Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Secutiy Center glitching and freeze/blue screen


  • Please log in to reply
9 replies to this topic

#1 obliviousnube

obliviousnube

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 18 October 2012 - 01:31 PM

Hello all,
HP m8530f PC 64 bit edition
I have been experiencing problems with my security center. I run avast free and Windows Defender, When I boot up the computer a Security Center warning pops up in the bottom tool bar that tells me to check Security Center and that shows that Avast and Defender are not on. If I hover over the Avast icon it tells me "your system is secured". If I open Security Center it shows both are turned off and after about 5 minutes avast will show that it is on and Defender is off, Security Center also will continuously run and I can not close the window, as if it is loading. If I click on "show malware available protection" it opens a window that shows Avast "on" and Defender "off" click to turn on Defender and it checks for definitions and then a pop says no new definitions available and Defender is turned on. There are different variations of this glitch so it is somewhat hard to explain. I am also now experiencing freeze up and a blue screen error, I do get a session crashed pop up when re-opening firefox 16.0.1, but it also just froze with nothing open yesterday.
Now the qualifier, my son had been using this computer and he tried to put it into some sort of "GOD MODE", probably 3 months ago now. I have no clue as to what this God Mode is, but I did find out that it does not work with a 64 bit system. It completely crashed the computer, but I was able to run a system restore to a point well before he tried this god mode and security center has been glitching ever since, it seems though that it is getting progressively worse. Registry issues?, but in the back of my head I think there may also be a virus. I have run Avast and super anti-spyware free with no problems found.

I ran rkill and it seemed inconclusive;
Processes terminated by Rkill or while it was running:

C:\USERS\OFFICE-PC\APPDATA\ROAMING\SANDISK\SANSA UPDATER\SANSADISPATCH.EXE

So, before I take it to a repair facility I thought I would run this past you Gurus!!

I know I most likely left much needed info out so please let me know what info you need if you are interested in trying to help me solve this issue.
Thanks

Note: Blue screen error:
Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.0.6002.2.2.0.768.3
Locale ID: 1033

Additional information about the problem:
BCCode: 1e
BCP1: FFFFFFFFC0000005
BCP2: FFFFF80002860D07
BCP3: 0000000000000000
BCP4: FFFFFFFFFFFFFFFF
OS Version: 6_0_6002
Service Pack: 2_0
Product: 768_1

Files that help describe the problem:
C:\WINDOWS\Minidump\Mini101812-03.dmp
C:\Users\Office-PC\AppData\Local\Temp\WER-50544-0.sysdata.xml
C:\Users\Office-PC\AppData\Local\Temp\WERE0AD.tmp.version.txt

Mod Edit: Moved to AII - Hamluis.

Edited by obliviousnube, 18 October 2012 - 10:32 PM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:07 PM

Posted 23 October 2012 - 09:56 PM

Hello, this may not be malware but we'll check before we send you anywhere else.
This is a common driver error,usually video. I have also seen this with a loose video card.
Let me know if it's improved after these..


Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.





Please Download

TDSSkiller


Launch it. Click on change parameters-Select TDLFS file system

Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.


Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.





Please download AdwCleaner by Xplode onto your desktop.


[list]
[*]Close all open programs and internet browsers.
[*]Double click on adwcleaner.exe to run the tool.
[*]Click on Delete.
[*]Confirm each time with Ok.
[*]You will be prompted to restart your computer. A text file will open after the restart.
[*]Please post the contents of that logfile with your next reply.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 obliviousnube

obliviousnube
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 24 October 2012 - 11:19 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Office-PC (administrator) on 24-10-2012 at 09:11:37
Windows ™ Vista Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================



# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Office-PC-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NETGEAR WNDA3100v2 N600 Wireless Dual Band USB Adapter
Physical Address. . . . . . . . . : E0-91-F5-3F-A5-F0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::10a1:e615:3c9c:cd70%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.7(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, October 23, 2012 1:01:26 PM
Lease Expires . . . . . . . . . . : Thursday, October 25, 2012 9:03:03 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 283152885
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-8E-2B-A6-00-1F-C6-6F-C1-9B
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet
Physical Address. . . . . . . . . : 00-1F-C6-6F-C1-9B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D1D192F9-747B-4268-8605-75129AA605CD}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{0F60EDCC-1E38-477B-8D8A-4B55BCFFA9BE}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1425:c05:3f57:fef8(Preferred)
Link-local IPv6 Address . . . . . : fe80::1425:c05:3f57:fef8%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2001:4860:4001:801::1005
74.125.224.137
74.125.224.131
74.125.224.135
74.125.224.142
74.125.224.132
74.125.224.130
74.125.224.134
74.125.224.128
74.125.224.133
74.125.224.136
74.125.224.129



Pinging google.com [74.125.224.68] with 32 bytes of data:

Reply from 74.125.224.68: bytes=32 time=21ms TTL=55

Reply from 74.125.224.68: bytes=32 time=19ms TTL=55



Ping statistics for 74.125.224.68:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 19ms, Maximum = 21ms, Average = 20ms

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
72.30.38.140



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=39ms TTL=53

Reply from 72.30.38.140: bytes=32 time=33ms TTL=53



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 33ms, Maximum = 39ms, Average = 36ms

Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...e0 91 f5 3f a5 f0 ...... NETGEAR WNDA3100v2 N600 Wireless Dual Band USB Adapter
10 ...00 1f c6 6f c1 9b ...... NVIDIA nForce 10/100/1000 Mbps Ethernet
1 ........................... Software Loopback Interface 1
14 ...00 00 00 00 00 00 00 e0 isatap.{D1D192F9-747B-4268-8605-75129AA605CD}
15 ...00 00 00 00 00 00 00 e0 isatap.{0F60EDCC-1E38-477B-8D8A-4B55BCFFA9BE}
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.7 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.7 281
192.168.1.7 255.255.255.255 On-link 192.168.1.7 281
192.168.1.255 255.255.255.255 On-link 192.168.1.7 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.7 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.7 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 18 ::/0 On-link
1 306 ::1/128 On-link
12 18 2001::/32 On-link
12 266 2001:0:4137:9e76:1425:c05:3f57:fef8/128
On-link
11 281 fe80::/64 On-link
12 266 fe80::/64 On-link
11 281 fe80::10a1:e615:3c9c:cd70/128
On-link
12 266 fe80::1425:c05:3f57:fef8/128
On-link
1 306 ff00::/8 On-link
12 266 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/24/2012 09:02:52 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40758162

Error: (10/24/2012 09:02:52 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40758162

Error: (10/24/2012 09:02:52 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/24/2012 09:02:51 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40757164

Error: (10/24/2012 09:02:51 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40757164

Error: (10/24/2012 09:02:51 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/24/2012 09:02:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40756134

Error: (10/24/2012 09:02:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40756134

Error: (10/24/2012 09:02:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/23/2012 09:43:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1045


System errors:
=============
Error: (10/19/2012 04:44:17 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:41:02 PM on 10/19/2012 was unexpected.

Error: (10/19/2012 08:56:09 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:53:57 AM on 10/19/2012 was unexpected.

Error: (10/19/2012 08:50:57 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:42:21 AM on 10/19/2012 was unexpected.

Error: (10/19/2012 08:41:33 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: 0x80070643Definition Update for Windows Defender - KB915597 (Definition 1.139.124.0){1D9EE362-7370-4F17-A8A0-AACA097D03C5}200

Error: (10/18/2012 08:27:55 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:24:34 PM on 10/18/2012 was unexpected.

Error: (10/18/2012 08:22:34 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:18:23 PM on 10/18/2012 was unexpected.

Error: (10/18/2012 05:30:15 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk5\DR7, has a bad block.

Error: (10/18/2012 05:30:09 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk5\DR7, has a bad block.

Error: (10/18/2012 05:30:02 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk5\DR7, has a bad block.

Error: (10/18/2012 05:29:52 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk5\DR7, has a bad block.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Apple Mobile Device Support (Version: 5.2.0.6)
Bonjour (Version: 3.0.0.10)
EPSON NX420 Series Printer Uninstall
HP Demo (Version: HP Demo)
iTunes (Version: 10.6.3.25)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 16.0.1 (x86 en-US) (Version: 16.0.1)
NVIDIA 3D Vision Controller Driver 301.42 (Version: 301.42)
NVIDIA Control Panel 296.19 (Version: 296.19)
NVIDIA Drivers (Version: 1.5)
NVIDIA Graphics Driver 296.19 (Version: 296.19)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Update 1.7.12 (Version: 1.7.12)
NVIDIA Update Components (Version: 1.7.12)
PCIe Soft Data Fax Modem with SmartCP (Version: 7.71.00.50)
Sansa Updater (Version: 1.304)
SUPERAntiSpyware (Version: 5.5.1012)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)

========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 4862.37 MB
Available physical RAM: 3032.07 MB
Total Pagefile: 9899.27 MB
Available Pagefile: 8220.92 MB
Total Virtual: 4095.88 MB
Available Virtual: 3995.84 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:920.09 GB) (Free:657.47 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.42 GB) (Free:1.51 GB) NTFS

========================= Users: ========================================

User accounts for \\OFFICE-PC-PC

Administrator ASPNET Guest
Office-PC UpdatusUser


**** End of log ****

#4 obliviousnube

obliviousnube
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 24 October 2012 - 11:24 AM

09:18:34.0123 13016 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
09:18:34.0391 13016 ============================================================
09:18:34.0391 13016 Current date / time: 2012/10/24 09:18:34.0391
09:18:34.0391 13016 SystemInfo:
09:18:34.0391 13016
09:18:34.0391 13016 OS Version: 6.0.6002 ServicePack: 2.0
09:18:34.0391 13016 Product type: Workstation
09:18:34.0392 13016 ComputerName: OFFICE-PC-PC
09:18:34.0392 13016 UserName: Office-PC
09:18:34.0392 13016 Windows directory: C:\Windows
09:18:34.0392 13016 System windows directory: C:\Windows
09:18:34.0392 13016 Running under WOW64
09:18:34.0392 13016 Processor architecture: Intel x64
09:18:34.0392 13016 Number of processors: 4
09:18:34.0392 13016 Page size: 0x1000
09:18:34.0392 13016 Boot type: Normal boot
09:18:34.0392 13016 ============================================================
09:18:35.0297 13016 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:18:35.0329 13016 ============================================================
09:18:35.0329 13016 \Device\Harddisk0\DR0:
09:18:35.0329 13016 MBR partitions:
09:18:35.0329 13016 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7302F7C1
09:18:35.0329 13016 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7302F800, BlocksNum 0x16D6800
09:18:35.0329 13016 ============================================================
09:18:35.0348 13016 C: <-> \Device\Harddisk0\DR0\Partition1
09:18:35.0388 13016 D: <-> \Device\Harddisk0\DR0\Partition2
09:18:35.0388 13016 ============================================================
09:18:35.0388 13016 Initialize success
09:18:35.0388 13016 ============================================================
09:21:42.0153 26696 ============================================================
09:21:42.0153 26696 Scan started
09:21:42.0153 26696 Mode: Manual; TDLFS;
09:21:42.0153 26696 ============================================================
09:21:42.0997 26696 ================ Scan system memory ========================
09:21:42.0997 26696 System memory - ok
09:21:42.0998 26696 ================ Scan services =============================
09:21:43.0119 26696 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
09:21:43.0122 26696 !SASCORE - ok
09:21:43.0420 26696 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
09:21:43.0427 26696 ACPI - ok
09:21:43.0518 26696 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:21:43.0520 26696 AdobeARMservice - ok
09:21:43.0581 26696 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:21:43.0590 26696 adp94xx - ok
09:21:43.0618 26696 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:21:43.0625 26696 adpahci - ok
09:21:43.0639 26696 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
09:21:43.0643 26696 adpu160m - ok
09:21:43.0660 26696 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:21:43.0665 26696 adpu320 - ok
09:21:43.0853 26696 [ 96D6CDD0B32846E8CFBE592F4F32E608 ] AdvancedSystemCareService5 C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
09:21:43.0890 26696 AdvancedSystemCareService5 - ok
09:21:43.0908 26696 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:21:43.0910 26696 AeLookupSvc - ok
09:21:43.0958 26696 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
09:21:43.0966 26696 AFD - ok
09:21:43.0985 26696 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:21:43.0988 26696 agp440 - ok
09:21:43.0999 26696 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:21:44.0002 26696 aic78xx - ok
09:21:44.0017 26696 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
09:21:44.0021 26696 ALG - ok
09:21:44.0033 26696 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
09:21:44.0036 26696 aliide - ok
09:21:44.0044 26696 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
09:21:44.0045 26696 amdide - ok
09:21:44.0057 26696 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:21:44.0060 26696 AmdK8 - ok
09:21:44.0073 26696 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
09:21:44.0076 26696 Appinfo - ok
09:21:44.0188 26696 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:21:44.0193 26696 Apple Mobile Device - ok
09:21:44.0209 26696 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
09:21:44.0213 26696 arc - ok
09:21:44.0228 26696 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:21:44.0231 26696 arcsas - ok
09:21:44.0438 26696 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:21:44.0441 26696 aspnet_state - ok
09:21:44.0464 26696 [ F9278A56E92DF6B16476431B582236B4 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
09:21:44.0465 26696 aswFsBlk - ok
09:21:44.0481 26696 [ FA86861F5B30A2909F8A555ACCF10F33 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
09:21:44.0483 26696 aswMonFlt - ok
09:21:44.0505 26696 [ 42C9280AFCCAC80062DDBC01DEB34F0A ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
09:21:44.0507 26696 AswRdr - ok
09:21:44.0563 26696 [ 0CB9A8CFB177E4FBA9F3A3D7EB038AC7 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
09:21:44.0575 26696 aswSnx - ok
09:21:44.0608 26696 [ 27215E171E212EA5770406EC216F7409 ] aswSP C:\Windows\system32\drivers\aswSP.sys
09:21:44.0613 26696 aswSP - ok
09:21:44.0628 26696 [ 88AF99223812186A8046001EA22DAB86 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
09:21:44.0630 26696 aswTdi - ok
09:21:44.0647 26696 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:21:44.0650 26696 AsyncMac - ok
09:21:44.0667 26696 [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi C:\Windows\system32\drivers\atapi.sys
09:21:44.0669 26696 atapi - ok
09:21:44.0700 26696 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:21:44.0708 26696 AudioEndpointBuilder - ok
09:21:44.0720 26696 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:21:44.0726 26696 AudioSrv - ok
09:21:44.0792 26696 [ FB05FF189FC5F57DE636315B1F5E56DB ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:21:44.0793 26696 avast! Antivirus - ok
09:21:44.0871 26696 [ 8B392AFC3634AF2F510B4D53F00AD53A ] BCMH43XX C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
09:21:44.0896 26696 BCMH43XX - ok
09:21:44.0929 26696 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
09:21:44.0938 26696 BFE - ok
09:21:44.0978 26696 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
09:21:45.0013 26696 BITS - ok
09:21:45.0031 26696 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:21:45.0035 26696 blbdrive - ok
09:21:45.0062 26696 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:21:45.0070 26696 Bonjour Service - ok
09:21:45.0087 26696 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:21:45.0090 26696 bowser - ok
09:21:45.0099 26696 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
09:21:45.0101 26696 BrFiltLo - ok
09:21:45.0108 26696 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
09:21:45.0112 26696 BrFiltUp - ok
09:21:45.0134 26696 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
09:21:45.0137 26696 Browser - ok
09:21:45.0147 26696 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
09:21:45.0149 26696 Brserid - ok
09:21:45.0168 26696 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
09:21:45.0171 26696 BrSerWdm - ok
09:21:45.0178 26696 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
09:21:45.0180 26696 BrUsbMdm - ok
09:21:45.0189 26696 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
09:21:45.0191 26696 BrUsbSer - ok
09:21:45.0220 26696 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:21:45.0223 26696 BTHMODEM - ok
09:21:45.0262 26696 [ ACBADAB44C65E96983DBF5633318C355 ] CAXHWBS3 C:\Windows\system32\DRIVERS\CAXHWBS3.sys
09:21:45.0268 26696 CAXHWBS3 - ok
09:21:45.0284 26696 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:21:45.0289 26696 cdfs - ok
09:21:45.0326 26696 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:21:45.0330 26696 cdrom - ok
09:21:45.0354 26696 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
09:21:45.0357 26696 CertPropSvc - ok
09:21:45.0382 26696 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
09:21:45.0385 26696 circlass - ok
09:21:45.0424 26696 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
09:21:45.0432 26696 CLFS - ok
09:21:45.0507 26696 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:21:45.0512 26696 clr_optimization_v2.0.50727_32 - ok
09:21:45.0546 26696 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:21:45.0551 26696 clr_optimization_v2.0.50727_64 - ok
09:21:45.0599 26696 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:21:45.0603 26696 clr_optimization_v4.0.30319_32 - ok
09:21:45.0618 26696 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:21:45.0623 26696 clr_optimization_v4.0.30319_64 - ok
09:21:45.0631 26696 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:21:45.0633 26696 cmdide - ok
09:21:45.0646 26696 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:21:45.0649 26696 Compbatt - ok
09:21:45.0658 26696 COMSysApp - ok
09:21:45.0670 26696 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:21:45.0672 26696 crcdisk - ok
09:21:45.0705 26696 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:21:45.0710 26696 CryptSvc - ok
09:21:45.0785 26696 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
09:21:45.0804 26696 DcomLaunch - ok
09:21:45.0827 26696 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:21:45.0829 26696 DfsC - ok
09:21:45.0943 26696 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
09:21:46.0034 26696 DFSR - ok
09:21:46.0069 26696 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
09:21:46.0075 26696 Dhcp - ok
09:21:46.0097 26696 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
09:21:46.0100 26696 disk - ok
09:21:46.0143 26696 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:21:46.0148 26696 Dnscache - ok
09:21:46.0187 26696 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
09:21:46.0196 26696 dot3svc - ok
09:21:46.0253 26696 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
09:21:46.0258 26696 DPS - ok
09:21:46.0283 26696 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:21:46.0287 26696 drmkaud - ok
09:21:46.0294 26696 dump_wmimmc - ok
09:21:46.0364 26696 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:21:46.0384 26696 DXGKrnl - ok
09:21:46.0409 26696 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
09:21:46.0414 26696 E1G60 - ok
09:21:46.0424 26696 EagleX64 - ok
09:21:46.0447 26696 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
09:21:46.0452 26696 EapHost - ok
09:21:46.0466 26696 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
09:21:46.0470 26696 Ecache - ok
09:21:46.0534 26696 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:21:46.0541 26696 ehRecvr - ok
09:21:46.0550 26696 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
09:21:46.0554 26696 ehSched - ok
09:21:46.0580 26696 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
09:21:46.0582 26696 ehstart - ok
09:21:46.0606 26696 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:21:46.0613 26696 elxstor - ok
09:21:46.0653 26696 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
09:21:46.0662 26696 EMDMgmt - ok
09:21:46.0727 26696 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
09:21:46.0731 26696 EpsonBidirectionalService - ok
09:21:46.0762 26696 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:21:46.0764 26696 ErrDev - ok
09:21:46.0796 26696 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
09:21:46.0806 26696 EventSystem - ok
09:21:46.0851 26696 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
09:21:46.0855 26696 exfat - ok
09:21:46.0879 26696 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:21:46.0884 26696 fastfat - ok
09:21:46.0903 26696 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:21:46.0906 26696 fdc - ok
09:21:46.0914 26696 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
09:21:46.0917 26696 fdPHost - ok
09:21:46.0931 26696 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
09:21:46.0935 26696 FDResPub - ok
09:21:46.0947 26696 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:21:46.0950 26696 FileInfo - ok
09:21:46.0967 26696 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:21:46.0970 26696 Filetrace - ok
09:21:46.0983 26696 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:21:46.0985 26696 flpydisk - ok
09:21:47.0009 26696 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:21:47.0015 26696 FltMgr - ok
09:21:47.0061 26696 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
09:21:47.0084 26696 FontCache - ok
09:21:47.0131 26696 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:21:47.0134 26696 FontCache3.0.0.0 - ok
09:21:47.0203 26696 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:21:47.0205 26696 Fs_Rec - ok
09:21:47.0223 26696 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:21:47.0227 26696 gagp30kx - ok
09:21:47.0281 26696 [ 6139AE70E943B2A57AD04B70A316C0A0 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
09:21:47.0286 26696 GameConsoleService - ok
09:21:47.0330 26696 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:21:47.0332 26696 GEARAspiWDM - ok
09:21:47.0363 26696 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
09:21:47.0378 26696 gpsvc - ok
09:21:47.0426 26696 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:21:47.0445 26696 HDAudBus - ok
09:21:47.0500 26696 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:21:47.0504 26696 HidBth - ok
09:21:47.0557 26696 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:21:47.0560 26696 HidIr - ok
09:21:47.0602 26696 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
09:21:47.0607 26696 hidserv - ok
09:21:47.0620 26696 [ D02C82CB3A20F391C8AEFF94E8E0BAA1 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:21:47.0622 26696 HidUsb - ok
09:21:47.0646 26696 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
09:21:47.0653 26696 hkmsvc - ok
09:21:47.0692 26696 [ CB383AB0B8BA871D893B86D3C9A3ED9F ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
09:21:47.0694 26696 HP Health Check Service - ok
09:21:47.0709 26696 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
09:21:47.0713 26696 HpCISSs - ok
09:21:47.0764 26696 [ C0A9096A732B912BFE1504D17C6B2385 ] HSF_DP C:\Windows\system32\DRIVERS\CAX_DP.sys
09:21:47.0803 26696 HSF_DP - ok
09:21:47.0863 26696 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:21:47.0877 26696 HTTP - ok
09:21:47.0896 26696 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
09:21:47.0899 26696 i2omp - ok
09:21:47.0919 26696 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:21:47.0922 26696 i8042prt - ok
09:21:47.0943 26696 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
09:21:47.0950 26696 iaStorV - ok
09:21:48.0004 26696 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:21:48.0024 26696 idsvc - ok
09:21:48.0069 26696 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:21:48.0072 26696 iirsp - ok
09:21:48.0119 26696 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
09:21:48.0132 26696 IKEEXT - ok
09:21:48.0218 26696 [ 1EDAB7F9B9DE4424BECCDEF950CE2FF0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:21:48.0259 26696 IntcAzAudAddService - ok
09:21:48.0294 26696 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
09:21:48.0296 26696 intelide - ok
09:21:48.0308 26696 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:21:48.0311 26696 intelppm - ok
09:21:48.0331 26696 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:21:48.0336 26696 IPBusEnum - ok
09:21:48.0351 26696 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:21:48.0355 26696 IpFilterDriver - ok
09:21:48.0382 26696 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:21:48.0389 26696 iphlpsvc - ok
09:21:48.0396 26696 IpInIp - ok
09:21:48.0413 26696 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
09:21:48.0416 26696 IPMIDRV - ok
09:21:48.0431 26696 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
09:21:48.0435 26696 IPNAT - ok
09:21:48.0475 26696 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:21:48.0489 26696 iPod Service - ok
09:21:48.0535 26696 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:21:48.0538 26696 IRENUM - ok
09:21:48.0550 26696 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:21:48.0553 26696 isapnp - ok
09:21:48.0585 26696 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
09:21:48.0590 26696 iScsiPrt - ok
09:21:48.0605 26696 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
09:21:48.0608 26696 iteatapi - ok
09:21:48.0659 26696 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
09:21:48.0662 26696 iteraid - ok
09:21:48.0670 26696 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:21:48.0672 26696 kbdclass - ok
09:21:48.0713 26696 [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:21:48.0716 26696 kbdhid - ok
09:21:48.0737 26696 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
09:21:48.0741 26696 KeyIso - ok
09:21:48.0777 26696 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:21:48.0786 26696 KSecDD - ok
09:21:48.0805 26696 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:21:48.0807 26696 ksthunk - ok
09:21:48.0858 26696 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
09:21:48.0868 26696 KtmRm - ok
09:21:48.0897 26696 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:21:48.0907 26696 LanmanServer - ok
09:21:48.0932 26696 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:21:48.0944 26696 LanmanWorkstation - ok
09:21:48.0987 26696 [ C215E09622118383B236DD56C2065183 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
09:21:48.0989 26696 LightScribeService - ok
09:21:49.0006 26696 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:21:49.0009 26696 lltdio - ok
09:21:49.0032 26696 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:21:49.0041 26696 lltdsvc - ok
09:21:49.0049 26696 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:21:49.0053 26696 lmhosts - ok
09:21:49.0109 26696 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:21:49.0112 26696 LSI_FC - ok
09:21:49.0163 26696 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:21:49.0166 26696 LSI_SAS - ok
09:21:49.0207 26696 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:21:49.0211 26696 LSI_SCSI - ok
09:21:49.0231 26696 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
09:21:49.0234 26696 luafv - ok
09:21:49.0260 26696 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:21:49.0265 26696 Mcx2Svc - ok
09:21:49.0293 26696 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
09:21:49.0295 26696 mdmxsdk - ok
09:21:49.0310 26696 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
09:21:49.0313 26696 megasas - ok
09:21:49.0338 26696 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
09:21:49.0347 26696 MegaSR - ok
09:21:49.0364 26696 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
09:21:49.0369 26696 MMCSS - ok
09:21:49.0387 26696 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
09:21:49.0389 26696 Modem - ok
09:21:49.0417 26696 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:21:49.0419 26696 monitor - ok
09:21:49.0436 26696 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:21:49.0437 26696 mouclass - ok
09:21:49.0457 26696 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:21:49.0459 26696 mouhid - ok
09:21:49.0478 26696 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
09:21:49.0481 26696 MountMgr - ok
09:21:49.0519 26696 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:21:49.0523 26696 MozillaMaintenance - ok
09:21:49.0539 26696 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
09:21:49.0543 26696 mpio - ok
09:21:49.0561 26696 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:21:49.0564 26696 mpsdrv - ok
09:21:49.0600 26696 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
09:21:49.0613 26696 MpsSvc - ok
09:21:49.0630 26696 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
09:21:49.0633 26696 Mraid35x - ok
09:21:49.0657 26696 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:21:49.0661 26696 MRxDAV - ok
09:21:49.0683 26696 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:21:49.0686 26696 mrxsmb - ok
09:21:49.0729 26696 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:21:49.0735 26696 mrxsmb10 - ok
09:21:49.0765 26696 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:21:49.0768 26696 mrxsmb20 - ok
09:21:49.0795 26696 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
09:21:49.0797 26696 msahci - ok
09:21:49.0816 26696 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:21:49.0820 26696 msdsm - ok
09:21:49.0838 26696 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
09:21:49.0845 26696 MSDTC - ok
09:21:49.0893 26696 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:21:49.0894 26696 Msfs - ok
09:21:49.0906 26696 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:21:49.0908 26696 msisadrv - ok
09:21:49.0939 26696 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:21:49.0945 26696 MSiSCSI - ok
09:21:49.0953 26696 msiserver - ok
09:21:50.0016 26696 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:21:50.0018 26696 MSKSSRV - ok
09:21:50.0034 26696 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:21:50.0036 26696 MSPCLOCK - ok
09:21:50.0050 26696 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:21:50.0052 26696 MSPQM - ok
09:21:50.0093 26696 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:21:50.0100 26696 MsRPC - ok
09:21:50.0117 26696 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:21:50.0119 26696 mssmbios - ok
09:21:50.0136 26696 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:21:50.0139 26696 MSTEE - ok
09:21:50.0158 26696 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
09:21:50.0160 26696 Mup - ok
09:21:50.0180 26696 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
09:21:50.0193 26696 napagent - ok
09:21:50.0234 26696 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:21:50.0239 26696 NativeWifiP - ok
09:21:50.0291 26696 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:21:50.0304 26696 NDIS - ok
09:21:50.0319 26696 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:21:50.0322 26696 NdisTapi - ok
09:21:50.0334 26696 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:21:50.0337 26696 Ndisuio - ok
09:21:50.0352 26696 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:21:50.0356 26696 NdisWan - ok
09:21:50.0373 26696 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:21:50.0376 26696 NDProxy - ok
09:21:50.0384 26696 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:21:50.0386 26696 NetBIOS - ok
09:21:50.0416 26696 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
09:21:50.0422 26696 netbt - ok
09:21:50.0431 26696 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
09:21:50.0435 26696 Netlogon - ok
09:21:50.0452 26696 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
09:21:50.0462 26696 Netman - ok
09:21:50.0493 26696 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:21:50.0498 26696 NetMsmqActivator - ok
09:21:50.0508 26696 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:21:50.0512 26696 NetPipeActivator - ok
09:21:50.0544 26696 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
09:21:50.0554 26696 netprofm - ok
09:21:50.0562 26696 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:21:50.0565 26696 NetTcpActivator - ok
09:21:50.0584 26696 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:21:50.0587 26696 NetTcpPortSharing - ok
09:21:50.0624 26696 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:21:50.0627 26696 nfrd960 - ok
09:21:50.0648 26696 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
09:21:50.0656 26696 NlaSvc - ok
09:21:50.0680 26696 [ C31FA031335EFF434B2D94278E74BCCE ] NPF C:\Windows\system32\DRIVERS\npf.sys
09:21:50.0683 26696 NPF - ok
09:21:50.0691 26696 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:21:50.0692 26696 Npfs - ok
09:21:50.0700 26696 npggsvc - ok
09:21:50.0709 26696 NPPTNT2 - ok
09:21:50.0719 26696 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
09:21:50.0724 26696 nsi - ok
09:21:50.0752 26696 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:21:50.0754 26696 nsiproxy - ok
09:21:50.0802 26696 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:21:50.0846 26696 Ntfs - ok
09:21:50.0864 26696 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
09:21:50.0866 26696 Null - ok
09:21:50.0915 26696 [ 98350606682594521D56ECCB5D01ECF7 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx64.sys
09:21:50.0948 26696 NVENETFD - ok
09:21:51.0316 26696 [ 828E3D31D9E5B81A4927885D3752C996 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:21:51.0607 26696 nvlddmkm - ok
09:21:51.0640 26696 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:21:51.0643 26696 nvraid - ok
09:21:51.0671 26696 [ 011DB85AFFD2368348181C552E025D98 ] nvrd64 C:\Windows\system32\drivers\nvrd64.sys
09:21:51.0675 26696 nvrd64 - ok
09:21:51.0701 26696 [ E58D81FB8616D0CB55C1E36AA0B213C9 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
09:21:51.0703 26696 nvsmu - ok
09:21:51.0721 26696 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:21:51.0724 26696 nvstor - ok
09:21:51.0743 26696 [ FA6D13AA972967EB46862D0F0372A65A ] nvstor64 C:\Windows\system32\drivers\nvstor64.sys
09:21:51.0746 26696 nvstor64 - ok
09:21:51.0795 26696 [ 1C63E34632CEBD6A37B82DC77C4F7575 ] nvsvc C:\Windows\system32\nvvsvc.exe
09:21:51.0815 26696 nvsvc - ok
09:21:51.0937 26696 [ 4A5A9DDEF3C7E4E37EB22DE00AE8B9F1 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:21:51.0999 26696 nvUpdatusService - ok
09:21:52.0023 26696 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:21:52.0026 26696 nv_agp - ok
09:21:52.0033 26696 NwlnkFlt - ok
09:21:52.0042 26696 NwlnkFwd - ok
09:21:52.0131 26696 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:21:52.0139 26696 odserv - ok
09:21:52.0164 26696 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
09:21:52.0167 26696 ohci1394 - ok
09:21:52.0226 26696 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:21:52.0230 26696 ose - ok
09:21:52.0268 26696 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
09:21:52.0287 26696 p2pimsvc - ok
09:21:52.0305 26696 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
09:21:52.0320 26696 p2psvc - ok
09:21:52.0339 26696 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
09:21:52.0343 26696 Parport - ok
09:21:52.0370 26696 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:21:52.0372 26696 partmgr - ok
09:21:52.0393 26696 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
09:21:52.0400 26696 PcaSvc - ok
09:21:52.0444 26696 PcdrNdisuio - ok
09:21:52.0460 26696 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
09:21:52.0464 26696 pci - ok
09:21:52.0482 26696 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
09:21:52.0485 26696 pciide - ok
09:21:52.0504 26696 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:21:52.0510 26696 pcmcia - ok
09:21:52.0541 26696 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:21:52.0592 26696 PEAUTH - ok
09:21:52.0616 26696 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:21:52.0622 26696 PerfHost - ok
09:21:52.0691 26696 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
09:21:52.0725 26696 pla - ok
09:21:52.0755 26696 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:21:52.0767 26696 PlugPlay - ok
09:21:52.0787 26696 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
09:21:52.0802 26696 PNRPAutoReg - ok
09:21:52.0820 26696 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
09:21:52.0835 26696 PNRPsvc - ok
09:21:52.0887 26696 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:21:52.0943 26696 PolicyAgent - ok
09:21:52.0975 26696 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:21:52.0978 26696 PptpMiniport - ok
09:21:53.0024 26696 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:21:53.0026 26696 Processor - ok
09:21:53.0061 26696 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
09:21:53.0070 26696 ProfSvc - ok
09:21:53.0083 26696 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
09:21:53.0087 26696 ProtectedStorage - ok
09:21:53.0113 26696 [ 1D0A3F565397D08707F3D75B88586645 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
09:21:53.0116 26696 Ps2 - ok
09:21:53.0144 26696 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
09:21:53.0147 26696 PSched - ok
09:21:53.0190 26696 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:21:53.0217 26696 ql2300 - ok
09:21:53.0238 26696 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:21:53.0242 26696 ql40xx - ok
09:21:53.0261 26696 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
09:21:53.0272 26696 QWAVE - ok
09:21:53.0289 26696 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:21:53.0291 26696 QWAVEdrv - ok
09:21:53.0300 26696 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:21:53.0303 26696 RasAcd - ok
09:21:53.0319 26696 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
09:21:53.0328 26696 RasAuto - ok
09:21:53.0341 26696 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:21:53.0345 26696 Rasl2tp - ok
09:21:53.0366 26696 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
09:21:53.0377 26696 RasMan - ok
09:21:53.0415 26696 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:21:53.0418 26696 RasPppoe - ok
09:21:53.0436 26696 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:21:53.0440 26696 RasSstp - ok
09:21:53.0467 26696 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:21:53.0473 26696 rdbss - ok
09:21:53.0481 26696 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:21:53.0483 26696 RDPCDD - ok
09:21:53.0510 26696 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
09:21:53.0517 26696 rdpdr - ok
09:21:53.0524 26696 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:21:53.0526 26696 RDPENCDD - ok
09:21:53.0590 26696 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:21:53.0596 26696 RDPWD - ok
09:21:53.0640 26696 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:21:53.0647 26696 RemoteAccess - ok
09:21:53.0657 26696 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:21:53.0667 26696 RemoteRegistry - ok
09:21:53.0677 26696 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
09:21:53.0682 26696 RpcLocator - ok
09:21:53.0708 26696 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
09:21:53.0722 26696 RpcSs - ok
09:21:53.0737 26696 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:21:53.0740 26696 rspndr - ok
09:21:53.0757 26696 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
09:21:53.0761 26696 SamSs - ok
09:21:53.0815 26696 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
09:21:53.0816 26696 SASDIFSV - ok
09:21:53.0823 26696 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
09:21:53.0824 26696 SASKUTIL - ok
09:21:53.0853 26696 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:21:53.0858 26696 sbp2port - ok
09:21:53.0872 26696 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:21:53.0882 26696 SCardSvr - ok
09:21:53.0916 26696 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
09:21:53.0937 26696 Schedule - ok
09:21:53.0961 26696 [ 6011CDF54BB6F4C69F38FACCDAD73D7E ] SCMNdisP C:\Windows\system32\DRIVERS\scmndisp.sys
09:21:53.0963 26696 SCMNdisP - ok
09:21:54.0008 26696 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:21:54.0010 26696 SCPolicySvc - ok
09:21:54.0041 26696 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:21:54.0049 26696 SDRSVC - ok
09:21:54.0065 26696 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:21:54.0072 26696 secdrv - ok
09:21:54.0095 26696 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
09:21:54.0103 26696 seclogon - ok
09:21:54.0122 26696 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
09:21:54.0130 26696 SENS - ok
09:21:54.0148 26696 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
09:21:54.0150 26696 Serenum - ok
09:21:54.0165 26696 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
09:21:54.0169 26696 Serial - ok
09:21:54.0188 26696 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:21:54.0191 26696 sermouse - ok
09:21:54.0235 26696 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
09:21:54.0243 26696 SessionEnv - ok
09:21:54.0255 26696 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:21:54.0258 26696 sffdisk - ok
09:21:54.0274 26696 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:21:54.0276 26696 sffp_mmc - ok
09:21:54.0291 26696 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:21:54.0293 26696 sffp_sd - ok
09:21:54.0301 26696 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:21:54.0304 26696 sfloppy - ok
09:21:54.0337 26696 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:21:54.0346 26696 SharedAccess - ok
09:21:54.0386 26696 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:21:54.0397 26696 ShellHWDetection - ok
09:21:54.0415 26696 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
09:21:54.0418 26696 SiSRaid2 - ok
09:21:54.0434 26696 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:21:54.0438 26696 SiSRaid4 - ok
09:21:54.0503 26696 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:21:54.0506 26696 SkypeUpdate - ok
09:21:54.0589 26696 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
09:21:54.0648 26696 slsvc - ok
09:21:54.0689 26696 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
09:21:54.0698 26696 SLUINotify - ok
09:21:54.0740 26696 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:21:54.0744 26696 Smb - ok
09:21:54.0770 26696 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:21:54.0778 26696 SNMPTRAP - ok
09:21:54.0810 26696 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
09:21:54.0812 26696 spldr - ok
09:21:54.0859 26696 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
09:21:54.0870 26696 Spooler - ok
09:21:54.0916 26696 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
09:21:54.0925 26696 srv - ok
09:21:54.0954 26696 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:21:54.0958 26696 srv2 - ok
09:21:54.0976 26696 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:21:54.0980 26696 srvnet - ok
09:21:55.0027 26696 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:21:55.0038 26696 SSDPSRV - ok
09:21:55.0079 26696 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:21:55.0088 26696 SstpSvc - ok
09:21:55.0141 26696 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
09:21:55.0158 26696 stisvc - ok
09:21:55.0175 26696 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:21:55.0176 26696 swenum - ok
09:21:55.0226 26696 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
09:21:55.0285 26696 swprv - ok
09:21:55.0311 26696 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
09:21:55.0314 26696 Symc8xx - ok
09:21:55.0338 26696 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
09:21:55.0341 26696 Sym_hi - ok
09:21:55.0355 26696 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
09:21:55.0359 26696 Sym_u3 - ok
09:21:55.0398 26696 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
09:21:55.0419 26696 SysMain - ok
09:21:55.0466 26696 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:21:55.0474 26696 TabletInputService - ok
09:21:55.0521 26696 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:21:55.0534 26696 TapiSrv - ok
09:21:55.0550 26696 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
09:21:55.0558 26696 TBS - ok
09:21:55.0620 26696 [ AC8D5728E6AD6A7C4819D9A67008337A ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:21:55.0695 26696 Tcpip - ok
09:21:55.0737 26696 [ AC8D5728E6AD6A7C4819D9A67008337A ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
09:21:55.0754 26696 Tcpip6 - ok
09:21:55.0791 26696 [ FD8FDE859E38E40A20085EBB0C22B416 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:21:55.0795 26696 tcpipreg - ok
09:21:55.0808 26696 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:21:55.0811 26696 TDPIPE - ok
09:21:55.0836 26696 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:21:55.0838 26696 TDTCP - ok
09:21:55.0888 26696 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:21:55.0892 26696 tdx - ok
09:21:55.0958 26696 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:21:55.0961 26696 TermDD - ok
09:21:55.0984 26696 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
09:21:56.0001 26696 TermService - ok
09:21:56.0017 26696 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
09:21:56.0027 26696 Themes - ok
09:21:56.0049 26696 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
09:21:56.0053 26696 THREADORDER - ok
09:21:56.0066 26696 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
09:21:56.0075 26696 TrkWks - ok
09:21:56.0161 26696 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:21:56.0166 26696 TrustedInstaller - ok
09:21:56.0197 26696 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:21:56.0199 26696 tssecsrv - ok
09:21:56.0213 26696 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
09:21:56.0215 26696 tunmp - ok
09:21:56.0252 26696 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:21:56.0255 26696 tunnel - ok
09:21:56.0274 26696 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:21:56.0282 26696 uagp35 - ok
09:21:56.0344 26696 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:21:56.0385 26696 udfs - ok
09:21:56.0416 26696 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:21:56.0425 26696 UI0Detect - ok
09:21:56.0438 26696 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:21:56.0442 26696 uliagpkx - ok
09:21:56.0461 26696 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
09:21:56.0467 26696 uliahci - ok
09:21:56.0491 26696 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
09:21:56.0496 26696 UlSata - ok
09:21:56.0531 26696 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
09:21:56.0537 26696 ulsata2 - ok
09:21:56.0602 26696 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:21:56.0605 26696 umbus - ok
09:21:56.0623 26696 [ 01ABE05C401E70795B43A8933B44831E ] UMPass C:\Windows\system32\DRIVERS\umpass.sys
09:21:56.0626 26696 UMPass - ok
09:21:56.0658 26696 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
09:21:56.0671 26696 upnphost - ok
09:21:56.0700 26696 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
09:21:56.0704 26696 USBAAPL64 - ok
09:21:56.0785 26696 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:21:56.0790 26696 usbccgp - ok
09:21:56.0821 26696 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:21:56.0825 26696 usbcir - ok
09:21:56.0850 26696 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:21:56.0853 26696 usbehci - ok
09:21:56.0883 26696 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:21:56.0891 26696 usbhub - ok
09:21:56.0936 26696 [ E406B003A354776D317762694956B0FC ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
09:21:56.0939 26696 usbohci - ok
09:21:56.0951 26696 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:21:56.0954 26696 usbprint - ok
09:21:56.0993 26696 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:21:56.0997 26696 usbscan - ok
09:21:57.0015 26696 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:21:57.0019 26696 USBSTOR - ok
09:21:57.0032 26696 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:21:57.0035 26696 usbuhci - ok
09:21:57.0067 26696 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
09:21:57.0074 26696 UxSms - ok
09:21:57.0129 26696 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
09:21:57.0173 26696 vds - ok
09:21:57.0202 26696 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:21:57.0205 26696 vga - ok
09:21:57.0217 26696 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:21:57.0220 26696 VgaSave - ok
09:21:57.0237 26696 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
09:21:57.0240 26696 viaide - ok
09:21:57.0277 26696 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:21:57.0282 26696 volmgr - ok
09:21:57.0360 26696 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:21:57.0393 26696 volmgrx - ok
09:21:57.0435 26696 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:21:57.0441 26696 volsnap - ok
09:21:57.0461 26696 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:21:57.0465 26696 vsmraid - ok
09:21:57.0617 26696 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
09:21:57.0700 26696 VSS - ok
09:21:57.0741 26696 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
09:21:57.0774 26696 W32Time - ok
09:21:57.0795 26696 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:21:57.0798 26696 WacomPen - ok
09:21:57.0819 26696 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
09:21:57.0822 26696 Wanarp - ok
09:21:57.0829 26696 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:21:57.0831 26696 Wanarpv6 - ok
09:21:57.0899 26696 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:21:57.0917 26696 wcncsvc - ok
09:21:57.0969 26696 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:21:57.0978 26696 WcsPlugInService - ok
09:21:58.0020 26696 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
09:21:58.0028 26696 Wd - ok
09:21:58.0053 26696 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
09:21:58.0055 26696 WDC_SAM - ok
09:21:58.0103 26696 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:21:58.0119 26696 Wdf01000 - ok
09:21:58.0148 26696 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:21:58.0163 26696 WdiServiceHost - ok
09:21:58.0180 26696 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:21:58.0188 26696 WdiSystemHost - ok
09:21:58.0205 26696 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
09:21:58.0218 26696 WebClient - ok
09:21:58.0260 26696 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:21:58.0273 26696 Wecsvc - ok
09:21:58.0293 26696 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:21:58.0303 26696 wercplsupport - ok
09:21:58.0338 26696 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
09:21:58.0347 26696 WerSvc - ok
09:21:58.0436 26696 [ 0208B357535431071193A7B534F5CFEF ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
09:21:58.0520 26696 winachsf - ok
09:21:58.0547 26696 WinDefend - ok
09:21:58.0561 26696 WinHttpAutoProxySvc - ok
09:21:58.0678 26696 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:21:58.0684 26696 Winmgmt - ok
09:21:58.0774 26696 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
09:21:58.0831 26696 WinRM - ok
09:21:58.0940 26696 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:21:58.0962 26696 Wlansvc - ok
09:21:59.0062 26696 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:21:59.0119 26696 wlidsvc - ok
09:21:59.0153 26696 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:21:59.0156 26696 WmiAcpi - ok
09:21:59.0256 26696 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:21:59.0270 26696 wmiApSrv - ok
09:21:59.0296 26696 WMPNetworkSvc - ok
09:21:59.0323 26696 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:21:59.0334 26696 WPCSvc - ok
09:21:59.0373 26696 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:21:59.0383 26696 WPDBusEnum - ok
09:21:59.0458 26696 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
09:21:59.0465 26696 WpdUsb - ok
09:21:59.0632 26696 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:21:59.0650 26696 WPFFontCache_v0400 - ok
09:21:59.0665 26696 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:21:59.0670 26696 ws2ifsl - ok
09:21:59.0734 26696 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
09:21:59.0744 26696 wscsvc - ok
09:21:59.0751 26696 WSearch - ok
09:21:59.0779 26696 [ 2A7DB6A6F2C2E7CB40311D5B9340060D ] WSWNDA3100 C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
09:21:59.0783 26696 WSWNDA3100 - ok
09:22:00.0007 26696 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:22:00.0042 26696 wuauserv - ok
09:22:00.0084 26696 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:22:00.0089 26696 WUDFRd - ok
09:22:00.0127 26696 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:22:00.0136 26696 wudfsvc - ok
09:22:00.0294 26696 X6va008 - ok
09:22:00.0324 26696 [ F22E443518BC599D12888DAF292A56D8 ] XAudio C:\Windows\system32\DRIVERS\xaudio64.sys
09:22:00.0331 26696 XAudio - ok
09:22:00.0369 26696 [ 963C27034BBA4AC52A13F7A3C657C708 ] XAudioService C:\Windows\system32\DRIVERS\xaudio64.exe
09:22:00.0393 26696 XAudioService - ok
09:22:00.0424 26696 ================ Scan global ===============================
09:22:00.0493 26696 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
09:22:00.0573 26696 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
09:22:00.0637 26696 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
09:22:00.0713 26696 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
09:22:00.0728 26696 [Global] - ok
09:22:00.0729 26696 ================ Scan MBR ==================================
09:22:00.0750 26696 [ 03BA8F890B47C0BE359A4D5A636D214D ] \Device\Harddisk0\DR0
09:22:01.0349 26696 \Device\Harddisk0\DR0 - ok
09:22:01.0350 26696 ================ Scan VBR ==================================
09:22:01.0369 26696 [ 0410DB7C2F40FA6ED84ACAE91AE55C20 ] \Device\Harddisk0\DR0\Partition1
09:22:01.0374 26696 \Device\Harddisk0\DR0\Partition1 - ok
09:22:01.0383 26696 [ B2D0223D0F7079751016C5EEAD64A690 ] \Device\Harddisk0\DR0\Partition2
09:22:01.0390 26696 \Device\Harddisk0\DR0\Partition2 - ok
09:22:01.0391 26696 ============================================================
09:22:01.0391 26696 Scan finished
09:22:01.0391 26696 ============================================================
09:22:01.0419 26424 Detected object count: 0
09:22:01.0419 26424 Actual detected object count: 0
09:22:19.0208 26188 Deinitialize success

#5 obliviousnube

obliviousnube
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 24 October 2012 - 11:30 AM

Not sure how to properly: "Shut down your protection software now to avoid potential conflicts." Looking into that and will post ASAP
Thanks

#6 obliviousnube

obliviousnube
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 24 October 2012 - 12:24 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 2.0.6 (10.24.2012)
OS: Windows ™ Vista Home Premium x64
Ran by Office-PC on Wed 10/24/2012 at 9:46:02.18
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files:

Successfully deleted: [FILE] C:\eula.1028.txt
Successfully deleted: [FILE] C:\eula.1031.txt
Successfully deleted: [FILE] C:\eula.1033.txt
Successfully deleted: [FILE] C:\eula.1036.txt
Successfully deleted: [FILE] C:\eula.1040.txt
Successfully deleted: [FILE] C:\eula.1041.txt
Successfully deleted: [FILE] C:\eula.1042.txt
Successfully deleted: [FILE] C:\eula.2052.txt
Successfully deleted: [FILE] C:\install.res.1028.dll
Successfully deleted: [FILE] C:\install.res.1031.dll
Successfully deleted: [FILE] C:\install.res.1033.dll
Successfully deleted: [FILE] C:\install.res.1036.dll
Successfully deleted: [FILE] C:\install.res.1040.dll
Successfully deleted: [FILE] C:\install.res.1041.dll
Successfully deleted: [FILE] C:\install.res.1042.dll
Successfully deleted: [FILE] C:\install.res.2052.dll
Successfully deleted: [FILE] C:\install.res.3082.dll



*** Folders:

Successfully deleted: [FOLDER] "C:\Program Files (x86)\Common Files\spigot"



*** FireFox detected and repaired

Successfully deleted: [user.js] from C:\Users\Office-PC\AppData\Roaming\Mozilla\Firefox\Profiles\o86ipdst.default


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Wed 10/24/2012 at 10:13:40.25
End of Report

#7 obliviousnube

obliviousnube
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 24 October 2012 - 12:36 PM

# AdwCleaner v2.005 - Logfile created 10/24/2012 at 10:28:07
# Updated 14/10/2012 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : Office-PC - OFFICE-PC-PC
# Boot Mode : Normal
# Running from : C:\Users\Office-PC\Downloads\AdwCleaner(1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [Registry] *****

Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PricePeep
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Office-PC\AppData\Roaming\Mozilla\Firefox\Profiles\o86ipdst.default\prefs.js

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com?cid=%7Bcab7ebcb-2b8b-4962-83a8-8562083[...]
Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7Bcab7ebcb-2b8b-4962-83a8-8562083f53cf%[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Office-PC\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.1.1532.0

File : C:\Users\Office-PC\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2356 octets] - [24/10/2012 10:28:07]

########## EOF - C:\AdwCleaner[S1].txt - [2416 octets] ##########

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:07 PM

Posted 24 October 2012 - 01:17 PM

Ok, no major nasties,but some junkware and leftover files that were removed.. Possibly the cause. So let me know.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 obliviousnube

obliviousnube
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 24 October 2012 - 01:56 PM

What happens:

Boot up computer and after 2 minutes Check computer security settings warning comes on.
Open Security Center
Virus Protection: Avast reports it is turned off
Spyware and Other Malware Protection:Defender is turned off
(Security Center is "running" and you can not close it, etc.- slight flickering)

After 5 minutes Avast turns ON (Green Dot)
Virus Protection:
Avast reports that it is up to date and virus scanning is on
Spyware and other Malware Protection:
Windows Defender and Avast both report they are turned off
(Security Center is "running" and you can not close it, etc.- slight flickering)

After 5 more minutes Security Center Shows Malware protection on (Green Dot)but Security Center still "running" and can't open Malware Section of Security Center.

After 2 more minutes Security Center stops "running" and now can open close etc.
Click on Malware Protection in Security Center window to open
Virus Protection:
Avast reports that it is up to date and virus scanning is on
Spyware and other Malware Protection:
Avast Antivirus reports it is turned on (no Windows Defender)

Click on "show me the anti-spyware programs on this computer" link and Installed spyware protection programs window opens:
Avast Antivirus......... ON
Windows Defender........ OFF
Click on Defender
Click on Turn On
Security Center box opens with click to continue
Download New Definitions for Defender opens and tries to down loads definitions
Box pops up with message "No New Definitions are available", close and Defender turns on and everything seems normal

If I let it go through this process I do not seem to get a Blue screen, it seems it will blue screen if I try to turn on both Virus and Malware protection before it goes through this process??? Have not had a blue screen since the 19th letting it just go through this 12-15 minute process. I only have this issue on Start up if I leave it running and only put tit to sleep I don not seem to have any problems, at least up to this point.


I did see this on the Tool Box log:
Error: (10/18/2012 05:30:15 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk5\DR7, has a bad block.

Error: (10/18/2012 05:30:09 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk5\DR7, has a bad block.

Error: (10/18/2012 05:30:02 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk5\DR7, has a bad block.

Error: (10/18/2012 05:29:52 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk5\DR7, has a bad block.
???????

Edited by obliviousnube, 24 October 2012 - 01:59 PM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:07 PM

Posted 24 October 2012 - 07:50 PM

OK the bad blocks are unusable sections of your hard drive due to damage there.
I can only suggest you will eventually want a new drive. But as your AV keeps getting turned off It can be a protected malware and we will need a deeper look to know.


Please follow this Preparation Guide and post in a new topic.
If Gmer won't run,skip it.

Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users