Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random sounds. TDSSKiller won't run


  • Please log in to reply
19 replies to this topic

#1 Jaguarrl

Jaguarrl

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 16 September 2012 - 12:20 PM

My desktop is infected with the random ads/sounds virus. I have tried just about everything, but can't get TDSSKiller to work, which I hear fixes the problem. I've run MalwareBytes, SuperAntiSpyware, ESET, rkill, etc. Although a lot of tracking cookies and other stuff got removed, the sounds are still playing and I still can't run TDSSKiller.

It's a Windows 7 64 bit system.

Thanks in advance for your help.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:35 AM

Posted 16 September 2012 - 12:28 PM

Download Listparts from here

For 64 bit

List parts 64

Launch it,click on SCAN,post the log

#3 Jaguarrl

Jaguarrl
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 16 September 2012 - 12:33 PM

ListParts by Farbar Version: 15-09-2012
Ran by XXX (administrator) on 16-09-2012 at 11:32:20
Windows 7 (X64)
Running From: C:\Users\XXX\Downloads
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 22%
Total physical RAM: 6135.12 MB
Available physical RAM: 4759.2 MB
Total Pagefile: 12268.43 MB
Available Pagefile: 11046.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:279.35 GB) (Free:116.76 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 279 GB 3072 KB

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 279 GB 101 MB
Partition 3 Primary 10 MB 279 GB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 System Rese NTFS Partition 100 MB Healthy System (partition with boot components)

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 279 GB Healthy Boot

======================================================================================================

Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: Yes

There is no volume associated with this partition.

======================================================================================================

****** End Of Log ******

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:35 AM

Posted 16 September 2012 - 01:00 PM

.

Edited by narenxp, 27 October 2012 - 07:00 PM.


#5 Jaguarrl

Jaguarrl
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 16 September 2012 - 01:20 PM

tdss.exe seems to have done the trick. It found and removed 6 threats and 2 additional moderate threats.

I still can't run the updated TDSSKiller though. The recheck with tdss.exe came back clean.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:35 AM

Posted 16 September 2012 - 01:27 PM

TDSS.exe didnot find rootkit

Restart the PC

Press F8 on bootup

Select REPAIR YOUR COMPUTER

Click on REPAIR

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

Can you get to this screen?

If yes

Select command prompt and run these commands

diskpart
select disk 0
select partition 3
inactive

select disk 0
select partition 1
active


Now restart the PC and run TDSSkiller again

#7 Jaguarrl

Jaguarrl
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 16 September 2012 - 01:47 PM

It appears that I am stuck. I could click REPAIR YOUR COMPUTER, but it is currently hanging for some time on LOADING FILES and I can't get to the next step.

I am currently posting from the laptop.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:35 AM

Posted 16 September 2012 - 01:55 PM

Do you have your windows 7 DVD?

If yes insert it and select REPAIR YOUR COMPUTER

#9 Jaguarrl

Jaguarrl
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 16 September 2012 - 02:11 PM

That did the trick. I changed the parameters and restarted.

I then ran TDSS Killer and it found a bunch more stuff that it quarantined. Have rebooted and checked again and this time not coming up with anything additional.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:35 AM

Posted 16 September 2012 - 02:17 PM

Please post the log

#11 Jaguarrl

Jaguarrl
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 16 September 2012 - 02:19 PM

13:03:17.0829 6552 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:03:18.0380 6552 ============================================================
13:03:18.0380 6552 Current date / time: 2012/09/16 13:03:18.0380
13:03:18.0380 6552 SystemInfo:
13:03:18.0380 6552
13:03:18.0380 6552 OS Version: 6.1.7601 ServicePack: 1.0
13:03:18.0380 6552 Product type: Workstation
13:03:18.0380 6552 ComputerName: XXX-PC
13:03:18.0380 6552 UserName: XXX
13:03:18.0380 6552 Windows directory: C:\Windows
13:03:18.0380 6552 System windows directory: C:\Windows
13:03:18.0380 6552 Running under WOW64
13:03:18.0380 6552 Processor architecture: Intel x64
13:03:18.0380 6552 Number of processors: 8
13:03:18.0380 6552 Page size: 0x1000
13:03:18.0380 6552 Boot type: Normal boot
13:03:18.0380 6552 ============================================================
13:03:20.0007 6552 Drive \Device\Harddisk0\DR0 - Size: 0x45DD826000 (279.46 Gb), SectorSize: 0x200, Cylinders: 0x8E81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:03:20.0011 6552 ============================================================
13:03:20.0011 6552 \Device\Harddisk0\DR0:
13:03:20.0011 6552 MBR partitions:
13:03:20.0011 6552 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:03:20.0011 6552 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x22EB2130
13:03:20.0011 6552 ============================================================
13:03:20.0029 6552 C: <-> \Device\Harddisk0\DR0\Partition2
13:03:20.0030 6552 ============================================================
13:03:20.0030 6552 Initialize success
13:03:20.0030 6552 ============================================================
13:03:33.0175 6708 ============================================================
13:03:33.0175 6708 Scan started
13:03:33.0175 6708 Mode: Manual; SigCheck; TDLFS;
13:03:33.0175 6708 ============================================================
13:03:33.0676 6708 ================ Scan system memory ========================
13:03:33.0676 6708 System memory - ok
13:03:33.0676 6708 ================ Scan services =============================
13:03:33.0718 6708 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
13:03:33.0758 6708 !SASCORE - ok
13:03:33.0873 6708 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:03:33.0914 6708 1394ohci - ok
13:03:33.0941 6708 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:03:33.0954 6708 ACPI - ok
13:03:33.0985 6708 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:03:34.0013 6708 AcpiPmi - ok
13:03:34.0051 6708 [ 09E61047B0CEF21559CFCEDF4F14D216 ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
13:03:34.0071 6708 Ad-Aware Service - ok
13:03:34.0141 6708 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:03:34.0159 6708 AdobeFlashPlayerUpdateSvc - ok
13:03:34.0181 6708 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:03:34.0201 6708 adp94xx - ok
13:03:34.0217 6708 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:03:34.0234 6708 adpahci - ok
13:03:34.0245 6708 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:03:34.0260 6708 adpu320 - ok
13:03:34.0276 6708 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:03:34.0310 6708 AeLookupSvc - ok
13:03:34.0336 6708 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:03:34.0361 6708 AFD - ok
13:03:34.0381 6708 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:03:34.0393 6708 agp440 - ok
13:03:34.0401 6708 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:03:34.0421 6708 ALG - ok
13:03:34.0431 6708 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:03:34.0442 6708 aliide - ok
13:03:34.0462 6708 [ B3E801135E0C81733542C14D9AA8120A ] Alpham1 C:\Windows\system32\DRIVERS\Alpham164.sys
13:03:34.0524 6708 Alpham1 - ok
13:03:34.0535 6708 [ 6493983FEDBC49D9112703ECE9B251FE ] Alpham2 C:\Windows\system32\DRIVERS\Alpham264.sys
13:03:34.0554 6708 Alpham2 - ok
13:03:34.0578 6708 [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:03:34.0612 6708 AMD External Events Utility - ok
13:03:34.0622 6708 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:03:34.0642 6708 amdide - ok
13:03:34.0659 6708 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:03:34.0687 6708 AmdK8 - ok
13:03:34.0872 6708 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:03:35.0133 6708 amdkmdag - ok
13:03:35.0158 6708 [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:03:35.0179 6708 amdkmdap - ok
13:03:35.0193 6708 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:03:35.0215 6708 AmdPPM - ok
13:03:35.0238 6708 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:03:35.0251 6708 amdsata - ok
13:03:35.0269 6708 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:03:35.0284 6708 amdsbs - ok
13:03:35.0303 6708 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:03:35.0314 6708 amdxata - ok
13:03:35.0358 6708 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:03:35.0372 6708 AntiVirSchedulerService - ok
13:03:35.0408 6708 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:03:35.0420 6708 AntiVirService - ok
13:03:35.0448 6708 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:03:35.0519 6708 AppID - ok
13:03:35.0533 6708 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:03:35.0562 6708 AppIDSvc - ok
13:03:35.0575 6708 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:03:35.0607 6708 Appinfo - ok
13:03:35.0627 6708 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:03:35.0640 6708 arc - ok
13:03:35.0649 6708 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:03:35.0663 6708 arcsas - ok
13:03:35.0710 6708 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:03:35.0738 6708 aspnet_state - ok
13:03:35.0767 6708 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:03:35.0808 6708 AsyncMac - ok
13:03:35.0822 6708 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:03:35.0830 6708 atapi - ok
13:03:35.0857 6708 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
13:03:35.0880 6708 AtiHDAudioService - ok
13:03:35.0892 6708 [ 7E2F5A758F63F80F8B03F889B4E6B19F ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
13:03:35.0904 6708 AtiHdmiService - ok
13:03:36.0186 6708 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:03:36.0279 6708 atikmdag - ok
13:03:36.0305 6708 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:03:36.0338 6708 AudioEndpointBuilder - ok
13:03:36.0346 6708 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:03:36.0375 6708 AudioSrv - ok
13:03:36.0411 6708 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:03:36.0422 6708 avgntflt - ok
13:03:36.0447 6708 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:03:36.0460 6708 avipbb - ok
13:03:36.0481 6708 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:03:36.0491 6708 avkmgr - ok
13:03:36.0513 6708 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:03:36.0535 6708 AxInstSV - ok
13:03:36.0563 6708 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:03:36.0594 6708 b06bdrv - ok
13:03:36.0614 6708 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:03:36.0659 6708 b57nd60a - ok
13:03:36.0683 6708 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:03:36.0708 6708 BDESVC - ok
13:03:36.0717 6708 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:03:36.0755 6708 Beep - ok
13:03:36.0788 6708 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:03:36.0833 6708 BFE - ok
13:03:36.0904 6708 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
13:03:36.0974 6708 BITS - ok
13:03:37.0010 6708 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:03:37.0025 6708 blbdrive - ok
13:03:37.0038 6708 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:03:37.0055 6708 bowser - ok
13:03:37.0069 6708 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:03:37.0098 6708 BrFiltLo - ok
13:03:37.0108 6708 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:03:37.0125 6708 BrFiltUp - ok
13:03:37.0138 6708 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:03:37.0147 6708 Browser - ok
13:03:37.0156 6708 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:03:37.0181 6708 Brserid - ok
13:03:37.0191 6708 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:03:37.0204 6708 BrSerWdm - ok
13:03:37.0214 6708 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:03:37.0238 6708 BrUsbMdm - ok
13:03:37.0247 6708 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:03:37.0257 6708 BrUsbSer - ok
13:03:37.0270 6708 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:03:37.0284 6708 BTHMODEM - ok
13:03:37.0314 6708 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:03:37.0362 6708 bthserv - ok
13:03:37.0377 6708 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:03:37.0406 6708 cdfs - ok
13:03:37.0434 6708 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
13:03:37.0459 6708 cdrom - ok
13:03:37.0485 6708 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:03:37.0535 6708 CertPropSvc - ok
13:03:37.0551 6708 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:03:37.0565 6708 circlass - ok
13:03:37.0574 6708 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:03:37.0592 6708 CLFS - ok
13:03:37.0622 6708 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:03:37.0639 6708 clr_optimization_v2.0.50727_32 - ok
13:03:37.0667 6708 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:03:37.0682 6708 clr_optimization_v2.0.50727_64 - ok
13:03:37.0718 6708 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:03:37.0763 6708 clr_optimization_v4.0.30319_32 - ok
13:03:37.0786 6708 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:03:37.0815 6708 clr_optimization_v4.0.30319_64 - ok
13:03:37.0828 6708 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:03:37.0852 6708 CmBatt - ok
13:03:37.0869 6708 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:03:37.0887 6708 cmdide - ok
13:03:37.0908 6708 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:03:37.0954 6708 CNG - ok
13:03:37.0963 6708 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:03:37.0974 6708 Compbatt - ok
13:03:37.0998 6708 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:03:38.0015 6708 CompositeBus - ok
13:03:38.0024 6708 COMSysApp - ok
13:03:38.0077 6708 cpuz132 - ok
13:03:38.0100 6708 [ 95C88D25E211A4D52A82C53E5D93E634 ] cpuz133 C:\Windows\system32\drivers\cpuz133_x64.sys
13:03:38.0108 6708 cpuz133 - ok
13:03:38.0116 6708 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:03:38.0127 6708 crcdisk - ok
13:03:38.0150 6708 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:03:38.0167 6708 CryptSvc - ok
13:03:38.0187 6708 [ C1A12B4929050426E28E96A6F7E31A41 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
13:03:38.0197 6708 dc3d - ok
13:03:38.0243 6708 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:03:38.0277 6708 DcomLaunch - ok
13:03:38.0305 6708 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:03:38.0347 6708 defragsvc - ok
13:03:38.0360 6708 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:03:38.0389 6708 DfsC - ok
13:03:38.0408 6708 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:03:38.0440 6708 Dhcp - ok
13:03:38.0451 6708 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:03:38.0486 6708 discache - ok
13:03:38.0508 6708 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:03:38.0526 6708 Disk - ok
13:03:38.0542 6708 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:03:38.0560 6708 Dnscache - ok
13:03:38.0583 6708 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:03:38.0627 6708 dot3svc - ok
13:03:38.0642 6708 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:03:38.0674 6708 DPS - ok
13:03:38.0709 6708 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:03:38.0728 6708 drmkaud - ok
13:03:38.0754 6708 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:03:38.0777 6708 DXGKrnl - ok
13:03:38.0796 6708 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:03:38.0831 6708 EapHost - ok
13:03:38.0901 6708 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:03:39.0010 6708 ebdrv - ok
13:03:39.0031 6708 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:03:39.0039 6708 EFS - ok
13:03:39.0076 6708 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:03:39.0109 6708 ehRecvr - ok
13:03:39.0125 6708 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:03:39.0151 6708 ehSched - ok
13:03:39.0171 6708 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:03:39.0197 6708 elxstor - ok
13:03:39.0216 6708 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:03:39.0236 6708 ErrDev - ok
13:03:39.0258 6708 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:03:39.0290 6708 EventSystem - ok
13:03:39.0299 6708 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:03:39.0333 6708 exfat - ok
13:03:39.0345 6708 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:03:39.0376 6708 fastfat - ok
13:03:39.0400 6708 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:03:39.0424 6708 Fax - ok
13:03:39.0439 6708 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:03:39.0457 6708 fdc - ok
13:03:39.0462 6708 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:03:39.0487 6708 fdPHost - ok
13:03:39.0491 6708 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:03:39.0529 6708 FDResPub - ok
13:03:39.0537 6708 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:03:39.0549 6708 FileInfo - ok
13:03:39.0557 6708 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:03:39.0584 6708 Filetrace - ok
13:03:39.0597 6708 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:03:39.0607 6708 flpydisk - ok
13:03:39.0624 6708 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:03:39.0641 6708 FltMgr - ok
13:03:39.0671 6708 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:03:39.0697 6708 FontCache - ok
13:03:39.0726 6708 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:03:39.0737 6708 FontCache3.0.0.0 - ok
13:03:39.0741 6708 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:03:39.0758 6708 FsDepends - ok
13:03:39.0779 6708 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:03:39.0789 6708 Fs_Rec - ok
13:03:39.0807 6708 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:03:39.0827 6708 fvevol - ok
13:03:39.0836 6708 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:03:39.0848 6708 gagp30kx - ok
13:03:39.0902 6708 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
13:03:39.0912 6708 GoogleDesktopManager-051210-111108 - ok
13:03:39.0939 6708 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:03:39.0983 6708 gpsvc - ok
13:03:40.0007 6708 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:03:40.0038 6708 hcw85cir - ok
13:03:40.0065 6708 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:03:40.0108 6708 HdAudAddService - ok
13:03:40.0120 6708 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:03:40.0143 6708 HDAudBus - ok
13:03:40.0166 6708 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:03:40.0178 6708 HidBatt - ok
13:03:40.0190 6708 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:03:40.0226 6708 HidBth - ok
13:03:40.0236 6708 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:03:40.0259 6708 HidIr - ok
13:03:40.0276 6708 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:03:40.0315 6708 hidserv - ok
13:03:40.0337 6708 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:03:40.0348 6708 HidUsb - ok
13:03:40.0477 6708 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:03:40.0518 6708 hkmsvc - ok
13:03:40.0532 6708 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:03:40.0551 6708 HomeGroupListener - ok
13:03:40.0569 6708 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:03:40.0579 6708 HomeGroupProvider - ok
13:03:40.0596 6708 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:03:40.0612 6708 HpSAMD - ok
13:03:40.0638 6708 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:03:40.0687 6708 HTTP - ok
13:03:40.0704 6708 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:03:40.0714 6708 hwpolicy - ok
13:03:40.0758 6708 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:03:40.0772 6708 i8042prt - ok
13:03:40.0872 6708 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:03:40.0895 6708 iaStorV - ok
13:03:40.0923 6708 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:03:40.0957 6708 idsvc - ok
13:03:40.0973 6708 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:03:40.0985 6708 iirsp - ok
13:03:41.0008 6708 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:03:41.0074 6708 IKEEXT - ok
13:03:41.0091 6708 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:03:41.0102 6708 intelide - ok
13:03:41.0115 6708 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:03:41.0128 6708 intelppm - ok
13:03:41.0144 6708 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:03:41.0177 6708 IPBusEnum - ok
13:03:41.0194 6708 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:03:41.0227 6708 IpFilterDriver - ok
13:03:41.0247 6708 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:03:41.0284 6708 iphlpsvc - ok
13:03:41.0302 6708 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:03:41.0320 6708 IPMIDRV - ok
13:03:41.0333 6708 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:03:41.0370 6708 IPNAT - ok
13:03:41.0379 6708 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:03:41.0400 6708 IRENUM - ok
13:03:41.0414 6708 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:03:41.0425 6708 isapnp - ok
13:03:41.0438 6708 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:03:41.0455 6708 iScsiPrt - ok
13:03:41.0464 6708 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:03:41.0475 6708 kbdclass - ok
13:03:41.0488 6708 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:03:41.0499 6708 kbdhid - ok
13:03:41.0509 6708 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:03:41.0517 6708 KeyIso - ok
13:03:41.0531 6708 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:03:41.0543 6708 KSecDD - ok
13:03:41.0553 6708 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:03:41.0567 6708 KSecPkg - ok
13:03:41.0581 6708 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:03:41.0609 6708 ksthunk - ok
13:03:41.0646 6708 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:03:41.0691 6708 KtmRm - ok
13:03:41.0705 6708 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:03:41.0736 6708 LanmanServer - ok
13:03:41.0754 6708 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:03:41.0780 6708 LanmanWorkstation - ok
13:03:41.0791 6708 Lbd - ok
13:03:41.0858 6708 [ 7447F069CE66633DAFA0B2DEEE7AF5BA ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
13:03:41.0875 6708 LBTServ - ok
13:03:41.0888 6708 [ 0A7D6ED578D85F0C35353424EE3F5245 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
13:03:41.0898 6708 LHidFilt - ok
13:03:41.0922 6708 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:03:41.0955 6708 lltdio - ok
13:03:41.0977 6708 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:03:42.0021 6708 lltdsvc - ok
13:03:42.0029 6708 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:03:42.0054 6708 lmhosts - ok
13:03:42.0060 6708 [ 6542E2E6DB58118FBB1B82A68CE3AFF9 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
13:03:42.0070 6708 LMouFilt - ok
13:03:42.0090 6708 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:03:42.0103 6708 LSI_FC - ok
13:03:42.0114 6708 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:03:42.0127 6708 LSI_SAS - ok
13:03:42.0130 6708 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:03:42.0142 6708 LSI_SAS2 - ok
13:03:42.0145 6708 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:03:42.0158 6708 LSI_SCSI - ok
13:03:42.0173 6708 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:03:42.0206 6708 luafv - ok
13:03:42.0219 6708 MBAMProtector - ok
13:03:42.0243 6708 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:03:42.0254 6708 MBAMScheduler - ok
13:03:42.0269 6708 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:03:42.0292 6708 MBAMService - ok
13:03:42.0328 6708 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
13:03:42.0344 6708 McComponentHostService - ok
13:03:42.0358 6708 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:03:42.0375 6708 Mcx2Svc - ok
13:03:42.0378 6708 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:03:42.0389 6708 megasas - ok
13:03:42.0402 6708 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:03:42.0419 6708 MegaSR - ok
13:03:42.0429 6708 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:03:42.0463 6708 MMCSS - ok
13:03:42.0473 6708 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:03:42.0504 6708 Modem - ok
13:03:42.0522 6708 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:03:42.0536 6708 monitor - ok
13:03:42.0548 6708 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:03:42.0559 6708 mouclass - ok
13:03:42.0574 6708 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:03:42.0585 6708 mouhid - ok
13:03:42.0599 6708 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:03:42.0612 6708 mountmgr - ok
13:03:42.0643 6708 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:03:42.0657 6708 MozillaMaintenance - ok
13:03:42.0671 6708 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:03:42.0687 6708 mpio - ok
13:03:42.0696 6708 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:03:42.0724 6708 mpsdrv - ok
13:03:42.0757 6708 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:03:42.0809 6708 MpsSvc - ok
13:03:42.0823 6708 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:03:42.0840 6708 MRxDAV - ok
13:03:42.0851 6708 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:03:42.0873 6708 mrxsmb - ok
13:03:42.0889 6708 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:03:42.0906 6708 mrxsmb10 - ok
13:03:42.0915 6708 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:03:42.0929 6708 mrxsmb20 - ok
13:03:42.0939 6708 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:03:42.0951 6708 msahci - ok
13:03:42.0957 6708 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:03:42.0973 6708 msdsm - ok
13:03:42.0984 6708 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:03:43.0014 6708 MSDTC - ok
13:03:43.0027 6708 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:03:43.0057 6708 Msfs - ok
13:03:43.0064 6708 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:03:43.0095 6708 mshidkmdf - ok
13:03:43.0104 6708 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:03:43.0114 6708 msisadrv - ok
13:03:43.0138 6708 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:03:43.0171 6708 MSiSCSI - ok
13:03:43.0174 6708 msiserver - ok
13:03:43.0194 6708 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:03:43.0225 6708 MSKSSRV - ok
13:03:43.0229 6708 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:03:43.0255 6708 MSPCLOCK - ok
13:03:43.0257 6708 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:03:43.0286 6708 MSPQM - ok
13:03:43.0302 6708 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:03:43.0319 6708 MsRPC - ok
13:03:43.0332 6708 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:03:43.0341 6708 mssmbios - ok
13:03:43.0343 6708 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:03:43.0373 6708 MSTEE - ok
13:03:43.0380 6708 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:03:43.0395 6708 MTConfig - ok
13:03:43.0414 6708 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
13:03:43.0435 6708 MTsensor - ok
13:03:43.0449 6708 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:03:43.0460 6708 Mup - ok
13:03:43.0476 6708 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:03:43.0514 6708 napagent - ok
13:03:43.0538 6708 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:03:43.0581 6708 NativeWifiP - ok
13:03:43.0615 6708 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:03:43.0646 6708 NDIS - ok
13:03:43.0673 6708 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:03:43.0702 6708 NdisCap - ok
13:03:43.0721 6708 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:03:43.0748 6708 NdisTapi - ok
13:03:43.0772 6708 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:03:43.0814 6708 Ndisuio - ok
13:03:43.0829 6708 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:03:43.0871 6708 NdisWan - ok
13:03:43.0885 6708 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:03:43.0912 6708 NDProxy - ok
13:03:43.0926 6708 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:03:43.0960 6708 NetBIOS - ok
13:03:43.0980 6708 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:03:44.0020 6708 NetBT - ok
13:03:44.0029 6708 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:03:44.0037 6708 Netlogon - ok
13:03:44.0062 6708 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:03:44.0098 6708 Netman - ok
13:03:44.0129 6708 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:03:44.0154 6708 NetMsmqActivator - ok
13:03:44.0157 6708 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:03:44.0164 6708 NetPipeActivator - ok
13:03:44.0180 6708 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:03:44.0209 6708 netprofm - ok
13:03:44.0212 6708 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:03:44.0220 6708 NetTcpActivator - ok
13:03:44.0223 6708 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:03:44.0231 6708 NetTcpPortSharing - ok
13:03:44.0241 6708 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:03:44.0253 6708 nfrd960 - ok
13:03:44.0276 6708 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:03:44.0302 6708 NlaSvc - ok
13:03:44.0312 6708 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:03:44.0340 6708 Npfs - ok
13:03:44.0347 6708 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:03:44.0381 6708 nsi - ok
13:03:44.0387 6708 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:03:44.0423 6708 nsiproxy - ok
13:03:44.0458 6708 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:03:44.0526 6708 Ntfs - ok
13:03:44.0552 6708 [ D4012918D3A3847B44B888D56BC095D6 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
13:03:44.0565 6708 NuidFltr - ok
13:03:44.0576 6708 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:03:44.0607 6708 Null - ok
13:03:44.0633 6708 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:03:44.0647 6708 nvraid - ok
13:03:44.0658 6708 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:03:44.0673 6708 nvstor - ok
13:03:44.0690 6708 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:03:44.0703 6708 nv_agp - ok
13:03:44.0738 6708 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:03:44.0758 6708 ohci1394 - ok
13:03:44.0777 6708 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:03:44.0798 6708 p2pimsvc - ok
13:03:44.0812 6708 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:03:44.0830 6708 p2psvc - ok
13:03:44.0846 6708 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:03:44.0865 6708 Parport - ok
13:03:44.0878 6708 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:03:44.0897 6708 partmgr - ok
13:03:44.0909 6708 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:03:44.0924 6708 PcaSvc - ok
13:03:44.0939 6708 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:03:44.0948 6708 pci - ok
13:03:44.0955 6708 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:03:44.0965 6708 pciide - ok
13:03:44.0976 6708 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:03:44.0992 6708 pcmcia - ok
13:03:45.0000 6708 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:03:45.0011 6708 pcw - ok
13:03:45.0022 6708 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:03:45.0072 6708 PEAUTH - ok
13:03:45.0115 6708 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:03:45.0139 6708 PerfHost - ok
13:03:45.0176 6708 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:03:45.0270 6708 pla - ok
13:03:45.0289 6708 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:03:45.0300 6708 PlugPlay - ok
13:03:45.0314 6708 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:03:45.0332 6708 PNRPAutoReg - ok
13:03:45.0346 6708 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:03:45.0357 6708 PNRPsvc - ok
13:03:45.0380 6708 [ 9ABFF71FF6F3B9492686D3403FA5DCDB ] Point64 C:\Windows\system32\DRIVERS\point64k.sys
13:03:45.0390 6708 Point64 - ok
13:03:45.0406 6708 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:03:45.0437 6708 PolicyAgent - ok
13:03:45.0452 6708 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:03:45.0483 6708 Power - ok
13:03:45.0502 6708 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:03:45.0551 6708 PptpMiniport - ok
13:03:45.0565 6708 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:03:45.0578 6708 Processor - ok
13:03:45.0603 6708 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:03:45.0614 6708 ProfSvc - ok
13:03:45.0619 6708 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:03:45.0627 6708 ProtectedStorage - ok
13:03:45.0650 6708 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:03:45.0682 6708 Psched - ok
13:03:45.0699 6708 [ A6BF0A9B5A30D743623CA0D3BE35DF05 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
13:03:45.0709 6708 PxHlpa64 - ok
13:03:45.0735 6708 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:03:45.0806 6708 ql2300 - ok
13:03:45.0822 6708 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:03:45.0836 6708 ql40xx - ok
13:03:45.0854 6708 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:03:45.0874 6708 QWAVE - ok
13:03:45.0879 6708 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:03:45.0899 6708 QWAVEdrv - ok
13:03:45.0909 6708 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:03:45.0936 6708 RasAcd - ok
13:03:45.0960 6708 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:03:46.0000 6708 RasAgileVpn - ok
13:03:46.0011 6708 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:03:46.0044 6708 RasAuto - ok
13:03:46.0057 6708 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:03:46.0091 6708 Rasl2tp - ok
13:03:46.0105 6708 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:03:46.0139 6708 RasMan - ok
13:03:46.0158 6708 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:03:46.0187 6708 RasPppoe - ok
13:03:46.0196 6708 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:03:46.0231 6708 RasSstp - ok
13:03:46.0248 6708 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:03:46.0280 6708 rdbss - ok
13:03:46.0289 6708 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:03:46.0308 6708 rdpbus - ok
13:03:46.0318 6708 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:03:46.0344 6708 RDPCDD - ok
13:03:46.0351 6708 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:03:46.0383 6708 RDPENCDD - ok
13:03:46.0406 6708 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:03:46.0432 6708 RDPREFMP - ok
13:03:46.0452 6708 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:03:46.0479 6708 RDPWD - ok
13:03:46.0497 6708 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:03:46.0513 6708 rdyboost - ok
13:03:46.0529 6708 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:03:46.0567 6708 RemoteAccess - ok
13:03:46.0583 6708 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:03:46.0618 6708 RemoteRegistry - ok
13:03:46.0638 6708 [ 71B48DDAF5E9C2B40E64DE5C405F5AAC ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
13:03:46.0656 6708 RimUsb - ok
13:03:46.0675 6708 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
13:03:46.0690 6708 RimVSerPort - ok
13:03:46.0703 6708 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
13:03:46.0734 6708 ROOTMODEM - ok
13:03:46.0781 6708 [ AFD61A7C48A3E15C86A6FADF0B69A2E4 ] Roxio UPnP Renderer 9 C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
13:03:46.0800 6708 Roxio UPnP Renderer 9 - ok
13:03:46.0830 6708 [ EFBB36E2BB02169D26E9980778FC20D3 ] Roxio Upnp Server 9 C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe
13:03:46.0841 6708 Roxio Upnp Server 9 - ok
13:03:46.0884 6708 [ 78E680A105F47B6AA0003BD23ED9FA51 ] RoxLiveShare9 C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
13:03:46.0895 6708 RoxLiveShare9 - ok
13:03:46.0921 6708 [ 9D5C024170C376D7CC66ED853FDA9068 ] RoxMediaDB9 C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
13:03:46.0979 6708 RoxMediaDB9 - ok
13:03:46.0994 6708 [ 87F175539DBBA297018AA7FCDD563FF7 ] RoxWatch9 C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
13:03:47.0006 6708 RoxWatch9 - ok
13:03:47.0035 6708 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:03:47.0082 6708 RpcEptMapper - ok
13:03:47.0097 6708 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:03:47.0116 6708 RpcLocator - ok
13:03:47.0135 6708 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:03:47.0162 6708 RpcSs - ok
13:03:47.0175 6708 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:03:47.0209 6708 rspndr - ok
13:03:47.0239 6708 [ 24510C4A77ABA3B07AEFA840DB888637 ] RzSynapse C:\Windows\system32\DRIVERS\RzSynapse.sys
13:03:47.0258 6708 RzSynapse - ok
13:03:47.0280 6708 [ A237566B5A53D17D8348334853F11B38 ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
13:03:47.0300 6708 rzudd - ok
13:03:47.0304 6708 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:03:47.0313 6708 SamSs - ok
13:03:47.0371 6708 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
13:03:47.0380 6708 SASDIFSV - ok
13:03:47.0397 6708 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
13:03:47.0405 6708 SASKUTIL - ok
13:03:47.0473 6708 [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
13:03:47.0522 6708 SBAMSvc - ok
13:03:47.0540 6708 [ 6E342316E72F4B6FA39C99E06373A1A3 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
13:03:47.0550 6708 sbapifs - ok
13:03:47.0584 6708 [ 19954328DDA3D656F8A879B3A46FFED6 ] SbFw C:\Windows\system32\drivers\SbFw.sys
13:03:47.0603 6708 SbFw - ok
13:03:47.0622 6708 [ 513B3BFCD3C465B9820C2D05FA94E630 ] SBFWIMCL C:\Windows\system32\DRIVERS\sbfwim.sys
13:03:47.0632 6708 SBFWIMCL - ok
13:03:47.0653 6708 [ 513B3BFCD3C465B9820C2D05FA94E630 ] SBFWIMCLMP C:\Windows\system32\DRIVERS\SBFWIM.sys
13:03:47.0663 6708 SBFWIMCLMP - ok
13:03:47.0681 6708 [ B671EEF468D13016B9286F5835A06AE1 ] sbhips C:\Windows\system32\drivers\sbhips.sys
13:03:47.0695 6708 sbhips - ok
13:03:47.0725 6708 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:03:47.0745 6708 sbp2port - ok
13:03:47.0760 6708 [ 9ACEB2A2362FC87A3825963E61BA9076 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
13:03:47.0774 6708 SBRE - ok
13:03:47.0785 6708 [ EAB54ADCCECA64B2F38CD859FB494895 ] sbwtis C:\Windows\system32\DRIVERS\sbwtis.sys
13:03:47.0799 6708 sbwtis - ok
13:03:47.0813 6708 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:03:47.0859 6708 SCardSvr - ok
13:03:47.0870 6708 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:03:47.0905 6708 scfilter - ok
13:03:47.0931 6708 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:03:47.0977 6708 Schedule - ok
13:03:47.0997 6708 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:03:48.0021 6708 SCPolicySvc - ok
13:03:48.0028 6708 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:03:48.0054 6708 SDRSVC - ok
13:03:48.0073 6708 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:03:48.0111 6708 secdrv - ok
13:03:48.0129 6708 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:03:48.0157 6708 seclogon - ok
13:03:48.0163 6708 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:03:48.0196 6708 SENS - ok
13:03:48.0210 6708 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:03:48.0232 6708 SensrSvc - ok
13:03:48.0244 6708 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:03:48.0254 6708 Serenum - ok
13:03:48.0272 6708 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:03:48.0285 6708 Serial - ok
13:03:48.0299 6708 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:03:48.0313 6708 sermouse - ok
13:03:48.0326 6708 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:03:48.0361 6708 SessionEnv - ok
13:03:48.0370 6708 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:03:48.0394 6708 sffdisk - ok
13:03:48.0401 6708 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:03:48.0415 6708 sffp_mmc - ok
13:03:48.0421 6708 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:03:48.0438 6708 sffp_sd - ok
13:03:48.0446 6708 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:03:48.0468 6708 sfloppy - ok
13:03:48.0492 6708 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:03:48.0526 6708 SharedAccess - ok
13:03:48.0539 6708 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:03:48.0566 6708 ShellHWDetection - ok
13:03:48.0583 6708 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:03:48.0595 6708 SiSRaid2 - ok
13:03:48.0601 6708 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:03:48.0613 6708 SiSRaid4 - ok
13:03:48.0622 6708 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:03:48.0651 6708 Smb - ok
13:03:48.0703 6708 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:03:48.0722 6708 SNMPTRAP - ok
13:03:48.0729 6708 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:03:48.0742 6708 spldr - ok
13:03:48.0765 6708 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:03:48.0779 6708 Spooler - ok
13:03:48.0847 6708 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:03:48.0963 6708 sppsvc - ok
13:03:48.0973 6708 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:03:49.0006 6708 sppuinotify - ok
13:03:49.0027 6708 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:03:49.0058 6708 srv - ok
13:03:49.0071 6708 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:03:49.0090 6708 srv2 - ok
13:03:49.0099 6708 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:03:49.0121 6708 srvnet - ok
13:03:49.0138 6708 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:03:49.0173 6708 SSDPSRV - ok
13:03:49.0185 6708 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:03:49.0215 6708 SstpSvc - ok
13:03:49.0234 6708 Steam Client Service - ok
13:03:49.0244 6708 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:03:49.0256 6708 stexstor - ok
13:03:49.0282 6708 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:03:49.0303 6708 stisvc - ok
13:03:49.0319 6708 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:03:49.0330 6708 swenum - ok
13:03:49.0359 6708 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:03:49.0414 6708 swprv - ok
13:03:49.0452 6708 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:03:49.0493 6708 SysMain - ok
13:03:49.0505 6708 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:03:49.0522 6708 TabletInputService - ok
13:03:49.0537 6708 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:03:49.0577 6708 TapiSrv - ok
13:03:49.0585 6708 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:03:49.0611 6708 TBS - ok
13:03:49.0650 6708 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:03:49.0723 6708 Tcpip - ok
13:03:49.0757 6708 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:03:49.0785 6708 TCPIP6 - ok
13:03:49.0794 6708 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:03:49.0827 6708 tcpipreg - ok
13:03:49.0845 6708 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:03:49.0870 6708 TDPIPE - ok
13:03:49.0894 6708 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:03:49.0920 6708 TDTCP - ok
13:03:49.0942 6708 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:03:49.0985 6708 tdx - ok
13:03:50.0002 6708 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:03:50.0014 6708 TermDD - ok
13:03:50.0030 6708 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:03:50.0069 6708 TermService - ok
13:03:50.0083 6708 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:03:50.0101 6708 Themes - ok
13:03:50.0116 6708 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:03:50.0141 6708 THREADORDER - ok
13:03:50.0147 6708 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:03:50.0178 6708 TrkWks - ok
13:03:50.0204 6708 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:03:50.0241 6708 TrustedInstaller - ok
13:03:50.0253 6708 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:03:50.0288 6708 tssecsrv - ok
13:03:50.0303 6708 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:03:50.0318 6708 TsUsbFlt - ok
13:03:50.0337 6708 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:03:50.0366 6708 tunnel - ok
13:03:50.0377 6708 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:03:50.0389 6708 uagp35 - ok
13:03:50.0410 6708 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:03:50.0450 6708 udfs - ok
13:03:50.0460 6708 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:03:50.0474 6708 UI0Detect - ok
13:03:50.0480 6708 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:03:50.0492 6708 uliagpkx - ok
13:03:50.0510 6708 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
13:03:50.0527 6708 umbus - ok
13:03:50.0534 6708 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:03:50.0552 6708 UmPass - ok
13:03:50.0570 6708 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:03:50.0606 6708 upnphost - ok
13:03:50.0638 6708 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:03:50.0653 6708 usbaudio - ok
13:03:50.0664 6708 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:03:50.0689 6708 usbccgp - ok
13:03:50.0709 6708 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:03:50.0725 6708 usbcir - ok
13:03:50.0733 6708 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:03:50.0755 6708 usbehci - ok
13:03:50.0773 6708 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:03:50.0814 6708 usbhub - ok
13:03:50.0821 6708 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:03:50.0837 6708 usbohci - ok
13:03:50.0848 6708 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:03:50.0866 6708 usbprint - ok
13:03:50.0877 6708 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
13:03:50.0906 6708 USBSTOR - ok
13:03:50.0922 6708 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:03:50.0939 6708 usbuhci - ok
13:03:50.0955 6708 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:03:50.0987 6708 UxSms - ok
13:03:50.0995 6708 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:03:51.0004 6708 VaultSvc - ok
13:03:51.0024 6708 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:03:51.0035 6708 vdrvroot - ok
13:03:51.0054 6708 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:03:51.0090 6708 vds - ok
13:03:51.0101 6708 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:03:51.0114 6708 vga - ok
13:03:51.0116 6708 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:03:51.0146 6708 VgaSave - ok
13:03:51.0159 6708 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:03:51.0175 6708 vhdmp - ok
13:03:51.0182 6708 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:03:51.0193 6708 viaide - ok
13:03:51.0199 6708 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:03:51.0211 6708 volmgr - ok
13:03:51.0230 6708 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:03:51.0249 6708 volmgrx - ok
13:03:51.0262 6708 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:03:51.0289 6708 volsnap - ok
13:03:51.0303 6708 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:03:51.0317 6708 vsmraid - ok
13:03:51.0351 6708 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:03:51.0447 6708 VSS - ok
13:03:51.0454 6708 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:03:51.0473 6708 vwifibus - ok
13:03:51.0496 6708 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:03:51.0532 6708 W32Time - ok
13:03:51.0539 6708 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:03:51.0553 6708 WacomPen - ok
13:03:51.0572 6708 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:03:51.0608 6708 WANARP - ok
13:03:51.0615 6708 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:03:51.0639 6708 Wanarpv6 - ok
13:03:51.0699 6708 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:03:51.0776 6708 WatAdminSvc - ok
13:03:51.0817 6708 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:03:51.0897 6708 wbengine - ok
13:03:51.0907 6708 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:03:51.0926 6708 WbioSrvc - ok
13:03:51.0942 6708 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:03:51.0966 6708 wcncsvc - ok
13:03:51.0974 6708 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:03:51.0990 6708 WcsPlugInService - ok
13:03:52.0003 6708 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:03:52.0014 6708 Wd - ok
13:03:52.0027 6708 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:03:52.0050 6708 Wdf01000 - ok
13:03:52.0057 6708 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:03:52.0100 6708 WdiServiceHost - ok
13:03:52.0103 6708 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:03:52.0117 6708 WdiSystemHost - ok
13:03:52.0134 6708 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:03:52.0160 6708 WebClient - ok
13:03:52.0176 6708 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:03:52.0211 6708 Wecsvc - ok
13:03:52.0228 6708 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:03:52.0283 6708 wercplsupport - ok
13:03:52.0306 6708 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:03:52.0350 6708 WerSvc - ok
13:03:52.0362 6708 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:03:52.0389 6708 WfpLwf - ok
13:03:52.0401 6708 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:03:52.0412 6708 WIMMount - ok
13:03:52.0417 6708 WinDefend - ok
13:03:52.0421 6708 WinHttpAutoProxySvc - ok
13:03:52.0451 6708 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:03:52.0493 6708 Winmgmt - ok
13:03:52.0535 6708 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:03:52.0632 6708 WinRM - ok
13:03:52.0669 6708 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:03:52.0688 6708 WinUsb - ok
13:03:52.0712 6708 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:03:52.0756 6708 Wlansvc - ok
13:03:52.0788 6708 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:03:52.0797 6708 WmiAcpi - ok
13:03:52.0812 6708 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:03:52.0827 6708 wmiApSrv - ok
13:03:52.0850 6708 WMPNetworkSvc - ok
13:03:52.0853 6708 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:03:52.0867 6708 WPCSvc - ok
13:03:52.0881 6708 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:03:52.0892 6708 WPDBusEnum - ok
13:03:52.0906 6708 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:03:52.0932 6708 ws2ifsl - ok
13:03:52.0940 6708 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
13:03:52.0965 6708 wscsvc - ok
13:03:52.0967 6708 WSearch - ok
13:03:53.0015 6708 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:03:53.0098 6708 wuauserv - ok
13:03:53.0109 6708 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:03:53.0137 6708 WudfPf - ok
13:03:53.0148 6708 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:03:53.0186 6708 WUDFRd - ok
13:03:53.0201 6708 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:03:53.0226 6708 wudfsvc - ok
13:03:53.0246 6708 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:03:53.0274 6708 WwanSvc - ok
13:03:53.0295 6708 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
13:03:53.0322 6708 yukonw7 - ok
13:03:53.0325 6708 ================ Scan global ===============================
13:03:53.0337 6708 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:03:53.0352 6708 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:03:53.0357 6708 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:03:53.0374 6708 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:03:53.0393 6708 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:03:53.0395 6708 [Global] - ok
13:03:53.0395 6708 ================ Scan MBR ==================================
13:03:53.0399 6708 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:03:53.0539 6708 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:03:53.0539 6708 \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:03:53.0540 6708 ================ Scan VBR ==================================
13:03:53.0542 6708 [ 0434C8C618595425CDF5DAD405C6AA32 ] \Device\Harddisk0\DR0\Partition1
13:03:53.0544 6708 \Device\Harddisk0\DR0\Partition1 - ok
13:03:53.0557 6708 [ 59F66AE5EED39E238CE4D140F2DF936A ] \Device\Harddisk0\DR0\Partition2
13:03:53.0558 6708 \Device\Harddisk0\DR0\Partition2 - ok
13:03:53.0559 6708 ============================================================
13:03:53.0559 6708 Scan finished
13:03:53.0559 6708 ============================================================
13:03:53.0567 6688 Detected object count: 1
13:03:53.0567 6688 Actual detected object count: 1
13:04:11.0607 6688 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
13:04:11.0610 6688 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
13:04:11.0613 6688 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
13:04:11.0615 6688 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
13:04:11.0616 6688 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
13:04:11.0619 6688 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
13:04:11.0630 6688 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
13:04:11.0642 6688 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
13:04:11.0649 6688 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
13:04:11.0655 6688 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
13:04:11.0658 6688 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
13:04:11.0692 6688 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
13:04:11.0694 6688 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
13:04:11.0697 6688 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
13:04:11.0700 6688 \Device\Harddisk0\DR0\TDLFS\tdi32 - copied to quarantine
13:04:11.0703 6688 \Device\Harddisk0\DR0\TDLFS\tdi64 - copied to quarantine
13:04:11.0706 6688 \Device\Harddisk0\DR0\TDLFS\main1 - copied to quarantine
13:04:11.0709 6688 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
13:04:11.0713 6688 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
13:04:11.0716 6688 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
13:04:11.0737 6688 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
13:04:11.0750 6688 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
13:04:11.0771 6688 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
13:04:11.0792 6688 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
13:04:11.0812 6688 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
13:04:11.0815 6688 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
13:04:11.0978 6688 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
13:04:11.0979 6688 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine
13:04:38.0874 6512 Deinitialize success

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:35 AM

Posted 16 September 2012 - 02:20 PM

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

#13 Jaguarrl

Jaguarrl
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 16 September 2012 - 03:31 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-16 13:22:35
-----------------------------
13:22:35.965 OS Version: Windows x64 6.1.7601 Service Pack 1
13:22:35.965 Number of processors: 8 586 0x1A05
13:22:35.966 ComputerName: XXX-PC UserName: XXX
13:22:36.323 Initialize success
13:23:34.822 AVAST engine defs: 12091400
13:23:37.380 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-4
13:23:37.382 Disk 0 Vendor: WDC_WD3000HLFS-01G6U1 04.04V02 Size: 286168MB BusType: 3
13:23:37.387 Disk 0 MBR read successfully
13:23:37.389 Disk 0 MBR scan
13:23:37.394 Disk 0 Windows 7 default MBR code
13:23:37.401 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
13:23:37.413 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 286052 MB offset 206848
13:23:37.431 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 10 MB offset 586043392
13:23:37.441 Disk 0 scanning C:\Windows\system32\drivers
13:23:43.708 Service scanning
13:23:58.659 Modules scanning
13:23:58.667 Disk 0 trace - called modules:
13:23:58.675 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
13:23:58.680 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006540790]
13:23:58.686 3 CLASSPNP.SYS[fffff8800192643f] -> nt!IofCallDriver -> [0xfffffa80062f09b0]
13:23:58.691 5 ACPI.sys[fffff88000f9f7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-4[0xfffffa8006319060]
13:23:59.426 AVAST engine scan C:\Windows
13:24:00.657 AVAST engine scan C:\Windows\system32
13:26:28.825 AVAST engine scan C:\Windows\system32\drivers
13:26:36.081 AVAST engine scan C:\Users\XXX
13:32:03.871 AVAST engine scan C:\ProgramData
13:34:37.312 Scan finished successfully
13:36:13.922 Disk 0 MBR has been saved successfully to "C:\Users\XXX\Desktop\MBR.dat"
13:36:13.927 The log file has been saved successfully to "C:\Users\XXX\Desktop\aswMBR.txt"



ESET Log

C:\TDSSKiller_Quarantine\16.09.2012_13.03.18\tdlfs0000\tsk0005.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.09.2012_13.03.18\tdlfs0000\tsk0006.dta Win64/Olmasco.Y trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.09.2012_13.03.18\tdlfs0000\tsk0007.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.09.2012_13.03.18\tdlfs0000\tsk0008.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.09.2012_13.03.18\tdlfs0000\tsk0009.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.09.2012_13.03.18\tdlfs0000\tsk0010.dta Win64/Olmasco.AA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.09.2012_13.03.18\tdlfs0000\tsk0011.dta Win32/Olmasco.Q trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.09.2012_13.03.18\tdlfs0000\tsk0012.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.09.2012_13.03.18\tdlfs0000\tsk0014.dta Win32/Olmasco.AA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.09.2012_13.03.18\tdlfs0000\tsk0015.dta Win64/Olmasco.Z trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.09.2012_13.03.18\tdlfs0000\tsk0022.dta a variant of Win32/Olmarik.AYN trojan cleaned by deleting - quarantined


Running MBAM next.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:35 AM

Posted 16 September 2012 - 04:14 PM

Click on startmenu and type

cmd

Right click on it and select run as administrator and run these commands
diskpart
select disk 0
select partition 3
delete partition


Run LISTPARTS again and post the new log


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

Edited by narenxp, 16 September 2012 - 04:15 PM.


#15 Jaguarrl

Jaguarrl
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 17 September 2012 - 08:33 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by XXX (administrator) on 16-09-2012 at 16:40:34
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller = Local Area Connection 2 (Connected)
Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : XXX-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : cg.shawcable.net

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . : cg.shawcable.net
Description . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller #2
Physical Address. . . . . . . . . : 48-5B-39-31-C4-DB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f186:4359:d7e2:9a4e%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.199(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : September-16-12 3:11:11 PM
Lease Expires . . . . . . . . . . : September-17-12 3:11:11 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 306731833
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-71-1E-03-48-5B-39-31-CE-19
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 48-5B-39-31-CE-19
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.cg.shawcable.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : cg.shawcable.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:2871:32a:b9b4:af6b(Preferred)
Link-local IPv6 Address . . . . . : fe80::2871:32a:b9b4:af6b%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{FA564AF9-38E1-4B1D-BC86-3D5E3F5F6AC6}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 2607:f8b0:400a:800::1006
173.194.33.8
173.194.33.5
173.194.33.3
173.194.33.0
173.194.33.4
173.194.33.1
173.194.33.7
173.194.33.6
173.194.33.2
173.194.33.14
173.194.33.9


Pinging google.com [173.194.33.8] with 32 bytes of data:
Reply from 173.194.33.8: bytes=32 time=26ms TTL=57
Reply from 173.194.33.8: bytes=32 time=27ms TTL=57

Ping statistics for 173.194.33.8:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 26ms, Maximum = 27ms, Average = 26ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=62ms TTL=54
Reply from 98.138.253.109: bytes=32 time=71ms TTL=54

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 62ms, Maximum = 71ms, Average = 66ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...48 5b 39 31 c4 db ......Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller #2
10...48 5b 39 31 ce 19 ......Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.199 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.199 266
192.168.0.199 255.255.255.255 On-link 192.168.0.199 266
192.168.0.255 255.255.255.255 On-link 192.168.0.199 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.199 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.199 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:9d38:953c:2871:32a:b9b4:af6b/128
On-link
12 266 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::2871:32a:b9b4:af6b/128
On-link
12 266 fe80::f186:4359:d7e2:9a4e/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
12 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/16/2012 01:36:22 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/16/2012 01:36:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/16/2012 01:36:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/16/2012 01:21:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/16/2012 11:02:57 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/16/2012 09:52:04 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/15/2012 10:31:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/15/2012 09:49:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/15/2012 09:49:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/14/2012 10:28:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (09/16/2012 04:39:16 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (09/16/2012 04:39:16 PM) (Source: Service Control Manager) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (09/16/2012 04:39:15 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (09/16/2012 04:39:15 PM) (Source: Service Control Manager) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (09/16/2012 04:39:09 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (09/16/2012 04:39:09 PM) (Source: Service Control Manager) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (09/16/2012 04:39:08 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (09/16/2012 04:39:08 PM) (Source: Service Control Manager) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (09/16/2012 03:11:55 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (09/16/2012 03:11:49 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 9 service to connect.


Microsoft Office Sessions:
=========================
Error: (09/16/2012 01:36:22 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX\Desktop\esetsmartinstaller_enu.exe

Error: (09/16/2012 01:36:19 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX\Desktop\esetsmartinstaller_enu.exe

Error: (09/16/2012 01:36:19 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX\Desktop\esetsmartinstaller_enu.exe

Error: (09/16/2012 01:21:36 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX\Desktop\esetsmartinstaller_enu.exe

Error: (09/16/2012 11:02:57 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX\Downloads\esetsmartinstaller_enu.exe

Error: (09/16/2012 09:52:04 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX\Downloads\esetsmartinstaller_enu.exe

Error: (09/15/2012 10:31:36 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX\Downloads\esetsmartinstaller_enu.exe

Error: (09/15/2012 09:49:40 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX\Downloads\esetsmartinstaller_enu.exe

Error: (09/15/2012 09:49:37 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX\Downloads\esetsmartinstaller_enu.exe

Error: (09/14/2012 10:28:10 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3


=========================== Installed Programs ============================

Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Ad-Aware Antivirus (Version: 10.1.211.3382)
Ad-Aware Browsing Protection (Version: 0.9.0.2)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader 9.5.2 (Version: 9.5.2)
Adobe Shockwave Player 11.5 (Version: 11.5.6.606)
Akamai NetSession Interface
Akamai NetSession Interface Service
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.923.1)
AMD Catalyst Install Manager (Version: 8.0.873.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70405.2224)
ASUS VGA Driver (Version: 3.0.0.1)
ATI AVIVO64 Codecs (Version: 10.11.0.41110)
ATI Catalyst Registration (Version: 3.00.0000)
Avira Free Antivirus (Version: 12.0.0.1199)
AVS Screen Capture version 1.1.2
AVS Update Manager 1.0
AVS Video Editor 5
AVS Video Recorder 2.4
AVS4YOU Software Navigator 1.4
BlackBerry Desktop Software 5.0.1 (Version: 5.0.1.37)
BlackBerry Device Software Updater (Version: 6.0.1.27)
BlackBerry® Media Sync (Version: 3.0.0.39)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0405.2205.37728)
Catalyst Control Center Graphics Previews Common (Version: 2012.0405.2205.37728)
Catalyst Control Center InstallProxy (Version: 2012.0405.2205.37728)
Catalyst Control Center Localization All (Version: 2012.0405.2205.37728)
ccc-utility64 (Version: 2012.0405.2205.37728)
CCC Help Chinese Standard (Version: 2012.0405.2204.37728)
CCC Help Chinese Traditional (Version: 2012.0405.2204.37728)
CCC Help Czech (Version: 2012.0405.2204.37728)
CCC Help Danish (Version: 2012.0405.2204.37728)
CCC Help Dutch (Version: 2012.0405.2204.37728)
CCC Help English (Version: 2012.0405.2204.37728)
CCC Help Finnish (Version: 2012.0405.2204.37728)
CCC Help French (Version: 2012.0405.2204.37728)
CCC Help German (Version: 2012.0405.2204.37728)
CCC Help Greek (Version: 2012.0405.2204.37728)
CCC Help Hungarian (Version: 2012.0405.2204.37728)
CCC Help Italian (Version: 2012.0405.2204.37728)
CCC Help Japanese (Version: 2012.0405.2204.37728)
CCC Help Korean (Version: 2012.0405.2204.37728)
CCC Help Norwegian (Version: 2012.0405.2204.37728)
CCC Help Polish (Version: 2012.0405.2204.37728)
CCC Help Portuguese (Version: 2012.0405.2204.37728)
CCC Help Russian (Version: 2012.0405.2204.37728)
CCC Help Spanish (Version: 2012.0405.2204.37728)
CCC Help Swedish (Version: 2012.0405.2204.37728)
CCC Help Thai (Version: 2012.0405.2204.37728)
CCC Help Turkish (Version: 2012.0405.2204.37728)
Codec Pack - All In 1 6.0.3.0
CPUID CPU-Z 1.54
CPUID HWMonitor 1.16
Curse Client (Version: 4.0.1.170)
Darksiders II
Diablo III (Version: 1.0.2.9858)
DivX Setup (Version: 2.5.0.8)
DTVblizzcon (Version: 3.0.0.32)
eReg (Version: 1.20.138.34)
ESET Online Scanner v3
ffdshow v1.1.3721 [2011-01-07] (Version: 1.1.3721.0)
Fraps (remove only)
Google Desktop (Version: 5.9.1005.12335)
HyperCam 2
HyperCam Toolbar
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 35 (Version: 6.0.350)
Juniper Networks Setup Client (Version: 2.2.2.8317)
Juniper Terminal Services Client (Version: 7.0.0.16499)
Logitech SetPoint 6.15 (Version: 6.15.25)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
McAfee Security Scan Plus (Version: 3.0.207.4)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 7.1 (Version: 7.10.344.0)
Microsoft Office 2000 Professional (Version: 9.00.2720)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Naga Firmware Updater 1.13 (Version: 1.13.01)
Razer Naga (Version: 3.02.05)
Razer Synapse 2.0 (Version: 1.4.13)
Roxio Media Manager (Version: 9.4.067)
StarCraft II (Version: 1.5.2.22875)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.5.1016)
The Lord of the Rings FREE Trial (Version: 1.00.0000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VD64Inst (Version: 1.00.0000)
Ventrilo Client for Windows x64 (Version: 3.0.5.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
World of Logs Client
World of Warcraft (Version: 4.1.0.14007)
x264vfw - H.264/MPEG-4 AVC codec (remove only)
Z Engine (Version: 2.5.0.30_NA)

========================= Memory info: ===================================

Percentage of memory in use: 61%
Total physical RAM: 6135.12 MB
Available physical RAM: 2339.31 MB
Total Pagefile: 12268.43 MB
Available Pagefile: 7267.89 MB
Total Virtual: 4095.88 MB
Available Virtual: 3958.29 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:279.35 GB) (Free:138.53 GB) NTFS

========================= Users: ========================================

User accounts for \\XXX-PC

Administrator Guest XXX


**** End of log ****



Farbar Service Scanner Version: 06-08-2012
Ran by XXX (administrator) on 16-09-2012 at 16:42:30
Running from "C:\Users\XXX\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-09-11 22:23] - [2012-08-22 12:12] - 1913200 ____A (Microsoft Corporation) F782CAD3CEDBB3F9FFE3BF2775D92DDC

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


# AdwCleaner v2.002 - Logfile created 09/16/2012 at 16:43:34
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : XXX - XXX-PC
# Boot Mode : Normal
# Running from : C:\Users\XXX\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\HyperCam Toolbar
Folder Deleted : C:\Users\XXX\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\XXX\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\6akhwszr.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\SMTTB2009
Key Deleted : HKCU\Software\Somoto Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\6akhwszr.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [7963 octets] - [16/09/2012 16:43:35]

########## EOF - C:\AdwCleaner[S1].txt - [8023 octets] ##########




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users