 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse E:\Windows\system32\DRIVERS\sermouse.sys
17:07:29.0171 3052 sermouse - ok
17:07:29.0202 3052 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv E:\Windows\system32\sessenv.dll
17:07:29.0202 3052 SessionEnv - ok
17:07:29.0249 3052 [ 4FCACE92BB0345D58BB96ADBD69F5237 ] sfdrv01 E:\Windows\system32\drivers\sfdrv01.sys
17:07:29.0249 3052 sfdrv01 - ok
17:07:29.0264 3052 [ A554811BCD09279536440C964AE35BBF ] sffdisk E:\Windows\system32\DRIVERS\sffdisk.sys
17:07:29.0264 3052 sffdisk - ok
17:07:29.0264 3052 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc E:\Windows\system32\DRIVERS\sffp_mmc.sys
17:07:29.0280 3052 sffp_mmc - ok
17:07:29.0280 3052 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd E:\Windows\system32\DRIVERS\sffp_sd.sys
17:07:29.0280 3052 sffp_sd - ok
17:07:29.0311 3052 [ 17F6BD95BF04B924F4C05CE78BEF8AE6 ] sfhlp02 E:\Windows\system32\drivers\sfhlp02.sys
17:07:29.0311 3052 sfhlp02 - ok
17:07:29.0327 3052 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy E:\Windows\system32\DRIVERS\sfloppy.sys
17:07:29.0327 3052 sfloppy - ok
17:07:29.0374 3052 [ 40CF333266E10137F805B8956FE19031 ] sfsync02 E:\Windows\system32\drivers\sfsync02.sys
17:07:29.0374 3052 sfsync02 - ok
17:07:29.0420 3052 [ F3B72568A6FA36E5D63D30B8186D1C48 ] sfvfs02 E:\Windows\system32\drivers\sfvfs02.sys
17:07:29.0420 3052 sfvfs02 - ok
17:07:29.0436 3052 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection E:\Windows\System32\shsvcs.dll
17:07:29.0436 3052 ShellHWDetection - ok
17:07:29.0452 3052 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 E:\Windows\system32\DRIVERS\SiSRaid2.sys
17:07:29.0467 3052 SiSRaid2 - ok
17:07:29.0467 3052 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 E:\Windows\system32\DRIVERS\sisraid4.sys
17:07:29.0467 3052 SiSRaid4 - ok
17:07:29.0483 3052 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb E:\Windows\system32\DRIVERS\smb.sys
17:07:29.0483 3052 Smb - ok
17:07:29.0514 3052 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP E:\Windows\System32\snmptrap.exe
17:07:29.0514 3052 SNMPTRAP - ok
17:07:29.0530 3052 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr E:\Windows\system32\drivers\spldr.sys
17:07:29.0530 3052 spldr - ok
17:07:29.0576 3052 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler E:\Windows\System32\spoolsv.exe
17:07:29.0592 3052 Spooler - ok
17:07:29.0654 3052 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc E:\Windows\system32\sppsvc.exe
17:07:29.0686 3052 sppsvc - ok
17:07:29.0701 3052 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify E:\Windows\system32\sppuinotify.dll
17:07:29.0701 3052 sppuinotify - ok
17:07:29.0748 3052 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv E:\Windows\system32\DRIVERS\srv.sys
17:07:29.0748 3052 srv - ok
17:07:29.0826 3052 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 E:\Windows\system32\DRIVERS\srv2.sys
17:07:29.0826 3052 srv2 - ok
17:07:29.0857 3052 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet E:\Windows\system32\DRIVERS\srvnet.sys
17:07:29.0857 3052 srvnet - ok
17:07:29.0857 3052 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV E:\Windows\System32\ssdpsrv.dll
17:07:29.0873 3052 SSDPSRV - ok
17:07:29.0873 3052 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc E:\Windows\system32\sstpsvc.dll
17:07:29.0888 3052 SstpSvc - ok
17:07:29.0935 3052 [ 9BF7E58D9113CE15CF4F1E1B18CEFF83 ] Stereo Service E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:07:29.0951 3052 Stereo Service - ok
17:07:29.0966 3052 [ F3817967ED533D08327DC73BC4D5542A ] stexstor E:\Windows\system32\DRIVERS\stexstor.sys
17:07:29.0966 3052 stexstor - ok
17:07:30.0013 3052 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc E:\Windows\System32\wiaservc.dll
17:07:30.0013 3052 stisvc - ok
17:07:30.0060 3052 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt E:\Windows\system32\DRIVERS\vmstorfl.sys
17:07:30.0060 3052 storflt - ok
17:07:30.0076 3052 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc E:\Windows\system32\DRIVERS\storvsc.sys
17:07:30.0076 3052 storvsc - ok
17:07:30.0091 3052 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum E:\Windows\system32\DRIVERS\swenum.sys
17:07:30.0107 3052 swenum - ok
17:07:30.0122 3052 [ E08E46FDD841B7184194011CA1955A0B ] swprv E:\Windows\System32\swprv.dll
17:07:30.0138 3052 swprv - ok
17:07:30.0169 3052 [ 512231BA47975F3F1A67B11F271BB49D ] SynasUSB E:\Windows\system32\drivers\SynUSB64.sys
17:07:30.0169 3052 SynasUSB - ok
17:07:30.0216 3052 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain E:\Windows\system32\sysmain.dll
17:07:30.0232 3052 SysMain - ok
17:07:30.0247 3052 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService E:\Windows\System32\TabSvc.dll
17:07:30.0247 3052 TabletInputService - ok
17:07:30.0263 3052 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv E:\Windows\System32\tapisrv.dll
17:07:30.0278 3052 TapiSrv - ok
17:07:30.0278 3052 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS E:\Windows\System32\tbssvc.dll
17:07:30.0294 3052 TBS - ok
17:07:30.0356 3052 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip E:\Windows\system32\drivers\tcpip.sys
17:07:30.0372 3052 Tcpip - ok
17:07:30.0403 3052 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 E:\Windows\system32\DRIVERS\tcpip.sys
17:07:30.0419 3052 TCPIP6 - ok
17:07:30.0434 3052 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg E:\Windows\system32\drivers\tcpipreg.sys
17:07:30.0434 3052 tcpipreg - ok
17:07:30.0450 3052 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE E:\Windows\system32\drivers\tdpipe.sys
17:07:30.0450 3052 TDPIPE - ok
17:07:30.0481 3052 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP E:\Windows\system32\drivers\tdtcp.sys
17:07:30.0481 3052 TDTCP - ok
17:07:30.0497 3052 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx E:\Windows\system32\DRIVERS\tdx.sys
17:07:30.0497 3052 tdx - ok
17:07:30.0512 3052 [ C448651339196C0E869A355171875522 ] TermDD E:\Windows\system32\DRIVERS\termdd.sys
17:07:30.0512 3052 TermDD - ok
17:07:30.0528 3052 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService E:\Windows\System32\termsrv.dll
17:07:30.0544 3052 TermService - ok
17:07:30.0559 3052 [ F0344071948D1A1FA732231785A0664C ] Themes E:\Windows\system32\themeservice.dll
17:07:30.0559 3052 Themes - ok
17:07:30.0575 3052 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER E:\Windows\system32\mmcss.dll
17:07:30.0575 3052 THREADORDER - ok
17:07:30.0590 3052 TICalc - ok
17:07:30.0622 3052 [ 199C2E87D9A5EC58D0BCD94E893BF629 ] TIEHDUSB E:\Windows\system32\DRIVERS\tiehdusb.sys
17:07:30.0622 3052 TIEHDUSB - ok
17:07:30.0668 3052 [ 5C248E03921137E131AC5F1459FD42C9 ] ToolkitDisk E:\Windows\system32\Drivers\toolkitdisk.sys
17:07:30.0668 3052 ToolkitDisk - ok
17:07:30.0684 3052 tpcdrdrv - ok
17:07:30.0700 3052 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks E:\Windows\System32\trkwks.dll
17:07:30.0700 3052 TrkWks - ok
17:07:30.0746 3052 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller E:\Windows\servicing\TrustedInstaller.exe
17:07:30.0746 3052 TrustedInstaller - ok
17:07:30.0762 3052 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv E:\Windows\system32\DRIVERS\tssecsrv.sys
17:07:30.0778 3052 tssecsrv - ok
17:07:30.0793 3052 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel E:\Windows\system32\DRIVERS\tunnel.sys
17:07:30.0809 3052 tunnel - ok
17:07:30.0824 3052 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 E:\Windows\system32\DRIVERS\uagp35.sys
17:07:30.0824 3052 uagp35 - ok
17:07:30.0840 3052 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs E:\Windows\system32\DRIVERS\udfs.sys
17:07:30.0856 3052 udfs - ok
17:07:30.0871 3052 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect E:\Windows\system32\UI0Detect.exe
17:07:30.0871 3052 UI0Detect - ok
17:07:30.0887 3052 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx E:\Windows\system32\DRIVERS\uliagpkx.sys
17:07:30.0887 3052 uliagpkx - ok
17:07:30.0902 3052 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus E:\Windows\system32\DRIVERS\umbus.sys
17:07:30.0902 3052 umbus - ok
17:07:30.0918 3052 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass E:\Windows\system32\DRIVERS\umpass.sys
17:07:30.0918 3052 UmPass - ok
17:07:30.0934 3052 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService E:\Windows\System32\umrdp.dll
17:07:30.0934 3052 UmRdpService - ok
17:07:30.0965 3052 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost E:\Windows\System32\upnphost.dll
17:07:30.0980 3052 upnphost - ok
17:07:31.0027 3052 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 E:\Windows\system32\Drivers\usbaapl64.sys
17:07:31.0027 3052 USBAAPL64 - ok
17:07:31.0074 3052 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio E:\Windows\system32\drivers\usbaudio.sys
17:07:31.0074 3052 usbaudio - ok
17:07:31.0090 3052 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp E:\Windows\system32\DRIVERS\usbccgp.sys
17:07:31.0090 3052 usbccgp - ok
17:07:31.0105 3052 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir E:\Windows\system32\DRIVERS\usbcir.sys
17:07:31.0105 3052 usbcir - ok
17:07:31.0121 3052 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci E:\Windows\system32\DRIVERS\usbehci.sys
17:07:31.0121 3052 usbehci - ok
17:07:31.0168 3052 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub E:\Windows\system32\DRIVERS\usbhub.sys
17:07:31.0168 3052 usbhub - ok
17:07:31.0183 3052 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci E:\Windows\system32\DRIVERS\usbohci.sys
17:07:31.0183 3052 usbohci - ok
17:07:31.0214 3052 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint E:\Windows\system32\DRIVERS\usbprint.sys
17:07:31.0214 3052 usbprint - ok
17:07:31.0230 3052 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR E:\Windows\system32\DRIVERS\USBSTOR.SYS
17:07:31.0230 3052 USBSTOR - ok
17:07:31.0246 3052 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci E:\Windows\system32\DRIVERS\usbuhci.sys
17:07:31.0246 3052 usbuhci - ok
17:07:31.0261 3052 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms E:\Windows\System32\uxsms.dll
17:07:31.0261 3052 UxSms - ok
17:07:31.0261 3052 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc E:\Windows\system32\lsass.exe
17:07:31.0261 3052 VaultSvc - ok
17:07:31.0324 3052 [ C30F3D43CEB6F79ADE9B805387E5F63C ] VBoxDrv E:\Windows\system32\DRIVERS\VBoxDrv.sys
17:07:31.0324 3052 VBoxDrv - ok
17:07:31.0355 3052 [ CF3EE68CD9723E9F21E3198A0F690400 ] VBoxUSBMon E:\Windows\system32\DRIVERS\VBoxUSBMon.sys
17:07:31.0355 3052 VBoxUSBMon - ok
17:07:31.0386 3052 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone E:\Windows\system32\DRIVERS\VClone.sys
17:07:31.0386 3052 VClone - ok
17:07:31.0417 3052 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot E:\Windows\system32\DRIVERS\vdrvroot.sys
17:07:31.0417 3052 vdrvroot - ok
17:07:31.0433 3052 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds E:\Windows\System32\vds.exe
17:07:31.0448 3052 vds - ok
17:07:31.0464 3052 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga E:\Windows\system32\DRIVERS\vgapnp.sys
17:07:31.0464 3052 vga - ok
17:07:31.0480 3052 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave E:\Windows\System32\drivers\vga.sys
17:07:31.0480 3052 VgaSave - ok
17:07:31.0495 3052 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp E:\Windows\system32\DRIVERS\vhdmp.sys
17:07:31.0495 3052 vhdmp - ok
17:07:31.0511 3052 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide E:\Windows\system32\DRIVERS\viaide.sys
17:07:31.0526 3052 viaide - ok
17:07:31.0558 3052 VideoAcceleratorService - ok
17:07:31.0620 3052 [ 0FC29ADB3F634ED3E535A76395B470B5 ] VMAuthdService E:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
17:07:31.0620 3052 VMAuthdService - ok
17:07:31.0636 3052 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus E:\Windows\system32\DRIVERS\vmbus.sys
17:07:31.0636 3052 vmbus - ok
17:07:31.0651 3052 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID E:\Windows\system32\DRIVERS\VMBusHID.sys
17:07:31.0651 3052 VMBusHID - ok
17:07:31.0698 3052 [ 87FC1DD880E8CAC4FAEBB84AF61A87C4 ] vmci E:\Windows\system32\DRIVERS\vmci.sys
17:07:31.0698 3052 vmci - ok
17:07:31.0745 3052 [ 76306D9523BC16BAF01F1B71E3E174A9 ] vmkbd E:\Windows\system32\drivers\VMkbd.sys
17:07:31.0745 3052 vmkbd - ok
17:07:31.0760 3052 [ B259C31378BC855AFD1B53F59311C251 ] VMnetAdapter E:\Windows\system32\DRIVERS\vmnetadapter.sys
17:07:31.0760 3052 VMnetAdapter - ok
17:07:31.0807 3052 [ DEC4CE720FFEDA939CF1BA315CFBD993 ] VMnetBridge E:\Windows\system32\DRIVERS\vmnetbridge.sys
17:07:31.0807 3052 VMnetBridge - ok
17:07:31.0807 3052 VMnetDHCP - ok
17:07:31.0823 3052 [ FF9E2B3ACD52C84EB50CA467C1952EB5 ] VMnetuserif E:\Windows\system32\drivers\vmnetuserif.sys
17:07:31.0823 3052 VMnetuserif - ok
17:07:31.0885 3052 [ B5BB4513C3206D1D4F8A0F276AE424FA ] VMUSBArbService E:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
17:07:31.0885 3052 VMUSBArbService - ok
17:07:31.0901 3052 VMware NAT Service - ok
17:07:31.0916 3052 [ E4B35C0C0BE5D37DA157304230C7A4C1 ] vmx86 E:\Windows\system32\drivers\vmx86.sys
17:07:31.0916 3052 vmx86 - ok
17:07:31.0916 3052 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr E:\Windows\system32\DRIVERS\volmgr.sys
17:07:31.0916 3052 volmgr - ok
17:07:31.0948 3052 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx E:\Windows\system32\drivers\volmgrx.sys
17:07:31.0948 3052 volmgrx - ok
17:07:31.0963 3052 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap E:\Windows\system32\DRIVERS\volsnap.sys
17:07:31.0963 3052 volsnap - ok
17:07:31.0994 3052 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid E:\Windows\system32\DRIVERS\vsmraid.sys
17:07:31.0994 3052 vsmraid - ok
17:07:32.0041 3052 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS E:\Windows\system32\vssvc.exe
17:07:32.0057 3052 VSS - ok
17:07:32.0072 3052 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus E:\Windows\system32\DRIVERS\vwifibus.sys
17:07:32.0072 3052 vwifibus - ok
17:07:32.0088 3052 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt E:\Windows\system32\DRIVERS\vwififlt.sys
17:07:32.0104 3052 vwififlt - ok
17:07:32.0135 3052 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp E:\Windows\system32\DRIVERS\vwifimp.sys
17:07:32.0135 3052 vwifimp - ok
17:07:32.0150 3052 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time E:\Windows\system32\w32time.dll
17:07:32.0166 3052 W32Time - ok
17:07:32.0166 3052 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen E:\Windows\system32\DRIVERS\wacompen.sys
17:07:32.0166 3052 WacomPen - ok
17:07:32.0197 3052 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP E:\Windows\system32\DRIVERS\wanarp.sys
17:07:32.0213 3052 WANARP - ok
17:07:32.0213 3052 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 E:\Windows\system32\DRIVERS\wanarp.sys
17:07:32.0213 3052 Wanarpv6 - ok
17:07:32.0244 3052 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine E:\Windows\system32\wbengine.exe
17:07:32.0260 3052 wbengine - ok
17:07:32.0291 3052 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc E:\Windows\System32\wbiosrvc.dll
17:07:32.0306 3052 WbioSrvc - ok
17:07:32.0322 3052 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc E:\Windows\System32\wcncsvc.dll
17:07:32.0322 3052 wcncsvc - ok
17:07:32.0353 3052 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService E:\Windows\System32\WcsPlugInService.dll
17:07:32.0353 3052 WcsPlugInService - ok
17:07:32.0369 3052 [ 72889E16FF12BA0F235467D6091B17DC ] Wd E:\Windows\system32\DRIVERS\wd.sys
17:07:32.0369 3052 Wd - ok
17:07:32.0400 3052 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 E:\Windows\system32\drivers\Wdf01000.sys
17:07:32.0400 3052 Wdf01000 - ok
17:07:32.0416 3052 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost E:\Windows\system32\wdi.dll
17:07:32.0416 3052 WdiServiceHost - ok
17:07:32.0431 3052 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost E:\Windows\system32\wdi.dll
17:07:32.0431 3052 WdiSystemHost - ok
17:07:32.0431 3052 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient E:\Windows\System32\webclnt.dll
17:07:32.0447 3052 WebClient - ok
17:07:32.0462 3052 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc E:\Windows\system32\wecsvc.dll
17:07:32.0478 3052 Wecsvc - ok
17:07:32.0478 3052 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport E:\Windows\System32\wercplsupport.dll
17:07:32.0478 3052 wercplsupport - ok
17:07:32.0509 3052 [ 6D137963730144698CBD10F202E9F251 ] WerSvc E:\Windows\System32\WerSvc.dll
17:07:32.0509 3052 WerSvc - ok
17:07:32.0525 3052 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf E:\Windows\system32\DRIVERS\wfplwf.sys
17:07:32.0525 3052 WfpLwf - ok
17:07:32.0540 3052 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount E:\Windows\system32\drivers\wimmount.sys
17:07:32.0540 3052 WIMMount - ok
17:07:32.0540 3052 WinHttpAutoProxySvc - ok
17:07:32.0587 3052 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt E:\Windows\system32\wbem\WMIsvc.dll
17:07:32.0587 3052 Winmgmt - ok
17:07:32.0665 3052 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM E:\Windows\system32\WsmSvc.dll
17:07:32.0681 3052 WinRM - ok
17:07:32.0743 3052 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb E:\Windows\system32\DRIVERS\WinUsb.sys
17:07:32.0743 3052 WinUsb - ok
17:07:32.0774 3052 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc E:\Windows\System32\wlansvc.dll
17:07:32.0774 3052 Wlansvc - ok
17:07:32.0790 3052 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi E:\Windows\system32\DRIVERS\wmiacpi.sys
17:07:32.0790 3052 WmiAcpi - ok
17:07:32.0821 3052 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv E:\Windows\system32\wbem\WmiApSrv.exe
17:07:32.0821 3052 wmiApSrv - ok
17:07:32.0837 3052 WMPNetworkSvc - ok
17:07:32.0868 3052 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc E:\Windows\System32\wpcsvc.dll
17:07:32.0868 3052 WPCSvc - ok
17:07:32.0884 3052 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum E:\Windows\system32\wpdbusenum.dll
17:07:32.0884 3052 WPDBusEnum - ok
17:07:32.0899 3052 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl E:\Windows\system32\drivers\ws2ifsl.sys
17:07:32.0899 3052 ws2ifsl - ok
17:07:32.0899 3052 WSearch - ok
17:07:32.0915 3052 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf E:\Windows\system32\drivers\WudfPf.sys
17:07:32.0915 3052 WudfPf - ok
17:07:32.0946 3052 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd E:\Windows\system32\DRIVERS\WUDFRd.sys
17:07:32.0946 3052 WUDFRd - ok
17:07:32.0962 3052 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc E:\Windows\System32\WUDFSvc.dll
17:07:32.0962 3052 wudfsvc - ok
17:07:32.0977 3052 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc E:\Windows\System32\wwansvc.dll
17:07:32.0993 3052 WwanSvc - ok
17:07:33.0055 3052 [ 15CC7077D2DC28776CD430ECABBFFD66 ] {22D78859-9CE9-4B77-BF18-AC83E81A9263} E:\Program Files (x86)\HP\QuickPlay\000.fcl
17:07:33.0055 3052 {22D78859-9CE9-4B77-BF18-AC83E81A9263} - ok
17:07:33.0102 3052 ================ Scan global ===============================
17:07:33.0118 3052 [ BA0CD8C393E8C9F83354106093832C7B ] E:\Windows\system32\basesrv.dll
17:07:33.0149 3052 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] E:\Windows\system32\winsrv.dll
17:07:33.0164 3052 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] E:\Windows\system32\winsrv.dll
17:07:33.0180 3052 [ D6160F9D869BA3AF0B787F971DB56368 ] E:\Windows\system32\sxssrv.dll
17:07:33.0211 3052 [ 50BEA589F7D7958BDD2528A8F69D05CC ] E:\Windows\system32\services.exe
17:07:33.0227 3052 [Global] - ok
17:07:33.0227 3052 ================ Scan MBR ==================================
17:07:33.0227 3052 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:07:33.0523 3052 \Device\Harddisk0\DR0 - ok
17:07:33.0554 3052 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
17:07:33.0632 3052 \Device\Harddisk1\DR1 - ok
17:07:33.0632 3052 [ 23B571400A29918F5392F6E85EEB756E ] \Device\Harddisk2\DR8
17:07:33.0804 3052 \Device\Harddisk2\DR8 - ok
17:07:33.0804 3052 ================ Scan VBR ==================================
17:07:33.0804 3052 [ F2611E177B051B45F12C68CD904C3982 ] \Device\Harddisk0\DR0\Partition1
17:07:33.0804 3052 \Device\Harddisk0\DR0\Partition1 - ok
17:07:33.0804 3052 [ 92C684E3D0A3E3AB9A886818AF44578D ] \Device\Harddisk0\DR0\Partition2
17:07:33.0804 3052 \Device\Harddisk0\DR0\Partition2 - ok
17:07:33.0835 3052 [ 776FBB192FB8C80BE2E6EFBF704F40E4 ] \Device\Harddisk1\DR1\Partition1
17:07:33.0835 3052 \Device\Harddisk1\DR1\Partition1 - ok
17:07:33.0835 3052 [ 2DEB45D747A7841C21231EF1CFC7DD72 ] \Device\Harddisk2\DR8\Partition1
17:07:33.0835 3052 \Device\Harddisk2\DR8\Partition1 - ok
17:07:33.0835 3052 ============================================================
17:07:33.0835 3052 Scan finished
17:07:33.0835 3052 ============================================================
17:07:33.0866 4120 Detected object count: 0
17:07:33.0866 4120 Actual detected object count: 0
17:08:11.0012 5020 Deinitialize success

And the ESET Scan log:


E:\Program Files (x86)\1ClickDownload\1ClickSettingsManager.exe Win32/Adware.1ClickDownload.E application cleaned by deleting - quarantined
E:\Program Files (x86)\1ClickDownload\mainpackfa.exe Win32/Adware.1ClickDownload.E application cleaned by deleting - quarantined
E:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
E:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
E:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe probably a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
E:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
E:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
E:\Program Files (x86)\Yontoo\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
E:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
E:\Users\[X]\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6JHDPYWW\MainPackFA_2701[1].exe Win32/Adware.1ClickDownload.E application cleaned by deleting - quarantined
E:\Users\[X]\AppData\Local\Temp\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
E:\Users\[X]\AppData\Local\Temp\YontooSetup-S.exe probably a variant of Win32/Adware.DHFRTZA application cleaned by deleting - quarantined
E:\Users\[X]\AppData\Local\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
E:\Users\[X]\Downloads\Setup_FreeAVCHDConverter.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
E:\Windows\AutoKMS\AutoKMS.exe probably a variant of Win32/HackKMS.B application cleaned by deleting - quarantined
E:\Windows\Installer\{c0103ebd-fd21-15be-62f0-2a3d97202df5}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
E:\Windows\Installer\{c0103ebd-fd21-15be-62f0-2a3d97202df5}\U\000000cb.@ Win64/Conedex.B trojan cleaned by deleting - quarantined
E:\Windows\Installer\{c0103ebd-fd21-15be-62f0-2a3d97202df5}\U\80000000.@ Win64/Sirefef.AP trojan cleaned by deleting - quarantined
E:\Windows\Installer\{c0103ebd-fd21-15be-62f0-2a3d97202df5}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
Operating memory a variant of Win32/Sirefef.EZ trojan


Thanks in advance!

Edited by mynameisnotrobert, 21 August 2012 - 07:04 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:29 AM

Posted 21 August 2012 - 08:32 PM

Restart the PC,download a new copy of TDSSkiller,scan it and post the new log


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Post the log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#7 mynameisnotrobert

mynameisnotrobert
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 24 August 2012 - 04:56 PM

Here's the new TDSSkiller log

16:05:14.0225 2724 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
16:05:14.0584 2724 ============================================================
16:05:14.0584 2724 Current date / time: 2012/08/24 16:05:14.0584
16:05:14.0584 2724 SystemInfo:
16:05:14.0584 2724
16:05:14.0584 2724 OS Version: 6.1.7600 ServicePack: 0.0
16:05:14.0584 2724 Product type: Workstation
16:05:14.0584 2724 ComputerName: VB46GIVMI6
16:05:14.0584 2724 UserName: [X]
16:05:14.0584 2724 Windows directory: E:\Windows
16:05:14.0584 2724 System windows directory: E:\Windows
16:05:14.0584 2724 Running under WOW64
16:05:14.0584 2724 Processor architecture: Intel x64
16:05:14.0584 2724 Number of processors: 4
16:05:14.0584 2724 Page size: 0x1000
16:05:14.0584 2724 Boot type: Normal boot
16:05:14.0584 2724 ============================================================
16:05:16.0004 2724 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:05:16.0004 2724 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:05:16.0066 2724 ============================================================
16:05:16.0066 2724 \Device\Harddisk0\DR0:
16:05:16.0066 2724 MBR partitions:
16:05:16.0066 2724 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x38C81BA4
16:05:16.0066 2724 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38C81BE3, BlocksNum 0x170305E
16:05:16.0066 2724 \Device\Harddisk1\DR1:
16:05:16.0066 2724 MBR partitions:
16:05:16.0066 2724 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
16:05:16.0066 2724 ============================================================
16:05:16.0097 2724 C: <-> \Device\Harddisk0\DR0\Partition1
16:05:16.0113 2724 E: <-> \Device\Harddisk1\DR1\Partition1
16:05:16.0144 2724 D: <-> \Device\Harddisk0\DR0\Partition2
16:05:16.0144 2724 ============================================================
16:05:16.0144 2724 Initialize success
16:05:16.0144 2724 ============================================================
16:05:35.0831 5876 ============================================================
16:05:35.0831 5876 Scan started
16:05:35.0831 5876 Mode: Manual; TDLFS;
16:05:35.0831 5876 ============================================================
16:05:36.0845 5876 ================ Scan system memory ========================
16:05:36.0845 5876 System memory - ok
16:05:36.0845 5876 ================ Scan services =============================
16:05:36.0986 5876 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci E:\Windows\system32\DRIVERS\1394ohci.sys
16:05:36.0986 5876 1394ohci - ok
16:05:37.0017 5876 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI E:\Windows\system32\DRIVERS\ACPI.sys
16:05:37.0017 5876 ACPI - ok
16:05:37.0033 5876 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi E:\Windows\system32\DRIVERS\acpipmi.sys
16:05:37.0033 5876 AcpiPmi - ok
16:05:37.0173 5876 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:05:37.0189 5876 AdobeARMservice - ok
16:05:37.0220 5876 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx E:\Windows\system32\DRIVERS\adp94xx.sys
16:05:37.0220 5876 adp94xx - ok
16:05:37.0267 5876 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci E:\Windows\system32\DRIVERS\adpahci.sys
16:05:37.0267 5876 adpahci - ok
16:05:37.0282 5876 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 E:\Windows\system32\DRIVERS\adpu320.sys
16:05:37.0282 5876 adpu320 - ok
16:05:37.0313 5876 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc E:\Windows\System32\aelupsvc.dll
16:05:37.0313 5876 AeLookupSvc - ok
16:05:37.0376 5876 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD E:\Windows\system32\drivers\afd.sys
16:05:37.0376 5876 AFD - ok
16:05:37.0391 5876 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 E:\Windows\system32\DRIVERS\agp440.sys
16:05:37.0407 5876 agp440 - ok
16:05:37.0423 5876 [ 3290D6946B5E30E70414990574883DDB ] ALG E:\Windows\System32\alg.exe
16:05:37.0423 5876 ALG - ok
16:05:37.0438 5876 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide E:\Windows\system32\DRIVERS\aliide.sys
16:05:37.0438 5876 aliide - ok
16:05:37.0438 5876 [ 1FF8B4431C353CE385C875F194924C0C ] amdide E:\Windows\system32\DRIVERS\amdide.sys
16:05:37.0438 5876 amdide - ok
16:05:37.0454 5876 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 E:\Windows\system32\DRIVERS\amdk8.sys
16:05:37.0454 5876 AmdK8 - ok
16:05:37.0469 5876 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM E:\Windows\system32\DRIVERS\amdppm.sys
16:05:37.0469 5876 AmdPPM - ok
16:05:37.0485 5876 [ 7A4B413614C055935567CF88A9734D38 ] amdsata E:\Windows\system32\DRIVERS\amdsata.sys
16:05:37.0485 5876 amdsata - ok
16:05:37.0501 5876 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs E:\Windows\system32\DRIVERS\amdsbs.sys
16:05:37.0501 5876 amdsbs - ok
16:05:37.0516 5876 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata E:\Windows\system32\DRIVERS\amdxata.sys
16:05:37.0516 5876 amdxata - ok
16:05:37.0532 5876 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID E:\Windows\system32\drivers\appid.sys
16:05:37.0547 5876 AppID - ok
16:05:37.0563 5876 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc E:\Windows\System32\appidsvc.dll
16:05:37.0563 5876 AppIDSvc - ok
16:05:37.0579 5876 [ D065BE66822847B7F127D1F90158376E ] Appinfo E:\Windows\System32\appinfo.dll
16:05:37.0579 5876 Appinfo - ok
16:05:37.0688 5876 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:05:37.0688 5876 Apple Mobile Device - ok
16:05:37.0719 5876 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt E:\Windows\System32\appmgmts.dll
16:05:37.0735 5876 AppMgmt - ok
16:05:37.0750 5876 [ C484F8CEB1717C540242531DB7845C4E ] arc E:\Windows\system32\DRIVERS\arc.sys
16:05:37.0750 5876 arc - ok
16:05:37.0766 5876 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas E:\Windows\system32\DRIVERS\arcsas.sys
16:05:37.0766 5876 arcsas - ok
16:05:37.0813 5876 aspnet_state - ok
16:05:37.0828 5876 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac E:\Windows\system32\DRIVERS\asyncmac.sys
16:05:37.0828 5876 AsyncMac - ok
16:05:37.0859 5876 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi E:\Windows\system32\DRIVERS\atapi.sys
16:05:37.0859 5876 atapi - ok
16:05:37.0891 5876 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder E:\Windows\System32\Audiosrv.dll
16:05:37.0891 5876 AudioEndpointBuilder - ok
16:05:37.0906 5876 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv E:\Windows\System32\Audiosrv.dll
16:05:37.0906 5876 AudioSrv - ok
16:05:38.0078 5876 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent E:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
16:05:38.0093 5876 AVGIDSAgent - ok
16:05:38.0140 5876 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver E:\Windows\system32\DRIVERS\avgidsdrivera.sys
16:05:38.0140 5876 AVGIDSDriver - ok
16:05:38.0156 5876 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter E:\Windows\system32\DRIVERS\avgidsfiltera.sys
16:05:38.0156 5876 AVGIDSFilter - ok
16:05:38.0187 5876 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA E:\Windows\system32\DRIVERS\avgidsha.sys
16:05:38.0187 5876 AVGIDSHA - ok
16:05:38.0203 5876 [ 59955B4C288DD2A8B9FD2CD5158355C5 ] Avgldx64 E:\Windows\system32\DRIVERS\avgldx64.sys
16:05:38.0203 5876 Avgldx64 - ok
16:05:38.0218 5876 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 E:\Windows\system32\DRIVERS\avgmfx64.sys
16:05:38.0218 5876 Avgmfx64 - ok
16:05:38.0249 5876 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 E:\Windows\system32\DRIVERS\avgrkx64.sys
16:05:38.0249 5876 Avgrkx64 - ok
16:05:38.0281 5876 [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia E:\Windows\system32\DRIVERS\avgtdia.sys
16:05:38.0281 5876 Avgtdia - ok
16:05:38.0312 5876 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd E:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
16:05:38.0312 5876 avgwd - ok
16:05:38.0343 5876 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV E:\Windows\System32\AxInstSV.dll
16:05:38.0343 5876 AxInstSV - ok
16:05:38.0390 5876 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv E:\Windows\system32\DRIVERS\bxvbda.sys
16:05:38.0390 5876 b06bdrv - ok
16:05:38.0421 5876 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a E:\Windows\system32\DRIVERS\b57nd60a.sys
16:05:38.0421 5876 b57nd60a - ok
16:05:38.0452 5876 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC E:\Windows\System32\bdesvc.dll
16:05:38.0452 5876 BDESVC - ok
16:05:38.0468 5876 [ 16A47CE2DECC9B099349A5F840654746 ] Beep E:\Windows\system32\drivers\Beep.sys
16:05:38.0468 5876 Beep - ok
16:05:38.0483 5876 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive E:\Windows\system32\DRIVERS\blbdrive.sys
16:05:38.0483 5876 blbdrive - ok
16:05:38.0608 5876 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service E:\Program Files\Bonjour\mDNSResponder.exe
16:05:38.0624 5876 Bonjour Service - ok
16:05:38.0671 5876 [ 19D20159708E152267E53B66677A4995 ] bowser E:\Windows\system32\DRIVERS\bowser.sys
16:05:38.0671 5876 bowser - ok
16:05:38.0686 5876 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo E:\Windows\system32\DRIVERS\BrFiltLo.sys
16:05:38.0686 5876 BrFiltLo - ok
16:05:38.0702 5876 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp E:\Windows\system32\DRIVERS\BrFiltUp.sys
16:05:38.0702 5876 BrFiltUp - ok
16:05:38.0717 5876 [ 5C2F352A4E961D72518261257AAE204B ] Bridge E:\Windows\system32\DRIVERS\bridge.sys
16:05:38.0717 5876 Bridge - ok
16:05:38.0733 5876 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP E:\Windows\system32\DRIVERS\bridge.sys
16:05:38.0733 5876 BridgeMP - ok
16:05:38.0749 5876 [ 94FBC06F294D58D02361918418F996E3 ] Browser E:\Windows\System32\browser.dll
16:05:38.0764 5876 Browser - ok
16:05:38.0780 5876 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid E:\Windows\System32\Drivers\Brserid.sys
16:05:38.0780 5876 Brserid - ok
16:05:38.0795 5876 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm E:\Windows\System32\Drivers\BrSerWdm.sys
16:05:38.0795 5876 BrSerWdm - ok
16:05:38.0811 5876 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm E:\Windows\System32\Drivers\BrUsbMdm.sys
16:05:38.0811 5876 BrUsbMdm - ok
16:05:38.0827 5876 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer E:\Windows\System32\Drivers\BrUsbSer.sys
16:05:38.0827 5876 BrUsbSer - ok
16:05:38.0858 5876 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM E:\Windows\system32\DRIVERS\bthmodem.sys
16:05:38.0858 5876 BTHMODEM - ok
16:05:38.0873 5876 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv E:\Windows\system32\bthserv.dll
16:05:38.0873 5876 bthserv - ok
16:05:38.0889 5876 [ B8BD2BB284668C84865658C77574381A ] cdfs E:\Windows\system32\DRIVERS\cdfs.sys
16:05:38.0889 5876 cdfs - ok
16:05:38.0920 5876 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom E:\Windows\system32\DRIVERS\cdrom.sys
16:05:38.0920 5876 cdrom - ok
16:05:38.0936 5876 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc E:\Windows\System32\certprop.dll
16:05:38.0936 5876 CertPropSvc - ok
16:05:38.0967 5876 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass E:\Windows\system32\DRIVERS\circlass.sys
16:05:38.0967 5876 circlass - ok
16:05:38.0983 5876 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS E:\Windows\system32\CLFS.sys
16:05:38.0983 5876 CLFS - ok
16:05:39.0014 5876 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 E:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:05:39.0029 5876 clr_optimization_v2.0.50727_32 - ok
16:05:39.0061 5876 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 E:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:05:39.0061 5876 clr_optimization_v2.0.50727_64 - ok
16:05:39.0139 5876 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:05:39.0139 5876 clr_optimization_v4.0.30319_32 - ok
16:05:39.0185 5876 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 E:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:05:39.0185 5876 clr_optimization_v4.0.30319_64 - ok
16:05:39.0217 5876 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt E:\Windows\system32\DRIVERS\CmBatt.sys
16:05:39.0217 5876 CmBatt - ok
16:05:39.0232 5876 [ E19D3F095812725D88F9001985B94EDD ] cmdide E:\Windows\system32\DRIVERS\cmdide.sys
16:05:39.0232 5876 cmdide - ok
16:05:39.0263 5876 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG E:\Windows\system32\Drivers\cng.sys
16:05:39.0279 5876 CNG - ok
16:05:39.0295 5876 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt E:\Windows\system32\DRIVERS\compbatt.sys
16:05:39.0295 5876 Compbatt - ok
16:05:39.0326 5876 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus E:\Windows\system32\DRIVERS\CompositeBus.sys
16:05:39.0326 5876 CompositeBus - ok
16:05:39.0341 5876 COMSysApp - ok
16:05:39.0341 5876 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk E:\Windows\system32\DRIVERS\crcdisk.sys
16:05:39.0341 5876 crcdisk - ok
16:05:39.0388 5876 [ F02786B66375292E58C8777082D4396D ] CryptSvc E:\Windows\system32\cryptsvc.dll
16:05:39.0388 5876 CryptSvc - ok
16:05:39.0419 5876 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC E:\Windows\system32\drivers\csc.sys
16:05:39.0419 5876 CSC - ok
16:05:39.0451 5876 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService E:\Windows\System32\cscsvc.dll
16:05:39.0451 5876 CscService - ok
16:05:39.0497 5876 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch E:\Windows\system32\rpcss.dll
16:05:39.0497 5876 DcomLaunch - ok
16:05:39.0544 5876 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc E:\Windows\System32\defragsvc.dll
16:05:39.0544 5876 defragsvc - ok
16:05:39.0591 5876 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC E:\Windows\system32\Drivers\dfsc.sys
16:05:39.0591 5876 DfsC - ok
16:05:39.0622 5876 [ CE3B9562D997F69B330D181A8875960F ] Dhcp E:\Windows\system32\dhcpcore.dll
16:05:39.0622 5876 Dhcp - ok
16:05:39.0638 5876 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache E:\Windows\system32\drivers\discache.sys
16:05:39.0638 5876 discache - ok
16:05:39.0653 5876 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk E:\Windows\system32\DRIVERS\disk.sys
16:05:39.0653 5876 Disk - ok
16:05:39.0700 5876 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache E:\Windows\System32\dnsrslvr.dll
16:05:39.0700 5876 Dnscache - ok
16:05:39.0731 5876 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc E:\Windows\System32\dot3svc.dll
16:05:39.0731 5876 dot3svc - ok
16:05:39.0778 5876 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 E:\Windows\system32\DRIVERS\Dot4.sys
16:05:39.0778 5876 Dot4 - ok
16:05:39.0825 5876 [ 85135AD27E79B689335C08167D917CDE ] Dot4Print E:\Windows\system32\DRIVERS\Dot4Prt.sys
16:05:39.0825 5876 Dot4Print - ok
16:05:39.0841 5876 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb E:\Windows\system32\DRIVERS\dot4usb.sys
16:05:39.0841 5876 dot4usb - ok
16:05:39.0856 5876 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS E:\Windows\system32\dps.dll
16:05:39.0856 5876 DPS - ok
16:05:39.0887 5876 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud E:\Windows\system32\drivers\drmkaud.sys
16:05:39.0887 5876 drmkaud - ok
16:05:39.0965 5876 [ 95A91D77BA6F4DAC59380FB19FFF9D60 ] DSDrv4 E:\PROGRA~2\DScaler\DSDrv4.sys
16:05:39.0965 5876 DSDrv4 - ok
16:05:39.0965 5876 [ A64CB62BACE27CDE2F1EC53D5AC63503 ] DSDrv4AMD64 E:\PROGRA~2\DScaler\DSDRV4~2.SYS
16:05:39.0965 5876 DSDrv4AMD64 - ok
16:05:40.0012 5876 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl E:\Windows\System32\drivers\dxgkrnl.sys
16:05:40.0028 5876 DXGKrnl - ok
16:05:40.0043 5876 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost E:\Windows\System32\eapsvc.dll
16:05:40.0043 5876 EapHost - ok
16:05:40.0121 5876 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv E:\Windows\system32\DRIVERS\evbda.sys
16:05:40.0153 5876 ebdrv - ok
16:05:40.0199 5876 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS E:\Windows\System32\lsass.exe
16:05:40.0199 5876 EFS - ok
16:05:40.0262 5876 [ AF2CCD0078F51BC498629D21AC73236B ] ehRecvr E:\Windows\ehome\ehRecvr.exe
16:05:40.0262 5876 ehRecvr - ok
16:05:40.0293 5876 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched E:\Windows\ehome\ehsched.exe
16:05:40.0293 5876 ehSched - ok
16:05:40.0355 5876 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO E:\Windows\system32\Drivers\ElbyCDIO.sys
16:05:40.0355 5876 ElbyCDIO - ok
16:05:40.0387 5876 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor E:\Windows\system32\DRIVERS\elxstor.sys
16:05:40.0402 5876 elxstor - ok
16:05:40.0418 5876 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev E:\Windows\system32\DRIVERS\errdev.sys
16:05:40.0418 5876 ErrDev - ok
16:05:40.0449 5876 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem E:\Windows\system32\es.dll
16:05:40.0449 5876 EventSystem - ok
16:05:40.0465 5876 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat E:\Windows\system32\drivers\exfat.sys
16:05:40.0480 5876 exfat - ok
16:05:40.0496 5876 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat E:\Windows\system32\drivers\fastfat.sys
16:05:40.0496 5876 fastfat - ok
16:05:40.0527 5876 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax E:\Windows\system32\fxssvc.exe
16:05:40.0543 5876 Fax - ok
16:05:40.0558 5876 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc E:\Windows\system32\DRIVERS\fdc.sys
16:05:40.0558 5876 fdc - ok
16:05:40.0574 5876 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost E:\Windows\system32\fdPHost.dll
16:05:40.0574 5876 fdPHost - ok
16:05:40.0589 5876 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub E:\Windows\system32\fdrespub.dll
16:05:40.0589 5876 FDResPub - ok
16:05:40.0621 5876 FileDisk - ok
16:05:40.0636 5876 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo E:\Windows\system32\drivers\fileinfo.sys
16:05:40.0636 5876 FileInfo - ok
16:05:40.0652 5876 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace E:\Windows\system32\drivers\filetrace.sys
16:05:40.0652 5876 Filetrace - ok
16:05:40.0683 5876 FingerPrint - ok
16:05:40.0699 5876 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk E:\Windows\system32\DRIVERS\flpydisk.sys
16:05:40.0699 5876 flpydisk - ok
16:05:40.0714 5876 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr E:\Windows\system32\drivers\fltmgr.sys
16:05:40.0714 5876 FltMgr - ok
16:05:40.0777 5876 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache E:\Windows\system32\FntCache.dll
16:05:40.0777 5876 FontCache - ok
16:05:40.0823 5876 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 E:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:05:40.0823 5876 FontCache3.0.0.0 - ok
16:05:40.0839 5876 [ D43703496149971890703B4B1B723EAC ] FsDepends E:\Windows\system32\drivers\FsDepends.sys
16:05:40.0839 5876 FsDepends - ok
16:05:40.0870 5876 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec E:\Windows\system32\drivers\Fs_Rec.sys
16:05:40.0870 5876 Fs_Rec - ok
16:05:40.0901 5876 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol E:\Windows\system32\DRIVERS\fvevol.sys
16:05:40.0901 5876 fvevol - ok
16:05:40.0917 5876 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx E:\Windows\system32\DRIVERS\gagp30kx.sys
16:05:40.0917 5876 gagp30kx - ok
16:05:40.0948 5876 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM E:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:05:40.0964 5876 GEARAspiWDM - ok
16:05:41.0011 5876 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc E:\Windows\System32\gpsvc.dll
16:05:41.0011 5876 gpsvc - ok
16:05:41.0073 5876 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:05:41.0073 5876 gupdate - ok
16:05:41.0089 5876 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:05:41.0089 5876 gupdatem - ok
16:05:41.0198 5876 [ D8239E3E365DE4AA306128316CD758ED ] Hauppauge WinTV Extender E:\PROGRA~2\WinTV\Extend\WINTVE~1.EXE
16:05:41.0198 5876 Hauppauge WinTV Extender - ok
16:05:41.0291 5876 [ 1DBBF9BE473F6CA2F2F4182FCCF563DC ] HauppaugeTVServer E:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE
16:05:41.0291 5876 HauppaugeTVServer - ok
16:05:41.0338 5876 [ 5BF776ABEDEA06B0779C82E9D54B58D7 ] hcmon E:\Windows\system32\drivers\hcmon.sys
16:05:41.0338 5876 hcmon - ok
16:05:41.0401 5876 [ EADBB46445D527377D4AE3EFBEEA25BB ] HCW85BDA E:\Windows\system32\drivers\HCW85BDA.sys
16:05:41.0416 5876 HCW85BDA - ok
16:05:41.0447 5876 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService E:\Windows\system32\drivers\HdAudio.sys
16:05:41.0463 5876 HdAudAddService - ok
16:05:41.0479 5876 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus E:\Windows\system32\DRIVERS\HDAudBus.sys
16:05:41.0479 5876 HDAudBus - ok
16:05:41.0494 5876 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt E:\Windows\system32\DRIVERS\HidBatt.sys
16:05:41.0494 5876 HidBatt - ok
16:05:41.0525 5876 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth E:\Windows\system32\DRIVERS\hidbth.sys
16:05:41.0525 5876 HidBth - ok
16:05:41.0541 5876 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr E:\Windows\system32\DRIVERS\hidir.sys
16:05:41.0541 5876 HidIr - ok
16:05:41.0572 5876 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv E:\Windows\system32\hidserv.dll
16:05:41.0572 5876 hidserv - ok
16:05:41.0619 5876 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb E:\Windows\system32\DRIVERS\hidusb.sys
16:05:41.0619 5876 HidUsb - ok
16:05:41.0650 5876 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc E:\Windows\system32\kmsvc.dll
16:05:41.0650 5876 hkmsvc - ok
16:05:41.0666 5876 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener E:\Windows\system32\ListSvc.dll
16:05:41.0666 5876 HomeGroupListener - ok
16:05:41.0697 5876 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider E:\Windows\system32\provsvc.dll
16:05:41.0697 5876 HomeGroupProvider - ok
16:05:41.0728 5876 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD E:\Windows\system32\DRIVERS\HpSAMD.sys
16:05:41.0744 5876 HpSAMD - ok
16:05:41.0775 5876 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP E:\Windows\system32\drivers\HTTP.sys
16:05:41.0775 5876 HTTP - ok
16:05:41.0791 5876 [ F17766A19145F111856378DF337A5D79 ] hwpolicy E:\Windows\system32\drivers\hwpolicy.sys
16:05:41.0791 5876 hwpolicy - ok
16:05:41.0806 5876 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt E:\Windows\system32\DRIVERS\i8042prt.sys
16:05:41.0806 5876 i8042prt - ok
16:05:41.0837 5876 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV E:\Windows\system32\DRIVERS\iaStorV.sys
16:05:41.0853 5876 iaStorV - ok
16:05:41.0900 5876 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc E:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:05:41.0915 5876 idsvc - ok
16:05:42.0056 5876 [ 24CC43ECDEEFD4C19FBBEE4951B647F1 ] igfx E:\Windows\system32\DRIVERS\igdkmd64.sys
16:05:42.0118 5876 igfx - ok
16:05:42.0149 5876 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp E:\Windows\system32\DRIVERS\iirsp.sys
16:05:42.0149 5876 iirsp - ok
16:05:42.0181 5876 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT E:\Windows\System32\ikeext.dll
16:05:42.0196 5876 IKEEXT - ok
16:05:42.0337 5876 [ 028E40182A6F0374978C755F85B9F07C ] IntcAzAudAddService E:\Windows\system32\drivers\RTKVHD64.sys
16:05:42.0352 5876 IntcAzAudAddService - ok
16:05:42.0352 5876 [ F00F20E70C6EC3AA366910083A0518AA ] intelide E:\Windows\system32\DRIVERS\intelide.sys
16:05:42.0352 5876 intelide - ok
16:05:42.0383 5876 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm E:\Windows\system32\DRIVERS\intelppm.sys
16:05:42.0383 5876 intelppm - ok
16:05:42.0399 5876 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum E:\Windows\system32\ipbusenum.dll
16:05:42.0399 5876 IPBusEnum - ok
16:05:42.0415 5876 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver E:\Windows\system32\DRIVERS\ipfltdrv.sys
16:05:42.0415 5876 IpFilterDriver - ok
16:05:42.0430 5876 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV E:\Windows\system32\DRIVERS\IPMIDrv.sys
16:05:42.0430 5876 IPMIDRV - ok
16:05:42.0446 5876 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT E:\Windows\system32\drivers\ipnat.sys
16:05:42.0446 5876 IPNAT - ok
16:05:42.0493 5876 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service E:\Program Files\iPod\bin\iPodService.exe
16:05:42.0508 5876 iPod Service - ok
16:05:42.0524 5876 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM E:\Windows\system32\drivers\irenum.sys
16:05:42.0524 5876 IRENUM - ok
16:05:42.0539 5876 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp E:\Windows\system32\DRIVERS\isapnp.sys
16:05:42.0539 5876 isapnp - ok
16:05:42.0571 5876 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt E:\Windows\system32\DRIVERS\msiscsi.sys
16:05:42.0571 5876 iScsiPrt - ok
16:05:42.0586 5876 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass E:\Windows\system32\DRIVERS\kbdclass.sys
16:05:42.0586 5876 kbdclass - ok
16:05:42.0617 5876 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid E:\Windows\system32\DRIVERS\kbdhid.sys
16:05:42.0617 5876 kbdhid - ok
16:05:42.0633 5876 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso E:\Windows\system32\lsass.exe
16:05:42.0633 5876 KeyIso - ok
16:05:42.0664 5876 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD E:\Windows\system32\Drivers\ksecdd.sys
16:05:42.0664 5876 KSecDD - ok
16:05:42.0680 5876 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg E:\Windows\system32\Drivers\ksecpkg.sys
16:05:42.0680 5876 KSecPkg - ok
16:05:42.0695 5876 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk E:\Windows\system32\drivers\ksthunk.sys
16:05:42.0695 5876 ksthunk - ok
16:05:42.0742 5876 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm E:\Windows\system32\msdtckrm.dll
16:05:42.0742 5876 KtmRm - ok
16:05:42.0789 5876 [ F33C5D79D3273530E1892A0922283A7B ] L8042Kbd E:\Windows\system32\DRIVERS\L8042Kbd.sys
16:05:42.0789 5876 L8042Kbd - ok
16:05:42.0805 5876 [ A6FE2E63441094074F57243FB0FDB45A ] L8042mou E:\Windows\system32\DRIVERS\L8042mou.Sys
16:05:42.0805 5876 L8042mou - ok
16:05:42.0820 5876 L8042PR2 - ok
16:05:42.0851 5876 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer E:\Windows\system32\srvsvc.dll
16:05:42.0851 5876 LanmanServer - ok
16:05:42.0883 5876 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation E:\Windows\System32\wkssvc.dll
16:05:42.0883 5876 LanmanWorkstation - ok
16:05:42.0961 5876 [ 88E52495B47C67126B510AF53FDB0BC7 ] LBTServ E:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
16:05:42.0961 5876 LBTServ - ok
16:05:43.0039 5876 [ 71C6A95A5F0CCC87298C4DD0F2C3635A ] LightScribeService E:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
16:05:43.0039 5876 LightScribeService - ok
16:05:43.0085 5876 [ 1538831CF8AD2979A04C423779465827 ] lltdio E:\Windows\system32\DRIVERS\lltdio.sys
16:05:43.0085 5876 lltdio - ok
16:05:43.0117 5876 [ C1185803384AB3FEED115F79F109427F ] lltdsvc E:\Windows\System32\lltdsvc.dll
16:05:43.0117 5876 lltdsvc - ok
16:05:43.0132 5876 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts E:\Windows\System32\lmhsvc.dll
16:05:43.0132 5876 lmhosts - ok
16:05:43.0148 5876 LMouFlt2 - ok
16:05:43.0163 5876 [ F518C34C137348B7DBE5343ACC646A1C ] LMouKE E:\Windows\system32\DRIVERS\LMouKE.Sys
16:05:43.0163 5876 LMouKE - ok
16:05:43.0195 5876 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC E:\Windows\system32\DRIVERS\lsi_fc.sys
16:05:43.0195 5876 LSI_FC - ok
16:05:43.0226 5876 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS E:\Windows\system32\DRIVERS\lsi_sas.sys
16:05:43.0226 5876 LSI_SAS - ok
16:05:43.0226 5876 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 E:\Windows\system32\DRIVERS\lsi_sas2.sys
16:05:43.0241 5876 LSI_SAS2 - ok
16:05:43.0241 5876 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI E:\Windows\system32\DRIVERS\lsi_scsi.sys
16:05:43.0241 5876 LSI_SCSI - ok
16:05:43.0273 5876 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv E:\Windows\system32\drivers\luafv.sys
16:05:43.0273 5876 luafv - ok
16:05:43.0304 5876 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector E:\Windows\system32\drivers\mbam.sys
16:05:43.0319 5876 MBAMProtector - ok
16:05:43.0351 5876 [ 43683E970F008C93C9429EF428147A54 ] MBAMService E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:05:43.0366 5876 MBAMService - ok
16:05:43.0413 5876 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus E:\Windows\system32\DRIVERS\mcdbus.sys
16:05:43.0413 5876 mcdbus - ok
16:05:43.0444 5876 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc E:\Windows\system32\Mcx2Svc.dll
16:05:43.0444 5876 Mcx2Svc - ok
16:05:43.0538 5876 [ E416E967E3FB6FB1E9AE12B9C7DAB526 ] MDM E:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
16:05:43.0538 5876 MDM - ok
16:05:43.0553 5876 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas E:\Windows\system32\DRIVERS\megasas.sys
16:05:43.0553 5876 megasas - ok
16:05:43.0569 5876 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR E:\Windows\system32\DRIVERS\MegaSR.sys
16:05:43.0569 5876 MegaSR - ok
16:05:43.0631 5876 Microsoft SharePoint Workspace Audit Service - ok
16:05:43.0663 5876 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS E:\Windows\system32\mmcss.dll
16:05:43.0663 5876 MMCSS - ok
16:05:43.0678 5876 [ 800BA92F7010378B09F9ED9270F07137 ] Modem E:\Windows\system32\drivers\modem.sys
16:05:43.0678 5876 Modem - ok
16:05:43.0709 5876 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor E:\Windows\system32\DRIVERS\monitor.sys
16:05:43.0709 5876 monitor - ok
16:05:43.0725 5876 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass E:\Windows\system32\DRIVERS\mouclass.sys
16:05:43.0741 5876 mouclass - ok
16:05:43.0756 5876 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid E:\Windows\system32\DRIVERS\mouhid.sys
16:05:43.0756 5876 mouhid - ok
16:05:43.0772 5876 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr E:\Windows\system32\drivers\mountmgr.sys
16:05:43.0772 5876 mountmgr - ok
16:05:43.0772 5876 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio E:\Windows\system32\DRIVERS\mpio.sys
16:05:43.0787 5876 mpio - ok
16:05:43.0803 5876 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv E:\Windows\system32\drivers\mpsdrv.sys
16:05:43.0803 5876 mpsdrv - ok
16:05:43.0819 5876 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV E:\Windows\system32\drivers\mrxdav.sys
16:05:43.0819 5876 MRxDAV - ok
16:05:43.0850 5876 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb E:\Windows\system32\DRIVERS\mrxsmb.sys
16:05:43.0865 5876 mrxsmb - ok
16:05:43.0881 5876 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 E:\Windows\system32\DRIVERS\mrxsmb10.sys
16:05:43.0881 5876 mrxsmb10 - ok
16:05:43.0897 5876 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 E:\Windows\system32\DRIVERS\mrxsmb20.sys
16:05:43.0897 5876 mrxsmb20 - ok
16:05:43.0912 5876 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci E:\Windows\system32\DRIVERS\msahci.sys
16:05:43.0912 5876 msahci - ok
16:05:43.0928 5876 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm E:\Windows\system32\DRIVERS\msdsm.sys
16:05:43.0928 5876 msdsm - ok
16:05:43.0943 5876 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC E:\Windows\System32\msdtc.exe
16:05:43.0943 5876 MSDTC - ok
16:05:43.0975 5876 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs E:\Windows\system32\drivers\Msfs.sys
16:05:43.0975 5876 Msfs - ok
16:05:43.0975 5876 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf E:\Windows\System32\drivers\mshidkmdf.sys
16:05:43.0975 5876 mshidkmdf - ok
16:05:43.0990 5876 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv E:\Windows\system32\DRIVERS\msisadrv.sys
16:05:43.0990 5876 msisadrv - ok
16:05:44.0037 5876 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI E:\Windows\system32\iscsiexe.dll
16:05:44.0037 5876 MSiSCSI - ok
16:05:44.0037 5876 msiserver - ok
16:05:44.0053 5876 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV E:\Windows\system32\drivers\MSKSSRV.sys
16:05:44.0068 5876 MSKSSRV - ok
16:05:44.0068 5876 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK E:\Windows\system32\drivers\MSPCLOCK.sys
16:05:44.0084 5876 MSPCLOCK - ok
16:05:44.0099 5876 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM E:\Windows\system32\drivers\MSPQM.sys
16:05:44.0099 5876 MSPQM - ok
16:05:44.0099 5876 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC E:\Windows\system32\drivers\MsRPC.sys
16:05:44.0099 5876 MsRPC - ok
16:05:44.0115 5876 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios E:\Windows\system32\DRIVERS\mssmbios.sys
16:05:44.0115 5876 mssmbios - ok
16:05:44.0131 5876 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE E:\Windows\system32\drivers\MSTEE.sys
16:05:44.0131 5876 MSTEE - ok
16:05:44.0146 5876 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig E:\Windows\system32\DRIVERS\MTConfig.sys
16:05:44.0146 5876 MTConfig - ok
16:05:44.0177 5876 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup E:\Windows\system32\Drivers\mup.sys
16:05:44.0177 5876 Mup - ok
16:05:44.0209 5876 [ 4987E079A4530FA737A128BE54B63B12 ] napagent E:\Windows\system32\qagentRT.dll
16:05:44.0224 5876 napagent - ok
16:05:44.0271 5876 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP E:\Windows\system32\DRIVERS\nwifi.sys
16:05:44.0271 5876 NativeWifiP - ok
16:05:44.0302 5876 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS E:\Windows\system32\drivers\ndis.sys
16:05:44.0302 5876 NDIS - ok
16:05:44.0318 5876 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap E:\Windows\system32\DRIVERS\ndiscap.sys
16:05:44.0333 5876 NdisCap - ok
16:05:44.0349 5876 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi E:\Windows\system32\DRIVERS\ndistapi.sys
16:05:44.0349 5876 NdisTapi - ok
16:05:44.0365 5876 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio E:\Windows\system32\DRIVERS\ndisuio.sys
16:05:44.0365 5876 Ndisuio - ok
16:05:44.0380 5876 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan E:\Windows\system32\DRIVERS\ndiswan.sys
16:05:44.0380 5876 NdisWan - ok
16:05:44.0396 5876 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy E:\Windows\system32\drivers\NDProxy.sys
16:05:44.0396 5876 NDProxy - ok
16:05:44.0396 5876 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS E:\Windows\system32\DRIVERS\netbios.sys
16:05:44.0396 5876 NetBIOS - ok
16:05:44.0411 5876 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT E:\Windows\system32\DRIVERS\netbt.sys
16:05:44.0427 5876 NetBT - ok
16:05:44.0443 5876 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon E:\Windows\system32\lsass.exe
16:05:44.0443 5876 Netlogon - ok
16:05:44.0474 5876 [ 847D3AE376C0817161A14A82C8922A9E ] Netman E:\Windows\System32\netman.dll
16:05:44.0489 5876 Netman - ok
16:05:44.0505 5876 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm E:\Windows\System32\netprofm.dll
16:05:44.0505 5876 netprofm - ok
16:05:44.0552 5876 [ B72BB9496A126FCFC7FC5945DED9B411 ] netr28x E:\Windows\system32\DRIVERS\netr28x.sys
16:05:44.0552 5876 netr28x - ok
16:05:44.0583 5876 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing E:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:05:44.0583 5876 NetTcpPortSharing - ok
16:05:44.0614 5876 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 E:\Windows\system32\DRIVERS\nfrd960.sys
16:05:44.0614 5876 nfrd960 - ok
16:05:44.0645 5876 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc E:\Windows\System32\nlasvc.dll
16:05:44.0645 5876 NlaSvc - ok
16:05:44.0739 5876 [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService E:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
16:05:44.0739 5876 NMIndexingService - ok
16:05:44.0755 5876 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs E:\Windows\system32\drivers\Npfs.sys
16:05:44.0755 5876 Npfs - ok
16:05:44.0801 5876 NPVR Recording Service - ok
16:05:44.0817 5876 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi E:\Windows\system32\nsisvc.dll
16:05:44.0817 5876 nsi - ok
16:05:44.0848 5876 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy E:\Windows\system32\drivers\nsiproxy.sys
16:05:44.0848 5876 nsiproxy - ok
16:05:44.0895 5876 [ 356698A13C4630D5B31C37378D469196 ] Ntfs E:\Windows\system32\drivers\Ntfs.sys
16:05:44.0911 5876 Ntfs - ok
16:05:44.0926 5876 [ 9899284589F75FA8724FF3D16AED75C1 ] Null E:\Windows\system32\drivers\Null.sys
16:05:44.0926 5876 Null - ok
16:05:45.0207 5876 [ CC1EFEA1F0AB17E59BD4B5BAFF3E5CB0 ] nvlddmkm E:\Windows\system32\DRIVERS\nvlddmkm.sys
16:05:45.0332 5876 nvlddmkm - ok
16:05:45.0410 5876 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid E:\Windows\system32\DRIVERS\nvraid.sys
16:05:45.0410 5876 nvraid - ok
16:05:45.0425 5876 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor E:\Windows\system32\DRIVERS\nvstor.sys
16:05:45.0425 5876 nvstor - ok
16:05:45.0472 5876 [ 39F933CA2798156B0B7A19D104B73B9A ] nvsvc E:\Windows\system32\nvvsvc.exe
16:05:45.0488 5876 nvsvc - ok
16:05:45.0581 5876 [ 4E5C5D88EB0A8D21824D5A3EB7327E69 ] nvUpdatusService E:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
16:05:45.0613 5876 nvUpdatusService - ok
16:05:45.0628 5876 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp E:\Windows\system32\DRIVERS\nv_agp.sys
16:05:45.0628 5876 nv_agp - ok
16:05:45.0644 5876 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 E:\Windows\system32\DRIVERS\ohci1394.sys
16:05:45.0644 5876 ohci1394 - ok
16:05:45.0706 5876 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose E:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:05:45.0706 5876 ose - ok
16:05:45.0893 5876 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:05:45.0940 5876 osppsvc - ok
16:05:45.0971 5876 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc E:\Windows\system32\pnrpsvc.dll
16:05:45.0971 5876 p2pimsvc - ok
16:05:46.0003 5876 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc E:\Windows\system32\p2psvc.dll
16:05:46.0003 5876 p2psvc - ok
16:05:46.0034 5876 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport E:\Windows\system32\DRIVERS\parport.sys
16:05:46.0034 5876 Parport - ok
16:05:46.0065 5876 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr E:\Windows\system32\drivers\partmgr.sys
16:05:46.0065 5876 partmgr - ok
16:05:46.0081 5876 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc E:\Windows\System32\pcasvc.dll
16:05:46.0096 5876 PcaSvc - ok
16:05:46.0112 5876 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci E:\Windows\system32\DRIVERS\pci.sys
16:05:46.0112 5876 pci - ok
16:05:46.0127 5876 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide E:\Windows\system32\DRIVERS\pciide.sys
16:05:46.0127 5876 pciide - ok
16:05:46.0143 5876 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia E:\Windows\system32\DRIVERS\pcmcia.sys
16:05:46.0143 5876 pcmcia - ok
16:05:46.0159 5876 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw E:\Windows\system32\drivers\pcw.sys
16:05:46.0159 5876 pcw - ok
16:05:46.0190 5876 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH E:\Windows\system32\drivers\peauth.sys
16:05:46.0190 5876 PEAUTH - ok
16:05:46.0237 5876 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc E:\Windows\system32\peerdistsvc.dll
16:05:46.0252 5876 PeerDistSvc - ok
16:05:46.0315 5876 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost E:\Windows\SysWow64\perfhost.exe
16:05:46.0315 5876 PerfHost - ok
16:05:46.0361 5876 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla E:\Windows\system32\pla.dll
16:05:46.0377 5876 pla - ok
16:05:46.0424 5876 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay E:\Windows\system32\umpnpmgr.dll
16:05:46.0424 5876 PlugPlay - ok
16:05:46.0424 5876 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg E:\Windows\system32\pnrpauto.dll
16:05:46.0439 5876 PNRPAutoReg - ok
16:05:46.0455 5876 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc E:\Windows\system32\pnrpsvc.dll
16:05:46.0455 5876 PNRPsvc - ok
16:05:46.0486 5876 [ 33328FA8A580885AB0065BE6DB266E9F ] Point64 E:\Windows\system32\DRIVERS\point64.sys
16:05:46.0502 5876 Point64 - ok
16:05:46.0533 5876 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent E:\Windows\System32\ipsecsvc.dll
16:05:46.0533 5876 PolicyAgent - ok
16:05:46.0564 5876 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power E:\Windows\system32\umpo.dll
16:05:46.0564 5876 Power - ok
16:05:46.0611 5876 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport E:\Windows\system32\DRIVERS\raspptp.sys
16:05:46.0611 5876 PptpMiniport - ok
16:05:46.0627 5876 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor E:\Windows\system32\DRIVERS\processr.sys
16:05:46.0627 5876 Processor - ok
16:05:46.0658 5876 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc E:\Windows\system32\profsvc.dll
16:05:46.0658 5876 ProfSvc - ok
16:05:46.0673 5876 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage E:\Windows\system32\lsass.exe
16:05:46.0673 5876 ProtectedStorage - ok
16:05:46.0689 5876 [ EE992183BD8EAEFD9973F352E587A299 ] Psched E:\Windows\system32\DRIVERS\pacer.sys
16:05:46.0689 5876 Psched - ok
16:05:46.0736 5876 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 E:\Windows\system32\DRIVERS\ql2300.sys
16:05:46.0767 5876 ql2300 - ok
16:05:46.0783 5876 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx E:\Windows\system32\DRIVERS\ql40xx.sys
16:05:46.0783 5876 ql40xx - ok
16:05:46.0798 5876 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE E:\Windows\system32\qwave.dll
16:05:46.0798 5876 QWAVE - ok
16:05:46.0814 5876 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv E:\Windows\system32\drivers\qwavedrv.sys
16:05:46.0814 5876 QWAVEdrv - ok
16:05:46.0829 5876 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd E:\Windows\system32\DRIVERS\rasacd.sys
16:05:46.0845 5876 RasAcd - ok
16:05:46.0861 5876 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn E:\Windows\system32\DRIVERS\AgileVpn.sys
16:05:46.0861 5876 RasAgileVpn - ok
16:05:46.0876 5876 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto E:\Windows\System32\rasauto.dll
16:05:46.0876 5876 RasAuto - ok
16:05:46.0892 5876 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp E:\Windows\system32\DRIVERS\rasl2tp.sys
16:05:46.0892 5876 Rasl2tp - ok
16:05:46.0907 5876 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan E:\Windows\System32\rasmans.dll
16:05:46.0923 5876 RasMan - ok
16:05:46.0939 5876 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe E:\Windows\system32\DRIVERS\raspppoe.sys
16:05:46.0939 5876 RasPppoe - ok
16:05:46.0954 5876 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp E:\Windows\system32\DRIVERS\rassstp.sys
16:05:46.0954 5876 RasSstp - ok
16:05:46.0970 5876 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss E:\Windows\system32\DRIVERS\rdbss.sys
16:05:46.0970 5876 rdbss - ok
16:05:46.0970 5876 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus E:\Windows\system32\DRIVERS\rdpbus.sys
16:05:46.0985 5876 rdpbus - ok
16:05:46.0985 5876 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD E:\Windows\system32\DRIVERS\RDPCDD.sys
16:05:46.0985 5876 RDPCDD - ok
16:05:47.0017 5876 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR E:\Windows\system32\drivers\rdpdr.sys
16:05:47.0017 5876 RDPDR - ok
16:05:47.0032 5876 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD E:\Windows\system32\drivers\rdpencdd.sys
16:05:47.0032 5876 RDPENCDD - ok
16:05:47.0048 5876 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP E:\Windows\system32\drivers\rdprefmp.sys
16:05:47.0048 5876 RDPREFMP - ok
16:05:47.0095 5876 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD E:\Windows\system32\drivers\RDPWD.sys
16:05:47.0095 5876 RDPWD - ok
16:05:47.0110 5876 [ 634B9A2181D98F15941236886164EC8B ] rdyboost E:\Windows\system32\drivers\rdyboost.sys
16:05:47.0110 5876 rdyboost - ok
16:05:47.0141 5876 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess E:\Windows\System32\mprdim.dll
16:05:47.0141 5876 RemoteAccess - ok
16:05:47.0173 5876 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry E:\Windows\system32\regsvc.dll
16:05:47.0173 5876 RemoteRegistry - ok
16:05:47.0188 5876 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper E:\Windows\System32\RpcEpMap.dll
16:05:47.0188 5876 RpcEptMapper - ok
16:05:47.0204 5876 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator E:\Windows\system32\locator.exe
16:05:47.0204 5876 RpcLocator - ok
16:05:47.0235 5876 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs E:\Windows\system32\rpcss.dll
16:05:47.0235 5876 RpcSs - ok
16:05:47.0251 5876 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr E:\Windows\system32\DRIVERS\rspndr.sys
16:05:47.0251 5876 rspndr - ok
16:05:47.0282 5876 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 E:\Windows\system32\DRIVERS\Rt64win7.sys
16:05:47.0297 5876 RTL8167 - ok
16:05:47.0313 5876 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap E:\Windows\system32\DRIVERS\vms3cap.sys
16:05:47.0313 5876 s3cap - ok
16:05:47.0329 5876 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs E:\Windows\system32\lsass.exe
16:05:47.0329 5876 SamSs - ok
16:05:47.0344 5876 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port E:\Windows\system32\DRIVERS\sbp2port.sys
16:05:47.0360 5876 sbp2port - ok
16:05:47.0375 5876 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr E:\Windows\System32\SCardSvr.dll
16:05:47.0391 5876 SCardSvr - ok
16:05:47.0407 5876 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter E:\Windows\system32\DRIVERS\scfilter.sys
16:05:47.0407 5876 scfilter - ok
16:05:47.0453 5876 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule E:\Windows\system32\schedsvc.dll
16:05:47.0469 5876 Schedule - ok
16:05:47.0485 5876 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc E:\Windows\System32\certprop.dll
16:05:47.0485 5876 SCPolicySvc - ok
16:05:47.0500 5876 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC E:\Windows\System32\SDRSVC.dll
16:05:47.0500 5876 SDRSVC - ok
16:05:47.0531 5876 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv E:\Windows\system32\drivers\secdrv.sys
16:05:47.0531 5876 secdrv - ok
16:05:47.0547 5876 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon E:\Windows\system32\seclogon.dll
16:05:47.0547 5876 seclogon - ok
16:05:47.0563 5876 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS E:\Windows\System32\sens.dll
16:05:47.0563 5876 SENS - ok
16:05:47.0563 5876 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc E:\Windows\system32\sensrsvc.dll
16:05:47.0563 5876 SensrSvc - ok
16:05:47.0594 5876 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum E:\Windows\system32\DRIVERS\serenum.sys
16:05:47.0594 5876 Serenum - ok
16:05:47.0609 5876 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial E:\Windows\system32\DRIVERS\serial.sys
16:05:47.0609 5876 Serial - ok
16:05:47.0625 5876 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse E:\Windows\system32\DRIVERS\sermouse.sys
16:05:47.0625 5876 sermouse - ok
16:05:47.0641 5876 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv E:\Windows\system32\sessenv.dll
16:05:47.0641 5876 SessionEnv - ok
16:05:47.0703 5876 [ 4FCACE92BB0345D58BB96ADBD69F5237 ] sfdrv01 E:\Windows\system32\drivers\sfdrv01.sys
16:05:47.0703 5876 sfdrv01 - ok
16:05:47.0719 5876 [ A554811BCD09279536440C964AE35BBF ] sffdisk E:\Windows\system32\DRIVERS\sffdisk.sys
16:05:47.0719 5876 sffdisk - ok
16:05:47.0734 5876 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc E:\Windows\system32\DRIVERS\sffp_mmc.sys
16:05:47.0734 5876 sffp_mmc - ok
16:05:47.0734 5876 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd E:\Windows\system32\DRIVERS\sffp_sd.sys
16:05:47.0734 5876 sffp_sd - ok
16:05:47.0765 5876 [ 17F6BD95BF04B924F4C05CE78BEF8AE6 ] sfhlp02 E:\Windows\system32\drivers\sfhlp02.sys
16:05:47.0765 5876 sfhlp02 - ok
16:05:47.0781 5876 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy E:\Windows\system32\DRIVERS\sfloppy.sys
16:05:47.0781 5876 sfloppy - ok
16:05:47.0812 5876 [ 40CF333266E10137F805B8956FE19031 ] sfsync02 E:\Windows\system32\drivers\sfsync02.sys
16:05:47.0812 5876 sfsync02 - ok
16:05:47.0843 5876 [ F3B72568A6FA36E5D63D30B8186D1C48 ] sfvfs02 E:\Windows\system32\drivers\sfvfs02.sys
16:05:47.0843 5876 sfvfs02 - ok
16:05:47.0859 5876 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection E:\Windows\System32\shsvcs.dll
16:05:47.0875 5876 ShellHWDetection - ok
16:05:47.0875 5876 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 E:\Windows\system32\DRIVERS\SiSRaid2.sys
16:05:47.0875 5876 SiSRaid2 - ok
16:05:47.0890 5876 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 E:\Windows\system32\DRIVERS\sisraid4.sys
16:05:47.0890 5876 SiSRaid4 - ok
16:05:47.0906 5876 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb E:\Windows\system32\DRIVERS\smb.sys
16:05:47.0906 5876 Smb - ok
16:05:47.0937 5876 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP E:\Windows\System32\snmptrap.exe
16:05:47.0937 5876 SNMPTRAP - ok
16:05:47.0953 5876 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr E:\Windows\system32\drivers\spldr.sys
16:05:47.0953 5876 spldr - ok
16:05:47.0999 5876 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler E:\Windows\System32\spoolsv.exe
16:05:47.0999 5876 Spooler - ok
16:05:48.0077 5876 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc E:\Windows\system32\sppsvc.exe
16:05:48.0109 5876 sppsvc - ok
16:05:48.0124 5876 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify E:\Windows\system32\sppuinotify.dll
16:05:48.0124 5876 sppuinotify - ok
16:05:48.0171 5876 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv E:\Windows\system32\DRIVERS\srv.sys
16:05:48.0187 5876 srv - ok
16:05:48.0202 5876 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 E:\Windows\system32\DRIVERS\srv2.sys
16:05:48.0202 5876 srv2 - ok
16:05:48.0218 5876 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet E:\Windows\system32\DRIVERS\srvnet.sys
16:05:48.0218 5876 srvnet - ok
16:05:48.0249 5876 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV E:\Windows\System32\ssdpsrv.dll
16:05:48.0249 5876 SSDPSRV - ok
16:05:48.0265 5876 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc E:\Windows\system32\sstpsvc.dll
16:05:48.0265 5876 SstpSvc - ok
16:05:48.0327 5876 [ 9BF7E58D9113CE15CF4F1E1B18CEFF83 ] Stereo Service E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:05:48.0327 5876 Stereo Service - ok
16:05:48.0358 5876 [ F3817967ED533D08327DC73BC4D5542A ] stexstor E:\Windows\system32\DRIVERS\stexstor.sys
16:05:48.0358 5876 stexstor - ok
16:05:48.0405 5876 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc E:\Windows\System32\wiaservc.dll
16:05:48.0405 5876 stisvc - ok
16:05:48.0421 5876 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt E:\Windows\system32\DRIVERS\vmstorfl.sys
16:05:48.0421 5876 storflt - ok
16:05:48.0452 5876 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc E:\Windows\system32\DRIVERS\storvsc.sys
16:05:48.0452 5876 storvsc - ok
16:05:48.0467 5876 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum E:\Windows\system32\DRIVERS\swenum.sys
16:05:48.0467 5876 swenum - ok
16:05:48.0499 5876 [ E08E46FDD841B7184194011CA1955A0B ] swprv E:\Windows\System32\swprv.dll
16:05:48.0499 5876 swprv - ok
16:05:48.0545 5876 [ 512231BA47975F3F1A67B11F271BB49D ] SynasUSB E:\Windows\system32\drivers\SynUSB64.sys
16:05:48.0545 5876 SynasUSB - ok
16:05:48.0592 5876 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain E:\Windows\system32\sysmain.dll
16:05:48.0608 5876 SysMain - ok
16:05:48.0623 5876 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService E:\Windows\System32\TabSvc.dll
16:05:48.0623 5876 TabletInputService - ok
16:05:48.0639 5876 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv E:\Windows\System32\tapisrv.dll
16:05:48.0639 5876 TapiSrv - ok
16:05:48.0655 5876 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS E:\Windows\System32\tbssvc.dll
16:05:48.0655 5876 TBS - ok
16:05:48.0733 5876 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip E:\Windows\system32\drivers\tcpip.sys
16:05:48.0733 5876 Tcpip - ok
16:05:48.0764 5876 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 E:\Windows\system32\DRIVERS\tcpip.sys
16:05:48.0779 5876 TCPIP6 - ok
16:05:48.0795 5876 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg E:\Windows\system32\drivers\tcpipreg.sys
16:05:48.0795 5876 tcpipreg - ok
16:05:48.0811 5876 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE E:\Windows\system32\drivers\tdpipe.sys
16:05:48.0811 5876 TDPIPE - ok
16:05:48.0842 5876 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP E:\Windows\system32\drivers\tdtcp.sys
16:05:48.0842 5876 TDTCP - ok
16:05:48.0857 5876 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx E:\Windows\system32\DRIVERS\tdx.sys
16:05:48.0857 5876 tdx - ok
16:05:48.0873 5876 [ C448651339196C0E869A355171875522 ] TermDD E:\Windows\system32\DRIVERS\termdd.sys
16:05:48.0873 5876 TermDD - ok
16:05:48.0904 5876 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService E:\Windows\System32\termsrv.dll
16:05:48.0904 5876 TermService - ok
16:05:48.0920 5876 [ F0344071948D1A1FA732231785A0664C ] Themes E:\Windows\system32\themeservice.dll
16:05:48.0920 5876 Themes - ok
16:05:48.0935 5876 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER E:\Windows\system32\mmcss.dll
16:05:48.0935 5876 THREADORDER - ok
16:05:48.0951 5876 TICalc - ok
16:05:48.0982 5876 [ 199C2E87D9A5EC58D0BCD94E893BF629 ] TIEHDUSB E:\Windows\system32\DRIVERS\tiehdusb.sys
16:05:48.0998 5876 TIEHDUSB - ok
16:05:49.0045 5876 [ 5C248E03921137E131AC5F1459FD42C9 ] ToolkitDisk E:\Windows\system32\Drivers\toolkitdisk.sys
16:05:49.0045 5876 ToolkitDisk - ok
16:05:49.0060 5876 tpcdrdrv - ok
16:05:49.0076 5876 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks E:\Windows\System32\trkwks.dll
16:05:49.0076 5876 TrkWks - ok
16:05:49.0123 5876 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller E:\Windows\servicing\TrustedInstaller.exe
16:05:49.0123 5876 TrustedInstaller - ok
16:05:49.0154 5876 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv E:\Windows\system32\DRIVERS\tssecsrv.sys
16:05:49.0154 5876 tssecsrv - ok
16:05:49.0185 5876 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel E:\Windows\system32\DRIVERS\tunnel.sys
16:05:49.0185 5876 tunnel - ok
16:05:49.0201 5876 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 E:\Windows\system32\DRIVERS\uagp35.sys
16:05:49.0201 5876 uagp35 - ok
16:05:49.0232 5876 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs E:\Windows\system32\DRIVERS\udfs.sys
16:05:49.0232 5876 udfs - ok
16:05:49.0247 5876 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect E:\Windows\system32\UI0Detect.exe
16:05:49.0247 5876 UI0Detect - ok
16:05:49.0263 5876 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx E:\Windows\system32\DRIVERS\uliagpkx.sys
16:05:49.0263 5876 uliagpkx - ok
16:05:49.0279 5876 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus E:\Windows\system32\DRIVERS\umbus.sys
16:05:49.0279 5876 umbus - ok
16:05:49.0294 5876 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass E:\Windows\system32\DRIVERS\umpass.sys
16:05:49.0294 5876 UmPass - ok
16:05:49.0310 5876 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService E:\Windows\System32\umrdp.dll
16:05:49.0325 5876 UmRdpService - ok
16:05:49.0341 5876 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost E:\Windows\System32\upnphost.dll
16:05:49.0341 5876 upnphost - ok
16:05:49.0388 5876 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 E:\Windows\system32\Drivers\usbaapl64.sys
16:05:49.0388 5876 USBAAPL64 - ok
16:05:49.0435 5876 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio E:\Windows\system32\drivers\usbaudio.sys
16:05:49.0435 5876 usbaudio - ok
16:05:49.0450 5876 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp E:\Windows\system32\DRIVERS\usbccgp.sys
16:05:49.0450 5876 usbccgp - ok
16:05:49.0481 5876 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir E:\Windows\system32\DRIVERS\usbcir.sys
16:05:49.0481 5876 usbcir - ok
16:05:49.0497 5876 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci E:\Windows\system32\DRIVERS\usbehci.sys
16:05:49.0497 5876 usbehci - ok
16:05:49.0528 5876 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub E:\Windows\system32\DRIVERS\usbhub.sys
16:05:49.0544 5876 usbhub - ok
16:05:49.0544 5876 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci E:\Windows\system32\DRIVERS\usbohci.sys
16:05:49.0544 5876 usbohci - ok
16:05:49.0575 5876 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint E:\Windows\system32\DRIVERS\usbprint.sys
16:05:49.0575 5876 usbprint - ok
16:05:49.0591 5876 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR E:\Windows\system32\DRIVERS\USBSTOR.SYS
16:05:49.0606 5876 USBSTOR - ok
16:05:49.0606 5876 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci E:\Windows\system32\DRIVERS\usbuhci.sys
16:05:49.0606 5876 usbuhci - ok
16:05:49.0622 5876 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms E:\Windows\System32\uxsms.dll
16:05:49.0622 5876 UxSms - ok
16:05:49.0637 5876 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc E:\Windows\system32\lsass.exe
16:05:49.0637 5876 VaultSvc - ok
16:05:49.0684 5876 [ C30F3D43CEB6F79ADE9B805387E5F63C ] VBoxDrv E:\Windows\system32\DRIVERS\VBoxDrv.sys
16:05:49.0684 5876 VBoxDrv - ok
16:05:49.0715 5876 [ CF3EE68CD9723E9F21E3198A0F690400 ] VBoxUSBMon E:\Windows\system32\DRIVERS\VBoxUSBMon.sys
16:05:49.0715 5876 VBoxUSBMon - ok
16:05:49.0747 5876 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone E:\Windows\system32\DRIVERS\VClone.sys
16:05:49.0762 5876 VClone - ok
16:05:49.0778 5876 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot E:\Windows\system32\DRIVERS\vdrvroot.sys
16:05:49.0778 5876 vdrvroot - ok
16:05:49.0793 5876 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds E:\Windows\System32\vds.exe
16:05:49.0809 5876 vds - ok
16:05:49.0825 5876 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga E:\Windows\system32\DRIVERS\vgapnp.sys
16:05:49.0825 5876 vga - ok
16:05:49.0840 5876 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave E:\Windows\System32\drivers\vga.sys
16:05:49.0840 5876 VgaSave - ok
16:05:49.0856 5876 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp E:\Windows\system32\DRIVERS\vhdmp.sys
16:05:49.0871 5876 vhdmp - ok
16:05:49.0887 5876 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide E:\Windows\system32\DRIVERS\viaide.sys
16:05:49.0887 5876 viaide - ok
16:05:49.0934 5876 VideoAcceleratorService - ok
16:05:49.0981 5876 [ 0FC29ADB3F634ED3E535A76395B470B5 ] VMAuthdService E:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
16:05:49.0981 5876 VMAuthdService - ok
16:05:49.0996 5876 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus E:\Windows\system32\DRIVERS\vmbus.sys
16:05:50.0012 5876 vmbus - ok
16:05:50.0027 5876 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID E:\Windows\system32\DRIVERS\VMBusHID.sys
16:05:50.0027 5876 VMBusHID - ok
16:05:50.0074 5876 [ 87FC1DD880E8CAC4FAEBB84AF61A87C4 ] vmci E:\Windows\system32\DRIVERS\vmci.sys
16:05:50.0074 5876 vmci - ok
16:05:50.0105 5876 [ 76306D9523BC16BAF01F1B71E3E174A9 ] vmkbd E:\Windows\system32\drivers\VMkbd.sys
16:05:50.0105 5876 vmkbd - ok
16:05:50.0137 5876 [ B259C31378BC855AFD1B53F59311C251 ] VMnetAdapter E:\Windows\system32\DRIVERS\vmnetadapter.sys
16:05:50.0137 5876 VMnetAdapter - ok
16:05:50.0168 5876 [ DEC4CE720FFEDA939CF1BA315CFBD993 ] VMnetBridge E:\Windows\system32\DRIVERS\vmnetbridge.sys
16:05:50.0168 5876 VMnetBridge - ok
16:05:50.0168 5876 VMnetDHCP - ok
16:05:50.0183 5876 [ FF9E2B3ACD52C84EB50CA467C1952EB5 ] VMnetuserif E:\Windows\system32\drivers\vmnetuserif.sys
16:05:50.0183 5876 VMnetuserif - ok
16:05:50.0246 5876 [ B5BB4513C3206D1D4F8A0F276AE424FA ] VMUSBArbService E:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
16:05:50.0246 5876 VMUSBArbService - ok
16:05:50.0261 5876 VMware NAT Service - ok
16:05:50.0261 5876 [ E4B35C0C0BE5D37DA157304230C7A4C1 ] vmx86 E:\Windows\system32\drivers\vmx86.sys
16:05:50.0261 5876 vmx86 - ok
16:05:50.0277 5876 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr E:\Windows\system32\DRIVERS\volmgr.sys
16:05:50.0277 5876 volmgr - ok
16:05:50.0293 5876 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx E:\Windows\system32\drivers\volmgrx.sys
16:05:50.0308 5876 volmgrx - ok
16:05:50.0324 5876 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap E:\Windows\system32\DRIVERS\volsnap.sys
16:05:50.0324 5876 volsnap - ok
16:05:50.0339 5876 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid E:\Windows\system32\DRIVERS\vsmraid.sys
16:05:50.0339 5876 vsmraid - ok
16:05:50.0402 5876 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS E:\Windows\system32\vssvc.exe
16:05:50.0417 5876 VSS - ok
16:05:50.0433 5876 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus E:\Windows\system32\DRIVERS\vwifibus.sys
16:05:50.0433 5876 vwifibus - ok
16:05:50.0449 5876 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt E:\Windows\system32\DRIVERS\vwififlt.sys
16:05:50.0449 5876 vwififlt - ok
16:05:50.0480 5876 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp E:\Windows\system32\DRIVERS\vwifimp.sys
16:05:50.0480 5876 vwifimp - ok
16:05:50.0511 5876 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time E:\Windows\system32\w32time.dll
16:05:50.0511 5876 W32Time - ok
16:05:50.0527 5876 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen E:\Windows\system32\DRIVERS\wacompen.sys
16:05:50.0527 5876 WacomPen - ok
16:05:50.0558 5876 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP E:\Windows\system32\DRIVERS\wanarp.sys
16:05:50.0558 5876 WANARP - ok
16:05:50.0558 5876 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 E:\Windows\system32\DRIVERS\wanarp.sys
16:05:50.0573 5876 Wanarpv6 - ok
16:05:50.0605 5876 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine E:\Windows\system32\wbengine.exe
16:05:50.0620 5876 wbengine - ok
16:05:50.0636 5876 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc E:\Windows\System32\wbiosrvc.dll
16:05:50.0651 5876 WbioSrvc - ok
16:05:50.0667 5876 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc E:\Windows\System32\wcncsvc.dll
16:05:50.0667 5876 wcncsvc - ok
16:05:50.0683 5876 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService E:\Windows\System32\WcsPlugInService.dll
16:05:50.0683 5876 WcsPlugInService - ok
16:05:50.0698 5876 [ 72889E16FF12BA0F235467D6091B17DC ] Wd E:\Windows\system32\DRIVERS\wd.sys
16:05:50.0698 5876 Wd - ok
16:05:50.0729 5876 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 E:\Windows\system32\drivers\Wdf01000.sys
16:05:50.0729 5876 Wdf01000 - ok
16:05:50.0745 5876 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost E:\Windows\system32\wdi.dll
16:05:50.0745 5876 WdiServiceHost - ok
16:05:50.0761 5876 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost E:\Windows\system32\wdi.dll
16:05:50.0761 5876 WdiSystemHost - ok
16:05:50.0776 5876 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient E:\Windows\System32\webclnt.dll
16:05:50.0776 5876 WebClient - ok
16:05:50.0792 5876 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc E:\Windows\system32\wecsvc.dll
16:05:50.0807 5876 Wecsvc - ok
16:05:50.0807 5876 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport E:\Windows\System32\wercplsupport.dll
16:05:50.0807 5876 wercplsupport - ok
16:05:50.0839 5876 [ 6D137963730144698CBD10F202E9F251 ] WerSvc E:\Windows\System32\WerSvc.dll
16:05:50.0854 5876 WerSvc - ok
16:05:50.0854 5876 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf E:\Windows\system32\DRIVERS\wfplwf.sys
16:05:50.0854 5876 WfpLwf - ok
16:05:50.0870 5876 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount E:\Windows\system32\drivers\wimmount.sys
16:05:50.0870 5876 WIMMount - ok
16:05:50.0885 5876 WinHttpAutoProxySvc - ok
16:05:50.0932 5876 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt E:\Windows\system32\wbem\WMIsvc.dll
16:05:50.0932 5876 Winmgmt - ok
16:05:50.0995 5876 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM E:\Windows\system32\WsmSvc.dll
16:05:51.0010 5876 WinRM - ok
16:05:51.0073 5876 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb E:\Windows\system32\DRIVERS\WinUsb.sys
16:05:51.0073 5876 WinUsb - ok
16:05:51.0104 5876 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc E:\Windows\System32\wlansvc.dll
16:05:51.0119 5876 Wlansvc - ok
16:05:51.0135 5876 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi E:\Windows\system32\DRIVERS\wmiacpi.sys
16:05:51.0135 5876 WmiAcpi - ok
16:05:51.0151 5876 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv E:\Windows\system32\wbem\WmiApSrv.exe
16:05:51.0151 5876 wmiApSrv - ok
16:05:51.0182 5876 WMPNetworkSvc - ok
16:05:51.0213 5876 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc E:\Windows\System32\wpcsvc.dll
16:05:51.0213 5876 WPCSvc - ok
16:05:51.0229 5876 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum E:\Windows\system32\wpdbusenum.dll
16:05:51.0229 5876 WPDBusEnum - ok
16:05:51.0229 5876 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl E:\Windows\system32\drivers\ws2ifsl.sys
16:05:51.0229 5876 ws2ifsl - ok
16:05:51.0244 5876 WSearch - ok
16:05:51.0260 5876 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf E:\Windows\system32\drivers\WudfPf.sys
16:05:51.0260 5876 WudfPf - ok
16:05:51.0291 5876 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd E:\Windows\system32\DRIVERS\WUDFRd.sys
16:05:51.0291 5876 WUDFRd - ok
16:05:51.0307 5876 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc E:\Windows\System32\WUDFSvc.dll
16:05:51.0307 5876 wudfsvc - ok
16:05:51.0322 5876 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc E:\Windows\System32\wwansvc.dll
16:05:51.0322 5876 WwanSvc - ok
16:05:51.0400 5876 [ 15CC7077D2DC28776CD430ECABBFFD66 ] {22D78859-9CE9-4B77-BF18-AC83E81A9263} E:\Program Files (x86)\HP\QuickPlay\000.fcl
16:05:51.0400 5876 {22D78859-9CE9-4B77-BF18-AC83E81A9263} - ok
16:05:51.0431 5876 ================ Scan global ===============================
16:05:51.0447 5876 [ BA0CD8C393E8C9F83354106093832C7B ] E:\Windows\system32\basesrv.dll
16:05:51.0494 5876 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] E:\Windows\system32\winsrv.dll
16:05:51.0494 5876 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] E:\Windows\system32\winsrv.dll
16:05:51.0525 5876 [ D6160F9D869BA3AF0B787F971DB56368 ] E:\Windows\system32\sxssrv.dll
16:05:51.0556 5876 [ 50BEA589F7D7958BDD2528A8F69D05CC ] E:\Windows\system32\services.exe
16:05:51.0556 5876 [Global] - ok
16:05:51.0572 5876 ================ Scan MBR ==================================
16:05:51.0572 5876 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:05:51.0884 5876 \Device\Harddisk0\DR0 - ok
16:05:51.0946 5876 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
16:05:52.0009 5876 \Device\Harddisk1\DR1 - ok
16:05:52.0009 5876 ================ Scan VBR ==================================
16:05:52.0024 5876 [ F2611E177B051B45F12C68CD904C3982 ] \Device\Harddisk0\DR0\Partition1
16:05:52.0024 5876 \Device\Harddisk0\DR0\Partition1 - ok
16:05:52.0024 5876 [ 92C684E3D0A3E3AB9A886818AF44578D ] \Device\Harddisk0\DR0\Partition2
16:05:52.0024 5876 \Device\Harddisk0\DR0\Partition2 - ok
16:05:52.0055 5876 [ 776FBB192FB8C80BE2E6EFBF704F40E4 ] \Device\Harddisk1\DR1\Partition1
16:05:52.0055 5876 \Device\Harddisk1\DR1\Partition1 - ok
16:05:52.0055 5876 ============================================================
16:05:52.0055 5876 Scan finished
16:05:52.0055 5876 ============================================================
16:05:52.0071 2760 Detected object count: 0
16:05:52.0071 2760 Actual detected object count: 0
16:06:45.0022 3572 Deinitialize success

and the malwarebytes scan log:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org
Database version: v2012.08.23.08
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
[X] :: VB46GIVMI6 [administrator]
Protection: Enabled
8/24/2012 4:10:13 PM
mbam-log-2012-08-24 (16-10-13).txt
Scan type: Full scan (E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 503832
Time elapsed: 59 minute(s), 16 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 5
E:\Program Files (x86)\VVVVVV\TDU.exe (Packer.ModifiedUPX) -> Quarantined and deleted successfully.
E:\Users\[X]\Desktop\STUFF\RemoveWAT.exe (HackTool.Wpakill) -> Quarantined and deleted successfully.
E:\Windows\Installer\{c0103ebd-fd21-15be-62f0-2a3d97202df5}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
E:\Windows\Installer\{c0103ebd-fd21-15be-62f0-2a3d97202df5}\U\000000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
E:\Windows\Installer\{c0103ebd-fd21-15be-62f0-2a3d97202df5}\U\80000032.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
(end)

#8 mynameisnotrobert

mynameisnotrobert
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 24 August 2012 - 04:59 PM

and the mini toolbox log:

MiniToolBox by Farbar Version: 23-07-2012
Ran by [X} (administrator) on 24-08-2012 at 17:15:57
Microsoft Windows 7 Ultimate (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================

========================= IP Configuration: ================================
802.11n Wireless PCI Express Card LAN Adapter = Wireless Network Connection (Connected)
Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Hardware not present)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Hardware not present)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Hardware not present)
The following helper DLL cannot be loaded: WSHELPER.DLL.

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled
add address name="VMware Network Adapter VMnet8" address=192.168.255.1
add address name="VMware Network Adapter VMnet1" address=192.168.133.1

popd
# End of IPv4 configuration

Windows IP Configuration
Host Name . . . . . . . . . . . . : vb46givmi6
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 802.11n Wireless PCI Express Card LAN Adapter
Physical Address. . . . . . . . . : XX-XX-XX-XX-XX-XX
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::68cd:91e7:946:f591%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, August 24, 2012 5:13:35 PM
Lease Expires . . . . . . . . . . : Friday, August 24, 2012 9:13:40 PM
Default Gateway . . . . . . . . . : 10.0.1.1
DHCP Server . . . . . . . . . . . : 10.0.1.1
DHCPv6 IAID . . . . . . . . . . . : 184555076
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-CB-35-34-00-1F-C6-DA-B4-33
DNS Servers . . . . . . . . . . . : 10.0.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{527AF044-0F32-4F8C-8A29-1CA791D3AE46}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{9C959C0B-66D5-46EE-90B2-ADCA34015FEB}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Pinging google.com [74.125.225.39] with 32 bytes of data:
Reply from 74.125.225.39: bytes=32 time=17ms TTL=54
Reply from 74.125.225.39: bytes=32 time=17ms TTL=54
Ping statistics for 74.125.225.39:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 17ms, Average = 17ms
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=87ms TTL=47
Reply from 98.138.253.109: bytes=32 time=172ms TTL=48
Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 87ms, Maximum = 172ms, Average = 129ms
Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.
Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 16 44 da d0 d4 ......802.11n Wireless PCI Express Card LAN Adapter
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.1.1 10.0.1.3 25
10.0.1.0 255.255.255.0 On-link 10.0.1.3 281
10.0.1.3 255.255.255.255 On-link 10.0.1.3 281
10.0.1.255 255.255.255.255 On-link 10.0.1.3 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.1.3 281
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::68cd:91e7:946:f591/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Catalog5 03 E:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 E:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 E:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 E:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 E:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 E:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 02 E:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 03 E:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 04 E:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 05 E:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 06 E:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 07 E:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 08 E:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 E:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 20 E:\Windows\SysWOW64\vsocklib.dll [63088] (VMware, Inc.)
Catalog9 21 E:\Windows\SysWOW64\vsocklib.dll [63088] (VMware, Inc.)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
x64-Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
x64-Catalog5 03 E:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 E:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 E:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 E:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 E:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 E:\Windows\System32\vsocklib.dll [67184] (VMware, Inc.)
x64-Catalog9 12 E:\Windows\System32\vsocklib.dll [67184] (VMware, Inc.)
========================= Event log errors: ===============================
Application errors:
==================
Error: (08/24/2012 05:14:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "E:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "E:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line E:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: E:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: E:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (08/24/2012 05:13:40 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x00000000.
Error: (08/24/2012 05:13:40 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
0x80070005
Error: (08/24/2012 04:02:24 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x00000000.
Error: (08/24/2012 04:02:24 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
0x80070005
Error: (08/24/2012 04:00:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x4fe23011
Exception code: 0xc0000005
Fault offset: 0x00dab482
Faulting process id: 0x220
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Error: (08/24/2012 03:59:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x4fe23011
Exception code: 0xc0000005
Fault offset: 0x00dab482
Faulting process id: 0xd08
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Error: (08/24/2012 03:58:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x4fe23011
Exception code: 0xc0000005
Fault offset: 0x0125b482
Faulting process id: 0x1694
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Error: (08/24/2012 03:57:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x4fe23011
Exception code: 0xc0000005
Fault offset: 0x0134b482
Faulting process id: 0x1794
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Error: (08/24/2012 03:56:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x4fe23011
Exception code: 0xc0000005
Fault offset: 0x0134b482
Faulting process id: 0x1550
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

System errors:
=============
Error: (08/24/2012 05:13:50 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
FileDisk
sfsync02
tpcdrdrv
Error: (08/24/2012 05:13:37 PM) (Source: Service Control Manager) (User: )
Description: The TICalc service failed to start due to the following error:
%%1275
Error: (08/24/2012 05:13:37 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\TICalc.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (08/24/2012 05:13:37 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
Error: (08/24/2012 05:13:37 PM) (Source: Service Control Manager) (User: )
Description: The NPVR Recording Service service failed to start due to the following error:
%%2
Error: (08/24/2012 05:13:36 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
Error: (08/24/2012 05:13:34 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060
Error: (08/24/2012 05:13:05 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\FileDisk.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (08/24/2012 05:12:54 PM) (Source: Application Popup) (User: )
Description: Driver sfsync02.sys has been blocked from loading.
Error: (08/24/2012 04:02:37 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
FileDisk
sfsync02
tpcdrdrv

Microsoft Office Sessions:
=========================
Error: (08/24/2012 05:14:52 PM) (Source: SideBySide)(User: )
Description: E:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestE:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestE:\Users\[X]\Desktop\Anti virus stuff\esetsmartinstaller_enu.exe
Error: (08/24/2012 05:13:40 PM) (Source: Winlogon)(User: )
Description: 0x000000000x00000001
Error: (08/24/2012 05:13:40 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x80070005
Error: (08/24/2012 04:02:24 PM) (Source: Winlogon)(User: )
Description: 0x000000000x00000001
Error: (08/24/2012 04:02:24 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x80070005
Error: (08/24/2012 04:00:07 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.04fe23011c000000500dab48222001cd82330f5633cfE:\Windows\SysWOW64\svchost.exe80000032.@4d0eb565-ee26-11e1-9a4b-dcfcde5c577e
Error: (08/24/2012 03:59:07 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.04fe23011c000000500dab482d0801cd8232eb3db6d1E:\Windows\SysWOW64\svchost.exe80000032.@28f32b1c-ee26-11e1-9a4b-dcfcde5c577e
Error: (08/24/2012 03:58:06 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.04fe23011c00000050125b482169401cd8232c76047e1E:\Windows\SysWOW64\svchost.exe80000032.@0519daeb-ee26-11e1-9a4b-dcfcde5c577e
Error: (08/24/2012 03:57:06 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.04fe23011c00000050134b482179401cd8232a38745d2E:\Windows\SysWOW64\svchost.exe80000032.@e13c930b-ee25-11e1-9a4b-dcfcde5c577e
Error: (08/24/2012 03:56:06 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.04fe23011c00000050134b482155001cd82327fa2f8f8E:\Windows\SysWOW64\svchost.exe80000032.@bd62f4ba-ee25-11e1-9a4b-dcfcde5c577e

#9 mynameisnotrobert

mynameisnotrobert
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 24 August 2012 - 05:06 PM

and the FSS log:
Farbar Service Scanner Version: 06-08-2012
Ran by [X] (administrator) on 24-08-2012 at 17:20:20
Running from "E:\Users\[X]\Desktop\Anti virus stuff"
Microsoft Windows 7 Ultimate (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.
MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.

Firewall Disabled Policy:
==================

System Restore:
============
System Restore Disabled Policy:
========================

Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.

File Check:
========
E:\Windows\System32\nsisvc.dll => MD5 is legit
E:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
E:\Windows\System32\dhcpcore.dll => MD5 is legit
E:\Windows\System32\drivers\afd.sys
[2012-07-29 18:38] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E
E:\Windows\System32\drivers\tdx.sys => MD5 is legit
E:\Windows\System32\Drivers\tcpip.sys
[2012-07-29 18:31] - [2012-03-30 07:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0
E:\Windows\System32\dnsrslvr.dll => MD5 is legit
E:\Windows\System32\mpssvc.dll
[2009-07-13 20:09] - [2009-07-13 21:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3
E:\Windows\System32\bfe.dll => MD5 is legit
E:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
E:\Windows\System32\SDRSVC.dll
[2009-07-13 19:36] - [2009-07-13 21:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5
E:\Windows\System32\vssvc.exe => MD5 is legit
E:\Windows\System32\wscsvc.dll => MD5 is legit
E:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
E:\Windows\System32\wuaueng.dll => MD5 is legit
E:\Windows\System32\qmgr.dll => MD5 is legit
E:\Windows\System32\es.dll => MD5 is legit
E:\Windows\System32\cryptsvc.dll
[2012-07-29 18:38] - [2012-04-24 01:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D
E:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
E:\Windows\System32\ipnathlp.dll => MD5 is legit
E:\Windows\System32\svchost.exe => MD5 is legit
E:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

#10 mynameisnotrobert

mynameisnotrobert
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 24 August 2012 - 05:08 PM

and the adware cleaner log:

# AdwCleaner v1.801 - Logfile created 08/24/2012 at 17:22:59
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Ultimate (64 bits)
# User : [X] - VB46GIVMI6
# Boot Mode : Normal
# Running from : E:\Users\[X]\Desktop\Anti virus stuff\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****
Folder Deleted : E:\Users\[X]\AppData\Local\Conduit
Folder Deleted : E:\Users\[X]\AppData\Local\TempDir
Folder Deleted : E:\Users\[X]\AppData\Local\Temp\BabylonToolbar
Folder Deleted : E:\Users\[X]\AppData\Local\Temp\TempDir
Folder Deleted : E:\Users\[X]\AppData\LocalLow\BabylonToolbar
Folder Deleted : E:\Users\[X]\AppData\LocalLow\Conduit
Folder Deleted : E:\Users\[X]\AppData\Roaming\Babylon
Folder Deleted : E:\Users\[X]\AppData\Roaming\BabylonToolbar
Folder Deleted : E:\ProgramData\Babylon
Folder Deleted : E:\ProgramData\Tarma Installer
Folder Deleted : E:\Program Files (x86)\BabylonToolbar
Folder Deleted : E:\Program Files (x86)\Yontoo
File Deleted : E:\user.js
***** [Registry] *****
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2801948
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\SweetIM
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
[x64] Key Deleted : HKLM\SOFTWARE\Tarma Installer
***** [Registre - GUID] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5297E905-1DFB-4A9C-9871-A4F95FD58945}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Google Chrome v21.0.1180.83
File : E:\Users\[X]\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted : "description": "The fastest way to search the web.",
Deleted : "default_icon": "browser_icon_babylon48.png",
Deleted : "default_title": "Babylon Toolbar"
Deleted : "description": "Babylon ToolBar",
Deleted : "128": "babylon48.png",
Deleted : "48": "babylon48.png"
Deleted : "name": "Babylon Toolbar",
Deleted : "path": "BabylonChromeToolBar.dll",
Deleted : "update_url": "hxxp://img.babylon.com/ext/chrome/update/update1.xml",
Deleted : "description": "Displays the number of unread messages in your Google Mail inbox. You[...]
*************************
AdwCleaner[S1].txt - [11955 octets] - [24/08/2012 17:22:59]
########## EOF - E:\AdwCleaner[S1].txt - [12084 octets] ##########

That's it. Hope you can get something out of it.

Sorry for the number of posts. I kept getting an error (103130) when posting lengthy posts

Edited by mynameisnotrobert, 24 August 2012 - 05:08 PM.


#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:29 AM

Posted 24 August 2012 - 08:47 PM

Download

defender
wuauserv
BITS

Launch them ,click YES when you get UAC prompt

restart the PC


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#12 mynameisnotrobert

mynameisnotrobert
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 31 August 2012 - 05:11 PM

What do you mean by the FSS log? I think I already posted that.

Here's the rkill Log:


Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/31/2012 06:02:01 PM in x64 mode.
Windows Version: Windows 7 Ultimate

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Possibly Patched Files.

* E:\Windows\system32\services.exe

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
E:\Users\Sal\Desktop\rkill\rkill-08-31-2012-06-02-06.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
* E:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
* E:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* BITS [Missing Service]
* iphlpsvc [Missing Service]
* WatAdminSvc [Missing Service]
* wuauserv [Missing Service]

* atapi => \SystemRoot\system32\DRIVERS\atapi.sys [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* E:\Windows\System32\services.exe [NoSig]
+-> E:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe : 328,704 : 07/13/2009 09:39 PM : 24acb7e5be595468e3b9aa488b9b4fcb [Pos Repl]

Program finished at: 08/31/2012 06:03:52 PM
Execution time: 0 hours(s), 1 minute(s), and 50 seconds(s)

Thanks!

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:29 AM

Posted 31 August 2012 - 06:25 PM

Click on startmenu and type

cmd

Right click on it and select run as administrator and run this command

sfc /scanfile=c:\windows\system32\services.exe

After scan,restart the PC

Download

Rogue killer

right click on it and select run as administrator

Now,click on SCAN,after scan completes,click on DELETE

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Run RKILL again and post the new log

#14 mynameisnotrobert

mynameisnotrobert
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 03 September 2012 - 01:56 PM

When I type sfc /scanfile=c:\windows\system32\services.exe it says "windows resource protection could not perform the requested operation". What do I do? I am running cmd as administrator

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:29 AM

Posted 03 September 2012 - 04:11 PM

Go to next step




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users