Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Police Central E-Crime Virus - How to defeat it/Have I done so already?


  • Please log in to reply
9 replies to this topic

#1 FreakAccident

FreakAccident

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 29 August 2012 - 10:03 PM

Dear Bleeping Computer.com

Hello and thank you for taking time to read this post. Today, after authorizing an Adobe update, there was a "Police Central E-Crime" screen that covered my entire desktop, restricting me from performing any actions. They asked me to pay a fine of 100 pounds, and said I violated British internet laws. First off, I am Canadian, and have not even been to any websites that would constitute a crime anywhere in the world. I decided to search my I-POD for what to do next, and eventually I found it it was a virus.

Since I was unable to perform any actions, I restarted my computer in safemode. Then I proceeded to restart again and etner the normal Windows 7. During that time, the e-crime screen was gone, but I noticed my internet was shut off. Upon turning it back on, the virus appeared again, and I was forced to restart in safe mode again. I decided to system restore after this point, in which I was brought back to my computer's state 3 days ago. Once my internet was back up, I no longer had the virus, and it seems like my computer is ok.

I would like to know what steps I should take now. Though the virus seems to be gone, how can I be 100% sure? I run BitDEFENDER internet security, and though people say it is a very strong anti virus, I am quite concerned how this virus got into my laptop. I have already began running a full system scan, but I am yet to pick up any issues.

My laptop is a Lenovo Y580, and I just bought it over a week ago.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:58 PM

Posted 29 August 2012 - 10:07 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 FreakAccident

FreakAccident
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 29 August 2012 - 11:27 PM

FROM TDSS KILLER
23:16:30.0626 7496 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
23:16:32.0627 7496 ============================================================
23:16:32.0627 7496 Current date / time: 2012/08/29 23:16:32.0627
23:16:32.0627 7496 SystemInfo:
23:16:32.0627 7496
23:16:32.0627 7496 OS Version: 6.1.7601 ServicePack: 1.0
23:16:32.0627 7496 Product type: Workstation
23:16:32.0628 7496 ComputerName: NUMBERONE
23:16:32.0628 7496 UserName: Quinlan Lee
23:16:32.0628 7496 Windows directory: C:\Windows
23:16:32.0628 7496 System windows directory: C:\Windows
23:16:32.0628 7496 Running under WOW64
23:16:32.0628 7496 Processor architecture: Intel x64
23:16:32.0628 7496 Number of processors: 8
23:16:32.0628 7496 Page size: 0x1000
23:16:32.0628 7496 Boot type: Normal boot
23:16:32.0628 7496 ============================================================
23:16:33.0087 7496 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:16:33.0090 7496 ============================================================
23:16:33.0090 7496 \Device\Harddisk0\DR0:
23:16:33.0091 7496 MBR partitions:
23:16:33.0091 7496 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
23:16:33.0091 7496 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34921000
23:16:33.0091 7496 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x34985800, BlocksNum 0x32F0000
23:16:33.0091 7496 ============================================================
23:16:33.0107 7496 C: <-> \Device\Harddisk0\DR0\Partition2
23:16:33.0164 7496 D: <-> \Device\Harddisk0\DR0\Partition3
23:16:33.0164 7496 ============================================================
23:16:33.0164 7496 Initialize success
23:16:33.0164 7496 ============================================================
23:16:56.0102 6132 ============================================================
23:16:56.0102 6132 Scan started
23:16:56.0102 6132 Mode: Manual; TDLFS;
23:16:56.0102 6132 ============================================================
23:16:56.0297 6132 ================ Scan system memory ========================
23:16:56.0297 6132 System memory - ok
23:16:56.0297 6132 ================ Scan services =============================
23:16:56.0436 6132 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:16:56.0446 6132 1394ohci - ok
23:16:56.0481 6132 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:16:56.0484 6132 ACPI - ok
23:16:56.0502 6132 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:16:56.0504 6132 AcpiPmi - ok
23:16:56.0534 6132 [ 5E813B11629007309E4FC0F0FD2B7C30 ] ACPIVPC C:\Windows\system32\DRIVERS\AcpiVpc.sys
23:16:56.0538 6132 ACPIVPC - ok
23:16:56.0631 6132 [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
23:16:56.0633 6132 AdobeActiveFileMonitor7.0 - ok
23:16:56.0712 6132 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:16:56.0713 6132 AdobeARMservice - ok
23:16:56.0839 6132 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:16:56.0842 6132 AdobeFlashPlayerUpdateSvc - ok
23:16:56.0885 6132 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:16:56.0900 6132 adp94xx - ok
23:16:56.0916 6132 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:16:56.0922 6132 adpahci - ok
23:16:56.0926 6132 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:16:56.0933 6132 adpu320 - ok
23:16:56.0955 6132 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:16:56.0956 6132 AeLookupSvc - ok
23:16:57.0004 6132 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:16:57.0010 6132 AFD - ok
23:16:57.0043 6132 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:16:57.0048 6132 agp440 - ok
23:16:57.0077 6132 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:16:57.0082 6132 ALG - ok
23:16:57.0095 6132 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:16:57.0098 6132 aliide - ok
23:16:57.0102 6132 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:16:57.0105 6132 amdide - ok
23:16:57.0108 6132 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:16:57.0112 6132 AmdK8 - ok
23:16:57.0115 6132 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
23:16:57.0119 6132 AmdPPM - ok
23:16:57.0122 6132 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:16:57.0127 6132 amdsata - ok
23:16:57.0160 6132 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
23:16:57.0167 6132 amdsbs - ok
23:16:57.0180 6132 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:16:57.0181 6132 amdxata - ok
23:16:57.0207 6132 [ 449D90F1FB6402773C2F1ECCEAE15F74 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
23:16:57.0212 6132 AMPPAL - ok
23:16:57.0247 6132 [ 449D90F1FB6402773C2F1ECCEAE15F74 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
23:16:57.0248 6132 AMPPALP - ok
23:16:57.0360 6132 [ AB6E5B9333101E414D8F04BC570064F1 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
23:16:57.0368 6132 AMPPALR3 - ok
23:16:57.0419 6132 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:16:57.0424 6132 AppID - ok
23:16:57.0438 6132 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:16:57.0441 6132 AppIDSvc - ok
23:16:57.0465 6132 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
23:16:57.0466 6132 Appinfo - ok
23:16:57.0538 6132 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:16:57.0539 6132 Apple Mobile Device - ok
23:16:57.0562 6132 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
23:16:57.0567 6132 arc - ok
23:16:57.0580 6132 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:16:57.0595 6132 arcsas - ok
23:16:57.0687 6132 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:16:57.0693 6132 aspnet_state - ok
23:16:57.0714 6132 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:16:57.0716 6132 AsyncMac - ok
23:16:57.0755 6132 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:16:57.0756 6132 atapi - ok
23:16:57.0800 6132 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:16:57.0807 6132 AudioEndpointBuilder - ok
23:16:57.0814 6132 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:16:57.0817 6132 AudioSrv - ok
23:16:57.0855 6132 [ F57DE310BF3BD9DF0F7D301C1D7F5432 ] avc3 C:\Windows\system32\DRIVERS\avc3.sys
23:16:57.0858 6132 avc3 - ok
23:16:57.0867 6132 [ 4C6BCC638798ABE1F70AFCA70D889C3F ] avchv C:\Windows\system32\DRIVERS\avchv.sys
23:16:57.0871 6132 avchv - ok
23:16:57.0887 6132 [ 6DC4CCA415BBF2FC629BEB532AA0E6CD ] avckf C:\Windows\system32\DRIVERS\avckf.sys
23:16:57.0890 6132 avckf - ok
23:16:57.0926 6132 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:16:57.0931 6132 AxInstSV - ok
23:16:57.0976 6132 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
23:16:57.0991 6132 b06bdrv - ok
23:16:58.0039 6132 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:16:58.0048 6132 b57nd60a - ok
23:16:58.0075 6132 [ BC9E4469FE2CE605902D4C8BB09E8236 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
23:16:58.0079 6132 bcbtums - ok
23:16:58.0107 6132 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:16:58.0113 6132 BDESVC - ok
23:16:58.0196 6132 [ 9920B815BC3B3F2D69071842DD18D422 ] BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
23:16:58.0197 6132 BdfNdisf - ok
23:16:58.0210 6132 [ EA195950FA5DD4A8F7BC00822213A363 ] bdfsfltr C:\Windows\system32\DRIVERS\bdfsfltr.sys
23:16:58.0212 6132 bdfsfltr - ok
23:16:58.0220 6132 [ 4CE4B0098FC315C237FA8867F07886C4 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
23:16:58.0220 6132 bdfwfpf - ok
23:16:58.0232 6132 [ 31571D77C6186AD228F52EE4EBDF8EE9 ] bdsandbox C:\Windows\system32\drivers\bdsandbox.sys
23:16:58.0232 6132 bdsandbox - ok
23:16:58.0235 6132 [ B89DEFF4817B4CC6FC2BCD8F83B4E75D ] BDVEDISK C:\Windows\system32\DRIVERS\bdvedisk.sys
23:16:58.0238 6132 BDVEDISK - ok
23:16:58.0273 6132 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:16:58.0275 6132 Beep - ok
23:16:58.0325 6132 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:16:58.0331 6132 BFE - ok
23:16:58.0358 6132 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
23:16:58.0366 6132 BITS - ok
23:16:58.0399 6132 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:16:58.0402 6132 blbdrive - ok
23:16:58.0448 6132 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:16:58.0450 6132 Bonjour Service - ok
23:16:58.0486 6132 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:16:58.0487 6132 bowser - ok
23:16:58.0521 6132 [ AAA4F992F879977A000FE8B8C730CD2C ] BPntDrv C:\Windows\system32\drivers\BPntDrv.sys
23:16:58.0523 6132 BPntDrv - ok
23:16:58.0548 6132 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
23:16:58.0551 6132 BrFiltLo - ok
23:16:58.0553 6132 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
23:16:58.0555 6132 BrFiltUp - ok
23:16:58.0573 6132 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:16:58.0575 6132 Browser - ok
23:16:58.0580 6132 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:16:58.0586 6132 Brserid - ok
23:16:58.0588 6132 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:16:58.0592 6132 BrSerWdm - ok
23:16:58.0595 6132 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:16:58.0597 6132 BrUsbMdm - ok
23:16:58.0616 6132 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:16:58.0618 6132 BrUsbSer - ok
23:16:58.0645 6132 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
23:16:58.0648 6132 BthEnum - ok
23:16:58.0651 6132 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:16:58.0654 6132 BTHMODEM - ok
23:16:58.0669 6132 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:16:58.0670 6132 BthPan - ok
23:16:58.0678 6132 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
23:16:58.0693 6132 BTHPORT - ok
23:16:58.0745 6132 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:16:58.0746 6132 bthserv - ok
23:16:58.0766 6132 [ 588762F716C2B7A2054AFBC3D58E5C21 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
23:16:58.0768 6132 BTHSSecurityMgr - ok
23:16:58.0771 6132 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
23:16:58.0775 6132 BTHUSB - ok
23:16:58.0782 6132 [ 93F0E54C65EF7FCB56287FA685E4C4B7 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
23:16:58.0787 6132 btwampfl - ok
23:16:58.0791 6132 [ D1F3C58892C621935947C0261BAEF3C0 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
23:16:58.0795 6132 btwaudio - ok
23:16:58.0798 6132 [ 9C7A3858D87F3A2574C1D326CA6C1461 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
23:16:58.0802 6132 btwavdt - ok
23:16:58.0870 6132 [ CE6AD9E2874D19069569F03C819B558C ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
23:16:58.0877 6132 btwdins - ok
23:16:58.0880 6132 [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
23:16:58.0883 6132 btwl2cap - ok
23:16:58.0899 6132 [ BB892C59D453E127797F8C5B203678DC ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
23:16:58.0901 6132 btwrchid - ok
23:16:58.0917 6132 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:16:58.0921 6132 cdfs - ok
23:16:58.0951 6132 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:16:58.0956 6132 cdrom - ok
23:16:58.0985 6132 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:16:58.0986 6132 CertPropSvc - ok
23:16:58.0988 6132 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
23:16:58.0991 6132 circlass - ok
23:16:59.0022 6132 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:16:59.0025 6132 CLFS - ok
23:16:59.0107 6132 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:16:59.0133 6132 clr_optimization_v2.0.50727_32 - ok
23:16:59.0163 6132 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:16:59.0168 6132 clr_optimization_v2.0.50727_64 - ok
23:16:59.0206 6132 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:16:59.0207 6132 clr_optimization_v4.0.30319_32 - ok
23:16:59.0228 6132 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:16:59.0230 6132 clr_optimization_v4.0.30319_64 - ok
23:16:59.0252 6132 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
23:16:59.0255 6132 clwvd - ok
23:16:59.0266 6132 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:16:59.0268 6132 CmBatt - ok
23:16:59.0281 6132 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:16:59.0285 6132 cmdide - ok
23:16:59.0330 6132 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
23:16:59.0334 6132 CNG - ok
23:16:59.0353 6132 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
23:16:59.0354 6132 Compbatt - ok
23:16:59.0359 6132 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:16:59.0362 6132 CompositeBus - ok
23:16:59.0364 6132 COMSysApp - ok
23:16:59.0448 6132 [ C30FBFDB0A1B298C3D9A5EE1BBDFCB14 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
23:16:59.0491 6132 cphs - ok
23:16:59.0516 6132 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:16:59.0520 6132 crcdisk - ok
23:16:59.0570 6132 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:16:59.0573 6132 CryptSvc - ok
23:16:59.0617 6132 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:16:59.0623 6132 DcomLaunch - ok
23:16:59.0682 6132 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:16:59.0689 6132 defragsvc - ok
23:16:59.0692 6132 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:16:59.0697 6132 DfsC - ok
23:16:59.0706 6132 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:16:59.0709 6132 Dhcp - ok
23:16:59.0712 6132 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:16:59.0713 6132 discache - ok
23:16:59.0743 6132 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
23:16:59.0745 6132 Disk - ok
23:16:59.0761 6132 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:16:59.0763 6132 Dnscache - ok
23:16:59.0773 6132 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:16:59.0780 6132 dot3svc - ok
23:16:59.0791 6132 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:16:59.0793 6132 DPS - ok
23:16:59.0821 6132 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:16:59.0823 6132 drmkaud - ok
23:16:59.0845 6132 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:16:59.0851 6132 DXGKrnl - ok
23:16:59.0884 6132 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:16:59.0886 6132 EapHost - ok
23:16:59.0953 6132 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
23:17:00.0007 6132 ebdrv - ok
23:17:00.0048 6132 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:17:00.0050 6132 EFS - ok
23:17:00.0107 6132 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:17:00.0122 6132 ehRecvr - ok
23:17:00.0125 6132 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:17:00.0130 6132 ehSched - ok
23:17:00.0164 6132 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:17:00.0179 6132 elxstor - ok
23:17:00.0183 6132 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:17:00.0186 6132 ErrDev - ok
23:17:00.0206 6132 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:17:00.0209 6132 EventSystem - ok
23:17:00.0269 6132 [ 64D25284A4E9D11CA0722AF3F30FD970 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
23:17:00.0275 6132 EvtEng - ok
23:17:00.0310 6132 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:17:00.0315 6132 exfat - ok
23:17:00.0319 6132 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:17:00.0330 6132 fastfat - ok
23:17:00.0369 6132 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:17:00.0375 6132 Fax - ok
23:17:00.0398 6132 [ 0BDD7984DB7AAFF6DFEFD11D82D473DB ] fbfmon C:\Windows\system32\drivers\fbfmon.sys
23:17:00.0399 6132 fbfmon - ok
23:17:00.0411 6132 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
23:17:00.0414 6132 fdc - ok
23:17:00.0440 6132 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:17:00.0441 6132 fdPHost - ok
23:17:00.0453 6132 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:17:00.0454 6132 FDResPub - ok
23:17:00.0486 6132 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:17:00.0487 6132 FileInfo - ok
23:17:00.0489 6132 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:17:00.0492 6132 Filetrace - ok
23:17:00.0592 6132 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:17:00.0629 6132 FLEXnet Licensing Service - ok
23:17:00.0653 6132 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
23:17:00.0655 6132 flpydisk - ok
23:17:00.0660 6132 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:17:00.0663 6132 FltMgr - ok
23:17:00.0698 6132 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
23:17:00.0723 6132 FontCache - ok
23:17:00.0767 6132 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:17:00.0776 6132 FontCache3.0.0.0 - ok
23:17:00.0779 6132 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:17:00.0783 6132 FsDepends - ok
23:17:00.0830 6132 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:17:00.0835 6132 fssfltr - ok
23:17:00.0911 6132 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
23:17:00.0955 6132 fsssvc - ok
23:17:00.0984 6132 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:17:00.0984 6132 Fs_Rec - ok
23:17:01.0007 6132 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:17:01.0010 6132 fvevol - ok
23:17:01.0054 6132 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:17:01.0060 6132 gagp30kx - ok
23:17:01.0085 6132 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:17:01.0087 6132 GEARAspiWDM - ok
23:17:01.0117 6132 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:17:01.0124 6132 gpsvc - ok
23:17:01.0181 6132 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:17:01.0183 6132 gupdate - ok
23:17:01.0187 6132 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:17:01.0188 6132 gupdatem - ok
23:17:01.0258 6132 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:17:01.0281 6132 gusvc - ok
23:17:01.0328 6132 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:17:01.0332 6132 hcw85cir - ok
23:17:01.0360 6132 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:17:01.0368 6132 HdAudAddService - ok
23:17:01.0395 6132 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:17:01.0397 6132 HDAudBus - ok
23:17:01.0412 6132 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
23:17:01.0414 6132 HidBatt - ok
23:17:01.0418 6132 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:17:01.0423 6132 HidBth - ok
23:17:01.0437 6132 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
23:17:01.0440 6132 HidIr - ok
23:17:01.0468 6132 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:17:01.0469 6132 hidserv - ok
23:17:01.0505 6132 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:17:01.0505 6132 HidUsb - ok
23:17:01.0519 6132 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:17:01.0521 6132 hkmsvc - ok
23:17:01.0525 6132 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:17:01.0528 6132 HomeGroupListener - ok
23:17:01.0555 6132 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:17:01.0558 6132 HomeGroupProvider - ok
23:17:01.0575 6132 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:17:01.0579 6132 HpSAMD - ok
23:17:01.0582 6132 [ 436819F9B8B0032791400BD5B4934FAB ] hswpan C:\Windows\system32\DRIVERS\hswpan.sys
23:17:01.0584 6132 hswpan - ok
23:17:01.0592 6132 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:17:01.0598 6132 HTTP - ok
23:17:01.0600 6132 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:17:01.0601 6132 hwpolicy - ok
23:17:01.0604 6132 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:17:01.0608 6132 i8042prt - ok
23:17:01.0644 6132 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:17:01.0646 6132 iaStor - ok
23:17:01.0750 6132 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
23:17:01.0751 6132 IAStorDataMgrSvc - ok
23:17:01.0784 6132 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:17:01.0795 6132 iaStorV - ok
23:17:01.0861 6132 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:17:01.0878 6132 idsvc - ok
23:17:02.0140 6132 [ 937CB7CC3E71A93771B72C8C52B9EA81 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
23:17:02.0426 6132 igfx - ok
23:17:02.0463 6132 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:17:02.0467 6132 iirsp - ok
23:17:02.0493 6132 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:17:02.0500 6132 IKEEXT - ok
23:17:02.0528 6132 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
23:17:02.0532 6132 intaud_WaveExtensible - ok
23:17:02.0625 6132 [ D830262519DDCDFC8BE34EB7047C22DC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:17:02.0645 6132 IntcAzAudAddService - ok
23:17:02.0676 6132 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
23:17:02.0683 6132 IntcDAud - ok
23:17:02.0741 6132 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
23:17:02.0746 6132 Intel® Capability Licensing Service Interface - ok
23:17:02.0752 6132 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:17:02.0770 6132 intelide - ok
23:17:02.0796 6132 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:17:02.0797 6132 intelppm - ok
23:17:02.0828 6132 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:17:02.0834 6132 IPBusEnum - ok
23:17:02.0848 6132 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:17:02.0853 6132 IpFilterDriver - ok
23:17:02.0860 6132 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:17:02.0865 6132 iphlpsvc - ok
23:17:02.0868 6132 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:17:02.0871 6132 IPMIDRV - ok
23:17:02.0874 6132 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:17:02.0879 6132 IPNAT - ok
23:17:02.0957 6132 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:17:02.0964 6132 iPod Service - ok
23:17:02.0968 6132 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:17:02.0971 6132 IRENUM - ok
23:17:03.0015 6132 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:17:03.0019 6132 isapnp - ok
23:17:03.0039 6132 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:17:03.0047 6132 iScsiPrt - ok
23:17:03.0081 6132 [ D596D915CF091DA1F8CE4BD38BB5D509 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
23:17:03.0082 6132 iusb3hcs - ok
23:17:03.0101 6132 [ 023896E23B61543A15A230EED996D911 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
23:17:03.0105 6132 iusb3hub - ok
23:17:03.0148 6132 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
23:17:03.0154 6132 iusb3xhc - ok
23:17:03.0172 6132 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
23:17:03.0175 6132 iwdbus - ok
23:17:03.0220 6132 [ 09CA717536671E0896E07D239EE6740F ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
23:17:03.0221 6132 jhi_service - ok
23:17:03.0237 6132 [ DD931496F49CDDF4F0B440455423E162 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
23:17:03.0240 6132 JMCR - ok
23:17:03.0243 6132 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:17:03.0246 6132 kbdclass - ok
23:17:03.0248 6132 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:17:03.0251 6132 kbdhid - ok
23:17:03.0264 6132 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:17:03.0266 6132 KeyIso - ok
23:17:03.0292 6132 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:17:03.0292 6132 KSecDD - ok
23:17:03.0302 6132 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:17:03.0303 6132 KSecPkg - ok
23:17:03.0315 6132 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:17:03.0318 6132 ksthunk - ok
23:17:03.0351 6132 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:17:03.0359 6132 KtmRm - ok
23:17:03.0362 6132 [ FC741259B7C22379EE83257D7CF91151 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
23:17:03.0365 6132 L1C - ok
23:17:03.0408 6132 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:17:03.0412 6132 LanmanServer - ok
23:17:03.0456 6132 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:17:03.0458 6132 LanmanWorkstation - ok
23:17:03.0488 6132 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\Windows\system32\DRIVERS\LhdX64.sys
23:17:03.0488 6132 LHDmgr - ok
23:17:03.0505 6132 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:17:03.0506 6132 lltdio - ok
23:17:03.0530 6132 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:17:03.0538 6132 lltdsvc - ok
23:17:03.0551 6132 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:17:03.0552 6132 lmhosts - ok
23:17:03.0575 6132 [ A60D56228FF3EE7EC1A56A908924680E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:17:03.0577 6132 LMS - ok
23:17:03.0598 6132 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:17:03.0603 6132 LSI_FC - ok
23:17:03.0606 6132 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:17:03.0611 6132 LSI_SAS - ok
23:17:03.0614 6132 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
23:17:03.0618 6132 LSI_SAS2 - ok
23:17:03.0621 6132 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:17:03.0626 6132 LSI_SCSI - ok
23:17:03.0629 6132 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:17:03.0630 6132 luafv - ok
23:17:03.0698 6132 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
23:17:03.0728 6132 McComponentHostService - ok
23:17:03.0762 6132 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:17:03.0767 6132 Mcx2Svc - ok
23:17:03.0776 6132 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
23:17:03.0780 6132 megasas - ok
23:17:03.0800 6132 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
23:17:03.0807 6132 MegaSR - ok
23:17:03.0821 6132 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:17:03.0823 6132 MEIx64 - ok
23:17:03.0846 6132 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:17:03.0847 6132 MMCSS - ok
23:17:03.0849 6132 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:17:03.0852 6132 Modem - ok
23:17:03.0867 6132 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:17:03.0868 6132 monitor - ok
23:17:03.0890 6132 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:17:03.0893 6132 mouclass - ok
23:17:03.0919 6132 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:17:03.0920 6132 mouhid - ok
23:17:03.0936 6132 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:17:03.0937 6132 mountmgr - ok
23:17:03.0983 6132 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:17:03.0995 6132 MozillaMaintenance - ok
23:17:04.0022 6132 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:17:04.0028 6132 mpio - ok
23:17:04.0031 6132 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:17:04.0032 6132 mpsdrv - ok
23:17:04.0051 6132 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:17:04.0059 6132 MpsSvc - ok
23:17:04.0062 6132 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:17:04.0066 6132 MRxDAV - ok
23:17:04.0070 6132 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:17:04.0071 6132 mrxsmb - ok
23:17:04.0076 6132 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:17:04.0080 6132 mrxsmb10 - ok
23:17:04.0100 6132 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:17:04.0101 6132 mrxsmb20 - ok
23:17:04.0104 6132 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
23:17:04.0104 6132 msahci - ok
23:17:04.0108 6132 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:17:04.0113 6132 msdsm - ok
23:17:04.0123 6132 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:17:04.0128 6132 MSDTC - ok
23:17:04.0146 6132 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:17:04.0149 6132 Msfs - ok
23:17:04.0162 6132 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:17:04.0164 6132 mshidkmdf - ok
23:17:04.0166 6132 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:17:04.0167 6132 msisadrv - ok
23:17:04.0184 6132 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:17:04.0189 6132 MSiSCSI - ok
23:17:04.0191 6132 msiserver - ok
23:17:04.0197 6132 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:17:04.0199 6132 MSKSSRV - ok
23:17:04.0201 6132 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:17:04.0204 6132 MSPCLOCK - ok
23:17:04.0211 6132 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:17:04.0213 6132 MSPQM - ok
23:17:04.0219 6132 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:17:04.0222 6132 MsRPC - ok
23:17:04.0226 6132 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:17:04.0226 6132 mssmbios - ok
23:17:04.0229 6132 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:17:04.0231 6132 MSTEE - ok
23:17:04.0233 6132 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
23:17:04.0235 6132 MTConfig - ok
23:17:04.0238 6132 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:17:04.0239 6132 Mup - ok
23:17:04.0274 6132 [ E3B58E3011B207C5289D11173B30E298 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
23:17:04.0282 6132 MyWiFiDHCPDNS - ok
23:17:04.0316 6132 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:17:04.0320 6132 napagent - ok
23:17:04.0333 6132 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:17:04.0335 6132 NativeWifiP - ok
23:17:04.0376 6132 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:17:04.0385 6132 NDIS - ok
23:17:04.0421 6132 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:17:04.0424 6132 NdisCap - ok
23:17:04.0427 6132 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:17:04.0429 6132 NdisTapi - ok
23:17:04.0432 6132 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:17:04.0433 6132 Ndisuio - ok
23:17:04.0436 6132 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:17:04.0441 6132 NdisWan - ok
23:17:04.0457 6132 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:17:04.0460 6132 NDProxy - ok
23:17:04.0462 6132 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:17:04.0465 6132 NetBIOS - ok
23:17:04.0485 6132 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:17:04.0488 6132 NetBT - ok
23:17:04.0497 6132 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:17:04.0499 6132 Netlogon - ok
23:17:04.0543 6132 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:17:04.0548 6132 Netman - ok
23:17:04.0605 6132 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:17:04.0613 6132 NetMsmqActivator - ok
23:17:04.0622 6132 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:17:04.0624 6132 NetPipeActivator - ok
23:17:04.0630 6132 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:17:04.0634 6132 netprofm - ok
23:17:04.0636 6132 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:17:04.0637 6132 NetTcpActivator - ok
23:17:04.0640 6132 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:17:04.0641 6132 NetTcpPortSharing - ok
23:17:04.0796 6132 [ B51E9AD4F4E4F8DBE0AB882756BC5DAB ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
23:17:04.0991 6132 NETwNs64 - ok
23:17:05.0014 6132 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:17:05.0018 6132 nfrd960 - ok
23:17:05.0090 6132 [ D8EC8F32FCA97215C68F7BDC872207C5 ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
23:17:05.0093 6132 NitroDriverReadSpool2 - ok
23:17:05.0123 6132 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:17:05.0127 6132 NlaSvc - ok
23:17:05.0228 6132 [ 35DE38E9AD9A05A4B9D48AD19BB5A746 ] nlsX86cc C:\Windows\SysWOW64\NLSSRV32.EXE
23:17:05.0230 6132 nlsX86cc - ok
23:17:05.0248 6132 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:17:05.0252 6132 Npfs - ok
23:17:05.0269 6132 [ 686398C3A52EE6588948EAC0C01B126C ] NSD C:\Windows\system32\drivers\nsd.sys
23:17:05.0270 6132 NSD - ok
23:17:05.0279 6132 [ 2152DC8E58391562C9F07998C6FCCF8C ] Nsdfltr C:\Windows\system32\drivers\Nsdfltr.sys
23:17:05.0282 6132 Nsdfltr - ok
23:17:05.0298 6132 [ 486EC2BDC09FBAC5814032D38215010A ] NSDSvc C:\Windows\System32\NSDSvc.exe
23:17:05.0300 6132 NSDSvc - ok
23:17:05.0319 6132 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:17:05.0320 6132 nsi - ok
23:17:05.0322 6132 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:17:05.0323 6132 nsiproxy - ok
23:17:05.0351 6132 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:17:05.0378 6132 Ntfs - ok
23:17:05.0387 6132 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:17:05.0389 6132 Null - ok
23:17:05.0619 6132 [ A68C95F8E17A4CFCB99F2139D73F552B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:17:05.0672 6132 nvlddmkm - ok
23:17:05.0689 6132 [ 7B4BD86B22DFE63FC08E5F4E24B54438 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
23:17:05.0690 6132 nvpciflt - ok
23:17:05.0720 6132 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:17:05.0727 6132 nvraid - ok
23:17:05.0741 6132 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:17:05.0747 6132 nvstor - ok
23:17:05.0768 6132 [ BD1CEC4D0CACABCFD93A07B2CC46C9EB ] nvsvc C:\Windows\system32\nvvsvc.exe
23:17:05.0779 6132 nvsvc - ok
23:17:05.0868 6132 [ 82205275BDB35B0AC8750FA8D0A21A5B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:17:05.0892 6132 nvUpdatusService - ok
23:17:05.0917 6132 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:17:05.0923 6132 nv_agp - ok
23:17:05.0945 6132 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:17:05.0950 6132 ohci1394 - ok
23:17:06.0029 6132 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:17:06.0049 6132 ose - ok
23:17:06.0165 6132 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:17:06.0295 6132 osppsvc - ok
23:17:06.0328 6132 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:17:06.0332 6132 p2pimsvc - ok
23:17:06.0346 6132 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:17:06.0350 6132 p2psvc - ok
23:17:06.0365 6132 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
23:17:06.0370 6132 Parport - ok
23:17:06.0386 6132 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:17:06.0387 6132 partmgr - ok
23:17:06.0441 6132 [ 9665402B7FA59302D520AD845DDFC026 ] Partner Service C:\ProgramData\Partner\Partner.exe
23:17:06.0477 6132 Partner Service - ok
23:17:06.0490 6132 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:17:06.0492 6132 PcaSvc - ok
23:17:06.0502 6132 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:17:06.0503 6132 pci - ok
23:17:06.0537 6132 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
23:17:06.0540 6132 pciide - ok
23:17:06.0546 6132 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:17:06.0577 6132 pcmcia - ok
23:17:06.0580 6132 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:17:06.0581 6132 pcw - ok
23:17:06.0602 6132 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:17:06.0615 6132 PEAUTH - ok
23:17:06.0662 6132 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:17:06.0668 6132 PerfHost - ok
23:17:06.0696 6132 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:17:06.0725 6132 pla - ok
23:17:06.0774 6132 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:17:06.0780 6132 PlugPlay - ok
23:17:06.0789 6132 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:17:06.0793 6132 PNRPAutoReg - ok
23:17:06.0809 6132 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:17:06.0811 6132 PNRPsvc - ok
23:17:06.0836 6132 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:17:06.0841 6132 PolicyAgent - ok
23:17:06.0845 6132 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:17:06.0848 6132 Power - ok
23:17:06.0861 6132 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:17:06.0865 6132 PptpMiniport - ok
23:17:06.0878 6132 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
23:17:06.0882 6132 Processor - ok
23:17:06.0899 6132 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
23:17:06.0902 6132 ProfSvc - ok
23:17:06.0915 6132 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:17:06.0916 6132 ProtectedStorage - ok
23:17:06.0925 6132 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:17:06.0926 6132 Psched - ok
23:17:06.0939 6132 [ A6BF0A9B5A30D743623CA0D3BE35DF05 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
23:17:06.0940 6132 PxHlpa64 - ok
23:17:06.0993 6132 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:17:07.0021 6132 ql2300 - ok
23:17:07.0025 6132 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:17:07.0030 6132 ql40xx - ok
23:17:07.0046 6132 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:17:07.0053 6132 QWAVE - ok
23:17:07.0055 6132 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:17:07.0058 6132 QWAVEdrv - ok
23:17:07.0061 6132 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:17:07.0063 6132 RasAcd - ok
23:17:07.0097 6132 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:17:07.0101 6132 RasAgileVpn - ok
23:17:07.0111 6132 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:17:07.0117 6132 RasAuto - ok
23:17:07.0120 6132 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:17:07.0125 6132 Rasl2tp - ok
23:17:07.0155 6132 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:17:07.0163 6132 RasMan - ok
23:17:07.0166 6132 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:17:07.0170 6132 RasPppoe - ok
23:17:07.0185 6132 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:17:07.0188 6132 RasSstp - ok
23:17:07.0193 6132 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:17:07.0200 6132 rdbss - ok
23:17:07.0218 6132 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
23:17:07.0220 6132 rdpbus - ok
23:17:07.0233 6132 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:17:07.0234 6132 RDPCDD - ok
23:17:07.0240 6132 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:17:07.0241 6132 RDPENCDD - ok
23:17:07.0250 6132 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:17:07.0250 6132 RDPREFMP - ok
23:17:07.0279 6132 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:17:07.0285 6132 RDPWD - ok
23:17:07.0303 6132 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:17:07.0305 6132 rdyboost - ok
23:17:07.0360 6132 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
23:17:07.0362 6132 RegSrvc - ok
23:17:07.0385 6132 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:17:07.0390 6132 RemoteAccess - ok
23:17:07.0410 6132 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:17:07.0416 6132 RemoteRegistry - ok
23:17:07.0448 6132 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:17:07.0453 6132 RFCOMM - ok
23:17:07.0457 6132 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:17:07.0458 6132 RpcEptMapper - ok
23:17:07.0486 6132 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:17:07.0489 6132 RpcLocator - ok
23:17:07.0508 6132 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
23:17:07.0511 6132 RpcSs - ok
23:17:07.0514 6132 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:17:07.0515 6132 rspndr - ok
23:17:07.0664 6132 [ C736749AC756503C0F94D94F5BC39B0E ] rtsuvc C:\Windows\system32\DRIVERS\rtsuvc.sys
23:17:07.0695 6132 rtsuvc - ok
23:17:07.0715 6132 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:17:07.0716 6132 SamSs - ok
23:17:07.0727 6132 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:17:07.0733 6132 sbp2port - ok
23:17:07.0748 6132 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:17:07.0754 6132 SCardSvr - ok
23:17:07.0757 6132 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:17:07.0759 6132 scfilter - ok
23:17:07.0782 6132 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:17:07.0792 6132 Schedule - ok
23:17:07.0810 6132 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:17:07.0811 6132 SCPolicySvc - ok
23:17:07.0829 6132 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
23:17:07.0834 6132 sdbus - ok
23:17:07.0838 6132 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:17:07.0844 6132 SDRSVC - ok
23:17:07.0865 6132 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:17:07.0865 6132 secdrv - ok
23:17:07.0884 6132 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:17:07.0888 6132 seclogon - ok
23:17:07.0917 6132 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:17:07.0919 6132 SENS - ok
23:17:07.0948 6132 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:17:07.0952 6132 SensrSvc - ok
23:17:07.0971 6132 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
23:17:07.0973 6132 Serenum - ok
23:17:07.0983 6132 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
23:17:07.0987 6132 Serial - ok
23:17:07.0997 6132 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:17:08.0000 6132 sermouse - ok
23:17:08.0038 6132 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:17:08.0040 6132 SessionEnv - ok
23:17:08.0043 6132 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:17:08.0045 6132 sffdisk - ok
23:17:08.0062 6132 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:17:08.0064 6132 sffp_mmc - ok
23:17:08.0080 6132 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:17:08.0083 6132 sffp_sd - ok
23:17:08.0086 6132 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:17:08.0088 6132 sfloppy - ok
23:17:08.0114 6132 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:17:08.0122 6132 SharedAccess - ok
23:17:08.0131 6132 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:17:08.0135 6132 ShellHWDetection - ok
23:17:08.0138 6132 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
23:17:08.0141 6132 SiSRaid2 - ok
23:17:08.0153 6132 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:17:08.0158 6132 SiSRaid4 - ok
23:17:08.0237 6132 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
23:17:08.0267 6132 Skype C2C Service - ok
23:17:08.0330 6132 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:17:08.0331 6132 SkypeUpdate - ok
23:17:08.0349 6132 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:17:08.0353 6132 Smb - ok
23:17:08.0377 6132 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:17:08.0378 6132 SNMPTRAP - ok
23:17:08.0413 6132 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:17:08.0414 6132 spldr - ok
23:17:08.0427 6132 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
23:17:08.0430 6132 Spooler - ok
23:17:08.0497 6132 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:17:08.0511 6132 sppsvc - ok
23:17:08.0545 6132 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:17:08.0551 6132 sppuinotify - ok
23:17:08.0564 6132 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:17:08.0568 6132 srv - ok
23:17:08.0575 6132 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:17:08.0579 6132 srv2 - ok
23:17:08.0593 6132 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:17:08.0595 6132 srvnet - ok
23:17:08.0619 6132 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:17:08.0622 6132 SSDPSRV - ok
23:17:08.0625 6132 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:17:08.0626 6132 SstpSvc - ok
23:17:08.0639 6132 Steam Client Service - ok
23:17:08.0646 6132 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
23:17:08.0650 6132 stexstor - ok
23:17:08.0697 6132 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:17:08.0703 6132 stisvc - ok
23:17:08.0707 6132 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:17:08.0709 6132 swenum - ok
23:17:08.0721 6132 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:17:08.0731 6132 swprv - ok
23:17:08.0777 6132 [ E6A9BD45EF10EFA2EB2D380A32FBA7B6 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:17:08.0782 6132 SynTP - ok
23:17:08.0818 6132 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:17:08.0850 6132 SysMain - ok
23:17:08.0856 6132 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:17:08.0861 6132 TabletInputService - ok
23:17:08.0866 6132 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:17:08.0874 6132 TapiSrv - ok
23:17:08.0891 6132 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:17:08.0892 6132 TBS - ok
23:17:08.0940 6132 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:17:08.0975 6132 Tcpip - ok
23:17:09.0035 6132 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:17:09.0045 6132 TCPIP6 - ok
23:17:09.0049 6132 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:17:09.0050 6132 tcpipreg - ok
23:17:09.0091 6132 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:17:09.0094 6132 TDPIPE - ok
23:17:09.0113 6132 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:17:09.0116 6132 TDTCP - ok
23:17:09.0121 6132 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:17:09.0126 6132 tdx - ok
23:17:09.0138 6132 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:17:09.0140 6132 TermDD - ok
23:17:09.0170 6132 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:17:09.0177 6132 TermService - ok
23:17:09.0212 6132 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:17:09.0214 6132 Themes - ok
23:17:09.0238 6132 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:17:09.0240 6132 THREADORDER - ok
23:17:09.0272 6132 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
23:17:09.0276 6132 TPM - ok
23:17:09.0305 6132 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:17:09.0307 6132 TrkWks - ok
23:17:09.0314 6132 [ DF219721DDFFCBE03AA894B6B6742BA1 ] trufos C:\Windows\system32\DRIVERS\trufos.sys
23:17:09.0315 6132 trufos - ok
23:17:09.0361 6132 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:17:09.0363 6132 TrustedInstaller - ok
23:17:09.0379 6132 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:17:09.0382 6132 tssecsrv - ok
23:17:09.0413 6132 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:17:09.0418 6132 TsUsbFlt - ok
23:17:09.0420 6132 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
23:17:09.0423 6132 TsUsbGD - ok
23:17:09.0447 6132 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:17:09.0448 6132 tunnel - ok
23:17:09.0466 6132 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:17:09.0471 6132 uagp35 - ok
23:17:09.0483 6132 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:17:09.0491 6132 udfs - ok
23:17:09.0500 6132 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:17:09.0502 6132 UI0Detect - ok
23:17:09.0504 6132 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:17:09.0509 6132 uliagpkx - ok
23:17:09.0544 6132 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:17:09.0547 6132 umbus - ok
23:17:09.0551 6132 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
23:17:09.0553 6132 UmPass - ok
23:17:09.0655 6132 [ A0153CC9D28568A10BDAEE5EC612CFC8 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:17:09.0659 6132 UNS - ok
23:17:09.0720 6132 [ 7DE3F30967CF77BD1FC440C2B847629A ] Update Server C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
23:17:09.0723 6132 Update Server - ok
23:17:09.0773 6132 [ DDC49896DC045AADC1988D0D0330811A ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
23:17:09.0775 6132 UPDATESRV - ok
23:17:09.0793 6132 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:17:09.0798 6132 upnphost - ok
23:17:09.0802 6132 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:17:09.0807 6132 usbccgp - ok
23:17:09.0819 6132 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:17:09.0824 6132 usbcir - ok
23:17:09.0827 6132 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:17:09.0830 6132 usbehci - ok
23:17:09.0836 6132 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:17:09.0842 6132 usbhub - ok
23:17:09.0846 6132 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:17:09.0849 6132 usbohci - ok
23:17:09.0852 6132 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
23:17:09.0855 6132 usbprint - ok
23:17:09.0875 6132 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
23:17:09.0879 6132 USBSTOR - ok
23:17:09.0882 6132 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:17:09.0884 6132 usbuhci - ok
23:17:09.0888 6132 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:17:09.0893 6132 usbvideo - ok
23:17:09.0908 6132 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:17:09.0909 6132 UxSms - ok
23:17:09.0923 6132 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:17:09.0924 6132 VaultSvc - ok
23:17:09.0938 6132 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:17:09.0939 6132 vdrvroot - ok
23:17:09.0957 6132 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:17:09.0972 6132 vds - ok
23:17:09.0983 6132 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:17:09.0987 6132 vga - ok
23:17:09.0989 6132 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:17:09.0992 6132 VgaSave - ok
23:17:09.0996 6132 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:17:10.0002 6132 vhdmp - ok
23:17:10.0020 6132 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:17:10.0023 6132 viaide - ok
23:17:10.0036 6132 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:17:10.0037 6132 volmgr - ok
23:17:10.0042 6132 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:17:10.0045 6132 volmgrx - ok
23:17:10.0050 6132 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:17:10.0053 6132 volsnap - ok
23:17:10.0073 6132 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:17:10.0078 6132 vsmraid - ok
23:17:10.0108 6132 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:17:10.0135 6132 VSS - ok
23:17:10.0137 6132 VSSERV - ok
23:17:10.0146 6132 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:17:10.0149 6132 vwifibus - ok
23:17:10.0165 6132 [ 13A0DECD1794DE60A8427862C8669D27 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:17:10.0169 6132 vwififlt - ok
23:17:10.0203 6132 [ 49003B357D101CDC474937437ECF5ABC ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:17:10.0203 6132 vwifimp - ok
23:17:10.0222 6132 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:17:10.0226 6132 W32Time - ok
23:17:10.0230 6132 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:17:10.0233 6132 WacomPen - ok
23:17:10.0266 6132 [ 4AA2CC5979AFF984227364F2C23B04F3 ] WajamUpdater C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
23:17:10.0267 6132 WajamUpdater - ok
23:17:10.0281 6132 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:17:10.0285 6132 WANARP - ok
23:17:10.0288 6132 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:17:10.0289 6132 Wanarpv6 - ok
23:17:10.0346 6132 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:17:10.0366 6132 WatAdminSvc - ok
23:17:10.0423 6132 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:17:10.0432 6132 wbengine - ok
23:17:10.0436 6132 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:17:10.0443 6132 WbioSrvc - ok
23:17:10.0448 6132 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:17:10.0456 6132 wcncsvc - ok
23:17:10.0459 6132 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:17:10.0463 6132 WcsPlugInService - ok
23:17:10.0465 6132 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
23:17:10.0468 6132 Wd - ok
23:17:10.0477 6132 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:17:10.0482 6132 Wdf01000 - ok
23:17:10.0485 6132 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:17:10.0487 6132 WdiServiceHost - ok
23:17:10.0489 6132 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:17:10.0491 6132 WdiSystemHost - ok
23:17:10.0515 6132 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:17:10.0523 6132 WebClient - ok
23:17:10.0534 6132 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:17:10.0541 6132 Wecsvc - ok
23:17:10.0550 6132 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:17:10.0551 6132 wercplsupport - ok
23:17:10.0555 6132 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:17:10.0557 6132 WerSvc - ok
23:17:10.0560 6132 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:17:10.0562 6132 WfpLwf - ok
23:17:10.0564 6132 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:17:10.0568 6132 WIMMount - ok
23:17:10.0588 6132 WinDefend - ok
23:17:10.0594 6132 WinHttpAutoProxySvc - ok
23:17:10.0640 6132 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:17:10.0643 6132 Winmgmt - ok
23:17:10.0689 6132 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:17:10.0749 6132 WinRM - ok
23:17:10.0776 6132 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:17:10.0787 6132 Wlansvc - ok
23:17:10.0865 6132 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:17:10.0870 6132 wlcrasvc - ok
23:17:10.0979 6132 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:17:11.0000 6132 wlidsvc - ok
23:17:11.0032 6132 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:17:11.0034 6132 WmiAcpi - ok
23:17:11.0061 6132 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:17:11.0067 6132 wmiApSrv - ok
23:17:11.0091 6132 WMPNetworkSvc - ok
23:17:11.0101 6132 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:17:11.0105 6132 WPCSvc - ok
23:17:11.0117 6132 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:17:11.0120 6132 WPDBusEnum - ok
23:17:11.0128 6132 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:17:11.0131 6132 ws2ifsl - ok
23:17:11.0145 6132 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
23:17:11.0147 6132 wscsvc - ok
23:17:11.0149 6132 WSearch - ok
23:17:11.0173 6132 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys
23:17:11.0180 6132 wsvd - ok
23:17:11.0241 6132 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:17:11.0281 6132 wuauserv - ok
23:17:11.0285 6132 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:17:11.0286 6132 WudfPf - ok
23:17:11.0290 6132 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:17:11.0295 6132 WUDFRd - ok
23:17:11.0310 6132 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:17:11.0312 6132 wudfsvc - ok
23:17:11.0317 6132 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
23:17:11.0323 6132 WwanSvc - ok
23:17:11.0393 6132 [ 74713CB32792F9C7632DAA7DA22CA974 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
23:17:11.0399 6132 ZeroConfigService - ok
23:17:11.0417 6132 ================ Scan global ===============================
23:17:11.0443 6132 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:17:11.0478 6132 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
23:17:11.0484 6132 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
23:17:11.0497 6132 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:17:11.0517 6132 [ B299212567AC0EA6D97A21A441709378 ] C:\Windows\system32\services.exe
23:17:11.0520 6132 [Global] - ok
23:17:11.0521 6132 ================ Scan MBR ==================================
23:17:11.0526 6132 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:17:11.0787 6132 \Device\Harddisk0\DR0 - ok
23:17:11.0787 6132 ================ Scan VBR ==================================
23:17:11.0789 6132 [ 8F73AEB308418B35CBBDFC622D9793F9 ] \Device\Harddisk0\DR0\Partition1
23:17:11.0790 6132 \Device\Harddisk0\DR0\Partition1 - ok
23:17:11.0816 6132 [ FC23D356117901C5674CE992D7B5C825 ] \Device\Harddisk0\DR0\Partition2
23:17:11.0818 6132 \Device\Harddisk0\DR0\Partition2 - ok
23:17:11.0841 6132 [ 8D281E0D9B6C0A092169BF0ADE9CEB1F ] \Device\Harddisk0\DR0\Partition3
23:17:11.0843 6132 \Device\Harddisk0\DR0\Partition3 - ok
23:17:11.0844 6132 ============================================================
23:17:11.0844 6132 Scan finished
23:17:11.0844 6132 ============================================================
23:17:11.0852 5696 Detected object count: 0
23:17:11.0852 5696 Actual detected object count: 0
23:18:14.0017 6564 Deinitialize success

FROM aswMBR
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-29 23:18:18
-----------------------------
23:18:18.378 OS Version: Windows x64 6.1.7601 Service Pack 1
23:18:18.378 Number of processors: 8 586 0x3A09
23:18:18.379 ComputerName: NUMBERONE UserName:
23:18:19.183 Initialize success
23:19:26.690 AVAST engine defs: 12082901
23:19:31.738 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:19:31.740 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
23:19:31.794 Disk 0 MBR read successfully
23:19:31.797 Disk 0 MBR scan
23:19:31.858 Disk 0 Windows 7 default MBR code
23:19:31.861 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
23:19:31.875 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 430658 MB offset 411648
23:19:31.908 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 26080 MB offset 882399232
23:19:31.928 Disk 0 Partition 4 00 12 Compaq diag NTFS 20001 MB offset 935811072
23:19:31.967 Disk 0 scanning C:\Windows\system32\drivers
23:19:37.549 Service scanning
23:19:53.522 Modules scanning
23:19:53.527 Disk 0 trace - called modules:
23:19:53.550 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
23:19:53.553 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800a03c790]
23:19:53.555 3 CLASSPNP.SYS[fffff88001c0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800777e050]
23:19:54.576 AVAST engine scan C:\Windows
23:19:56.543 AVAST engine scan C:\Windows\system32
23:22:10.019 AVAST engine scan C:\Windows\system32\drivers
23:22:16.659 AVAST engine scan C:\Users\Quinlan Lee
23:24:00.662 AVAST engine scan C:\ProgramData
23:25:21.893 Scan finished successfully
23:26:08.452 Disk 0 MBR has been saved successfully to "C:\Users\Quinlan Lee\Documents\Important Files\MBR.dat"
23:26:08.455 The log file has been saved successfully to "C:\Users\Quinlan Lee\Documents\Important Files\aswMBR.txt"




FROM ESET
C:\Users\Quinlan Lee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0C0WH96W\get[1].htm HTML/Ransom.A trojan cleaned by deleting - quarantined
C:\Users\Quinlan Lee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\POWAFBF8\get[2].htm HTML/Ransom.A trojan cleaned by deleting - quarantined
C:\Users\Quinlan Lee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W0EZMLAE\get[1].htm HTML/Ransom.A trojan cleaned by deleting - quarantined
C:\Users\Quinlan Lee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W0EZMLAE\get[2].htm HTML/Ransom.A trojan cleaned by deleting - quarantined
C:\Users\Quinlan Lee\AppData\Local\{8E36AD79-F243-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:58 PM

Posted 29 August 2012 - 11:50 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 FreakAccident

FreakAccident
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 30 August 2012 - 07:50 AM

The first full system scan with Malware Bytes Anti Malware, there was 1 infection which was deleted (Trojan). I restarted my computer and did a full system scan again, and the 2nd time my computer was clean.

Mini Toolbox

MiniToolBox by Farbar Version: 23-07-2012
Ran by Quinlan Lee (administrator) on 30-08-2012 at 08:38:23
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 2200 = Wireless Network Connection (Connected)
Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface= subinterface=ethernet_9 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : NumberOne
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 9C-4E-36-4C-E3-39
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 9C-4E-36-4C-E3-39
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 2200
Physical Address. . . . . . . . . : 9C-4E-36-4C-E3-38
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::60d7:77d:b088:a4a2%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.11(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : August-30-12 1:50:51 AM
Lease Expires . . . . . . . . . . : September-06-12 1:54:07 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 295456310
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-BD-1F-C8-B8-88-E3-72-B9-47
DNS Servers . . . . . . . . . . . : 64.71.255.198
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 08-ED-B9-D9-03-B7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : B8-88-E3-72-B9-47
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E4FA8D65-9C3C-4121-915C-060C580C5634}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{84885E29-B5E2-4EDF-8C5C-8C0A718134E3}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{CE76F9FB-8B54-4795-B057-64AE47B47C78}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{705ED5A1-328F-41E2-A6EC-EA320515BF9A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:a0:be7:9c00:25e7(Preferred)
Link-local IPv6 Address . . . . . : fe80::a0:be7:9c00:25e7%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 64.71.255.198

Name: google.com
Addresses: 2607:f8b0:400b:801::1008
74.125.226.33
74.125.226.39
74.125.226.46
74.125.226.40
74.125.226.41
74.125.226.32
74.125.226.35
74.125.226.34
74.125.226.38
74.125.226.36
74.125.226.37


Pinging google.com [74.125.226.41] with 32 bytes of data:
Request timed out.
Reply from 74.125.226.41: bytes=32 time=9ms TTL=57

Ping statistics for 74.125.226.41:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 9ms, Maximum = 9ms, Average = 9ms
Server: dns.rnc.net.cable.rogers.com
Address: 64.71.255.198

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=1158ms TTL=53
Reply from 72.30.38.140: bytes=32 time=1046ms TTL=53

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1046ms, Maximum = 1158ms, Average = 1102ms
Server: dns.rnc.net.cable.rogers.com
Address: 64.71.255.198

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms
===========================================================================
Interface List
17...9c 4e 36 4c e3 39 ......Microsoft Virtual WiFi Miniport Adapter #2
16...9c 4e 36 4c e3 39 ......Microsoft Virtual WiFi Miniport Adapter
15...9c 4e 36 4c e3 38 ......Intel® Centrino® Wireless-N 2200
14...08 ed b9 d9 03 b7 ......Bluetooth Device (Personal Area Network)
11...b8 88 e3 72 b9 47 ......Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.11 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.11 281
192.168.0.11 255.255.255.255 On-link 192.168.0.11 281
192.168.0.255 255.255.255.255 On-link 192.168.0.11 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.11 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.11 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
18 58 ::/0 On-link
1 306 ::1/128 On-link
18 58 2001::/32 On-link
18 306 2001:0:9d38:953c:a0:be7:9c00:25e7/128
On-link
15 281 fe80::/64 On-link
18 306 fe80::/64 On-link
18 306 fe80::a0:be7:9c00:25e7/128
On-link
15 281 fe80::60d7:77d:b088:a4a2/128
On-link
1 306 ff00::/8 On-link
18 306 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/30/2012 03:16:25 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/30/2012 03:14:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/30/2012 03:14:27 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (08/30/2012 01:51:26 AM) (Source: NSDSvc) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

Error: (08/30/2012 01:51:26 AM) (Source: NSDSvc) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).

Error: (08/30/2012 01:51:26 AM) (Source: NSDSvc) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

Error: (08/30/2012 01:51:26 AM) (Source: NSDSvc) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).

Error: (08/30/2012 01:51:26 AM) (Source: NSDSvc) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

Error: (08/30/2012 01:51:26 AM) (Source: NSDSvc) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).

Error: (08/30/2012 01:51:26 AM) (Source: NSDSvc) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).


System errors:
=============
Error: (08/29/2012 10:02:24 PM) (Source: DCOM) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (08/29/2012 10:01:44 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/29/2012 10:01:41 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/29/2012 10:01:41 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/29/2012 10:01:41 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/29/2012 10:01:41 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/29/2012 10:01:41 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/29/2012 10:01:41 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/29/2012 10:01:41 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/29/2012 10:01:41 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (08/30/2012 03:16:25 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\quinlan lee\downloads\esetsmartinstaller_enu.exe

Error: (08/30/2012 03:14:34 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (08/30/2012 03:14:27 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (08/30/2012 01:51:26 AM) (Source: NSDSvc)(User: )
Description: NSDSvc---query POLICYVT key success failed with 0, The Code is:0x424.

Error: (08/30/2012 01:51:26 AM) (Source: NSDSvc)(User: )
Description: NSDSvc---Get Poicy Open key suc failed with 0, The Code is:0x422.

Error: (08/30/2012 01:51:26 AM) (Source: NSDSvc)(User: )
Description: NSDSvc---query POLICYVT key success failed with 0, The Code is:0x424.

Error: (08/30/2012 01:51:26 AM) (Source: NSDSvc)(User: )
Description: NSDSvc---Get Poicy Open key suc failed with 0, The Code is:0x422.

Error: (08/30/2012 01:51:26 AM) (Source: NSDSvc)(User: )
Description: NSDSvc---query POLICYVT key success failed with 0, The Code is:0x424.

Error: (08/30/2012 01:51:26 AM) (Source: NSDSvc)(User: )
Description: NSDSvc---Get Poicy Open key suc failed with 0, The Code is:0x422.

Error: (08/30/2012 01:51:26 AM) (Source: NSDSvc)(User: )
Description: NSDSvc---query POLICYVT key success failed with 0, The Code is:0x424.


=========================== Installed Programs ============================

Adobe AIR (Version: 1.1.0.5790)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Flash Player ActiveX (Version: 9.0.124.0)
Adobe Photoshop Elements 7.0 (Version: 7.0)
Adobe Photoshop.com Inspiration Browser (Version: 2.61)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 2.0.14.15)
Bitdefender Internet Security 2012 (Version: 15.0.38)
Bonjour (Version: 3.0.0.10)
Contrôle ActiveX Windows Live Mesh pour connexions ŕ distance (Version: 15.4.5722.2)
Counter-Strike: Global Offensive
Counter-Strike: Source
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Energy Management (Version: 7.0.4.1)
ESET Online Scanner v3
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Garry's Mod
Google Chrome (Version: 21.0.1180.83)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3203.136)
Google Update Helper (Version: 1.3.21.115)
Intel AppUp(SM) center (Version: 03.05.11)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 8.0.3.1427)
Intel® OpenCL CPU Runtime
Intel® Processor Graphics (Version: 8.15.10.2778)
Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed (Version: 15.0.0.0059)
Intel® Rapid Storage Technology (Version: 11.0.0.1032)
Intel® WiDi (Version: 3.0.13.0)
Intel® Wireless Display
Intel® Wireless Music device driver (Version: 1.5.5323.0)
Intel® PROSet/Wireless WiFi Software (Version: 15.00.0000.0642)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
Intelligent Touchpad (Version: 1.00.0108)
iTunes (Version: 10.6.3.25)
JMicron Flash Media Controller Driver (Version: 1.0.64.1)
Junk Mail filter update (Version: 15.4.3502.0922)
League of Legends (Version: 1.3)
Lenovo Bluetooth with Enhanced Data Rate Software (Version: 6.5.1.2300)
Lenovo EasyCamera (Version: 6.1.7600.117)
Lenovo EE Boot Optimizer (Version: 0.0.1.9)
Lenovo OneKey Recovery (Version: 7.0.0.3712)
Lenovo Registration (Version: 1.0.4)
Lenovo YouCam (Version: 3.1.3728)
LockKey (Version: 1.38.1.2)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MapleStory
McAfee Security Scan Plus (Version: 3.0.207.4)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (Version: 14.0.6120.5004)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Nitro Pro 7 (Version: 7.4.1.12)
Nsd (Version: 1.0.1.7)
NVIDIA Control Panel 295.93 (Version: 295.93)
NVIDIA Graphics Driver 295.93 (Version: 295.93)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA Optimus 1.7.12 (Version: 1.7.12)
NVIDIA PhysX (Version: 9.12.0613)
NVIDIA Update 1.7.12 (Version: 1.7.12)
NVIDIA Update Components (Version: 1.7.12)
Onekey Theater (Version: 2.0.2.9)
Orcs Must Die! 2
Pando Media Booster (Version: 2.6.0.8)
PhotoshopdotcomInspirationBrowser (Version: 0.0.0)
Power2Go (Version: 5.6.0.7303)
Realtek High Definition Audio Driver (Version: 6.0.1.6543)
Skype Click to Call (Version: 6.2.10687)
Skype™ 5.10 (Version: 5.10.116)
Steam (Version: 1.0.0.0)
SugarSync Manager (Version: 1.9.49.86082)
Synaptics Pointing Device Driver (Version: 15.3.38.0)
Team Fortress 2
The Weather Network
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
UserGuide (Version: 1.0.0.6)
VeriFace (Version: 4.0.1.1230)
Wajam (Version: 1.45)
Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (Version: 12/15/2011 7.1.0.1)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 48%
Total physical RAM: 8094.36 MB
Available physical RAM: 4160.75 MB
Total Pagefile: 16186.9 MB
Available Pagefile: 12439.89 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.57 MB

========================= Partitions: =====================================

1 Drive c: (Windows7_OS) (Fixed) (Total:420.56 GB) (Free:296.57 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:21.6 GB) NTFS

========================= Users: ========================================

User accounts for \\NUMBERONE

Administrator Guest Quinlan Lee
UpdatusUser


**** End of log ****

FSS

Farbar Service Scanner Version: 06-08-2012
Ran by Quinlan Lee (administrator) on 30-08-2012 at 08:40:55
Running from "C:\Users\Quinlan Lee\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error: Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Adware Cleaner


# AdwCleaner v1.801 - Logfile created 08/30/2012 at 08:42:10
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Quinlan Lee - NUMBERONE
# Boot Mode : Normal
# Running from : C:\Users\Quinlan Lee\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : WajamUpdater

***** [Files / Folders] *****

Folder Deleted : C:\Users\Quinlan Lee\AppData\Local\Babylon
Folder Deleted : C:\Users\Quinlan Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Deleted : C:\Users\Quinlan Lee\AppData\Local\Wajam
Folder Deleted : C:\Users\Quinlan Lee\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Quinlan Lee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files (x86)\Wajam
Folder Deleted : C:\ProgramData\Partner

***** [Registry] *****

Key Deleted : HKCU\Software\Wajam
Key Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Wajam

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4f73-BBBA-9B2B222FB7D6}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Quinlan Lee\AppData\Roaming\Mozilla\Firefox\Profiles\vkp52jto.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Quinlan Lee\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",
Deleted : "explicit_host": [ "hxxp://*.wajam.com/*", "hxxp://*/*", "hxxps://*/*" ],
Deleted : "name": "Wajam",
Deleted : "permissions": [ "hxxp://*.wajam.com/*", "bookmarks", "tabs", "hxxp://*/*", "hxxps://[...]
Deleted : "update_url": "hxxp://www.wajam.com/update/Chrome/chrome_addon_updates.xml",
Deleted : "name": "Wajam",
Deleted : "name": "Wajam"

*************************

AdwCleaner[S1].txt - [4303 octets] - [30/08/2012 08:42:10]

########## EOF - C:\AdwCleaner[S1].txt - [4431 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:58 PM

Posted 30 August 2012 - 07:51 AM

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

Any current issues before we wrap up

#7 FreakAccident

FreakAccident
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 30 August 2012 - 07:58 AM

First I'd like to thank you for your assistance, because I was nearly going to rip all my hair out cause I got my 1 week old laptop infected already. However I have a few questions:

1. Should I keep the programs you asked me to download? (Will they affect the function of my original anti virus; BitDefender)
2. Conversely, is BitDefender strong enough to run alone? (If so, why was that virus still able to enter my system?)
3. Is there any thing I should watch out for to avoid being virused again?


Here is the logs for RKill:

Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/30/2012 08:53:33 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Possibly Patched Files.

* C:\Windows\system32\services.exe

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Quinlan Lee\Desktop\rkill\rkill-08-30-2012-08-53-39.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.
* No issues found.

Checking Windows Service Integrity:

* AppMgmt [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

Searching for Missing Digital Signatures:

* C:\Windows\System32\services.exe [NoSig]
+-> C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe : 328,704 : 07/13/2009 09:39 PM : 24acb7e5be595468e3b9aa488b9b4fcb [Pos Repl]

Program finished at: 08/30/2012 08:54:00 AM
Execution time: 0 hours(s), 0 minute(s), and 26 seconds(s)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:58 PM

Posted 30 August 2012 - 08:01 AM

I would answer questions but first

Click on startmenu and type

cmd

Right click on it and select run as administrator and run this command

sfc /scanfile=c:\windows\system32\services.exe

After scan finishes restart the PC ,post the new RKILL log

#9 FreakAccident

FreakAccident
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 30 August 2012 - 08:09 AM

Rkill
Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/30/2012 09:08:07 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.
* No issues found.

Checking Windows Service Integrity:

* AppMgmt [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/30/2012 09:08:33 AM
Execution time: 0 hours(s), 0 minute(s), and 26 seconds(s)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:58 PM

Posted 30 August 2012 - 08:20 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your antivirus frequently,do not click on suspicious links

1. Should I keep the programs you asked me to download? (Will they affect the function of my original anti virus; BitDefender)


Except for malwarebytes,remove other tools

2. Conversely, is BitDefender strong enough to run alone? (If so, why was that virus still able to enter my system?)
3. Is there any thing I should watch out for to avoid being virused again?


No single product is 100% foolproof and can prevent, detect and remove all threats at any given time. Just because one anti-virus or anti-malware scanner detected threats that another missed, does not mean its more effective

Read through the advice given here

http://www.bleepingcomputer.com/forums/topic287710.html

http://www.bleepingcomputer.com/forums/topic407147.html

safe surfing :)

Edited by narenxp, 30 August 2012 - 08:20 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users