Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit hook ATAPI IRP


  • Please log in to reply
28 replies to this topic

#1 juan1999

juan1999

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 14 September 2012 - 07:42 PM

Hello! I ran my AVG and it found this rootkit hook ATAPI IRP in 27 different versions. I tried several times to get rid off by using AVG, however, every time I ran it again; surprise, surprise, puppy surprise, the rootkit hook appears again. I need your help to eradicate this rootkit hook out of my PC. Please, let me know what you need and I will gladly provide it. Thanks, Juan

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:45 AM

Posted 14 September 2012 - 07:54 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 juan1999

juan1999
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 18 September 2012 - 11:40 PM

Alright, this is what I got:

from TDSKiller:


13:11:20.0298 1380 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
13:11:20.0993 1380 ============================================================
13:11:20.0993 1380 Current date / time: 2012/09/18 13:11:20.0993
13:11:20.0993 1380 SystemInfo:
13:11:20.0993 1380
13:11:20.0993 1380 OS Version: 6.1.7601 ServicePack: 1.0
13:11:20.0993 1380 Product type: Workstation
13:11:20.0993 1380 ComputerName: JUAN-PC
13:11:20.0994 1380 UserName: Asdrubal Gil
13:11:20.0994 1380 Windows directory: C:\Windows
13:11:20.0994 1380 System windows directory: C:\Windows
13:11:20.0994 1380 Running under WOW64
13:11:20.0994 1380 Processor architecture: Intel x64
13:11:20.0994 1380 Number of processors: 2
13:11:20.0994 1380 Page size: 0x1000
13:11:20.0994 1380 Boot type: Normal boot
13:11:20.0994 1380 ============================================================
13:11:22.0162 1380 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:11:22.0166 1380 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:11:22.0227 1380 ============================================================
13:11:22.0227 1380 \Device\Harddisk0\DR0:
13:11:22.0228 1380 MBR partitions:
13:11:22.0228 1380 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
13:11:22.0228 1380 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F2CC, BlocksNum 0x18CDA3F5
13:11:22.0228 1380 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x25029800, BlocksNum 0x400000
13:11:22.0228 1380 \Device\Harddisk1\DR1:
13:11:22.0229 1380 MBR partitions:
13:11:22.0229 1380 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
13:11:22.0229 1380 ============================================================
13:11:22.0247 1380 C: <-> \Device\Harddisk0\DR0\Partition1
13:11:22.0272 1380 D: <-> \Device\Harddisk0\DR0\Partition2
13:11:22.0325 1380 G: <-> \Device\Harddisk1\DR1\Partition1
13:11:22.0326 1380 ============================================================
13:11:22.0326 1380 Initialize success
13:11:22.0326 1380 ============================================================
13:11:25.0280 2140 ============================================================
13:11:25.0280 2140 Scan started
13:11:25.0280 2140 Mode: Manual;
13:11:25.0280 2140 ============================================================
13:11:26.0833 2140 ================ Scan system memory ========================
13:11:26.0833 2140 System memory - ok
13:11:26.0837 2140 ================ Scan services =============================
13:11:27.0016 2140 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:11:27.0021 2140 1394ohci - ok
13:11:27.0051 2140 [ 5AA055FE5AE506E19E9A8F537756EE10 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
13:11:27.0052 2140 Accelerometer - ok
13:11:27.0092 2140 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:11:27.0096 2140 ACPI - ok
13:11:27.0132 2140 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:11:27.0134 2140 AcpiPmi - ok
13:11:27.0229 2140 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:11:27.0246 2140 AdobeARMservice - ok
13:11:27.0370 2140 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:11:27.0372 2140 AdobeFlashPlayerUpdateSvc - ok
13:11:27.0417 2140 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:11:27.0429 2140 adp94xx - ok
13:11:27.0466 2140 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:11:27.0471 2140 adpahci - ok
13:11:27.0486 2140 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:11:27.0489 2140 adpu320 - ok
13:11:27.0515 2140 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:11:27.0516 2140 AeLookupSvc - ok
13:11:27.0623 2140 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
13:11:27.0625 2140 AESTFilters - ok
13:11:27.0683 2140 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:11:27.0714 2140 AFD - ok
13:11:27.0752 2140 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:11:27.0754 2140 agp440 - ok
13:11:27.0795 2140 [ 94C0972B06C75456ED574DD46417B1D8 ] aksdf C:\Windows\system32\drivers\aksdf.sys
13:11:27.0809 2140 aksdf - ok
13:11:27.0868 2140 [ 7B0BC062CA6ABAB23F88EA483B5A538E ] aksfridge C:\Windows\system32\drivers\aksfridge.sys
13:11:27.0881 2140 aksfridge - ok
13:11:27.0892 2140 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:11:27.0897 2140 ALG - ok
13:11:27.0933 2140 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:11:27.0934 2140 aliide - ok
13:11:27.0968 2140 [ BCC32BF5EBB5DFD4380FA053D3651949 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:11:27.0970 2140 AMD External Events Utility - ok
13:11:27.0985 2140 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:11:27.0987 2140 amdide - ok
13:11:28.0007 2140 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:11:28.0009 2140 AmdK8 - ok
13:11:28.0042 2140 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:11:28.0043 2140 AmdPPM - ok
13:11:28.0078 2140 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:11:28.0080 2140 amdsata - ok
13:11:28.0095 2140 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:11:28.0098 2140 amdsbs - ok
13:11:28.0117 2140 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:11:28.0119 2140 amdxata - ok
13:11:28.0158 2140 [ 05F1A0A81A98CF27E3F028213FB6C36A ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
13:11:28.0162 2140 ApfiltrService - ok
13:11:28.0198 2140 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:11:28.0201 2140 AppID - ok
13:11:28.0215 2140 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:11:28.0217 2140 AppIDSvc - ok
13:11:28.0248 2140 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:11:28.0250 2140 Appinfo - ok
13:11:28.0316 2140 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:11:28.0318 2140 Apple Mobile Device - ok
13:11:28.0340 2140 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:11:28.0343 2140 arc - ok
13:11:28.0355 2140 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:11:28.0358 2140 arcsas - ok
13:11:28.0723 2140 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:11:28.0738 2140 aspnet_state - ok
13:11:28.0776 2140 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:11:28.0777 2140 AsyncMac - ok
13:11:28.0802 2140 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:11:28.0802 2140 atapi - ok
13:11:28.0851 2140 [ F8633CDD09647A64EE8DB550630427FF ] athr C:\Windows\system32\DRIVERS\athrx.sys
13:11:28.0920 2140 athr - ok
13:11:28.0995 2140 [ 3B9014FB7CE9E20FD726321C7DB7D8B0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
13:11:28.0998 2140 AtiHdmiService - ok
13:11:29.0313 2140 [ A29087680A1C3B049E3C05438E8FF2B8 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:11:29.0429 2140 atikmdag - ok
13:11:29.0462 2140 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
13:11:29.0463 2140 AtiPcie - ok
13:11:29.0514 2140 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:11:29.0518 2140 AudioEndpointBuilder - ok
13:11:29.0538 2140 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:11:29.0543 2140 AudioSrv - ok
13:11:29.0734 2140 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
13:11:29.0843 2140 AVGIDSAgent - ok
13:11:29.0899 2140 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
13:11:29.0901 2140 AVGIDSDriver - ok
13:11:29.0963 2140 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
13:11:29.0965 2140 AVGIDSFilter - ok
13:11:29.0989 2140 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
13:11:29.0991 2140 AVGIDSHA - ok
13:11:30.0046 2140 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
13:11:30.0050 2140 Avgldx64 - ok
13:11:30.0086 2140 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
13:11:30.0088 2140 Avgmfx64 - ok
13:11:30.0142 2140 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
13:11:30.0143 2140 Avgrkx64 - ok
13:11:30.0192 2140 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
13:11:30.0198 2140 Avgtdia - ok
13:11:30.0231 2140 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
13:11:30.0234 2140 avgwd - ok
13:11:30.0274 2140 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:11:30.0277 2140 AxInstSV - ok
13:11:30.0311 2140 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:11:30.0324 2140 b06bdrv - ok
13:11:30.0354 2140 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:11:30.0358 2140 b57nd60a - ok
13:11:30.0392 2140 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:11:30.0394 2140 BDESVC - ok
13:11:30.0416 2140 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:11:30.0417 2140 Beep - ok
13:11:30.0471 2140 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:11:30.0488 2140 BFE - ok
13:11:30.0527 2140 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
13:11:30.0553 2140 BITS - ok
13:11:30.0582 2140 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:11:30.0583 2140 blbdrive - ok
13:11:30.0662 2140 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:11:30.0679 2140 Bonjour Service - ok
13:11:30.0731 2140 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:11:30.0736 2140 bowser - ok
13:11:30.0778 2140 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:11:30.0783 2140 BrFiltLo - ok
13:11:30.0810 2140 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:11:30.0813 2140 BrFiltUp - ok
13:11:30.0858 2140 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:11:30.0908 2140 Browser - ok
13:11:30.0950 2140 [ 6DF544E72FF139E8FBBBA6D0E569BEA5 ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys
13:11:30.0964 2140 BrSerIb - ok
13:11:30.0987 2140 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:11:30.0993 2140 Brserid - ok
13:11:31.0001 2140 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:11:31.0003 2140 BrSerWdm - ok
13:11:31.0010 2140 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:11:31.0012 2140 BrUsbMdm - ok
13:11:31.0028 2140 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:11:31.0030 2140 BrUsbSer - ok
13:11:31.0043 2140 [ 80082AD46578F0D3270D2E56D6433082 ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys
13:11:31.0053 2140 BrUsbSIb - ok
13:11:31.0092 2140 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
13:11:31.0112 2140 BrYNSvc - ok
13:11:31.0261 2140 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
13:11:31.0272 2140 BthEnum - ok
13:11:31.0277 2140 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:11:31.0281 2140 BTHMODEM - ok
13:11:31.0316 2140 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
13:11:31.0319 2140 BthPan - ok
13:11:31.0393 2140 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
13:11:31.0419 2140 BTHPORT - ok
13:11:31.0494 2140 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:11:31.0496 2140 bthserv - ok
13:11:31.0555 2140 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
13:11:31.0557 2140 BTHUSB - ok
13:11:31.0597 2140 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:11:31.0600 2140 cdfs - ok
13:11:31.0734 2140 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:11:31.0740 2140 cdrom - ok
13:11:31.0835 2140 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:11:31.0838 2140 CertPropSvc - ok
13:11:31.0874 2140 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:11:31.0876 2140 circlass - ok
13:11:31.0910 2140 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:11:31.0917 2140 CLFS - ok
13:11:31.0972 2140 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:11:31.0990 2140 clr_optimization_v2.0.50727_32 - ok
13:11:32.0045 2140 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:11:32.0051 2140 clr_optimization_v2.0.50727_64 - ok
13:11:32.0144 2140 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:11:32.0251 2140 clr_optimization_v4.0.30319_32 - ok
13:11:32.0289 2140 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:11:32.0354 2140 clr_optimization_v4.0.30319_64 - ok
13:11:32.0374 2140 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:11:32.0376 2140 CmBatt - ok
13:11:32.0405 2140 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:11:32.0406 2140 cmdide - ok
13:11:32.0443 2140 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:11:32.0456 2140 CNG - ok
13:11:32.0533 2140 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
13:11:32.0538 2140 Com4QLBEx - ok
13:11:32.0563 2140 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:11:32.0567 2140 Compbatt - ok
13:11:32.0624 2140 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:11:32.0627 2140 CompositeBus - ok
13:11:32.0645 2140 COMSysApp - ok
13:11:32.0681 2140 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:11:32.0682 2140 crcdisk - ok
13:11:32.0720 2140 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:11:32.0741 2140 CryptSvc - ok
13:11:32.0783 2140 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:11:32.0789 2140 DcomLaunch - ok
13:11:32.0816 2140 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:11:32.0822 2140 defragsvc - ok
13:11:32.0857 2140 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:11:32.0859 2140 DfsC - ok
13:11:32.0888 2140 dgderdrv - ok
13:11:32.0931 2140 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:11:32.0934 2140 Dhcp - ok
13:11:32.0955 2140 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:11:32.0957 2140 discache - ok
13:11:32.0974 2140 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:11:32.0977 2140 Disk - ok
13:11:33.0010 2140 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:11:33.0012 2140 Dnscache - ok
13:11:33.0044 2140 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:11:33.0049 2140 dot3svc - ok
13:11:33.0097 2140 [ 5BC1D876DFD53C31C5FC65D2E9614015 ] DpHost C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
13:11:33.0100 2140 DpHost - ok
13:11:33.0131 2140 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:11:33.0135 2140 DPS - ok
13:11:33.0164 2140 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:11:33.0166 2140 drmkaud - ok
13:11:33.0220 2140 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:11:33.0258 2140 DXGKrnl - ok
13:11:33.0286 2140 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:11:33.0288 2140 EapHost - ok
13:11:33.0376 2140 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:11:33.0457 2140 ebdrv - ok
13:11:33.0491 2140 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:11:33.0493 2140 EFS - ok
13:11:33.0541 2140 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:11:33.0565 2140 ehRecvr - ok
13:11:33.0612 2140 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:11:33.0615 2140 ehSched - ok
13:11:33.0682 2140 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:11:33.0750 2140 elxstor - ok
13:11:33.0915 2140 [ A9EC08727C64D985678F5B64C03823F0 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
13:11:33.0945 2140 enecir - ok
13:11:34.0064 2140 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:11:34.0093 2140 ErrDev - ok
13:11:34.0179 2140 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:11:34.0182 2140 EventSystem - ok
13:11:34.0202 2140 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:11:34.0206 2140 exfat - ok
13:11:34.0225 2140 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:11:34.0228 2140 fastfat - ok
13:11:34.0293 2140 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:11:34.0307 2140 Fax - ok
13:11:34.0326 2140 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:11:34.0328 2140 fdc - ok
13:11:34.0352 2140 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:11:34.0354 2140 fdPHost - ok
13:11:34.0363 2140 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:11:34.0366 2140 FDResPub - ok
13:11:34.0379 2140 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:11:34.0381 2140 FileInfo - ok
13:11:34.0395 2140 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:11:34.0398 2140 Filetrace - ok
13:11:34.0452 2140 [ B9963C336A2BF054520DC09CE7C81476 ] FirebirdGuardianDefaultInstance C:\Program Files (x86)\firebird\firebird_2_1\bin\fbguard.exe
13:11:34.0469 2140 FirebirdGuardianDefaultInstance - ok
13:11:34.0529 2140 [ DB8EE43C90536A07D4BA481079AE214C ] FirebirdServerDefaultInstance C:\Program Files (x86)\firebird\firebird_2_1\bin\fbserver.exe
13:11:34.0571 2140 FirebirdServerDefaultInstance - ok
13:11:34.0662 2140 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:11:34.0697 2140 FLEXnet Licensing Service - ok
13:11:34.0717 2140 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:11:34.0719 2140 flpydisk - ok
13:11:34.0758 2140 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:11:34.0762 2140 FltMgr - ok
13:11:34.0821 2140 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:11:34.0850 2140 FontCache - ok
13:11:34.0903 2140 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:11:34.0908 2140 FontCache3.0.0.0 - ok
13:11:34.0928 2140 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:11:34.0930 2140 FsDepends - ok
13:11:34.0960 2140 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:11:34.0962 2140 Fs_Rec - ok
13:11:35.0001 2140 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:11:35.0005 2140 fvevol - ok
13:11:35.0018 2140 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:11:35.0021 2140 gagp30kx - ok
13:11:35.0053 2140 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:11:35.0055 2140 GEARAspiWDM - ok
13:11:35.0096 2140 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:11:35.0102 2140 gpsvc - ok
13:11:35.0169 2140 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:11:35.0172 2140 gupdate - ok
13:11:35.0227 2140 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:11:35.0231 2140 gupdatem - ok
13:11:35.0298 2140 [ 78FAD9117E4527F2CA82259DA10F40BD ] hardlock C:\Windows\system32\drivers\hardlock.sys
13:11:35.0337 2140 hardlock - ok
13:11:35.0347 2140 hasplms - ok
13:11:35.0368 2140 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:11:35.0372 2140 hcw85cir - ok
13:11:35.0421 2140 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:11:35.0427 2140 HdAudAddService - ok
13:11:35.0461 2140 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:11:35.0464 2140 HDAudBus - ok
13:11:35.0482 2140 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:11:35.0485 2140 HidBatt - ok
13:11:35.0492 2140 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:11:35.0496 2140 HidBth - ok
13:11:35.0520 2140 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:11:35.0522 2140 HidIr - ok
13:11:35.0547 2140 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:11:35.0550 2140 hidserv - ok
13:11:35.0593 2140 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:11:35.0595 2140 HidUsb - ok
13:11:35.0627 2140 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:11:35.0630 2140 hkmsvc - ok
13:11:35.0666 2140 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:11:35.0671 2140 HomeGroupListener - ok
13:11:35.0704 2140 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:11:35.0708 2140 HomeGroupProvider - ok
13:11:35.0768 2140 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
13:11:35.0770 2140 HP Support Assistant Service - ok
13:11:35.0855 2140 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
13:11:35.0859 2140 HPDrvMntSvc.exe - ok
13:11:35.0891 2140 [ 0AC88FBE4BF315F5F8FD862426C11540 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
13:11:35.0893 2140 hpdskflt - ok
13:11:35.0933 2140 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
13:11:35.0935 2140 HpqKbFiltr - ok
13:11:35.0975 2140 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
13:11:35.0983 2140 hpqwmiex - ok
13:11:36.0020 2140 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:11:36.0022 2140 HpSAMD - ok
13:11:36.0033 2140 [ 778CE2C015DEC896C5C9323342BD71D4 ] hpsrv C:\Windows\system32\Hpservice.exe
13:11:36.0035 2140 hpsrv - ok
13:11:36.0123 2140 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:11:36.0137 2140 HTTP - ok
13:11:36.0211 2140 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:11:36.0214 2140 hwpolicy - ok
13:11:36.0254 2140 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:11:36.0259 2140 i8042prt - ok
13:11:36.0300 2140 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:11:36.0307 2140 iaStorV - ok
13:11:36.0354 2140 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:11:36.0381 2140 idsvc - ok
13:11:36.0405 2140 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:11:36.0407 2140 iirsp - ok
13:11:36.0440 2140 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:11:36.0466 2140 IKEEXT - ok
13:11:36.0484 2140 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:11:36.0486 2140 intelide - ok
13:11:36.0504 2140 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:11:36.0506 2140 intelppm - ok
13:11:36.0531 2140 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:11:36.0534 2140 IPBusEnum - ok
13:11:36.0567 2140 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:11:36.0569 2140 IpFilterDriver - ok
13:11:36.0612 2140 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:11:36.0629 2140 iphlpsvc - ok
13:11:36.0674 2140 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:11:36.0677 2140 IPMIDRV - ok
13:11:36.0692 2140 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:11:36.0695 2140 IPNAT - ok
13:11:36.0735 2140 [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:11:36.0770 2140 iPod Service - ok
13:11:36.0802 2140 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:11:36.0804 2140 IRENUM - ok
13:11:36.0833 2140 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:11:36.0834 2140 isapnp - ok
13:11:36.0855 2140 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:11:36.0868 2140 iScsiPrt - ok
13:11:36.0908 2140 [ 02BD12C2EE52F0849A5D6F9A2FA67B4E ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
13:11:36.0911 2140 JMCR - ok
13:11:36.0940 2140 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
13:11:36.0942 2140 kbdclass - ok
13:11:36.0985 2140 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:11:36.0986 2140 kbdhid - ok
13:11:36.0994 2140 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:11:36.0995 2140 KeyIso - ok
13:11:37.0042 2140 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:11:37.0044 2140 KSecDD - ok
13:11:37.0062 2140 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:11:37.0065 2140 KSecPkg - ok
13:11:37.0077 2140 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:11:37.0078 2140 ksthunk - ok
13:11:37.0102 2140 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:11:37.0108 2140 KtmRm - ok
13:11:37.0149 2140 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:11:37.0166 2140 LanmanServer - ok
13:11:37.0220 2140 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:11:37.0228 2140 LanmanWorkstation - ok
13:11:37.0345 2140 [ C34411A244029F1C08687F7C752C4563 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
13:11:37.0383 2140 LightScribeService - ok
13:11:37.0415 2140 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:11:37.0417 2140 lltdio - ok
13:11:37.0444 2140 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:11:37.0450 2140 lltdsvc - ok
13:11:37.0464 2140 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:11:37.0467 2140 lmhosts - ok
13:11:37.0498 2140 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:11:37.0502 2140 LSI_FC - ok
13:11:37.0521 2140 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:11:37.0524 2140 LSI_SAS - ok
13:11:37.0542 2140 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:11:37.0545 2140 LSI_SAS2 - ok
13:11:37.0559 2140 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:11:37.0561 2140 LSI_SCSI - ok
13:11:37.0577 2140 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:11:37.0579 2140 luafv - ok
13:11:37.0625 2140 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:11:37.0626 2140 MBAMProtector - ok
13:11:37.0694 2140 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:11:37.0702 2140 MBAMScheduler - ok
13:11:37.0734 2140 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:11:37.0740 2140 MBAMService - ok
13:11:37.0784 2140 [ E6CB119EF2E148EAA1A247343550756E ] McciCMService C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
13:11:37.0852 2140 McciCMService - ok
13:11:37.0908 2140 [ BE3D584D7C021EB7D89166EECB83C341 ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
13:11:37.0944 2140 McciCMService64 - ok
13:11:37.0978 2140 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:11:37.0981 2140 Mcx2Svc - ok
13:11:38.0035 2140 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
13:11:38.0039 2140 MDM - ok
13:11:38.0050 2140 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:11:38.0052 2140 megasas - ok
13:11:38.0073 2140 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:11:38.0078 2140 MegaSR - ok
13:11:38.0115 2140 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:11:38.0117 2140 MMCSS - ok
13:11:38.0130 2140 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:11:38.0132 2140 Modem - ok
13:11:38.0151 2140 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:11:38.0153 2140 monitor - ok
13:11:38.0169 2140 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:11:38.0171 2140 mouclass - ok
13:11:38.0198 2140 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:11:38.0200 2140 mouhid - ok
13:11:38.0231 2140 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:11:38.0233 2140 mountmgr - ok
13:11:38.0338 2140 [ 7A76658FC8D02408C4DC09F36535FCE9 ] mpich2_smpd C:\Program Files (x86)\MPICH2\bin\smpd.exe
13:11:38.0389 2140 mpich2_smpd - ok
13:11:38.0425 2140 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:11:38.0428 2140 mpio - ok
13:11:38.0449 2140 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:11:38.0451 2140 mpsdrv - ok
13:11:38.0499 2140 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:11:38.0527 2140 MpsSvc - ok
13:11:38.0562 2140 MREMP50 - ok
13:11:38.0568 2140 MREMP50a64 - ok
13:11:38.0577 2140 MREMPR5 - ok
13:11:38.0585 2140 MRENDIS5 - ok
13:11:38.0626 2140 MRESP50 - ok
13:11:38.0634 2140 MRESP50a64 - ok
13:11:38.0679 2140 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:11:38.0681 2140 MRxDAV - ok
13:11:38.0714 2140 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:11:38.0718 2140 mrxsmb - ok
13:11:38.0751 2140 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:11:38.0756 2140 mrxsmb10 - ok
13:11:38.0790 2140 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:11:38.0793 2140 mrxsmb20 - ok
13:11:38.0841 2140 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:11:38.0844 2140 msahci - ok
13:11:38.0879 2140 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:11:38.0882 2140 msdsm - ok
13:11:38.0905 2140 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:11:38.0909 2140 MSDTC - ok
13:11:38.0962 2140 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:11:38.0964 2140 Msfs - ok
13:11:38.0999 2140 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:11:39.0003 2140 mshidkmdf - ok
13:11:39.0042 2140 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:11:39.0044 2140 msisadrv - ok
13:11:39.0073 2140 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:11:39.0077 2140 MSiSCSI - ok
13:11:39.0084 2140 msiserver - ok
13:11:39.0130 2140 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:11:39.0153 2140 MSKSSRV - ok
13:11:39.0269 2140 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:11:39.0273 2140 MSPCLOCK - ok
13:11:39.0291 2140 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:11:39.0294 2140 MSPQM - ok
13:11:39.0351 2140 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:11:39.0357 2140 MsRPC - ok
13:11:39.0373 2140 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:11:39.0375 2140 mssmbios - ok
13:11:39.0390 2140 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:11:39.0391 2140 MSTEE - ok
13:11:39.0407 2140 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:11:39.0408 2140 MTConfig - ok
13:11:39.0423 2140 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:11:39.0426 2140 Mup - ok
13:11:39.0466 2140 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:11:39.0478 2140 napagent - ok
13:11:39.0518 2140 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:11:39.0521 2140 NativeWifiP - ok
13:11:39.0570 2140 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:11:39.0596 2140 NDIS - ok
13:11:39.0618 2140 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:11:39.0620 2140 NdisCap - ok
13:11:39.0640 2140 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:11:39.0642 2140 NdisTapi - ok
13:11:39.0681 2140 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:11:39.0683 2140 Ndisuio - ok
13:11:39.0722 2140 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:11:39.0726 2140 NdisWan - ok
13:11:39.0751 2140 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:11:39.0753 2140 NDProxy - ok
13:11:39.0769 2140 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:11:39.0772 2140 NetBIOS - ok
13:11:39.0808 2140 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:11:39.0812 2140 NetBT - ok
13:11:39.0823 2140 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:11:39.0825 2140 Netlogon - ok
13:11:39.0857 2140 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:11:39.0863 2140 Netman - ok
13:11:39.0904 2140 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:11:39.0923 2140 NetMsmqActivator - ok
13:11:39.0928 2140 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:11:39.0929 2140 NetPipeActivator - ok
13:11:39.0946 2140 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:11:39.0953 2140 netprofm - ok
13:11:39.0984 2140 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:11:39.0986 2140 NetTcpActivator - ok
13:11:39.0991 2140 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:11:39.0992 2140 NetTcpPortSharing - ok
13:11:40.0009 2140 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:11:40.0015 2140 nfrd960 - ok
13:11:40.0046 2140 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:11:40.0051 2140 NlaSvc - ok
13:11:40.0062 2140 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:11:40.0064 2140 Npfs - ok
13:11:40.0075 2140 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:11:40.0077 2140 nsi - ok
13:11:40.0089 2140 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:11:40.0090 2140 nsiproxy - ok
13:11:40.0161 2140 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:11:40.0217 2140 Ntfs - ok
13:11:40.0235 2140 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:11:40.0237 2140 Null - ok
13:11:40.0272 2140 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:11:40.0275 2140 nvraid - ok
13:11:40.0305 2140 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:11:40.0309 2140 nvstor - ok
13:11:40.0345 2140 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:11:40.0348 2140 nv_agp - ok
13:11:40.0402 2140 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:11:40.0417 2140 odserv - ok
13:11:40.0453 2140 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:11:40.0456 2140 ohci1394 - ok
13:11:40.0488 2140 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:11:40.0492 2140 ose - ok
13:11:40.0520 2140 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:11:40.0525 2140 p2pimsvc - ok
13:11:40.0569 2140 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:11:40.0596 2140 p2psvc - ok
13:11:40.0618 2140 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:11:40.0624 2140 Parport - ok
13:11:40.0654 2140 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:11:40.0656 2140 partmgr - ok
13:11:40.0671 2140 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:11:40.0676 2140 PcaSvc - ok
13:11:40.0718 2140 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:11:40.0722 2140 pci - ok
13:11:40.0754 2140 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:11:40.0756 2140 pciide - ok
13:11:40.0776 2140 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:11:40.0780 2140 pcmcia - ok
13:11:40.0793 2140 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:11:40.0795 2140 pcw - ok
13:11:40.0820 2140 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:11:40.0834 2140 PEAUTH - ok
13:11:40.0918 2140 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:11:40.0921 2140 PerfHost - ok
13:11:40.0998 2140 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:11:41.0034 2140 pla - ok
13:11:41.0067 2140 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:11:41.0073 2140 PlugPlay - ok
13:11:41.0084 2140 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:11:41.0087 2140 PNRPAutoReg - ok
13:11:41.0102 2140 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:11:41.0106 2140 PNRPsvc - ok
13:11:41.0148 2140 [ 33328FA8A580885AB0065BE6DB266E9F ] Point64 C:\Windows\system32\DRIVERS\point64.sys
13:11:41.0149 2140 Point64 - ok
13:11:41.0188 2140 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:11:41.0211 2140 PolicyAgent - ok
13:11:41.0246 2140 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:11:41.0254 2140 Power - ok
13:11:41.0289 2140 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:11:41.0292 2140 PptpMiniport - ok
13:11:41.0310 2140 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:11:41.0312 2140 Processor - ok
13:11:41.0361 2140 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:11:41.0364 2140 ProfSvc - ok
13:11:41.0379 2140 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:11:41.0380 2140 ProtectedStorage - ok
13:11:41.0419 2140 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:11:41.0422 2140 Psched - ok
13:11:41.0478 2140 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:11:41.0514 2140 ql2300 - ok
13:11:41.0531 2140 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:11:41.0534 2140 ql40xx - ok
13:11:41.0556 2140 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:11:41.0562 2140 QWAVE - ok
13:11:41.0576 2140 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:11:41.0578 2140 QWAVEdrv - ok
13:11:41.0591 2140 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:11:41.0593 2140 RasAcd - ok
13:11:41.0623 2140 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:11:41.0628 2140 RasAgileVpn - ok
13:11:41.0646 2140 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:11:41.0650 2140 RasAuto - ok
13:11:41.0682 2140 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:11:41.0684 2140 Rasl2tp - ok
13:11:41.0723 2140 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:11:41.0729 2140 RasMan - ok
13:11:41.0756 2140 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:11:41.0759 2140 RasPppoe - ok
13:11:41.0767 2140 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:11:41.0769 2140 RasSstp - ok
13:11:41.0803 2140 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:11:41.0808 2140 rdbss - ok
13:11:41.0823 2140 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:11:41.0825 2140 rdpbus - ok
13:11:41.0848 2140 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:11:41.0849 2140 RDPCDD - ok
13:11:41.0862 2140 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:11:41.0863 2140 RDPENCDD - ok
13:11:41.0877 2140 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:11:41.0879 2140 RDPREFMP - ok
13:11:41.0912 2140 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:11:41.0929 2140 RDPWD - ok
13:11:41.0955 2140 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:11:41.0959 2140 rdyboost - ok
13:11:41.0973 2140 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:11:41.0976 2140 RemoteAccess - ok
13:11:41.0990 2140 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:11:41.0994 2140 RemoteRegistry - ok
13:11:42.0029 2140 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
13:11:42.0033 2140 RFCOMM - ok
13:11:42.0070 2140 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
13:11:42.0072 2140 RimUsb - ok
13:11:42.0080 2140 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:11:42.0082 2140 RpcEptMapper - ok
13:11:42.0107 2140 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:11:42.0109 2140 RpcLocator - ok
13:11:42.0151 2140 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:11:42.0156 2140 RpcSs - ok
13:11:42.0170 2140 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:11:42.0171 2140 rspndr - ok
13:11:42.0203 2140 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:11:42.0236 2140 RTL8167 - ok
13:11:42.0261 2140 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:11:42.0262 2140 SamSs - ok
13:11:42.0290 2140 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:11:42.0292 2140 sbp2port - ok
13:11:42.0314 2140 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:11:42.0318 2140 SCardSvr - ok
13:11:42.0352 2140 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:11:42.0354 2140 scfilter - ok
13:11:42.0409 2140 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:11:42.0436 2140 Schedule - ok
13:11:42.0470 2140 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:11:42.0471 2140 SCPolicySvc - ok
13:11:42.0502 2140 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:11:42.0506 2140 SDRSVC - ok
13:11:42.0520 2140 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:11:42.0521 2140 secdrv - ok
13:11:42.0553 2140 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:11:42.0556 2140 seclogon - ok
13:11:42.0572 2140 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:11:42.0575 2140 SENS - ok
13:11:42.0584 2140 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:11:42.0587 2140 SensrSvc - ok
13:11:42.0606 2140 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:11:42.0608 2140 Serenum - ok
13:11:42.0626 2140 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:11:42.0629 2140 Serial - ok
13:11:42.0674 2140 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:11:42.0676 2140 sermouse - ok
13:11:42.0716 2140 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:11:42.0720 2140 SessionEnv - ok
13:11:42.0756 2140 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:11:42.0758 2140 sffdisk - ok
13:11:42.0773 2140 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:11:42.0775 2140 sffp_mmc - ok
13:11:42.0791 2140 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:11:42.0793 2140 sffp_sd - ok
13:11:42.0806 2140 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:11:42.0807 2140 sfloppy - ok
13:11:42.0839 2140 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:11:42.0845 2140 SharedAccess - ok
13:11:42.0882 2140 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:11:42.0887 2140 ShellHWDetection - ok
13:11:42.0903 2140 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:11:42.0904 2140 SiSRaid2 - ok
13:11:42.0921 2140 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:11:42.0923 2140 SiSRaid4 - ok
13:11:43.0117 2140 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:11:43.0148 2140 Skype C2C Service - ok
13:11:43.0212 2140 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:11:43.0215 2140 SkypeUpdate - ok
13:11:43.0239 2140 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:11:43.0241 2140 Smb - ok
13:11:43.0277 2140 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:11:43.0281 2140 SNMPTRAP - ok
13:11:43.0293 2140 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:11:43.0295 2140 spldr - ok
13:11:43.0327 2140 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:11:43.0333 2140 Spooler - ok
13:11:43.0425 2140 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:11:43.0515 2140 sppsvc - ok
13:11:43.0551 2140 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:11:43.0554 2140 sppuinotify - ok
13:11:43.0650 2140 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
13:11:43.0666 2140 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
13:11:43.0669 2140 sptd ( LockedFile.Multi.Generic ) - warning
13:11:43.0669 2140 sptd - detected LockedFile.Multi.Generic (1)
13:11:43.0715 2140 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:11:43.0721 2140 srv - ok
13:11:43.0745 2140 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:11:43.0751 2140 srv2 - ok
13:11:43.0764 2140 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:11:43.0767 2140 srvnet - ok
13:11:43.0797 2140 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:11:43.0802 2140 SSDPSRV - ok
13:11:43.0820 2140 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:11:43.0824 2140 SstpSvc - ok
13:11:43.0913 2140 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
13:11:43.0917 2140 STacSV - ok
13:11:43.0940 2140 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:11:43.0942 2140 stexstor - ok
13:11:43.0979 2140 [ DFFBC024DFC7BB05B2129E05CBC7A201 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
13:11:43.0993 2140 STHDA - ok
13:11:44.0068 2140 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:11:44.0110 2140 stisvc - ok
13:11:44.0147 2140 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:11:44.0149 2140 swenum - ok
13:11:44.0172 2140 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:11:44.0189 2140 swprv - ok
13:11:44.0249 2140 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:11:44.0401 2140 SysMain - ok
13:11:44.0522 2140 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:11:44.0727 2140 TabletInputService - ok
13:11:44.0850 2140 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:11:44.0868 2140 TapiSrv - ok
13:11:44.0916 2140 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:11:44.0920 2140 TBS - ok
13:11:45.0032 2140 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:11:45.0104 2140 Tcpip - ok
13:11:45.0162 2140 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:11:45.0174 2140 TCPIP6 - ok
13:11:45.0200 2140 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:11:45.0202 2140 tcpipreg - ok
13:11:45.0226 2140 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:11:45.0227 2140 TDPIPE - ok
13:11:45.0246 2140 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:11:45.0256 2140 TDTCP - ok
13:11:45.0292 2140 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:11:45.0294 2140 tdx - ok
13:11:45.0326 2140 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:11:45.0328 2140 TermDD - ok
13:11:45.0383 2140 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:11:45.0409 2140 TermService - ok
13:11:45.0431 2140 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:11:45.0433 2140 Themes - ok
13:11:45.0462 2140 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:11:45.0464 2140 THREADORDER - ok
13:11:45.0478 2140 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:11:45.0482 2140 TrkWks - ok
13:11:45.0545 2140 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:11:45.0547 2140 TrustedInstaller - ok
13:11:45.0585 2140 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:11:45.0587 2140 tssecsrv - ok
13:11:45.0647 2140 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:11:45.0650 2140 TsUsbFlt - ok
13:11:45.0697 2140 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:11:45.0699 2140 tunnel - ok
13:11:45.0722 2140 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:11:45.0724 2140 uagp35 - ok
13:11:45.0756 2140 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:11:45.0761 2140 udfs - ok
13:11:45.0781 2140 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:11:45.0784 2140 UI0Detect - ok
13:11:45.0815 2140 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:11:45.0818 2140 uliagpkx - ok
13:11:45.0857 2140 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
13:11:45.0859 2140 umbus - ok
13:11:45.0870 2140 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:11:45.0871 2140 UmPass - ok
13:11:45.0892 2140 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:11:45.0898 2140 upnphost - ok
13:11:45.0932 2140 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:11:45.0943 2140 USBAAPL64 - ok
13:11:45.0969 2140 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:11:45.0971 2140 usbccgp - ok
13:11:46.0003 2140 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:11:46.0006 2140 usbcir - ok
13:11:46.0039 2140 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:11:46.0040 2140 usbehci - ok
13:11:46.0068 2140 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:11:46.0074 2140 usbhub - ok
13:11:46.0094 2140 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:11:46.0096 2140 usbohci - ok
13:11:46.0117 2140 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:11:46.0119 2140 usbprint - ok
13:11:46.0148 2140 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:11:46.0150 2140 usbscan - ok
13:11:46.0166 2140 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:11:46.0168 2140 USBSTOR - ok
13:11:46.0180 2140 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:11:46.0182 2140 usbuhci - ok
13:11:46.0211 2140 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:11:46.0214 2140 usbvideo - ok
13:11:46.0225 2140 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:11:46.0227 2140 UxSms - ok
13:11:46.0246 2140 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:11:46.0248 2140 VaultSvc - ok
13:11:46.0287 2140 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:11:46.0290 2140 vdrvroot - ok
13:11:46.0324 2140 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:11:46.0367 2140 vds - ok
13:11:46.0413 2140 [ 6305ED64B6B4E96AEC8BECA423498EC0 ] vfsFPService C:\Windows\system32\vfsFPService.exe
13:11:46.0443 2140 vfsFPService - ok
13:11:46.0476 2140 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:11:46.0478 2140 vga - ok
13:11:46.0495 2140 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:11:46.0497 2140 VgaSave - ok
13:11:46.0547 2140 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:11:46.0551 2140 vhdmp - ok
13:11:46.0575 2140 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:11:46.0576 2140 viaide - ok
13:11:46.0606 2140 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:11:46.0608 2140 volmgr - ok
13:11:46.0663 2140 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:11:46.0681 2140 volmgrx - ok
13:11:46.0698 2140 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:11:46.0703 2140 volsnap - ok
13:11:46.0730 2140 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:11:46.0734 2140 vsmraid - ok
13:11:46.0809 2140 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:11:46.0867 2140 VSS - ok
13:11:46.0894 2140 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:11:46.0896 2140 vwifibus - ok
13:11:46.0923 2140 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:11:46.0926 2140 vwififlt - ok
13:11:46.0955 2140 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
13:11:46.0957 2140 vwifimp - ok
13:11:46.0984 2140 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:11:46.0991 2140 W32Time - ok
13:11:47.0011 2140 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:11:47.0014 2140 WacomPen - ok
13:11:47.0037 2140 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:11:47.0040 2140 WANARP - ok
13:11:47.0045 2140 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:11:47.0047 2140 Wanarpv6 - ok
13:11:47.0112 2140 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:11:47.0153 2140 WatAdminSvc - ok
13:11:47.0213 2140 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:11:47.0261 2140 wbengine - ok
13:11:47.0311 2140 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:11:47.0319 2140 WbioSrvc - ok
13:11:47.0410 2140 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:11:47.0442 2140 wcncsvc - ok
13:11:47.0451 2140 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:11:47.0455 2140 WcsPlugInService - ok
13:11:47.0468 2140 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:11:47.0470 2140 Wd - ok
13:11:47.0498 2140 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:11:47.0511 2140 Wdf01000 - ok
13:11:47.0528 2140 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:11:47.0531 2140 WdiServiceHost - ok
13:11:47.0535 2140 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:11:47.0538 2140 WdiSystemHost - ok
13:11:47.0584 2140 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:11:47.0602 2140 WebClient - ok
13:11:47.0627 2140 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:11:47.0645 2140 Wecsvc - ok
13:11:47.0666 2140 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:11:47.0672 2140 wercplsupport - ok
13:11:47.0703 2140 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:11:47.0706 2140 WerSvc - ok
13:11:47.0728 2140 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:11:47.0730 2140 WfpLwf - ok
13:11:47.0747 2140 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:11:47.0749 2140 WIMMount - ok
13:11:47.0770 2140 WinDefend - ok
13:11:47.0789 2140 WinHttpAutoProxySvc - ok
13:11:47.0843 2140 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:11:47.0847 2140 Winmgmt - ok
13:11:47.0906 2140 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:11:47.0949 2140 WinRM - ok
13:11:48.0004 2140 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
13:11:48.0006 2140 WinUsb - ok
13:11:48.0032 2140 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:11:48.0039 2140 Wlansvc - ok
13:11:48.0137 2140 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:11:48.0159 2140 wlidsvc - ok
13:11:48.0192 2140 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:11:48.0194 2140 WmiAcpi - ok
13:11:48.0209 2140 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:11:48.0212 2140 wmiApSrv - ok
13:11:48.0225 2140 WMPNetworkSvc - ok
13:11:48.0242 2140 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:11:48.0245 2140 WPCSvc - ok
13:11:48.0269 2140 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:11:48.0273 2140 WPDBusEnum - ok
13:11:48.0294 2140 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:11:48.0295 2140 ws2ifsl - ok
13:11:48.0305 2140 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
13:11:48.0309 2140 wscsvc - ok
13:11:48.0313 2140 WSearch - ok
13:11:48.0397 2140 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:11:48.0449 2140 wuauserv - ok
13:11:48.0486 2140 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:11:48.0488 2140 WudfPf - ok
13:11:48.0519 2140 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:11:48.0523 2140 WUDFRd - ok
13:11:48.0562 2140 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:11:48.0566 2140 wudfsvc - ok
13:11:48.0576 2140 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:11:48.0582 2140 WwanSvc - ok
13:11:48.0613 2140 ================ Scan global ===============================
13:11:48.0634 2140 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:11:48.0653 2140 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:11:48.0662 2140 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:11:48.0679 2140 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:11:48.0708 2140 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:11:48.0712 2140 [Global] - ok
13:11:48.0712 2140 ================ Scan MBR ==================================
13:11:48.0715 2140 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:11:48.0716 2140 Suspicious mbr (Forged): \Device\Harddisk0\DR0
13:11:48.0747 2140 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
13:11:48.0747 2140 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
13:11:48.0752 2140 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
13:11:48.0771 2140 \Device\Harddisk1\DR1 - ok
13:11:48.0772 2140 ================ Scan VBR ==================================
13:11:48.0779 2140 [ 64104E968EA2B616D2A08FAA9A1960FA ] \Device\Harddisk0\DR0\Partition1
13:11:48.0782 2140 \Device\Harddisk0\DR0\Partition1 - ok
13:11:48.0810 2140 [ C2646D848AC393F763EE429CA5A919CB ] \Device\Harddisk0\DR0\Partition2
13:11:48.0812 2140 \Device\Harddisk0\DR0\Partition2 - ok
13:11:48.0839 2140 [ 0DC58A8DBB4AF0BC1F9080F17888E907 ] \Device\Harddisk0\DR0\Partition3
13:11:48.0840 2140 \Device\Harddisk0\DR0\Partition3 - ok
13:11:48.0845 2140 [ D58A1AB02E282ABAB1964363976403C7 ] \Device\Harddisk1\DR1\Partition1
13:11:49.0518 2140 \Device\Harddisk1\DR1\Partition1 - ok
13:11:49.0519 2140 ============================================================
13:11:49.0519 2140 Scan finished
13:11:49.0520 2140 ============================================================
13:11:49.0550 3220 Detected object count: 2
13:11:49.0551 3220 Actual detected object count: 2
13:12:06.0370 3220 sptd ( LockedFile.Multi.Generic ) - skipped by user
13:12:06.0370 3220 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
13:12:07.0177 3220 \Device\Harddisk0\DR0\# - copied to quarantine
13:12:07.0179 3220 \Device\Harddisk0\DR0 - copied to quarantine
13:12:07.0236 3220 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
13:12:07.0239 3220 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
13:12:07.0255 3220 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
13:12:07.0262 3220 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
13:12:07.0280 3220 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
13:12:07.0291 3220 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
13:12:07.0292 3220 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
13:12:07.0294 3220 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
13:12:07.0296 3220 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
13:12:07.0299 3220 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
13:12:07.0302 3220 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
13:12:07.0304 3220 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
13:12:07.0305 3220 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
13:12:07.0307 3220 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
13:12:07.0322 3220 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
13:12:07.0354 3220 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
13:12:07.0357 3220 \Device\Harddisk0\DR0 - ok
13:12:07.0399 3220 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
13:13:07.0423 5924 Deinitialize success

FROM aswMBR


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-18 13:13:33
-----------------------------
13:13:33.958 OS Version: Windows x64 6.1.7601 Service Pack 1
13:13:33.958 Number of processors: 2 586 0x602
13:13:33.959 ComputerName: JUAN-PC UserName:
13:13:39.811 Initialize success
13:30:19.189 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:30:19.194 Disk 0 Vendor: WDC_WD3200BEKT-60F3T1 12.01A12 Size: 305245MB BusType: 11
13:30:19.196 Device \Driver\atapi -> MajorFunction fffffa800497c5e8
13:30:19.199 Disk 0 MBR read successfully
13:30:19.202 Disk 0 MBR scan
13:30:19.205 Disk 0 Windows 7 default MBR code
13:30:19.208 Disk 0 MBR hidden
13:30:19.212 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 99998 MB offset 63
13:30:19.250 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 203188 MB offset 204796620
13:30:19.278 Disk 0 Partition 3 00 0C FAT32 LBA MSDOS5.0 2048 MB offset 620926976
13:30:19.311 Disk 0 scanning C:\Windows\system32\drivers
13:30:26.757 Service scanning
13:30:27.751 Service 37376791 C:\Windows\system32\drivers\75252422.sys **HIDDEN**
13:30:38.990 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
13:30:42.468 Modules scanning
13:30:42.479 Disk 0 trace - called modules:
13:30:42.487 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys >>UNKNOWN [0xfffffa8006461110]<<77599500.sys >>UNKNOWN [0xfffffa800497c5e8]<<
13:30:42.492 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80043db060]
13:30:42.498 3 CLASSPNP.SYS[fffff8800145143f] -> nt!IofCallDriver -> [0xfffffa80043daa10]
13:30:42.508 5 hpdskflt.sys[fffff880017ef289] -> nt!IofCallDriver -> [0xfffffa800435b040]
13:30:42.514 7 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004357060]
13:30:42.521 \Driver\atapi[0xfffffa80048b6a70] -> IRP_MJ_CREATE -> 0xfffffa800497c5e8
13:30:42.527 Scan finished successfully
13:31:06.134 Disk 0 MBR has been saved successfully to "C:\Users\Asdrubal Gil\Desktop\MBR.dat"
13:31:06.140 The log file has been saved successfully to "C:\Users\Asdrubal Gil\Desktop\aswMBR.txt"

AND LASTLY ESET ON-LINE: did not provide any report. It said that the computer was clean.

Please let me know if you need something else, and thanks for your time and help!

Juan

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:45 AM

Posted 19 September 2012 - 02:02 AM

Restart the PC

Please run TDSSkiller and ASWMBR again and post the new log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



Download

adware cleaner

Launch it click on Delete

post the generated log

#5 juan1999

juan1999
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 19 September 2012 - 02:23 PM

[size="4"][/size][size="4"][/size]Alright, this is what I got.

TDSkiller:


08:46:19.0001 6048 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
08:46:20.0391 6048 ============================================================
08:46:20.0391 6048 Current date / time: 2012/09/19 08:46:20.0391
08:46:20.0391 6048 SystemInfo:
08:46:20.0391 6048
08:46:20.0391 6048 OS Version: 6.1.7601 ServicePack: 1.0
08:46:20.0391 6048 Product type: Workstation
08:46:20.0391 6048 ComputerName: JUAN-PC
08:46:20.0391 6048 UserName: Asdrubal Gil
08:46:20.0391 6048 Windows directory: C:\Windows
08:46:20.0391 6048 System windows directory: C:\Windows
08:46:20.0391 6048 Running under WOW64
08:46:20.0391 6048 Processor architecture: Intel x64
08:46:20.0391 6048 Number of processors: 2
08:46:20.0391 6048 Page size: 0x1000
08:46:20.0391 6048 Boot type: Normal boot
08:46:20.0391 6048 ============================================================
08:46:21.0621 6048 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:46:21.0626 6048 ============================================================
08:46:21.0626 6048 \Device\Harddisk0\DR0:
08:46:21.0626 6048 MBR partitions:
08:46:21.0626 6048 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
08:46:21.0626 6048 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F2CC, BlocksNum 0x18CDA3F5
08:46:21.0626 6048 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x25029800, BlocksNum 0x400000
08:46:21.0626 6048 ============================================================
08:46:21.0646 6048 C: <-> \Device\Harddisk0\DR0\Partition1
08:46:21.0671 6048 D: <-> \Device\Harddisk0\DR0\Partition2
08:46:21.0671 6048 ============================================================
08:46:21.0671 6048 Initialize success
08:46:21.0671 6048 ============================================================
08:47:02.0421 4712 ============================================================
08:47:02.0421 4712 Scan started
08:47:02.0421 4712 Mode: Manual;
08:47:02.0421 4712 ============================================================
08:47:03.0552 4712 ================ Scan system memory ========================
08:47:03.0552 4712 System memory - ok
08:47:03.0557 4712 ================ Scan services =============================
08:47:03.0717 4712 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:47:03.0722 4712 1394ohci - ok
08:47:03.0752 4712 [ 5AA055FE5AE506E19E9A8F537756EE10 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
08:47:03.0757 4712 Accelerometer - ok
08:47:03.0802 4712 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:47:03.0817 4712 ACPI - ok
08:47:03.0852 4712 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:47:03.0852 4712 AcpiPmi - ok
08:47:03.0967 4712 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:47:03.0967 4712 AdobeARMservice - ok
08:47:04.0112 4712 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:47:04.0117 4712 AdobeFlashPlayerUpdateSvc - ok
08:47:04.0172 4712 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:47:04.0202 4712 adp94xx - ok
08:47:04.0237 4712 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:47:04.0257 4712 adpahci - ok
08:47:04.0287 4712 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:47:04.0292 4712 adpu320 - ok
08:47:04.0327 4712 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:47:04.0327 4712 AeLookupSvc - ok
08:47:04.0457 4712 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
08:47:04.0462 4712 AESTFilters - ok
08:47:04.0512 4712 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:47:04.0527 4712 AFD - ok
08:47:04.0562 4712 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:47:04.0567 4712 agp440 - ok
08:47:04.0607 4712 [ 94C0972B06C75456ED574DD46417B1D8 ] aksdf C:\Windows\system32\drivers\aksdf.sys
08:47:04.0607 4712 aksdf - ok
08:47:04.0647 4712 [ 7B0BC062CA6ABAB23F88EA483B5A538E ] aksfridge C:\Windows\system32\drivers\aksfridge.sys
08:47:04.0647 4712 aksfridge - ok
08:47:04.0662 4712 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:47:04.0667 4712 ALG - ok
08:47:04.0677 4712 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:47:04.0677 4712 aliide - ok
08:47:04.0712 4712 [ BCC32BF5EBB5DFD4380FA053D3651949 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:47:04.0717 4712 AMD External Events Utility - ok
08:47:04.0737 4712 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:47:04.0742 4712 amdide - ok
08:47:04.0757 4712 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:47:04.0762 4712 AmdK8 - ok
08:47:04.0777 4712 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:47:04.0777 4712 AmdPPM - ok
08:47:04.0812 4712 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:47:04.0817 4712 amdsata - ok
08:47:04.0832 4712 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:47:04.0832 4712 amdsbs - ok
08:47:04.0852 4712 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:47:04.0857 4712 amdxata - ok
08:47:04.0892 4712 [ 05F1A0A81A98CF27E3F028213FB6C36A ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
08:47:04.0912 4712 ApfiltrService - ok
08:47:04.0967 4712 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:47:04.0972 4712 AppID - ok
08:47:04.0982 4712 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:47:04.0987 4712 AppIDSvc - ok
08:47:05.0017 4712 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:47:05.0017 4712 Appinfo - ok
08:47:05.0087 4712 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:47:05.0092 4712 Apple Mobile Device - ok
08:47:05.0127 4712 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
08:47:05.0132 4712 arc - ok
08:47:05.0152 4712 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:47:05.0157 4712 arcsas - ok
08:47:05.0267 4712 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:47:05.0272 4712 aspnet_state - ok
08:47:05.0307 4712 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:47:05.0307 4712 AsyncMac - ok
08:47:05.0347 4712 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:47:05.0347 4712 atapi - ok
08:47:05.0407 4712 [ F8633CDD09647A64EE8DB550630427FF ] athr C:\Windows\system32\DRIVERS\athrx.sys
08:47:05.0452 4712 athr - ok
08:47:05.0507 4712 [ 3B9014FB7CE9E20FD726321C7DB7D8B0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
08:47:05.0507 4712 AtiHdmiService - ok
08:47:05.0672 4712 [ A29087680A1C3B049E3C05438E8FF2B8 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:47:05.0822 4712 atikmdag - ok
08:47:05.0842 4712 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
08:47:05.0842 4712 AtiPcie - ok
08:47:05.0882 4712 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:47:05.0897 4712 AudioEndpointBuilder - ok
08:47:05.0912 4712 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:47:05.0917 4712 AudioSrv - ok
08:47:06.0142 4712 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
08:47:06.0177 4712 AVGIDSAgent - ok
08:47:06.0237 4712 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
08:47:06.0237 4712 AVGIDSDriver - ok
08:47:06.0277 4712 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
08:47:06.0277 4712 AVGIDSFilter - ok
08:47:06.0307 4712 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
08:47:06.0312 4712 AVGIDSHA - ok
08:47:06.0357 4712 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
08:47:06.0362 4712 Avgldx64 - ok
08:47:06.0397 4712 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
08:47:06.0402 4712 Avgmfx64 - ok
08:47:06.0447 4712 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
08:47:06.0447 4712 Avgrkx64 - ok
08:47:06.0497 4712 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
08:47:06.0517 4712 Avgtdia - ok
08:47:06.0567 4712 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
08:47:06.0572 4712 avgwd - ok
08:47:06.0622 4712 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:47:06.0627 4712 AxInstSV - ok
08:47:06.0667 4712 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:47:06.0682 4712 b06bdrv - ok
08:47:06.0732 4712 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:47:06.0737 4712 b57nd60a - ok
08:47:06.0772 4712 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:47:06.0772 4712 BDESVC - ok
08:47:06.0792 4712 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:47:06.0797 4712 Beep - ok
08:47:06.0852 4712 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:47:06.0867 4712 BFE - ok
08:47:06.0922 4712 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
08:47:06.0947 4712 BITS - ok
08:47:06.0987 4712 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:47:06.0987 4712 blbdrive - ok
08:47:07.0072 4712 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:47:07.0092 4712 Bonjour Service - ok
08:47:07.0132 4712 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:47:07.0137 4712 bowser - ok
08:47:07.0157 4712 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:47:07.0157 4712 BrFiltLo - ok
08:47:07.0172 4712 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:47:07.0172 4712 BrFiltUp - ok
08:47:07.0202 4712 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:47:07.0207 4712 Browser - ok
08:47:07.0237 4712 [ 6DF544E72FF139E8FBBBA6D0E569BEA5 ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys
08:47:07.0242 4712 BrSerIb - ok
08:47:07.0272 4712 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:47:07.0277 4712 Brserid - ok
08:47:07.0282 4712 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:47:07.0287 4712 BrSerWdm - ok
08:47:07.0292 4712 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:47:07.0292 4712 BrUsbMdm - ok
08:47:07.0307 4712 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:47:07.0307 4712 BrUsbSer - ok
08:47:07.0337 4712 [ 80082AD46578F0D3270D2E56D6433082 ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys
08:47:07.0337 4712 BrUsbSIb - ok
08:47:07.0382 4712 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
08:47:07.0387 4712 BrYNSvc - ok
08:47:07.0427 4712 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
08:47:07.0427 4712 BthEnum - ok
08:47:07.0437 4712 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:47:07.0437 4712 BTHMODEM - ok
08:47:07.0462 4712 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
08:47:07.0462 4712 BthPan - ok
08:47:07.0587 4712 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
08:47:07.0627 4712 BTHPORT - ok
08:47:07.0692 4712 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:47:07.0692 4712 bthserv - ok
08:47:07.0727 4712 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
08:47:07.0727 4712 BTHUSB - ok
08:47:07.0742 4712 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:47:07.0747 4712 cdfs - ok
08:47:07.0797 4712 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:47:07.0797 4712 cdrom - ok
08:47:07.0837 4712 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:47:07.0842 4712 CertPropSvc - ok
08:47:07.0872 4712 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:47:07.0872 4712 circlass - ok
08:47:07.0907 4712 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:47:07.0912 4712 CLFS - ok
08:47:07.0962 4712 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:47:07.0962 4712 clr_optimization_v2.0.50727_32 - ok
08:47:08.0017 4712 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:47:08.0017 4712 clr_optimization_v2.0.50727_64 - ok
08:47:08.0097 4712 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:47:08.0102 4712 clr_optimization_v4.0.30319_32 - ok
08:47:08.0117 4712 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:47:08.0122 4712 clr_optimization_v4.0.30319_64 - ok
08:47:08.0152 4712 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:47:08.0157 4712 CmBatt - ok
08:47:08.0182 4712 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:47:08.0187 4712 cmdide - ok
08:47:08.0232 4712 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:47:08.0242 4712 CNG - ok
08:47:08.0307 4712 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
08:47:08.0312 4712 Com4QLBEx - ok
08:47:08.0342 4712 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:47:08.0342 4712 Compbatt - ok
08:47:08.0377 4712 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:47:08.0377 4712 CompositeBus - ok
08:47:08.0397 4712 COMSysApp - ok
08:47:08.0427 4712 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:47:08.0432 4712 crcdisk - ok
08:47:08.0472 4712 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:47:08.0477 4712 CryptSvc - ok
08:47:08.0547 4712 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:47:08.0587 4712 DcomLaunch - ok
08:47:08.0647 4712 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:47:08.0647 4712 defragsvc - ok
08:47:08.0687 4712 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:47:08.0687 4712 DfsC - ok
08:47:08.0717 4712 dgderdrv - ok
08:47:08.0757 4712 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:47:08.0767 4712 Dhcp - ok
08:47:08.0777 4712 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:47:08.0777 4712 discache - ok
08:47:08.0802 4712 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:47:08.0807 4712 Disk - ok
08:47:08.0837 4712 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:47:08.0842 4712 Dnscache - ok
08:47:08.0882 4712 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:47:08.0887 4712 dot3svc - ok
08:47:08.0942 4712 [ 5BC1D876DFD53C31C5FC65D2E9614015 ] DpHost C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
08:47:08.0947 4712 DpHost - ok
08:47:08.0982 4712 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:47:08.0987 4712 DPS - ok
08:47:09.0017 4712 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:47:09.0022 4712 drmkaud - ok
08:47:09.0072 4712 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:47:09.0097 4712 DXGKrnl - ok
08:47:09.0122 4712 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:47:09.0127 4712 EapHost - ok
08:47:09.0227 4712 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:47:09.0292 4712 ebdrv - ok
08:47:09.0327 4712 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:47:09.0332 4712 EFS - ok
08:47:09.0392 4712 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:47:09.0417 4712 ehRecvr - ok
08:47:09.0442 4712 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:47:09.0442 4712 ehSched - ok
08:47:09.0472 4712 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:47:09.0487 4712 elxstor - ok
08:47:09.0527 4712 [ A9EC08727C64D985678F5B64C03823F0 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
08:47:09.0527 4712 enecir - ok
08:47:09.0562 4712 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:47:09.0562 4712 ErrDev - ok
08:47:09.0602 4712 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:47:09.0612 4712 EventSystem - ok
08:47:09.0642 4712 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:47:09.0642 4712 exfat - ok
08:47:09.0662 4712 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:47:09.0667 4712 fastfat - ok
08:47:09.0717 4712 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:47:09.0732 4712 Fax - ok
08:47:09.0747 4712 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:47:09.0747 4712 fdc - ok
08:47:09.0762 4712 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:47:09.0767 4712 fdPHost - ok
08:47:09.0777 4712 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:47:09.0777 4712 FDResPub - ok
08:47:09.0792 4712 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:47:09.0792 4712 FileInfo - ok
08:47:09.0807 4712 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:47:09.0807 4712 Filetrace - ok
08:47:09.0857 4712 [ B9963C336A2BF054520DC09CE7C81476 ] FirebirdGuardianDefaultInstance C:\Program Files (x86)\firebird\firebird_2_1\bin\fbguard.exe
08:47:09.0857 4712 FirebirdGuardianDefaultInstance - ok
08:47:09.0917 4712 [ DB8EE43C90536A07D4BA481079AE214C ] FirebirdServerDefaultInstance C:\Program Files (x86)\firebird\firebird_2_1\bin\fbserver.exe
08:47:09.0972 4712 FirebirdServerDefaultInstance - ok
08:47:10.0042 4712 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:47:10.0067 4712 FLEXnet Licensing Service - ok
08:47:10.0097 4712 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:47:10.0097 4712 flpydisk - ok
08:47:10.0137 4712 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:47:10.0142 4712 FltMgr - ok
08:47:10.0192 4712 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:47:10.0222 4712 FontCache - ok
08:47:10.0267 4712 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:47:10.0267 4712 FontCache3.0.0.0 - ok
08:47:10.0282 4712 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:47:10.0282 4712 FsDepends - ok
08:47:10.0322 4712 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:47:10.0327 4712 Fs_Rec - ok
08:47:10.0382 4712 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:47:10.0387 4712 fvevol - ok
08:47:10.0407 4712 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:47:10.0412 4712 gagp30kx - ok
08:47:10.0457 4712 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:47:10.0467 4712 GEARAspiWDM - ok
08:47:10.0507 4712 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:47:10.0522 4712 gpsvc - ok
08:47:10.0607 4712 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:47:10.0612 4712 gupdate - ok
08:47:10.0662 4712 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:47:10.0667 4712 gupdatem - ok
08:47:10.0752 4712 [ 78FAD9117E4527F2CA82259DA10F40BD ] hardlock C:\Windows\system32\drivers\hardlock.sys
08:47:10.0767 4712 hardlock - ok
08:47:10.0777 4712 hasplms - ok
08:47:10.0807 4712 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:47:10.0812 4712 hcw85cir - ok
08:47:10.0857 4712 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:47:10.0877 4712 HdAudAddService - ok
08:47:10.0907 4712 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:47:10.0912 4712 HDAudBus - ok
08:47:10.0927 4712 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:47:10.0937 4712 HidBatt - ok
08:47:10.0942 4712 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:47:10.0947 4712 HidBth - ok
08:47:10.0957 4712 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:47:10.0962 4712 HidIr - ok
08:47:10.0987 4712 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
08:47:10.0987 4712 hidserv - ok
08:47:11.0012 4712 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:47:11.0017 4712 HidUsb - ok
08:47:11.0047 4712 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:47:11.0052 4712 hkmsvc - ok
08:47:11.0122 4712 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:47:11.0137 4712 HomeGroupListener - ok
08:47:11.0202 4712 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:47:11.0207 4712 HomeGroupProvider - ok
08:47:11.0307 4712 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
08:47:11.0307 4712 HP Support Assistant Service - ok
08:47:11.0402 4712 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
08:47:11.0407 4712 HPDrvMntSvc.exe - ok
08:47:11.0437 4712 [ 0AC88FBE4BF315F5F8FD862426C11540 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
08:47:11.0442 4712 hpdskflt - ok
08:47:11.0477 4712 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
08:47:11.0482 4712 HpqKbFiltr - ok
08:47:11.0522 4712 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
08:47:11.0537 4712 hpqwmiex - ok
08:47:11.0573 4712 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:47:11.0578 4712 HpSAMD - ok
08:47:11.0588 4712 [ 778CE2C015DEC896C5C9323342BD71D4 ] hpsrv C:\Windows\system32\Hpservice.exe
08:47:11.0588 4712 hpsrv - ok
08:47:11.0628 4712 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:47:11.0653 4712 HTTP - ok
08:47:11.0688 4712 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:47:11.0693 4712 hwpolicy - ok
08:47:11.0723 4712 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:47:11.0728 4712 i8042prt - ok
08:47:11.0748 4712 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:47:11.0753 4712 iaStorV - ok
08:47:11.0798 4712 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:47:11.0823 4712 idsvc - ok
08:47:11.0848 4712 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:47:11.0853 4712 iirsp - ok
08:47:11.0888 4712 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:47:11.0913 4712 IKEEXT - ok
08:47:11.0928 4712 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:47:11.0933 4712 intelide - ok
08:47:11.0948 4712 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:47:11.0953 4712 intelppm - ok
08:47:11.0978 4712 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:47:11.0978 4712 IPBusEnum - ok
08:47:12.0013 4712 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:47:12.0013 4712 IpFilterDriver - ok
08:47:12.0063 4712 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:47:12.0078 4712 iphlpsvc - ok
08:47:12.0093 4712 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:47:12.0098 4712 IPMIDRV - ok
08:47:12.0113 4712 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:47:12.0118 4712 IPNAT - ok
08:47:12.0158 4712 [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:47:12.0163 4712 iPod Service - ok
08:47:12.0188 4712 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:47:12.0193 4712 IRENUM - ok
08:47:12.0228 4712 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:47:12.0233 4712 isapnp - ok
08:47:12.0248 4712 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:47:12.0253 4712 iScsiPrt - ok
08:47:12.0308 4712 [ 02BD12C2EE52F0849A5D6F9A2FA67B4E ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
08:47:12.0308 4712 JMCR - ok
08:47:12.0328 4712 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
08:47:12.0328 4712 kbdclass - ok
08:47:12.0363 4712 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
08:47:12.0368 4712 kbdhid - ok
08:47:12.0398 4712 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:47:12.0398 4712 KeyIso - ok
08:47:12.0428 4712 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:47:12.0433 4712 KSecDD - ok
08:47:12.0448 4712 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:47:12.0453 4712 KSecPkg - ok
08:47:12.0463 4712 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:47:12.0468 4712 ksthunk - ok
08:47:12.0488 4712 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:47:12.0503 4712 KtmRm - ok
08:47:12.0563 4712 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:47:12.0578 4712 LanmanServer - ok
08:47:12.0623 4712 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:47:12.0633 4712 LanmanWorkstation - ok
08:47:12.0783 4712 [ C34411A244029F1C08687F7C752C4563 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
08:47:12.0788 4712 LightScribeService - ok
08:47:12.0813 4712 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:47:12.0818 4712 lltdio - ok
08:47:12.0848 4712 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:47:12.0853 4712 lltdsvc - ok
08:47:12.0868 4712 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:47:12.0873 4712 lmhosts - ok
08:47:12.0903 4712 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:47:12.0908 4712 LSI_FC - ok
08:47:12.0923 4712 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:47:12.0928 4712 LSI_SAS - ok
08:47:12.0948 4712 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:47:12.0948 4712 LSI_SAS2 - ok
08:47:12.0963 4712 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:47:12.0968 4712 LSI_SCSI - ok
08:47:12.0983 4712 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:47:12.0983 4712 luafv - ok
08:47:13.0033 4712 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
08:47:13.0033 4712 MBAMProtector - ok
08:47:13.0088 4712 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
08:47:13.0093 4712 MBAMScheduler - ok
08:47:13.0123 4712 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:47:13.0138 4712 MBAMService - ok
08:47:13.0173 4712 [ E6CB119EF2E148EAA1A247343550756E ] McciCMService C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
08:47:13.0178 4712 McciCMService - ok
08:47:13.0228 4712 [ BE3D584D7C021EB7D89166EECB83C341 ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
08:47:13.0243 4712 McciCMService64 - ok
08:47:13.0283 4712 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:47:13.0288 4712 Mcx2Svc - ok
08:47:13.0333 4712 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
08:47:13.0343 4712 MDM - ok
08:47:13.0363 4712 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:47:13.0363 4712 megasas - ok
08:47:13.0388 4712 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:47:13.0393 4712 MegaSR - ok
08:47:13.0418 4712 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:47:13.0423 4712 MMCSS - ok
08:47:13.0438 4712 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:47:13.0443 4712 Modem - ok
08:47:13.0463 4712 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:47:13.0468 4712 monitor - ok
08:47:13.0483 4712 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:47:13.0483 4712 mouclass - ok
08:47:13.0513 4712 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:47:13.0513 4712 mouhid - ok
08:47:13.0553 4712 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:47:13.0553 4712 mountmgr - ok
08:47:13.0643 4712 [ 7A76658FC8D02408C4DC09F36535FCE9 ] mpich2_smpd C:\Program Files (x86)\MPICH2\bin\smpd.exe
08:47:13.0658 4712 mpich2_smpd - ok
08:47:13.0698 4712 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:47:13.0703 4712 mpio - ok
08:47:13.0728 4712 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:47:13.0733 4712 mpsdrv - ok
08:47:13.0788 4712 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:47:13.0813 4712 MpsSvc - ok
08:47:13.0833 4712 MREMP50 - ok
08:47:13.0843 4712 MREMP50a64 - ok
08:47:13.0848 4712 MREMPR5 - ok
08:47:13.0858 4712 MRENDIS5 - ok
08:47:13.0878 4712 MRESP50 - ok
08:47:13.0888 4712 MRESP50a64 - ok
08:47:13.0923 4712 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:47:13.0928 4712 MRxDAV - ok
08:47:13.0958 4712 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:47:13.0963 4712 mrxsmb - ok
08:47:13.0998 4712 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:47:14.0003 4712 mrxsmb10 - ok
08:47:14.0018 4712 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:47:14.0033 4712 mrxsmb20 - ok
08:47:14.0068 4712 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:47:14.0073 4712 msahci - ok
08:47:14.0098 4712 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:47:14.0103 4712 msdsm - ok
08:47:14.0128 4712 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:47:14.0128 4712 MSDTC - ok
08:47:14.0148 4712 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:47:14.0153 4712 Msfs - ok
08:47:14.0163 4712 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:47:14.0163 4712 mshidkmdf - ok
08:47:14.0198 4712 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:47:14.0198 4712 msisadrv - ok
08:47:14.0228 4712 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:47:14.0228 4712 MSiSCSI - ok
08:47:14.0238 4712 msiserver - ok
08:47:14.0258 4712 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:47:14.0263 4712 MSKSSRV - ok
08:47:14.0303 4712 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:47:14.0303 4712 MSPCLOCK - ok
08:47:14.0328 4712 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:47:14.0333 4712 MSPQM - ok
08:47:14.0363 4712 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:47:14.0368 4712 MsRPC - ok
08:47:14.0413 4712 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:47:14.0413 4712 mssmbios - ok
08:47:14.0428 4712 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:47:14.0428 4712 MSTEE - ok
08:47:14.0463 4712 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:47:14.0463 4712 MTConfig - ok
08:47:14.0478 4712 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:47:14.0478 4712 Mup - ok
08:47:14.0523 4712 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:47:14.0538 4712 napagent - ok
08:47:14.0563 4712 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:47:14.0568 4712 NativeWifiP - ok
08:47:14.0638 4712 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:47:14.0673 4712 NDIS - ok
08:47:14.0688 4712 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:47:14.0688 4712 NdisCap - ok
08:47:14.0713 4712 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:47:14.0713 4712 NdisTapi - ok
08:47:14.0743 4712 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:47:14.0748 4712 Ndisuio - ok
08:47:14.0783 4712 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:47:14.0788 4712 NdisWan - ok
08:47:14.0823 4712 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:47:14.0823 4712 NDProxy - ok
08:47:14.0833 4712 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:47:14.0833 4712 NetBIOS - ok
08:47:14.0863 4712 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:47:14.0868 4712 NetBT - ok
08:47:14.0878 4712 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:47:14.0878 4712 Netlogon - ok
08:47:14.0913 4712 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:47:14.0918 4712 Netman - ok
08:47:14.0958 4712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:47:14.0963 4712 NetMsmqActivator - ok
08:47:14.0968 4712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:47:14.0968 4712 NetPipeActivator - ok
08:47:14.0993 4712 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:47:14.0998 4712 netprofm - ok
08:47:15.0028 4712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:47:15.0028 4712 NetTcpActivator - ok
08:47:15.0033 4712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:47:15.0033 4712 NetTcpPortSharing - ok
08:47:15.0058 4712 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:47:15.0058 4712 nfrd960 - ok
08:47:15.0093 4712 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:47:15.0098 4712 NlaSvc - ok
08:47:15.0108 4712 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:47:15.0108 4712 Npfs - ok
08:47:15.0123 4712 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:47:15.0123 4712 nsi - ok
08:47:15.0133 4712 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:47:15.0138 4712 nsiproxy - ok
08:47:15.0203 4712 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:47:15.0273 4712 Ntfs - ok
08:47:15.0288 4712 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:47:15.0293 4712 Null - ok
08:47:15.0318 4712 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:47:15.0323 4712 nvraid - ok
08:47:15.0353 4712 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:47:15.0353 4712 nvstor - ok
08:47:15.0393 4712 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:47:15.0393 4712 nv_agp - ok
08:47:15.0443 4712 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:47:15.0463 4712 odserv - ok
08:47:15.0493 4712 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:47:15.0493 4712 ohci1394 - ok
08:47:15.0533 4712 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:47:15.0538 4712 ose - ok
08:47:15.0574 4712 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:47:15.0579 4712 p2pimsvc - ok
08:47:15.0614 4712 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:47:15.0629 4712 p2psvc - ok
08:47:15.0649 4712 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:47:15.0649 4712 Parport - ok
08:47:15.0684 4712 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:47:15.0684 4712 partmgr - ok
08:47:15.0699 4712 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:47:15.0704 4712 PcaSvc - ok
08:47:15.0739 4712 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:47:15.0744 4712 pci - ok
08:47:15.0759 4712 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:47:15.0759 4712 pciide - ok
08:47:15.0779 4712 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:47:15.0784 4712 pcmcia - ok
08:47:15.0804 4712 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:47:15.0809 4712 pcw - ok
08:47:15.0834 4712 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:47:15.0849 4712 PEAUTH - ok
08:47:15.0939 4712 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:47:15.0944 4712 PerfHost - ok
08:47:16.0019 4712 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:47:16.0064 4712 pla - ok
08:47:16.0104 4712 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:47:16.0124 4712 PlugPlay - ok
08:47:16.0139 4712 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:47:16.0144 4712 PNRPAutoReg - ok
08:47:16.0159 4712 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:47:16.0159 4712 PNRPsvc - ok
08:47:16.0209 4712 [ 33328FA8A580885AB0065BE6DB266E9F ] Point64 C:\Windows\system32\DRIVERS\point64.sys
08:47:16.0214 4712 Point64 - ok
08:47:16.0234 4712 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:47:16.0249 4712 PolicyAgent - ok
08:47:16.0274 4712 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:47:16.0279 4712 Power - ok
08:47:16.0329 4712 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:47:16.0334 4712 PptpMiniport - ok
08:47:16.0374 4712 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:47:16.0374 4712 Processor - ok
08:47:16.0409 4712 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:47:16.0414 4712 ProfSvc - ok
08:47:16.0424 4712 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:47:16.0429 4712 ProtectedStorage - ok
08:47:16.0464 4712 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:47:16.0469 4712 Psched - ok
08:47:16.0524 4712 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:47:16.0559 4712 ql2300 - ok
08:47:16.0594 4712 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:47:16.0599 4712 ql40xx - ok
08:47:16.0654 4712 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:47:16.0669 4712 QWAVE - ok
08:47:16.0689 4712 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:47:16.0694 4712 QWAVEdrv - ok
08:47:16.0709 4712 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:47:16.0709 4712 RasAcd - ok
08:47:16.0734 4712 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:47:16.0739 4712 RasAgileVpn - ok
08:47:16.0749 4712 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:47:16.0754 4712 RasAuto - ok
08:47:16.0789 4712 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:47:16.0789 4712 Rasl2tp - ok
08:47:16.0829 4712 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:47:16.0834 4712 RasMan - ok
08:47:16.0844 4712 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:47:16.0849 4712 RasPppoe - ok
08:47:16.0854 4712 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:47:16.0859 4712 RasSstp - ok
08:47:16.0894 4712 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:47:16.0899 4712 rdbss - ok
08:47:16.0914 4712 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:47:16.0914 4712 rdpbus - ok
08:47:16.0929 4712 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:47:16.0929 4712 RDPCDD - ok
08:47:16.0949 4712 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:47:16.0949 4712 RDPENCDD - ok
08:47:16.0964 4712 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:47:16.0969 4712 RDPREFMP - ok
08:47:16.0999 4712 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:47:17.0004 4712 RDPWD - ok
08:47:17.0034 4712 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:47:17.0039 4712 rdyboost - ok
08:47:17.0054 4712 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:47:17.0054 4712 RemoteAccess - ok
08:47:17.0069 4712 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:47:17.0074 4712 RemoteRegistry - ok
08:47:17.0114 4712 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
08:47:17.0119 4712 RFCOMM - ok
08:47:17.0164 4712 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
08:47:17.0169 4712 RimUsb - ok
08:47:17.0179 4712 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:47:17.0189 4712 RpcEptMapper - ok
08:47:17.0219 4712 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:47:17.0224 4712 RpcLocator - ok
08:47:17.0254 4712 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
08:47:17.0264 4712 RpcSs - ok
08:47:17.0274 4712 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:47:17.0284 4712 rspndr - ok
08:47:17.0319 4712 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:47:17.0469 4712 RTL8167 - ok
08:47:17.0489 4712 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:47:17.0494 4712 SamSs - ok
08:47:17.0534 4712 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:47:17.0539 4712 sbp2port - ok
08:47:17.0559 4712 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:47:17.0564 4712 SCardSvr - ok
08:47:17.0589 4712 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:47:17.0594 4712 scfilter - ok
08:47:17.0649 4712 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:47:17.0674 4712 Schedule - ok
08:47:17.0709 4712 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:47:17.0709 4712 SCPolicySvc - ok
08:47:17.0779 4712 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:47:17.0804 4712 SDRSVC - ok
08:47:17.0884 4712 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:47:17.0889 4712 secdrv - ok
08:47:17.0924 4712 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:47:17.0929 4712 seclogon - ok
08:47:17.0944 4712 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
08:47:17.0944 4712 SENS - ok
08:47:17.0954 4712 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:47:17.0959 4712 SensrSvc - ok
08:47:17.0969 4712 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:47:17.0969 4712 Serenum - ok
08:47:17.0989 4712 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:47:17.0989 4712 Serial - ok
08:47:18.0019 4712 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:47:18.0024 4712 sermouse - ok
08:47:18.0064 4712 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:47:18.0064 4712 SessionEnv - ok
08:47:18.0094 4712 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:47:18.0094 4712 sffdisk - ok
08:47:18.0109 4712 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:47:18.0114 4712 sffp_mmc - ok
08:47:18.0119 4712 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:47:18.0124 4712 sffp_sd - ok
08:47:18.0134 4712 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:47:18.0139 4712 sfloppy - ok
08:47:18.0169 4712 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:47:18.0174 4712 SharedAccess - ok
08:47:18.0214 4712 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:47:18.0219 4712 ShellHWDetection - ok
08:47:18.0239 4712 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:47:18.0244 4712 SiSRaid2 - ok
08:47:18.0259 4712 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:47:18.0264 4712 SiSRaid4 - ok
08:47:18.0459 4712 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
08:47:18.0549 4712 Skype C2C Service - ok
08:47:18.0644 4712 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:47:18.0649 4712 SkypeUpdate - ok
08:47:18.0679 4712 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:47:18.0684 4712 Smb - ok
08:47:18.0739 4712 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:47:18.0744 4712 SNMPTRAP - ok
08:47:18.0754 4712 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:47:18.0759 4712 spldr - ok
08:47:18.0799 4712 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
08:47:18.0814 4712 Spooler - ok
08:47:18.0929 4712 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:47:19.0044 4712 sppsvc - ok
08:47:19.0064 4712 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:47:19.0069 4712 sppuinotify - ok
08:47:19.0119 4712 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
08:47:19.0119 4712 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
08:47:19.0124 4712 sptd ( LockedFile.Multi.Generic ) - warning
08:47:19.0124 4712 sptd - detected LockedFile.Multi.Generic (1)
08:47:19.0159 4712 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:47:19.0169 4712 srv - ok
08:47:19.0184 4712 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:47:19.0189 4712 srv2 - ok
08:47:19.0204 4712 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:47:19.0204 4712 srvnet - ok
08:47:19.0229 4712 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:47:19.0234 4712 SSDPSRV - ok
08:47:19.0244 4712 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:47:19.0244 4712 SstpSvc - ok
08:47:19.0319 4712 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
08:47:19.0324 4712 STacSV - ok
08:47:19.0344 4712 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:47:19.0349 4712 stexstor - ok
08:47:19.0384 4712 [ DFFBC024DFC7BB05B2129E05CBC7A201 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
08:47:19.0399 4712 STHDA - ok
08:47:19.0454 4712 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:47:19.0484 4712 stisvc - ok
08:47:19.0519 4712 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
08:47:19.0519 4712 swenum - ok
08:47:19.0554 4712 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:47:19.0569 4712 swprv - ok
08:47:19.0634 4712 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:47:19.0674 4712 SysMain - ok
08:47:19.0709 4712 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:47:19.0714 4712 TabletInputService - ok
08:47:19.0744 4712 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:47:19.0749 4712 TapiSrv - ok
08:47:19.0769 4712 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:47:19.0774 4712 TBS - ok
08:47:19.0869 4712 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:47:19.0929 4712 Tcpip - ok
08:47:19.0979 4712 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:47:19.0989 4712 TCPIP6 - ok
08:47:20.0029 4712 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:47:20.0034 4712 tcpipreg - ok
08:47:20.0054 4712 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:47:20.0059 4712 TDPIPE - ok
08:47:20.0079 4712 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:47:20.0079 4712 TDTCP - ok
08:47:20.0114 4712 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:47:20.0119 4712 tdx - ok
08:47:20.0149 4712 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:47:20.0149 4712 TermDD - ok
08:47:20.0189 4712 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:47:20.0214 4712 TermService - ok
08:47:20.0229 4712 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:47:20.0229 4712 Themes - ok
08:47:20.0259 4712 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:47:20.0259 4712 THREADORDER - ok
08:47:20.0274 4712 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:47:20.0279 4712 TrkWks - ok
08:47:20.0334 4712 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:47:20.0339 4712 TrustedInstaller - ok
08:47:20.0369 4712 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:47:20.0369 4712 tssecsrv - ok
08:47:20.0409 4712 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:47:20.0414 4712 TsUsbFlt - ok
08:47:20.0454 4712 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:47:20.0454 4712 tunnel - ok
08:47:20.0469 4712 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:47:20.0469 4712 uagp35 - ok
08:47:20.0504 4712 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:47:20.0514 4712 udfs - ok
08:47:20.0544 4712 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:47:20.0549 4712 UI0Detect - ok
08:47:20.0579 4712 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:47:20.0584 4712 uliagpkx - ok
08:47:20.0624 4712 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
08:47:20.0624 4712 umbus - ok
08:47:20.0669 4712 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:47:20.0669 4712 UmPass - ok
08:47:20.0699 4712 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:47:20.0714 4712 upnphost - ok
08:47:20.0744 4712 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
08:47:20.0749 4712 USBAAPL64 - ok
08:47:20.0774 4712 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:47:20.0784 4712 usbccgp - ok
08:47:20.0824 4712 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:47:20.0829 4712 usbcir - ok
08:47:20.0859 4712 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:47:20.0864 4712 usbehci - ok
08:47:20.0899 4712 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:47:20.0904 4712 usbhub - ok
08:47:20.0934 4712 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
08:47:20.0934 4712 usbohci - ok
08:47:20.0954 4712 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:47:20.0959 4712 usbprint - ok
08:47:20.0994 4712 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
08:47:20.0999 4712 usbscan - ok
08:47:21.0009 4712 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:47:21.0019 4712 USBSTOR - ok
08:47:21.0034 4712 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
08:47:21.0039 4712 usbuhci - ok
08:47:21.0069 4712 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
08:47:21.0074 4712 usbvideo - ok
08:47:21.0079 4712 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:47:21.0084 4712 UxSms - ok
08:47:21.0094 4712 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:47:21.0094 4712 VaultSvc - ok
08:47:21.0134 4712 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:47:21.0134 4712 vdrvroot - ok
08:47:21.0189 4712 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:47:21.0219 4712 vds - ok
08:47:21.0254 4712 [ 6305ED64B6B4E96AEC8BECA423498EC0 ] vfsFPService C:\Windows\system32\vfsFPService.exe
08:47:21.0274 4712 vfsFPService - ok
08:47:21.0289 4712 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:47:21.0294 4712 vga - ok
08:47:21.0309 4712 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:47:21.0314 4712 VgaSave - ok
08:47:21.0389 4712 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:47:21.0404 4712 vhdmp - ok
08:47:21.0454 4712 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:47:21.0459 4712 viaide - ok
08:47:21.0519 4712 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:47:21.0519 4712 volmgr - ok
08:47:21.0559 4712 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:47:21.0564 4712 volmgrx - ok
08:47:21.0589 4712 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:47:21.0589 4712 volsnap - ok
08:47:21.0619 4712 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:47:21.0624 4712 vsmraid - ok
08:47:21.0699 4712 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:47:21.0759 4712 VSS - ok
08:47:21.0774 4712 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:47:21.0779 4712 vwifibus - ok
08:47:21.0804 4712 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:47:21.0804 4712 vwififlt - ok
08:47:21.0834 4712 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
08:47:21.0839 4712 vwifimp - ok
08:47:21.0874 4712 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:47:21.0879 4712 W32Time - ok
08:47:21.0899 4712 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:47:21.0904 4712 WacomPen - ok
08:47:21.0924 4712 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:47:21.0929 4712 WANARP - ok
08:47:21.0934 4712 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:47:21.0934 4712 Wanarpv6 - ok
08:47:22.0019 4712 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:47:22.0054 4712 WatAdminSvc - ok
08:47:22.0109 4712 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:47:22.0144 4712 wbengine - ok
08:47:22.0174 4712 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:47:22.0179 4712 WbioSrvc - ok
08:47:22.0214 4712 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:47:22.0229 4712 wcncsvc - ok
08:47:22.0239 4712 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:47:22.0244 4712 WcsPlugInService - ok
08:47:22.0259 4712 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:47:22.0259 4712 Wd - ok
08:47:22.0289 4712 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:47:22.0309 4712 Wdf01000 - ok
08:47:22.0349 4712 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:47:22.0354 4712 WdiServiceHost - ok
08:47:22.0359 4712 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:47:22.0359 4712 WdiSystemHost - ok
08:47:22.0404 4712 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
08:47:22.0409 4712 WebClient - ok
08:47:22.0424 4712 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:47:22.0429 4712 Wecsvc - ok
08:47:22.0439 4712 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:47:22.0439 4712 wercplsupport - ok
08:47:22.0469 4712 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:47:22.0469 4712 WerSvc - ok
08:47:22.0494 4712 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:47:22.0494 4712 WfpLwf - ok
08:47:22.0509 4712 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:47:22.0514 4712 WIMMount - ok
08:47:22.0529 4712 WinDefend - ok
08:47:22.0544 4712 WinHttpAutoProxySvc - ok
08:47:22.0609 4712 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:47:22.0614 4712 Winmgmt - ok
08:47:22.0709 4712 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
08:47:22.0754 4712 WinRM - ok
08:47:22.0819 4712 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
08:47:22.0824 4712 WinUsb - ok
08:47:22.0859 4712 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:47:22.0884 4712 Wlansvc - ok
08:47:23.0014 4712 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:47:23.0079 4712 wlidsvc - ok
08:47:23.0104 4712 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:47:23.0109 4712 WmiAcpi - ok
08:47:23.0129 4712 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:47:23.0134 4712 wmiApSrv - ok
08:47:23.0149 4712 WMPNetworkSvc - ok
08:47:23.0154 4712 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:47:23.0159 4712 WPCSvc - ok
08:47:23.0194 4712 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:47:23.0194 4712 WPDBusEnum - ok
08:47:23.0214 4712 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:47:23.0219 4712 ws2ifsl - ok
08:47:23.0234 4712 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
08:47:23.0239 4712 wscsvc - ok
08:47:23.0244 4712 WSearch - ok
08:47:23.0324 4712 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:47:23.0374 4712 wuauserv - ok
08:47:23.0399 4712 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:47:23.0404 4712 WudfPf - ok
08:47:23.0424 4712 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:47:23.0429 4712 WUDFRd - ok
08:47:23.0449 4712 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:47:23.0454 4712 wudfsvc - ok
08:47:23.0464 4712 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:47:23.0469 4712 WwanSvc - ok
08:47:23.0504 4712 ================ Scan global ===============================
08:47:23.0524 4712 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:47:23.0544 4712 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:47:23.0549 4712 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:47:23.0569 4712 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:47:23.0604 4712 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:47:23.0609 4712 [Global] - ok
08:47:23.0609 4712 ================ Scan MBR ==================================
08:47:23.0614 4712 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:47:23.0614 4712 Suspicious mbr (Forged): \Device\Harddisk0\DR0
08:47:23.0644 4712 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
08:47:23.0644 4712 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
08:47:23.0644 4712 ================ Scan VBR ==================================
08:47:23.0649 4712 [ 64104E968EA2B616D2A08FAA9A1960FA ] \Device\Harddisk0\DR0\Partition1
08:47:23.0654 4712 \Device\Harddisk0\DR0\Partition1 - ok
08:47:23.0684 4712 [ C2646D848AC393F763EE429CA5A919CB ] \Device\Harddisk0\DR0\Partition2
08:47:23.0684 4712 \Device\Harddisk0\DR0\Partition2 - ok
08:47:23.0709 4712 [ 0DC58A8DBB4AF0BC1F9080F17888E907 ] \Device\Harddisk0\DR0\Partition3
08:47:23.0714 4712 \Device\Harddisk0\DR0\Partition3 - ok
08:47:23.0714 4712 ============================================================
08:47:23.0714 4712 Scan finished
08:47:23.0714 4712 ============================================================
08:47:23.0729 4576 Detected object count: 2
08:47:23.0729 4576 Actual detected object count: 2
08:48:06.0240 4576 sptd ( LockedFile.Multi.Generic ) - skipped by user
08:48:06.0240 4576 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
08:48:06.0995 4576 \Device\Harddisk0\DR0\# - copied to quarantine
08:48:07.0000 4576 \Device\Harddisk0\DR0 - copied to quarantine
08:48:07.0040 4576 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
08:48:07.0045 4576 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
08:48:07.0050 4576 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
08:48:07.0055 4576 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
08:48:07.0065 4576 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
08:48:07.0075 4576 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
08:48:07.0075 4576 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
08:48:07.0075 4576 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
08:48:07.0080 4576 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
08:48:07.0080 4576 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
08:48:07.0085 4576 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
08:48:07.0085 4576 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
08:48:07.0085 4576 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
08:48:07.0090 4576 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
08:48:07.0100 4576 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
08:48:07.0105 4576 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
08:48:07.0105 4576 \Device\Harddisk0\DR0 - ok
08:48:07.0130 4576 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
08:48:33.0815 5684 Deinitialize success

awsMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-19 08:44:32
-----------------------------
08:44:32.041 OS Version: Windows x64 6.1.7601 Service Pack 1
08:44:32.041 Number of processors: 2 586 0x602
08:44:32.041 ComputerName: JUAN-PC UserName:
08:44:32.931 Initialize success
08:48:16.354 AVAST engine defs: 12091900
08:49:15.336 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
08:49:15.346 Disk 0 Vendor: WDC_WD3200BEKT-60F3T1 12.01A12 Size: 305245MB BusType: 11
08:49:15.351 Device \Driver\atapi -> MajorFunction fffffa800488a5e8
08:49:15.356 Disk 0 MBR read successfully
08:49:15.366 Disk 0 MBR scan
08:49:15.371 Disk 0 Windows 7 default MBR code
08:49:15.376 Disk 0 MBR hidden
08:49:15.381 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 99998 MB offset 63
08:49:15.401 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 203188 MB offset 204796620
08:49:15.426 Disk 0 Partition 3 00 0C FAT32 LBA MSDOS5.0 2048 MB offset 620926976
08:49:15.476 Disk 0 scanning C:\Windows\system32\drivers
08:49:26.363 Service scanning
08:49:26.993 Service 13428709 C:\Windows\system32\drivers\71539269.sys **HIDDEN**
08:49:50.117 Modules scanning
08:49:50.137 Disk 0 trace - called modules:
08:49:50.147 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys >>UNKNOWN [0xfffffa800635ac90]<<05240192.sys >>UNKNOWN [0xfffffa800488a5e8]<<
08:49:50.152 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80043df790]
08:49:50.157 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> [0xfffffa80043de410]
08:49:50.162 5 hpdskflt.sys[fffff880017f6289] -> nt!IofCallDriver -> [0xfffffa8004352400]
08:49:50.167 7 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800435c060]
08:49:50.177 \Driver\atapi[0xfffffa800487f2b0] -> IRP_MJ_CREATE -> 0xfffffa800488a5e8
08:49:51.187 AVAST engine scan C:\Windows
08:49:53.147 AVAST engine scan C:\Windows\system32
08:53:42.232 AVAST engine scan C:\Windows\system32\drivers
08:53:59.851 AVAST engine scan C:\Users\Asdrubal Gil
09:02:53.416 AVAST engine scan C:\ProgramData
09:23:42.558 Scan finished successfully
10:56:44.162 Disk 0 MBR has been saved successfully to "C:\Users\Asdrubal Gil\Desktop\MBR.dat"
10:56:44.167 The log file has been saved successfully to "C:\Users\Asdrubal Gil\Desktop\aswMBR09-19-2012.txt"


Malwarebytes

Malwarebytes Anti-Malware (Versión de Prueba) 1.65.0.1400
www.malwarebytes.org

Versión de la Base de Datos: v2012.09.19.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Asdrubal Gil :: JUAN-PC [administrador]

Protección: Habilitado

19/09/2012 11:00:50 a.m.
mbam-log-2012-09-19 (12-11-56).txt

Tipos de Análisis: Análisis Completo (C:\|D:\|)
Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opciones de análisis desactivados: P2P
Objetos examinados: 519923
Tiempo transcurrido: 1 hora(s), 10 minuto(s), 49 segundo(s)

Procesos en Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Módulos de Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Claves del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Valores del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Carpetas Detectadas: 0
(No se han detectado elementos maliciosos)

Archivos Detectados: 1
C:\Windows\svchost.exe (Trojan.Agent) -> No se tomaron medidas.

fin)



MiniToolBox

MiniToolBox by Farbar Version: 23-07-2012
Ran by Asdrubal Gil (administrator) on 19-09-2012 at 10:59:32
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================





========================= IP Configuration: ================================

Atheros AR9285 802.11b/g/n WiFi Adapter = Conexión de red inalámbrica (Connected)
Realtek PCIe FE Family Controller = Conexión de área local (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Conexión de red inalámbrica 2 (Media disconnected)


# ----------------------------------
# Configuraci¢n de IPv4
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# Fin de la configuraci¢n de IPv4



Configuraci¢n IP de Windows

Nombre de host. . . . . . . . . : Juan-PC
Sufijo DNS principal . . . . . :
Tipo de nodo. . . . . . . . . . : h¡brido
Enrutamiento IP habilitado. . . : no
Proxy WINS habilitado . . . . . : no
Lista de b£squeda de sufijos DNS: flagstaff.az.npgco.com

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica 2:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Descripci¢n . . . . . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Direcci¢n f¡sica. . . . . . . . . . . . . : 06-22-68-8B-15-C9
DHCP habilitado . . . . . . . . . . . . . : s¡
Configuraci¢n autom tica habilitada . . . : s¡

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

Sufijo DNS espec¡fico para la conexi¢n. . : flagstaff.az.npgco.com
Descripci¢n . . . . . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-22-68-8B-15-C9
DHCP habilitado . . . . . . . . . . . . . : s¡
Configuraci¢n autom tica habilitada . . . : s¡
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.148(Preferido)
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Concesi¢n obtenida. . . . . . . . . . . . : martes, 18 de septiembre de 2012 09:43:11 p.m.
La concesi¢n expira . . . . . . . . . . . : jueves, 20 de septiembre de 2012 10:26:28 a.m.
Puerta de enlace predeterminada . . . . . : 192.168.0.1
Servidor DHCP . . . . . . . . . . . . . . : 192.168.0.1
Servidores DNS. . . . . . . . . . . . . . : 192.168.0.1
NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado

Adaptador de Ethernet Conexi¢n de  rea local:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Descripci¢n . . . . . . . . . . . . . . . : Realtek PCIe FE Family Controller
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-26-22-9C-D2-84
DHCP habilitado . . . . . . . . . . . . . : s¡
Configuraci¢n autom tica habilitada . . . : s¡

Adaptador de t£nel Conexi¢n de  rea local* 13:

Sufijo DNS espec¡fico para la conexi¢n. . :
Descripci¢n . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP habilitado . . . . . . . . . . . . . : no
Configuraci¢n autom tica habilitada . . . : s¡
Direcci¢n IPv6 . . . . . . . . . . : 2001:0:4137:9e76:204c:36cf:3f57:ff6b(Preferido)
V¡nculo: direcci¢n IPv6 local. . . : fe80::204c:36cf:3f57:ff6b%20(Preferido)
Puerta de enlace predeterminada . . . . . : ::
NetBIOS sobre TCP/IP. . . . . . . . . . . : deshabilitado

Adaptador de t£nel isatap.flagstaff.az.npgco.com:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . : flagstaff.az.npgco.com
Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP habilitado . . . . . . . . . . . . . : no
Configuraci¢n autom tica habilitada . . . : s¡

Adaptador de t£nel isatap.{C9033DD7-D86B-4813-AA4D-82543C6035DF}:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft #2
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP habilitado . . . . . . . . . . . . . : no
Configuraci¢n autom tica habilitada . . . : s¡

Adaptador de t£nel isatap.{436434A3-5473-4715-8381-8117DBA1C3F8}:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft #4
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP habilitado . . . . . . . . . . . . . : no
Configuraci¢n autom tica habilitada . . . : s¡
Servidor: UnKnown
Address: 192.168.0.1

Nombre: google.com
Addresses: 2001:4860:4007:801::1008
74.125.224.206
74.125.224.192
74.125.224.193
74.125.224.194
74.125.224.195
74.125.224.196
74.125.224.197
74.125.224.198
74.125.224.199
74.125.224.200
74.125.224.201


Haciendo ping a google.com [74.125.224.201] con 32 bytes de datos:
Respuesta desde 74.125.224.201: bytes=32 tiempo=49ms TTL=52
Respuesta desde 74.125.224.201: bytes=32 tiempo=49ms TTL=52

Estad¡sticas de ping para 74.125.224.201:
Paquetes: enviados = 2, recibidos = 2, perdidos = 0
(0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
M¡nimo = 49ms, M ximo = 49ms, Media = 49ms
Servidor: UnKnown
Address: 192.168.0.1

Nombre: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Haciendo ping a yahoo.com [98.138.253.109] con 32 bytes de datos:
Respuesta desde 98.138.253.109: bytes=32 tiempo=100ms TTL=50
Respuesta desde 98.138.253.109: bytes=32 tiempo=97ms TTL=49

Estad¡sticas de ping para 98.138.253.109:
Paquetes: enviados = 2, recibidos = 2, perdidos = 0
(0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
M¡nimo = 97ms, M ximo = 100ms, Media = 98ms
Servidor: UnKnown
Address: 192.168.0.1

Nombre: bleepingcomputer.com
Address: 208.43.87.2


Haciendo ping a bleepingcomputer.com [208.43.87.2] con 32 bytes de datos:
Respuesta desde 208.43.87.2: Host de destino inaccesible.
Respuesta desde 208.43.87.2: Host de destino inaccesible.

Estad¡sticas de ping para 208.43.87.2:
Paquetes: enviados = 2, recibidos = 2, perdidos = 0
(0% perdidos),

Haciendo ping a 127.0.0.1 con 32 bytes de datos:
Respuesta desde 127.0.0.1: bytes=32 tiempo=11ms TTL=128
Respuesta desde 127.0.0.1: bytes=32 tiempo=6ms TTL=128

Estad¡sticas de ping para 127.0.0.1:
Paquetes: enviados = 2, recibidos = 2, perdidos = 0
(0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
M¡nimo = 6ms, M ximo = 11ms, Media = 8ms
===========================================================================
ILista de interfaces
19...06 22 68 8b 15 c9 ......Microsoft Virtual WiFi Miniport Adapter
11...00 22 68 8b 15 c9 ......Atheros AR9285 802.11b/g/n WiFi Adapter
10...00 26 22 9c d2 84 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
21...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft
22...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft #2
23...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft #4
===========================================================================

IPv4 Tabla de enrutamiento
===========================================================================
Rutas activas:
Destino de red M scara de red Puerta de enlace Interfaz M‚trica
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.148 25
127.0.0.0 255.0.0.0 En v¡nculo 127.0.0.1 306
127.0.0.1 255.255.255.255 En v¡nculo 127.0.0.1 306
127.255.255.255 255.255.255.255 En v¡nculo 127.0.0.1 306
192.168.0.0 255.255.255.0 En v¡nculo 192.168.0.148 281
192.168.0.148 255.255.255.255 En v¡nculo 192.168.0.148 281
192.168.0.255 255.255.255.255 En v¡nculo 192.168.0.148 281
224.0.0.0 240.0.0.0 En v¡nculo 127.0.0.1 306
224.0.0.0 240.0.0.0 En v¡nculo 192.168.0.148 281
255.255.255.255 255.255.255.255 En v¡nculo 127.0.0.1 306
255.255.255.255 255.255.255.255 En v¡nculo 192.168.0.148 281
===========================================================================
Rutas persistentes:
Ninguno

IPv6 Tabla de enrutamiento
===========================================================================
Rutas activas:
Cuando destino de red m‚trica Puerta de enlace
20 58 ::/0 En v¡nculo
1 306 ::1/128 En v¡nculo
20 58 2001::/32 En v¡nculo
20 306 2001:0:4137:9e76:204c:36cf:3f57:ff6b/128
En v¡nculo
20 306 fe80::/64 En v¡nculo
20 306 fe80::204c:36cf:3f57:ff6b/128
En v¡nculo
1 306 ff00::/8 En v¡nculo
20 306 ff00::/8 En v¡nculo
===========================================================================
Rutas persistentes:
Ninguno
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/19/2012 08:31:13 AM) (Source: Google Update) (User: JUAN-PC)JUAN-PC
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7

Error: (09/19/2012 01:46:01 AM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/19/2012 01:44:50 AM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/18/2012 09:45:18 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/18/2012 09:45:16 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/18/2012 09:43:13 PM) (Source: SmartMenu) (User: )
Description: Failed to load resources

Error: (09/18/2012 09:31:40 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/18/2012 09:31:39 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/18/2012 05:57:10 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/18/2012 05:57:07 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (09/18/2012 09:43:06 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (09/18/2012 05:53:04 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (09/18/2012 05:53:11 PM) (Source: EventLog) (User: )
Description: El cierre anterior del sistema a las 04:34:37 p.m. del ?18/?09/?2012 resultó inesperado.

Error: (09/18/2012 00:53:28 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (09/17/2012 11:07:10 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (09/17/2012 10:59:07 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (09/17/2012 04:48:00 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (09/17/2012 04:29:54 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (09/17/2012 04:23:50 AM) (Source: Service Control Manager) (User: )
Description: El servicio Programador de tareas depende del servicio Registro de eventos de Windows, el cual no pudo iniciarse debido al siguiente error:
%%1058

Error: (09/16/2012 11:10:36 PM) (Source: Service Control Manager) (User: )
Description: El servicio Programador de tareas depende del servicio Registro de eventos de Windows, el cual no pudo iniciarse debido al siguiente error:
%%1058


Microsoft Office Sessions:
=========================
Error: (10/17/2011 05:18:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/12/2010 11:00:51 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8635 seconds with 3480 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system (Version: 12.0.6612.1000)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Alps Touch Pad Driver
Amadis Video Converter Suite V3.7.5 (Version: 3.7.5)
Amazon Kindle
Amazon Send to Kindle (Version: 1.0.0.192)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Atheros Driver Installation Program (Version: 9.0)
ATI Catalyst Install Manager (Version: 3.0.732.0)
AVG 2012 (Version: 12.0.2221)
AVG 2012 (Version: 12.0.2441)
AVG 2012 (Version: 2012.0.2221)
BitTorrent (Version: 7.6.1)
Bonjour (Version: 3.0.0.10)
Brother MFL-Pro Suite MFC-7360N (Version: 1.0.7.0)
calibre (Version: 0.8.69)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0804.2223.38385)
Catalyst Control Center Graphics Full Existing (Version: 2009.0804.2223.38385)
Catalyst Control Center InstallProxy (Version: 2009.0804.2223.38385)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compresor WinRAR
CyberLink YouCam (Version: 2.0.3115)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Toolbar (Version: 1.1.2.0185)
DairyGEM (Version: 2.5)
Diablo II
DigitalPersona Enrollment 1.0.0 (Version: 1.00.3882)
DigitalPersona Personal 4.11 (Version: 4.11.3826)
DivX Setup (Version: 2.4.1.4)
Dropbox (Version: 1.4.7)
DVD Menu Pack for HP MediaSmart Video (Version: 3.1.3224)
ENE CIR Receiver Driver (Version: 2.7.3.519)
ESET Online Scanner v3
ESU for Microsoft Windows 7 (Version: 1.0.0)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
FaxRedist (Version: 1.0.0)
Feedback Tool (Version: 1.1.0)
Feedback Tool (Version: 1.2.0)
ffdshow v1.1.4369 [2012-03-03] (Version: 1.1.4369.0)
Garmin Communicator Plugin (Version: 4.0.1)
Garmin Communicator Plugin x64 (Version: 4.0.1)
Garmin Lifetime Updater (Version: 2.1.7)
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.5.4)
Google Chrome (Version: 21.0.1180.89)
Google Earth (Version: 6.1.0.5001)
Google Talk Plugin (Version: 3.6.1.9117)
Google Update Helper (Version: 1.3.21.123)
Guitar Pro 5.2
Hauppauge MCE XP/Vista Software Encoder (2.0.27022) (Version: 2.0.27022)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.0.3.1)
HP DVD Play 3.7 (Version: 3.7.2.6908)
HP MediaSmart SlingPlayer (Version: 3.0.1.64)
HP MediaSmart SmartMenu (Version: 3.0.30.1)
HP MediaSmart Video (Version: 4.0.4021)
HP Quick Launch Buttons (Version: 6.50.16.1)
HP Support Assistant (Version: 6.1.12.1)
HP Wireless Assistant (Version: 3.50.12.1)
IDT Audio (Version: 1.0.6217.0)
iTunes (Version: 10.5.3.3)
Japanese Fonts Support For Adobe Reader 9 (Version: 9.0.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 35 (Version: 6.0.350)
Java™ SE Development Kit 6 Update 24 (Version: 1.6.0.240)
JMicron Flash Media Controller Driver (Version: 1.0.31.3)
Lakes Environmental AERMOD View V.7.6.1 (Version: 7.6.1)
LightScribe System Software (Version: 1.18.22.2)
Malwarebytes Anti-Malware versión 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel 2007 Help Actualización (KB963678)
Microsoft Office Excel MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook 2007 Help Actualización (KB963677)
Microsoft Office Outlook MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669)
Microsoft Office PowerPoint MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Basque) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Catalan) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Galician) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word 2007 Help Actualización (KB963665)
Microsoft Office Word MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Movie Theme Pack for HP MediaSmart Video (Version: 3.1.3310)
MPICH2 (Version: 1.4.1)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PDFCreator (Version: 0.9.5)
Privacy SafeGuard version 1.1 (Version: 1.1)
QLBCASL (Version: 6.40.17.2)
QuickTime (Version: 7.71.80.42)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0005)
Rosetta Stone Version 3 (Version: 3.4.5.0)
Skype Click to Call (Version: 6.2.10687)
Skype™ 5.10 (Version: 5.10.116)
SoftStylus (Version: 2.2.119.2)
SP45990 - Wallpaper Picture Position Enabler for Windows 7 (Version: 1.0.0)
SPSS 16.0 Graduate Student Version (Version: 16.0.1)
SPSS Data Access Pack 4.5 for Windows (Version: 5.30.0000)
swMSM (Version: 12.0.0.1)
Unity Web Player (Version: 2.6.1f3_31223)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Validity Sensors software (Version: 2.8.120)
Validity WinBio DDK (Version: 3.1.331)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 2.0.2 (Version: 2.0.2)
VLC Streamer 2.64
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 60%
Total physical RAM: 3836.2 MB
Available physical RAM: 1509.43 MB
Total Pagefile: 5882.39 MB
Available Pagefile: 3393.2 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.27 MB

========================= Partitions: =====================================

1 Drive c: (Sistema Operativo) (Fixed) (Total:97.65 GB) (Free:33.1 GB) NTFS
2 Drive d: (Datos) (Fixed) (Total:198.43 GB) (Free:56.72 GB) NTFS

========================= Users: ========================================

Cuentas de usuario de \\JUAN-PC

Administrador Asdrubal Gil Invitado
Se ha completado el comando correctamente.


**** End of log ****


FSS

Farbar Service Scanner Version: 06-08-2012
Ran by Asdrubal Gil (administrator) on 19-09-2012 at 12:00:36
Running from "D:\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-09-11 17:13] - [2012-08-22 11:12] - 1913200 ____A (Microsoft Corporation) F782CAD3CEDBB3F9FFE3BF2775D92DDC

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:45 AM

Posted 19 September 2012 - 02:45 PM

.

Edited by narenxp, 19 September 2012 - 03:05 PM.


#7 juan1999

juan1999
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 19 September 2012 - 02:54 PM

I ran the adware cleaner and this is what I got (it kept crashing, so I had to try a couple of times):

# AdwCleaner v2.002 - Logfile created 09/19/2012 at 12:24:43
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Asdrubal Gil - JUAN-PC
# Boot Mode : Normal
# Running from : C:\Users\Asdrubal Gil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DAWM1TVA\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\BrowserCompanion
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\Ilivid
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\Asdrubal Gil\AppData\Local\Conduit
Folder Deleted : C:\Users\Asdrubal Gil\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Asdrubal Gil\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Asdrubal Gil\AppData\LocalLow\searchquband

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\BrowserCompanion
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2849812
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Messenger Plus!\OpenCandy
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\Software\OpenCandy NSIS SDK
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Asdrubal Gil\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [5790 octets] - [19/09/2012 12:24:43]

########## EOF - C:\AdwCleaner[S1].txt - [5850 octets] ##########


Regarding the other one, it said that no threads were found and no repair was necessary.

#8 juan1999

juan1999
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 19 September 2012 - 02:59 PM

Also, every time i reboot my pc malwarebytes tells me that i have a trojan calles svchost.exe :S

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:45 AM

Posted 19 September 2012 - 03:05 PM

It seems TDSSkiller is finding rootkit on every reboot

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot ,click on REPAIR

Now run TDSSkiller and post the new log

#10 juan1999

juan1999
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 19 September 2012 - 05:03 PM

No threats or virus found, no repair needed

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:45 AM

Posted 19 September 2012 - 05:18 PM

Run TDSSkiller again and let me know if it comes out clean

#12 juan1999

juan1999
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 19 September 2012 - 05:44 PM

It came out clean

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:45 AM

Posted 19 September 2012 - 05:58 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#14 juan1999

juan1999
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 19 September 2012 - 06:59 PM

Alright, the results of RKill:

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/19/2012 04:54:44 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Asdrubal Gil\Desktop\rkill\rkill-09-19-2012-04-54-49.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 09/19/2012 04:54:59 PM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)


And results of Autoruns,

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Apoint" "Alps Pointing-device Driver" "Alps Electric Co., Ltd." "c:\program files\apoint2k\apoint.exe"
+ "IntelliPoint" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "SmartMenu" "SmartMenu" "" "c:\program files\hewlett-packard\hp mediasmart\smartmenu.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AVG_TRAY" "AVG Tray Monitor" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgtray.exe"
+ "BrStsMon00" "Brother Status Monitor Application" "Brother Industries, Ltd." "c:\program files (x86)\browny02\brother\brstmonw.exe"
+ "ControlCenter4" "ControlCenter Launcher" "Brother Industries, Ltd." "c:\program files (x86)\controlcenter4\brccboot.exe"
+ "DpAgent" "DigitalPersona Local Agent" "DigitalPersona, Inc." "c:\program files (x86)\digitalpersona\bin\dpagent.exe"
+ "Garmin Lifetime Updater" "Garmin Lifetime Updater" "Garmin" "c:\program files (x86)\garmin\lifetime updater\garminlifetime.exe"
+ "QlbCtrl.exe" "Quick Launch Buttons" " Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp quick launch buttons\qlbctrl.exe"
+ "QPService" "HP QuickPlay Resident Program" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\qpservice.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "WirelessAssistant" "HP Wireless Assistant Main Program" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp wireless assistant\hpwamain.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "PDFCreator.lnk" "PDFCreator" "pdfforge http://www.pdfforge.org/" "c:\program files (x86)\pdfcreator\pdfcreator.exe"
"C:\Users\Asdrubal Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\asdrubal gil\appdata\roaming\dropbox\bin\dropbox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "LightScribe Control Panel" "" "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lsrunonce.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\asdrubal gil\appdata\local\google\update\googleupdate.exe"
+ "msnmsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files (x86)\windows live\messenger\msnmsgr.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "linkscanner" "Safe Search pluggable protocol" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgppa.dll"
+ "skype-ie-addon-data" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\asdrubal gil\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgse.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "STKContextMenu" "Send to Kindle Context Menu dll" "Amazon.com, Inc." "c:\program files (x86)\amazon\sendtokindle\stkcontextmenu_192.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\asdrubal gil\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\asdrubal gil\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Destino de eliminación de Windows Sidebar" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Destino de eliminación de Windows Sidebar" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgse.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\asdrubal gil\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\asdrubal gil\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\asdrubal gil\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\asdrubal gil\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\asdrubal gil\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\asdrubal gil\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiea.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgssiea.dll"
+ "DigitalPersona Personal Extension" "DigitalPersona OTS Feedback" "DigitalPersona, Inc." "c:\program files\digitalpersona\bin\dpotspluginie8.dll"
+ "Privacy Safeguard BHO" "PrivacySafeguard" "PrivacySafeguard" "c:\program files\privacysafeguard\privacysafeguard-x64.dll"
+ "Skype add-on for Internet Explorer" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Aplicación auxiliar de inicio de sesión de Windows Live ID" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiex.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgssie.dll"
+ "DigitalPersona Personal Extension" "DigitalPersona OTS Feedback" "DigitalPersona, Inc." "c:\program files (x86)\digitalpersona\bin\dpotspluginie8.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Privacy Safeguard BHO" "PrivacySafeguard" "PrivacySafeguard" "c:\program files\privacysafeguard\privacysafeguard.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiea.dll"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiex.dll"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-190412378-468176176-21014424-1000Core" "Facebook Installer" "Facebook Inc." "c:\users\asdrubal gil\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-190412378-468176176-21014424-1000UA" "Facebook Installer" "Facebook Inc." "c:\users\asdrubal gil\appdata\local\facebook\update\facebookupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-190412378-468176176-21014424-1000Core" "Google Installer" "Google Inc." "c:\users\asdrubal gil\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-190412378-468176176-21014424-1000UA" "Google Installer" "Google Inc." "c:\users\asdrubal gil\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Internet Explorer\IE9 Install DelayedReboot_OnLogon" "" "" "File not found: C:\Program Files\Internet Explorer\ienrcore.exe"
+ "\Microsoft\Internet Explorer\IE9 Install DelayedReboot_OnReboot" "" "" "File not found: C:\Program Files\Internet Explorer\ienrcore.exe"
+ "\Microsoft\Internet Explorer\IE9 Install DelayedReboot_OnTimer" "" "" "File not found: C:\Program Files\Internet Explorer\ienrcore.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "" "" "File not found: c:\Program Files\Microsoft Security Client\MpCmdRun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Aplicación de configuración del Servicio de uso compartido de red del Reproductor de Windows Media" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-190412378-468176176-21014424-1000" "" "" "File not found: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-190412378-468176176-21014424-1000" "" "" "File not found: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe"
+ "\SidebarExecute" "Gadgets de escritorio de Windows" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sidebar.exe"
+ "\{9A4D247D-EF85-45AF-9EDE-89421A3E1E92}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "\{E68FA6A9-DCE3-4AF8-BCA6-41366ABD01A4}" "Google Chrome" "Google Inc." "c:\users\asdrubal gil\appdata\local\google\chrome\application\chrome.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "Este servicio mantiene actualizada la instalación de Adobe Flash Player con las últimas mejoras y soluciones de seguridad." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_960c1f056a541068\aestsr64.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AVGIDSAgent" "Proporciona protección de identidad contra la delincuencia cibernética." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgidsagent.exe"
+ "avgwd" "Servicio de Watchdog de AVG" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgwdsvc.exe"
+ "Bonjour Service" "Permite que los dispositivos de hardware y los servicios de software se configuren automáticamente en la red y anuncien su presencia." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "BrYNSvc" "BrYNCSvc" "Brother Industries, Ltd." "c:\program files (x86)\browny02\brynsvc.exe"
+ "Com4QLBEx" "Com for QLB application" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp quick launch buttons\com4qlbex.exe"
+ "DpHost" "Permite la autenticación de huella digital al iniciar la sesión de la cuenta." "DigitalPersona, Inc." "c:\program files (x86)\digitalpersona\bin\dphostw.exe"
+ "FirebirdGuardianDefaultInstance" "Firebird 2.1.3 Guardian" "Firebird Project" "c:\program files (x86)\firebird\firebird_2_1\bin\fbguard.exe"
+ "FirebirdServerDefaultInstance" "Firebird 2.1.3 Server" "Firebird Project" "c:\program files (x86)\firebird\firebird_2_1\bin\fbserver.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "gupdate" "Mantiene actualizado tu software de Google. Si este servicio se desactiva o se detiene, tu software de Google no se mantendrá actualizado, lo que implica que las vulnerabilidades de seguridad que puedan aparecer no podrán arreglarse y es posible que algunas funciones no anden. Este servicio se desinstala automáticamente si ningún software de Google la utiliza." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Mantiene actualizado tu software de Google. Si este servicio se desactiva o se detiene, tu software de Google no se mantendrá actualizado, lo que implica que las vulnerabilidades de seguridad que puedan aparecer no podrán arreglarse y es posible que algunas funciones no anden. Este servicio se desinstala automáticamente si ningún software de Google la utiliza." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "hasplms" "Manages licenses secured by Safenet Inc. Sentinel HASP." "SafeNet Inc." "c:\windows\system32\hasplms.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HPDrvMntSvc.exe" "HP Quick Synchronization Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqwmiex" "hpqwmiex Module" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "hpsrv" "HpService" "Hewlett-Packard Company" "c:\windows\system32\hpservice.exe"
+ "iPod Service" "Servicios de administración del hardware del iPod" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "McciCMService" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files (x86)\common files\motive\mccicmservice.exe"
+ "McciCMService64" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files\common files\motive\mccicmservice.exe"
+ "MDM" "Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\vs7debug\mdm.exe"
+ "mpich2_smpd" "Process manager service for MPICH2 applications" "Argonne National Lab" "c:\program files (x86)\mpich2\bin\smpd.exe"
+ "odserv" "Ejecutar parte de los diagnósticos de Microsoft Office." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Guarda los archivos de instalación utilizados para las actualizaciones y reparaciones, y es necesario para descargar actualizaciones del programa de instalación e informes de error de Watson." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "Skype C2C Service" "Skype Click to Call Update Service" "Skype Technologies S.A." "c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe"
+ "vfsFPService" "Validity Fingerprint Service" "Validity Sensors, Inc." "c:\windows\system32\vfsfpservice.exe"
+ "WinDefend" "Protección contra spyware y software potencialmente no deseado" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Habilita la autenticación de Windows Live ID." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Comparte las bibliotecas del Reproductor de Windows Media con otros dispositivos multimedia y reproductores en red mediante Plug and Play universal." "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Accelerometer" "HP Accelerometer" "Hewlett-Packard Company" "c:\windows\system32\drivers\accelerometer.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aksdf" "Aladdin Data Mini-Filter Driver" "SafeNet Inc." "c:\windows\system32\drivers\aksdf.sys"
+ "aksfridge" "SafeNet Inc. Sentinel HASP Ancillary Function Driver" "SafeNet Inc." "c:\windows\system32\drivers\aksfridge.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "AtiHdmiService" "ATI High Definition Audio Function Driver" "ATI Technologies, Inc." "c:\windows\system32\drivers\atihdmi.sys"
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "AtiPcie" "AMD PCIE Filter Driver for ATI PCIE chipset" "Advanced Micro Devices Inc." "c:\windows\system32\drivers\atipcie.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSFilter" "AVG Technologies IDS Application Activity Monitor Filter Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsfiltera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrSerIb" "Brother MFC Serial Interface Driver(WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserib.sys"
+ "Brserid" "Controlador I/F serie de Brother (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BrUsbSIb" "Brother MFC Serial USB Driver(WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbsib.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "dgderdrv" "" "" "File not found: System32\drivers\dgderdrv.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "enecir" "ENE CIR Driver for eHome(64)" "ENE TECHNOLOGY INC." "c:\windows\system32\drivers\enecir.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hardlock" "Hardlock Device Driver for Windows x64" "Aladdin Knowledge Systems Ltd." "c:\windows\system32\drivers\hardlock.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "hpdskflt" "HP Disk Filter - SATA/RAID" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpdskflt.sys"
+ "HpqKbFiltr" "HpqKbFiltr Keyboard Filter Driver" "Hewlett-Packard Development Company, L.P." "c:\windows\system32\drivers\hpqkbfiltr.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "JMCR" "JMicron JMB38X Flash Media Controller Driver" "JMicron Technology Corporation" "c:\windows\system32\drivers\jmcr.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MREMP50" "" "" "File not found: C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS"
+ "MREMP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS"
+ "MREMPR5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS"
+ "MRENDIS5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS"
+ "MRESP50" "" "" "File not found: C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS"
+ "MRESP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb_amd64.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "sptd" "" "" "c:\windows\system32\drivers\sptd.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Códec Cinepak®" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "VIDC.FFDS" "ffdshow VFW" "" "c:\windows\syswow64\ff_vfw.dll"
+ "vidc.VP60" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll"
+ "vidc.VP61" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
+ "MainConcept (MCE) MPEG Encoder" "MPEG Encoder and Muxer" "MainConcept AG" "c:\windows\system32\hauppauge\softmce\mceesmpeg.ax"
+ "QP LPCM Decoder 64 Bit" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\cllpcmaud64.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "CyberLink Audio Decoder (QP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\claud.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\claudiocd.ax"
+ "CyberLink DVD Navigator (QP3)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter (QP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\clline21.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\clauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\youcam\yctlmsplter.ax"
+ "Cyberlink Track Filter" "Cyberlink Track Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\youcam\yctrack.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\hp\quickplay\kernel\movie\clvidfx.ax"
+ "CyberLink Video Regulator" "Video Regulator" "Cyberlink" "c:\program files (x86)\cyberlink\youcam\ycrgl.ax"
+ "CyberLink Video/SP Decoder (QP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\clvsd.ax"
+ "CyberLink WebCamera NULL Render" "CLWEBCAMERARENDER" "CyberLink" "c:\program files (x86)\cyberlink\youcam\ycwebcamerarender.ax"
+ "CyberLink WMV Dumper" "CLWMVDump Dynamic Link Library" "" "c:\program files (x86)\cyberlink\youcam\ycwmvdump.ax"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "QTSrc" "CLQTSrc" "Cyberlink" "c:\program files (x86)\amadis software\amadis video converter suite\quicktime.ax"
+ "QuickPlay Audio Wizard (HP)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\claudwizard.ax"
+ "QuickPlay Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\cldemuxer.ax"
+ "YC_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files (x86)\cyberlink\youcam\ycevr.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart" "AVG Resident Shield Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgrsa.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "FingerProv Class" "Biometric Credential Provider" "DigitalPersona, Inc." "c:\windows\system32\dpcrprov.dll"
+ "KioskProv Class" "Biometric Credential Provider" "DigitalPersona, Inc." "c:\windows\system32\dpcrprov.dll"
+ "PswWrapProv Class" "Biometric Credential Provider" "DigitalPersona, Inc." "c:\windows\system32\dpcrprov.dll"
+ "SCardWrapProv Class" "Biometric Credential Provider" "DigitalPersona, Inc." "c:\windows\system32\dpcrprov.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
+ "ProvFilter Class" "Biometric Credential Provider" "DigitalPersona, Inc." "c:\windows\system32\dpcrprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Fax Dell AIO Printer 948 Port" "" "" "File not found: DLDFPMON.DLL"
+ "PCL hpz3llhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3llhn.dll"
+ "PDFCreator" "" "" "c:\windows\system32\pdfcmnnt.dll"
+ "stkMonitor" "Send to Kindle Port Monitor dll" "Amazon.com, Inc." "c:\windows\system32\stkmonitor.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages" "" "" ""
+ "DPPWDFLT" "DPPwdFlt Module" "DigitalPersona, Inc." "c:\windows\system32\dppwdflt.dll"

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:45 AM

Posted 19 September 2012 - 07:16 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users