Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ads in lower right corner and redirects help


  • Please log in to reply
9 replies to this topic

#1 GTTJ

GTTJ

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 25 August 2012 - 08:53 AM

I've been having ads showup in the lower right corner if internet explorer and random redirects when clicking on links on various websites. I've installed and run a trial version of malwarebytes that didn't find anything. I'm running windows security essentials also with no problems. What else can I do to get rid of this? I'm on a W7 64bit operating system.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:09 AM

Posted 25 August 2012 - 08:53 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 GTTJ

GTTJ
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 25 August 2012 - 09:23 AM

How long should the aswMRB scan take? It's been going for about 20 min now and seems to be locked up on a specific folder.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:09 AM

Posted 25 August 2012 - 09:24 AM

Try to run it in safemode with networking.If it still locks up skip it and post the other logs

#5 GTTJ

GTTJ
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 25 August 2012 - 07:23 PM

Below is the tdss killer. The aswMBR would not finish running, even in safe mode. It locked up each time on the same folder. The ESET online tool ran fine but did not give me an option to export a log. It did show on the final screen that there were 0 infected files and 0 cleaned files.


09:54:56.0316 3304 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
09:54:56.0737 3304 ============================================================
09:54:56.0737 3304 Current date / time: 2012/08/25 09:54:56.0737
09:54:56.0737 3304 SystemInfo:
09:54:56.0737 3304
09:54:56.0737 3304 OS Version: 6.1.7601 ServicePack: 1.0
09:54:56.0737 3304 Product type: Workstation
09:54:56.0737 3304 ComputerName: LAPTOP-PC
09:54:56.0737 3304 UserName: Laptop
09:54:56.0737 3304 Windows directory: C:\Windows
09:54:56.0737 3304 System windows directory: C:\Windows
09:54:56.0737 3304 Running under WOW64
09:54:56.0737 3304 Processor architecture: Intel x64
09:54:56.0737 3304 Number of processors: 2
09:54:56.0737 3304 Page size: 0x1000
09:54:56.0737 3304 Boot type: Normal boot
09:54:56.0737 3304 ============================================================
09:54:58.0874 3304 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:54:58.0983 3304 Drive \Device\Harddisk1\DR1 - Size: 0x1E6E80000 (7.61 Gb), SectorSize: 0x200, Cylinders: 0x3E1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:54:58.0983 3304 ============================================================
09:54:58.0983 3304 \Device\Harddisk0\DR0:
09:54:58.0983 3304 MBR partitions:
09:54:58.0983 3304 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
09:54:58.0983 3304 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23B77000
09:54:58.0983 3304 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23BDB000, BlocksNum 0x1853000
09:54:58.0983 3304 \Device\Harddisk1\DR1:
09:54:58.0983 3304 MBR partitions:
09:54:58.0983 3304 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xF35400
09:54:58.0983 3304 ============================================================
09:54:59.0014 3304 C: <-> \Device\Harddisk0\DR0\Partition2
09:54:59.0061 3304 D: <-> \Device\Harddisk0\DR0\Partition3
09:54:59.0092 3304 ============================================================
09:54:59.0092 3304 Initialize success
09:54:59.0092 3304 ============================================================
09:55:18.0249 0488 ============================================================
09:55:18.0249 0488 Scan started
09:55:18.0249 0488 Mode: Manual; TDLFS;
09:55:18.0249 0488 ============================================================
09:55:18.0639 0488 ================ Scan system memory ========================
09:55:18.0639 0488 System memory - ok
09:55:18.0639 0488 ================ Scan services =============================
09:55:18.0811 0488 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:55:18.0811 0488 1394ohci - ok
09:55:18.0873 0488 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:55:18.0873 0488 ACPI - ok
09:55:18.0920 0488 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:55:18.0920 0488 AcpiPmi - ok
09:55:19.0060 0488 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:55:19.0060 0488 AdobeFlashPlayerUpdateSvc - ok
09:55:19.0123 0488 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:55:19.0123 0488 adp94xx - ok
09:55:19.0170 0488 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:55:19.0185 0488 adpahci - ok
09:55:19.0201 0488 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:55:19.0201 0488 adpu320 - ok
09:55:19.0232 0488 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:55:19.0232 0488 AeLookupSvc - ok
09:55:19.0294 0488 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
09:55:19.0310 0488 AESTFilters - ok
09:55:19.0372 0488 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:55:19.0372 0488 AFD - ok
09:55:19.0435 0488 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
09:55:19.0482 0488 AgereSoftModem - ok
09:55:19.0544 0488 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:55:19.0560 0488 agp440 - ok
09:55:19.0622 0488 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:55:19.0622 0488 ALG - ok
09:55:19.0684 0488 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:55:19.0684 0488 aliide - ok
09:55:19.0700 0488 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:55:19.0700 0488 amdide - ok
09:55:19.0731 0488 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:55:19.0731 0488 AmdK8 - ok
09:55:19.0762 0488 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:55:19.0762 0488 AmdPPM - ok
09:55:19.0809 0488 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:55:19.0809 0488 amdsata - ok
09:55:19.0840 0488 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:55:19.0856 0488 amdsbs - ok
09:55:19.0856 0488 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:55:19.0856 0488 amdxata - ok
09:55:19.0918 0488 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:55:19.0918 0488 AppID - ok
09:55:19.0950 0488 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:55:19.0950 0488 AppIDSvc - ok
09:55:19.0996 0488 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:55:19.0996 0488 Appinfo - ok
09:55:20.0090 0488 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:55:20.0090 0488 Apple Mobile Device - ok
09:55:20.0137 0488 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:55:20.0137 0488 arc - ok
09:55:20.0152 0488 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:55:20.0168 0488 arcsas - ok
09:55:20.0199 0488 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:55:20.0199 0488 AsyncMac - ok
09:55:20.0246 0488 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:55:20.0246 0488 atapi - ok
09:55:20.0340 0488 [ F8633CDD09647A64EE8DB550630427FF ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:55:20.0386 0488 athr - ok
09:55:20.0433 0488 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:55:20.0464 0488 AudioEndpointBuilder - ok
09:55:20.0496 0488 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:55:20.0496 0488 AudioSrv - ok
09:55:20.0558 0488 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:55:20.0574 0488 AxInstSV - ok
09:55:20.0605 0488 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:55:20.0620 0488 b06bdrv - ok
09:55:20.0667 0488 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:55:20.0667 0488 b57nd60a - ok
09:55:20.0698 0488 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:55:20.0714 0488 BDESVC - ok
09:55:20.0714 0488 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:55:20.0714 0488 Beep - ok
09:55:20.0792 0488 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:55:20.0823 0488 BFE - ok
09:55:20.0886 0488 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:55:20.0917 0488 BITS - ok
09:55:20.0932 0488 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:55:20.0932 0488 blbdrive - ok
09:55:21.0010 0488 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:55:21.0010 0488 Bonjour Service - ok
09:55:21.0073 0488 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:55:21.0073 0488 bowser - ok
09:55:21.0104 0488 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:55:21.0104 0488 BrFiltLo - ok
09:55:21.0120 0488 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:55:21.0120 0488 BrFiltUp - ok
09:55:21.0166 0488 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:55:21.0213 0488 Browser - ok
09:55:21.0244 0488 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:55:21.0244 0488 Brserid - ok
09:55:21.0276 0488 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:55:21.0276 0488 BrSerWdm - ok
09:55:21.0307 0488 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:55:21.0307 0488 BrUsbMdm - ok
09:55:21.0322 0488 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:55:21.0322 0488 BrUsbSer - ok
09:55:21.0385 0488 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
09:55:21.0494 0488 BrYNSvc - ok
09:55:21.0510 0488 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:55:21.0525 0488 BTHMODEM - ok
09:55:21.0541 0488 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:55:21.0541 0488 bthserv - ok
09:55:21.0588 0488 [ FC278504BFA3AC7E9ED92359D0EE7282 ] busenum C:\Windows\system32\DRIVERS\busenum.sys
09:55:21.0619 0488 busenum - ok
09:55:21.0650 0488 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:55:21.0650 0488 cdfs - ok
09:55:21.0712 0488 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:55:21.0712 0488 cdrom - ok
09:55:21.0759 0488 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:55:21.0759 0488 CertPropSvc - ok
09:55:21.0790 0488 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:55:21.0790 0488 circlass - ok
09:55:21.0822 0488 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:55:21.0837 0488 CLFS - ok
09:55:21.0915 0488 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:55:21.0915 0488 clr_optimization_v2.0.50727_32 - ok
09:55:21.0962 0488 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:55:21.0962 0488 clr_optimization_v2.0.50727_64 - ok
09:55:22.0071 0488 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:55:22.0087 0488 clr_optimization_v4.0.30319_32 - ok
09:55:22.0134 0488 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:55:22.0134 0488 clr_optimization_v4.0.30319_64 - ok
09:55:22.0165 0488 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:55:22.0165 0488 CmBatt - ok
09:55:22.0196 0488 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:55:22.0196 0488 cmdide - ok
09:55:22.0258 0488 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:55:22.0258 0488 CNG - ok
09:55:22.0352 0488 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
09:55:22.0368 0488 Com4QLBEx - ok
09:55:22.0368 0488 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:55:22.0368 0488 Compbatt - ok
09:55:22.0430 0488 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:55:22.0430 0488 CompositeBus - ok
09:55:22.0446 0488 COMSysApp - ok
09:55:22.0461 0488 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:55:22.0461 0488 crcdisk - ok
09:55:22.0524 0488 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:55:22.0524 0488 CryptSvc - ok
09:55:22.0586 0488 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:55:22.0602 0488 DcomLaunch - ok
09:55:22.0633 0488 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:55:22.0633 0488 defragsvc - ok
09:55:22.0680 0488 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:55:22.0695 0488 DfsC - ok
09:55:22.0758 0488 [ 6060106CE00F32F63F1A73160E46E9D2 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
09:55:22.0758 0488 dg_ssudbus - ok
09:55:22.0836 0488 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:55:22.0836 0488 Dhcp - ok
09:55:22.0867 0488 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:55:22.0867 0488 discache - ok
09:55:22.0914 0488 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:55:22.0914 0488 Disk - ok
09:55:22.0960 0488 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:55:22.0960 0488 Dnscache - ok
09:55:23.0038 0488 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:55:23.0038 0488 dot3svc - ok
09:55:23.0054 0488 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:55:23.0054 0488 DPS - ok
09:55:23.0101 0488 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:55:23.0101 0488 drmkaud - ok
09:55:23.0148 0488 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:55:23.0194 0488 DXGKrnl - ok
09:55:23.0226 0488 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:55:23.0226 0488 EapHost - ok
09:55:23.0335 0488 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:55:23.0428 0488 ebdrv - ok
09:55:23.0475 0488 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:55:23.0475 0488 EFS - ok
09:55:23.0584 0488 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:55:23.0616 0488 ehRecvr - ok
09:55:23.0631 0488 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:55:23.0631 0488 ehSched - ok
09:55:23.0694 0488 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:55:23.0694 0488 elxstor - ok
09:55:23.0756 0488 [ 000598EAA293D5139F3DBC68516F901E ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
09:55:23.0818 0488 EPSON_PM_RPCV4_01 - ok
09:55:23.0865 0488 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:55:23.0865 0488 ErrDev - ok
09:55:23.0912 0488 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:55:23.0928 0488 EventSystem - ok
09:55:23.0943 0488 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:55:23.0959 0488 exfat - ok
09:55:23.0974 0488 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:55:23.0974 0488 fastfat - ok
09:55:24.0037 0488 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:55:24.0068 0488 Fax - ok
09:55:24.0099 0488 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:55:24.0099 0488 fdc - ok
09:55:24.0115 0488 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:55:24.0115 0488 fdPHost - ok
09:55:24.0130 0488 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:55:24.0130 0488 FDResPub - ok
09:55:24.0162 0488 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:55:24.0162 0488 FileInfo - ok
09:55:24.0162 0488 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:55:24.0177 0488 Filetrace - ok
09:55:24.0208 0488 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:55:24.0208 0488 flpydisk - ok
09:55:24.0255 0488 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:55:24.0271 0488 FltMgr - ok
09:55:24.0302 0488 [ 6CD6BB45BD3E0EEF6CE496BF52854FF1 ] FlyUsb C:\Windows\system32\DRIVERS\FlyUsb.sys
09:55:24.0302 0488 FlyUsb - ok
09:55:24.0380 0488 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:55:24.0411 0488 FontCache - ok
09:55:24.0474 0488 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:55:24.0474 0488 FontCache3.0.0.0 - ok
09:55:24.0520 0488 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:55:24.0520 0488 FsDepends - ok
09:55:24.0567 0488 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:55:24.0567 0488 Fs_Rec - ok
09:55:24.0630 0488 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:55:24.0630 0488 fvevol - ok
09:55:24.0661 0488 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:55:24.0661 0488 gagp30kx - ok
09:55:24.0739 0488 [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
09:55:24.0739 0488 GameConsoleService - ok
09:55:24.0770 0488 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:55:24.0786 0488 GEARAspiWDM - ok
09:55:24.0848 0488 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:55:24.0879 0488 gpsvc - ok
09:55:24.0988 0488 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:55:24.0988 0488 gupdate - ok
09:55:25.0035 0488 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:55:25.0035 0488 gupdatem - ok
09:55:25.0051 0488 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:55:25.0051 0488 hcw85cir - ok
09:55:25.0113 0488 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:55:25.0129 0488 HdAudAddService - ok
09:55:25.0191 0488 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:55:25.0191 0488 HDAudBus - ok
09:55:25.0207 0488 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:55:25.0207 0488 HidBatt - ok
09:55:25.0238 0488 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:55:25.0238 0488 HidBth - ok
09:55:25.0254 0488 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:55:25.0254 0488 HidIr - ok
09:55:25.0269 0488 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:55:25.0269 0488 hidserv - ok
09:55:25.0332 0488 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
09:55:25.0332 0488 HidUsb - ok
09:55:25.0378 0488 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:55:25.0378 0488 hkmsvc - ok
09:55:25.0425 0488 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:55:25.0441 0488 HomeGroupListener - ok
09:55:25.0488 0488 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:55:25.0488 0488 HomeGroupProvider - ok
09:55:25.0581 0488 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
09:55:25.0581 0488 HP Support Assistant Service - ok
09:55:25.0659 0488 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
09:55:25.0659 0488 HPDrvMntSvc.exe - ok
09:55:25.0706 0488 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
09:55:25.0706 0488 HpqKbFiltr - ok
09:55:25.0784 0488 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
09:55:25.0815 0488 hpqwmiex - ok
09:55:25.0878 0488 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:55:25.0878 0488 HpSAMD - ok
09:55:25.0940 0488 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:55:25.0956 0488 HTTP - ok
09:55:26.0002 0488 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:55:26.0018 0488 hwpolicy - ok
09:55:26.0080 0488 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:55:26.0080 0488 i8042prt - ok
09:55:26.0158 0488 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:55:26.0158 0488 iaStorV - ok
09:55:26.0252 0488 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:55:26.0252 0488 IDriverT - ok
09:55:26.0314 0488 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:55:26.0346 0488 idsvc - ok
09:55:26.0626 0488 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:55:26.0876 0488 igfx - ok
09:55:26.0892 0488 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:55:26.0892 0488 iirsp - ok
09:55:26.0954 0488 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:55:26.0985 0488 IKEEXT - ok
09:55:27.0063 0488 [ D485D3BD3E2179AA86853A182F70699F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
09:55:27.0063 0488 IntcHdmiAddService - ok
09:55:27.0110 0488 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:55:27.0110 0488 intelide - ok
09:55:27.0157 0488 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:55:27.0157 0488 intelppm - ok
09:55:27.0204 0488 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:55:27.0204 0488 IPBusEnum - ok
09:55:27.0250 0488 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:55:27.0250 0488 IpFilterDriver - ok
09:55:27.0313 0488 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:55:27.0328 0488 iphlpsvc - ok
09:55:27.0375 0488 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:55:27.0375 0488 IPMIDRV - ok
09:55:27.0406 0488 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:55:27.0406 0488 IPNAT - ok
09:55:27.0484 0488 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:55:27.0531 0488 iPod Service - ok
09:55:27.0547 0488 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:55:27.0562 0488 IRENUM - ok
09:55:27.0594 0488 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:55:27.0594 0488 isapnp - ok
09:55:27.0640 0488 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:55:27.0656 0488 iScsiPrt - ok
09:55:27.0687 0488 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
09:55:27.0687 0488 kbdclass - ok
09:55:27.0718 0488 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:55:27.0718 0488 kbdhid - ok
09:55:27.0734 0488 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:55:27.0734 0488 KeyIso - ok
09:55:27.0765 0488 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:55:27.0765 0488 KSecDD - ok
09:55:27.0828 0488 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:55:27.0828 0488 KSecPkg - ok
09:55:27.0859 0488 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:55:27.0859 0488 ksthunk - ok
09:55:27.0890 0488 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:55:27.0906 0488 KtmRm - ok
09:55:27.0984 0488 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:55:27.0999 0488 LanmanServer - ok
09:55:28.0030 0488 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:55:28.0046 0488 LanmanWorkstation - ok
09:55:28.0218 0488 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
09:55:28.0389 0488 LeapFrog Connect Device Service - ok
09:55:28.0483 0488 [ 3503F257B3203F824B1567238EBE17E2 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
09:55:28.0498 0488 LightScribeService - ok
09:55:28.0530 0488 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:55:28.0530 0488 lltdio - ok
09:55:28.0561 0488 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:55:28.0576 0488 lltdsvc - ok
09:55:28.0592 0488 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:55:28.0592 0488 lmhosts - ok
09:55:28.0639 0488 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:55:28.0639 0488 LSI_FC - ok
09:55:28.0654 0488 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:55:28.0654 0488 LSI_SAS - ok
09:55:28.0686 0488 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:55:28.0701 0488 LSI_SAS2 - ok
09:55:28.0717 0488 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:55:28.0717 0488 LSI_SCSI - ok
09:55:28.0748 0488 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:55:28.0748 0488 luafv - ok
09:55:28.0810 0488 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:55:28.0826 0488 Mcx2Svc - ok
09:55:28.0842 0488 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:55:28.0842 0488 megasas - ok
09:55:28.0888 0488 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:55:28.0904 0488 MegaSR - ok
09:55:28.0920 0488 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:55:28.0935 0488 MMCSS - ok
09:55:28.0951 0488 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:55:28.0951 0488 Modem - ok
09:55:28.0982 0488 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:55:28.0982 0488 monitor - ok
09:55:29.0029 0488 [ 3CC500C9B0E4D476802D277353CB2C89 ] MotDev C:\Windows\system32\DRIVERS\motodrv.sys
09:55:29.0029 0488 MotDev - ok
09:55:29.0107 0488 [ 3BBC6C2402242401F791548AAEBF3D39 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
09:55:29.0107 0488 MotoHelper - ok
09:55:29.0154 0488 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
09:55:29.0154 0488 mouclass - ok
09:55:29.0185 0488 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:55:29.0200 0488 mouhid - ok
09:55:29.0247 0488 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:55:29.0247 0488 mountmgr - ok
09:55:29.0278 0488 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:55:29.0278 0488 MpFilter - ok
09:55:29.0310 0488 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:55:29.0310 0488 mpio - ok
09:55:29.0341 0488 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:55:29.0341 0488 mpsdrv - ok
09:55:29.0403 0488 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:55:29.0434 0488 MpsSvc - ok
09:55:29.0497 0488 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:55:29.0497 0488 MRxDAV - ok
09:55:29.0544 0488 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:55:29.0544 0488 mrxsmb - ok
09:55:29.0606 0488 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:55:29.0606 0488 mrxsmb10 - ok
09:55:29.0622 0488 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:55:29.0622 0488 mrxsmb20 - ok
09:55:29.0668 0488 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:55:29.0668 0488 msahci - ok
09:55:29.0715 0488 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:55:29.0715 0488 msdsm - ok
09:55:29.0746 0488 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:55:29.0746 0488 MSDTC - ok
09:55:29.0793 0488 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:55:29.0793 0488 Msfs - ok
09:55:29.0809 0488 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:55:29.0809 0488 mshidkmdf - ok
09:55:29.0856 0488 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:55:29.0856 0488 msisadrv - ok
09:55:29.0902 0488 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:55:29.0902 0488 MSiSCSI - ok
09:55:29.0902 0488 msiserver - ok
09:55:29.0934 0488 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:55:29.0934 0488 MSKSSRV - ok
09:55:30.0058 0488 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:55:30.0058 0488 MsMpSvc - ok
09:55:30.0074 0488 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:55:30.0074 0488 MSPCLOCK - ok
09:55:30.0105 0488 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:55:30.0105 0488 MSPQM - ok
09:55:30.0168 0488 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:55:30.0168 0488 MsRPC - ok
09:55:30.0214 0488 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:55:30.0214 0488 mssmbios - ok
09:55:30.0246 0488 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:55:30.0246 0488 MSTEE - ok
09:55:30.0277 0488 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:55:30.0277 0488 MTConfig - ok
09:55:30.0308 0488 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:55:30.0308 0488 Mup - ok
09:55:30.0370 0488 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:55:30.0402 0488 napagent - ok
09:55:30.0433 0488 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:55:30.0448 0488 NativeWifiP - ok
09:55:30.0526 0488 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
09:55:30.0558 0488 NDIS - ok
09:55:30.0573 0488 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:55:30.0589 0488 NdisCap - ok
09:55:30.0604 0488 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:55:30.0604 0488 NdisTapi - ok
09:55:30.0667 0488 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:55:30.0682 0488 Ndisuio - ok
09:55:30.0729 0488 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:55:30.0729 0488 NdisWan - ok
09:55:30.0776 0488 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:55:30.0792 0488 NDProxy - ok
09:55:30.0807 0488 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:55:30.0823 0488 NetBIOS - ok
09:55:30.0870 0488 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:55:30.0870 0488 NetBT - ok
09:55:30.0885 0488 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:55:30.0885 0488 Netlogon - ok
09:55:30.0932 0488 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:55:30.0932 0488 Netman - ok
09:55:30.0963 0488 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:55:30.0979 0488 netprofm - ok
09:55:30.0994 0488 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:55:31.0010 0488 NetTcpPortSharing - ok
09:55:31.0150 0488 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
09:55:31.0291 0488 netw5v64 - ok
09:55:31.0400 0488 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:55:31.0447 0488 nfrd960 - ok
09:55:31.0509 0488 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:55:31.0509 0488 NisDrv - ok
09:55:31.0540 0488 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
09:55:31.0540 0488 NisSrv - ok
09:55:31.0603 0488 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:55:31.0603 0488 NlaSvc - ok
09:55:31.0634 0488 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:55:31.0634 0488 Npfs - ok
09:55:31.0665 0488 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:55:31.0665 0488 nsi - ok
09:55:31.0681 0488 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:55:31.0696 0488 nsiproxy - ok
09:55:31.0790 0488 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:55:31.0821 0488 Ntfs - ok
09:55:31.0852 0488 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:55:31.0852 0488 Null - ok
09:55:31.0899 0488 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:55:31.0915 0488 nvraid - ok
09:55:31.0930 0488 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:55:31.0930 0488 nvstor - ok
09:55:31.0977 0488 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:55:31.0977 0488 nv_agp - ok
09:55:32.0071 0488 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:55:32.0071 0488 odserv - ok
09:55:32.0118 0488 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:55:32.0118 0488 ohci1394 - ok
09:55:32.0149 0488 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:55:32.0164 0488 ose - ok
09:55:32.0180 0488 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:55:32.0196 0488 p2pimsvc - ok
09:55:32.0227 0488 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:55:32.0242 0488 p2psvc - ok
09:55:32.0274 0488 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:55:32.0274 0488 Parport - ok
09:55:32.0320 0488 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:55:32.0320 0488 partmgr - ok
09:55:32.0336 0488 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:55:32.0352 0488 PcaSvc - ok
09:55:32.0398 0488 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:55:32.0398 0488 pci - ok
09:55:32.0430 0488 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:55:32.0430 0488 pciide - ok
09:55:32.0461 0488 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:55:32.0461 0488 pcmcia - ok
09:55:32.0476 0488 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:55:32.0476 0488 pcw - ok
09:55:32.0586 0488 [ C1C3BAF078BE5A14384A4BA2D730817D ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
09:55:32.0586 0488 PDFProFiltSrvPP - ok
09:55:32.0617 0488 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:55:32.0632 0488 PEAUTH - ok
09:55:32.0695 0488 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:55:32.0710 0488 PerfHost - ok
09:55:32.0788 0488 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:55:32.0835 0488 pla - ok
09:55:32.0898 0488 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:55:32.0913 0488 PlugPlay - ok
09:55:32.0944 0488 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:55:32.0944 0488 PNRPAutoReg - ok
09:55:32.0960 0488 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:55:32.0976 0488 PNRPsvc - ok
09:55:32.0991 0488 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:55:33.0007 0488 PolicyAgent - ok
09:55:33.0038 0488 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:55:33.0054 0488 Power - ok
09:55:33.0100 0488 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:55:33.0116 0488 PptpMiniport - ok
09:55:33.0132 0488 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:55:33.0147 0488 Processor - ok
09:55:33.0178 0488 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:55:33.0194 0488 ProfSvc - ok
09:55:33.0210 0488 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:55:33.0210 0488 ProtectedStorage - ok
09:55:33.0256 0488 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:55:33.0256 0488 Psched - ok
09:55:33.0319 0488 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:55:33.0366 0488 ql2300 - ok
09:55:33.0381 0488 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:55:33.0381 0488 ql40xx - ok
09:55:33.0412 0488 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:55:33.0428 0488 QWAVE - ok
09:55:33.0459 0488 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:55:33.0459 0488 QWAVEdrv - ok
09:55:33.0475 0488 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:55:33.0475 0488 RasAcd - ok
09:55:33.0506 0488 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:55:33.0506 0488 RasAgileVpn - ok
09:55:33.0522 0488 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:55:33.0537 0488 RasAuto - ok
09:55:33.0584 0488 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:55:33.0600 0488 Rasl2tp - ok
09:55:33.0615 0488 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:55:33.0631 0488 RasMan - ok
09:55:33.0662 0488 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:55:33.0662 0488 RasPppoe - ok
09:55:33.0678 0488 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:55:33.0678 0488 RasSstp - ok
09:55:33.0709 0488 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:55:33.0709 0488 rdbss - ok
09:55:33.0740 0488 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:55:33.0740 0488 rdpbus - ok
09:55:33.0756 0488 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:55:33.0756 0488 RDPCDD - ok
09:55:33.0787 0488 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:55:33.0787 0488 RDPENCDD - ok
09:55:33.0802 0488 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:55:33.0802 0488 RDPREFMP - ok
09:55:33.0849 0488 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:55:33.0865 0488 RDPWD - ok
09:55:33.0912 0488 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:55:33.0927 0488 rdyboost - ok
09:55:34.0052 0488 [ 443FE88564A21827B1C5FCF8704AD158 ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
09:55:34.0068 0488 ReflectService.exe - ok
09:55:34.0083 0488 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:55:34.0099 0488 RemoteAccess - ok
09:55:34.0130 0488 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:55:34.0130 0488 RemoteRegistry - ok
09:55:34.0224 0488 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
09:55:34.0224 0488 RichVideo - ok
09:55:34.0286 0488 [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
09:55:34.0286 0488 RimUsb - ok
09:55:34.0317 0488 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:55:34.0317 0488 RpcEptMapper - ok
09:55:34.0348 0488 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:55:34.0348 0488 RpcLocator - ok
09:55:34.0411 0488 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:55:34.0411 0488 RpcSs - ok
09:55:34.0458 0488 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:55:34.0458 0488 rspndr - ok
09:55:34.0489 0488 [ A5DF2F732A6C95554E548FCB6932BD31 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
09:55:34.0504 0488 RSUSBSTOR - ok
09:55:34.0551 0488 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:55:34.0567 0488 RTL8167 - ok
09:55:34.0567 0488 RtsUIR - ok
09:55:34.0598 0488 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:55:34.0598 0488 SamSs - ok
09:55:34.0645 0488 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:55:34.0645 0488 sbp2port - ok
09:55:34.0692 0488 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:55:34.0692 0488 SCardSvr - ok
09:55:34.0738 0488 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:55:34.0738 0488 scfilter - ok
09:55:34.0816 0488 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:55:34.0848 0488 Schedule - ok
09:55:34.0894 0488 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:55:34.0894 0488 SCPolicySvc - ok
09:55:34.0957 0488 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
09:55:34.0957 0488 sdbus - ok
09:55:34.0988 0488 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:55:34.0988 0488 SDRSVC - ok
09:55:35.0050 0488 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:55:35.0066 0488 secdrv - ok
09:55:35.0113 0488 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:55:35.0113 0488 seclogon - ok
09:55:35.0144 0488 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:55:35.0144 0488 SENS - ok
09:55:35.0175 0488 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:55:35.0175 0488 SensrSvc - ok
09:55:35.0206 0488 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:55:35.0206 0488 Serenum - ok
09:55:35.0222 0488 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:55:35.0222 0488 Serial - ok
09:55:35.0269 0488 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:55:35.0269 0488 sermouse - ok
09:55:35.0316 0488 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:55:35.0331 0488 SessionEnv - ok
09:55:35.0378 0488 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:55:35.0378 0488 sffdisk - ok
09:55:35.0394 0488 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:55:35.0394 0488 sffp_mmc - ok
09:55:35.0409 0488 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:55:35.0409 0488 sffp_sd - ok
09:55:35.0425 0488 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:55:35.0425 0488 sfloppy - ok
09:55:35.0456 0488 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:55:35.0472 0488 SharedAccess - ok
09:55:35.0534 0488 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:55:35.0534 0488 ShellHWDetection - ok
09:55:35.0581 0488 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:55:35.0581 0488 SiSRaid2 - ok
09:55:35.0612 0488 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:55:35.0612 0488 SiSRaid4 - ok
09:55:35.0706 0488 [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:55:35.0706 0488 SkypeUpdate - ok
09:55:35.0737 0488 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:55:35.0737 0488 Smb - ok
09:55:35.0784 0488 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:55:35.0784 0488 SNMPTRAP - ok
09:55:35.0799 0488 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:55:35.0799 0488 spldr - ok
09:55:35.0846 0488 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:55:35.0893 0488 Spooler - ok
09:55:36.0033 0488 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:55:36.0127 0488 sppsvc - ok
09:55:36.0142 0488 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:55:36.0142 0488 sppuinotify - ok
09:55:36.0189 0488 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:55:36.0205 0488 srv - ok
09:55:36.0267 0488 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:55:36.0267 0488 srv2 - ok
09:55:36.0314 0488 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
09:55:36.0314 0488 SrvHsfHDA - ok
09:55:36.0376 0488 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
09:55:36.0408 0488 SrvHsfV92 - ok
09:55:36.0454 0488 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
09:55:36.0486 0488 SrvHsfWinac - ok
09:55:36.0532 0488 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:55:36.0532 0488 srvnet - ok
09:55:36.0564 0488 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:55:36.0579 0488 SSDPSRV - ok
09:55:36.0579 0488 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:55:36.0595 0488 SstpSvc - ok
09:55:36.0642 0488 [ 855335BF5792E56164F98C012E3D92DD ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
09:55:36.0642 0488 ssudmdm - ok
09:55:36.0704 0488 [ 3BD758C56A55930CD6DB89E3DEDCF322 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
09:55:36.0704 0488 STacSV - ok
09:55:36.0735 0488 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:55:36.0735 0488 stexstor - ok
09:55:36.0782 0488 [ A3FB7AD8720D7E02AA0111A6B51C2744 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
09:55:36.0798 0488 STHDA - ok
09:55:36.0860 0488 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
09:55:36.0860 0488 StillCam - ok
09:55:36.0938 0488 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:55:36.0954 0488 stisvc - ok
09:55:37.0016 0488 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:55:37.0016 0488 swenum - ok
09:55:37.0047 0488 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:55:37.0078 0488 swprv - ok
09:55:37.0141 0488 [ 3A706A967295E16511E40842B1A2761D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
09:55:37.0141 0488 SynTP - ok
09:55:37.0234 0488 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:55:37.0297 0488 SysMain - ok
09:55:37.0328 0488 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:55:37.0344 0488 TabletInputService - ok
09:55:37.0390 0488 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:55:37.0406 0488 TapiSrv - ok
09:55:37.0422 0488 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:55:37.0422 0488 TBS - ok
09:55:37.0531 0488 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:55:37.0624 0488 Tcpip - ok
09:55:37.0687 0488 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:55:37.0702 0488 TCPIP6 - ok
09:55:37.0749 0488 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:55:37.0749 0488 tcpipreg - ok
09:55:37.0780 0488 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:55:37.0780 0488 TDPIPE - ok
09:55:37.0843 0488 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:55:37.0843 0488 TDTCP - ok
09:55:37.0890 0488 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:55:37.0890 0488 tdx - ok
09:55:37.0936 0488 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:55:37.0936 0488 TermDD - ok
09:55:37.0983 0488 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:55:37.0999 0488 TermService - ok
09:55:38.0030 0488 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:55:38.0030 0488 Themes - ok
09:55:38.0061 0488 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:55:38.0061 0488 THREADORDER - ok
09:55:38.0077 0488 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:55:38.0092 0488 TrkWks - ok
09:55:38.0155 0488 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:55:38.0155 0488 TrustedInstaller - ok
09:55:38.0217 0488 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:55:38.0217 0488 tssecsrv - ok
09:55:38.0280 0488 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:55:38.0280 0488 TsUsbFlt - ok
09:55:38.0342 0488 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:55:38.0342 0488 tunnel - ok
09:55:38.0373 0488 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:55:38.0373 0488 uagp35 - ok
09:55:38.0420 0488 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:55:38.0436 0488 udfs - ok
09:55:38.0467 0488 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:55:38.0467 0488 UI0Detect - ok
09:55:38.0514 0488 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:55:38.0514 0488 uliagpkx - ok
09:55:38.0576 0488 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:55:38.0576 0488 umbus - ok
09:55:38.0607 0488 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:55:38.0607 0488 UmPass - ok
09:55:38.0638 0488 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:55:38.0638 0488 upnphost - ok
09:55:38.0701 0488 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
09:55:38.0701 0488 USBAAPL64 - ok
09:55:38.0716 0488 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:55:38.0716 0488 usbccgp - ok
09:55:38.0732 0488 USBCCID - ok
09:55:38.0748 0488 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:55:38.0748 0488 usbcir - ok
09:55:38.0888 0488 [ 6AF12011C88C80920D0543616E107CFF ] UsbClientService C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
09:55:38.0888 0488 UsbClientService - ok
09:55:38.0935 0488 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:55:38.0935 0488 usbehci - ok
09:55:38.0982 0488 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:55:38.0982 0488 usbhub - ok
09:55:39.0028 0488 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:55:39.0028 0488 usbohci - ok
09:55:39.0075 0488 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:55:39.0075 0488 usbprint - ok
09:55:39.0122 0488 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:55:39.0122 0488 usbscan - ok
09:55:39.0153 0488 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:55:39.0153 0488 USBSTOR - ok
09:55:39.0200 0488 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:55:39.0200 0488 usbuhci - ok
09:55:39.0231 0488 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
09:55:39.0231 0488 usbvideo - ok
09:55:39.0278 0488 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:55:39.0278 0488 UxSms - ok
09:55:39.0294 0488 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:55:39.0294 0488 VaultSvc - ok
09:55:39.0340 0488 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:55:39.0340 0488 vdrvroot - ok
09:55:39.0403 0488 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:55:39.0418 0488 vds - ok
09:55:39.0450 0488 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:55:39.0450 0488 vga - ok
09:55:39.0465 0488 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:55:39.0465 0488 VgaSave - ok
09:55:39.0512 0488 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:55:39.0528 0488 vhdmp - ok
09:55:39.0543 0488 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:55:39.0543 0488 viaide - ok
09:55:39.0590 0488 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:55:39.0590 0488 volmgr - ok
09:55:39.0637 0488 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:55:39.0652 0488 volmgrx - ok
09:55:39.0668 0488 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:55:39.0668 0488 volsnap - ok
09:55:39.0699 0488 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:55:39.0715 0488 vsmraid - ok
09:55:39.0793 0488 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:55:39.0871 0488 VSS - ok
09:55:39.0886 0488 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:55:39.0886 0488 vwifibus - ok
09:55:39.0918 0488 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:55:39.0918 0488 vwififlt - ok
09:55:39.0949 0488 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:55:39.0949 0488 vwifimp - ok
09:55:39.0996 0488 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:55:39.0996 0488 W32Time - ok
09:55:40.0027 0488 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:55:40.0042 0488 WacomPen - ok
09:55:40.0105 0488 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:55:40.0105 0488 WANARP - ok
09:55:40.0105 0488 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:55:40.0105 0488 Wanarpv6 - ok
09:55:40.0167 0488 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:55:40.0198 0488 WatAdminSvc - ok
09:55:40.0276 0488 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:55:40.0370 0488 wbengine - ok
09:55:40.0401 0488 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:55:40.0417 0488 WbioSrvc - ok
09:55:40.0464 0488 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:55:40.0464 0488 wcncsvc - ok
09:55:40.0479 0488 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:55:40.0495 0488 WcsPlugInService - ok
09:55:40.0510 0488 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:55:40.0510 0488 Wd - ok
09:55:40.0557 0488 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:55:40.0557 0488 Wdf01000 - ok
09:55:40.0573 0488 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:55:40.0588 0488 WdiServiceHost - ok
09:55:40.0588 0488 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:55:40.0588 0488 WdiSystemHost - ok
09:55:40.0635 0488 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:55:40.0635 0488 WebClient - ok
09:55:40.0666 0488 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:55:40.0666 0488 Wecsvc - ok
09:55:40.0682 0488 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:55:40.0682 0488 wercplsupport - ok
09:55:40.0713 0488 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:55:40.0729 0488 WerSvc - ok
09:55:40.0760 0488 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:55:40.0760 0488 WfpLwf - ok
09:55:40.0776 0488 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:55:40.0776 0488 WIMMount - ok
09:55:40.0791 0488 WinDefend - ok
09:55:40.0807 0488 WinHttpAutoProxySvc - ok
09:55:40.0854 0488 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:55:40.0854 0488 Winmgmt - ok
09:55:40.0947 0488 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:55:40.0994 0488 WinRM - ok
09:55:41.0056 0488 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:55:41.0072 0488 WinUsb - ok
09:55:41.0119 0488 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:55:41.0150 0488 Wlansvc - ok
09:55:41.0306 0488 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:55:41.0415 0488 wlidsvc - ok
09:55:41.0478 0488 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:55:41.0478 0488 WmiAcpi - ok
09:55:41.0509 0488 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:55:41.0509 0488 wmiApSrv - ok
09:55:41.0540 0488 WMPNetworkSvc - ok
09:55:41.0571 0488 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:55:41.0571 0488 WPCSvc - ok
09:55:41.0618 0488 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:55:41.0618 0488 WPDBusEnum - ok
09:55:41.0649 0488 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:55:41.0649 0488 ws2ifsl - ok
09:55:41.0665 0488 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:55:41.0680 0488 wscsvc - ok
09:55:41.0712 0488 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
09:55:41.0712 0488 WSDPrintDevice - ok
09:55:41.0727 0488 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
09:55:41.0727 0488 WSDScan - ok
09:55:41.0743 0488 WSearch - ok
09:55:41.0852 0488 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:55:41.0930 0488 wuauserv - ok
09:55:41.0961 0488 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:55:41.0961 0488 WudfPf - ok
09:55:41.0992 0488 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:55:42.0008 0488 WUDFRd - ok
09:55:42.0055 0488 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:55:42.0055 0488 wudfsvc - ok
09:55:42.0086 0488 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:55:42.0102 0488 WwanSvc - ok
09:55:42.0133 0488 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
09:55:42.0148 0488 yukonw7 - ok
09:55:42.0180 0488 ================ Scan global ===============================
09:55:42.0195 0488 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:55:42.0242 0488 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:55:42.0258 0488 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:55:42.0273 0488 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:55:42.0304 0488 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:55:42.0304 0488 [Global] - ok
09:55:42.0304 0488 ================ Scan MBR ==================================
09:55:42.0304 0488 [ 0B1DADF37E478804CB22509CF36F5B47 ] \Device\Harddisk0\DR0
09:55:42.0694 0488 \Device\Harddisk0\DR0 - ok
09:55:42.0710 0488 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
09:55:42.0866 0488 \Device\Harddisk1\DR1 - ok
09:55:42.0866 0488 ================ Scan VBR ==================================
09:55:42.0866 0488 [ FD2654117505B12CC46FB9EF8E0AD8DF ] \Device\Harddisk0\DR0\Partition1
09:55:42.0866 0488 \Device\Harddisk0\DR0\Partition1 - ok
09:55:42.0913 0488 [ DDA5BF71C2EC796530FB0B9EDC853476 ] \Device\Harddisk0\DR0\Partition2
09:55:42.0913 0488 \Device\Harddisk0\DR0\Partition2 - ok
09:55:42.0944 0488 [ 588A609FF0F917ECCFF09576EAC7F03A ] \Device\Harddisk0\DR0\Partition3
09:55:42.0944 0488 \Device\Harddisk0\DR0\Partition3 - ok
09:55:42.0960 0488 [ 630EA57C4DA0677D5C2A3DA023A4BEFE ] \Device\Harddisk1\DR1\Partition1
09:55:42.0960 0488 \Device\Harddisk1\DR1\Partition1 - ok
09:55:42.0960 0488 ============================================================
09:55:42.0960 0488 Scan finished
09:55:42.0960 0488 ============================================================
09:55:43.0038 6036 Detected object count: 0
09:55:43.0038 6036 Actual detected object count: 0
09:57:07.0053 3424 Deinitialize success

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:09 AM

Posted 25 August 2012 - 07:43 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#7 GTTJ

GTTJ
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 25 August 2012 - 11:03 PM

I think I've got it all here.


RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Laptop [Admin rights]
Mode: HOSTSFix -- Date: 08/25/2012 23:45:14

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt




MiniToolBox by Farbar Version: 23-07-2012
Ran by Laptop (administrator) on 25-08-2012 at 23:47:41
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR5009 802.11a/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Laptop-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 76-1A-04-8D-A2-82
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5009 802.11a/g/n WiFi Adapter
Physical Address. . . . . . . . . : 70-1A-04-8D-A2-82
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:4b6e:1562:0:6d6a:d433:424c:359(Preferred)
Temporary IPv6 Address. . . . . . : 2002:4b6e:1562:0:fcc6:5398:4d7e:cd58(Preferred)
Link-local IPv6 Address . . . . . : fe80::6d6a:d433:424c:359%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.145(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, August 25, 2012 8:16:14 PM
Lease Expires . . . . . . . . . . : Sunday, August 26, 2012 8:16:17 PM
Default Gateway . . . . . . . . . : fe80::6a7f:74ff:fed7:333%12
192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 326113796
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-4E-36-B6-00-26-9E-9C-F5-14
DNS Servers . . . . . . . . . . . : 208.180.42.68
208.180.42.100
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-26-9E-9C-F5-14
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{3E818D23-CD45-4A24-96CE-8A5DCCCF73EE}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:3413:22c8:3f57:fe6e(Preferred)
Link-local IPv6 Address . . . . . : fe80::3413:22c8:3f57:fe6e%16(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{2C75F476-036C-4AF4-B3D4-FA33376FC560}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: rdns01.suddenlink.net
Address: 208.180.42.68

Name: google.com
Addresses: 2607:f8b0:4000:801::1006
74.125.227.134
74.125.227.135
74.125.227.136
74.125.227.137
74.125.227.142
74.125.227.128
74.125.227.129
74.125.227.130
74.125.227.131
74.125.227.132
74.125.227.133


Pinging google.com [74.125.227.136] with 32 bytes of data:
Reply from 74.125.227.136: bytes=32 time=51ms TTL=51
Reply from 74.125.227.136: bytes=32 time=82ms TTL=51

Ping statistics for 74.125.227.136:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 51ms, Maximum = 82ms, Average = 66ms
Server: rdns01.suddenlink.net
Address: 208.180.42.68

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=57ms TTL=53
Reply from 98.138.253.109: bytes=32 time=185ms TTL=53

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 57ms, Maximum = 185ms, Average = 121ms
Server: rdns01.suddenlink.net
Address: 208.180.42.68

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...76 1a 04 8d a2 82 ......Microsoft Virtual WiFi Miniport Adapter
12...70 1a 04 8d a2 82 ......Atheros AR5009 802.11a/g/n WiFi Adapter
10...00 26 9e 9c f5 14 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.145 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.145 276
192.168.1.145 255.255.255.255 On-link 192.168.1.145 276
192.168.1.255 255.255.255.255 On-link 192.168.1.145 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.145 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.145 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 4116 ::/0 fe80::6a7f:74ff:fed7:333
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:9d38:953c:3413:22c8:3f57:fe6e/128
On-link
12 28 2002:4b6e:1562::/64 On-link
12 276 2002:4b6e:1562:0:6d6a:d433:424c:359/128
On-link
12 276 2002:4b6e:1562:0:fcc6:5398:4d7e:cd58/128
On-link
12 276 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::3413:22c8:3f57:fe6e/128
On-link
12 276 fe80::6d6a:d433:424c:359/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
12 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/25/2012 11:47:37 PM) (Source: Bonjour Service) (User: )
Description: Bad service type in LAPTOP-PC._digiarty_streamer._tcp.local. Application protocol name must be underscore plus 1-15 characters. See <http://www.dns-sd.org/ServiceTypes.html>

Error: (08/25/2012 11:47:37 PM) (Source: Bonjour Service) (User: )
Description: Bad service type in ._digiarty_streamer._tcp.local. Application protocol name must be underscore plus 1-15 characters. See <http://www.dns-sd.org/ServiceTypes.html>

Error: (08/25/2012 11:47:37 PM) (Source: Bonjour Service) (User: )
Description: Bad service type in LAPTOP-PC._digiarty_streamer._tcp.local. Application protocol name must be underscore plus 1-15 characters. See <http://www.dns-sd.org/ServiceTypes.html>

Error: (08/25/2012 11:47:06 PM) (Source: Bonjour Service) (User: )
Description: Bad service type in LAPTOP-PC._digiarty_streamer._tcp.local. Application protocol name must be underscore plus 1-15 characters. See <http://www.dns-sd.org/ServiceTypes.html>

Error: (08/25/2012 11:47:06 PM) (Source: Bonjour Service) (User: )
Description: Bad service type in ._digiarty_streamer._tcp.local. Application protocol name must be underscore plus 1-15 characters. See <http://www.dns-sd.org/ServiceTypes.html>

Error: (08/25/2012 11:47:06 PM) (Source: Bonjour Service) (User: )
Description: Bad service type in LAPTOP-PC._digiarty_streamer._tcp.local. Application protocol name must be underscore plus 1-15 characters. See <http://www.dns-sd.org/ServiceTypes.html>

Error: (08/25/2012 11:46:35 PM) (Source: Bonjour Service) (User: )
Description: Bad service type in LAPTOP-PC._digiarty_streamer._tcp.local. Application protocol name must be underscore plus 1-15 characters. See <http://www.dns-sd.org/ServiceTypes.html>

Error: (08/25/2012 11:46:35 PM) (Source: Bonjour Service) (User: )
Description: Bad service type in ._digiarty_streamer._tcp.local. Application protocol name must be underscore plus 1-15 characters. See <http://www.dns-sd.org/ServiceTypes.html>

Error: (08/25/2012 11:46:35 PM) (Source: Bonjour Service) (User: )
Description: Bad service type in LAPTOP-PC._digiarty_streamer._tcp.local. Application protocol name must be underscore plus 1-15 characters. See <http://www.dns-sd.org/ServiceTypes.html>

Error: (08/25/2012 11:46:04 PM) (Source: Bonjour Service) (User: )
Description: Bad service type in LAPTOP-PC._digiarty_streamer._tcp.local. Application protocol name must be underscore plus 1-15 characters. See <http://www.dns-sd.org/ServiceTypes.html>


System errors:
=============
Error: (08/25/2012 08:13:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2012 08:13:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2012 08:13:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2012 08:08:43 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2012 08:08:43 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2012 08:08:43 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2012 08:06:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2012 08:06:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2012 08:06:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2012 08:06:55 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (12/16/2011 00:36:36 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 4576 seconds with 240 seconds of active time. This session ended with a crash.

Error: (10/13/2011 03:26:07 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 39960 seconds with 780 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader 9.5.1 MUI (Version: 9.5.1)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Air Playit 1.8.0
Amazon MP3 Downloader 1.0.15 (Version: 1.0.15)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Atheros Driver Installation Program (Version: 9.0)
Bonjour (Version: 3.0.0.10)
Brother MFL-Pro Suite MFC-J430W (Version: 1.0.19.0)
Capture NX 2 (Version: 2.2.7)
Cisco Connect (Version: 1.1.10049.0)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Coupon Printer for Windows (Version: 5.0.0.0)
CyberLink DVD Suite (Version: 6.0.3101)
CyberLink YouCam (Version: 2.0.3115)
D3DX10 (Version: 15.4.2368.0902)
EPSON Printer Software
EPSON Scan
ESET Online Scanner v3
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
Free 3GP Video Converter version 3.2
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.115)
H&R Block Deluxe + Efile + State 2010 (Version: 10.04.6402)
H&R Block Deluxe + Efile + State 2011 (Version: 11.05.6901)
H&R Block North Carolina 2010 (Version: 1.10.3701)
H&R Block North Carolina 2011 (Version: 1.11.4201)
H&R Block Pennsylvania 2010 (Version: 1.10.3001)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
Homepage Protection (Version: )
HP Advisor (Version: 3.2.8946.3086)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP DVD Play 3.7 (Version: 3.7.0.6623)
HP Games (Version: 1.0.0.71)
HP Product Detection (Version: 9.7.3)
HP Quick Launch Buttons (Version: 6.50.15.1)
HP Setup (Version: 1.2.3220.3079)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Support Assistant (Version: 6.1.12.1)
HP Update (Version: 5.001.000.014)
HP User Guides 0148 (Version: 1.01.0005)
HP Wireless Assistant (Version: 3.50.11.2)
IDT Audio (Version: 1.0.6284.0)
Intel® Graphics Media Accelerator Driver
Internet TV for Windows Media Center (Version: 3.2.1.0)
iRip (Version: 1.0.1.24)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 33 (Version: 6.0.330)
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Codec Pack 5.4.4 (Basic) (Version: 5.4.4)
Kies Air Discovery Service
LabelPrint (Version: 2.5.1913)
LeapFrog Connect (Version: 3.2.19.13664)
LeapFrog Tag Junior Plugin (Version: 3.2.19.13664)
Learning Lodge Navigator
LightScribe System Software (Version: 1.18.11.1)
Macrium Reflect Free Edition (Version: 5.0.4620)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Live Search Toolbar (Version: 3.0.560.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 60 day trial
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ Run Time Lib Setup (Version: 1.0.0)
Microsoft Works (Version: 9.7.0621)
MotoHelper 2.0.51 Driver 5.2.0 (Version: 2.0.51)
MotoHelper MergeModules (Version: 1.0.0)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Mobile Drivers Installation 5.2.0 (Version: 5.2.0)
Move Media Player
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
muvee Reveal (Version: 7.0.40.10061)
Nikon Message Center 2 (Version: 2.0.1)
Nuance PaperPort 12 (Version: 12.1.0000)
PaperPort Image Printer 64-bit (Version: 1.00.0001)
Pdf995 (installed by H&R Block)
PdfEdit995 (installed by H&R Block)
Picture Control Utility (Version: 1.2.2)
Power2Go (Version: 6.0.3101)
PowerDirector (Version: 7.0.3101)
PowerRecover (Version: 5.5.1923)
QLBCASL (Version: 6.40.17.2)
Quicken WillMaker Plus 2011
QuickTime (Version: 7.71.80.42)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0005)
Realtek USB 2.0 Card Reader (Version: 6.1.7100.30094)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.6.0)
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.8 (Version: 5.8.158)
SmartWebPrinting (Version: 140.0.186.000)
Sony DVD Architect Studio 2.0 (Version: 2.0.22)
Sony Vegas Movie Studio 4.0 (Version: 4.0.42)
Synaptics Pointing Device Driver (Version: 15.0.17.4)
Synology Assistant (remove only)
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)
Verizon V CAST Media Manager
VTech Download Agent Library (Version: 1.00.0000)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (Version: 11/05/2008 1.1.1.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinX DVD Ripper Platinum 6.9.0
WinX HD Video Converter Deluxe 3.12.2
WinX YouTube Downloader 3.0.0
Yahoo! Detect

========================= Memory info: ===================================

Percentage of memory in use: 46%
Total physical RAM: 3998.93 MB
Available physical RAM: 2143.06 MB
Total Pagefile: 7996.04 MB
Available Pagefile: 6080.69 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.49 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:285.73 GB) (Free:96.57 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:12.16 GB) (Free:2.04 GB) NTFS
4 Drive f: (NIKON D80) (Removable) (Total:7.6 GB) (Free:5.03 GB) FAT32

========================= Users: ========================================

User accounts for \\LAPTOP-PC

Administrator Guest Laptop


**** End of log ****


Farbar Service Scanner Version: 06-08-2012
Ran by Laptop (administrator) on 25-08-2012 at 23:49:49
Running from "C:\Users\Laptop\Desktop\adware help"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


Farbar Service Scanner Version: 06-08-2012
Ran by Laptop (administrator) on 25-08-2012 at 23:49:49
Running from "C:\Users\Laptop\Desktop\adware help"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/25/2012 11:57:21 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* C:\Program Files\Java\jre6\bin\jusched.exe (PID: 2364) [FI]

1 proccess terminated!

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Laptop\Desktop\rkill\rkill-08-25-2012-11-57-28.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* AppMgmt [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/25/2012 11:57:42 PM
Execution time: 0 hours(s), 0 minute(s), and 20 seconds(s)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:09 AM

Posted 25 August 2012 - 11:08 PM

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 GTTJ

GTTJ
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 26 August 2012 - 01:21 PM

Everything looks to be good. Thank you very much!

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:09 AM

Posted 26 August 2012 - 01:22 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users