Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google is not working


  • Please log in to reply
10 replies to this topic

#1 Kev1n

Kev1n

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 14 October 2012 - 10:53 PM

Hi guys google.com is not working for me. When I go to google.com it just shows a blank loading page, and after loading for about five minutes it says that it can't establish a connection to the server. I am using an antivirus software called Kaspersky Pure 2.0. After doing full scans and everything, google still won't work. However, when I use the yahoo search bar it works but Bing does not work. Anyone have an idea of why it is not working?

Oh and I forgot to mention that gmail works but not google docs or anything else google related.

Edited by hamluis, 15 October 2012 - 12:57 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 kingnick42

kingnick42

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 14 October 2012 - 11:48 PM

Do you have a firewall enabled?

Try clearing your cache as well.

Edited by kingnick42, 14 October 2012 - 11:52 PM.


#3 Kev1n

Kev1n
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 15 October 2012 - 12:06 AM

Ok so I cleared my cache but it still does not work. When I look at my firewall I am unable to change my settings. It says, "Widows Firewall cant change some of your settings. Error code 0x80070424."

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:11 PM

Posted 15 October 2012 - 12:43 PM

You may be infected

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#5 kingnick42

kingnick42

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 15 October 2012 - 02:51 PM

^^What's said there. Also, after you get this fixed, I'd advise replacing your AV with either NOD32 (paid) or Microsoft Security Essentials (free).

#6 Kev1n

Kev1n
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 15 October 2012 - 10:45 PM

Hi there, just finished all the things you have said but it still does not work. :(
Anyway here is the text:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-15 20:05:50
-----------------------------
20:05:50.251 OS Version: Windows x64 6.1.7601 Service Pack 1
20:05:50.251 Number of processors: 2 586 0xF06
20:05:50.251 ComputerName: DARA-PC UserName: Dara
20:06:01.883 Initialize success
20:07:32.446 AVAST engine defs: 12101501
20:08:03.837 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-2
20:08:03.844 Disk 0 Vendor: WDC_WD4000KD-00NAB0 01.06A01 Size: 381553MB BusType: 3
20:08:03.860 Disk 0 MBR read successfully
20:08:03.860 Disk 0 MBR scan
20:08:03.868 Disk 0 Windows 7 default MBR code
20:08:03.883 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
20:08:03.899 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 381451 MB offset 206848
20:08:03.930 Disk 0 scanning C:\Windows\system32\drivers
20:08:29.204 Service scanning
20:09:40.063 Modules scanning
20:09:40.094 Disk 0 trace - called modules:
20:09:40.110 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys
20:09:40.118 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002830690]
20:09:40.508 3 CLASSPNP.SYS[fffff88001e1743f] -> nt!IofCallDriver -> [0xfffffa800270e520]
20:09:40.508 5 ACPI.sys[fffff88000ec07a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-2[0xfffffa80026fe680]
20:09:44.837 AVAST engine scan C:\Windows
20:09:47.290 AVAST engine scan C:\Windows\system32
20:14:12.313 AVAST engine scan C:\Windows\system32\drivers
20:14:23.188 AVAST engine scan C:\Users\Dara
20:18:01.907 AVAST engine scan C:\ProgramData
20:21:49.922 Scan finished successfully
20:30:13.938 Disk 0 MBR has been saved successfully to "C:\Users\Dara\Desktop\MBR.dat"
20:30:13.985 The log file has been saved successfully to "C:\Users\Dara\Desktop\aswMBR.txt"

And for Eset:
C:\TDSSKiller_Quarantine\06.07.2012_21.48.48\mbr0000\tdlfs0000\tsk0006.ini Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.10.2012_19.19.43\mbr0000\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.10.2012_19.19.43\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.10.2012_19.19.43\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.10.2012_19.19.43\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.10.2012_19.19.43\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.NP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.10.2012_19.19.43\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.10.2012_19.19.43\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.10.2012_19.19.43\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.10.2012_19.19.43\mbr0000\tdlfs0000\tsk0014.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\Users\Dara\AppData\Local\{4939D68F-E756-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined
C:\Users\Dara\Downloads\DownloadManagerSetup.exe a variant of Win32/InstallCore.AC application cleaned by deleting - quarantined
C:\Users\Dara\Downloads\iLividSetupV1(1).exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\Dara\Downloads\iLividSetupV1.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\Dara\Downloads\WinZip165.exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined
C:\Windows\Installer\{fa4f973b-085b-0ead-fd3b-796fba011252}\U\00000004.@ Win64/Conedex.C trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5KEZO3OW\larissa_telit-wireless-solutions_com[1].htm HTML/Iframe.B.Gen virus deleted - quarantined

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:11 PM

Posted 15 October 2012 - 10:47 PM

Please post the TDSSkiller log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#8 Kev1n

Kev1n
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 15 October 2012 - 11:27 PM

19:19:43.0267 2860 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
19:19:43.0681 2860 ============================================================
19:19:43.0681 2860 Current date / time: 2012/10/15 19:19:43.0681
19:19:43.0681 2860 SystemInfo:
19:19:43.0681 2860
19:19:43.0681 2860 OS Version: 6.1.7601 ServicePack: 1.0
19:19:43.0681 2860 Product type: Workstation
19:19:43.0681 2860 ComputerName: DARA-PC
19:19:43.0681 2860 UserName: Dara
19:19:43.0681 2860 Windows directory: C:\Windows
19:19:43.0681 2860 System windows directory: C:\Windows
19:19:43.0681 2860 Running under WOW64
19:19:43.0681 2860 Processor architecture: Intel x64
19:19:43.0681 2860 Number of processors: 2
19:19:43.0681 2860 Page size: 0x1000
19:19:43.0681 2860 Boot type: Normal boot
19:19:43.0681 2860 ============================================================
19:19:44.0923 2860 Drive \Device\Harddisk0\DR0 - Size: 0x5D2710DE00 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xC9E1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
19:19:44.0939 2860 ============================================================
19:19:44.0939 2860 \Device\Harddisk0\DR0:
19:19:44.0939 2860 MBR partitions:
19:19:44.0939 2860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:19:44.0939 2860 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x2E905800
19:19:44.0939 2860 ============================================================
19:19:44.0962 2860 C: <-> \Device\Harddisk0\DR0\Partition2
19:19:45.0001 2860 ============================================================
19:19:45.0001 2860 Initialize success
19:19:45.0001 2860 ============================================================
19:19:57.0650 2484 ============================================================
19:19:57.0650 2484 Scan started
19:19:57.0650 2484 Mode: Manual; TDLFS;
19:19:57.0650 2484 ============================================================
19:19:58.0791 2484 ================ Scan system memory ========================
19:19:58.0791 2484 System memory - ok
19:19:58.0798 2484 ================ Scan services =============================
19:19:58.0900 2484 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:19:58.0908 2484 1394ohci - ok
19:19:58.0939 2484 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:19:58.0947 2484 ACPI - ok
19:19:58.0970 2484 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:19:58.0970 2484 AcpiPmi - ok
19:19:59.0080 2484 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:19:59.0080 2484 AdobeARMservice - ok
19:19:59.0142 2484 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:19:59.0150 2484 adp94xx - ok
19:19:59.0166 2484 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:19:59.0173 2484 adpahci - ok
19:19:59.0189 2484 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:19:59.0189 2484 adpu320 - ok
19:19:59.0212 2484 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:19:59.0220 2484 AeLookupSvc - ok
19:19:59.0267 2484 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:19:59.0275 2484 AFD - ok
19:19:59.0291 2484 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:19:59.0291 2484 agp440 - ok
19:19:59.0306 2484 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:19:59.0306 2484 ALG - ok
19:19:59.0322 2484 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:19:59.0322 2484 aliide - ok
19:19:59.0330 2484 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:19:59.0330 2484 amdide - ok
19:19:59.0337 2484 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:19:59.0337 2484 AmdK8 - ok
19:19:59.0345 2484 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:19:59.0345 2484 AmdPPM - ok
19:19:59.0369 2484 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:19:59.0369 2484 amdsata - ok
19:19:59.0392 2484 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:19:59.0392 2484 amdsbs - ok
19:19:59.0408 2484 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:19:59.0408 2484 amdxata - ok
19:19:59.0423 2484 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:19:59.0431 2484 AppID - ok
19:19:59.0447 2484 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:19:59.0447 2484 AppIDSvc - ok
19:19:59.0462 2484 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:19:59.0462 2484 Appinfo - ok
19:19:59.0517 2484 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:19:59.0525 2484 Apple Mobile Device - ok
19:19:59.0564 2484 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
19:19:59.0564 2484 AppMgmt - ok
19:19:59.0572 2484 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:19:59.0580 2484 arc - ok
19:19:59.0587 2484 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:19:59.0595 2484 arcsas - ok
19:19:59.0681 2484 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:19:59.0705 2484 aspnet_state - ok
19:19:59.0736 2484 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:19:59.0736 2484 AsyncMac - ok
19:19:59.0751 2484 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:19:59.0751 2484 atapi - ok
19:19:59.0791 2484 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:19:59.0798 2484 AudioEndpointBuilder - ok
19:19:59.0814 2484 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:19:59.0822 2484 AudioSrv - ok
19:19:59.0876 2484 [ 3D19081FEDE8E9EF5B4FBB5F88EE4544 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
19:19:59.0884 2484 AVP - ok
19:19:59.0908 2484 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:19:59.0908 2484 AxInstSV - ok
19:19:59.0931 2484 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:19:59.0939 2484 b06bdrv - ok
19:19:59.0962 2484 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:19:59.0970 2484 b57nd60a - ok
19:19:59.0986 2484 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:19:59.0986 2484 BDESVC - ok
19:20:00.0001 2484 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:20:00.0001 2484 Beep - ok
19:20:00.0017 2484 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:20:00.0017 2484 blbdrive - ok
19:20:00.0095 2484 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:20:00.0103 2484 Bonjour Service - ok
19:20:00.0126 2484 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:20:00.0126 2484 bowser - ok
19:20:00.0142 2484 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:20:00.0142 2484 BrFiltLo - ok
19:20:00.0150 2484 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:20:00.0150 2484 BrFiltUp - ok
19:20:00.0166 2484 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
19:20:00.0173 2484 Browser - ok
19:20:00.0205 2484 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\system32\DRIVERS\BrSerId.sys
19:20:00.0205 2484 Brserid - ok
19:20:00.0220 2484 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:20:00.0228 2484 BrSerWdm - ok
19:20:00.0228 2484 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:20:00.0228 2484 BrUsbMdm - ok
19:20:00.0236 2484 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
19:20:00.0236 2484 BrUsbSer - ok
19:20:00.0244 2484 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:20:00.0244 2484 BTHMODEM - ok
19:20:00.0259 2484 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:20:00.0259 2484 bthserv - ok
19:20:00.0275 2484 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:20:00.0283 2484 cdfs - ok
19:20:00.0298 2484 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:20:00.0298 2484 cdrom - ok
19:20:00.0322 2484 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:20:00.0322 2484 CertPropSvc - ok
19:20:00.0330 2484 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:20:00.0337 2484 circlass - ok
19:20:00.0353 2484 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:20:00.0361 2484 CLFS - ok
19:20:00.0408 2484 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:20:00.0423 2484 clr_optimization_v2.0.50727_32 - ok
19:20:00.0447 2484 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:20:00.0455 2484 clr_optimization_v2.0.50727_64 - ok
19:20:00.0517 2484 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:20:00.0666 2484 clr_optimization_v4.0.30319_32 - ok
19:20:00.0689 2484 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:20:00.0705 2484 clr_optimization_v4.0.30319_64 - ok
19:20:00.0712 2484 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:20:00.0712 2484 CmBatt - ok
19:20:00.0728 2484 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:20:00.0728 2484 cmdide - ok
19:20:00.0775 2484 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys
19:20:00.0783 2484 CNG - ok
19:20:00.0806 2484 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:20:00.0806 2484 Compbatt - ok
19:20:00.0830 2484 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:20:00.0830 2484 CompositeBus - ok
19:20:00.0837 2484 COMSysApp - ok
19:20:00.0853 2484 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:20:00.0853 2484 crcdisk - ok
19:20:00.0876 2484 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:20:00.0884 2484 CryptSvc - ok
19:20:00.0916 2484 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
19:20:00.0931 2484 CSC - ok
19:20:00.0970 2484 [ AB1201F8DE199E764DA9A32ABF71049C ] CSCrySec C:\Windows\system32\DRIVERS\CSCrySec.sys
19:20:00.0970 2484 CSCrySec - ok
19:20:01.0001 2484 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
19:20:01.0017 2484 CscService - ok
19:20:01.0103 2484 [ 6E5B42219F1FE4A3D087D9D501E343D5 ] CSObjectsSrv C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
19:20:01.0111 2484 CSObjectsSrv - ok
19:20:01.0150 2484 [ A6EED705BB510FA6B0F9F097165A3395 ] CSVirtualDiskDrv C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys
19:20:01.0150 2484 CSVirtualDiskDrv - ok
19:20:01.0181 2484 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:20:01.0228 2484 DcomLaunch - ok
19:20:01.0267 2484 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:20:01.0275 2484 defragsvc - ok
19:20:01.0298 2484 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:20:01.0298 2484 DfsC - ok
19:20:01.0322 2484 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:20:01.0330 2484 Dhcp - ok
19:20:01.0345 2484 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:20:01.0345 2484 discache - ok
19:20:01.0376 2484 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:20:01.0384 2484 Disk - ok
19:20:01.0400 2484 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
19:20:01.0408 2484 dmvsc - ok
19:20:01.0431 2484 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:20:01.0431 2484 Dnscache - ok
19:20:01.0447 2484 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:20:01.0455 2484 dot3svc - ok
19:20:01.0462 2484 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:20:01.0462 2484 DPS - ok
19:20:01.0494 2484 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:20:01.0494 2484 drmkaud - ok
19:20:01.0541 2484 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:20:01.0564 2484 DXGKrnl - ok
19:20:01.0587 2484 EagleX64 - ok
19:20:01.0603 2484 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:20:01.0603 2484 EapHost - ok
19:20:01.0712 2484 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:20:01.0798 2484 ebdrv - ok
19:20:01.0830 2484 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:20:01.0830 2484 EFS - ok
19:20:01.0876 2484 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:20:01.0892 2484 ehRecvr - ok
19:20:01.0908 2484 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:20:01.0908 2484 ehSched - ok
19:20:01.0931 2484 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:20:01.0939 2484 elxstor - ok
19:20:01.0962 2484 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:20:01.0962 2484 ErrDev - ok
19:20:01.0986 2484 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:20:01.0994 2484 EventSystem - ok
19:20:02.0001 2484 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:20:02.0001 2484 exfat - ok
19:20:02.0025 2484 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:20:02.0025 2484 fastfat - ok
19:20:02.0064 2484 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:20:02.0080 2484 Fax - ok
19:20:02.0095 2484 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:20:02.0095 2484 fdc - ok
19:20:02.0119 2484 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:20:02.0126 2484 fdPHost - ok
19:20:02.0134 2484 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:20:02.0142 2484 FDResPub - ok
19:20:02.0150 2484 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:20:02.0158 2484 FileInfo - ok
19:20:02.0181 2484 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:20:02.0322 2484 Filetrace - ok
19:20:02.0353 2484 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:20:02.0369 2484 flpydisk - ok
19:20:02.0462 2484 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:20:02.0517 2484 FltMgr - ok
19:20:02.0572 2484 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll
19:20:02.0587 2484 FontCache - ok
19:20:02.0634 2484 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:20:02.0642 2484 FontCache3.0.0.0 - ok
19:20:02.0658 2484 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:20:02.0658 2484 FsDepends - ok
19:20:02.0681 2484 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:20:02.0681 2484 Fs_Rec - ok
19:20:02.0712 2484 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:20:02.0720 2484 fvevol - ok
19:20:02.0728 2484 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:20:02.0728 2484 gagp30kx - ok
19:20:02.0751 2484 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:20:02.0751 2484 GEARAspiWDM - ok
19:20:02.0791 2484 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:20:02.0798 2484 gpsvc - ok
19:20:02.0806 2484 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:20:02.0806 2484 hcw85cir - ok
19:20:02.0845 2484 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:20:02.0853 2484 HdAudAddService - ok
19:20:02.0869 2484 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:20:02.0876 2484 HDAudBus - ok
19:20:02.0884 2484 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:20:02.0884 2484 HidBatt - ok
19:20:02.0892 2484 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:20:02.0892 2484 HidBth - ok
19:20:02.0908 2484 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:20:02.0908 2484 HidIr - ok
19:20:02.0923 2484 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:20:02.0923 2484 hidserv - ok
19:20:02.0947 2484 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:20:02.0947 2484 HidUsb - ok
19:20:02.0962 2484 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:20:02.0970 2484 hkmsvc - ok
19:20:02.0986 2484 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:20:02.0994 2484 HomeGroupListener - ok
19:20:03.0009 2484 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:20:03.0017 2484 HomeGroupProvider - ok
19:20:03.0033 2484 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:20:03.0033 2484 HpSAMD - ok
19:20:03.0072 2484 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:20:03.0080 2484 HTTP - ok
19:20:03.0087 2484 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:20:03.0087 2484 hwpolicy - ok
19:20:03.0111 2484 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:20:03.0119 2484 i8042prt - ok
19:20:03.0142 2484 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:20:03.0158 2484 iaStorV - ok
19:20:03.0212 2484 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:20:03.0236 2484 idsvc - ok
19:20:03.0251 2484 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:20:03.0251 2484 iirsp - ok
19:20:03.0291 2484 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:20:03.0306 2484 IKEEXT - ok
19:20:03.0314 2484 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:20:03.0314 2484 intelide - ok
19:20:03.0337 2484 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:20:03.0337 2484 intelppm - ok
19:20:03.0353 2484 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:20:03.0353 2484 IPBusEnum - ok
19:20:03.0369 2484 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:20:03.0369 2484 IpFilterDriver - ok
19:20:03.0376 2484 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:20:03.0376 2484 IPMIDRV - ok
19:20:03.0384 2484 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:20:03.0392 2484 IPNAT - ok
19:20:03.0431 2484 [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:20:03.0455 2484 iPod Service - ok
19:20:03.0478 2484 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:20:03.0478 2484 IRENUM - ok
19:20:03.0494 2484 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:20:03.0509 2484 isapnp - ok
19:20:03.0525 2484 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:20:03.0533 2484 iScsiPrt - ok
19:20:03.0548 2484 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:20:03.0548 2484 kbdclass - ok
19:20:03.0572 2484 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:20:03.0572 2484 kbdhid - ok
19:20:03.0587 2484 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:20:03.0587 2484 KeyIso - ok
19:20:03.0642 2484 [ 73BF91EFBE1F788D0615A396A9211A4B ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
19:20:03.0650 2484 KL1 - ok
19:20:03.0666 2484 [ DC3CF56209C6A19124FEDEF1CBFAF55B ] kl2 C:\Windows\system32\DRIVERS\kl2.sys
19:20:03.0673 2484 kl2 - ok
19:20:03.0736 2484 [ 06F1E403D712083930310EB4BA9032C2 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
19:20:03.0744 2484 KLIF - ok
19:20:03.0791 2484 [ 89FB5A33D7171B6D84F5EB721D5055E1 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
19:20:03.0791 2484 KLIM6 - ok
19:20:03.0806 2484 [ 9468D07E91BA136D82415F5DFC1FE168 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
19:20:03.0806 2484 klmouflt - ok
19:20:03.0830 2484 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:20:03.0830 2484 KSecDD - ok
19:20:03.0869 2484 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:20:03.0869 2484 KSecPkg - ok
19:20:03.0884 2484 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:20:03.0884 2484 ksthunk - ok
19:20:03.0908 2484 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:20:03.0916 2484 KtmRm - ok
19:20:03.0955 2484 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:20:03.0955 2484 LanmanServer - ok
19:20:03.0978 2484 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:20:03.0986 2484 LanmanWorkstation - ok
19:20:04.0017 2484 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:20:04.0017 2484 lltdio - ok
19:20:04.0048 2484 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:20:04.0056 2484 lltdsvc - ok
19:20:04.0064 2484 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:20:04.0064 2484 lmhosts - ok
19:20:04.0087 2484 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:20:04.0087 2484 LSI_FC - ok
19:20:04.0103 2484 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:20:04.0111 2484 LSI_SAS - ok
19:20:04.0126 2484 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:20:04.0126 2484 LSI_SAS2 - ok
19:20:04.0142 2484 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:20:04.0142 2484 LSI_SCSI - ok
19:20:04.0166 2484 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:20:04.0173 2484 luafv - ok
19:20:04.0189 2484 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:20:04.0197 2484 Mcx2Svc - ok
19:20:04.0205 2484 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:20:04.0205 2484 megasas - ok
19:20:04.0220 2484 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:20:04.0228 2484 MegaSR - ok
19:20:04.0283 2484 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
19:20:04.0283 2484 Microsoft Office Groove Audit Service - ok
19:20:04.0298 2484 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:20:04.0298 2484 MMCSS - ok
19:20:04.0314 2484 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:20:04.0314 2484 Modem - ok
19:20:04.0345 2484 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:20:04.0345 2484 monitor - ok
19:20:04.0361 2484 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:20:04.0361 2484 mouclass - ok
19:20:04.0376 2484 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:20:04.0376 2484 mouhid - ok
19:20:04.0392 2484 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:20:04.0392 2484 mountmgr - ok
19:20:04.0439 2484 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:20:04.0439 2484 MozillaMaintenance - ok
19:20:04.0462 2484 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:20:04.0462 2484 mpio - ok
19:20:04.0478 2484 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:20:04.0478 2484 mpsdrv - ok
19:20:04.0486 2484 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:20:04.0486 2484 MRxDAV - ok
19:20:04.0525 2484 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:20:04.0525 2484 mrxsmb - ok
19:20:04.0556 2484 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:20:04.0564 2484 mrxsmb10 - ok
19:20:04.0580 2484 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:20:04.0580 2484 mrxsmb20 - ok
19:20:04.0595 2484 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:20:04.0595 2484 msahci - ok
19:20:04.0611 2484 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:20:04.0611 2484 msdsm - ok
19:20:04.0626 2484 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:20:04.0626 2484 MSDTC - ok
19:20:04.0650 2484 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:20:04.0650 2484 Msfs - ok
19:20:04.0673 2484 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:20:04.0673 2484 mshidkmdf - ok
19:20:04.0689 2484 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:20:04.0689 2484 msisadrv - ok
19:20:04.0712 2484 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:20:04.0720 2484 MSiSCSI - ok
19:20:04.0720 2484 msiserver - ok
19:20:04.0744 2484 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:20:04.0744 2484 MSKSSRV - ok
19:20:04.0744 2484 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:20:04.0751 2484 MSPCLOCK - ok
19:20:04.0751 2484 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:20:04.0751 2484 MSPQM - ok
19:20:04.0775 2484 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:20:04.0783 2484 MsRPC - ok
19:20:04.0806 2484 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:20:04.0806 2484 mssmbios - ok
19:20:04.0814 2484 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:20:04.0814 2484 MSTEE - ok
19:20:04.0822 2484 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:20:04.0822 2484 MTConfig - ok
19:20:04.0837 2484 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:20:04.0837 2484 Mup - ok
19:20:04.0876 2484 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:20:04.0884 2484 napagent - ok
19:20:04.0916 2484 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:20:04.0923 2484 NativeWifiP - ok
19:20:04.0978 2484 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
19:20:05.0001 2484 NDIS - ok
19:20:05.0017 2484 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:20:05.0017 2484 NdisCap - ok
19:20:05.0033 2484 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:20:05.0041 2484 NdisTapi - ok
19:20:05.0048 2484 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:20:05.0048 2484 Ndisuio - ok
19:20:05.0072 2484 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:20:05.0072 2484 NdisWan - ok
19:20:05.0087 2484 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:20:05.0087 2484 NDProxy - ok
19:20:05.0119 2484 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:20:05.0119 2484 NetBIOS - ok
19:20:05.0134 2484 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:20:05.0142 2484 NetBT - ok
19:20:05.0150 2484 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:20:05.0150 2484 Netlogon - ok
19:20:05.0197 2484 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:20:05.0205 2484 Netman - ok
19:20:05.0259 2484 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:05.0322 2484 NetMsmqActivator - ok
19:20:05.0345 2484 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:05.0345 2484 NetPipeActivator - ok
19:20:05.0376 2484 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:20:05.0384 2484 netprofm - ok
19:20:05.0439 2484 [ 81B8D0C1CE44A7FDBD596B693783950C ] netr7364 C:\Windows\system32\DRIVERS\netr7364.sys
19:20:05.0455 2484 netr7364 - ok
19:20:05.0478 2484 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:05.0478 2484 NetTcpActivator - ok
19:20:05.0478 2484 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:05.0486 2484 NetTcpPortSharing - ok
19:20:05.0494 2484 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:20:05.0494 2484 nfrd960 - ok
19:20:05.0525 2484 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:20:05.0533 2484 NlaSvc - ok
19:20:05.0541 2484 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:20:05.0541 2484 Npfs - ok
19:20:05.0564 2484 npggsvc - ok
19:20:05.0572 2484 NPPTNT2 - ok
19:20:05.0595 2484 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:20:05.0603 2484 nsi - ok
19:20:05.0619 2484 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:20:05.0619 2484 nsiproxy - ok
19:20:05.0681 2484 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:20:05.0728 2484 Ntfs - ok
19:20:05.0751 2484 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:20:05.0751 2484 Null - ok
19:20:06.0111 2484 [ 0EB204639119370F5F8F2871FBF4E14B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:20:06.0462 2484 nvlddmkm - ok
19:20:06.0478 2484 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:20:06.0486 2484 nvraid - ok
19:20:06.0501 2484 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:20:06.0501 2484 nvstor - ok
19:20:06.0572 2484 [ 32FF8EE6DCEE5C0CB91FF892FB1CA364 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:20:06.0587 2484 nvsvc - ok
19:20:06.0681 2484 [ BD012DC22C78BE1071BC21EB125D782F ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:20:06.0744 2484 nvUpdatusService - ok
19:20:06.0759 2484 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:20:06.0767 2484 nv_agp - ok
19:20:06.0814 2484 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:20:06.0822 2484 odserv - ok
19:20:06.0845 2484 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:20:06.0845 2484 ohci1394 - ok
19:20:06.0884 2484 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:20:06.0884 2484 ose - ok
19:20:06.0916 2484 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:20:06.0916 2484 p2pimsvc - ok
19:20:06.0947 2484 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:20:06.0955 2484 p2psvc - ok
19:20:06.0978 2484 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:20:06.0978 2484 Parport - ok
19:20:07.0009 2484 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:20:07.0009 2484 partmgr - ok
19:20:07.0025 2484 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:20:07.0033 2484 PcaSvc - ok
19:20:07.0048 2484 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:20:07.0056 2484 pci - ok
19:20:07.0072 2484 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:20:07.0072 2484 pciide - ok
19:20:07.0095 2484 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:20:07.0095 2484 pcmcia - ok
19:20:07.0111 2484 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:20:07.0119 2484 pcw - ok
19:20:07.0142 2484 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:20:07.0158 2484 PEAUTH - ok
19:20:07.0212 2484 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:20:07.0251 2484 PeerDistSvc - ok
19:20:07.0306 2484 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:20:07.0306 2484 PerfHost - ok
19:20:07.0376 2484 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:20:07.0416 2484 pla - ok
19:20:07.0455 2484 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:20:07.0462 2484 PlugPlay - ok
19:20:07.0486 2484 PnkBstrA - ok
19:20:07.0509 2484 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:20:07.0626 2484 PNRPAutoReg - ok
19:20:07.0642 2484 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:20:07.0650 2484 PNRPsvc - ok
19:20:07.0689 2484 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:20:07.0697 2484 PolicyAgent - ok
19:20:07.0728 2484 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:20:07.0736 2484 Power - ok
19:20:07.0775 2484 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:20:07.0775 2484 PptpMiniport - ok
19:20:07.0791 2484 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:20:07.0791 2484 Processor - ok
19:20:07.0822 2484 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
19:20:07.0830 2484 ProfSvc - ok
19:20:07.0837 2484 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:20:07.0837 2484 ProtectedStorage - ok
19:20:07.0869 2484 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:20:07.0876 2484 Psched - ok
19:20:07.0931 2484 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:20:07.0978 2484 ql2300 - ok
19:20:07.0994 2484 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:20:07.0994 2484 ql40xx - ok
19:20:08.0009 2484 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:20:08.0017 2484 QWAVE - ok
19:20:08.0033 2484 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:20:08.0033 2484 QWAVEdrv - ok
19:20:08.0041 2484 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:20:08.0041 2484 RasAcd - ok
19:20:08.0064 2484 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:20:08.0064 2484 RasAgileVpn - ok
19:20:08.0080 2484 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:20:08.0087 2484 RasAuto - ok
19:20:08.0111 2484 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:20:08.0111 2484 Rasl2tp - ok
19:20:08.0134 2484 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:20:08.0142 2484 RasMan - ok
19:20:08.0158 2484 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:20:08.0158 2484 RasPppoe - ok
19:20:08.0166 2484 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:20:08.0173 2484 RasSstp - ok
19:20:08.0189 2484 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:20:08.0197 2484 rdbss - ok
19:20:08.0212 2484 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:20:08.0212 2484 rdpbus - ok
19:20:08.0220 2484 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:20:08.0220 2484 RDPCDD - ok
19:20:08.0244 2484 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:20:08.0244 2484 RDPDR - ok
19:20:08.0275 2484 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:20:08.0275 2484 RDPENCDD - ok
19:20:08.0283 2484 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:20:08.0283 2484 RDPREFMP - ok
19:20:08.0306 2484 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:20:08.0314 2484 RDPWD - ok
19:20:08.0330 2484 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:20:08.0330 2484 rdyboost - ok
19:20:08.0361 2484 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:20:08.0369 2484 RemoteAccess - ok
19:20:08.0384 2484 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:20:08.0392 2484 RemoteRegistry - ok
19:20:08.0408 2484 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:20:08.0408 2484 RpcEptMapper - ok
19:20:08.0431 2484 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:20:08.0439 2484 RpcLocator - ok
19:20:08.0462 2484 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:20:08.0462 2484 RpcSs - ok
19:20:08.0486 2484 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:20:08.0486 2484 rspndr - ok
19:20:08.0501 2484 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:20:08.0501 2484 s3cap - ok
19:20:08.0525 2484 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:20:08.0525 2484 SamSs - ok
19:20:08.0533 2484 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:20:08.0533 2484 sbp2port - ok
19:20:08.0556 2484 SBRE - ok
19:20:08.0580 2484 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:20:08.0580 2484 SCardSvr - ok
19:20:08.0595 2484 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:20:08.0595 2484 scfilter - ok
19:20:08.0634 2484 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:20:08.0650 2484 Schedule - ok
19:20:08.0673 2484 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:20:08.0673 2484 SCPolicySvc - ok
19:20:08.0697 2484 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:20:08.0697 2484 SDRSVC - ok
19:20:08.0705 2484 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:20:08.0712 2484 secdrv - ok
19:20:08.0720 2484 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:20:08.0728 2484 seclogon - ok
19:20:08.0736 2484 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:20:08.0736 2484 SENS - ok
19:20:08.0751 2484 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:20:08.0751 2484 SensrSvc - ok
19:20:08.0767 2484 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:20:08.0767 2484 Serenum - ok
19:20:08.0783 2484 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:20:08.0783 2484 Serial - ok
19:20:08.0798 2484 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:20:08.0798 2484 sermouse - ok
19:20:08.0830 2484 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:20:08.0830 2484 SessionEnv - ok
19:20:08.0837 2484 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:20:08.0837 2484 sffdisk - ok
19:20:08.0845 2484 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:20:08.0845 2484 sffp_mmc - ok
19:20:08.0853 2484 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:20:08.0853 2484 sffp_sd - ok
19:20:08.0861 2484 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:20:08.0861 2484 sfloppy - ok
19:20:08.0884 2484 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:20:08.0892 2484 ShellHWDetection - ok
19:20:08.0908 2484 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:20:08.0908 2484 SiSRaid2 - ok
19:20:08.0923 2484 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:20:08.0923 2484 SiSRaid4 - ok
19:20:08.0947 2484 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:20:08.0955 2484 Smb - ok
19:20:08.0970 2484 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:20:08.0970 2484 SNMPTRAP - ok
19:20:08.0986 2484 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:20:08.0986 2484 spldr - ok
19:20:09.0017 2484 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
19:20:09.0033 2484 Spooler - ok
19:20:09.0150 2484 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:20:09.0244 2484 sppsvc - ok
19:20:09.0251 2484 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:20:09.0259 2484 sppuinotify - ok
19:20:09.0298 2484 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:20:09.0306 2484 srv - ok
19:20:09.0322 2484 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:20:09.0330 2484 srv2 - ok
19:20:09.0353 2484 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:20:09.0353 2484 srvnet - ok
19:20:09.0392 2484 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:20:09.0400 2484 SSDPSRV - ok
19:20:09.0416 2484 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:20:09.0416 2484 SstpSvc - ok
19:20:09.0439 2484 Steam Client Service - ok
19:20:09.0455 2484 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:20:09.0455 2484 stexstor - ok
19:20:09.0501 2484 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:20:09.0517 2484 stisvc - ok
19:20:09.0533 2484 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:20:09.0541 2484 storflt - ok
19:20:09.0564 2484 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
19:20:09.0572 2484 StorSvc - ok
19:20:09.0603 2484 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:20:09.0603 2484 storvsc - ok
19:20:09.0619 2484 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:20:09.0619 2484 swenum - ok
19:20:09.0642 2484 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:20:09.0658 2484 swprv - ok
19:20:09.0744 2484 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:20:09.0814 2484 SysMain - ok
19:20:09.0837 2484 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:20:09.0845 2484 TabletInputService - ok
19:20:09.0869 2484 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:20:09.0876 2484 TapiSrv - ok
19:20:09.0884 2484 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:20:09.0892 2484 TBS - ok
19:20:09.0970 2484 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:20:10.0017 2484 Tcpip - ok
19:20:10.0080 2484 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:20:10.0095 2484 TCPIP6 - ok
19:20:10.0103 2484 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:20:10.0111 2484 tcpipreg - ok
19:20:10.0119 2484 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:20:10.0126 2484 TDPIPE - ok
19:20:10.0142 2484 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:20:10.0150 2484 TDTCP - ok
19:20:10.0166 2484 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:20:10.0166 2484 tdx - ok
19:20:10.0181 2484 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:20:10.0181 2484 TermDD - ok
19:20:10.0212 2484 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:20:10.0228 2484 TermService - ok
19:20:10.0244 2484 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:20:10.0251 2484 Themes - ok
19:20:10.0259 2484 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:20:10.0259 2484 THREADORDER - ok
19:20:10.0275 2484 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:20:10.0275 2484 TrkWks - ok
19:20:10.0314 2484 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:20:10.0314 2484 TrustedInstaller - ok
19:20:10.0330 2484 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:20:10.0330 2484 tssecsrv - ok
19:20:10.0353 2484 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:20:10.0353 2484 TsUsbFlt - ok
19:20:10.0361 2484 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:20:10.0361 2484 TsUsbGD - ok
19:20:10.0392 2484 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:20:10.0392 2484 tunnel - ok
19:20:10.0408 2484 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:20:10.0416 2484 uagp35 - ok
19:20:10.0431 2484 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:20:10.0439 2484 udfs - ok
19:20:10.0455 2484 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:20:10.0455 2484 UI0Detect - ok
19:20:10.0470 2484 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:20:10.0470 2484 uliagpkx - ok
19:20:10.0494 2484 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:20:10.0494 2484 umbus - ok
19:20:10.0509 2484 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:20:10.0509 2484 UmPass - ok
19:20:10.0533 2484 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
19:20:10.0541 2484 UmRdpService - ok
19:20:10.0564 2484 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:20:10.0572 2484 upnphost - ok
19:20:10.0587 2484 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:20:10.0587 2484 USBAAPL64 - ok
19:20:10.0611 2484 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:20:10.0611 2484 usbccgp - ok
19:20:10.0626 2484 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:20:10.0626 2484 usbcir - ok
19:20:10.0642 2484 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:20:10.0650 2484 usbehci - ok
19:20:10.0666 2484 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:20:10.0673 2484 usbhub - ok
19:20:10.0689 2484 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:20:10.0689 2484 usbohci - ok
19:20:10.0705 2484 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:20:10.0705 2484 usbprint - ok
19:20:10.0728 2484 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:20:10.0736 2484 usbscan - ok
19:20:10.0759 2484 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:20:10.0759 2484 USBSTOR - ok
19:20:10.0775 2484 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:20:10.0775 2484 usbuhci - ok
19:20:10.0791 2484 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:20:10.0791 2484 UxSms - ok
19:20:10.0806 2484 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:20:10.0806 2484 VaultSvc - ok
19:20:10.0822 2484 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:20:10.0822 2484 vdrvroot - ok
19:20:10.0853 2484 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:20:10.0861 2484 vds - ok
19:20:10.0876 2484 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:20:10.0884 2484 vga - ok
19:20:10.0892 2484 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:20:10.0892 2484 VgaSave - ok
19:20:10.0916 2484 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:20:10.0916 2484 vhdmp - ok
19:20:10.0931 2484 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:20:10.0931 2484 viaide - ok
19:20:10.0947 2484 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:20:10.0955 2484 vmbus - ok
19:20:10.0970 2484 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:20:10.0970 2484 VMBusHID - ok
19:20:10.0986 2484 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:20:10.0986 2484 volmgr - ok
19:20:11.0017 2484 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:20:11.0025 2484 volmgrx - ok
19:20:11.0041 2484 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:20:11.0048 2484 volsnap - ok
19:20:11.0064 2484 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:20:11.0072 2484 vsmraid - ok
19:20:11.0142 2484 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:20:11.0189 2484 VSS - ok
19:20:11.0212 2484 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:20:11.0212 2484 vwifibus - ok
19:20:11.0228 2484 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:20:11.0228 2484 vwififlt - ok
19:20:11.0259 2484 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:20:11.0267 2484 W32Time - ok
19:20:11.0275 2484 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:20:11.0275 2484 WacomPen - ok
19:20:11.0298 2484 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:20:11.0298 2484 WANARP - ok
19:20:11.0306 2484 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:20:11.0306 2484 Wanarpv6 - ok
19:20:11.0369 2484 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:20:11.0400 2484 WatAdminSvc - ok
19:20:11.0439 2484 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:20:11.0470 2484 wbengine - ok
19:20:11.0494 2484 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:20:11.0509 2484 WbioSrvc - ok
19:20:11.0525 2484 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:20:11.0541 2484 wcncsvc - ok
19:20:11.0556 2484 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:20:11.0564 2484 WcsPlugInService - ok
19:20:11.0572 2484 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:20:11.0580 2484 Wd - ok
19:20:11.0611 2484 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:20:11.0619 2484 Wdf01000 - ok
19:20:11.0634 2484 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:20:11.0634 2484 WdiServiceHost - ok
19:20:11.0642 2484 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:20:11.0642 2484 WdiSystemHost - ok
19:20:11.0666 2484 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:20:11.0673 2484 WebClient - ok
19:20:11.0689 2484 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:20:11.0689 2484 Wecsvc - ok
19:20:11.0697 2484 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:20:11.0705 2484 wercplsupport - ok
19:20:11.0744 2484 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:20:11.0744 2484 WerSvc - ok
19:20:11.0783 2484 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:20:11.0798 2484 WfpLwf - ok
19:20:11.0830 2484 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:20:11.0830 2484 WIMMount - ok
19:20:11.0845 2484 WinHttpAutoProxySvc - ok
19:20:11.0892 2484 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:20:11.0900 2484 Winmgmt - ok
19:20:11.0970 2484 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:20:12.0033 2484 WinRM - ok
19:20:12.0072 2484 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:20:12.0072 2484 WinUsb - ok
19:20:12.0119 2484 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:20:12.0134 2484 Wlansvc - ok
19:20:12.0142 2484 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:20:12.0142 2484 WmiAcpi - ok
19:20:12.0166 2484 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:20:12.0166 2484 wmiApSrv - ok
19:20:12.0189 2484 WMPNetworkSvc - ok
19:20:12.0205 2484 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:20:12.0205 2484 WPCSvc - ok
19:20:12.0220 2484 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:20:12.0236 2484 WPDBusEnum - ok
19:20:12.0244 2484 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:20:12.0251 2484 ws2ifsl - ok
19:20:12.0259 2484 WSearch - ok
19:20:12.0283 2484 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:20:12.0298 2484 WudfPf - ok
19:20:12.0361 2484 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:20:12.0384 2484 WUDFRd - ok
19:20:12.0400 2484 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:20:12.0431 2484 wudfsvc - ok
19:20:12.0470 2484 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:20:12.0478 2484 WwanSvc - ok
19:20:12.0572 2484 X6va006 - ok
19:20:12.0611 2484 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
19:20:12.0619 2484 yukonw7 - ok
19:20:12.0626 2484 ================ Scan global ===============================
19:20:12.0650 2484 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:20:12.0681 2484 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:20:12.0697 2484 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:20:12.0720 2484 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:20:12.0736 2484 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:20:12.0744 2484 [Global] - ok
19:20:12.0744 2484 ================ Scan MBR ==================================
19:20:12.0751 2484 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:20:12.0751 2484 Suspicious mbr (Forged): \Device\Harddisk0\DR0
19:20:12.0791 2484 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
19:20:12.0791 2484 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
19:20:12.0837 2484 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:20:12.0837 2484 \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:20:12.0837 2484 ================ Scan VBR ==================================
19:20:12.0837 2484 [ 17D89F9BC2FB38D043A8659301128178 ] \Device\Harddisk0\DR0\Partition1
19:20:12.0837 2484 \Device\Harddisk0\DR0\Partition1 - ok
19:20:12.0861 2484 [ 5DADC373B17E2ECB62D7DAFBA25456FB ] \Device\Harddisk0\DR0\Partition2
19:20:12.0869 2484 \Device\Harddisk0\DR0\Partition2 - ok
19:20:12.0869 2484 ============================================================
19:20:12.0869 2484 Scan finished
19:20:12.0869 2484 ============================================================
19:20:12.0876 2392 Detected object count: 2
19:20:12.0876 2392 Actual detected object count: 2
19:20:37.0955 2392 \Device\Harddisk0\DR0\# - copied to quarantine
19:20:37.0962 2392 \Device\Harddisk0\DR0 - copied to quarantine
19:20:37.0978 2392 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
19:20:37.0978 2392 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
19:20:37.0986 2392 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
19:20:37.0986 2392 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
19:20:38.0017 2392 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
19:20:38.0025 2392 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
19:20:38.0025 2392 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
19:20:38.0025 2392 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
19:20:38.0025 2392 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
19:20:38.0025 2392 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
19:20:38.0033 2392 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
19:20:38.0033 2392 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
19:20:38.0033 2392 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
19:20:38.0033 2392 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
19:20:38.0041 2392 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
19:20:38.0048 2392 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
19:20:38.0048 2392 \Device\Harddisk0\DR0 - ok
19:20:39.0189 2392 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
19:20:39.0189 2392 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:20:39.0189 2392 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
19:20:52.0001 1000 Deinitialize success


MiniToolBox by Farbar Version: 23-07-2012
Ran by Dara (administrator) on 15-10-2012 at 20:51:07
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


94.63.147.16 www.google.com
94.63.147.17 www.bing.com


========================= IP Configuration: ================================

Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Dara-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 00-16-E6-85-72-21
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7073:e7c5:e9b2:f50d%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.136(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, October 15, 2012 7:21:49 PM
Lease Expires . . . . . . . . . . : Tuesday, October 16, 2012 7:21:48 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 234886886
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-5D-9D-2D-00-16-E6-85-72-21
DNS Servers . . . . . . . . . . . : 192.168.7.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{29FEE003-CE62-486A-BE5A-3D1D8DF72D7B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.7.254

Name: google.com
Addresses: 2607:f8b0:4000:800::1005
74.125.227.133
74.125.227.134
74.125.227.135
74.125.227.136
74.125.227.137
74.125.227.142
74.125.227.128
74.125.227.129
74.125.227.130
74.125.227.131
74.125.227.132


Pinging google.com [74.125.227.40] with 32 bytes of data:
Reply from 74.125.227.40: bytes=32 time=57ms TTL=50
Reply from 74.125.227.40: bytes=32 time=57ms TTL=50

Ping statistics for 74.125.227.40:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 57ms, Maximum = 57ms, Average = 57ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.7.254

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=196ms TTL=42
Reply from 98.139.183.24: bytes=32 time=179ms TTL=42

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 179ms, Maximum = 196ms, Average = 187ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.7.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 16 e6 85 72 21 ......Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.136 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.136 276
192.168.0.136 255.255.255.255 On-link 192.168.0.136 276
192.168.0.255 255.255.255.255 On-link 192.168.0.136 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.136 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.136 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::7073:e7c5:e9b2:f50d/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/15/2012 08:44:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/15/2012 08:44:22 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/15/2012 08:44:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/15/2012 08:44:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/15/2012 07:28:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/15/2012 07:23:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2012 07:22:35 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (10/15/2012 04:23:23 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (10/15/2012 04:07:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0xaa0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (10/15/2012 04:05:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0x704
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (10/15/2012 07:23:59 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (10/15/2012 07:23:59 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/15/2012 07:21:54 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (10/15/2012 07:21:54 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/15/2012 07:21:53 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/15/2012 07:21:53 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (10/15/2012 07:21:52 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (10/15/2012 04:23:32 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/15/2012 04:23:32 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (10/15/2012 03:49:37 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

7-Zip 9.20
Adobe Digital Editions 2.0 (Version: 2.0)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Aleks 3.16
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.14)
Dota 2
iTunes (Version: 10.5.3.3)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Kaspersky PURE 2.0 (Version: 12.0.1.288)
League of Legends (Version: 1.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 16.0.1 (x86 en-US) (Version: 16.0.1)
Mozilla Maintenance Service (Version: 16.0.1)
NVIDIA Control Panel 296.10 (Version: 296.10)
NVIDIA Graphics Driver 296.10 (Version: 296.10)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Update 1.7.11 (Version: 1.7.11)
NVIDIA Update Components (Version: 1.7.11)
PunkBuster Services (Version: 0.992)
Steam (Version: 1.0.0.0)
System Requirements Lab CYRI (Version: 4.5.1.0)
WinZip 16.5 (Version: 16.5.10095)

========================= Memory info: ===================================

Percentage of memory in use: 54%
Total physical RAM: 2046.49 MB
Available physical RAM: 926.5 MB
Total Pagefile: 4092.98 MB
Available Pagefile: 2822.57 MB
Total Virtual: 4095.88 MB
Available Virtual: 3959.2 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:372.51 GB) (Free:326.53 GB) NTFS

========================= Users: ========================================

User accounts for \\DARA-PC

Administrator Dara Guest
UpdatusUser

========================= Restore Points ==================================

02-10-2012 03:25:41 Scheduled Checkpoint
10-10-2012 00:57:05 Scheduled Checkpoint
15-10-2012 03:38:27 Removed Adobe Acrobat X Pro - English, Français, Deutsch.
15-10-2012 04:59:27 Removed Microsoft Silverlight


Farbar Service Scanner Version: 07-10-2012
Ran by Dara (administrator) on 15-10-2012 at 20:53:43
Running from "C:\Users\Dara\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


# AdwCleaner v2.005 - Logfile created 10/15/2012 at 20:56:48
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Dara - DARA-PC
# Boot Mode : Normal
# Running from : C:\Users\Dara\Downloads\adwcleaner(1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Funmoods
Folder Deleted : C:\Users\Dara\AppData\Local\Conduit
Folder Deleted : C:\Users\Dara\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Dara\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Dara\AppData\LocalLow\Funmoods
Folder Deleted : C:\Users\Dara\AppData\LocalLow\PriceGong

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Funmoods
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3223702
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Funmoods
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.funmoods.com/?f=2&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1QzutDtDtCyC0EyCzzyDyBtBtBtCtD0CtCyEtN0D0Tzu0CtBtByDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=752764436 --> hxxp://www.google.com

-\\ Mozilla Firefox v16.0.1 (en-US)

Profile name : default-1350024674510 [Profil par défaut]
File : C:\Users\Dara\AppData\Roaming\Mozilla\Firefox\Profiles\qfa36km8.default-1350024674510\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Dara\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Chromium v [Unable to get version]

File : C:\Users\Dara\AppData\Local\Chromium\User Data\Default\Preferences

Deleted [l.3] : urls_to_restore_on_startup = [ "hxxp://start.funmoods.com/?f=1&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1QzutDtDtCyC0EyCzzyDyBtBtBtCtD0CtCyEtN0D0Tzu0CtBtByDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=752764436" ],
Deleted [l.7] : homepage = "hxxp://start.funmoods.com/?f=1&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1QzutDtDtCyC0EyCzzyDyBtBtBtCtD0CtCyEtN0D0Tzu0CtBtByDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=752764436",

*************************

AdwCleaner[R1].txt - [4527 octets] - [15/10/2012 20:55:37]
AdwCleaner[S2].txt - [4286 octets] - [15/10/2012 20:56:48]

########## EOF - C:\AdwCleaner[S2].txt - [4346 octets] ##########


unkware Removal Tool (JRT) by Thisisu
Version: 1.6.4 (10.15.2012)
OS: Windows 7 Professional x64
Ran by Dara on Mon 10/15/2012 at 21:00:04.39
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}



*** Files: 0 Detections



*** Folders:

Successfully deleted: [FOLDER] "C:\Users\Dara\AppData\Roaming\pc cleaners"
Successfully deleted: [FOLDER] "C:\Users\Dara\AppData\Roaming\pcpro"



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Mon 10/15/2012 at 21:19:11.92
End of Report

I will send the malwarebytes report tomorrow because I am going to bed early today. Thanks!

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:11 PM

Posted 15 October 2012 - 11:38 PM

Ok,Post the malwarebytes log tomorrow.Also do the following scans

Run the hosts fix

http://go.microsoft.com/?linkid=9668866

Restart the PC


Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

Edited by narenxp, 15 October 2012 - 11:38 PM.


#10 Kev1n

Kev1n
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 16 October 2012 - 12:46 AM

Hi there! After doing the eset services repair tool and restarting the computer google works again! Thank you!!

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:11 PM

Posted 16 October 2012 - 12:47 AM

Grt :)

Still need malwarebytes ,farbar service scanner RKILL,Autoruns logs.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users