Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI Moneypak virus


  • Please log in to reply
22 replies to this topic

#1 ddarkstar1

ddarkstar1

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 03 November 2012 - 11:02 AM

Hello. I have been infected with the moneypak virus. I have been able to get rid of it before with malwarebytes but this time it is persistent. Also it seems to have hidden or deleted my restore points so unless we can unhide them, that is not an option. Win 7 64 bit. Im in safe mode awaiting your reply.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:34 AM

Posted 03 November 2012 - 12:31 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 ddarkstar1

ddarkstar1
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 04 November 2012 - 01:21 PM

Thank you for your reply. Here are the logs.

Also,should I be deleting the threats that all of these programs are finding?

TDSS:

11:33:41.0073 2020 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:33:41.0432 2020 ============================================================
11:33:41.0432 2020 Current date / time: 2012/11/04 11:33:41.0432
11:33:41.0432 2020 SystemInfo:
11:33:41.0432 2020
11:33:41.0432 2020 OS Version: 6.1.7600 ServicePack: 0.0
11:33:41.0432 2020 Product type: Workstation
11:33:41.0432 2020 ComputerName: HOLLY-PC
11:33:41.0432 2020 UserName: Holly
11:33:41.0432 2020 Windows directory: C:\Windows
11:33:41.0432 2020 System windows directory: C:\Windows
11:33:41.0432 2020 Running under WOW64
11:33:41.0432 2020 Processor architecture: Intel x64
11:33:41.0432 2020 Number of processors: 1
11:33:41.0432 2020 Page size: 0x1000
11:33:41.0432 2020 Boot type: Safe boot with network
11:33:41.0432 2020 ============================================================
11:33:42.0570 2020 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0xEE72, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x7F, Type 'K0', Flags 0x00000040
11:33:42.0570 2020 ============================================================
11:33:42.0570 2020 \Device\Harddisk0\DR0:
11:33:42.0570 2020 MBR partitions:
11:33:42.0570 2020 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
11:33:42.0570 2020 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1B8BF800
11:33:42.0570 2020 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1B923800, BlocksNum 0x18A1800
11:33:42.0570 2020 ============================================================
11:33:42.0602 2020 C: <-> \Device\Harddisk0\DR0\Partition2
11:33:42.0648 2020 D: <-> \Device\Harddisk0\DR0\Partition3
11:33:42.0648 2020 ============================================================
11:33:42.0648 2020 Initialize success
11:33:42.0648 2020 ============================================================
11:34:14.0629 0796 ============================================================
11:34:14.0629 0796 Scan started
11:34:14.0629 0796 Mode: Manual; TDLFS;
11:34:14.0629 0796 ============================================================
11:34:15.0081 0796 ================ Scan system memory ========================
11:34:15.0081 0796 System memory - ok
11:34:15.0081 0796 ================ Scan services =============================
11:34:15.0362 0796 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Vdos\Paint\Anti-Spyware\SASCORE64.EXE
11:34:15.0377 0796 !SASCORE - ok
11:34:15.0502 0796 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
11:34:15.0502 0796 1394ohci - ok
11:34:15.0596 0796 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Vdos\Paint\Anti-Malware\EmsisoftEmergencyKit2\Run\a2ddax64.sys
11:34:15.0596 0796 A2DDA - ok
11:34:15.0643 0796 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
11:34:15.0643 0796 ACPI - ok
11:34:15.0674 0796 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
11:34:15.0674 0796 AcpiPmi - ok
11:34:15.0799 0796 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:34:15.0799 0796 AdobeFlashPlayerUpdateSvc - ok
11:34:15.0861 0796 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:34:15.0861 0796 adp94xx - ok
11:34:15.0908 0796 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:34:15.0908 0796 adpahci - ok
11:34:15.0939 0796 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:34:15.0939 0796 adpu320 - ok
11:34:15.0970 0796 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:34:15.0986 0796 AeLookupSvc - ok
11:34:16.0033 0796 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
11:34:16.0048 0796 AFD - ok
11:34:16.0079 0796 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
11:34:16.0079 0796 agp440 - ok
11:34:16.0095 0796 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:34:16.0095 0796 ALG - ok
11:34:16.0126 0796 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
11:34:16.0126 0796 aliide - ok
11:34:16.0142 0796 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
11:34:16.0142 0796 amdide - ok
11:34:16.0173 0796 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:34:16.0173 0796 AmdK8 - ok
11:34:16.0204 0796 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:34:16.0204 0796 AmdPPM - ok
11:34:16.0235 0796 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:34:16.0235 0796 amdsata - ok
11:34:16.0282 0796 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:34:16.0298 0796 amdsbs - ok
11:34:16.0313 0796 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:34:16.0313 0796 amdxata - ok
11:34:16.0345 0796 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
11:34:16.0360 0796 AppID - ok
11:34:16.0391 0796 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:34:16.0391 0796 AppIDSvc - ok
11:34:16.0423 0796 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
11:34:16.0423 0796 Appinfo - ok
11:34:16.0501 0796 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
11:34:16.0501 0796 arc - ok
11:34:16.0532 0796 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:34:16.0532 0796 arcsas - ok
11:34:16.0547 0796 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:34:16.0547 0796 AsyncMac - ok
11:34:16.0579 0796 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
11:34:16.0579 0796 atapi - ok
11:34:16.0641 0796 [ 38562A6A9CB10844759EAF2B01A7FCD3 ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:34:16.0657 0796 athr - ok
11:34:16.0703 0796 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:34:16.0719 0796 AudioEndpointBuilder - ok
11:34:16.0735 0796 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:34:16.0750 0796 AudioSrv - ok
11:34:16.0781 0796 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:34:16.0781 0796 AxInstSV - ok
11:34:16.0828 0796 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:34:16.0844 0796 b06bdrv - ok
11:34:16.0891 0796 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:34:16.0891 0796 b57nd60a - ok
11:34:16.0922 0796 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:34:16.0922 0796 BDESVC - ok
11:34:16.0953 0796 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:34:16.0953 0796 Beep - ok
11:34:17.0015 0796 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:34:17.0015 0796 blbdrive - ok
11:34:17.0047 0796 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:34:17.0062 0796 bowser - ok
11:34:17.0078 0796 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:34:17.0078 0796 BrFiltLo - ok
11:34:17.0093 0796 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:34:17.0093 0796 BrFiltUp - ok
11:34:17.0140 0796 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
11:34:17.0140 0796 BridgeMP - ok
11:34:17.0187 0796 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
11:34:17.0187 0796 Browser - ok
11:34:17.0218 0796 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:34:17.0234 0796 Brserid - ok
11:34:17.0249 0796 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:34:17.0265 0796 BrSerWdm - ok
11:34:17.0296 0796 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:34:17.0296 0796 BrUsbMdm - ok
11:34:17.0312 0796 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:34:17.0312 0796 BrUsbSer - ok
11:34:17.0359 0796 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:34:17.0359 0796 BTHMODEM - ok
11:34:17.0374 0796 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:34:17.0374 0796 bthserv - ok
11:34:17.0390 0796 catchme - ok
11:34:17.0437 0796 [ D1787E11C6A0078DDEAF8CF3EE2AB293 ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
11:34:17.0437 0796 CAXHWAZL - ok
11:34:17.0483 0796 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:34:17.0483 0796 cdfs - ok
11:34:17.0530 0796 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:34:17.0530 0796 cdrom - ok
11:34:17.0577 0796 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
11:34:17.0577 0796 CertPropSvc - ok
11:34:17.0608 0796 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:34:17.0608 0796 circlass - ok
11:34:17.0639 0796 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:34:17.0639 0796 CLFS - ok
11:34:17.0717 0796 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:34:17.0717 0796 clr_optimization_v2.0.50727_32 - ok
11:34:17.0764 0796 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:34:17.0780 0796 clr_optimization_v2.0.50727_64 - ok
11:34:17.0842 0796 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:34:17.0873 0796 clr_optimization_v4.0.30319_32 - ok
11:34:17.0920 0796 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:34:17.0936 0796 clr_optimization_v4.0.30319_64 - ok
11:34:17.0967 0796 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:34:17.0967 0796 CmBatt - ok
11:34:17.0967 0796 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
11:34:17.0967 0796 cmdide - ok
11:34:17.0998 0796 [ 937BEB186A735ACA91D717044A49D17E ] CNG C:\Windows\system32\Drivers\cng.sys
11:34:18.0014 0796 CNG - ok
11:34:18.0076 0796 [ 3CB10294F7A59FD22501F4BAD915F250 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
11:34:18.0092 0796 CnxtHdAudService - ok
11:34:18.0185 0796 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
11:34:18.0201 0796 Com4QLBEx - ok
11:34:18.0248 0796 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:34:18.0248 0796 Compbatt - ok
11:34:18.0295 0796 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:34:18.0295 0796 CompositeBus - ok
11:34:18.0310 0796 COMSysApp - ok
11:34:18.0326 0796 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:34:18.0326 0796 crcdisk - ok
11:34:18.0373 0796 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:34:18.0373 0796 CryptSvc - ok
11:34:18.0419 0796 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:34:18.0529 0796 DcomLaunch - ok
11:34:18.0560 0796 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:34:18.0560 0796 defragsvc - ok
11:34:18.0607 0796 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:34:18.0607 0796 DfsC - ok
11:34:18.0638 0796 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
11:34:18.0653 0796 Dhcp - ok
11:34:18.0685 0796 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:34:18.0685 0796 discache - ok
11:34:18.0731 0796 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:34:18.0731 0796 Disk - ok
11:34:18.0778 0796 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:34:18.0778 0796 Dnscache - ok
11:34:18.0809 0796 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
11:34:18.0809 0796 dot3svc - ok
11:34:18.0825 0796 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
11:34:18.0825 0796 DPS - ok
11:34:18.0856 0796 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:34:18.0856 0796 drmkaud - ok
11:34:18.0919 0796 [ D3D64CF7B2BCEAA34A270F45A3FFFB36 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:34:18.0934 0796 dtsoftbus01 - ok
11:34:18.0981 0796 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:34:18.0997 0796 DXGKrnl - ok
11:34:19.0043 0796 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:34:19.0043 0796 EapHost - ok
11:34:19.0121 0796 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:34:19.0184 0796 ebdrv - ok
11:34:19.0215 0796 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
11:34:19.0215 0796 EFS - ok
11:34:19.0293 0796 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:34:19.0293 0796 ehRecvr - ok
11:34:19.0324 0796 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:34:19.0324 0796 ehSched - ok
11:34:19.0355 0796 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:34:19.0371 0796 elxstor - ok
11:34:19.0402 0796 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
11:34:19.0402 0796 ErrDev - ok
11:34:19.0465 0796 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:34:19.0465 0796 EventSystem - ok
11:34:19.0496 0796 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:34:19.0511 0796 exfat - ok
11:34:19.0527 0796 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:34:19.0527 0796 fastfat - ok
11:34:19.0574 0796 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
11:34:19.0589 0796 Fax - ok
11:34:19.0605 0796 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:34:19.0605 0796 fdc - ok
11:34:19.0636 0796 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:34:19.0636 0796 fdPHost - ok
11:34:19.0652 0796 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:34:19.0667 0796 FDResPub - ok
11:34:19.0683 0796 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:34:19.0683 0796 FileInfo - ok
11:34:19.0699 0796 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:34:19.0699 0796 Filetrace - ok
11:34:19.0714 0796 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:34:19.0714 0796 flpydisk - ok
11:34:19.0745 0796 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:34:19.0745 0796 FltMgr - ok
11:34:19.0808 0796 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
11:34:19.0823 0796 FontCache - ok
11:34:19.0870 0796 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:34:19.0870 0796 FontCache3.0.0.0 - ok
11:34:19.0901 0796 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:34:19.0901 0796 FsDepends - ok
11:34:19.0933 0796 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:34:19.0933 0796 Fs_Rec - ok
11:34:19.0979 0796 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:34:19.0979 0796 fvevol - ok
11:34:19.0995 0796 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:34:19.0995 0796 gagp30kx - ok
11:34:20.0073 0796 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
11:34:20.0073 0796 GameConsoleService - ok
11:34:20.0120 0796 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
11:34:20.0120 0796 gpsvc - ok
11:34:20.0229 0796 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:34:20.0229 0796 gupdate - ok
11:34:20.0260 0796 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:34:20.0260 0796 gupdatem - ok
11:34:20.0338 0796 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:34:20.0354 0796 gusvc - ok
11:34:20.0369 0796 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:34:20.0369 0796 hcw85cir - ok
11:34:20.0416 0796 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:34:20.0416 0796 HdAudAddService - ok
11:34:20.0447 0796 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:34:20.0447 0796 HDAudBus - ok
11:34:20.0479 0796 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:34:20.0479 0796 HidBatt - ok
11:34:20.0494 0796 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:34:20.0510 0796 HidBth - ok
11:34:20.0525 0796 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:34:20.0525 0796 HidIr - ok
11:34:20.0557 0796 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
11:34:20.0557 0796 hidserv - ok
11:34:20.0588 0796 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:34:20.0588 0796 HidUsb - ok
11:34:20.0619 0796 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:34:20.0619 0796 hkmsvc - ok
11:34:20.0650 0796 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:34:20.0650 0796 HomeGroupListener - ok
11:34:20.0697 0796 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:34:20.0697 0796 HomeGroupProvider - ok
11:34:20.0744 0796 [ 00B239202F7756695C8CCDF8BAFA7D3D ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
11:34:20.0744 0796 HP Health Check Service - ok
11:34:20.0791 0796 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
11:34:20.0791 0796 HpqKbFiltr - ok
11:34:20.0822 0796 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
11:34:20.0822 0796 hpqwmiex - ok
11:34:20.0869 0796 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
11:34:20.0869 0796 HpSAMD - ok
11:34:20.0962 0796 [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
11:34:21.0025 0796 HsfXAudioService - ok
11:34:21.0071 0796 [ 26C5D00321937E49B6BC91029947D094 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
11:34:21.0103 0796 HSF_DPV - ok
11:34:21.0134 0796 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:34:21.0149 0796 HTTP - ok
11:34:21.0165 0796 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:34:21.0165 0796 hwpolicy - ok
11:34:21.0196 0796 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:34:21.0196 0796 i8042prt - ok
11:34:21.0259 0796 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:34:21.0259 0796 iaStorV - ok
11:34:21.0321 0796 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:34:21.0337 0796 idsvc - ok
11:34:21.0571 0796 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:34:21.0805 0796 igfx - ok
11:34:21.0836 0796 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:34:21.0836 0796 iirsp - ok
11:34:21.0898 0796 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
11:34:21.0914 0796 IKEEXT - ok
11:34:21.0929 0796 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
11:34:21.0929 0796 intelide - ok
11:34:21.0976 0796 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:34:21.0976 0796 intelppm - ok
11:34:21.0992 0796 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:34:22.0007 0796 IPBusEnum - ok
11:34:22.0039 0796 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:34:22.0039 0796 IpFilterDriver - ok
11:34:22.0054 0796 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:34:22.0054 0796 IPMIDRV - ok
11:34:22.0070 0796 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:34:22.0070 0796 IPNAT - ok
11:34:22.0101 0796 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:34:22.0101 0796 IRENUM - ok
11:34:22.0101 0796 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
11:34:22.0101 0796 isapnp - ok
11:34:22.0132 0796 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:34:22.0132 0796 iScsiPrt - ok
11:34:22.0163 0796 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:34:22.0163 0796 kbdclass - ok
11:34:22.0195 0796 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:34:22.0195 0796 kbdhid - ok
11:34:22.0210 0796 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
11:34:22.0210 0796 KeyIso - ok
11:34:22.0226 0796 [ 16C1B906FC5EAD84769F90B736B6BF0E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:34:22.0241 0796 KSecDD - ok
11:34:22.0257 0796 [ 0B711550C56444879D71C7DAABDA6C83 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:34:22.0273 0796 KSecPkg - ok
11:34:22.0288 0796 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:34:22.0288 0796 ksthunk - ok
11:34:22.0335 0796 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:34:22.0335 0796 KtmRm - ok
11:34:22.0397 0796 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
11:34:22.0397 0796 LanmanServer - ok
11:34:22.0429 0796 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:34:22.0429 0796 LanmanWorkstation - ok
11:34:22.0663 0796 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
11:34:22.0725 0796 LeapFrog Connect Device Service - ok
11:34:22.0756 0796 [ 797289607A5EBF31353AA5EAD141F872 ] LeapFrog-USBLAN C:\Windows\system32\DRIVERS\btblan.sys
11:34:22.0756 0796 LeapFrog-USBLAN - ok
11:34:22.0834 0796 [ 2238B91AC1A12CC6CC4C4FED41258B2A ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
11:34:22.0834 0796 LightScribeService - ok
11:34:22.0865 0796 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:34:22.0865 0796 lltdio - ok
11:34:22.0912 0796 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:34:22.0912 0796 lltdsvc - ok
11:34:22.0928 0796 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:34:22.0943 0796 lmhosts - ok
11:34:22.0990 0796 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:34:22.0990 0796 LSI_FC - ok
11:34:23.0006 0796 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:34:23.0006 0796 LSI_SAS - ok
11:34:23.0021 0796 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:34:23.0021 0796 LSI_SAS2 - ok
11:34:23.0053 0796 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:34:23.0053 0796 LSI_SCSI - ok
11:34:23.0068 0796 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:34:23.0068 0796 luafv - ok
11:34:23.0115 0796 [ F6216C0549996D6CF3006F743C8A0618 ] LWWLicenseService C:\Program Files (x86)\Common Files\WoltersKluwerLWW Shared\Service\LWWLicenseService.exe
11:34:23.0115 0796 LWWLicenseService - ok
11:34:23.0162 0796 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:34:23.0177 0796 Mcx2Svc - ok
11:34:23.0209 0796 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
11:34:23.0209 0796 mdmxsdk - ok
11:34:23.0224 0796 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:34:23.0224 0796 megasas - ok
11:34:23.0240 0796 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:34:23.0240 0796 MegaSR - ok
11:34:23.0271 0796 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:34:23.0271 0796 MMCSS - ok
11:34:23.0302 0796 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:34:23.0302 0796 Modem - ok
11:34:23.0333 0796 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:34:23.0333 0796 monitor - ok
11:34:23.0365 0796 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:34:23.0365 0796 mouclass - ok
11:34:23.0396 0796 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:34:23.0396 0796 mouhid - ok
11:34:23.0411 0796 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:34:23.0411 0796 mountmgr - ok
11:34:23.0427 0796 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
11:34:23.0427 0796 mpio - ok
11:34:23.0443 0796 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:34:23.0443 0796 mpsdrv - ok
11:34:23.0458 0796 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:34:23.0458 0796 MRxDAV - ok
11:34:23.0505 0796 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:34:23.0505 0796 mrxsmb - ok
11:34:23.0552 0796 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:34:23.0552 0796 mrxsmb10 - ok
11:34:23.0552 0796 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:34:23.0567 0796 mrxsmb20 - ok
11:34:23.0583 0796 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
11:34:23.0583 0796 msahci - ok
11:34:23.0599 0796 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
11:34:23.0599 0796 msdsm - ok
11:34:23.0614 0796 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:34:23.0630 0796 MSDTC - ok
11:34:23.0645 0796 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:34:23.0645 0796 Msfs - ok
11:34:23.0677 0796 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:34:23.0677 0796 mshidkmdf - ok
11:34:23.0692 0796 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
11:34:23.0692 0796 msisadrv - ok
11:34:23.0723 0796 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:34:23.0723 0796 MSiSCSI - ok
11:34:23.0739 0796 msiserver - ok
11:34:23.0786 0796 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:34:23.0786 0796 MSKSSRV - ok
11:34:23.0786 0796 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:34:23.0786 0796 MSPCLOCK - ok
11:34:23.0801 0796 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:34:23.0801 0796 MSPQM - ok
11:34:23.0833 0796 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:34:23.0833 0796 MsRPC - ok
11:34:23.0864 0796 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:34:23.0864 0796 mssmbios - ok
11:34:23.0895 0796 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:34:23.0895 0796 MSTEE - ok
11:34:23.0911 0796 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:34:23.0911 0796 MTConfig - ok
11:34:23.0926 0796 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:34:23.0942 0796 Mup - ok
11:34:23.0973 0796 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
11:34:23.0989 0796 napagent - ok
11:34:24.0035 0796 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:34:24.0035 0796 NativeWifiP - ok
11:34:24.0082 0796 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
11:34:24.0082 0796 NDIS - ok
11:34:24.0113 0796 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:34:24.0113 0796 NdisCap - ok
11:34:24.0145 0796 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:34:24.0145 0796 NdisTapi - ok
11:34:24.0176 0796 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:34:24.0176 0796 Ndisuio - ok
11:34:24.0207 0796 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:34:24.0207 0796 NdisWan - ok
11:34:24.0223 0796 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:34:24.0223 0796 NDProxy - ok
11:34:24.0238 0796 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:34:24.0238 0796 NetBIOS - ok
11:34:24.0269 0796 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:34:24.0269 0796 NetBT - ok
11:34:24.0285 0796 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
11:34:24.0285 0796 Netlogon - ok
11:34:24.0332 0796 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:34:24.0332 0796 Netman - ok
11:34:24.0394 0796 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:34:24.0394 0796 netprofm - ok
11:34:24.0425 0796 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:34:24.0425 0796 NetTcpPortSharing - ok
11:34:24.0566 0796 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
11:34:24.0644 0796 netw5v64 - ok
11:34:24.0675 0796 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:34:24.0675 0796 nfrd960 - ok
11:34:24.0706 0796 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:34:24.0722 0796 NlaSvc - ok
11:34:24.0737 0796 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:34:24.0737 0796 Npfs - ok
11:34:24.0769 0796 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:34:24.0769 0796 nsi - ok
11:34:24.0784 0796 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:34:24.0784 0796 nsiproxy - ok
11:34:24.0847 0796 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:34:24.0862 0796 Ntfs - ok
11:34:24.0878 0796 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:34:24.0878 0796 Null - ok
11:34:24.0925 0796 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:34:24.0925 0796 nvraid - ok
11:34:24.0940 0796 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:34:24.0956 0796 nvstor - ok
11:34:24.0971 0796 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
11:34:24.0987 0796 nv_agp - ok
11:34:25.0081 0796 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:34:25.0081 0796 odserv - ok
11:34:25.0112 0796 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
11:34:25.0112 0796 ohci1394 - ok
11:34:25.0143 0796 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:34:25.0159 0796 ose - ok
11:34:25.0190 0796 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:34:25.0190 0796 p2pimsvc - ok
11:34:25.0221 0796 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:34:25.0237 0796 p2psvc - ok
11:34:25.0252 0796 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:34:25.0252 0796 Parport - ok
11:34:25.0283 0796 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:34:25.0283 0796 partmgr - ok
11:34:25.0299 0796 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:34:25.0299 0796 PcaSvc - ok
11:34:25.0330 0796 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
11:34:25.0330 0796 pci - ok
11:34:25.0346 0796 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
11:34:25.0346 0796 pciide - ok
11:34:25.0377 0796 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:34:25.0393 0796 pcmcia - ok
11:34:25.0455 0796 PCTSFileEnum - ok
11:34:25.0471 0796 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:34:25.0471 0796 pcw - ok
11:34:25.0502 0796 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:34:25.0517 0796 PEAUTH - ok
11:34:25.0549 0796 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:34:25.0549 0796 PerfHost - ok
11:34:25.0627 0796 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
11:34:25.0642 0796 pla - ok
11:34:25.0705 0796 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:34:25.0705 0796 PlugPlay - ok
11:34:25.0720 0796 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:34:25.0720 0796 PNRPAutoReg - ok
11:34:25.0751 0796 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:34:25.0751 0796 PNRPsvc - ok
11:34:25.0798 0796 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:34:25.0814 0796 PolicyAgent - ok
11:34:25.0845 0796 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:34:25.0845 0796 Power - ok
11:34:25.0876 0796 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:34:25.0876 0796 PptpMiniport - ok
11:34:25.0907 0796 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:34:25.0907 0796 Processor - ok
11:34:25.0939 0796 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
11:34:25.0939 0796 ProfSvc - ok
11:34:25.0954 0796 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:34:25.0970 0796 ProtectedStorage - ok
11:34:26.0001 0796 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:34:26.0001 0796 Psched - ok
11:34:26.0048 0796 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:34:26.0079 0796 ql2300 - ok
11:34:26.0095 0796 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:34:26.0095 0796 ql40xx - ok
11:34:26.0126 0796 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:34:26.0126 0796 QWAVE - ok
11:34:26.0141 0796 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:34:26.0157 0796 QWAVEdrv - ok
11:34:26.0157 0796 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:34:26.0157 0796 RasAcd - ok
11:34:26.0204 0796 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:34:26.0204 0796 RasAgileVpn - ok
11:34:26.0219 0796 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:34:26.0235 0796 RasAuto - ok
11:34:26.0266 0796 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:34:26.0266 0796 Rasl2tp - ok
11:34:26.0297 0796 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
11:34:26.0297 0796 RasMan - ok
11:34:26.0329 0796 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:34:26.0329 0796 RasPppoe - ok
11:34:26.0360 0796 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:34:26.0360 0796 RasSstp - ok
11:34:26.0375 0796 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:34:26.0391 0796 rdbss - ok
11:34:26.0407 0796 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:34:26.0407 0796 rdpbus - ok
11:34:26.0438 0796 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:34:26.0438 0796 RDPCDD - ok
11:34:26.0469 0796 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:34:26.0469 0796 RDPENCDD - ok
11:34:26.0485 0796 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:34:26.0485 0796 RDPREFMP - ok
11:34:26.0531 0796 [ 074AC702D8B8B660B0E1371555995386 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:34:26.0531 0796 RDPWD - ok
11:34:26.0547 0796 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:34:26.0563 0796 rdyboost - ok
11:34:26.0609 0796 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:34:26.0609 0796 RemoteAccess - ok
11:34:26.0641 0796 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:34:26.0641 0796 RemoteRegistry - ok
11:34:26.0719 0796 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
11:34:26.0719 0796 RichVideo - ok
11:34:26.0734 0796 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:34:26.0734 0796 RpcEptMapper - ok
11:34:26.0765 0796 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:34:26.0765 0796 RpcLocator - ok
11:34:26.0797 0796 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\System32\rpcss.dll
11:34:26.0797 0796 RpcSs - ok
11:34:26.0843 0796 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:34:26.0843 0796 rspndr - ok
11:34:26.0859 0796 [ 2DB8116D52B19216812C4E6D5D837810 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
11:34:26.0859 0796 RSUSBSTOR - ok
11:34:26.0921 0796 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:34:26.0921 0796 RTL8167 - ok
11:34:26.0937 0796 RtsUIR - ok
11:34:26.0953 0796 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
11:34:26.0953 0796 SamSs - ok
11:34:27.0015 0796 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Vdos\Paint\Anti-Spyware\SASDIFSV64.SYS
11:34:27.0015 0796 SASDIFSV - ok
11:34:27.0031 0796 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Vdos\Paint\Anti-Spyware\SASKUTIL64.SYS
11:34:27.0031 0796 SASKUTIL - ok
11:34:27.0062 0796 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
11:34:27.0062 0796 sbp2port - ok
11:34:27.0093 0796 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:34:27.0093 0796 SCardSvr - ok
11:34:27.0109 0796 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:34:27.0109 0796 scfilter - ok
11:34:27.0171 0796 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
11:34:27.0187 0796 Schedule - ok
11:34:27.0218 0796 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:34:27.0218 0796 SCPolicySvc - ok
11:34:27.0280 0796 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
11:34:27.0280 0796 sdbus - ok
11:34:27.0327 0796 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:34:27.0327 0796 SDRSVC - ok
11:34:27.0358 0796 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:34:27.0358 0796 secdrv - ok
11:34:27.0374 0796 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
11:34:27.0374 0796 seclogon - ok
11:34:27.0389 0796 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
11:34:27.0389 0796 SENS - ok
11:34:27.0405 0796 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:34:27.0421 0796 SensrSvc - ok
11:34:27.0436 0796 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:34:27.0436 0796 Serenum - ok
11:34:27.0452 0796 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:34:27.0467 0796 Serial - ok
11:34:27.0483 0796 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:34:27.0483 0796 sermouse - ok
11:34:27.0514 0796 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
11:34:27.0530 0796 SessionEnv - ok
11:34:27.0545 0796 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
11:34:27.0545 0796 sffdisk - ok
11:34:27.0577 0796 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:34:27.0577 0796 sffp_mmc - ok
11:34:27.0577 0796 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
11:34:27.0592 0796 sffp_sd - ok
11:34:27.0608 0796 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:34:27.0608 0796 sfloppy - ok
11:34:27.0639 0796 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:34:27.0655 0796 ShellHWDetection - ok
11:34:27.0670 0796 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:34:27.0670 0796 SiSRaid2 - ok
11:34:27.0686 0796 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:34:27.0686 0796 SiSRaid4 - ok
11:34:27.0717 0796 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:34:27.0733 0796 Smb - ok
11:34:27.0779 0796 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:34:27.0779 0796 SNMPTRAP - ok
11:34:27.0779 0796 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:34:27.0779 0796 spldr - ok
11:34:27.0826 0796 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
11:34:27.0842 0796 Spooler - ok
11:34:27.0935 0796 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
11:34:27.0982 0796 sppsvc - ok
11:34:28.0013 0796 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:34:28.0013 0796 sppuinotify - ok
11:34:28.0060 0796 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:34:28.0060 0796 srv - ok
11:34:28.0091 0796 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:34:28.0091 0796 srv2 - ok
11:34:28.0138 0796 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
11:34:28.0138 0796 SrvHsfHDA - ok
11:34:28.0185 0796 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
11:34:28.0216 0796 SrvHsfV92 - ok
11:34:28.0247 0796 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
11:34:28.0263 0796 SrvHsfWinac - ok
11:34:28.0294 0796 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:34:28.0294 0796 srvnet - ok
11:34:28.0341 0796 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
11:34:28.0341 0796 sscdbus - ok
11:34:28.0388 0796 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
11:34:28.0388 0796 sscdmdfl - ok
11:34:28.0403 0796 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
11:34:28.0403 0796 sscdmdm - ok
11:34:28.0450 0796 [ 05FFA552F578E27AB2D41B6828DB477F ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys
11:34:28.0450 0796 sscdserd - ok
11:34:28.0497 0796 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:34:28.0497 0796 SSDPSRV - ok
11:34:28.0513 0796 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:34:28.0513 0796 SstpSvc - ok
11:34:28.0544 0796 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:34:28.0544 0796 stexstor - ok
11:34:28.0591 0796 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
11:34:28.0591 0796 stisvc - ok
11:34:28.0622 0796 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:34:28.0622 0796 swenum - ok
11:34:28.0653 0796 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:34:28.0653 0796 swprv - ok
11:34:28.0715 0796 [ BCF305959B53B200CEB2AD25AD22F8A7 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:34:28.0715 0796 SynTP - ok
11:34:28.0778 0796 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
11:34:28.0809 0796 SysMain - ok
11:34:28.0825 0796 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:34:28.0825 0796 TabletInputService - ok
11:34:28.0856 0796 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
11:34:28.0856 0796 TapiSrv - ok
11:34:28.0871 0796 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:34:28.0871 0796 TBS - ok
11:34:28.0949 0796 [ F18F56EFC0BFB9C87BA01C37B27F4DA5 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:34:28.0981 0796 Tcpip - ok
11:34:29.0027 0796 [ F18F56EFC0BFB9C87BA01C37B27F4DA5 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:34:29.0043 0796 TCPIP6 - ok
11:34:29.0090 0796 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:34:29.0090 0796 tcpipreg - ok
11:34:29.0105 0796 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:34:29.0105 0796 TDPIPE - ok
11:34:29.0137 0796 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:34:29.0152 0796 TDTCP - ok
11:34:29.0168 0796 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:34:29.0168 0796 tdx - ok
11:34:29.0199 0796 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:34:29.0199 0796 TermDD - ok
11:34:29.0230 0796 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
11:34:29.0246 0796 TermService - ok
11:34:29.0293 0796 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:34:29.0293 0796 Themes - ok
11:34:29.0308 0796 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:34:29.0308 0796 THREADORDER - ok
11:34:29.0324 0796 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:34:29.0339 0796 TrkWks - ok
11:34:29.0371 0796 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:34:29.0371 0796 TrustedInstaller - ok
11:34:29.0402 0796 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:34:29.0402 0796 tssecsrv - ok
11:34:29.0433 0796 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:34:29.0433 0796 tunnel - ok
11:34:29.0449 0796 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:34:29.0449 0796 uagp35 - ok
11:34:29.0495 0796 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:34:29.0495 0796 udfs - ok
11:34:29.0542 0796 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:34:29.0542 0796 UI0Detect - ok
11:34:29.0589 0796 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
11:34:29.0589 0796 uliagpkx - ok
11:34:29.0620 0796 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:34:29.0620 0796 umbus - ok
11:34:29.0636 0796 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:34:29.0636 0796 UmPass - ok
11:34:29.0667 0796 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:34:29.0667 0796 upnphost - ok
11:34:29.0698 0796 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
11:34:29.0714 0796 usbccgp - ok
11:34:29.0714 0796 USBCCID - ok
11:34:29.0729 0796 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
11:34:29.0729 0796 usbcir - ok
11:34:29.0761 0796 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:34:29.0761 0796 usbehci - ok
11:34:29.0807 0796 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:34:29.0807 0796 usbhub - ok
11:34:29.0839 0796 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:34:29.0839 0796 usbohci - ok
11:34:29.0885 0796 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:34:29.0885 0796 usbprint - ok
11:34:29.0917 0796 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:34:29.0917 0796 usbscan - ok
11:34:29.0932 0796 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:34:29.0948 0796 USBSTOR - ok
11:34:29.0979 0796 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:34:29.0979 0796 usbuhci - ok
11:34:29.0995 0796 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:34:29.0995 0796 UxSms - ok
11:34:30.0026 0796 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
11:34:30.0026 0796 VaultSvc - ok
11:34:30.0057 0796 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
11:34:30.0057 0796 vdrvroot - ok
11:34:30.0088 0796 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
11:34:30.0104 0796 vds - ok
11:34:30.0119 0796 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:34:30.0119 0796 vga - ok
11:34:30.0151 0796 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:34:30.0151 0796 VgaSave - ok
11:34:30.0182 0796 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
11:34:30.0182 0796 vhdmp - ok
11:34:30.0197 0796 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
11:34:30.0197 0796 viaide - ok
11:34:30.0229 0796 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
11:34:30.0229 0796 volmgr - ok
11:34:30.0260 0796 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:34:30.0260 0796 volmgrx - ok
11:34:30.0291 0796 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
11:34:30.0291 0796 volsnap - ok
11:34:30.0307 0796 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:34:30.0307 0796 vsmraid - ok
11:34:30.0369 0796 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
11:34:30.0400 0796 VSS - ok
11:34:30.0416 0796 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:34:30.0416 0796 vwifibus - ok
11:34:30.0447 0796 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:34:30.0447 0796 vwififlt - ok
11:34:30.0494 0796 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:34:30.0494 0796 vwifimp - ok
11:34:30.0509 0796 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:34:30.0525 0796 W32Time - ok
11:34:30.0556 0796 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:34:30.0556 0796 WacomPen - ok
11:34:30.0603 0796 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:34:30.0603 0796 WANARP - ok
11:34:30.0603 0796 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:34:30.0603 0796 Wanarpv6 - ok
11:34:30.0697 0796 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:34:30.0712 0796 WatAdminSvc - ok
11:34:30.0775 0796 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
11:34:30.0790 0796 wbengine - ok
11:34:30.0821 0796 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:34:30.0821 0796 WbioSrvc - ok
11:34:30.0868 0796 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:34:30.0868 0796 wcncsvc - ok
11:34:30.0884 0796 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:34:30.0899 0796 WcsPlugInService - ok
11:34:30.0915 0796 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:34:30.0915 0796 Wd - ok
11:34:30.0962 0796 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:34:30.0977 0796 Wdf01000 - ok
11:34:31.0009 0796 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:34:31.0009 0796 WdiServiceHost - ok
11:34:31.0009 0796 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:34:31.0009 0796 WdiSystemHost - ok
11:34:31.0071 0796 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
11:34:31.0071 0796 WebClient - ok
11:34:31.0087 0796 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:34:31.0102 0796 Wecsvc - ok
11:34:31.0133 0796 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:34:31.0133 0796 wercplsupport - ok
11:34:31.0165 0796 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:34:31.0165 0796 WerSvc - ok
11:34:31.0196 0796 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:34:31.0196 0796 WfpLwf - ok
11:34:31.0211 0796 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:34:31.0211 0796 WIMMount - ok
11:34:31.0274 0796 [ A6EA7A3FC4B00F48535B506DB1E86EFD ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
11:34:31.0274 0796 winachsf - ok
11:34:31.0289 0796 WinHttpAutoProxySvc - ok
11:34:31.0352 0796 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:34:31.0352 0796 Winmgmt - ok
11:34:31.0430 0796 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
11:34:31.0461 0796 WinRM - ok
11:34:31.0523 0796 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:34:31.0539 0796 Wlansvc - ok
11:34:31.0570 0796 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:34:31.0570 0796 WmiAcpi - ok
11:34:31.0601 0796 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:34:31.0601 0796 wmiApSrv - ok
11:34:31.0633 0796 WMPNetworkSvc - ok
11:34:31.0664 0796 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:34:31.0664 0796 WPCSvc - ok
11:34:31.0679 0796 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:34:31.0695 0796 WPDBusEnum - ok
11:34:31.0711 0796 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:34:31.0711 0796 ws2ifsl - ok
11:34:31.0726 0796 WSearch - ok
11:34:31.0742 0796 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:34:31.0742 0796 WudfPf - ok
11:34:31.0789 0796 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:34:31.0789 0796 WUDFRd - ok
11:34:31.0820 0796 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:34:31.0820 0796 wudfsvc - ok
11:34:31.0867 0796 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:34:31.0913 0796 WwanSvc - ok
11:34:31.0945 0796 [ E8F3FA126A06F8E7088F63757112A186 ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys
11:34:31.0945 0796 XAudio - ok
11:34:31.0991 0796 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
11:34:32.0007 0796 yukonw7 - ok
11:34:32.0038 0796 ================ Scan global ===============================
11:34:32.0054 0796 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:34:32.0101 0796 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
11:34:32.0116 0796 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
11:34:32.0147 0796 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:34:32.0194 0796 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:34:32.0194 0796 [Global] - ok
11:34:32.0194 0796 ================ Scan MBR ==================================
11:34:32.0210 0796 [ 8E916F0AD6909ADACA6017CEF1D814EE ] \Device\Harddisk0\DR0
11:34:32.0444 0796 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:34:32.0444 0796 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:34:32.0444 0796 ================ Scan VBR ==================================
11:34:32.0459 0796 [ 63EB876D41D3DEA233DA2CF062A078CE ] \Device\Harddisk0\DR0\Partition1
11:34:32.0459 0796 \Device\Harddisk0\DR0\Partition1 - ok
11:34:32.0475 0796 [ 3DAD6F712AB71ECB33EE1A5DB9334F6F ] \Device\Harddisk0\DR0\Partition2
11:34:32.0475 0796 \Device\Harddisk0\DR0\Partition2 - ok
11:34:32.0506 0796 [ 987F0C907764CB9BECA855518FF38B1E ] \Device\Harddisk0\DR0\Partition3
11:34:32.0522 0796 \Device\Harddisk0\DR0\Partition3 - ok
11:34:32.0522 0796 ============================================================
11:34:32.0522 0796 Scan finished
11:34:32.0522 0796 ============================================================
11:34:32.0537 1712 Detected object count: 1
11:34:32.0537 1712 Actual detected object count: 1


aswMBR:

11:33:41.0073 2020 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:33:41.0432 2020 ============================================================
11:33:41.0432 2020 Current date / time: 2012/11/04 11:33:41.0432
11:33:41.0432 2020 SystemInfo:
11:33:41.0432 2020
11:33:41.0432 2020 OS Version: 6.1.7600 ServicePack: 0.0
11:33:41.0432 2020 Product type: Workstation
11:33:41.0432 2020 ComputerName: HOLLY-PC
11:33:41.0432 2020 UserName: Holly
11:33:41.0432 2020 Windows directory: C:\Windows
11:33:41.0432 2020 System windows directory: C:\Windows
11:33:41.0432 2020 Running under WOW64
11:33:41.0432 2020 Processor architecture: Intel x64
11:33:41.0432 2020 Number of processors: 1
11:33:41.0432 2020 Page size: 0x1000
11:33:41.0432 2020 Boot type: Safe boot with network
11:33:41.0432 2020 ============================================================
11:33:42.0570 2020 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0xEE72, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x7F, Type 'K0', Flags 0x00000040
11:33:42.0570 2020 ============================================================
11:33:42.0570 2020 \Device\Harddisk0\DR0:
11:33:42.0570 2020 MBR partitions:
11:33:42.0570 2020 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
11:33:42.0570 2020 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1B8BF800
11:33:42.0570 2020 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1B923800, BlocksNum 0x18A1800
11:33:42.0570 2020 ============================================================
11:33:42.0602 2020 C: <-> \Device\Harddisk0\DR0\Partition2
11:33:42.0648 2020 D: <-> \Device\Harddisk0\DR0\Partition3
11:33:42.0648 2020 ============================================================
11:33:42.0648 2020 Initialize success
11:33:42.0648 2020 ============================================================
11:34:14.0629 0796 ============================================================
11:34:14.0629 0796 Scan started
11:34:14.0629 0796 Mode: Manual; TDLFS;
11:34:14.0629 0796 ============================================================
11:34:15.0081 0796 ================ Scan system memory ========================
11:34:15.0081 0796 System memory - ok
11:34:15.0081 0796 ================ Scan services =============================
11:34:15.0362 0796 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Vdos\Paint\Anti-Spyware\SASCORE64.EXE
11:34:15.0377 0796 !SASCORE - ok
11:34:15.0502 0796 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
11:34:15.0502 0796 1394ohci - ok
11:34:15.0596 0796 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Vdos\Paint\Anti-Malware\EmsisoftEmergencyKit2\Run\a2ddax64.sys
11:34:15.0596 0796 A2DDA - ok
11:34:15.0643 0796 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
11:34:15.0643 0796 ACPI - ok
11:34:15.0674 0796 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
11:34:15.0674 0796 AcpiPmi - ok
11:34:15.0799 0796 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:34:15.0799 0796 AdobeFlashPlayerUpdateSvc - ok
11:34:15.0861 0796 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:34:15.0861 0796 adp94xx - ok
11:34:15.0908 0796 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:34:15.0908 0796 adpahci - ok
11:34:15.0939 0796 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:34:15.0939 0796 adpu320 - ok
11:34:15.0970 0796 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:34:15.0986 0796 AeLookupSvc - ok
11:34:16.0033 0796 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
11:34:16.0048 0796 AFD - ok
11:34:16.0079 0796 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
11:34:16.0079 0796 agp440 - ok
11:34:16.0095 0796 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:34:16.0095 0796 ALG - ok
11:34:16.0126 0796 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
11:34:16.0126 0796 aliide - ok
11:34:16.0142 0796 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
11:34:16.0142 0796 amdide - ok
11:34:16.0173 0796 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:34:16.0173 0796 AmdK8 - ok
11:34:16.0204 0796 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:34:16.0204 0796 AmdPPM - ok
11:34:16.0235 0796 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:34:16.0235 0796 amdsata - ok
11:34:16.0282 0796 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:34:16.0298 0796 amdsbs - ok
11:34:16.0313 0796 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:34:16.0313 0796 amdxata - ok
11:34:16.0345 0796 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
11:34:16.0360 0796 AppID - ok
11:34:16.0391 0796 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:34:16.0391 0796 AppIDSvc - ok
11:34:16.0423 0796 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
11:34:16.0423 0796 Appinfo - ok
11:34:16.0501 0796 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
11:34:16.0501 0796 arc - ok
11:34:16.0532 0796 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:34:16.0532 0796 arcsas - ok
11:34:16.0547 0796 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:34:16.0547 0796 AsyncMac - ok
11:34:16.0579 0796 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
11:34:16.0579 0796 atapi - ok
11:34:16.0641 0796 [ 38562A6A9CB10844759EAF2B01A7FCD3 ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:34:16.0657 0796 athr - ok
11:34:16.0703 0796 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:34:16.0719 0796 AudioEndpointBuilder - ok
11:34:16.0735 0796 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:34:16.0750 0796 AudioSrv - ok
11:34:16.0781 0796 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:34:16.0781 0796 AxInstSV - ok
11:34:16.0828 0796 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:34:16.0844 0796 b06bdrv - ok
11:34:16.0891 0796 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:34:16.0891 0796 b57nd60a - ok
11:34:16.0922 0796 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:34:16.0922 0796 BDESVC - ok
11:34:16.0953 0796 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:34:16.0953 0796 Beep - ok
11:34:17.0015 0796 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:34:17.0015 0796 blbdrive - ok
11:34:17.0047 0796 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:34:17.0062 0796 bowser - ok
11:34:17.0078 0796 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:34:17.0078 0796 BrFiltLo - ok
11:34:17.0093 0796 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:34:17.0093 0796 BrFiltUp - ok
11:34:17.0140 0796 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
11:34:17.0140 0796 BridgeMP - ok
11:34:17.0187 0796 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
11:34:17.0187 0796 Browser - ok
11:34:17.0218 0796 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:34:17.0234 0796 Brserid - ok
11:34:17.0249 0796 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:34:17.0265 0796 BrSerWdm - ok
11:34:17.0296 0796 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:34:17.0296 0796 BrUsbMdm - ok
11:34:17.0312 0796 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:34:17.0312 0796 BrUsbSer - ok
11:34:17.0359 0796 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:34:17.0359 0796 BTHMODEM - ok
11:34:17.0374 0796 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:34:17.0374 0796 bthserv - ok
11:34:17.0390 0796 catchme - ok
11:34:17.0437 0796 [ D1787E11C6A0078DDEAF8CF3EE2AB293 ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
11:34:17.0437 0796 CAXHWAZL - ok
11:34:17.0483 0796 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:34:17.0483 0796 cdfs - ok
11:34:17.0530 0796 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:34:17.0530 0796 cdrom - ok
11:34:17.0577 0796 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
11:34:17.0577 0796 CertPropSvc - ok
11:34:17.0608 0796 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:34:17.0608 0796 circlass - ok
11:34:17.0639 0796 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:34:17.0639 0796 CLFS - ok
11:34:17.0717 0796 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:34:17.0717 0796 clr_optimization_v2.0.50727_32 - ok
11:34:17.0764 0796 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:34:17.0780 0796 clr_optimization_v2.0.50727_64 - ok
11:34:17.0842 0796 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:34:17.0873 0796 clr_optimization_v4.0.30319_32 - ok
11:34:17.0920 0796 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:34:17.0936 0796 clr_optimization_v4.0.30319_64 - ok
11:34:17.0967 0796 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:34:17.0967 0796 CmBatt - ok
11:34:17.0967 0796 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
11:34:17.0967 0796 cmdide - ok
11:34:17.0998 0796 [ 937BEB186A735ACA91D717044A49D17E ] CNG C:\Windows\system32\Drivers\cng.sys
11:34:18.0014 0796 CNG - ok
11:34:18.0076 0796 [ 3CB10294F7A59FD22501F4BAD915F250 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
11:34:18.0092 0796 CnxtHdAudService - ok
11:34:18.0185 0796 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
11:34:18.0201 0796 Com4QLBEx - ok
11:34:18.0248 0796 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:34:18.0248 0796 Compbatt - ok
11:34:18.0295 0796 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:34:18.0295 0796 CompositeBus - ok
11:34:18.0310 0796 COMSysApp - ok
11:34:18.0326 0796 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:34:18.0326 0796 crcdisk - ok
11:34:18.0373 0796 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:34:18.0373 0796 CryptSvc - ok
11:34:18.0419 0796 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:34:18.0529 0796 DcomLaunch - ok
11:34:18.0560 0796 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:34:18.0560 0796 defragsvc - ok
11:34:18.0607 0796 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:34:18.0607 0796 DfsC - ok
11:34:18.0638 0796 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
11:34:18.0653 0796 Dhcp - ok
11:34:18.0685 0796 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:34:18.0685 0796 discache - ok
11:34:18.0731 0796 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:34:18.0731 0796 Disk - ok
11:34:18.0778 0796 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:34:18.0778 0796 Dnscache - ok
11:34:18.0809 0796 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
11:34:18.0809 0796 dot3svc - ok
11:34:18.0825 0796 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
11:34:18.0825 0796 DPS - ok
11:34:18.0856 0796 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:34:18.0856 0796 drmkaud - ok
11:34:18.0919 0796 [ D3D64CF7B2BCEAA34A270F45A3FFFB36 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:34:18.0934 0796 dtsoftbus01 - ok
11:34:18.0981 0796 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:34:18.0997 0796 DXGKrnl - ok
11:34:19.0043 0796 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:34:19.0043 0796 EapHost - ok
11:34:19.0121 0796 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:34:19.0184 0796 ebdrv - ok
11:34:19.0215 0796 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
11:34:19.0215 0796 EFS - ok
11:34:19.0293 0796 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:34:19.0293 0796 ehRecvr - ok
11:34:19.0324 0796 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:34:19.0324 0796 ehSched - ok
11:34:19.0355 0796 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:34:19.0371 0796 elxstor - ok
11:34:19.0402 0796 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
11:34:19.0402 0796 ErrDev - ok
11:34:19.0465 0796 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:34:19.0465 0796 EventSystem - ok
11:34:19.0496 0796 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:34:19.0511 0796 exfat - ok
11:34:19.0527 0796 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:34:19.0527 0796 fastfat - ok
11:34:19.0574 0796 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
11:34:19.0589 0796 Fax - ok
11:34:19.0605 0796 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:34:19.0605 0796 fdc - ok
11:34:19.0636 0796 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:34:19.0636 0796 fdPHost - ok
11:34:19.0652 0796 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:34:19.0667 0796 FDResPub - ok
11:34:19.0683 0796 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:34:19.0683 0796 FileInfo - ok
11:34:19.0699 0796 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:34:19.0699 0796 Filetrace - ok
11:34:19.0714 0796 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:34:19.0714 0796 flpydisk - ok
11:34:19.0745 0796 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:34:19.0745 0796 FltMgr - ok
11:34:19.0808 0796 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
11:34:19.0823 0796 FontCache - ok
11:34:19.0870 0796 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:34:19.0870 0796 FontCache3.0.0.0 - ok
11:34:19.0901 0796 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:34:19.0901 0796 FsDepends - ok
11:34:19.0933 0796 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:34:19.0933 0796 Fs_Rec - ok
11:34:19.0979 0796 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:34:19.0979 0796 fvevol - ok
11:34:19.0995 0796 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:34:19.0995 0796 gagp30kx - ok
11:34:20.0073 0796 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
11:34:20.0073 0796 GameConsoleService - ok
11:34:20.0120 0796 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
11:34:20.0120 0796 gpsvc - ok
11:34:20.0229 0796 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:34:20.0229 0796 gupdate - ok
11:34:20.0260 0796 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:34:20.0260 0796 gupdatem - ok
11:34:20.0338 0796 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:34:20.0354 0796 gusvc - ok
11:34:20.0369 0796 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:34:20.0369 0796 hcw85cir - ok
11:34:20.0416 0796 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:34:20.0416 0796 HdAudAddService - ok
11:34:20.0447 0796 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:34:20.0447 0796 HDAudBus - ok
11:34:20.0479 0796 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:34:20.0479 0796 HidBatt - ok
11:34:20.0494 0796 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:34:20.0510 0796 HidBth - ok
11:34:20.0525 0796 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:34:20.0525 0796 HidIr - ok
11:34:20.0557 0796 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
11:34:20.0557 0796 hidserv - ok
11:34:20.0588 0796 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:34:20.0588 0796 HidUsb - ok
11:34:20.0619 0796 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:34:20.0619 0796 hkmsvc - ok
11:34:20.0650 0796 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:34:20.0650 0796 HomeGroupListener - ok
11:34:20.0697 0796 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:34:20.0697 0796 HomeGroupProvider - ok
11:34:20.0744 0796 [ 00B239202F7756695C8CCDF8BAFA7D3D ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
11:34:20.0744 0796 HP Health Check Service - ok
11:34:20.0791 0796 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
11:34:20.0791 0796 HpqKbFiltr - ok
11:34:20.0822 0796 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
11:34:20.0822 0796 hpqwmiex - ok
11:34:20.0869 0796 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
11:34:20.0869 0796 HpSAMD - ok
11:34:20.0962 0796 [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
11:34:21.0025 0796 HsfXAudioService - ok
11:34:21.0071 0796 [ 26C5D00321937E49B6BC91029947D094 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
11:34:21.0103 0796 HSF_DPV - ok
11:34:21.0134 0796 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:34:21.0149 0796 HTTP - ok
11:34:21.0165 0796 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:34:21.0165 0796 hwpolicy - ok
11:34:21.0196 0796 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:34:21.0196 0796 i8042prt - ok
11:34:21.0259 0796 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:34:21.0259 0796 iaStorV - ok
11:34:21.0321 0796 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:34:21.0337 0796 idsvc - ok
11:34:21.0571 0796 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:34:21.0805 0796 igfx - ok
11:34:21.0836 0796 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:34:21.0836 0796 iirsp - ok
11:34:21.0898 0796 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
11:34:21.0914 0796 IKEEXT - ok
11:34:21.0929 0796 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
11:34:21.0929 0796 intelide - ok
11:34:21.0976 0796 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:34:21.0976 0796 intelppm - ok
11:34:21.0992 0796 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:34:22.0007 0796 IPBusEnum - ok
11:34:22.0039 0796 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:34:22.0039 0796 IpFilterDriver - ok
11:34:22.0054 0796 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:34:22.0054 0796 IPMIDRV - ok
11:34:22.0070 0796 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:34:22.0070 0796 IPNAT - ok
11:34:22.0101 0796 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:34:22.0101 0796 IRENUM - ok
11:34:22.0101 0796 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
11:34:22.0101 0796 isapnp - ok
11:34:22.0132 0796 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:34:22.0132 0796 iScsiPrt - ok
11:34:22.0163 0796 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:34:22.0163 0796 kbdclass - ok
11:34:22.0195 0796 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:34:22.0195 0796 kbdhid - ok
11:34:22.0210 0796 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
11:34:22.0210 0796 KeyIso - ok
11:34:22.0226 0796 [ 16C1B906FC5EAD84769F90B736B6BF0E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:34:22.0241 0796 KSecDD - ok
11:34:22.0257 0796 [ 0B711550C56444879D71C7DAABDA6C83 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:34:22.0273 0796 KSecPkg - ok
11:34:22.0288 0796 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:34:22.0288 0796 ksthunk - ok
11:34:22.0335 0796 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:34:22.0335 0796 KtmRm - ok
11:34:22.0397 0796 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
11:34:22.0397 0796 LanmanServer - ok
11:34:22.0429 0796 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:34:22.0429 0796 LanmanWorkstation - ok
11:34:22.0663 0796 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
11:34:22.0725 0796 LeapFrog Connect Device Service - ok
11:34:22.0756 0796 [ 797289607A5EBF31353AA5EAD141F872 ] LeapFrog-USBLAN C:\Windows\system32\DRIVERS\btblan.sys
11:34:22.0756 0796 LeapFrog-USBLAN - ok
11:34:22.0834 0796 [ 2238B91AC1A12CC6CC4C4FED41258B2A ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
11:34:22.0834 0796 LightScribeService - ok
11:34:22.0865 0796 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:34:22.0865 0796 lltdio - ok
11:34:22.0912 0796 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:34:22.0912 0796 lltdsvc - ok
11:34:22.0928 0796 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:34:22.0943 0796 lmhosts - ok
11:34:22.0990 0796 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:34:22.0990 0796 LSI_FC - ok
11:34:23.0006 0796 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:34:23.0006 0796 LSI_SAS - ok
11:34:23.0021 0796 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:34:23.0021 0796 LSI_SAS2 - ok
11:34:23.0053 0796 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:34:23.0053 0796 LSI_SCSI - ok
11:34:23.0068 0796 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:34:23.0068 0796 luafv - ok
11:34:23.0115 0796 [ F6216C0549996D6CF3006F743C8A0618 ] LWWLicenseService C:\Program Files (x86)\Common Files\WoltersKluwerLWW Shared\Service\LWWLicenseService.exe
11:34:23.0115 0796 LWWLicenseService - ok
11:34:23.0162 0796 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:34:23.0177 0796 Mcx2Svc - ok
11:34:23.0209 0796 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
11:34:23.0209 0796 mdmxsdk - ok
11:34:23.0224 0796 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:34:23.0224 0796 megasas - ok
11:34:23.0240 0796 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:34:23.0240 0796 MegaSR - ok
11:34:23.0271 0796 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:34:23.0271 0796 MMCSS - ok
11:34:23.0302 0796 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:34:23.0302 0796 Modem - ok
11:34:23.0333 0796 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:34:23.0333 0796 monitor - ok
11:34:23.0365 0796 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:34:23.0365 0796 mouclass - ok
11:34:23.0396 0796 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:34:23.0396 0796 mouhid - ok
11:34:23.0411 0796 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:34:23.0411 0796 mountmgr - ok
11:34:23.0427 0796 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
11:34:23.0427 0796 mpio - ok
11:34:23.0443 0796 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:34:23.0443 0796 mpsdrv - ok
11:34:23.0458 0796 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:34:23.0458 0796 MRxDAV - ok
11:34:23.0505 0796 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:34:23.0505 0796 mrxsmb - ok
11:34:23.0552 0796 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:34:23.0552 0796 mrxsmb10 - ok
11:34:23.0552 0796 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:34:23.0567 0796 mrxsmb20 - ok
11:34:23.0583 0796 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
11:34:23.0583 0796 msahci - ok
11:34:23.0599 0796 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
11:34:23.0599 0796 msdsm - ok
11:34:23.0614 0796 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:34:23.0630 0796 MSDTC - ok
11:34:23.0645 0796 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:34:23.0645 0796 Msfs - ok
11:34:23.0677 0796 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:34:23.0677 0796 mshidkmdf - ok
11:34:23.0692 0796 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
11:34:23.0692 0796 msisadrv - ok
11:34:23.0723 0796 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:34:23.0723 0796 MSiSCSI - ok
11:34:23.0739 0796 msiserver - ok
11:34:23.0786 0796 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:34:23.0786 0796 MSKSSRV - ok
11:34:23.0786 0796 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:34:23.0786 0796 MSPCLOCK - ok
11:34:23.0801 0796 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:34:23.0801 0796 MSPQM - ok
11:34:23.0833 0796 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:34:23.0833 0796 MsRPC - ok
11:34:23.0864 0796 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:34:23.0864 0796 mssmbios - ok
11:34:23.0895 0796 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:34:23.0895 0796 MSTEE - ok
11:34:23.0911 0796 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:34:23.0911 0796 MTConfig - ok
11:34:23.0926 0796 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:34:23.0942 0796 Mup - ok
11:34:23.0973 0796 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
11:34:23.0989 0796 napagent - ok
11:34:24.0035 0796 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:34:24.0035 0796 NativeWifiP - ok
11:34:24.0082 0796 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
11:34:24.0082 0796 NDIS - ok
11:34:24.0113 0796 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:34:24.0113 0796 NdisCap - ok
11:34:24.0145 0796 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:34:24.0145 0796 NdisTapi - ok
11:34:24.0176 0796 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:34:24.0176 0796 Ndisuio - ok
11:34:24.0207 0796 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:34:24.0207 0796 NdisWan - ok
11:34:24.0223 0796 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:34:24.0223 0796 NDProxy - ok
11:34:24.0238 0796 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:34:24.0238 0796 NetBIOS - ok
11:34:24.0269 0796 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:34:24.0269 0796 NetBT - ok
11:34:24.0285 0796 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
11:34:24.0285 0796 Netlogon - ok
11:34:24.0332 0796 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:34:24.0332 0796 Netman - ok
11:34:24.0394 0796 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:34:24.0394 0796 netprofm - ok
11:34:24.0425 0796 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:34:24.0425 0796 NetTcpPortSharing - ok
11:34:24.0566 0796 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
11:34:24.0644 0796 netw5v64 - ok
11:34:24.0675 0796 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:34:24.0675 0796 nfrd960 - ok
11:34:24.0706 0796 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:34:24.0722 0796 NlaSvc - ok
11:34:24.0737 0796 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:34:24.0737 0796 Npfs - ok
11:34:24.0769 0796 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:34:24.0769 0796 nsi - ok
11:34:24.0784 0796 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:34:24.0784 0796 nsiproxy - ok
11:34:24.0847 0796 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:34:24.0862 0796 Ntfs - ok
11:34:24.0878 0796 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:34:24.0878 0796 Null - ok
11:34:24.0925 0796 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:34:24.0925 0796 nvraid - ok
11:34:24.0940 0796 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:34:24.0956 0796 nvstor - ok
11:34:24.0971 0796 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
11:34:24.0987 0796 nv_agp - ok
11:34:25.0081 0796 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:34:25.0081 0796 odserv - ok
11:34:25.0112 0796 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
11:34:25.0112 0796 ohci1394 - ok
11:34:25.0143 0796 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:34:25.0159 0796 ose - ok
11:34:25.0190 0796 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:34:25.0190 0796 p2pimsvc - ok
11:34:25.0221 0796 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:34:25.0237 0796 p2psvc - ok
11:34:25.0252 0796 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:34:25.0252 0796 Parport - ok
11:34:25.0283 0796 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:34:25.0283 0796 partmgr - ok
11:34:25.0299 0796 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:34:25.0299 0796 PcaSvc - ok
11:34:25.0330 0796 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
11:34:25.0330 0796 pci - ok
11:34:25.0346 0796 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
11:34:25.0346 0796 pciide - ok
11:34:25.0377 0796 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:34:25.0393 0796 pcmcia - ok
11:34:25.0455 0796 PCTSFileEnum - ok
11:34:25.0471 0796 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:34:25.0471 0796 pcw - ok
11:34:25.0502 0796 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:34:25.0517 0796 PEAUTH - ok
11:34:25.0549 0796 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:34:25.0549 0796 PerfHost - ok
11:34:25.0627 0796 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
11:34:25.0642 0796 pla - ok
11:34:25.0705 0796 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:34:25.0705 0796 PlugPlay - ok
11:34:25.0720 0796 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:34:25.0720 0796 PNRPAutoReg - ok
11:34:25.0751 0796 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:34:25.0751 0796 PNRPsvc - ok
11:34:25.0798 0796 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:34:25.0814 0796 PolicyAgent - ok
11:34:25.0845 0796 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:34:25.0845 0796 Power - ok
11:34:25.0876 0796 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:34:25.0876 0796 PptpMiniport - ok
11:34:25.0907 0796 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:34:25.0907 0796 Processor - ok
11:34:25.0939 0796 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
11:34:25.0939 0796 ProfSvc - ok
11:34:25.0954 0796 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:34:25.0970 0796 ProtectedStorage - ok
11:34:26.0001 0796 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:34:26.0001 0796 Psched - ok
11:34:26.0048 0796 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:34:26.0079 0796 ql2300 - ok
11:34:26.0095 0796 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:34:26.0095 0796 ql40xx - ok
11:34:26.0126 0796 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:34:26.0126 0796 QWAVE - ok
11:34:26.0141 0796 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:34:26.0157 0796 QWAVEdrv - ok
11:34:26.0157 0796 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:34:26.0157 0796 RasAcd - ok
11:34:26.0204 0796 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:34:26.0204 0796 RasAgileVpn - ok
11:34:26.0219 0796 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:34:26.0235 0796 RasAuto - ok
11:34:26.0266 0796 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:34:26.0266 0796 Rasl2tp - ok
11:34:26.0297 0796 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
11:34:26.0297 0796 RasMan - ok
11:34:26.0329 0796 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:34:26.0329 0796 RasPppoe - ok
11:34:26.0360 0796 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:34:26.0360 0796 RasSstp - ok
11:34:26.0375 0796 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:34:26.0391 0796 rdbss - ok
11:34:26.0407 0796 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:34:26.0407 0796 rdpbus - ok
11:34:26.0438 0796 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:34:26.0438 0796 RDPCDD - ok
11:34:26.0469 0796 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:34:26.0469 0796 RDPENCDD - ok
11:34:26.0485 0796 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:34:26.0485 0796 RDPREFMP - ok
11:34:26.0531 0796 [ 074AC702D8B8B660B0E1371555995386 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:34:26.0531 0796 RDPWD - ok
11:34:26.0547 0796 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:34:26.0563 0796 rdyboost - ok
11:34:26.0609 0796 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:34:26.0609 0796 RemoteAccess - ok
11:34:26.0641 0796 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:34:26.0641 0796 RemoteRegistry - ok
11:34:26.0719 0796 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
11:34:26.0719 0796 RichVideo - ok
11:34:26.0734 0796 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:34:26.0734 0796 RpcEptMapper - ok
11:34:26.0765 0796 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:34:26.0765 0796 RpcLocator - ok
11:34:26.0797 0796 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\System32\rpcss.dll
11:34:26.0797 0796 RpcSs - ok
11:34:26.0843 0796 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:34:26.0843 0796 rspndr - ok
11:34:26.0859 0796 [ 2DB8116D52B19216812C4E6D5D837810 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
11:34:26.0859 0796 RSUSBSTOR - ok
11:34:26.0921 0796 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:34:26.0921 0796 RTL8167 - ok
11:34:26.0937 0796 RtsUIR - ok
11:34:26.0953 0796 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
11:34:26.0953 0796 SamSs - ok
11:34:27.0015 0796 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Vdos\Paint\Anti-Spyware\SASDIFSV64.SYS
11:34:27.0015 0796 SASDIFSV - ok
11:34:27.0031 0796 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Vdos\Paint\Anti-Spyware\SASKUTIL64.SYS
11:34:27.0031 0796 SASKUTIL - ok
11:34:27.0062 0796 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
11:34:27.0062 0796 sbp2port - ok
11:34:27.0093 0796 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:34:27.0093 0796 SCardSvr - ok
11:34:27.0109 0796 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:34:27.0109 0796 scfilter - ok
11:34:27.0171 0796 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
11:34:27.0187 0796 Schedule - ok
11:34:27.0218 0796 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:34:27.0218 0796 SCPolicySvc - ok
11:34:27.0280 0796 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
11:34:27.0280 0796 sdbus - ok
11:34:27.0327 0796 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:34:27.0327 0796 SDRSVC - ok
11:34:27.0358 0796 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:34:27.0358 0796 secdrv - ok
11:34:27.0374 0796 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
11:34:27.0374 0796 seclogon - ok
11:34:27.0389 0796 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
11:34:27.0389 0796 SENS - ok
11:34:27.0405 0796 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:34:27.0421 0796 SensrSvc - ok
11:34:27.0436 0796 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:34:27.0436 0796 Serenum - ok
11:34:27.0452 0796 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:34:27.0467 0796 Serial - ok
11:34:27.0483 0796 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:34:27.0483 0796 sermouse - ok
11:34:27.0514 0796 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
11:34:27.0530 0796 SessionEnv - ok
11:34:27.0545 0796 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
11:34:27.0545 0796 sffdisk - ok
11:34:27.0577 0796 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:34:27.0577 0796 sffp_mmc - ok
11:34:27.0577 0796 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
11:34:27.0592 0796 sffp_sd - ok
11:34:27.0608 0796 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:34:27.0608 0796 sfloppy - ok
11:34:27.0639 0796 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:34:27.0655 0796 ShellHWDetection - ok
11:34:27.0670 0796 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:34:27.0670 0796 SiSRaid2 - ok
11:34:27.0686 0796 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:34:27.0686 0796 SiSRaid4 - ok
11:34:27.0717 0796 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:34:27.0733 0796 Smb - ok
11:34:27.0779 0796 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:34:27.0779 0796 SNMPTRAP - ok
11:34:27.0779 0796 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:34:27.0779 0796 spldr - ok
11:34:27.0826 0796 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
11:34:27.0842 0796 Spooler - ok
11:34:27.0935 0796 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
11:34:27.0982 0796 sppsvc - ok
11:34:28.0013 0796 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:34:28.0013 0796 sppuinotify - ok
11:34:28.0060 0796 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:34:28.0060 0796 srv - ok
11:34:28.0091 0796 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:34:28.0091 0796 srv2 - ok
11:34:28.0138 0796 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
11:34:28.0138 0796 SrvHsfHDA - ok
11:34:28.0185 0796 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
11:34:28.0216 0796 SrvHsfV92 - ok
11:34:28.0247 0796 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
11:34:28.0263 0796 SrvHsfWinac - ok
11:34:28.0294 0796 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:34:28.0294 0796 srvnet - ok
11:34:28.0341 0796 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
11:34:28.0341 0796 sscdbus - ok
11:34:28.0388 0796 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
11:34:28.0388 0796 sscdmdfl - ok
11:34:28.0403 0796 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
11:34:28.0403 0796 sscdmdm - ok
11:34:28.0450 0796 [ 05FFA552F578E27AB2D41B6828DB477F ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys
11:34:28.0450 0796 sscdserd - ok
11:34:28.0497 0796 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:34:28.0497 0796 SSDPSRV - ok
11:34:28.0513 0796 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:34:28.0513 0796 SstpSvc - ok
11:34:28.0544 0796 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:34:28.0544 0796 stexstor - ok
11:34:28.0591 0796 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
11:34:28.0591 0796 stisvc - ok
11:34:28.0622 0796 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:34:28.0622 0796 swenum - ok
11:34:28.0653 0796 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:34:28.0653 0796 swprv - ok
11:34:28.0715 0796 [ BCF305959B53B200CEB2AD25AD22F8A7 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:34:28.0715 0796 SynTP - ok
11:34:28.0778 0796 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
11:34:28.0809 0796 SysMain - ok
11:34:28.0825 0796 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:34:28.0825 0796 TabletInputService - ok
11:34:28.0856 0796 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
11:34:28.0856 0796 TapiSrv - ok
11:34:28.0871 0796 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:34:28.0871 0796 TBS - ok
11:34:28.0949 0796 [ F18F56EFC0BFB9C87BA01C37B27F4DA5 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:34:28.0981 0796 Tcpip - ok
11:34:29.0027 0796 [ F18F56EFC0BFB9C87BA01C37B27F4DA5 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:34:29.0043 0796 TCPIP6 - ok
11:34:29.0090 0796 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:34:29.0090 0796 tcpipreg - ok
11:34:29.0105 0796 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:34:29.0105 0796 TDPIPE - ok
11:34:29.0137 0796 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:34:29.0152 0796 TDTCP - ok
11:34:29.0168 0796 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:34:29.0168 0796 tdx - ok
11:34:29.0199 0796 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:34:29.0199 0796 TermDD - ok
11:34:29.0230 0796 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
11:34:29.0246 0796 TermService - ok
11:34:29.0293 0796 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:34:29.0293 0796 Themes - ok
11:34:29.0308 0796 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:34:29.0308 0796 THREADORDER - ok
11:34:29.0324 0796 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:34:29.0339 0796 TrkWks - ok
11:34:29.0371 0796 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:34:29.0371 0796 TrustedInstaller - ok
11:34:29.0402 0796 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:34:29.0402 0796 tssecsrv - ok
11:34:29.0433 0796 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:34:29.0433 0796 tunnel - ok
11:34:29.0449 0796 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:34:29.0449 0796 uagp35 - ok
11:34:29.0495 0796 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:34:29.0495 0796 udfs - ok
11:34:29.0542 0796 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:34:29.0542 0796 UI0Detect - ok
11:34:29.0589 0796 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
11:34:29.0589 0796 uliagpkx - ok
11:34:29.0620 0796 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:34:29.0620 0796 umbus - ok
11:34:29.0636 0796 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:34:29.0636 0796 UmPass - ok
11:34:29.0667 0796 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:34:29.0667 0796 upnphost - ok
11:34:29.0698 0796 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
11:34:29.0714 0796 usbccgp - ok
11:34:29.0714 0796 USBCCID - ok
11:34:29.0729 0796 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
11:34:29.0729 0796 usbcir - ok
11:34:29.0761 0796 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:34:29.0761 0796 usbehci - ok
11:34:29.0807 0796 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:34:29.0807 0796 usbhub - ok
11:34:29.0839 0796 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:34:29.0839 0796 usbohci - ok
11:34:29.0885 0796 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:34:29.0885 0796 usbprint - ok
11:34:29.0917 0796 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:34:29.0917 0796 usbscan - ok
11:34:29.0932 0796 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:34:29.0948 0796 USBSTOR - ok
11:34:29.0979 0796 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:34:29.0979 0796 usbuhci - ok
11:34:29.0995 0796 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:34:29.0995 0796 UxSms - ok
11:34:30.0026 0796 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
11:34:30.0026 0796 VaultSvc - ok
11:34:30.0057 0796 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
11:34:30.0057 0796 vdrvroot - ok
11:34:30.0088 0796 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
11:34:30.0104 0796 vds - ok
11:34:30.0119 0796 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:34:30.0119 0796 vga - ok
11:34:30.0151 0796 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:34:30.0151 0796 VgaSave - ok
11:34:30.0182 0796 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
11:34:30.0182 0796 vhdmp - ok
11:34:30.0197 0796 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
11:34:30.0197 0796 viaide - ok
11:34:30.0229 0796 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
11:34:30.0229 0796 volmgr - ok
11:34:30.0260 0796 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:34:30.0260 0796 volmgrx - ok
11:34:30.0291 0796 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
11:34:30.0291 0796 volsnap - ok
11:34:30.0307 0796 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:34:30.0307 0796 vsmraid - ok
11:34:30.0369 0796 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
11:34:30.0400 0796 VSS - ok
11:34:30.0416 0796 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:34:30.0416 0796 vwifibus - ok
11:34:30.0447 0796 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:34:30.0447 0796 vwififlt - ok
11:34:30.0494 0796 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:34:30.0494 0796 vwifimp - ok
11:34:30.0509 0796 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:34:30.0525 0796 W32Time - ok
11:34:30.0556 0796 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:34:30.0556 0796 WacomPen - ok
11:34:30.0603 0796 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:34:30.0603 0796 WANARP - ok
11:34:30.0603 0796 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:34:30.0603 0796 Wanarpv6 - ok
11:34:30.0697 0796 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:34:30.0712 0796 WatAdminSvc - ok
11:34:30.0775 0796 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
11:34:30.0790 0796 wbengine - ok
11:34:30.0821 0796 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:34:30.0821 0796 WbioSrvc - ok
11:34:30.0868 0796 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:34:30.0868 0796 wcncsvc - ok
11:34:30.0884 0796 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:34:30.0899 0796 WcsPlugInService - ok
11:34:30.0915 0796 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:34:30.0915 0796 Wd - ok
11:34:30.0962 0796 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:34:30.0977 0796 Wdf01000 - ok
11:34:31.0009 0796 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:34:31.0009 0796 WdiServiceHost - ok
11:34:31.0009 0796 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:34:31.0009 0796 WdiSystemHost - ok
11:34:31.0071 0796 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
11:34:31.0071 0796 WebClient - ok
11:34:31.0087 0796 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:34:31.0102 0796 Wecsvc - ok
11:34:31.0133 0796 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:34:31.0133 0796 wercplsupport - ok
11:34:31.0165 0796 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:34:31.0165 0796 WerSvc - ok
11:34:31.0196 0796 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:34:31.0196 0796 WfpLwf - ok
11:34:31.0211 0796 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:34:31.0211 0796 WIMMount - ok
11:34:31.0274 0796 [ A6EA7A3FC4B00F48535B506DB1E86EFD ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
11:34:31.0274 0796 winachsf - ok
11:34:31.0289 0796 WinHttpAutoProxySvc - ok
11:34:31.0352 0796 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:34:31.0352 0796 Winmgmt - ok
11:34:31.0430 0796 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
11:34:31.0461 0796 WinRM - ok
11:34:31.0523 0796 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:34:31.0539 0796 Wlansvc - ok
11:34:31.0570 0796 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:34:31.0570 0796 WmiAcpi - ok
11:34:31.0601 0796 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:34:31.0601 0796 wmiApSrv - ok
11:34:31.0633 0796 WMPNetworkSvc - ok
11:34:31.0664 0796 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:34:31.0664 0796 WPCSvc - ok
11:34:31.0679 0796 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:34:31.0695 0796 WPDBusEnum - ok
11:34:31.0711 0796 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:34:31.0711 0796 ws2ifsl - ok
11:34:31.0726 0796 WSearch - ok
11:34:31.0742 0796 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:34:31.0742 0796 WudfPf - ok
11:34:31.0789 0796 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:34:31.0789 0796 WUDFRd - ok
11:34:31.0820 0796 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:34:31.0820 0796 wudfsvc - ok
11:34:31.0867 0796 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:34:31.0913 0796 WwanSvc - ok
11:34:31.0945 0796 [ E8F3FA126A06F8E7088F63757112A186 ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys
11:34:31.0945 0796 XAudio - ok
11:34:31.0991 0796 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
11:34:32.0007 0796 yukonw7 - ok
11:34:32.0038 0796 ================ Scan global ===============================
11:34:32.0054 0796 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:34:32.0101 0796 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
11:34:32.0116 0796 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
11:34:32.0147 0796 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:34:32.0194 0796 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:34:32.0194 0796 [Global] - ok
11:34:32.0194 0796 ================ Scan MBR ==================================
11:34:32.0210 0796 [ 8E916F0AD6909ADACA6017CEF1D814EE ] \Device\Harddisk0\DR0
11:34:32.0444 0796 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:34:32.0444 0796 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:34:32.0444 0796 ================ Scan VBR ==================================
11:34:32.0459 0796 [ 63EB876D41D3DEA233DA2CF062A078CE ] \Device\Harddisk0\DR0\Partition1
11:34:32.0459 0796 \Device\Harddisk0\DR0\Partition1 - ok
11:34:32.0475 0796 [ 3DAD6F712AB71ECB33EE1A5DB9334F6F ] \Device\Harddisk0\DR0\Partition2
11:34:32.0475 0796 \Device\Harddisk0\DR0\Partition2 - ok
11:34:32.0506 0796 [ 987F0C907764CB9BECA855518FF38B1E ] \Device\Harddisk0\DR0\Partition3
11:34:32.0522 0796 \Device\Harddisk0\DR0\Partition3 - ok
11:34:32.0522 0796 ============================================================
11:34:32.0522 0796 Scan finished
11:34:32.0522 0796 ============================================================
11:34:32.0537 1712 Detected object count: 1
11:34:32.0537 1712 Actual detected object count: 1


eset:

C:\Users\Holly\nsgjpqgxqwkaddwhheklu.exe a variant of Win32/Injector.YOM trojan cleaned by deleting - quarantined
C:\Users\Holly\zhcqftuhmiztrpjxmauxbxay.exe Win32/LockScreen.AKU trojan cleaned by deleting - quarantined
C:\Users\Holly\AppData\Local\Temp\1jfuweif.exe Win32/LockScreen.ANK trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:34 AM

Posted 04 November 2012 - 01:26 PM

Launch TDSSkiller and select DELETE

11:34:32.0444 0796 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

ASWMBR log?

#5 ddarkstar1

ddarkstar1
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 04 November 2012 - 02:31 PM

aswMBR is posted above.

I will repost anyway.

aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-04 11:35:18
-----------------------------
11:35:18.214 OS Version: Windows x64 6.1.7600
11:35:18.214 Number of processors: 1 586 0x170A
11:35:18.214 ComputerName: HOLLY-PC UserName: Holly
11:35:19.072 Initialize success
11:36:10.518 AVAST engine defs: 12110400
11:37:35.445 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:37:35.445 Disk 0 Vendor: Hitachi_HTS723225L9A360 FCDOC60D Size: 238475MB BusType: 11
11:37:35.461 Disk 0 MBR read successfully
11:37:35.461 Disk 0 MBR scan
11:37:35.476 Disk 0 unknown MBR code
11:37:35.476 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
11:37:35.507 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 225663 MB offset 409600
11:37:35.554 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12611 MB offset 462567424
11:37:35.585 Disk 0 scanning C:\Windows\system32\drivers
11:37:44.945 Service scanning
11:38:07.144 Modules scanning
11:38:07.144 Disk 0 trace - called modules:
11:38:07.160 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
11:38:07.160 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80026af0f0]
11:38:07.160 3 CLASSPNP.SYS[fffff8800108b43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80021e8060]
11:38:08.923 AVAST engine scan C:\Windows
11:38:10.951 AVAST engine scan C:\Windows\system32
11:38:14.336 File: C:\Windows\system32\avcgbfl.dll **INFECTED** Win64:ZAccess-E [Rtk]
11:38:18.719 File: C:\Windows\system32\consrv.dll **INFECTED** Win32:Sirefef-HO [Rtk]
11:40:40.196 AVAST engine scan C:\Windows\system32\drivers
11:40:52.208 AVAST engine scan C:\Users\Holly
11:41:27.371 File: C:\Users\Holly\AppData\Local\Temp\1jfuweif.exe **INFECTED** Win32:Rootkit-gen [Rtk]
11:46:29.874 AVAST engine scan C:\ProgramData
11:48:23.414 Scan finished successfully
11:50:48.280 Disk 0 MBR has been saved successfully to "C:\Users\Holly\Desktop\Fix\MBR.dat"
11:50:48.326 The log file has been saved successfully to "C:\Users\Holly\Desktop\Fix\aswMBR.txt"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:34 AM

Posted 04 November 2012 - 02:40 PM

Run TDSSkiller again and post the new log


Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#7 ddarkstar1

ddarkstar1
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 04 November 2012 - 03:26 PM

This may take awhile...

#8 ddarkstar1

ddarkstar1
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 05 November 2012 - 08:24 AM

TDSSKiller:

15:19:09.0874 3512 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:19:10.0295 3512 ============================================================
15:19:10.0295 3512 Current date / time: 2012/11/04 15:19:10.0295
15:19:10.0295 3512 SystemInfo:
15:19:10.0295 3512
15:19:10.0295 3512 OS Version: 6.1.7600 ServicePack: 0.0
15:19:10.0295 3512 Product type: Workstation
15:19:10.0295 3512 ComputerName: HOLLY-PC
15:19:10.0295 3512 UserName: Holly
15:19:10.0295 3512 Windows directory: C:\Windows
15:19:10.0295 3512 System windows directory: C:\Windows
15:19:10.0295 3512 Running under WOW64
15:19:10.0295 3512 Processor architecture: Intel x64
15:19:10.0295 3512 Number of processors: 1
15:19:10.0295 3512 Page size: 0x1000
15:19:10.0295 3512 Boot type: Normal boot
15:19:10.0295 3512 ============================================================
15:19:11.0200 3512 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0xEE72, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x7F, Type 'K0', Flags 0x00000040
15:19:11.0200 3512 ============================================================
15:19:11.0200 3512 \Device\Harddisk0\DR0:
15:19:11.0200 3512 MBR partitions:
15:19:11.0200 3512 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
15:19:11.0200 3512 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1B8BF800
15:19:11.0200 3512 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1B923800, BlocksNum 0x18A1800
15:19:11.0200 3512 ============================================================
15:19:11.0231 3512 C: <-> \Device\Harddisk0\DR0\Partition2
15:19:11.0262 3512 D: <-> \Device\Harddisk0\DR0\Partition3
15:19:11.0262 3512 ============================================================
15:19:11.0262 3512 Initialize success
15:19:11.0262 3512 ============================================================
15:19:18.0079 2892 ============================================================
15:19:18.0079 2892 Scan started
15:19:18.0079 2892 Mode: Manual; TDLFS;
15:19:18.0079 2892 ============================================================
15:19:20.0295 2892 ================ Scan system memory ========================
15:19:20.0295 2892 System memory - ok
15:19:20.0295 2892 ================ Scan services =============================
15:19:20.0544 2892 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Vdos\Paint\Anti-Spyware\SASCORE64.EXE
15:19:20.0544 2892 !SASCORE - ok
15:19:20.0700 2892 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:19:20.0700 2892 1394ohci - ok
15:19:20.0794 2892 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Vdos\Paint\Anti-Malware\EmsisoftEmergencyKit2\Run\a2ddax64.sys
15:19:20.0794 2892 A2DDA - ok
15:19:20.0825 2892 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
15:19:20.0841 2892 ACPI - ok
15:19:20.0856 2892 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
15:19:20.0856 2892 AcpiPmi - ok
15:19:20.0981 2892 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:19:20.0997 2892 AdobeFlashPlayerUpdateSvc - ok
15:19:21.0043 2892 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:19:21.0043 2892 adp94xx - ok
15:19:21.0090 2892 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:19:21.0090 2892 adpahci - ok
15:19:21.0121 2892 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:19:21.0121 2892 adpu320 - ok
15:19:21.0137 2892 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:19:21.0153 2892 AeLookupSvc - ok
15:19:21.0199 2892 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
15:19:21.0215 2892 AFD - ok
15:19:21.0246 2892 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
15:19:21.0246 2892 agp440 - ok
15:19:21.0262 2892 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:19:21.0262 2892 ALG - ok
15:19:21.0277 2892 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
15:19:21.0277 2892 aliide - ok
15:19:21.0293 2892 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
15:19:21.0309 2892 amdide - ok
15:19:21.0340 2892 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:19:21.0340 2892 AmdK8 - ok
15:19:21.0355 2892 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:19:21.0355 2892 AmdPPM - ok
15:19:21.0402 2892 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:19:21.0402 2892 amdsata - ok
15:19:21.0433 2892 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:19:21.0433 2892 amdsbs - ok
15:19:21.0449 2892 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:19:21.0449 2892 amdxata - ok
15:19:21.0480 2892 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
15:19:21.0480 2892 AppID - ok
15:19:21.0511 2892 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:19:21.0511 2892 AppIDSvc - ok
15:19:21.0543 2892 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
15:19:21.0543 2892 Appinfo - ok
15:19:21.0589 2892 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:19:21.0589 2892 arc - ok
15:19:21.0605 2892 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:19:21.0605 2892 arcsas - ok
15:19:21.0621 2892 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:19:21.0621 2892 AsyncMac - ok
15:19:21.0636 2892 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
15:19:21.0636 2892 atapi - ok
15:19:21.0683 2892 [ 38562A6A9CB10844759EAF2B01A7FCD3 ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:19:21.0714 2892 athr - ok
15:19:21.0745 2892 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:19:21.0761 2892 AudioEndpointBuilder - ok
15:19:21.0777 2892 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:19:21.0777 2892 AudioSrv - ok
15:19:21.0823 2892 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:19:21.0823 2892 AxInstSV - ok
15:19:21.0870 2892 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:19:21.0886 2892 b06bdrv - ok
15:19:21.0933 2892 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:19:21.0933 2892 b57nd60a - ok
15:19:21.0964 2892 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:19:21.0979 2892 BDESVC - ok
15:19:21.0995 2892 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:19:21.0995 2892 Beep - ok
15:19:22.0042 2892 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:19:22.0057 2892 blbdrive - ok
15:19:22.0104 2892 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:19:22.0104 2892 bowser - ok
15:19:22.0135 2892 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:19:22.0135 2892 BrFiltLo - ok
15:19:22.0151 2892 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:19:22.0151 2892 BrFiltUp - ok
15:19:22.0198 2892 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:19:22.0198 2892 BridgeMP - ok
15:19:22.0229 2892 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
15:19:22.0245 2892 Browser - ok
15:19:22.0276 2892 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:19:22.0276 2892 Brserid - ok
15:19:22.0323 2892 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:19:22.0323 2892 BrSerWdm - ok
15:19:22.0338 2892 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:19:22.0338 2892 BrUsbMdm - ok
15:19:22.0369 2892 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:19:22.0369 2892 BrUsbSer - ok
15:19:22.0401 2892 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:19:22.0401 2892 BTHMODEM - ok
15:19:22.0432 2892 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:19:22.0432 2892 bthserv - ok
15:19:22.0447 2892 catchme - ok
15:19:22.0494 2892 [ D1787E11C6A0078DDEAF8CF3EE2AB293 ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
15:19:22.0494 2892 CAXHWAZL - ok
15:19:22.0541 2892 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:19:22.0541 2892 cdfs - ok
15:19:22.0588 2892 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:19:22.0588 2892 cdrom - ok
15:19:22.0635 2892 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
15:19:22.0635 2892 CertPropSvc - ok
15:19:22.0666 2892 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:19:22.0666 2892 circlass - ok
15:19:22.0697 2892 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:19:22.0697 2892 CLFS - ok
15:19:22.0775 2892 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:19:22.0775 2892 clr_optimization_v2.0.50727_32 - ok
15:19:22.0822 2892 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:19:22.0822 2892 clr_optimization_v2.0.50727_64 - ok
15:19:22.0900 2892 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:19:22.0931 2892 clr_optimization_v4.0.30319_32 - ok
15:19:22.0962 2892 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:19:22.0962 2892 clr_optimization_v4.0.30319_64 - ok
15:19:22.0978 2892 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:19:22.0978 2892 CmBatt - ok
15:19:22.0993 2892 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
15:19:22.0993 2892 cmdide - ok
15:19:23.0025 2892 [ 937BEB186A735ACA91D717044A49D17E ] CNG C:\Windows\system32\Drivers\cng.sys
15:19:23.0040 2892 CNG - ok
15:19:23.0118 2892 [ 3CB10294F7A59FD22501F4BAD915F250 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
15:19:23.0118 2892 CnxtHdAudService - ok
15:19:23.0227 2892 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
15:19:23.0227 2892 Com4QLBEx - ok
15:19:23.0243 2892 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:19:23.0259 2892 Compbatt - ok
15:19:23.0290 2892 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:19:23.0290 2892 CompositeBus - ok
15:19:23.0321 2892 COMSysApp - ok
15:19:23.0337 2892 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:19:23.0337 2892 crcdisk - ok
15:19:23.0399 2892 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:19:23.0399 2892 CryptSvc - ok
15:19:23.0446 2892 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:19:23.0524 2892 DcomLaunch - ok
15:19:23.0571 2892 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:19:23.0571 2892 defragsvc - ok
15:19:23.0602 2892 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:19:23.0617 2892 DfsC - ok
15:19:23.0664 2892 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
15:19:23.0664 2892 Dhcp - ok
15:19:23.0695 2892 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:19:23.0695 2892 discache - ok
15:19:23.0742 2892 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:19:23.0742 2892 Disk - ok
15:19:23.0805 2892 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:19:23.0805 2892 Dnscache - ok
15:19:23.0836 2892 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
15:19:23.0836 2892 dot3svc - ok
15:19:23.0867 2892 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
15:19:23.0867 2892 DPS - ok
15:19:23.0898 2892 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:19:23.0898 2892 drmkaud - ok
15:19:23.0961 2892 [ D3D64CF7B2BCEAA34A270F45A3FFFB36 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:19:23.0976 2892 dtsoftbus01 - ok
15:19:24.0039 2892 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:19:24.0070 2892 DXGKrnl - ok
15:19:24.0101 2892 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:19:24.0101 2892 EapHost - ok
15:19:24.0226 2892 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:19:24.0273 2892 ebdrv - ok
15:19:24.0304 2892 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
15:19:24.0304 2892 EFS - ok
15:19:24.0382 2892 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:19:24.0382 2892 ehRecvr - ok
15:19:24.0429 2892 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:19:24.0429 2892 ehSched - ok
15:19:24.0460 2892 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:19:24.0475 2892 elxstor - ok
15:19:24.0507 2892 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
15:19:24.0507 2892 ErrDev - ok
15:19:24.0553 2892 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:19:24.0569 2892 EventSystem - ok
15:19:24.0600 2892 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:19:24.0600 2892 exfat - ok
15:19:24.0616 2892 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:19:24.0616 2892 fastfat - ok
15:19:24.0663 2892 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
15:19:24.0678 2892 Fax - ok
15:19:24.0709 2892 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:19:24.0709 2892 fdc - ok
15:19:24.0741 2892 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:19:24.0741 2892 fdPHost - ok
15:19:24.0756 2892 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:19:24.0756 2892 FDResPub - ok
15:19:24.0772 2892 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:19:24.0787 2892 FileInfo - ok
15:19:24.0803 2892 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:19:24.0803 2892 Filetrace - ok
15:19:24.0819 2892 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:19:24.0834 2892 flpydisk - ok
15:19:24.0850 2892 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:19:24.0865 2892 FltMgr - ok
15:19:24.0928 2892 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
15:19:24.0943 2892 FontCache - ok
15:19:24.0990 2892 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:19:24.0990 2892 FontCache3.0.0.0 - ok
15:19:25.0021 2892 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:19:25.0021 2892 FsDepends - ok
15:19:25.0053 2892 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:19:25.0053 2892 Fs_Rec - ok
15:19:25.0084 2892 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:19:25.0099 2892 fvevol - ok
15:19:25.0131 2892 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:19:25.0131 2892 gagp30kx - ok
15:19:25.0193 2892 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
15:19:25.0193 2892 GameConsoleService - ok
15:19:25.0255 2892 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
15:19:25.0271 2892 gpsvc - ok
15:19:25.0365 2892 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:19:25.0365 2892 gupdate - ok
15:19:25.0396 2892 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:19:25.0411 2892 gupdatem - ok
15:19:25.0474 2892 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:19:25.0489 2892 gusvc - ok
15:19:25.0536 2892 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:19:25.0567 2892 hcw85cir - ok
15:19:25.0661 2892 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:19:25.0661 2892 HdAudAddService - ok
15:19:25.0692 2892 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:19:25.0692 2892 HDAudBus - ok
15:19:25.0723 2892 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:19:25.0723 2892 HidBatt - ok
15:19:25.0739 2892 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:19:25.0739 2892 HidBth - ok
15:19:25.0770 2892 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:19:25.0770 2892 HidIr - ok
15:19:25.0801 2892 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
15:19:25.0801 2892 hidserv - ok
15:19:25.0833 2892 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:19:25.0833 2892 HidUsb - ok
15:19:25.0864 2892 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:19:25.0864 2892 hkmsvc - ok
15:19:25.0879 2892 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:19:25.0879 2892 HomeGroupListener - ok
15:19:25.0926 2892 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:19:25.0926 2892 HomeGroupProvider - ok
15:19:25.0989 2892 [ 00B239202F7756695C8CCDF8BAFA7D3D ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
15:19:25.0989 2892 HP Health Check Service - ok
15:19:26.0051 2892 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
15:19:26.0051 2892 HpqKbFiltr - ok
15:19:26.0098 2892 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
15:19:26.0098 2892 hpqwmiex - ok
15:19:26.0145 2892 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
15:19:26.0145 2892 HpSAMD - ok
15:19:26.0238 2892 [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
15:19:26.0238 2892 HsfXAudioService - ok
15:19:26.0285 2892 [ 26C5D00321937E49B6BC91029947D094 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
15:19:26.0316 2892 HSF_DPV - ok
15:19:26.0347 2892 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:19:26.0363 2892 HTTP - ok
15:19:26.0379 2892 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:19:26.0379 2892 hwpolicy - ok
15:19:26.0410 2892 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:19:26.0410 2892 i8042prt - ok
15:19:26.0472 2892 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:19:26.0472 2892 iaStorV - ok
15:19:26.0519 2892 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:19:26.0535 2892 idsvc - ok
15:19:26.0800 2892 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:19:26.0940 2892 igfx - ok
15:19:26.0956 2892 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:19:26.0956 2892 iirsp - ok
15:19:27.0018 2892 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
15:19:27.0034 2892 IKEEXT - ok
15:19:27.0050 2892 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
15:19:27.0050 2892 intelide - ok
15:19:27.0096 2892 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:19:27.0096 2892 intelppm - ok
15:19:27.0112 2892 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:19:27.0128 2892 IPBusEnum - ok
15:19:27.0174 2892 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:19:27.0174 2892 IpFilterDriver - ok
15:19:27.0190 2892 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:19:27.0190 2892 IPMIDRV - ok
15:19:27.0206 2892 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:19:27.0206 2892 IPNAT - ok
15:19:27.0237 2892 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:19:27.0237 2892 IRENUM - ok
15:19:27.0252 2892 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
15:19:27.0252 2892 isapnp - ok
15:19:27.0284 2892 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:19:27.0299 2892 iScsiPrt - ok
15:19:27.0315 2892 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:19:27.0330 2892 kbdclass - ok
15:19:27.0346 2892 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:19:27.0346 2892 kbdhid - ok
15:19:27.0362 2892 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
15:19:27.0362 2892 KeyIso - ok
15:19:27.0377 2892 [ 16C1B906FC5EAD84769F90B736B6BF0E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:19:27.0393 2892 KSecDD - ok
15:19:27.0424 2892 [ 0B711550C56444879D71C7DAABDA6C83 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:19:27.0424 2892 KSecPkg - ok
15:19:27.0440 2892 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:19:27.0440 2892 ksthunk - ok
15:19:27.0486 2892 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:19:27.0502 2892 KtmRm - ok
15:19:27.0564 2892 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:19:27.0564 2892 LanmanServer - ok
15:19:27.0596 2892 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:19:27.0596 2892 LanmanWorkstation - ok
15:19:27.0814 2892 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
15:19:27.0892 2892 LeapFrog Connect Device Service - ok
15:19:27.0923 2892 [ 797289607A5EBF31353AA5EAD141F872 ] LeapFrog-USBLAN C:\Windows\system32\DRIVERS\btblan.sys
15:19:27.0923 2892 LeapFrog-USBLAN - ok
15:19:27.0986 2892 [ 2238B91AC1A12CC6CC4C4FED41258B2A ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:19:27.0986 2892 LightScribeService - ok
15:19:28.0032 2892 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:19:28.0032 2892 lltdio - ok
15:19:28.0079 2892 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:19:28.0079 2892 lltdsvc - ok
15:19:28.0110 2892 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:19:28.0110 2892 lmhosts - ok
15:19:28.0173 2892 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:19:28.0173 2892 LSI_FC - ok
15:19:28.0220 2892 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:19:28.0220 2892 LSI_SAS - ok
15:19:28.0266 2892 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:19:28.0266 2892 LSI_SAS2 - ok
15:19:28.0329 2892 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:19:28.0329 2892 LSI_SCSI - ok
15:19:28.0360 2892 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:19:28.0360 2892 luafv - ok
15:19:28.0407 2892 [ F6216C0549996D6CF3006F743C8A0618 ] LWWLicenseService C:\Program Files (x86)\Common Files\WoltersKluwerLWW Shared\Service\LWWLicenseService.exe
15:19:28.0407 2892 LWWLicenseService - ok
15:19:28.0454 2892 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:19:28.0469 2892 Mcx2Svc - ok
15:19:28.0500 2892 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
15:19:28.0500 2892 mdmxsdk - ok
15:19:28.0547 2892 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:19:28.0547 2892 megasas - ok
15:19:28.0578 2892 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:19:28.0594 2892 MegaSR - ok
15:19:28.0610 2892 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:19:28.0610 2892 MMCSS - ok
15:19:28.0641 2892 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:19:28.0641 2892 Modem - ok
15:19:28.0672 2892 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:19:28.0672 2892 monitor - ok
15:19:28.0734 2892 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:19:28.0734 2892 mouclass - ok
15:19:28.0781 2892 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:19:28.0781 2892 mouhid - ok
15:19:28.0797 2892 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:19:28.0812 2892 mountmgr - ok
15:19:28.0812 2892 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
15:19:28.0828 2892 mpio - ok
15:19:28.0844 2892 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:19:28.0844 2892 mpsdrv - ok
15:19:28.0859 2892 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:19:28.0859 2892 MRxDAV - ok
15:19:28.0906 2892 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:19:28.0922 2892 mrxsmb - ok
15:19:28.0953 2892 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:19:28.0953 2892 mrxsmb10 - ok
15:19:28.0968 2892 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:19:28.0968 2892 mrxsmb20 - ok
15:19:29.0000 2892 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
15:19:29.0000 2892 msahci - ok
15:19:29.0015 2892 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
15:19:29.0015 2892 msdsm - ok
15:19:29.0046 2892 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:19:29.0046 2892 MSDTC - ok
15:19:29.0078 2892 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:19:29.0078 2892 Msfs - ok
15:19:29.0109 2892 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:19:29.0109 2892 mshidkmdf - ok
15:19:29.0124 2892 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
15:19:29.0124 2892 msisadrv - ok
15:19:29.0171 2892 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:19:29.0171 2892 MSiSCSI - ok
15:19:29.0187 2892 msiserver - ok
15:19:29.0234 2892 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:19:29.0234 2892 MSKSSRV - ok
15:19:29.0249 2892 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:19:29.0249 2892 MSPCLOCK - ok
15:19:29.0265 2892 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:19:29.0265 2892 MSPQM - ok
15:19:29.0296 2892 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:19:29.0296 2892 MsRPC - ok
15:19:29.0343 2892 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:19:29.0343 2892 mssmbios - ok
15:19:29.0358 2892 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:19:29.0358 2892 MSTEE - ok
15:19:29.0390 2892 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:19:29.0390 2892 MTConfig - ok
15:19:29.0405 2892 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:19:29.0405 2892 Mup - ok
15:19:29.0452 2892 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
15:19:29.0468 2892 napagent - ok
15:19:29.0499 2892 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:19:29.0499 2892 NativeWifiP - ok
15:19:29.0546 2892 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
15:19:29.0577 2892 NDIS - ok
15:19:29.0592 2892 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:19:29.0608 2892 NdisCap - ok
15:19:29.0624 2892 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:19:29.0624 2892 NdisTapi - ok
15:19:29.0655 2892 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:19:29.0655 2892 Ndisuio - ok
15:19:29.0670 2892 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:19:29.0686 2892 NdisWan - ok
15:19:29.0702 2892 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:19:29.0702 2892 NDProxy - ok
15:19:29.0733 2892 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:19:29.0733 2892 NetBIOS - ok
15:19:29.0764 2892 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:19:29.0764 2892 NetBT - ok
15:19:29.0795 2892 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
15:19:29.0795 2892 Netlogon - ok
15:19:29.0842 2892 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:19:29.0842 2892 Netman - ok
15:19:29.0889 2892 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:19:29.0904 2892 netprofm - ok
15:19:29.0936 2892 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:19:29.0936 2892 NetTcpPortSharing - ok
15:19:30.0092 2892 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
15:19:30.0170 2892 netw5v64 - ok
15:19:30.0185 2892 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:19:30.0185 2892 nfrd960 - ok
15:19:30.0232 2892 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:19:30.0232 2892 NlaSvc - ok
15:19:30.0263 2892 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:19:30.0263 2892 Npfs - ok
15:19:30.0294 2892 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:19:30.0294 2892 nsi - ok
15:19:30.0310 2892 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:19:30.0310 2892 nsiproxy - ok
15:19:30.0388 2892 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:19:30.0419 2892 Ntfs - ok
15:19:30.0450 2892 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:19:30.0450 2892 Null - ok
15:19:30.0482 2892 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:19:30.0497 2892 nvraid - ok
15:19:30.0528 2892 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:19:30.0528 2892 nvstor - ok
15:19:30.0560 2892 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
15:19:30.0560 2892 nv_agp - ok
15:19:30.0638 2892 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:19:30.0653 2892 odserv - ok
15:19:30.0669 2892 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:19:30.0684 2892 ohci1394 - ok
15:19:30.0716 2892 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:19:30.0716 2892 ose - ok
15:19:30.0747 2892 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:19:30.0747 2892 p2pimsvc - ok
15:19:30.0778 2892 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:19:30.0794 2892 p2psvc - ok
15:19:30.0809 2892 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:19:30.0825 2892 Parport - ok
15:19:30.0840 2892 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:19:30.0840 2892 partmgr - ok
15:19:30.0872 2892 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:19:30.0872 2892 PcaSvc - ok
15:19:30.0903 2892 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
15:19:30.0903 2892 pci - ok
15:19:30.0918 2892 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
15:19:30.0918 2892 pciide - ok
15:19:30.0965 2892 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:19:30.0965 2892 pcmcia - ok
15:19:31.0028 2892 PCTSFileEnum - ok
15:19:31.0043 2892 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:19:31.0043 2892 pcw - ok
15:19:31.0074 2892 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:19:31.0074 2892 PEAUTH - ok
15:19:31.0121 2892 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:19:31.0121 2892 PerfHost - ok
15:19:31.0199 2892 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
15:19:31.0215 2892 pla - ok
15:19:31.0277 2892 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:19:31.0277 2892 PlugPlay - ok
15:19:31.0308 2892 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:19:31.0308 2892 PNRPAutoReg - ok
15:19:31.0340 2892 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:19:31.0340 2892 PNRPsvc - ok
15:19:31.0386 2892 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:19:31.0402 2892 PolicyAgent - ok
15:19:31.0433 2892 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:19:31.0449 2892 Power - ok
15:19:31.0480 2892 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:19:31.0480 2892 PptpMiniport - ok
15:19:31.0511 2892 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:19:31.0511 2892 Processor - ok
15:19:31.0542 2892 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
15:19:31.0558 2892 ProfSvc - ok
15:19:31.0574 2892 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:19:31.0574 2892 ProtectedStorage - ok
15:19:31.0605 2892 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:19:31.0605 2892 Psched - ok
15:19:31.0652 2892 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:19:31.0683 2892 ql2300 - ok
15:19:31.0714 2892 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:19:31.0714 2892 ql40xx - ok
15:19:31.0745 2892 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:19:31.0745 2892 QWAVE - ok
15:19:31.0776 2892 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:19:31.0776 2892 QWAVEdrv - ok
15:19:31.0808 2892 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:19:31.0808 2892 RasAcd - ok
15:19:31.0854 2892 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:19:31.0854 2892 RasAgileVpn - ok
15:19:31.0886 2892 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:19:31.0886 2892 RasAuto - ok
15:19:31.0932 2892 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:19:31.0932 2892 Rasl2tp - ok
15:19:31.0964 2892 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
15:19:31.0979 2892 RasMan - ok
15:19:32.0010 2892 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:19:32.0010 2892 RasPppoe - ok
15:19:32.0057 2892 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:19:32.0057 2892 RasSstp - ok
15:19:32.0104 2892 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:19:32.0120 2892 rdbss - ok
15:19:32.0166 2892 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:19:32.0166 2892 rdpbus - ok
15:19:32.0198 2892 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:19:32.0198 2892 RDPCDD - ok
15:19:32.0276 2892 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:19:32.0276 2892 RDPENCDD - ok
15:19:32.0307 2892 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:19:32.0307 2892 RDPREFMP - ok
15:19:32.0338 2892 [ 074AC702D8B8B660B0E1371555995386 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:19:32.0338 2892 RDPWD - ok
15:19:32.0369 2892 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:19:32.0369 2892 rdyboost - ok
15:19:32.0416 2892 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:19:32.0416 2892 RemoteAccess - ok
15:19:32.0447 2892 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:19:32.0447 2892 RemoteRegistry - ok
15:19:32.0541 2892 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
15:19:32.0541 2892 RichVideo - ok
15:19:32.0572 2892 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:19:32.0572 2892 RpcEptMapper - ok
15:19:32.0588 2892 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:19:32.0588 2892 RpcLocator - ok
15:19:32.0634 2892 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\System32\rpcss.dll
15:19:32.0634 2892 RpcSs - ok
15:19:32.0666 2892 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:19:32.0681 2892 rspndr - ok
15:19:32.0712 2892 [ 2DB8116D52B19216812C4E6D5D837810 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
15:19:32.0712 2892 RSUSBSTOR - ok
15:19:32.0759 2892 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:19:32.0759 2892 RTL8167 - ok
15:19:32.0790 2892 RtsUIR - ok
15:19:32.0806 2892 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
15:19:32.0806 2892 SamSs - ok
15:19:32.0853 2892 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Vdos\Paint\Anti-Spyware\SASDIFSV64.SYS
15:19:32.0853 2892 SASDIFSV - ok
15:19:32.0884 2892 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Vdos\Paint\Anti-Spyware\SASKUTIL64.SYS
15:19:32.0884 2892 SASKUTIL - ok
15:19:32.0915 2892 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
15:19:32.0931 2892 sbp2port - ok
15:19:32.0962 2892 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:19:32.0962 2892 SCardSvr - ok
15:19:32.0978 2892 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:19:32.0978 2892 scfilter - ok
15:19:33.0024 2892 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
15:19:33.0040 2892 Schedule - ok
15:19:33.0071 2892 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:19:33.0071 2892 SCPolicySvc - ok
15:19:33.0118 2892 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
15:19:33.0118 2892 sdbus - ok
15:19:33.0180 2892 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:19:33.0180 2892 SDRSVC - ok
15:19:33.0212 2892 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:19:33.0212 2892 secdrv - ok
15:19:33.0227 2892 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
15:19:33.0227 2892 seclogon - ok
15:19:33.0258 2892 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
15:19:33.0258 2892 SENS - ok
15:19:33.0274 2892 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:19:33.0290 2892 SensrSvc - ok
15:19:33.0305 2892 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:19:33.0305 2892 Serenum - ok
15:19:33.0321 2892 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:19:33.0336 2892 Serial - ok
15:19:33.0352 2892 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:19:33.0352 2892 sermouse - ok
15:19:33.0414 2892 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
15:19:33.0414 2892 SessionEnv - ok
15:19:33.0430 2892 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
15:19:33.0430 2892 sffdisk - ok
15:19:33.0461 2892 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:19:33.0461 2892 sffp_mmc - ok
15:19:33.0477 2892 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
15:19:33.0477 2892 sffp_sd - ok
15:19:33.0492 2892 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:19:33.0492 2892 sfloppy - ok
15:19:33.0539 2892 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:19:33.0539 2892 ShellHWDetection - ok
15:19:33.0555 2892 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:19:33.0555 2892 SiSRaid2 - ok
15:19:33.0586 2892 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:19:33.0586 2892 SiSRaid4 - ok
15:19:33.0617 2892 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:19:33.0617 2892 Smb - ok
15:19:33.0664 2892 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:19:33.0664 2892 SNMPTRAP - ok
15:19:33.0680 2892 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:19:33.0695 2892 spldr - ok
15:19:33.0726 2892 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
15:19:33.0742 2892 Spooler - ok
15:19:33.0836 2892 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
15:19:33.0898 2892 sppsvc - ok
15:19:33.0914 2892 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:19:33.0914 2892 sppuinotify - ok
15:19:33.0960 2892 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:19:33.0976 2892 srv - ok
15:19:34.0007 2892 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:19:34.0007 2892 srv2 - ok
15:19:34.0054 2892 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:19:34.0070 2892 SrvHsfHDA - ok
15:19:34.0116 2892 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:19:34.0148 2892 SrvHsfV92 - ok
15:19:34.0179 2892 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:19:34.0194 2892 SrvHsfWinac - ok
15:19:34.0319 2892 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:19:34.0382 2892 srvnet - ok
15:19:34.0553 2892 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
15:19:34.0553 2892 sscdbus - ok
15:19:34.0600 2892 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
15:19:34.0600 2892 sscdmdfl - ok
15:19:34.0616 2892 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
15:19:34.0616 2892 sscdmdm - ok
15:19:34.0662 2892 [ 05FFA552F578E27AB2D41B6828DB477F ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys
15:19:34.0662 2892 sscdserd - ok
15:19:34.0709 2892 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:19:34.0725 2892 SSDPSRV - ok
15:19:34.0740 2892 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:19:34.0740 2892 SstpSvc - ok
15:19:34.0756 2892 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:19:34.0756 2892 stexstor - ok
15:19:34.0803 2892 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
15:19:34.0818 2892 stisvc - ok
15:19:34.0834 2892 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:19:34.0834 2892 swenum - ok
15:19:34.0865 2892 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:19:34.0881 2892 swprv - ok
15:19:34.0928 2892 [ BCF305959B53B200CEB2AD25AD22F8A7 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:19:34.0943 2892 SynTP - ok
15:19:35.0006 2892 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
15:19:35.0037 2892 SysMain - ok
15:19:35.0052 2892 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:19:35.0068 2892 TabletInputService - ok
15:19:35.0084 2892 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
15:19:35.0099 2892 TapiSrv - ok
15:19:35.0115 2892 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:19:35.0115 2892 TBS - ok
15:19:35.0193 2892 [ F18F56EFC0BFB9C87BA01C37B27F4DA5 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:19:35.0224 2892 Tcpip - ok
15:19:35.0271 2892 [ F18F56EFC0BFB9C87BA01C37B27F4DA5 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:19:35.0286 2892 TCPIP6 - ok
15:19:35.0333 2892 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:19:35.0333 2892 tcpipreg - ok
15:19:35.0364 2892 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:19:35.0364 2892 TDPIPE - ok
15:19:35.0411 2892 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:19:35.0411 2892 TDTCP - ok
15:19:35.0427 2892 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:19:35.0427 2892 tdx - ok
15:19:35.0458 2892 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:19:35.0458 2892 TermDD - ok
15:19:35.0505 2892 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
15:19:35.0520 2892 TermService - ok
15:19:35.0552 2892 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:19:35.0552 2892 Themes - ok
15:19:35.0583 2892 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:19:35.0583 2892 THREADORDER - ok
15:19:35.0614 2892 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:19:35.0614 2892 TrkWks - ok
15:19:35.0661 2892 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:19:35.0661 2892 TrustedInstaller - ok
15:19:35.0692 2892 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:19:35.0692 2892 tssecsrv - ok
15:19:35.0723 2892 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:19:35.0739 2892 tunnel - ok
15:19:35.0754 2892 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:19:35.0754 2892 uagp35 - ok
15:19:35.0786 2892 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:19:35.0786 2892 udfs - ok
15:19:35.0817 2892 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:19:35.0832 2892 UI0Detect - ok
15:19:35.0848 2892 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
15:19:35.0864 2892 uliagpkx - ok
15:19:35.0879 2892 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:19:35.0879 2892 umbus - ok
15:19:35.0910 2892 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:19:35.0910 2892 UmPass - ok
15:19:35.0942 2892 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:19:35.0957 2892 upnphost - ok
15:19:35.0988 2892 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
15:19:35.0988 2892 usbccgp - ok
15:19:36.0004 2892 USBCCID - ok
15:19:36.0035 2892 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
15:19:36.0035 2892 usbcir - ok
15:19:36.0051 2892 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:19:36.0066 2892 usbehci - ok
15:19:36.0098 2892 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:19:36.0098 2892 usbhub - ok
15:19:36.0129 2892 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:19:36.0129 2892 usbohci - ok
15:19:36.0176 2892 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:19:36.0176 2892 usbprint - ok
15:19:36.0207 2892 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:19:36.0207 2892 usbscan - ok
15:19:36.0238 2892 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:19:36.0238 2892 USBSTOR - ok
15:19:36.0285 2892 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:19:36.0285 2892 usbuhci - ok
15:19:36.0285 2892 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:19:36.0300 2892 UxSms - ok
15:19:36.0316 2892 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
15:19:36.0316 2892 VaultSvc - ok
15:19:36.0347 2892 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
15:19:36.0347 2892 vdrvroot - ok
15:19:36.0378 2892 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
15:19:36.0394 2892 vds - ok
15:19:36.0425 2892 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:19:36.0425 2892 vga - ok
15:19:36.0441 2892 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:19:36.0441 2892 VgaSave - ok
15:19:36.0472 2892 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
15:19:36.0488 2892 vhdmp - ok
15:19:36.0503 2892 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
15:19:36.0503 2892 viaide - ok
15:19:36.0534 2892 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
15:19:36.0534 2892 volmgr - ok
15:19:36.0566 2892 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:19:36.0566 2892 volmgrx - ok
15:19:36.0597 2892 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
15:19:36.0597 2892 volsnap - ok
15:19:36.0612 2892 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:19:36.0628 2892 vsmraid - ok
15:19:36.0675 2892 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
15:19:36.0706 2892 VSS - ok
15:19:36.0722 2892 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:19:36.0722 2892 vwifibus - ok
15:19:36.0753 2892 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:19:36.0768 2892 vwififlt - ok
15:19:36.0800 2892 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:19:36.0800 2892 vwifimp - ok
15:19:36.0846 2892 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:19:36.0846 2892 W32Time - ok
15:19:36.0878 2892 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:19:36.0878 2892 WacomPen - ok
15:19:36.0924 2892 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:19:36.0924 2892 WANARP - ok
15:19:36.0940 2892 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:19:36.0940 2892 Wanarpv6 - ok
15:19:37.0018 2892 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:19:37.0034 2892 WatAdminSvc - ok
15:19:37.0096 2892 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
15:19:37.0112 2892 wbengine - ok
15:19:37.0143 2892 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:19:37.0158 2892 WbioSrvc - ok
15:19:37.0205 2892 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:19:37.0205 2892 wcncsvc - ok
15:19:37.0221 2892 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:19:37.0221 2892 WcsPlugInService - ok
15:19:37.0268 2892 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:19:37.0268 2892 Wd - ok
15:19:37.0299 2892 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:19:37.0314 2892 Wdf01000 - ok
15:19:37.0330 2892 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:19:37.0346 2892 WdiServiceHost - ok
15:19:37.0346 2892 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:19:37.0346 2892 WdiSystemHost - ok
15:19:37.0392 2892 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
15:19:37.0392 2892 WebClient - ok
15:19:37.0424 2892 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:19:37.0424 2892 Wecsvc - ok
15:19:37.0455 2892 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:19:37.0455 2892 wercplsupport - ok
15:19:37.0486 2892 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:19:37.0486 2892 WerSvc - ok
15:19:37.0517 2892 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:19:37.0517 2892 WfpLwf - ok
15:19:37.0533 2892 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:19:37.0533 2892 WIMMount - ok
15:19:37.0595 2892 [ A6EA7A3FC4B00F48535B506DB1E86EFD ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
15:19:37.0595 2892 winachsf - ok
15:19:37.0611 2892 WinHttpAutoProxySvc - ok
15:19:37.0673 2892 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:19:37.0689 2892 Winmgmt - ok
15:19:37.0767 2892 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
15:19:37.0798 2892 WinRM - ok
15:19:37.0845 2892 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:19:37.0860 2892 Wlansvc - ok
15:19:37.0892 2892 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:19:37.0892 2892 WmiAcpi - ok
15:19:37.0938 2892 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:19:37.0938 2892 wmiApSrv - ok
15:19:37.0970 2892 WMPNetworkSvc - ok
15:19:38.0016 2892 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:19:38.0016 2892 WPCSvc - ok
15:19:38.0032 2892 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:19:38.0048 2892 WPDBusEnum - ok
15:19:38.0094 2892 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:19:38.0094 2892 ws2ifsl - ok
15:19:38.0110 2892 WSearch - ok
15:19:38.0141 2892 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:19:38.0157 2892 WudfPf - ok
15:19:38.0204 2892 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:19:38.0204 2892 WUDFRd - ok
15:19:38.0250 2892 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:19:38.0250 2892 wudfsvc - ok
15:19:38.0282 2892 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:19:38.0297 2892 WwanSvc - ok
15:19:38.0313 2892 [ E8F3FA126A06F8E7088F63757112A186 ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys
15:19:38.0328 2892 XAudio - ok
15:19:38.0360 2892 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
15:19:38.0375 2892 yukonw7 - ok
15:19:38.0406 2892 ================ Scan global ===============================
15:19:38.0438 2892 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:19:38.0469 2892 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
15:19:38.0500 2892 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
15:19:38.0531 2892 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:19:38.0578 2892 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:19:38.0578 2892 [Global] - ok
15:19:38.0578 2892 ================ Scan MBR ==================================
15:19:38.0594 2892 [ 8E916F0AD6909ADACA6017CEF1D814EE ] \Device\Harddisk0\DR0
15:19:38.0843 2892 \Device\Harddisk0\DR0 - ok
15:19:38.0843 2892 ================ Scan VBR ==================================
15:19:38.0843 2892 [ 63EB876D41D3DEA233DA2CF062A078CE ] \Device\Harddisk0\DR0\Partition1
15:19:38.0843 2892 \Device\Harddisk0\DR0\Partition1 - ok
15:19:38.0890 2892 [ 3DAD6F712AB71ECB33EE1A5DB9334F6F ] \Device\Harddisk0\DR0\Partition2
15:19:38.0890 2892 \Device\Harddisk0\DR0\Partition2 - ok
15:19:38.0921 2892 [ 987F0C907764CB9BECA855518FF38B1E ] \Device\Harddisk0\DR0\Partition3
15:19:38.0921 2892 \Device\Harddisk0\DR0\Partition3 - ok
15:19:38.0921 2892 ============================================================
15:19:38.0921 2892 Scan finished
15:19:38.0921 2892 ============================================================
15:19:38.0937 3096 Detected object count: 0
15:19:38.0937 3096 Actual detected object count: 0
15:19:55.0800 3588 Deinitialize success


Malwarebytes:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 912110304

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

11/5/2012 8:15:15 AM
mbam-log-2012-11-05 (08-15-01).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 526300
Time elapsed: 16 hour(s), 48 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\$RECYCLE.BIN\S-1-5-18\$19373efe02174ef7eb0ba0a55ad8667d\n (Trojan.Zaccess) -> No action taken.


MiniToolBox:


MiniToolBox by Farbar Version: 23-07-2012
Ran by Holly (administrator) on 05-11-2012 at 08:18:46
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
add address name="Local Area Connection 2" address=169.254.180.1


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Holly-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.fl.comcast.net.

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 96-4C-E5-3C-B7-7F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.fl.comcast.net.
Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 90-4C-E5-3C-B7-7F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a1f3:afcf:1eb:86aa%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, November 05, 2012 8:17:09 AM
Lease Expires . . . . . . . . . . : Tuesday, November 06, 2012 8:17:08 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 328223973
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-A6-04-9B-00-26-2D-B2-AE-AE
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-26-2D-B2-AE-AE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.fl.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F40281A6-E6F6-4409-A75C-4831362B1A1B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F19EA1D7-803A-4B44-B142-1BA0BAACFDCE}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:4002:801::1003
173.194.37.72
173.194.37.69
173.194.37.65
173.194.37.68
173.194.37.67
173.194.37.70
173.194.37.73
173.194.37.64
173.194.37.78
173.194.37.66
173.194.37.71


Pinging google.com [173.194.37.69] with 32 bytes of data:
Reply from 173.194.37.69: bytes=32 time=28ms TTL=54
Reply from 173.194.37.69: bytes=32 time=30ms TTL=54

Ping statistics for 173.194.37.69:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 28ms, Maximum = 30ms, Average = 29ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=129ms TTL=50
Reply from 98.139.183.24: bytes=32 time=185ms TTL=48

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 129ms, Maximum = 185ms, Average = 157ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...96 4c e5 3c b7 7f ......Microsoft Virtual WiFi Miniport Adapter
13...90 4c e5 3c b7 7f ......Atheros AR9285 802.11b/g/n WiFi Adapter
11...00 26 2d b2 ae ae ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.102 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.102 281
192.168.1.102 255.255.255.255 On-link 192.168.1.102 281
192.168.1.255 255.255.255.255 On-link 192.168.1.102 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.102 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.102 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 281 fe80::/64 On-link
13 281 fe80::a1f3:afcf:1eb:86aa/128
On-link
1 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 04 C:\Windows\SysWOW64\nwprovau.dll [File Not found] ()
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/04/2012 01:38:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/04/2012 11:33:39 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/04/2012 10:44:06 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/03/2012 04:00:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/03/2012 11:48:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/03/2012 11:47:16 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/03/2012 11:12:36 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/03/2012 11:07:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/03/2012 08:25:49 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: msvcrt.dll, version: 7.0.7600.16930, time stamp: 0x4eeaf834
Exception code: 0x40000015
Fault offset: 0x0005620a
Faulting process id: 0x1014
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (10/29/2012 02:13:56 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 133c

Start Time: 01cdb601c1eac0d3

Termination Time: 0

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: be7cd70e-21fc-11e2-9a05-00262db2aeae


System errors:
=============
Error: (11/05/2012 08:17:04 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (11/05/2012 08:17:04 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (11/05/2012 08:17:04 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (11/04/2012 01:37:51 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (11/04/2012 01:37:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (11/04/2012 01:37:39 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (11/04/2012 01:37:23 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:30:33 PM on ?11/?4/?2012 was unexpected.

Error: (11/04/2012 10:44:12 AM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (11/04/2012 10:44:12 AM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (11/04/2012 10:44:08 AM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 1.6.65)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.1)
Adobe AIR (Version: 3.0.0.4080)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader 9.5.0 (Version: 9.5.0)
Adobe Shockwave Player (Version: 11.0)
Angry Birds (Version: 2.0.0)
Angry Birds Rio (Version: 1.4.0)
Angry Birds Seasons (Version: 2.1.0)
Angry Birds Space (Version: 1.3.0)
Atheros Driver Installation Program (Version: 5.2)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HD Audio (Version: 4.98.6.51)
Coupon Printer for Windows (Version: 5.0.0.0)
CyberLink DVD Suite (Version: 7.0.2111)
CyberLink MediaShow (Version: 4.1.3325)
CyberLink PowerDVD 8 (Version: 8.0.1.1005)
DAEMON Tools Lite (Version: 4.41.3.0173)
ESET Online Scanner v3
FL Studio 10
GameTap Web Player
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.50)
HP Advisor (Version: 3.3.12286.3436)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Games (Version: 1.0.0.71)
HP Quick Launch Buttons (Version: 6.50.7.1)
HP Setup (Version: 1.2.3560.3170)
HP Smart Web Printing (Version: 131.1.35898)
HP Support Assistant (Version: 4.2.5.3)
HP Update (Version: 5.001.000.014)
HP User Guides 0156 (Version: 1.02.0001)
HP Wireless Assistant (Version: 3.50.9.1)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2202)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (64-bit) (Version: 6.0.300)
Java™ 6 Update 30 (Version: 6.0.300)
Java™ SE Development Kit 6 Update 15 (64-bit) (Version: 1.6.0.150)
Junk Mail filter update (Version: 14.0.8089.726)
LabelPrint (Version: 2.5.2111)
LeapFrog Connect (Version: 3.2.19.13664)
LeapFrog LeapPad Explorer Plugin (Version: 3.2.22.13714)
LightScribe System Software (Version: 1.18.8.1)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Age of Empires Gold
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 2.0.672.0)
Microsoft Live Search Toolbar (Version: 3.0.566.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
MIDI Yoke (Version: 1.75.53)
MSVCRT (Version: 14.0.1468.721)
muvee Reveal (Version: 7.0.43.11502)
Power2Go (Version: 6.0.3311)
PowerDirector (Version: 7.0.3311)
QLBCASL (Version: 6.40.17.2)
Ready Reference Bookshelf (Version: 2.02.0000)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0007)
Realtek USB 2.0 Card Reader (Version: 6.1.7100.30093)
Reason 5.0 (Version: 5.0)
Recovery Manager (Version: 5.5.2202)
Retribution
RPG Maker 2000 - Super Columbine Massacre RPG!
Starcraft
Stedman's Medical Dictionary for the Health Professions and Nursing, 6E (Version: 1.00.0000)
SUPERAntiSpyware (Version: 5.0.1118)
SView5 for Windows
Synaptics Pointing Device Driver (Version: 13.2.2.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
VDownloader 3.9.990
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
WinRAR 4.00 (64-bit) (Version: 4.00.0)
Xilisoft Audio Converter 6 (Version: 6.3.0.20120227)

========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 1979.2 MB
Available physical RAM: 1087.34 MB
Total Pagefile: 3958.39 MB
Available Pagefile: 2966.98 MB
Total Virtual: 4095.88 MB
Available Virtual: 3959.05 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:220.37 GB) (Free:141.81 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:12.32 GB) (Free:2.06 GB) NTFS
3 Drive e: (RB338V20) (CDROM) (Total:0.22 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\HOLLY-PC

Administrator Guest Holly

========================= Restore Points ==================================


**** End of log ****




Farbar Service Scanner:


Farbar Service Scanner Version: 04-11-2012
Ran by Holly (administrator) on 05-11-2012 at 08:22:59
Running from "C:\Users\Holly\Desktop\Fix"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-15 22:05] - [2011-12-27 22:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#9 ddarkstar1

ddarkstar1
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 05 November 2012 - 08:36 AM

AdWare cleaner:


# AdwCleaner v2.006 - Logfile created 11/05/2012 at 08:25:06
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Holly - HOLLY-PC
# Boot Mode : Normal
# Running from : C:\Users\Holly\Desktop\Fix\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Users\Holly\AppData\Local\Conduit
Folder Deleted : C:\Users\Holly\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Holly\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2697877
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

*************************

AdwCleaner[S2].txt - [2749 octets] - [05/11/2012 08:25:06]

########## EOF - C:\AdwCleaner[S2].txt - [2809 octets] ##########



Junkware removal tool:

Junkware Removal Tool (JRT) by Thisisu
Version: 2.6.1 (11.04.2012)
OS: Windows 7 Home Premium x64
Ran by Holly on Mon 11/05/2012 at 8:29:13.28
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values:

Successfully deleted: [VALUE] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders:

Successfully deleted: [FOLDER] "C:\Program Files (x86)\coupons"



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Mon 11/05/2012 at 8:36:24.86
End of Report

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:34 AM

Posted 05 November 2012 - 08:40 AM

You missed to remove infection detected by malwarebytes.

Remove it,re scan and post the clean log

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#11 ddarkstar1

ddarkstar1
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 05 November 2012 - 08:45 AM

Malwarebytes infection was deleted after I posted the log. Had to restart computer to delete.

Should I run Malwarebytes again even though it was just deleted?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:34 AM

Posted 05 November 2012 - 08:50 AM

Yes

#13 ddarkstar1

ddarkstar1
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 05 November 2012 - 08:51 AM

K.

#14 ddarkstar1

ddarkstar1
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 07 November 2012 - 09:38 AM

Malwarebytes:



Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 912110304

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

11/7/2012 8:59:24 AM
mbam-log-2012-11-07 (08-59-24).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 528394
Time elapsed: 56 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\$RECYCLE.BIN\S-1-5-18\$19373efe02174ef7eb0ba0a55ad8667d\n (Trojan.Zaccess) -> Quarantined and deleted successfully.



Services Repair:



Log Opened: 2012-11-07 @ 09:30:17
09:30:17 - -----------------
09:30:17 - | Begin Logging |
09:30:17 - -----------------
09:30:17 - Fix started on a WIN_7 X64 computer
09:30:17 - Prep in progress. Please Wait.
09:30:19 - Prep complete
09:30:19 - Repairing Services Now. Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo> failed with: The system cannot find the file specified.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap> failed with: The system cannot find the file specified.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut> failed with: The system cannot find the file specified.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn> failed with: The system cannot find the file specified.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP> failed with: The system cannot find the file specified.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>

SetACL finished successfully.
09:30:20 - Services Repair Complete.
09:30:25 - Reboot Initiated




RKill:



Rkill 2.4.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/07/2012 09:15:03 AM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack]
* HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]
* C:\$Recycle.Bin\S-1-5-18\$19373efe02174ef7eb0ba0a55ad8667d\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$19373efe02174ef7eb0ba0a55ad8667d\@ [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$19373efe02174ef7eb0ba0a55ad8667d\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$19373efe02174ef7eb0ba0a55ad8667d\n [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$19373efe02174ef7eb0ba0a55ad8667d\U\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$19373efe02174ef7eb0ba0a55ad8667d\U\00000001.@ [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$19373efe02174ef7eb0ba0a55ad8667d\U\80000000.@ [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$19373efe02174ef7eb0ba0a55ad8667d\U\800000cb.@ [ZA File]
* C:\$Recycle.Bin\S-1-5-21-1089882220-2296475928-2852740332-1000\$19373efe02174ef7eb0ba0a55ad8667d\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-1089882220-2296475928-2852740332-1000\$19373efe02174ef7eb0ba0a55ad8667d\@ [ZA File]
* C:\$Recycle.Bin\S-1-5-21-1089882220-2296475928-2852740332-1000\$19373efe02174ef7eb0ba0a55ad8667d\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-1089882220-2296475928-2852740332-1000\$19373efe02174ef7eb0ba0a55ad8667d\U\ [ZA Dir]

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 11/07/2012 09:15:17 AM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)




AutoRuns:



ARN_ -    BM~ > (     @ ?             BM6 6 (        BM~ > (     @ ?             BM6 6 (        BM~ > (     @   BM6 6 (        BM~ > (     @   BM6 6 (        BM~ > (     @ BM6 6 (     ֽ ֽ ֽ ֽ ֽ ֽ R Z {Z {c sc ֽ R R Z {Z {c ֽ J R R R Z ֽ J J J R R kk ֽ { J J J R R ֽ k s s s { k9 ֽ {R R Z Z Z k9    BM~ > (     @ BM6 6 (     R Z {Z sc sc J R R {Z {Z J J R R Z {Z {B B J J R R s9 {B B J J {B k9 k9 sB {B B k9 {c {c {c    BM~ > (     @    BM6 6 (     {{{     9)    ! )! 1!  sc B) 9! B! 9 B cƄ 91 )! R9 ZB J) BBB {{{ B9 B1  քs kR kZ cB )!    Z1 k9 c1   !  kJ kB ƽ k9    {9 քZ քZ ބR sB    BM~ > (     @  BM6 6 (     ޵k Ɯ9 Ɯ9 ޽s ޵c Ɣ) Ɣ) ޭc Z Μ9 s s 9 s R R R Δ) c c ƌ! c c ֭J s ޵c B Ƶ k k c ΥB ޭB ޥ1 Ɣ1 c R k ֽs ޭ Δ B Ƶ ֭J ޭB ޥ1 Ɣ1 c R k Ƅ Ό B B B B ޵R J J Ɣ1 c R k Μ ޥ ֔ ΄ s s s s 9 k R k ޭ Ό 9 k R s Δ Δ { s ֽk εc ƵZ ƭZ c c Z R s { s k Z s s Z s Z s c Z Z Z Z Z Z Z s !Z !Z Z Z Z Z Z Z Z k c Z Z Z Z {    BM~ > (     @ BM6 6 (     {c {c {c    BM~ > (     @   BM6 6 (     B B B c9 ν B B B B B B B c9 B B B B B B B B 9 c9 B c9 B B B B 9 R! B J B R! s B B B B B B B B B J B Z B { B B B B B 9 kB B B B {R B B J B B B B B B B B B B B B kB Z) B B B B B B B B B B B B B B B B B B B B B 9 Z1 B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B c1 ν B B B B B B B B B B B B { sJ B B B B B B B B c1 B B B B B B B B B B B B B sB c9 B B    BM~ > (     @   '    ? ;    ȃ BM6 6 (       99  kkk {{{  Z ))) ZZZ 99 9ZZ {{{ JJJ kkk {{{ 9ZZ 9ZZ 999 JJJ ZZZ J 9ZZ 9ZZ ZZZ kk  ))) 9ZZ Z{{ ZZZ  ))) 9ZZ J 9 999 {{{ 999 JJJ JkJ ZZ 9ZZ {{{ {{{ 9{{ ZZZ JJJ 9 9ZZ 9{{ ZZZ  {{{ 999 9ZZ 99 {{ ZZZ k Z JJJ JJJ ZZ {{ ))) 9Z JJJ 99 kkk  JJJ kkk JJ) JJJ )))    BM~ > (     @ BM6 6 (     R Z {Z sc sc J R R {Z {Z J J R R Z {Z {B B J J R R s9 {B B J J {B k9 k9 sB {B B k9 {c {c {c    BM~ > (     @ BM6 6 (     R Z {Z sc sc J R R {Z {Z J J R R Z {Z {B B J J R R s9 {B B J J {B k9 k9 sB {B B k9 {c {c {c    BM~ > (     @ BM6 6 (     R Z {Z sc sc J R R {Z {Z J J R R Z {Z {B B J J R R s9 {B B J J {B k9 k9 sB {B B k9 {c {c {c    BM~ > (     @ ?       a       BM6 6 (     {{{ BBB {{{    {{{ {s{ ccc kkk kkk    BM~ > (     @ BM6 6 (        BM~ > (     @ ?  ? ?  w S I    % A BM6 6 (     ccc ccc ccc ccc sss sss ccc ccc {{{ kkk )1 ccc )1 )1 )1 {{{ ZZZ )1 )1 )1 )1 ccc ccc )1 )1 )1 )1 ccc ccc )1 )1 )1 )1 ccc ccc )1 )1 )1 )1 ccc ccc )1 )1 )1 )1 )1 )1 )1 )1 )1 )1 )1 )1    BM~ > (     @ BM6 6 (     1R )s )s )s )s )s )s )s )s )s )s )s )s 1R J Z { { { { { { { { { { { { Z J B k s { { k B B c s k k k k k k k k k s s c B B c k k k k k Z B B c k k k 9 9 9 J J s c Z B B c k k k Z B B c s k k k k k k k Z B B c s s s s k s s k k s c B B c { { { s s s s { { c B B c { { { { s s { { { c B B c ! ! ! ! !{ !{ Z ! ! ! c B B c 1 1 1 1 1 1 1 1 1 1 c B B Z 9 9 9 9 9 9 9 k 9 9 9 9 Z B 1c R R { { { { { { { { { { R R 1c 1c B B B B B B B B B B B B 1c    BM~ > (     @            BM6 6 (     s s  s s s k k k c c Z { { { s s k k RR kk s !! BB     ZZ kk 99 ss  RR {      99 kk                  J  {      kk  1 s      JJ  B  B        9k k k B    BM~ > (     @ BM6 6 (     R Z {Z sc sc J R R {Z {Z J J R R Z {Z {B B J J R R s9 {B B J J {B k9 k9 sB {B B k9 {c {c {c    BM~ > (     @                 BM6 6 (     {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ s s s ν s s s Ƶ s ν Ƶ s ֽ s s s ֽ s s s s s s ֽ s s s ֽ Ƶ s ֽ ֽ ֽ s s s    BM~ > (     @                 BM6 6 (     {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ s s s ν s s s Ƶ s ν Ƶ s ֽ s s s ֽ s s s s s s ֽ s s s ֽ Ƶ s ֽ ֽ ֽ s s s    BM~ > (     @           BM6 6 (     999 {{{ {{{  999 {{{ ))) 9{{ 9{{ 9{{ 9{{ {{{ ))) {{{ ZZZ { )) ZZZ ZZZ 9{{ 9{{ 9{{ ZZ  { )) ZZZ ))) 999   999 {{{ {{{  9 999  kkk {{{ {{{ J)) 9 999 ZZZ ZZZ ZZZ ZZZ ZZZ 999 ZZZ JJJ  999 JJJ  {{{ Z { { { {{{ 999 ))) )))  {{{ 999 ZZZ 999 9 {{{ 999 ZZZ 999 9 {{{ 999 ZZZ kkk 999 999 999 999 999 999 ))) 999 ))) ZZZ ZZZ ZZZ ZZZ ZZZ ZZZ kkk     BM~ > (     @ BM6 6 (     R Z {Z sc sc J R R {Z {Z J J R R Z {Z {B B J J R R s9 {B B J J {B k9 k9 sB {B B k9 {c {c {c    BM~ > (     @                 BM6 6 (     {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ ֵ sZ ֵ ֵ Z) Z) ֵ ƭ Z) sZ ֵ sZ Z) ֵ Z) Z) ֵ ƭ ƭ ֵ sZ ֵ Z) 1 ƭ Z) ƭ ֵ ZB) ƭ Z) Z) ƭ Z) ƭ    BM~ > (     @                 BM6 6 (     {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ ֵ sZ ֵ ֵ Z) Z) ֵ ƭ Z) sZ ֵ sZ Z) ֵ Z) Z) ֵ ƭ ƭ ֵ sZ ֵ Z) 1 ƭ Z) ƭ ֵ ZB) ƭ Z) Z) ƭ Z) ƭ    BM~ > (     @    BM6 6 (     Ό) Ό) Ό) Ό) Ό) Ό) ε s s Ό) c Ό) c Z Z Ό) c Ό) J J ν Ό) c Ό) Ό) c Ό) ޽ ޽ J Ό) c B Ό) Ό) Ό) B c Ό) ޽ ޽ J Ό) c c c c c c c Ό) ޽ ޽ J ƭ Ό) c c c c c c c Ό) R ƭ ޵k Ό) Ό) Ό) Ό) Ό) Ό) Ό) ޵k R Ƶ Z Ƶ Z B{ s Z Ƶ ) !1 J c Ƶ { c ֽ Ƶ Ƶ Ƶ Ƶ ƭ ƭ { s s k ƥ ) B B B B 9 9 9 k ! c ! ! s s s s s s s B 1 B ! ) ) ) ) ) ) ) ) ) ) ) )    BM~ > (     @           BM6 6 (     999 {{{ {{{  999 {{{ ))) 9{{ 9{{ 9{{ 9{{ {{{ ))) {{{ ZZZ { )) ZZZ ZZZ 9{{ 9{{ 9{{ ZZ  { )) ZZZ ))) 999   999 {{{ {{{  9 999  kkk {{{ {{{ J)) 9 999 ZZZ ZZZ ZZZ ZZZ ZZZ 999 ZZZ JJJ  999 JJJ  {{{ Z { { { {{{ 999 ))) )))  {{{ 999 ZZZ 999 9 {{{ 999 ZZZ 999 9 {{{ 999 ZZZ kkk 999 999 999 999 999 999 ))) 999 ))) ZZZ ZZZ ZZZ ZZZ ZZZ ZZZ kkk     BM~ > (     @                 BM6 6 (     {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ ֵ sZ ֵ ֵ Z) Z) ֵ ƭ Z) sZ ֵ sZ Z) ֵ Z) Z) ֵ ƭ ƭ ֵ sZ ֵ Z) 1 ƭ Z) ƭ ֵ ZB) ƭ Z) Z) ƭ Z) ƭ    BM~ > (     @ BM6 6 (     R Z {Z sc sc J R R {Z {Z J J R R Z {Z {B B J J R R s9 {B B J J {B k9 k9 sB {B B k9 {c {c {c    BM~ > (     @                 BM6 6 (     {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ ֵ sZ ֵ ֵ Z) Z) ֵ ƭ Z) sZ ֵ sZ Z) ֵ Z) Z) ֵ ƭ ƭ ֵ sZ ֵ Z) 1 ƭ Z) ƭ ֵ ZB) ƭ Z) Z) ƭ Z) ƭ    BM~ > (     @                 BM6 6 (     {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ ֵ sZ ֵ ֵ Z) Z) ֵ ƭ Z) sZ ֵ sZ Z) ֵ Z) Z) ֵ ƭ ƭ ֵ sZ ֵ Z) 1 ƭ Z) ƭ ֵ ZB) ƭ Z) Z) ƭ Z) ƭ    BM~ > (     @           BM6 6 (     999 {{{ {{{  999 {{{ ))) 9{{ 9{{ 9{{ 9{{ {{{ ))) {{{ ZZZ { )) ZZZ ZZZ 9{{ 9{{ 9{{ ZZ  { )) ZZZ ))) 999   999 {{{ {{{  9 999  kkk {{{ {{{ J)) 9 999 ZZZ ZZZ ZZZ ZZZ ZZZ 999 ZZZ JJJ  999 JJJ  {{{ Z { { { {{{ 999 ))) )))  {{{ 999 ZZZ 999 9 {{{ 999 ZZZ 999 9 {{{ 999 ZZZ kkk 999 999 999 999 999 999 ))) 999 ))) ZZZ ZZZ ZZZ ZZZ ZZZ ZZZ kkk     BM~ > (     @ BM6 6 (     R Z {Z sc sc J R R {Z {Z J J R R Z {Z {B B J J R R s9 {B B J J {B k9 k9 sB {B B k9 {c {c {c    BM~ > (     @                 BM6 6 (     {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ ֵ sZ ֵ ֵ Z) Z) ֵ ƭ Z) sZ ֵ sZ Z) ֵ Z) Z) ֵ ƭ ƭ ֵ sZ ֵ Z) 1 ƭ Z) ƭ ֵ ZB) ƭ Z) Z) ƭ Z) ƭ    BM~ > (     @   BM6 6 (                           !19 c Bk     )9B Z{ c Bk !9J  k BZk Bcs s s Jk   1BB 1BB 1BJ )9B )9B 9RZ c { Js J{ )BR  s { Z 1BR Rs s k Js !  Zks c s s c Jcs 1BJ !)1 1JR k { { k )1  )))    !) 1BJ Rs{ { Z !  c )9B  !)) )99 BZZ Rks Zs Zs Rks 9RZ !19                        BM~ > (     @                 BM6 6 (     {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ ֵ sZ ֵ ֵ Z) Z) ֵ ƭ Z) sZ ֵ sZ Z) ֵ Z) Z) ֵ ƭ ƭ ֵ sZ ֵ Z) 1 ƭ Z) ƭ ֵ ZB) ƭ Z) Z) ƭ Z) ƭ    BM~ > (     @    BM6 6 (     Ό) Ό) Ό) Ό) Ό) Ό) ε s s Ό) c Ό) c Z Z Ό) c Ό) J J ν Ό) c Ό) Ό) c Ό) ޽ ޽ J Ό) c B Ό) Ό) Ό) B c Ό) ޽ ޽ J Ό) c c c c c c c Ό) ޽ ޽ J ƭ Ό) c c c c c c c Ό) R ƭ ޵k Ό) Ό) Ό) Ό) Ό) Ό) Ό) ޵k R Ƶ Z Ƶ Z B{ s Z Ƶ ) !1 J c Ƶ { c ֽ Ƶ Ƶ Ƶ Ƶ ƭ ƭ { s s k ƥ ) B B B B 9 9 9 k ! c ! ! s s s s s s s B 1 B ! ) ) ) ) ) ) ) ) ) ) ) )    BM~ > (     @           BM6 6 (     999 {{{ {{{  999 {{{ ))) 9{{ 9{{ 9{{ 9{{ {{{ ))) {{{ ZZZ { )) ZZZ ZZZ 9{{ 9{{ 9{{ ZZ  { )) ZZZ ))) 999   999 {{{ {{{  9 999  kkk {{{ {{{ J)) 9 999 ZZZ ZZZ ZZZ ZZZ ZZZ 999 ZZZ JJJ  999 JJJ  {{{ Z { { { {{{ 999 ))) )))  {{{ 999 ZZZ 999 9 {{{ 999 ZZZ 999 9 {{{ 999 ZZZ kkk 999 999 999 999 999 999 ))) 999 ))) ZZZ ZZZ ZZZ ZZZ ZZZ ZZZ kkk     BM~ > (     @                 BM6 6 (     {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ ֵ sZ ֵ ֵ Z) Z) ֵ ƭ Z) sZ ֵ sZ Z) ֵ Z) Z) ֵ ƭ ƭ ֵ sZ ֵ Z) 1 ƭ Z) ƭ ֵ ZB) ƭ Z) Z) ƭ Z) ƭ    BM~ > (     @ BM6 6 (     R Z {Z sc sc J R R {Z {Z J J R R Z {Z {B B J J R R s9 {B B J J {B k9 k9 sB {B B k9 {c {c {c    BM~ > (     @                 BM6 6 (     {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ {{{ ֵ sZ ֵ ֵ Z) Z) ֵ ƭ Z) sZ ֵ sZ Z) ֵ Z) Z) ֵ ƭ ƭ ֵ sZ ֵ Z) 1 ƭ Z) ƭ ֵ ZB) ƭ Z) Z) ƭ Z) ƭ    BM~ > (     @ BM6 6 (     {{{   {{{  B9 ֽc ֭1 99!  B9! s ֵ1 91!  BB! s ֭9 91!  !19 Z Bc{  JB! c ֭1 91!  !19 Rs s s c 9Zk !1B JB) Z έ1 11! { k Jk Bc{ k c k έ1 1) 1BB 9BJ 1JR 1BJ 1BJ BZk c { { s k έ9 11 s s s { Z{ BZk {{ Z ޽J k  JZc Zs k k c Rs 9JZ )9B BZc c Ɯ Z J !! )19 !)1 !)1 !11 )9B 9JZ Z{ {   ) ƭZ  νJ ֵ  ޵ B cZ9  !11 BRZ Rcs Zs{ Rs{ Jcs 9RZ 9B9 ) sc sc ֽ9 JB)  {)  cZ )     kc)   {{{     {{{    BM~ > (     @         BM6 6 (     ޥ{ ֌Z ֌Z ֌Z ֌Z ޥ{ ޜ{ ֔k ƭ ν ֔k ޜs ֌Z ޵ Δk 罥 ֌Z ޜs ֜s c) ޵ ޵ ޜs c) Μ{ R ֌c ֜s Όc J c) Ƶ ޜs s9 Ƶ s9 R {J ΄J c! ֭ J R R R R ޥ{ sB c! Z Z c Z R R Ƶ k1 s9 Μk k s k ν s9 ֜s ޭ{ {) ތ1 ބ1 Μ{ ޜs s1 ֥k ޔ9 ޔ1 組 k9 ޜs ֥c ֜B B ޔB ΌZ ޜs ֌Z ֜c ޵ Z c Ɯ Δc ֌Z ޥ{ s9 ޵ ޥZ Z ֌B ΄J ޥ ޭ {J c) c! sB ޥ{    BM~ > (     @         BM6 6 (     kcc 191 9RB 1RB 191 kcc ZZR 1RB 9{ JΔ JΜ BΔ 1 )Z 1R1 ZZR BB9 ){B ){ B{ s kcc ){ 9 1s 99B ZZR 1{B )R Zk JJ  ZZR ZJ) )J ZsZ ֽ ֌J ΄9 ޭ ֌J ޭ JR  !)k kcc c1 1{B έ Z ֜Z Z ֽ )9 ) kcc 91) s9 c{c k ΄9 ޵ ֔Z Z 経 s{ BR 119 RB1 {B Z Ɯ cs 19c RB1 J Z ֽ cs 11c 99) R {k k Ɯ ss 1J 119 kcc {R kJ έ k έ {) !) ! kcc cR9 Ɣc skZ έ ΄9 ֜Z ֜Z k ֜Z kcR  !!c ZZR sR Z skZ kcR sJR  ZZR JB9 sJ ƔZ cB sc {sc sR1 k1 1)c 99B ZZR cR9 {J J {J {B s9 c1 RB) ZZR kcc 99) RB1 RB1 91) kcc     BM > (    ?        ?               BM6 6 (   s { s { s s s { { s k c J J J c s s s R Z c c c Z R R J J J Z { s s s B B J R Z Z Z R R J J c ƥ { { s s 9 B R Z Z Z R R J J J c { { B B J R Z Z Z R R J J c { 9 B J R Z Z Z Z R R R k 9 B J Z Z c c Z Z Z Z s k B R Z c c c c c c c s J R Z c k k k c c k k s J R Z k k k k k k k J R c k s s s s s s J Z c k s { s { { R Z c s { { { { R Z k s { R Z k s R c k { R c s { Z c s Z k { c s c { s { {    BM > (   BM6 6 (   ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ R Z Z {Z {Z {c sc sc sc sc ֽ ֽ R R Z Z {Z {Z {Z {c sc sc ֽ ֽ R R R R Z {Z {Z {Z {c sc ֽ ֽ R R R R R Z Z {Z {Z {c ֽ ֽ J J R R R R R Z {Z {Z ֽ ֽ J J J R R R R R Z Z ֽ ֽ J J J J J R R R R Z ֽ kk kk ֽ B J J J J J R R R R ֽ kk kk ֽ s J B J J J J R R R ֽ Z kk ֽ { c J J J J J J R ֽ R Z ֽ { { { { s k k c c c ֽ B R ֽ k k k s s s s s s { ֽ k9 B ֽ c c c c c c c k k k ֽ k9 k9 ֽ {R {R R R Z Z Z Z Z Z ֽ k9 k9 ƽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ƽ k9 k9 {k {k {k    BM > (    ?        ?               BM6 6 (   s { s { s s s { { s k c J J J c s s s R Z c c c Z R R J J J Z { s s s B B J R Z Z Z R R J J c ƥ { { s s 9 B R Z Z Z R R J J J c { { B B J R Z Z Z R R J J c { 9 B J R Z Z Z Z R R R k 9 B J Z Z c c Z Z Z Z s k B R Z c c c c c c c s J R Z c k k k c c k k s J R Z k k k k k k k J R c k s s s s s s J Z c k s { s { { R Z c s { { { { R Z k s { R Z k s R c k { R c s { Z c s Z k { c s c { s { {    BM > (        BM6 6 (   B B B B B B B B B B B B B B B J B B B B B B R J B B B B J B J B B B B B B B Ƶ kB Z) J J c9 k B B B B B J J B B B B B B 1 R! 1 9 B B B 9 9 B 1 B B B B J B B B B B B B 9 sJ 9 B B B B B B B B 1 c9 9 B B B J B B B B R! B 9 {R 1 B B B B B B B B B B B B B B B J B B B 9 B 9 s {R 9 B B B B B B B B B B 9 Z) c9 9 B B J B B B Z1 9 9 k Z1 9 B B B B B B B B B B B 1 9 B B J B B 9 k 9 9 kB sJ 9 B B B B B B B B B B B 9 kB 1 B B J B B 9 B B ) Ƶ 9 B B B B B B B B B B B B 9 1 B B J B B 9 ƭ J B 9 { c9 9 B B B B B B B B B B B 9 Z) B B J B B 9 c9 9 B 9 Z) 9 9 B B B B B B B B B 9 c1 sJ 9 B J B B 9 k 9 B B 9 Ƶ sJ J B B B B B B B B B 9 {R 9 B J B B 9 c 1 B B B 1 9 {Z k R! B B B B B B B B B ) Z 9 B J B B B R! Z) 9 B B B B 9 9 9 B B B B B B B B B B 1 sR 9 B B B B B 1 B B B B B B B B B B B B B B B B B B 1 kB 9 B B B B B 9 s {R 9 B B B B B B B B B B B B B B B B 1 Z) B B B B B B B B B B B B B B B B B B B B B B B B B 1 1 B B B B B B B 9 sJ 9 B B B B B B B B B B B B B B B 1 1 B B B B B B B B 1 1 B B B B B B B B B B B B B B 1 ƽ 1 B B B B B B B B B B c9 1 B B B B B B B B B B B B B 1 { 9 B B B B B B B B B B 1 {Z 1 B B B B B B B B B B B B Z) kB 9 B B B B B B B B B B 9 R! Z1 1 B B B B B B B B B B 9 Z R! B B B B B B B B B B B B 9 9 Ƶ s 1 B B B B B B B B B 9 Ƶ Ƶ 9 B B B B B B B B B B B B B B 9 9 9 B B B B B B B B k 9 B B B B B B B B B B B B B B B 1 kB c9 9 B B B B B 9 kB B B B B B B J B B B B B B B B B B B 9 B ƭ 1 9 B B B 9 1 B B B B J J B B B B B B B B B B B B 1 R! { B 9 B 1 c 9 B B B J B J B B B B B B B B B B B B B B {Z sJ 1 k9 Z) B B B J B B B B B B B B B B B B B B B B B kZ { B B B B    BM > (   ?~?>?>       @ `  ?BM6 6 (      BM > (   BM6 6 (   ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ R Z Z {Z {Z {Z sc sc sc sc ֽ ֽ R R R Z {Z {Z {Z sc sc sc ֽ ֽ R R R R Z {Z {Z {Z {Z sc ֽ ֽ J R R R R R Z {Z {Z {Z ֽ ֽ J J R R R R R Z {Z {Z ֽ ֽ J J J J R R R R Z Z ֽ ֽ J J J J J R R R R R ֽ kk kk ֽ B B J J J J J R R R ֽ kk kk ֽ s J B J J J J J R R ֽ Z kk ֽ { c J B J J J J R ֽ R Z ֽ s { { { s k k c c c ֽ B R ֽ k k k s s s s s s s ֽ k9 B ֽ c c c c c c c k k k ֽ k9 k9 ֽ {R {R R R R Z Z Z Z Z ֽ k9 k9 ƽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ƽ k9 k9 {c {c {c    BM > (   BM6 6 (   ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ R Z Z {Z {Z {Z sc sc sc sc ֽ ֽ R R R Z {Z {Z {Z sc sc sc ֽ ֽ R R R R Z {Z {Z {Z {Z sc ֽ ֽ J R R R R R Z {Z {Z {Z ֽ ֽ J J R R R R R Z {Z {Z ֽ ֽ J J J J R R R R Z Z ֽ ֽ J J J J J R R R R R ֽ kk kk ֽ B B J J J J J R R R ֽ kk kk ֽ s J B J J J J J R R ֽ Z kk ֽ { c J B J J J J R ֽ R Z ֽ s { { { s k k c c c ֽ B R ֽ k k k s s s s s s s ֽ k9 B ֽ c c c c c c c k k k ֽ k9 k9 ֽ {R {R R R R Z Z Z Z Z ֽ k9 k9 ƽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ƽ k9 k9 {c {c {c    BM > (   BM6 6 (   ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ R Z Z {Z {Z {Z sc sc sc sc ֽ ֽ R R R Z {Z {Z {Z sc sc sc ֽ ֽ R R R R Z {Z {Z {Z {Z sc ֽ ֽ J R R R R R Z {Z {Z {Z ֽ ֽ J J R R R R R Z {Z {Z ֽ ֽ J J J J R R R R Z Z ֽ ֽ J J J J J R R R R R ֽ kk kk ֽ B B J J J J J R R R ֽ kk kk ֽ s J B J J J J J R R ֽ Z kk ֽ { c J B J J J J R ֽ R Z ֽ s { { { s k k c c c ֽ B R ֽ k k k s s s s s s s ֽ k9 B ֽ c c c c c c c k k k ֽ k9 k9 ֽ {R {R R R R Z Z Z Z Z ֽ k9 k9 ƽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ֽ ƽ k9 k9 {c {c {c    BM > (    ?        ?               BM6 6 (   s { s { s s s { { s k c J J J c s s s R Z c c c Z R R J J J Z { s s s B B J R Z Z Z R R J J c ƥ { { s s 9 B R Z Z Z R R J J J c { { B B J R Z Z Z R R J J c { 9 B J R Z Z Z Z R R R k 9 B J Z Z c c Z Z Z Z s k B R Z c c c c c c c s J R Z c k k k c c k k s J R Z k k k k k k k J R c k s s s s s s J Z c k s { s { { R Z c s { { { { R Z k s { R Z k s R c k { R c s { Z c s Z k { c s c { s { {    BM > (    ?       > > ~>?   ?  BM6 6 (   ƽ sss    JJJ    ZZZ     {{{   kkk   kkk   sss ccc %

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:34 AM

Posted 07 November 2012 - 12:39 PM

Please post the proper log for Autoruns

Edited by narenxp, 07 November 2012 - 02:20 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users