Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MSE unable to update - offline cleaned Trojan DOS/Alureon.L


  • Please log in to reply
26 replies to this topic

#1 CRodgers

CRodgers

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL, USA
  • Local time:12:07 AM

Posted 09 September 2012 - 06:43 AM

My wife's laptop spewed a bunch of file recovery messages and rebooted twice, so she shut it off.

I rebooted on a Windows Defender Offline 64bit disk I created (on another computer). It detected and cleaned Trojan: DOS/Alureon.L. I rebooted off of the offline disk and rescanned and nothing was found, so I booted up her laptop and came up to a black background with only recycle icon. Windows exporer showed C drive as no files. Lots of programs tried to start but failed. Somethign from HP did a disk check and showed problems then went away.

I did a dydtem restore back to 9/5 (3-4 days ago). That after rebooting, the system looked normal except the MSE would not update - stuck on 8/30 definitions (error code 0x80070424). I then booted up off of the offline disk again. It found and cleaned Trojan: DOS/Alureon.L again (so I suppose she was infected prior to 9/5 and the restore actually restored the trojan?). I then rebooted on the offline disk and the scan was clean.

I rebooted the laptop and everything looks normal, except MSE still can not update itself. I went to run MBAB and it immediately said the definitions were old, so I said to update. It also is unable to update definitions.

Suggestions?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:07 PM

Posted 09 September 2012 - 07:03 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 CRodgers

CRodgers
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL, USA
  • Local time:12:07 AM

Posted 09 September 2012 - 07:40 AM

08:32:52.0193 3764 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
08:32:52.0598 3764 ============================================================
08:32:52.0598 3764 Current date / time: 2012/09/09 08:32:52.0598
08:32:52.0598 3764 SystemInfo:
08:32:52.0598 3764
08:32:52.0598 3764 OS Version: 6.1.7601 ServicePack: 1.0
08:32:52.0598 3764 Product type: Workstation
08:32:52.0598 3764 ComputerName: DAISY
08:32:52.0598 3764 UserName: Amy
08:32:52.0598 3764 Windows directory: C:\Windows
08:32:52.0598 3764 System windows directory: C:\Windows
08:32:52.0598 3764 Running under WOW64
08:32:52.0598 3764 Processor architecture: Intel x64
08:32:52.0598 3764 Number of processors: 4
08:32:52.0598 3764 Page size: 0x1000
08:32:52.0598 3764 Boot type: Normal boot
08:32:52.0598 3764 ============================================================
08:32:53.0550 3764 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:32:53.0612 3764 ============================================================
08:32:53.0612 3764 \Device\Harddisk0\DR0:
08:32:53.0628 3764 MBR partitions:
08:32:53.0628 3764 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
08:32:53.0628 3764 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48A7B800
08:32:53.0628 3764 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x48ADF800, BlocksNum 0x1D44800
08:32:53.0628 3764 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0
08:32:53.0628 3764 ============================================================
08:32:53.0644 3764 C: <-> \Device\Harddisk0\DR0\Partition2
08:32:53.0706 3764 D: <-> \Device\Harddisk0\DR0\Partition3
08:32:53.0706 3764 F: <-> \Device\Harddisk0\DR0\Partition4
08:32:53.0706 3764 ============================================================
08:32:53.0706 3764 Initialize success
08:32:53.0706 3764 ============================================================
08:33:04.0891 4564 ============================================================
08:33:04.0891 4564 Scan started
08:33:04.0891 4564 Mode: Manual; TDLFS;
08:33:04.0891 4564 ============================================================
08:33:06.0935 4564 ================ Scan system memory ========================
08:33:06.0935 4564 System memory - ok
08:33:06.0950 4564 ================ Scan services =============================
08:33:07.0247 4564 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:33:07.0262 4564 1394ohci - ok
08:33:07.0309 4564 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
08:33:07.0309 4564 Accelerometer - ok
08:33:07.0465 4564 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
08:33:07.0465 4564 ACDaemon - ok
08:33:07.0543 4564 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:33:07.0543 4564 ACPI - ok
08:33:07.0590 4564 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:33:07.0590 4564 AcpiPmi - ok
08:33:07.0699 4564 [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
08:33:07.0699 4564 AdobeActiveFileMonitor7.0 - ok
08:33:07.0793 4564 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:33:07.0793 4564 AdobeARMservice - ok
08:33:07.0996 4564 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:33:07.0996 4564 AdobeFlashPlayerUpdateSvc - ok
08:33:08.0089 4564 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:33:08.0089 4564 adp94xx - ok
08:33:08.0152 4564 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:33:08.0167 4564 adpahci - ok
08:33:08.0214 4564 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:33:08.0214 4564 adpu320 - ok
08:33:08.0261 4564 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:33:08.0261 4564 AeLookupSvc - ok
08:33:08.0386 4564 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
08:33:08.0386 4564 AESTFilters - ok
08:33:08.0464 4564 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\Windows\syswow64\drivers\Afc.sys
08:33:08.0464 4564 Afc - ok
08:33:08.0526 4564 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:33:08.0542 4564 AFD - ok
08:33:08.0573 4564 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:33:08.0573 4564 agp440 - ok
08:33:08.0635 4564 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:33:08.0635 4564 ALG - ok
08:33:08.0682 4564 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:33:08.0682 4564 aliide - ok
08:33:08.0729 4564 [ 5580856001F78FECEF19202A60334E7E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:33:08.0729 4564 AMD External Events Utility - ok
08:33:08.0776 4564 AMD FUEL Service - ok
08:33:08.0807 4564 [ 30BFEEE0DFFD5BD79D29157CF080DEED ] amdhub30 C:\Windows\system32\DRIVERS\amdhub30.sys
08:33:08.0807 4564 amdhub30 - ok
08:33:08.0854 4564 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:33:08.0854 4564 amdide - ok
08:33:08.0900 4564 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
08:33:08.0900 4564 amdiox64 - ok
08:33:08.0932 4564 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
08:33:08.0932 4564 AmdK8 - ok
08:33:09.0181 4564 [ 69BC235B7983D67B8967CE634023CED1 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:33:09.0244 4564 amdkmdag - ok
08:33:09.0322 4564 [ 2A8496AF669F282777F9E17D04D0AA22 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
08:33:09.0337 4564 amdkmdap - ok
08:33:09.0368 4564 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:33:09.0368 4564 AmdPPM - ok
08:33:09.0415 4564 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:33:09.0415 4564 amdsata - ok
08:33:09.0446 4564 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
08:33:09.0446 4564 amdsbs - ok
08:33:09.0462 4564 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:33:09.0462 4564 amdxata - ok
08:33:09.0509 4564 [ 321533578132C811EC834A1B741C994C ] amdxhc C:\Windows\system32\DRIVERS\amdxhc.sys
08:33:09.0509 4564 amdxhc - ok
08:33:09.0540 4564 [ 2FBB00A7616106B95104574C6CD640C2 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
08:33:09.0540 4564 amd_sata - ok
08:33:09.0556 4564 [ 87D0D7645CB0D53220649BD5FE15D93E ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
08:33:09.0556 4564 amd_xata - ok
08:33:09.0602 4564 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:33:09.0602 4564 AppID - ok
08:33:09.0634 4564 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:33:09.0634 4564 AppIDSvc - ok
08:33:09.0649 4564 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:33:09.0649 4564 Appinfo - ok
08:33:09.0727 4564 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:33:09.0727 4564 Apple Mobile Device - ok
08:33:09.0758 4564 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
08:33:09.0758 4564 arc - ok
08:33:09.0790 4564 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:33:09.0790 4564 arcsas - ok
08:33:09.0961 4564 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:33:09.0961 4564 aspnet_state - ok
08:33:10.0008 4564 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:33:10.0008 4564 AsyncMac - ok
08:33:10.0024 4564 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:33:10.0039 4564 atapi - ok
08:33:10.0086 4564 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
08:33:10.0102 4564 AtiHDAudioService - ok
08:33:10.0148 4564 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:33:10.0164 4564 AudioEndpointBuilder - ok
08:33:10.0180 4564 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:33:10.0180 4564 AudioSrv - ok
08:33:10.0226 4564 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:33:10.0226 4564 AxInstSV - ok
08:33:10.0289 4564 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
08:33:10.0289 4564 b06bdrv - ok
08:33:10.0336 4564 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:33:10.0336 4564 b57nd60a - ok
08:33:10.0429 4564 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
08:33:10.0445 4564 BCM43XX - ok
08:33:10.0492 4564 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:33:10.0492 4564 BDESVC - ok
08:33:10.0523 4564 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:33:10.0523 4564 Beep - ok
08:33:10.0570 4564 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
08:33:10.0570 4564 blbdrive - ok
08:33:10.0648 4564 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:33:10.0663 4564 Bonjour Service - ok
08:33:10.0710 4564 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:33:10.0710 4564 bowser - ok
08:33:10.0757 4564 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
08:33:10.0757 4564 BrFiltLo - ok
08:33:10.0788 4564 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
08:33:10.0788 4564 BrFiltUp - ok
08:33:10.0835 4564 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:33:10.0850 4564 Browser - ok
08:33:10.0882 4564 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:33:10.0882 4564 Brserid - ok
08:33:10.0913 4564 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:33:10.0913 4564 BrSerWdm - ok
08:33:10.0944 4564 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:33:10.0944 4564 BrUsbMdm - ok
08:33:10.0975 4564 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:33:10.0975 4564 BrUsbSer - ok
08:33:10.0991 4564 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
08:33:10.0991 4564 BTHMODEM - ok
08:33:11.0038 4564 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:33:11.0038 4564 bthserv - ok
08:33:11.0084 4564 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:33:11.0100 4564 cdfs - ok
08:33:11.0147 4564 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:33:11.0147 4564 cdrom - ok
08:33:11.0209 4564 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:33:11.0209 4564 CertPropSvc - ok
08:33:11.0272 4564 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:33:11.0272 4564 circlass - ok
08:33:11.0350 4564 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:33:11.0350 4564 CLFS - ok
08:33:11.0506 4564 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
08:33:11.0506 4564 CLKMSVC10_38F51D56 - ok
08:33:11.0584 4564 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:33:11.0584 4564 clr_optimization_v2.0.50727_32 - ok
08:33:11.0630 4564 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:33:11.0630 4564 clr_optimization_v2.0.50727_64 - ok
08:33:11.0755 4564 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:33:11.0755 4564 clr_optimization_v4.0.30319_32 - ok
08:33:11.0802 4564 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:33:11.0802 4564 clr_optimization_v4.0.30319_64 - ok
08:33:11.0864 4564 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
08:33:11.0864 4564 clwvd - ok
08:33:11.0896 4564 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
08:33:11.0911 4564 CmBatt - ok
08:33:11.0927 4564 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:33:11.0927 4564 cmdide - ok
08:33:11.0989 4564 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:33:12.0005 4564 CNG - ok
08:33:12.0052 4564 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
08:33:12.0052 4564 Compbatt - ok
08:33:12.0098 4564 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:33:12.0098 4564 CompositeBus - ok
08:33:12.0114 4564 COMSysApp - ok
08:33:12.0145 4564 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:33:12.0145 4564 crcdisk - ok
08:33:12.0192 4564 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:33:12.0192 4564 CryptSvc - ok
08:33:12.0254 4564 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:33:12.0254 4564 DcomLaunch - ok
08:33:12.0301 4564 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:33:12.0301 4564 defragsvc - ok
08:33:12.0348 4564 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:33:12.0348 4564 DfsC - ok
08:33:12.0395 4564 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:33:12.0410 4564 Dhcp - ok
08:33:12.0442 4564 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:33:12.0442 4564 discache - ok
08:33:12.0504 4564 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
08:33:12.0504 4564 Disk - ok
08:33:12.0551 4564 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:33:12.0551 4564 Dnscache - ok
08:33:12.0598 4564 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:33:12.0598 4564 dot3svc - ok
08:33:12.0629 4564 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:33:12.0629 4564 DPS - ok
08:33:12.0660 4564 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:33:12.0660 4564 drmkaud - ok
08:33:12.0707 4564 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:33:12.0722 4564 DXGKrnl - ok
08:33:12.0785 4564 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:33:12.0785 4564 EapHost - ok
08:33:12.0878 4564 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
08:33:12.0894 4564 ebdrv - ok
08:33:12.0925 4564 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:33:12.0941 4564 EFS - ok
08:33:13.0034 4564 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:33:13.0050 4564 ehRecvr - ok
08:33:13.0081 4564 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:33:13.0081 4564 ehSched - ok
08:33:13.0128 4564 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:33:13.0144 4564 elxstor - ok
08:33:13.0175 4564 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:33:13.0175 4564 ErrDev - ok
08:33:13.0237 4564 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:33:13.0237 4564 EventSystem - ok
08:33:13.0284 4564 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:33:13.0284 4564 exfat - ok
08:33:13.0315 4564 ezSharedSvc - ok
08:33:13.0346 4564 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:33:13.0362 4564 fastfat - ok
08:33:13.0424 4564 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:33:13.0440 4564 Fax - ok
08:33:13.0487 4564 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
08:33:13.0487 4564 fdc - ok
08:33:13.0518 4564 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:33:13.0518 4564 fdPHost - ok
08:33:13.0549 4564 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:33:13.0549 4564 FDResPub - ok
08:33:13.0580 4564 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:33:13.0580 4564 FileInfo - ok
08:33:13.0596 4564 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:33:13.0612 4564 Filetrace - ok
08:33:13.0705 4564 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:33:13.0721 4564 FLEXnet Licensing Service - ok
08:33:13.0768 4564 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
08:33:13.0768 4564 flpydisk - ok
08:33:13.0814 4564 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:33:13.0814 4564 FltMgr - ok
08:33:13.0892 4564 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:33:13.0908 4564 FontCache - ok
08:33:13.0986 4564 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:33:13.0986 4564 FontCache3.0.0.0 - ok
08:33:14.0095 4564 [ 0798B9B20CB43057AA8D122090FC9D8C ] FPLService c:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
08:33:14.0095 4564 FPLService - ok
08:33:14.0126 4564 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:33:14.0126 4564 FsDepends - ok
08:33:14.0189 4564 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:33:14.0189 4564 Fs_Rec - ok
08:33:14.0236 4564 [ FA169871D8FADCC6539C4E8726610286 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
08:33:14.0236 4564 FTDIBUS - ok
08:33:14.0251 4564 [ 24237091348D1EFB5635A1CF9649E311 ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
08:33:14.0267 4564 FTSER2K - ok
08:33:14.0298 4564 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:33:14.0298 4564 fvevol - ok
08:33:14.0345 4564 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:33:14.0345 4564 gagp30kx - ok
08:33:14.0407 4564 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:33:14.0407 4564 GEARAspiWDM - ok
08:33:14.0470 4564 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:33:14.0485 4564 gpsvc - ok
08:33:14.0579 4564 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:33:14.0594 4564 gupdate - ok
08:33:14.0610 4564 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:33:14.0610 4564 gupdatem - ok
08:33:14.0672 4564 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:33:14.0672 4564 gusvc - ok
08:33:14.0719 4564 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:33:14.0719 4564 hcw85cir - ok
08:33:14.0750 4564 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:33:14.0766 4564 HdAudAddService - ok
08:33:14.0797 4564 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
08:33:14.0797 4564 HDAudBus - ok
08:33:14.0813 4564 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
08:33:14.0813 4564 HidBatt - ok
08:33:14.0844 4564 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
08:33:14.0844 4564 HidBth - ok
08:33:14.0875 4564 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
08:33:14.0875 4564 HidIr - ok
08:33:14.0906 4564 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
08:33:14.0906 4564 hidserv - ok
08:33:14.0953 4564 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:33:14.0953 4564 HidUsb - ok
08:33:15.0000 4564 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:33:15.0000 4564 hkmsvc - ok
08:33:15.0047 4564 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:33:15.0047 4564 HomeGroupListener - ok
08:33:15.0094 4564 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:33:15.0109 4564 HomeGroupProvider - ok
08:33:15.0234 4564 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
08:33:15.0234 4564 HP Support Assistant Service - ok
08:33:15.0328 4564 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
08:33:15.0343 4564 HPClientSvc - ok
08:33:15.0468 4564 [ C5D2F308E1C12A5C328EF549696DBC05 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
08:33:15.0484 4564 hpCMSrv - ok
08:33:15.0530 4564 [ B19FF523B533A3F198B9239E1749C940 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
08:33:15.0546 4564 HPDrvMntSvc.exe - ok
08:33:15.0577 4564 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
08:33:15.0577 4564 hpdskflt - ok
08:33:15.0624 4564 [ 01091B900E15878B4434F9C726C4541D ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
08:33:15.0640 4564 hpqwmiex - ok
08:33:15.0686 4564 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:33:15.0686 4564 HpSAMD - ok
08:33:15.0718 4564 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
08:33:15.0718 4564 hpsrv - ok
08:33:15.0811 4564 [ 171000873EB522E5EA3DD4C4E0B689B2 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
08:33:15.0811 4564 HPWMISVC - ok
08:33:15.0858 4564 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:33:15.0874 4564 HTTP - ok
08:33:15.0905 4564 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:33:15.0905 4564 hwpolicy - ok
08:33:15.0952 4564 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:33:15.0952 4564 i8042prt - ok
08:33:16.0014 4564 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:33:16.0030 4564 iaStorV - ok
08:33:16.0154 4564 [ 3A0FF117B4ADC5ABE4D968E26A337158 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
08:33:16.0186 4564 IconMan_R - ok
08:33:16.0264 4564 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:33:16.0279 4564 idsvc - ok
08:33:16.0295 4564 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:33:16.0310 4564 iirsp - ok
08:33:16.0357 4564 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:33:16.0373 4564 IKEEXT - ok
08:33:16.0388 4564 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:33:16.0388 4564 intelide - ok
08:33:16.0420 4564 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
08:33:16.0420 4564 intelppm - ok
08:33:16.0466 4564 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:33:16.0466 4564 IPBusEnum - ok
08:33:16.0498 4564 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:33:16.0498 4564 IpFilterDriver - ok
08:33:16.0529 4564 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:33:16.0529 4564 IPMIDRV - ok
08:33:16.0544 4564 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:33:16.0544 4564 IPNAT - ok
08:33:16.0669 4564 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:33:16.0685 4564 iPod Service - ok
08:33:16.0700 4564 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:33:16.0700 4564 IRENUM - ok
08:33:16.0732 4564 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:33:16.0732 4564 isapnp - ok
08:33:16.0763 4564 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:33:16.0778 4564 iScsiPrt - ok
08:33:16.0794 4564 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:33:16.0794 4564 kbdclass - ok
08:33:16.0841 4564 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
08:33:16.0841 4564 kbdhid - ok
08:33:16.0872 4564 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:33:16.0872 4564 KeyIso - ok
08:33:16.0903 4564 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:33:16.0903 4564 KSecDD - ok
08:33:16.0934 4564 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:33:16.0934 4564 KSecPkg - ok
08:33:16.0966 4564 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:33:16.0966 4564 ksthunk - ok
08:33:17.0028 4564 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:33:17.0044 4564 KtmRm - ok
08:33:17.0106 4564 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:33:17.0106 4564 LanmanServer - ok
08:33:17.0137 4564 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:33:17.0137 4564 LanmanWorkstation - ok
08:33:17.0184 4564 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:33:17.0184 4564 lltdio - ok
08:33:17.0231 4564 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:33:17.0231 4564 lltdsvc - ok
08:33:17.0278 4564 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:33:17.0278 4564 lmhosts - ok
08:33:17.0309 4564 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:33:17.0309 4564 LSI_FC - ok
08:33:17.0340 4564 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:33:17.0340 4564 LSI_SAS - ok
08:33:17.0356 4564 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
08:33:17.0356 4564 LSI_SAS2 - ok
08:33:17.0387 4564 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:33:17.0387 4564 LSI_SCSI - ok
08:33:17.0418 4564 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:33:17.0418 4564 luafv - ok
08:33:17.0465 4564 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:33:17.0480 4564 Mcx2Svc - ok
08:33:17.0512 4564 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
08:33:17.0512 4564 megasas - ok
08:33:17.0574 4564 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
08:33:17.0574 4564 MegaSR - ok
08:33:17.0605 4564 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:33:17.0605 4564 MMCSS - ok
08:33:17.0621 4564 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:33:17.0621 4564 Modem - ok
08:33:17.0668 4564 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:33:17.0668 4564 monitor - ok
08:33:17.0699 4564 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:33:17.0699 4564 mouclass - ok
08:33:17.0746 4564 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:33:17.0746 4564 mouhid - ok
08:33:17.0792 4564 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:33:17.0792 4564 mountmgr - ok
08:33:17.0855 4564 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
08:33:17.0855 4564 MpFilter - ok
08:33:17.0902 4564 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:33:17.0917 4564 mpio - ok
08:33:17.0933 4564 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:33:17.0933 4564 mpsdrv - ok
08:33:17.0948 4564 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:33:17.0964 4564 MRxDAV - ok
08:33:17.0995 4564 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:33:17.0995 4564 mrxsmb - ok
08:33:18.0042 4564 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:33:18.0042 4564 mrxsmb10 - ok
08:33:18.0073 4564 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:33:18.0073 4564 mrxsmb20 - ok
08:33:18.0104 4564 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:33:18.0104 4564 msahci - ok
08:33:18.0120 4564 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:33:18.0120 4564 msdsm - ok
08:33:18.0151 4564 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:33:18.0151 4564 MSDTC - ok
08:33:18.0198 4564 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:33:18.0198 4564 Msfs - ok
08:33:18.0198 4564 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:33:18.0214 4564 mshidkmdf - ok
08:33:18.0229 4564 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:33:18.0229 4564 msisadrv - ok
08:33:18.0276 4564 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:33:18.0292 4564 MSiSCSI - ok
08:33:18.0292 4564 msiserver - ok
08:33:18.0338 4564 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:33:18.0338 4564 MSKSSRV - ok
08:33:18.0416 4564 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
08:33:18.0416 4564 MsMpSvc - ok
08:33:18.0448 4564 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:33:18.0448 4564 MSPCLOCK - ok
08:33:18.0463 4564 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:33:18.0463 4564 MSPQM - ok
08:33:18.0510 4564 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:33:18.0510 4564 MsRPC - ok
08:33:18.0541 4564 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:33:18.0541 4564 mssmbios - ok
08:33:18.0572 4564 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:33:18.0572 4564 MSTEE - ok
08:33:18.0588 4564 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
08:33:18.0588 4564 MTConfig - ok
08:33:18.0619 4564 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:33:18.0619 4564 Mup - ok
08:33:18.0650 4564 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:33:18.0666 4564 napagent - ok
08:33:18.0728 4564 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:33:18.0728 4564 NativeWifiP - ok
08:33:18.0791 4564 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
08:33:18.0806 4564 NDIS - ok
08:33:18.0838 4564 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:33:18.0838 4564 NdisCap - ok
08:33:18.0884 4564 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:33:18.0884 4564 NdisTapi - ok
08:33:18.0916 4564 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:33:18.0916 4564 Ndisuio - ok
08:33:18.0931 4564 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:33:18.0931 4564 NdisWan - ok
08:33:18.0978 4564 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:33:18.0978 4564 NDProxy - ok
08:33:19.0009 4564 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:33:19.0009 4564 NetBIOS - ok
08:33:19.0040 4564 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:33:19.0040 4564 NetBT - ok
08:33:19.0072 4564 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:33:19.0072 4564 Netlogon - ok
08:33:19.0103 4564 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:33:19.0103 4564 Netman - ok
08:33:19.0150 4564 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:33:19.0150 4564 NetMsmqActivator - ok
08:33:19.0150 4564 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:33:19.0150 4564 NetPipeActivator - ok
08:33:19.0181 4564 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:33:19.0196 4564 netprofm - ok
08:33:19.0290 4564 [ A98071E3E1E5E503462CC9E0DED91A36 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
08:33:19.0306 4564 netr28x - ok
08:33:19.0321 4564 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:33:19.0321 4564 NetTcpActivator - ok
08:33:19.0321 4564 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:33:19.0337 4564 NetTcpPortSharing - ok
08:33:19.0368 4564 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:33:19.0368 4564 nfrd960 - ok
08:33:19.0430 4564 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
08:33:19.0430 4564 NisDrv - ok
08:33:19.0477 4564 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
08:33:19.0477 4564 NisSrv - ok
08:33:19.0555 4564 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:33:19.0555 4564 NlaSvc - ok
08:33:19.0586 4564 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:33:19.0586 4564 Npfs - ok
08:33:19.0618 4564 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:33:19.0618 4564 nsi - ok
08:33:19.0649 4564 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:33:19.0649 4564 nsiproxy - ok
08:33:19.0711 4564 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:33:19.0727 4564 Ntfs - ok
08:33:19.0758 4564 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:33:19.0758 4564 Null - ok
08:33:19.0789 4564 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
08:33:19.0789 4564 NVENETFD - ok
08:33:19.0820 4564 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:33:19.0820 4564 nvraid - ok
08:33:19.0867 4564 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:33:19.0867 4564 nvstor - ok
08:33:19.0898 4564 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:33:19.0898 4564 nv_agp - ok
08:33:19.0976 4564 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:33:19.0992 4564 odserv - ok
08:33:20.0023 4564 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:33:20.0023 4564 ohci1394 - ok
08:33:20.0070 4564 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:33:20.0070 4564 ose - ok
08:33:20.0117 4564 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:33:20.0132 4564 p2pimsvc - ok
08:33:20.0148 4564 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:33:20.0164 4564 p2psvc - ok
08:33:20.0195 4564 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
08:33:20.0210 4564 Parport - ok
08:33:20.0242 4564 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:33:20.0242 4564 partmgr - ok
08:33:20.0273 4564 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:33:20.0273 4564 PcaSvc - ok
08:33:20.0304 4564 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:33:20.0304 4564 pci - ok
08:33:20.0320 4564 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:33:20.0320 4564 pciide - ok
08:33:20.0351 4564 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
08:33:20.0351 4564 pcmcia - ok
08:33:20.0382 4564 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:33:20.0382 4564 pcw - ok
08:33:20.0398 4564 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:33:20.0413 4564 PEAUTH - ok
08:33:20.0507 4564 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:33:20.0522 4564 PerfHost - ok
08:33:20.0600 4564 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:33:20.0616 4564 pla - ok
08:33:20.0678 4564 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:33:20.0694 4564 PlugPlay - ok
08:33:20.0725 4564 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:33:20.0725 4564 PNRPAutoReg - ok
08:33:20.0756 4564 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:33:20.0756 4564 PNRPsvc - ok
08:33:20.0788 4564 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:33:20.0788 4564 PolicyAgent - ok
08:33:20.0850 4564 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:33:20.0850 4564 Power - ok
08:33:20.0881 4564 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:33:20.0881 4564 PptpMiniport - ok
08:33:20.0897 4564 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
08:33:20.0897 4564 Processor - ok
08:33:20.0944 4564 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:33:20.0944 4564 ProfSvc - ok
08:33:20.0959 4564 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:33:20.0959 4564 ProtectedStorage - ok
08:33:21.0006 4564 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:33:21.0006 4564 Psched - ok
08:33:21.0037 4564 [ A6BF0A9B5A30D743623CA0D3BE35DF05 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
08:33:21.0037 4564 PxHlpa64 - ok
08:33:21.0084 4564 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
08:33:21.0100 4564 ql2300 - ok
08:33:21.0115 4564 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
08:33:21.0131 4564 ql40xx - ok
08:33:21.0146 4564 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:33:21.0146 4564 QWAVE - ok
08:33:21.0162 4564 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:33:21.0162 4564 QWAVEdrv - ok
08:33:21.0178 4564 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:33:21.0178 4564 RasAcd - ok
08:33:21.0209 4564 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:33:21.0209 4564 RasAgileVpn - ok
08:33:21.0240 4564 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:33:21.0240 4564 RasAuto - ok
08:33:21.0256 4564 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:33:21.0256 4564 Rasl2tp - ok
08:33:21.0287 4564 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:33:21.0287 4564 RasMan - ok
08:33:21.0302 4564 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:33:21.0302 4564 RasPppoe - ok
08:33:21.0318 4564 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:33:21.0318 4564 RasSstp - ok
08:33:21.0365 4564 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:33:21.0365 4564 rdbss - ok
08:33:21.0365 4564 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
08:33:21.0380 4564 rdpbus - ok
08:33:21.0396 4564 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:33:21.0396 4564 RDPCDD - ok
08:33:21.0412 4564 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:33:21.0412 4564 RDPENCDD - ok
08:33:21.0427 4564 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:33:21.0427 4564 RDPREFMP - ok
08:33:21.0474 4564 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:33:21.0474 4564 RDPWD - ok
08:33:21.0521 4564 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:33:21.0536 4564 rdyboost - ok
08:33:21.0568 4564 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:33:21.0568 4564 RemoteAccess - ok
08:33:21.0630 4564 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:33:21.0630 4564 RemoteRegistry - ok
08:33:21.0724 4564 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
08:33:21.0724 4564 RoxioNow Service - ok
08:33:21.0755 4564 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:33:21.0770 4564 RpcEptMapper - ok
08:33:21.0802 4564 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:33:21.0802 4564 RpcLocator - ok
08:33:21.0833 4564 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
08:33:21.0848 4564 RpcSs - ok
08:33:21.0911 4564 [ 9D21618E7A3B2C75CF1A2ECBBE723730 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
08:33:21.0926 4564 RSPCIESTOR - ok
08:33:21.0973 4564 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:33:21.0973 4564 rspndr - ok
08:33:22.0020 4564 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:33:22.0020 4564 RTL8167 - ok
08:33:22.0051 4564 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:33:22.0051 4564 SamSs - ok
08:33:22.0082 4564 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:33:22.0082 4564 sbp2port - ok
08:33:22.0129 4564 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:33:22.0129 4564 SCardSvr - ok
08:33:22.0160 4564 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:33:22.0160 4564 scfilter - ok
08:33:22.0207 4564 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:33:22.0223 4564 Schedule - ok
08:33:22.0254 4564 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:33:22.0254 4564 SCPolicySvc - ok
08:33:22.0270 4564 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
08:33:22.0270 4564 sdbus - ok
08:33:22.0301 4564 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:33:22.0301 4564 SDRSVC - ok
08:33:22.0332 4564 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:33:22.0332 4564 secdrv - ok
08:33:22.0348 4564 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:33:22.0348 4564 seclogon - ok
08:33:22.0363 4564 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
08:33:22.0363 4564 SENS - ok
08:33:22.0394 4564 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:33:22.0394 4564 SensrSvc - ok
08:33:22.0426 4564 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:33:22.0426 4564 Serenum - ok
08:33:22.0472 4564 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
08:33:22.0472 4564 Serial - ok
08:33:22.0519 4564 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
08:33:22.0519 4564 sermouse - ok
08:33:22.0566 4564 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:33:22.0566 4564 SessionEnv - ok
08:33:22.0597 4564 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:33:22.0597 4564 sffdisk - ok
08:33:22.0597 4564 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:33:22.0597 4564 sffp_mmc - ok
08:33:22.0613 4564 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:33:22.0613 4564 sffp_sd - ok
08:33:22.0644 4564 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
08:33:22.0644 4564 sfloppy - ok
08:33:22.0675 4564 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:33:22.0675 4564 ShellHWDetection - ok
08:33:22.0706 4564 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
08:33:22.0706 4564 SiSRaid2 - ok
08:33:22.0722 4564 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:33:22.0722 4564 SiSRaid4 - ok
08:33:22.0784 4564 [ E62ABB10E4E6C2563C8311B7B75E3431 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:33:22.0784 4564 SkypeUpdate - ok
08:33:22.0847 4564 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:33:22.0847 4564 Smb - ok
08:33:22.0894 4564 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:33:22.0909 4564 SNMPTRAP - ok
08:33:22.0909 4564 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:33:22.0909 4564 spldr - ok
08:33:22.0956 4564 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
08:33:22.0956 4564 Spooler - ok
08:33:23.0050 4564 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:33:23.0081 4564 sppsvc - ok
08:33:23.0112 4564 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:33:23.0112 4564 sppuinotify - ok
08:33:23.0143 4564 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:33:23.0143 4564 srv - ok
08:33:23.0159 4564 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:33:23.0174 4564 srv2 - ok
08:33:23.0206 4564 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
08:33:23.0221 4564 SrvHsfHDA - ok
08:33:23.0284 4564 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
08:33:23.0299 4564 SrvHsfV92 - ok
08:33:23.0330 4564 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
08:33:23.0346 4564 SrvHsfWinac - ok
08:33:23.0377 4564 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:33:23.0377 4564 srvnet - ok
08:33:23.0424 4564 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:33:23.0440 4564 SSDPSRV - ok
08:33:23.0455 4564 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:33:23.0471 4564 SstpSvc - ok
08:33:23.0580 4564 [ E82994866A370A480607637F28B82835 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
08:33:23.0580 4564 STacSV - ok
08:33:23.0611 4564 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
08:33:23.0611 4564 stexstor - ok
08:33:23.0674 4564 [ 3AD0ED8B19CD76D2254DE5FB298E3C26 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
08:33:23.0689 4564 STHDA - ok
08:33:23.0752 4564 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:33:23.0767 4564 stisvc - ok
08:33:23.0798 4564 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
08:33:23.0798 4564 swenum - ok
08:33:23.0830 4564 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:33:23.0845 4564 swprv - ok
08:33:23.0939 4564 [ 33E6A285DAA5134D8EA2247914C86C09 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:33:23.0954 4564 SynTP - ok
08:33:24.0001 4564 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:33:24.0017 4564 SysMain - ok
08:33:24.0032 4564 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:33:24.0032 4564 TabletInputService - ok
08:33:24.0064 4564 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:33:24.0064 4564 TapiSrv - ok
08:33:24.0095 4564 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:33:24.0095 4564 TBS - ok
08:33:24.0188 4564 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:33:24.0188 4564 Tcpip - ok
08:33:24.0220 4564 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:33:24.0235 4564 TCPIP6 - ok
08:33:24.0266 4564 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:33:24.0266 4564 tcpipreg - ok
08:33:24.0282 4564 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:33:24.0298 4564 TDPIPE - ok
08:33:24.0329 4564 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:33:24.0329 4564 TDTCP - ok
08:33:24.0360 4564 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:33:24.0360 4564 tdx - ok
08:33:24.0376 4564 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:33:24.0376 4564 TermDD - ok
08:33:24.0422 4564 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:33:24.0438 4564 TermService - ok
08:33:24.0454 4564 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:33:24.0454 4564 Themes - ok
08:33:24.0485 4564 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:33:24.0485 4564 THREADORDER - ok
08:33:24.0500 4564 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:33:24.0500 4564 TrkWks - ok
08:33:24.0563 4564 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:33:24.0563 4564 TrustedInstaller - ok
08:33:24.0594 4564 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:33:24.0594 4564 tssecsrv - ok
08:33:24.0625 4564 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:33:24.0625 4564 TsUsbFlt - ok
08:33:24.0641 4564 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
08:33:24.0641 4564 TsUsbGD - ok
08:33:24.0672 4564 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:33:24.0672 4564 tunnel - ok
08:33:24.0703 4564 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:33:24.0719 4564 uagp35 - ok
08:33:24.0734 4564 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:33:24.0734 4564 udfs - ok
08:33:24.0766 4564 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:33:24.0781 4564 UI0Detect - ok
08:33:24.0828 4564 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:33:24.0828 4564 uliagpkx - ok
08:33:24.0875 4564 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:33:24.0875 4564 umbus - ok
08:33:24.0906 4564 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
08:33:24.0906 4564 UmPass - ok
08:33:24.0937 4564 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:33:24.0937 4564 upnphost - ok
08:33:24.0968 4564 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
08:33:24.0984 4564 USBAAPL64 - ok
08:33:25.0015 4564 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:33:25.0015 4564 usbccgp - ok
08:33:25.0062 4564 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:33:25.0062 4564 usbcir - ok
08:33:25.0093 4564 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:33:25.0093 4564 usbehci - ok
08:33:25.0140 4564 [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
08:33:25.0140 4564 usbfilter - ok
08:33:25.0202 4564 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:33:25.0202 4564 usbhub - ok
08:33:25.0218 4564 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
08:33:25.0218 4564 usbohci - ok
08:33:25.0280 4564 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:33:25.0280 4564 usbprint - ok
08:33:25.0327 4564 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
08:33:25.0327 4564 usbscan - ok
08:33:25.0374 4564 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:33:25.0374 4564 USBSTOR - ok
08:33:25.0390 4564 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:33:25.0390 4564 usbuhci - ok
08:33:25.0436 4564 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
08:33:25.0436 4564 usbvideo - ok
08:33:25.0468 4564 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:33:25.0483 4564 UxSms - ok
08:33:25.0499 4564 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:33:25.0499 4564 VaultSvc - ok
08:33:25.0530 4564 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:33:25.0530 4564 vdrvroot - ok
08:33:25.0561 4564 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:33:25.0577 4564 vds - ok
08:33:25.0624 4564 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:33:25.0624 4564 vga - ok
08:33:25.0655 4564 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:33:25.0655 4564 VgaSave - ok
08:33:25.0686 4564 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:33:25.0686 4564 vhdmp - ok
08:33:25.0717 4564 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:33:25.0717 4564 viaide - ok
08:33:25.0748 4564 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:33:25.0748 4564 volmgr - ok
08:33:25.0780 4564 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:33:25.0795 4564 volmgrx - ok
08:33:25.0826 4564 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:33:25.0826 4564 volsnap - ok
08:33:25.0873 4564 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
08:33:25.0873 4564 vsmraid - ok
08:33:25.0936 4564 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:33:25.0951 4564 VSS - ok
08:33:25.0982 4564 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:33:25.0982 4564 vwifibus - ok
08:33:26.0014 4564 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:33:26.0014 4564 vwififlt - ok
08:33:26.0060 4564 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:33:26.0076 4564 W32Time - ok
08:33:26.0107 4564 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
08:33:26.0107 4564 WacomPen - ok
08:33:26.0138 4564 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:33:26.0138 4564 WANARP - ok
08:33:26.0170 4564 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:33:26.0170 4564 Wanarpv6 - ok
08:33:26.0248 4564 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:33:26.0263 4564 WatAdminSvc - ok
08:33:26.0310 4564 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:33:26.0326 4564 wbengine - ok
08:33:26.0341 4564 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:33:26.0357 4564 WbioSrvc - ok
08:33:26.0372 4564 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:33:26.0372 4564 wcncsvc - ok
08:33:26.0404 4564 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:33:26.0404 4564 WcsPlugInService - ok
08:33:26.0419 4564 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
08:33:26.0419 4564 Wd - ok
08:33:26.0466 4564 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:33:26.0482 4564 Wdf01000 - ok
08:33:26.0497 4564 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:33:26.0497 4564 WdiServiceHost - ok
08:33:26.0497 4564 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:33:26.0497 4564 WdiSystemHost - ok
08:33:26.0528 4564 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
08:33:26.0544 4564 WebClient - ok
08:33:26.0560 4564 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:33:26.0560 4564 Wecsvc - ok
08:33:26.0575 4564 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:33:26.0575 4564 wercplsupport - ok
08:33:26.0606 4564 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:33:26.0606 4564 WerSvc - ok
08:33:26.0622 4564 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:33:26.0638 4564 WfpLwf - ok
08:33:26.0653 4564 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:33:26.0653 4564 WIMMount - ok
08:33:26.0684 4564 WinDriver - ok
08:33:26.0684 4564 WinHttpAutoProxySvc - ok
08:33:26.0747 4564 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:33:26.0762 4564 Winmgmt - ok
08:33:26.0840 4564 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
08:33:26.0856 4564 WinRM - ok
08:33:26.0903 4564 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
08:33:26.0903 4564 WinUsb - ok
08:33:26.0950 4564 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:33:26.0965 4564 Wlansvc - ok
08:33:27.0028 4564 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:33:27.0043 4564 wlcrasvc - ok
08:33:27.0184 4564 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:33:27.0199 4564 wlidsvc - ok
08:33:27.0246 4564 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:33:27.0246 4564 WmiAcpi - ok
08:33:27.0277 4564 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:33:27.0277 4564 wmiApSrv - ok
08:33:27.0308 4564 WMPNetworkSvc - ok
08:33:27.0355 4564 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:33:27.0355 4564 WPCSvc - ok
08:33:27.0371 4564 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:33:27.0371 4564 WPDBusEnum - ok
08:33:27.0402 4564 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:33:27.0402 4564 ws2ifsl - ok
08:33:27.0402 4564 WSearch - ok
08:33:27.0433 4564 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:33:27.0433 4564 WudfPf - ok
08:33:27.0464 4564 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:33:27.0464 4564 WUDFRd - ok
08:33:27.0496 4564 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:33:27.0496 4564 wudfsvc - ok
08:33:27.0527 4564 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:33:27.0527 4564 WwanSvc - ok
08:33:27.0558 4564 ================ Scan global ===============================
08:33:27.0589 4564 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:33:27.0620 4564 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:33:27.0636 4564 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:33:27.0652 4564 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:33:27.0698 4564 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:33:27.0698 4564 [Global] - ok
08:33:27.0698 4564 ================ Scan MBR ==================================
08:33:27.0714 4564 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
08:33:28.0946 4564 \Device\Harddisk0\DR0 - ok
08:33:28.0946 4564 ================ Scan VBR ==================================
08:33:28.0946 4564 [ C64D332A19BA4E4E480BC48840D9BDF1 ] \Device\Harddisk0\DR0\Partition1
08:33:28.0962 4564 \Device\Harddisk0\DR0\Partition1 - ok
08:33:28.0978 4564 [ F1E646E65B120532E9223E04C8D6F1E3 ] \Device\Harddisk0\DR0\Partition2
08:33:28.0978 4564 \Device\Harddisk0\DR0\Partition2 - ok
08:33:29.0009 4564 [ 366AC1DEE0601046E9AC24FAECB8E767 ] \Device\Harddisk0\DR0\Partition3
08:33:29.0009 4564 \Device\Harddisk0\DR0\Partition3 - ok
08:33:29.0024 4564 [ 7BC9D20EB1DC8FE899F90B28A6B293F0 ] \Device\Harddisk0\DR0\Partition4
08:33:29.0024 4564 \Device\Harddisk0\DR0\Partition4 - ok
08:33:29.0024 4564 ============================================================
08:33:29.0024 4564 Scan finished
08:33:29.0024 4564 ============================================================
08:33:29.0040 3604 Detected object count: 0
08:33:29.0040 3604 Actual detected object count: 0
08:35:04.0539 2508 Deinitialize success

#4 CRodgers

CRodgers
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL, USA
  • Local time:12:07 AM

Posted 09 September 2012 - 07:44 AM

Avast is still running, but I am off to church, be back in a couple of hours.

#5 CRodgers

CRodgers
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL, USA
  • Local time:12:07 AM

Posted 09 September 2012 - 10:56 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-09 08:35:13
-----------------------------
08:35:13.759 OS Version: Windows x64 6.1.7601 Service Pack 1
08:35:13.759 Number of processors: 4 586 0x100
08:35:13.759 ComputerName: DAISY UserName: Amy
08:35:15.210 Initialize success
08:35:53.664 AVAST engine defs: 12090900
08:36:29.154 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000061
08:36:29.169 Disk 0 Vendor: TOSHIBA_ GS00 Size: 610480MB BusType: 11
08:36:29.263 Disk 0 MBR read successfully
08:36:29.263 Disk 0 MBR scan
08:36:29.278 Disk 0 Windows XP default MBR code
08:36:29.294 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
08:36:29.341 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 595191 MB offset 409600
08:36:29.403 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 14985 MB offset 1219360768
08:36:29.497 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 1250050048
08:36:29.731 Disk 0 scanning C:\Windows\system32\drivers
08:36:44.270 Service scanning
08:37:29.323 Modules scanning
08:37:29.339 Disk 0 trace - called modules:
08:37:29.385 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
08:37:29.401 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005c5a060]
08:37:29.417 3 CLASSPNP.SYS[fffff880019b643f] -> nt!IofCallDriver -> [0xfffffa8005ac5b10]
08:37:29.417 5 hpdskflt.sys[fffff8800195d189] -> nt!IofCallDriver -> [0xfffffa80059817a0]
08:37:29.417 7 amd_xata.sys[fffff880010678f7] -> nt!IofCallDriver -> \Device\00000061[0xfffffa800597d060]
08:37:31.023 AVAST engine scan C:\Windows
08:37:35.142 AVAST engine scan C:\Windows\system32
08:41:49.683 AVAST engine scan C:\Windows\system32\drivers
08:42:08.419 AVAST engine scan C:\Users\Amy
08:48:47.659 AVAST engine scan C:\ProgramData
08:52:10.147 Scan finished successfully
11:54:22.085 Disk 0 MBR has been saved successfully to "C:\Users\Amy\Desktop\MBR.dat"
11:54:22.100 The log file has been saved successfully to "C:\Users\Amy\Desktop\aswMBR.txt"

#6 CRodgers

CRodgers
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL, USA
  • Local time:12:07 AM

Posted 09 September 2012 - 10:58 AM

When I run ESET Online, do I leave it set to Remove found threats?

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:07 PM

Posted 09 September 2012 - 11:02 AM

yes

#8 CRodgers

CRodgers
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL, USA
  • Local time:12:07 AM

Posted 09 September 2012 - 12:54 PM

ESET Online reported:

No threats found.
Scanned Files: 165813
Infected Files: 0
Cleaned: 0
Total scan time: 01:09:53
Scan status: Finished

#9 CRodgers

CRodgers
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL, USA
  • Local time:12:07 AM

Posted 09 September 2012 - 06:17 PM

I see the C, D, and F drives, but there are 4 partitions mentions in the first two outputs. Avast calls the 4th partition a FAT32 LBA MSDOS5.0 format partition at only 103 MB. Is that where the trojan was living?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:07 PM

Posted 09 September 2012 - 07:35 PM

Download Listparts from here

List parts 64

Launch it,click on SCAN,post the log


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Create a restore point before trying this

Download

adware cleaner

Launch it click on Delete

post the generated log

#11 CRodgers

CRodgers
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL, USA
  • Local time:12:07 AM

Posted 09 September 2012 - 07:58 PM

ListParts by Farbar Version: 10-08-2012
Ran by Amy (administrator) on 09-09-2012 at 20:56:14
Windows 7 (X64)
Running From: C:\Users\Amy\Desktop
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 38%
Total physical RAM: 5610.9 MB
Available physical RAM: 3446.43 MB
Total Pagefile: 11220 MB
Available Pagefile: 8829.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:581.24 GB) (Free:485.87 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: (RECOVERY) (Fixed) (Total:14.63 GB) (Free:1.62 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
5 Drive p: (ARCH01) (Network) (Total:931.51 GB) (Free:37.01 GB) NTFS
6 Drive q: (ARCH01) (Network) (Total:931.51 GB) (Free:37.01 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 596 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 199 MB 1024 KB
Partition 2 Primary 581 GB 200 MB
Partition 3 Primary 14 GB 581 GB
Partition 4 Primary 103 MB 596 GB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 SYSTEM NTFS Partition 199 MB Healthy System (partition with boot components)

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 581 GB Healthy Boot

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D RECOVERY NTFS Partition 14 GB Healthy

======================================================================================================

Disk: 0
Partition 4
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F HP_TOOLS FAT32 Partition 103 MB Healthy

======================================================================================================

****** End Of Log ******

#12 CRodgers

CRodgers
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL, USA
  • Local time:12:07 AM

Posted 09 September 2012 - 10:41 PM

MBAM - removed 2 infections, rebooted, scanned clean.

#13 CRodgers

CRodgers
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL, USA
  • Local time:12:07 AM

Posted 09 September 2012 - 10:44 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Amy (administrator) on 09-09-2012 at 23:43:05
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Ralink RT5390 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Daisy
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Ralink RT5390 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : CC-AF-78-03-6A-E9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::10c4:14c1:a02:23bc%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, September 09, 2012 10:39:46 PM
Lease Expires . . . . . . . . . . : Monday, September 10, 2012 10:39:46 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 332181368
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-A3-D6-8E-2C-27-D7-AF-34-DF
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : btoa06.dellswdlb.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 2C-27-D7-AF-34-DF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.btoa06.dellswdlb.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: myrouter.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4008:802::1009
74.125.229.225
74.125.229.229
74.125.229.228
74.125.229.224
74.125.229.233
74.125.229.238
74.125.229.226
74.125.229.230
74.125.229.232
74.125.229.231
74.125.229.227


Pinging google.com [74.125.229.229] with 32 bytes of data:
Reply from 74.125.229.229: bytes=32 time=88ms TTL=55
Reply from 74.125.229.229: bytes=32 time=89ms TTL=55

Ping statistics for 74.125.229.229:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 88ms, Maximum = 89ms, Average = 88ms
Server: myrouter.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
72.30.38.140


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=121ms TTL=49
Reply from 98.138.253.109: bytes=32 time=93ms TTL=50

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 93ms, Maximum = 121ms, Average = 107ms
Server: myrouter.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...cc af 78 03 6a e9 ......Ralink RT5390 802.11b/g/n WiFi Adapter
11...2c 27 d7 af 34 df ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.5 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.5 281
192.168.1.5 255.255.255.255 On-link 192.168.1.5 281
192.168.1.255 255.255.255.255 On-link 192.168.1.5 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.5 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.5 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 281 fe80::/64 On-link
13 281 fe80::10c4:14c1:a02:23bc/128
On-link
1 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/09/2012 11:54:49 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/03/2012 05:57:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3043

Error: (09/03/2012 05:57:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3043

Error: (09/03/2012 05:57:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2012 05:57:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2044

Error: (09/03/2012 05:57:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2044

Error: (09/03/2012 05:57:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2012 05:57:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1030

Error: (09/03/2012 05:57:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1030

Error: (09/03/2012 05:57:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (09/09/2012 10:54:33 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.135.203.0

Update Source: %NT AUTHORITY51

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (09/09/2012 10:54:33 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.135.203.0

Update Source: %NT AUTHORITY51

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (09/09/2012 10:54:33 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.135.203.0

Update Source: %NT AUTHORITY51

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (09/09/2012 10:54:33 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.135.203.0

Update Source: %NT AUTHORITY51

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (09/09/2012 10:54:30 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version: 1.135.839.0

Previous Signature Version: 1.135.203.0

Update Source: %NT AUTHORITY15

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (09/09/2012 10:54:30 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version: 1.135.839.0

Previous Signature Version: 1.135.203.0

Update Source: %NT AUTHORITY15

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (09/09/2012 10:53:59 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.135.203.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (09/09/2012 10:53:58 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to remove history of malware and other potentially unwanted software.

Time: ?8/?25/?2012 10:49:53 PM

User: NT AUTHORITY\SYSTEM

Error Code: 0x80070005

Error description: Access is denied.

Error: (09/09/2012 10:43:12 PM) (Source: Microsoft Antimalware) (User: )
Description: %Daisy60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.135.203.0

Update Source: %Daisy51

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %Daisy602

Update Type: %Daisy604

User: Daisy\Amy

Current Engine Version: %Daisy605

Previous Engine Version: %Daisy606

Error code: %Daisy607

Error description: %Daisy608

Error: (09/09/2012 10:43:12 PM) (Source: Microsoft Antimalware) (User: )
Description: %Daisy60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.135.203.0

Update Source: %Daisy51

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %Daisy602

Update Type: %Daisy604

User: Daisy\Amy

Current Engine Version: %Daisy605

Previous Engine Version: %Daisy606

Error code: %Daisy607

Error description: %Daisy608


Microsoft Office Sessions:
=========================
Error: (06/24/2012 07:29:23 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 635273 seconds with 6540 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (Version: 3.1.0.4880)
Adobe Common File Installer (Version: 1.00.002)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Photoshop Elements 7.0 (Version: 7.0)
Adobe Photoshop Elements 7.0 (Version: 7.0.0.3)
Adobe Premiere Elements 4.0 (Version: 4.0)
Adobe Premiere Elements 4.0 Templates (Version: 4.0.0)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
AMD APP SDK Runtime (Version: 2.4.595.9)
AMD Fuel (Version: 2011.0401.2259.39449)
AMD System Monitor (Version: 1.0.5)
AMD VISION Engine Control Center (Version: 2011.0401.2259.39449)
AndreaMosaic 3.33.0
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ArcSoft MediaImpression for Kodak (Version: 2.0.24.1127)
ATI Catalyst Install Manager (Version: 3.0.820.0)
AuthenTec TrueAPI (Version: 1.3.0.120)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0401.2259.39449)
Catalyst Control Center InstallProxy (Version: 2011.0401.2259.39449)
Catalyst Control Center Localization All (Version: 2011.0401.2259.39449)
ccc-utility64 (Version: 2011.0401.2259.39449)
CCC Help Chinese Standard (Version: 2011.0401.2258.39449)
CCC Help Chinese Traditional (Version: 2011.0401.2258.39449)
CCC Help Czech (Version: 2011.0401.2258.39449)
CCC Help Danish (Version: 2011.0401.2258.39449)
CCC Help Dutch (Version: 2011.0401.2258.39449)
CCC Help English (Version: 2011.0401.2258.39449)
CCC Help Finnish (Version: 2011.0401.2258.39449)
CCC Help French (Version: 2011.0401.2258.39449)
CCC Help German (Version: 2011.0401.2258.39449)
CCC Help Greek (Version: 2011.0401.2258.39449)
CCC Help Hungarian (Version: 2011.0401.2258.39449)
CCC Help Italian (Version: 2011.0401.2258.39449)
CCC Help Japanese (Version: 2011.0401.2258.39449)
CCC Help Korean (Version: 2011.0401.2258.39449)
CCC Help Norwegian (Version: 2011.0401.2258.39449)
CCC Help Polish (Version: 2011.0401.2258.39449)
CCC Help Portuguese (Version: 2011.0401.2258.39449)
CCC Help Russian (Version: 2011.0401.2258.39449)
CCC Help Spanish (Version: 2011.0401.2258.39449)
CCC Help Swedish (Version: 2011.0401.2258.39449)
CCC Help Thai (Version: 2011.0401.2258.39449)
CCC Help Turkish (Version: 2011.0401.2258.39449)
Coupon Printer for Windows (Version: 5.0.0.1)
CricutSync (Version: 2.0.5)
CricutSync (Version: 2.0.5.3)
CyberLink PowerDVD 10 (Version: 10.0.3.2815)
CyberLink YouCam (Version: 3.5.1.3922)
D3DX10 (Version: 15.4.2368.0902)
DING! (Version: 1.05.005)
Energy Star Digital Logo (Version: 1.0.1)
EPSON Scan
ESET Online Scanner v3
ESU for Microsoft Windows 7 (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3203.136)
Google Update Helper (Version: 1.3.21.115)
GradeQuick Web Plugin (Version: 1.00.0000)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.1.9.1)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Color LaserJet 3600 (02/27/2007 61.063.461.41) (Version: 02/27/2007 61.063.461.41)
HP Connection Manager (Version: 4.1.22.1)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.2.0.0)
HP DVB-T TV Tuner 8.0.64.43 (Version: 8.0.64.43)
HP MovieStore (Version: 1.0.047)
HP MovieStore (Version: 2.0)
HP On Screen Display (Version: 1.2.2)
HP Power Manager (Version: 1.4.4)
HP Quick Launch (Version: 2.4.4)
HP Setup (Version: 8.6.4530.3651)
HP Setup Manager (Version: 1.1.13253.3682)
HP SimplePass 2011 (Version: 5.3.0.209)
HP Software Framework (Version: 4.1.13.1)
HP Support Assistant (Version: 6.1.12.1)
IDT Audio (Version: 1.0.6330.0)
Image Desktop (Version: 1.0.6 build 339)
Image Desktop (Version: 1.0.6)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 30 (Version: 6.0.300)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
ooVoo (Version: 3.5.3018)
PE-DESIGN Ver5
Picaboo X (Version: 10.151)
Picaboo X (Version: 10.151P)
PlayReady PC Runtime x86 (Version: 1.3.0)
PrimoPDF -- brought to you by Nitro PDF Software (Version: 5)
QuickTime (Version: 7.72.80.56)
Ralink RT5390 802.11b/g/n WiFi Adapter (Version: 3.02.02.0)
Realtek Ethernet Controller Driver (Version: 7.41.216.2011)
Realtek PCIE Card Reader (Version: 6.1.7600.80)
Recovery Manager (Version: 2.0.0)
RoxioNow Player (Version: 1.9.5.103)
Skype™ 5.10 (Version: 5.10.116)
Synaptics Pointing Device Driver (Version: 15.2.4.4)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Validity WBF DDK (Version: 4.3.205.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WMV9/VC-1 Video Playback (Version: 1.00.0000)
Yahoo! Detect
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 5610.9 MB
Available physical RAM: 3635.54 MB
Total Pagefile: 11220 MB
Available Pagefile: 9093.72 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.6 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:581.24 GB) (Free:485.86 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:14.63 GB) (Free:1.62 GB) NTFS
4 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
5 Drive p: (ARCH01) (Network) (Total:931.51 GB) (Free:37.01 GB) NTFS
6 Drive q: (ARCH01) (Network) (Total:931.51 GB) (Free:37.01 GB) NTFS

========================= Users: ========================================

User accounts for \\DAISY

Administrator Amy Guest
Madison


**** End of log ****

#14 CRodgers

CRodgers
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL, USA
  • Local time:12:07 AM

Posted 09 September 2012 - 10:46 PM

Farbar Service Scanner Version: 06-08-2012
Ran by Amy (administrator) on 09-09-2012 at 23:46:16
Running from "C:\Users\Amy\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#15 CRodgers

CRodgers
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FL, USA
  • Local time:12:07 AM

Posted 09 September 2012 - 10:57 PM

# AdwCleaner v2.001 - Logfile created 09/09/2012 at 23:54:11
# Updated 09/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Amy - DAISY
# Boot Mode : Normal
# Running from : C:\Users\Amy\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

*************************

AdwCleaner[S1].txt - [1466 octets] - [09/09/2012 23:54:11]

########## EOF - C:\AdwCleaner[S1].txt - [1526 octets] ##########




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users