Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Boot failure - kdcom.dll - ASUS UL30A


  • Please log in to reply
13 replies to this topic

#1 DanT

DanT

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Arkansas, USA
  • Local time:11:18 PM

Posted 29 November 2012 - 08:15 AM

Hi,
This problem is on my wife's laptop. I have been trying to solve it, but have not made much progress.

The computer is an ASUS UL30A running Windows 7 Home Premium SP1 (64-bit) with all Microsoft updates installed. It has 4GB of memory installed and a 116 GB hard disk with 35.6 GB free. It is running Microsoft Security Essentials which has recently quarantined several trojans.

The computer has been booting up slowly for some time now and about a week ago it started going into the startup repair program on booting. Most of the time the repair fails, but sometimes a log is produced showing that KDCOM.DLL has a problem.

I tried doing sft /scannow but no problems were found. I don't have a Windows 7 boot CD, just a system recovery CD, so I couldn't try just replacing the file.

I ran Malware Bytes AntiMalware and it found and fixed several problems but not the kdcom.dll. I also did a system restore to the earliest point that I had without fixing the problem.

At some point a window popped up indicating a problem with WINSVMDE file.

I also ran clamwim and it found 18 infections - mostly trojans.

Then I ran MBAM again an it started up with a message that the signature data base was missing or corrupted and downloaded a new copy. During the scan I got the BSOD and the computer rebooted before I could read the error message.

So, I ran MBAM again, and again downloaded a signature database, started scan and went to bed. This run left me a log indicating a trojan in memory and 4 in files - all fixed and/or quarantined.

So... I need some help in cleaning up this computer and fixing the corrupted files.

Thanks in advance for your assistance.

Dan

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:18 PM

Posted 30 November 2012 - 09:58 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 DanT

DanT
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Arkansas, USA
  • Local time:11:18 PM

Posted 30 November 2012 - 09:24 PM

narenxp,

Thanks for the response.

I downloaded and ran the programs you indicated. After TDSSkiller completed, the system crashed (blue screen) and rebooted. I did not have time to read the error message.

Following the completion of ESET Online Scanner, I must have made a mistake and did not get a file of the results. Should I rerun that program? The program found and corrected 8 infections.

+++++++++++++++++++++++++++++++++

Here is the TDSSkiller log:

16:44:42.0068 3280 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:44:42.0643 3280 ============================================================
16:44:42.0643 3280 Current date / time: 2012/11/30 16:44:42.0643
16:44:42.0644 3280 SystemInfo:
16:44:42.0644 3280
16:44:42.0644 3280 OS Version: 6.1.7601 ServicePack: 1.0
16:44:42.0644 3280 Product type: Workstation
16:44:42.0644 3280 ComputerName: DAWN-ASUS
16:44:42.0644 3280 UserName: Dawn
16:44:42.0644 3280 Windows directory: C:\Windows
16:44:42.0644 3280 System windows directory: C:\Windows
16:44:42.0644 3280 Running under WOW64
16:44:42.0644 3280 Processor architecture: Intel x64
16:44:42.0644 3280 Number of processors: 2
16:44:42.0644 3280 Page size: 0x1000
16:44:42.0644 3280 Boot type: Normal boot
16:44:42.0644 3280 ============================================================
16:44:45.0501 3280 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:44:45.0517 3280 Drive \Device\Harddisk1\DR1 - Size: 0x3BC000000 (14.94 Gb), SectorSize: 0x200, Cylinders: 0x79D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:44:45.0520 3280 ============================================================
16:44:45.0520 3280 \Device\Harddisk0\DR0:
16:44:45.0521 3280 MBR partitions:
16:44:45.0521 3280 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4B800, BlocksNum 0xE8DFCD8
16:44:45.0534 3280 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1062B517, BlocksNum 0x29D5972A
16:44:45.0534 3280 \Device\Harddisk1\DR1:
16:44:45.0535 3280 MBR partitions:
16:44:45.0535 3280 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x28, BlocksNum 0x1DDFFD8
16:44:45.0535 3280 ============================================================
16:44:45.0576 3280 C: <-> \Device\Harddisk0\DR0\Partition1
16:44:45.0606 3280 D: <-> \Device\Harddisk0\DR0\Partition2
16:44:45.0606 3280 ============================================================
16:44:45.0606 3280 Initialize success
16:44:45.0606 3280 ============================================================
16:45:20.0716 5508 ============================================================
16:45:20.0716 5508 Scan started
16:45:20.0716 5508 Mode: Manual; TDLFS;
16:45:20.0716 5508 ============================================================
16:45:25.0822 5508 ================ Scan system memory ========================
16:45:25.0822 5508 System memory - ok
16:45:25.0832 5508 ================ Scan services =============================
16:45:26.0858 5508 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:45:26.0868 5508 1394ohci - ok
16:45:26.0928 5508 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:45:26.0928 5508 ACPI - ok
16:45:26.0978 5508 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:45:26.0978 5508 AcpiPmi - ok
16:45:27.0100 5508 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
16:45:27.0110 5508 AdobeActiveFileMonitor6.0 - ok
16:45:27.0250 5508 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:45:27.0260 5508 AdobeFlashPlayerUpdateSvc - ok
16:45:27.0340 5508 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:45:27.0380 5508 adp94xx - ok
16:45:27.0420 5508 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:45:27.0430 5508 adpahci - ok
16:45:27.0450 5508 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:45:27.0460 5508 adpu320 - ok
16:45:27.0492 5508 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:45:27.0502 5508 AeLookupSvc - ok
16:45:27.0572 5508 [ 114C042FF784B4C5670290A661799357 ] AFBAgent C:\Windows\system32\FBAgent.exe
16:45:27.0572 5508 AFBAgent - ok
16:45:27.0652 5508 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:45:27.0662 5508 AFD - ok
16:45:27.0722 5508 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:45:27.0722 5508 agp440 - ok
16:45:27.0762 5508 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:45:27.0762 5508 ALG - ok
16:45:27.0812 5508 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:45:27.0822 5508 aliide - ok
16:45:27.0862 5508 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:45:27.0862 5508 amdide - ok
16:45:27.0932 5508 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:45:27.0932 5508 AmdK8 - ok
16:45:27.0942 5508 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:45:27.0942 5508 AmdPPM - ok
16:45:28.0012 5508 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:45:28.0154 5508 amdsata - ok
16:45:28.0304 5508 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:45:28.0314 5508 amdsbs - ok
16:45:28.0367 5508 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:45:28.0368 5508 amdxata - ok
16:45:28.0446 5508 [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
16:45:28.0446 5508 AmUStor - ok
16:45:28.0506 5508 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:45:28.0519 5508 AppID - ok
16:45:28.0561 5508 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:45:28.0565 5508 AppIDSvc - ok
16:45:28.0598 5508 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:45:28.0608 5508 Appinfo - ok
16:45:28.0658 5508 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:45:28.0658 5508 arc - ok
16:45:28.0678 5508 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:45:28.0688 5508 arcsas - ok
16:45:28.0778 5508 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
16:45:28.0788 5508 ASLDRService - ok
16:45:28.0888 5508 [ 2DB34EDD17D3A8DA7105A19C95A3DD68 ] ASMMAP64 C:\Program Files\ATKGFNEX\ASMMAP64.sys
16:45:28.0888 5508 ASMMAP64 - ok
16:45:29.0060 5508 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:45:29.0080 5508 aspnet_state - ok
16:45:29.0130 5508 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:45:29.0140 5508 AsyncMac - ok
16:45:29.0190 5508 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:45:29.0190 5508 atapi - ok
16:45:29.0520 5508 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys
16:45:29.0602 5508 athr - ok
16:45:29.0653 5508 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
16:45:29.0656 5508 ATKGFNEXSrv - ok
16:45:29.0754 5508 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:45:29.0774 5508 AudioEndpointBuilder - ok
16:45:29.0824 5508 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:45:29.0824 5508 AudioSrv - ok
16:45:29.0904 5508 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:45:29.0914 5508 AxInstSV - ok
16:45:30.0014 5508 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:45:30.0166 5508 b06bdrv - ok
16:45:30.0216 5508 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:45:30.0226 5508 b57nd60a - ok
16:45:30.0296 5508 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:45:30.0296 5508 BDESVC - ok
16:45:30.0326 5508 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:45:30.0326 5508 Beep - ok
16:45:30.0406 5508 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:45:30.0426 5508 BFE - ok
16:45:30.0498 5508 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:45:30.0545 5508 BITS - ok
16:45:30.0590 5508 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:45:30.0590 5508 blbdrive - ok
16:45:30.0650 5508 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:45:30.0650 5508 bowser - ok
16:45:30.0830 5508 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:45:30.0840 5508 BrFiltLo - ok
16:45:30.0870 5508 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:45:30.0870 5508 BrFiltUp - ok
16:45:30.0910 5508 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:45:30.0920 5508 Browser - ok
16:45:30.0940 5508 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:45:30.0950 5508 Brserid - ok
16:45:30.0970 5508 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:45:30.0970 5508 BrSerWdm - ok
16:45:31.0030 5508 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:45:31.0030 5508 BrUsbMdm - ok
16:45:31.0050 5508 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:45:31.0050 5508 BrUsbSer - ok
16:45:31.0130 5508 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:45:31.0130 5508 BTHMODEM - ok
16:45:31.0220 5508 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:45:31.0220 5508 bthserv - ok
16:45:31.0270 5508 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:45:31.0270 5508 cdfs - ok
16:45:31.0350 5508 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:45:31.0360 5508 cdrom - ok
16:45:31.0420 5508 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:45:31.0420 5508 CertPropSvc - ok
16:45:31.0480 5508 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:45:31.0480 5508 circlass - ok
16:45:31.0530 5508 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:45:31.0540 5508 CLFS - ok
16:45:31.0720 5508 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:45:31.0720 5508 clr_optimization_v2.0.50727_32 - ok
16:45:31.0780 5508 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:45:31.0780 5508 clr_optimization_v2.0.50727_64 - ok
16:45:31.0900 5508 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:45:31.0920 5508 clr_optimization_v4.0.30319_32 - ok
16:45:31.0990 5508 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:45:32.0030 5508 clr_optimization_v4.0.30319_64 - ok
16:45:32.0160 5508 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:45:32.0160 5508 CmBatt - ok
16:45:32.0350 5508 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:45:32.0360 5508 cmdide - ok
16:45:32.0420 5508 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:45:32.0430 5508 CNG - ok
16:45:32.0500 5508 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:45:32.0500 5508 Compbatt - ok
16:45:32.0560 5508 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:45:32.0570 5508 CompositeBus - ok
16:45:32.0600 5508 COMSysApp - ok
16:45:32.0630 5508 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:45:32.0630 5508 crcdisk - ok
16:45:32.0702 5508 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:45:32.0702 5508 CryptSvc - ok
16:45:32.0785 5508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:45:32.0795 5508 DcomLaunch - ok
16:45:32.0825 5508 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:45:32.0835 5508 defragsvc - ok
16:45:32.0887 5508 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:45:32.0890 5508 DfsC - ok
16:45:32.0937 5508 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:45:32.0947 5508 Dhcp - ok
16:45:32.0977 5508 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:45:32.0977 5508 discache - ok
16:45:33.0017 5508 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:45:33.0027 5508 Disk - ok
16:45:33.0087 5508 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:45:33.0097 5508 Dnscache - ok
16:45:33.0148 5508 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:45:33.0156 5508 dot3svc - ok
16:45:33.0189 5508 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:45:33.0203 5508 DPS - ok
16:45:33.0251 5508 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:45:33.0251 5508 drmkaud - ok
16:45:33.0330 5508 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:45:33.0333 5508 DXGKrnl - ok
16:45:33.0380 5508 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:45:33.0384 5508 EapHost - ok
16:45:33.0515 5508 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:45:33.0632 5508 ebdrv - ok
16:45:33.0662 5508 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:45:33.0670 5508 EFS - ok
16:45:33.0753 5508 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:45:33.0764 5508 ehRecvr - ok
16:45:33.0800 5508 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:45:33.0803 5508 ehSched - ok
16:45:33.0879 5508 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:45:33.0990 5508 elxstor - ok
16:45:34.0029 5508 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:45:34.0061 5508 ErrDev - ok
16:45:34.0151 5508 [ 1299D1EA00B7A4BF69C5869DCA31E0F6 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
16:45:34.0161 5508 ETD - ok
16:45:34.0223 5508 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:45:34.0253 5508 EventSystem - ok
16:45:34.0283 5508 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:45:34.0283 5508 exfat - ok
16:45:34.0303 5508 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:45:34.0313 5508 fastfat - ok
16:45:34.0383 5508 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:45:34.0413 5508 Fax - ok
16:45:34.0473 5508 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:45:34.0473 5508 fdc - ok
16:45:34.0533 5508 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:45:34.0533 5508 fdPHost - ok
16:45:34.0553 5508 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:45:34.0573 5508 FDResPub - ok
16:45:34.0596 5508 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:45:34.0598 5508 FileInfo - ok
16:45:34.0626 5508 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:45:34.0637 5508 Filetrace - ok
16:45:34.0727 5508 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:45:34.0750 5508 FLEXnet Licensing Service - ok
16:45:34.0786 5508 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:45:34.0789 5508 flpydisk - ok
16:45:34.0845 5508 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:45:34.0855 5508 FltMgr - ok
16:45:34.0925 5508 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:45:34.0965 5508 FontCache - ok
16:45:35.0025 5508 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:45:35.0027 5508 FontCache3.0.0.0 - ok
16:45:35.0067 5508 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:45:35.0067 5508 FsDepends - ok
16:45:35.0107 5508 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
16:45:35.0117 5508 fssfltr - ok
16:45:35.0449 5508 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:45:35.0519 5508 fsssvc - ok
16:45:35.0591 5508 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:45:35.0591 5508 Fs_Rec - ok
16:45:35.0681 5508 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:45:35.0681 5508 fvevol - ok
16:45:35.0745 5508 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:45:35.0748 5508 gagp30kx - ok
16:45:35.0923 5508 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:45:35.0923 5508 GamesAppService - ok
16:45:35.0995 5508 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:45:36.0025 5508 gpsvc - ok
16:45:36.0197 5508 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:45:36.0197 5508 gupdate - ok
16:45:36.0257 5508 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:45:36.0257 5508 gupdatem - ok
16:45:36.0317 5508 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:45:36.0327 5508 gusvc - ok
16:45:36.0357 5508 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:45:36.0367 5508 hcw85cir - ok
16:45:36.0427 5508 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:45:36.0437 5508 HdAudAddService - ok
16:45:36.0497 5508 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:45:36.0497 5508 HDAudBus - ok
16:45:36.0547 5508 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:45:36.0547 5508 HidBatt - ok
16:45:36.0567 5508 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:45:36.0577 5508 HidBth - ok
16:45:36.0597 5508 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:45:36.0597 5508 HidIr - ok
16:45:36.0639 5508 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:45:36.0639 5508 hidserv - ok
16:45:36.0709 5508 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:45:36.0739 5508 HidUsb - ok
16:45:36.0791 5508 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:45:36.0801 5508 hkmsvc - ok
16:45:36.0851 5508 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:45:36.0861 5508 HomeGroupListener - ok
16:45:36.0911 5508 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:45:36.0911 5508 HomeGroupProvider - ok
16:45:36.0981 5508 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:45:36.0981 5508 HpSAMD - ok
16:45:37.0071 5508 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:45:37.0101 5508 HTTP - ok
16:45:37.0141 5508 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:45:37.0141 5508 hwpolicy - ok
16:45:37.0201 5508 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:45:37.0201 5508 i8042prt - ok
16:45:37.0301 5508 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:45:37.0311 5508 iaStor - ok
16:45:37.0351 5508 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:45:37.0361 5508 iaStorV - ok
16:45:37.0441 5508 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:45:37.0471 5508 idsvc - ok
16:45:38.0112 5508 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:45:38.0377 5508 igfx - ok
16:45:38.0509 5508 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:45:38.0519 5508 iirsp - ok
16:45:38.0589 5508 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:45:38.0599 5508 IKEEXT - ok
16:45:38.0769 5508 [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:45:38.0779 5508 IntcAzAudAddService - ok
16:45:38.0919 5508 [ D485D3BD3E2179AA86853A182F70699F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
16:45:38.0929 5508 IntcHdmiAddService - ok
16:45:38.0969 5508 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:45:38.0969 5508 intelide - ok
16:45:39.0029 5508 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:45:39.0029 5508 intelppm - ok
16:45:39.0059 5508 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:45:39.0069 5508 IPBusEnum - ok
16:45:39.0199 5508 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:45:39.0199 5508 IpFilterDriver - ok
16:45:39.0271 5508 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:45:39.0291 5508 iphlpsvc - ok
16:45:39.0371 5508 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:45:39.0371 5508 IPMIDRV - ok
16:45:39.0411 5508 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:45:39.0411 5508 IPNAT - ok
16:45:39.0461 5508 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:45:39.0461 5508 IRENUM - ok
16:45:39.0491 5508 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:45:39.0491 5508 isapnp - ok
16:45:39.0551 5508 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:45:39.0551 5508 iScsiPrt - ok
16:45:39.0641 5508 [ FE1A970E7CE330BB844E333C374C6599 ] iWinTrusted C:\Program Files (x86)\iWin Games\iWinTrusted.exe
16:45:39.0641 5508 iWinTrusted - ok
16:45:39.0701 5508 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:45:39.0701 5508 kbdclass - ok
16:45:39.0761 5508 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:45:39.0771 5508 kbdhid - ok
16:45:39.0861 5508 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
16:45:39.0861 5508 kbfiltr - ok
16:45:39.0901 5508 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:45:39.0901 5508 KeyIso - ok
16:45:39.0971 5508 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:45:39.0981 5508 KSecDD - ok
16:45:40.0041 5508 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:45:40.0051 5508 KSecPkg - ok
16:45:40.0361 5508 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:45:40.0371 5508 ksthunk - ok
16:45:40.0571 5508 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:45:40.0581 5508 KtmRm - ok
16:45:40.0631 5508 [ AD88105EFDDC55877EA8D06346D75989 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
16:45:40.0641 5508 L1C - ok
16:45:40.0701 5508 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:45:40.0701 5508 LanmanServer - ok
16:45:40.0765 5508 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:45:40.0772 5508 LanmanWorkstation - ok
16:45:40.0833 5508 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:45:40.0843 5508 lltdio - ok
16:45:40.0873 5508 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:45:40.0888 5508 lltdsvc - ok
16:45:40.0905 5508 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:45:40.0915 5508 lmhosts - ok
16:45:41.0055 5508 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:45:41.0157 5508 LSI_FC - ok
16:45:41.0197 5508 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:45:41.0207 5508 LSI_SAS - ok
16:45:41.0257 5508 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:45:41.0257 5508 LSI_SAS2 - ok
16:45:41.0287 5508 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:45:41.0297 5508 LSI_SCSI - ok
16:45:41.0337 5508 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:45:41.0337 5508 luafv - ok
16:45:41.0436 5508 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:45:41.0441 5508 Mcx2Svc - ok
16:45:41.0459 5508 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:45:41.0459 5508 megasas - ok
16:45:41.0479 5508 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:45:41.0489 5508 MegaSR - ok
16:45:41.0529 5508 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:45:41.0529 5508 MMCSS - ok
16:45:41.0569 5508 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:45:41.0579 5508 Modem - ok
16:45:41.0609 5508 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:45:41.0609 5508 monitor - ok
16:45:41.0679 5508 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:45:41.0679 5508 mouclass - ok
16:45:41.0729 5508 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:45:41.0749 5508 mouhid - ok
16:45:41.0811 5508 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:45:41.0821 5508 mountmgr - ok
16:45:42.0701 5508 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
16:45:42.0711 5508 MpFilter - ok
16:45:42.0761 5508 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:45:42.0761 5508 mpio - ok
16:45:42.0801 5508 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:45:42.0811 5508 mpsdrv - ok
16:45:43.0181 5508 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:45:43.0231 5508 MpsSvc - ok
16:45:43.0280 5508 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:45:43.0285 5508 MRxDAV - ok
16:45:43.0333 5508 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:45:43.0343 5508 mrxsmb - ok
16:45:43.0393 5508 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:45:43.0403 5508 mrxsmb10 - ok
16:45:43.0433 5508 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:45:43.0433 5508 mrxsmb20 - ok
16:45:43.0493 5508 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:45:43.0493 5508 msahci - ok
16:45:43.0533 5508 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:45:43.0543 5508 msdsm - ok
16:45:43.0563 5508 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:45:43.0573 5508 MSDTC - ok
16:45:43.0603 5508 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:45:43.0603 5508 Msfs - ok
16:45:43.0633 5508 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:45:43.0635 5508 mshidkmdf - ok
16:45:43.0675 5508 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:45:43.0675 5508 msisadrv - ok
16:45:43.0715 5508 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:45:43.0715 5508 MSiSCSI - ok
16:45:43.0735 5508 msiserver - ok
16:45:43.0787 5508 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:45:43.0797 5508 MSKSSRV - ok
16:45:43.0877 5508 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
16:45:43.0877 5508 MsMpSvc - ok
16:45:43.0907 5508 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:45:43.0907 5508 MSPCLOCK - ok
16:45:43.0937 5508 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:45:43.0939 5508 MSPQM - ok
16:45:44.0029 5508 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:45:44.0066 5508 MsRPC - ok
16:45:44.0271 5508 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:45:44.0281 5508 mssmbios - ok
16:45:44.0341 5508 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:45:44.0341 5508 MSTEE - ok
16:45:44.0371 5508 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:45:44.0381 5508 MTConfig - ok
16:45:44.0431 5508 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
16:45:44.0431 5508 MTsensor - ok
16:45:44.0481 5508 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:45:44.0481 5508 Mup - ok
16:45:44.0531 5508 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:45:44.0561 5508 napagent - ok
16:45:44.0631 5508 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:45:44.0641 5508 NativeWifiP - ok
16:45:44.0741 5508 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:45:44.0781 5508 NDIS - ok
16:45:44.0841 5508 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:45:44.0851 5508 NdisCap - ok
16:45:44.0891 5508 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:45:44.0891 5508 NdisTapi - ok
16:45:44.0951 5508 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:45:44.0951 5508 Ndisuio - ok
16:45:44.0991 5508 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:45:45.0001 5508 NdisWan - ok
16:45:45.0051 5508 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:45:45.0059 5508 NDProxy - ok
16:45:45.0113 5508 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:45:45.0113 5508 NetBIOS - ok
16:45:45.0173 5508 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:45:45.0173 5508 NetBT - ok
16:45:45.0203 5508 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:45:45.0203 5508 Netlogon - ok
16:45:45.0463 5508 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:45:45.0473 5508 Netman - ok
16:45:45.0543 5508 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:45:45.0573 5508 NetMsmqActivator - ok
16:45:45.0593 5508 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:45:45.0593 5508 NetPipeActivator - ok
16:45:45.0695 5508 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:45:45.0705 5508 netprofm - ok
16:45:45.0745 5508 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:45:45.0745 5508 NetTcpActivator - ok
16:45:45.0765 5508 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:45:45.0765 5508 NetTcpPortSharing - ok
16:45:45.0815 5508 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:45:45.0815 5508 nfrd960 - ok
16:45:45.0875 5508 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:45:45.0875 5508 NisDrv - ok
16:45:45.0945 5508 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
16:45:45.0955 5508 NisSrv - ok
16:45:46.0025 5508 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:45:46.0035 5508 NlaSvc - ok
16:45:46.0085 5508 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:45:46.0085 5508 Npfs - ok
16:45:46.0105 5508 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:45:46.0115 5508 nsi - ok
16:45:46.0125 5508 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:45:46.0125 5508 nsiproxy - ok
16:45:46.0275 5508 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:45:46.0425 5508 Ntfs - ok
16:45:46.0577 5508 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:45:46.0587 5508 Null - ok
16:45:46.0647 5508 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:45:46.0647 5508 nvraid - ok
16:45:46.0667 5508 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:45:46.0677 5508 nvstor - ok
16:45:46.0727 5508 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:45:46.0727 5508 nv_agp - ok
16:45:46.0787 5508 [ 6EEB54E34603DD417ECE187C8402320A ] NWADI C:\Windows\system32\DRIVERS\NWADIenum.sys
16:45:46.0787 5508 NWADI - ok
16:45:46.0867 5508 [ D944D4341429093F55CB7F0EC87C86B3 ] NWUSBCDFIL64 C:\Windows\system32\DRIVERS\NwUsbCdFil64.sys
16:45:46.0867 5508 NWUSBCDFIL64 - ok
16:45:46.0897 5508 [ 877CE72712D7860FD815884438D824B8 ] NWUSBModem_000 C:\Windows\system32\DRIVERS\nwusbmdm_000.sys
16:45:46.0897 5508 NWUSBModem_000 - ok
16:45:46.0947 5508 [ 877CE72712D7860FD815884438D824B8 ] NWUSBPort2_000 C:\Windows\system32\DRIVERS\nwusbser2_000.sys
16:45:46.0947 5508 NWUSBPort2_000 - ok
16:45:46.0997 5508 [ 877CE72712D7860FD815884438D824B8 ] NWUSBPort_000 C:\Windows\system32\DRIVERS\nwusbser_000.sys
16:45:47.0007 5508 NWUSBPort_000 - ok
16:45:47.0127 5508 [ 6F67805EBE1C879DE008ED21BFCF2F02 ] NWVZHelper C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe
16:45:47.0137 5508 NWVZHelper - ok
16:45:47.0507 5508 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:45:47.0527 5508 odserv - ok
16:45:47.0557 5508 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:45:47.0567 5508 ohci1394 - ok
16:45:47.0637 5508 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:45:47.0637 5508 ose - ok
16:45:47.0687 5508 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:45:47.0697 5508 p2pimsvc - ok
16:45:47.0727 5508 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:45:47.0737 5508 p2psvc - ok
16:45:47.0767 5508 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:45:47.0767 5508 Parport - ok
16:45:47.0797 5508 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:45:47.0807 5508 partmgr - ok
16:45:47.0827 5508 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:45:47.0827 5508 PcaSvc - ok
16:45:47.0879 5508 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:45:47.0889 5508 pci - ok
16:45:47.0909 5508 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:45:47.0909 5508 pciide - ok
16:45:47.0929 5508 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:45:47.0939 5508 pcmcia - ok
16:45:47.0989 5508 [ 4CAC3AF00E29CE00EA32282E0DD55799 ] PCPitstop Scheduling C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe
16:45:47.0999 5508 PCPitstop Scheduling - ok
16:45:48.0009 5508 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:45:48.0019 5508 pcw - ok
16:45:48.0099 5508 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:45:48.0149 5508 PEAUTH - ok
16:45:48.0881 5508 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:45:48.0881 5508 PerfHost - ok
16:45:48.0973 5508 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:45:49.0013 5508 pla - ok
16:45:49.0075 5508 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:45:49.0085 5508 PlugPlay - ok
16:45:49.0125 5508 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:45:49.0155 5508 PNRPAutoReg - ok
16:45:49.0195 5508 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:45:49.0205 5508 PNRPsvc - ok
16:45:49.0307 5508 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:45:49.0357 5508 PolicyAgent - ok
16:45:49.0397 5508 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:45:49.0427 5508 Power - ok
16:45:49.0473 5508 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:45:49.0476 5508 PptpMiniport - ok
16:45:49.0508 5508 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:45:49.0511 5508 Processor - ok
16:45:49.0566 5508 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:45:49.0576 5508 ProfSvc - ok
16:45:49.0597 5508 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:45:49.0600 5508 ProtectedStorage - ok
16:45:49.0654 5508 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:45:49.0658 5508 Psched - ok
16:45:49.0760 5508 [ A6BF0A9B5A30D743623CA0D3BE35DF05 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:45:49.0762 5508 PxHlpa64 - ok
16:45:49.0850 5508 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:45:49.0915 5508 ql2300 - ok
16:45:49.0941 5508 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:45:49.0962 5508 ql40xx - ok
16:45:50.0004 5508 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:45:50.0079 5508 QWAVE - ok
16:45:50.0094 5508 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:45:50.0099 5508 QWAVEdrv - ok
16:45:50.0123 5508 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:45:50.0126 5508 RasAcd - ok
16:45:50.0182 5508 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:45:50.0192 5508 RasAgileVpn - ok
16:45:50.0241 5508 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:45:50.0254 5508 RasAuto - ok
16:45:50.0301 5508 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:45:50.0308 5508 Rasl2tp - ok
16:45:50.0384 5508 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:45:50.0495 5508 RasMan - ok
16:45:50.0523 5508 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:45:50.0534 5508 RasPppoe - ok
16:45:50.0674 5508 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:45:50.0718 5508 RasSstp - ok
16:45:50.0768 5508 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:45:50.0774 5508 rdbss - ok
16:45:50.0806 5508 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:45:50.0811 5508 rdpbus - ok
16:45:50.0828 5508 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:45:50.0829 5508 RDPCDD - ok
16:45:50.0840 5508 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:45:50.0841 5508 RDPENCDD - ok
16:45:50.0855 5508 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:45:50.0856 5508 RDPREFMP - ok
16:45:50.0905 5508 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:45:50.0913 5508 RDPWD - ok
16:45:50.0961 5508 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:45:50.0968 5508 rdyboost - ok
16:45:51.0002 5508 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:45:51.0014 5508 RemoteAccess - ok
16:45:51.0043 5508 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:45:51.0131 5508 RemoteRegistry - ok
16:45:51.0147 5508 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:45:51.0258 5508 RpcEptMapper - ok
16:45:51.0282 5508 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:45:51.0285 5508 RpcLocator - ok
16:45:51.0400 5508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:45:51.0408 5508 RpcSs - ok
16:45:51.0481 5508 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:45:51.0484 5508 rspndr - ok
16:45:51.0502 5508 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:45:51.0505 5508 SamSs - ok
16:45:51.0560 5508 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:45:51.0570 5508 sbp2port - ok
16:45:51.0620 5508 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:45:51.0630 5508 SCardSvr - ok
16:45:51.0670 5508 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:45:51.0680 5508 scfilter - ok
16:45:51.0740 5508 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:45:51.0800 5508 Schedule - ok
16:45:51.0859 5508 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:45:51.0861 5508 SCPolicySvc - ok
16:45:51.0892 5508 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:45:51.0912 5508 SDRSVC - ok
16:45:52.0054 5508 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
16:45:52.0084 5508 SeaPort - ok
16:45:52.0204 5508 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:45:52.0214 5508 secdrv - ok
16:45:52.0254 5508 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:45:52.0264 5508 seclogon - ok
16:45:52.0366 5508 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:45:52.0366 5508 SENS - ok
16:45:52.0418 5508 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:45:52.0423 5508 SensrSvc - ok
16:45:52.0548 5508 [ DE3135E7ED559FC1C1B92AA7BA52CCDB ] Ser2ph C:\Windows\system32\DRIVERS\ser2ph64.sys
16:45:52.0558 5508 Ser2ph - ok
16:45:52.0618 5508 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:45:52.0618 5508 Serenum - ok
16:45:52.0648 5508 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:45:52.0658 5508 Serial - ok
16:45:52.0718 5508 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:45:52.0718 5508 sermouse - ok
16:45:52.0820 5508 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:45:52.0830 5508 SessionEnv - ok
16:45:52.0860 5508 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:45:52.0860 5508 sffdisk - ok
16:45:52.0890 5508 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:45:52.0900 5508 sffp_mmc - ok
16:45:52.0920 5508 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:45:52.0924 5508 sffp_sd - ok
16:45:52.0962 5508 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:45:52.0962 5508 sfloppy - ok
16:45:53.0002 5508 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:45:53.0012 5508 SharedAccess - ok
16:45:53.0094 5508 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:45:53.0104 5508 ShellHWDetection - ok
16:45:53.0174 5508 [ 7799106FEE728B907A86D9C9751E02D5 ] silabenm C:\Windows\system32\DRIVERS\silabenm.sys
16:45:53.0184 5508 silabenm - ok
16:45:53.0224 5508 [ 4AD84F9B367B89B48A3338E0AECA06B9 ] silabser C:\Windows\system32\DRIVERS\silabser.sys
16:45:53.0224 5508 silabser - ok
16:45:53.0274 5508 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
16:45:53.0274 5508 SiSGbeLH - ok
16:45:53.0344 5508 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:45:53.0344 5508 SiSRaid2 - ok
16:45:53.0364 5508 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:45:53.0374 5508 SiSRaid4 - ok
16:45:53.0444 5508 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:45:53.0454 5508 SkypeUpdate - ok
16:45:53.0484 5508 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:45:53.0484 5508 Smb - ok
16:45:53.0554 5508 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:45:53.0554 5508 SNMPTRAP - ok
16:45:53.0684 5508 [ 1D8474722CDFFBB8FCA5FA12C50A05A2 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
16:45:53.0694 5508 SNP2UVC - ok
16:45:53.0786 5508 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:45:53.0786 5508 spldr - ok
16:45:53.0856 5508 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:45:53.0876 5508 Spooler - ok
16:45:53.0988 5508 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:45:54.0080 5508 sppsvc - ok
16:45:54.0152 5508 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:45:54.0152 5508 sppuinotify - ok
16:45:54.0192 5508 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:45:54.0202 5508 srv - ok
16:45:54.0222 5508 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:45:54.0232 5508 srv2 - ok
16:45:54.0262 5508 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:45:54.0272 5508 srvnet - ok
16:45:54.0324 5508 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:45:54.0334 5508 SSDPSRV - ok
16:45:54.0354 5508 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:45:54.0354 5508 SstpSvc - ok
16:45:54.0394 5508 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:45:54.0394 5508 stexstor - ok
16:45:54.0464 5508 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:45:54.0464 5508 StillCam - ok
16:45:54.0524 5508 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:45:54.0554 5508 stisvc - ok
16:45:54.0594 5508 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:45:54.0594 5508 swenum - ok
16:45:54.0644 5508 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:45:54.0664 5508 swprv - ok
16:45:54.0744 5508 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:45:54.0824 5508 SysMain - ok
16:45:54.0886 5508 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:45:54.0886 5508 TabletInputService - ok
16:45:54.0946 5508 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:45:54.0956 5508 TapiSrv - ok
16:45:54.0996 5508 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:45:54.0996 5508 TBS - ok
16:45:55.0086 5508 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:45:55.0196 5508 Tcpip - ok
16:45:55.0278 5508 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:45:55.0288 5508 TCPIP6 - ok
16:45:55.0352 5508 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:45:55.0360 5508 tcpipreg - ok
16:45:55.0410 5508 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:45:55.0410 5508 TDPIPE - ok
16:45:55.0450 5508 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:45:55.0460 5508 TDTCP - ok
16:45:55.0510 5508 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:45:55.0510 5508 tdx - ok
16:45:55.0550 5508 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:45:55.0560 5508 TermDD - ok
16:45:55.0590 5508 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:45:55.0610 5508 TermService - ok
16:45:55.0640 5508 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:45:55.0640 5508 Themes - ok
16:45:55.0680 5508 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:45:55.0690 5508 THREADORDER - ok
16:45:55.0750 5508 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:45:55.0760 5508 TrkWks - ok
16:45:55.0822 5508 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:45:55.0832 5508 TrustedInstaller - ok
16:45:55.0872 5508 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:45:55.0882 5508 tssecsrv - ok
16:45:55.0952 5508 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:45:55.0952 5508 TsUsbFlt - ok
16:45:56.0012 5508 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:45:56.0032 5508 tunnel - ok
16:45:56.0266 5508 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:45:56.0266 5508 uagp35 - ok
16:45:56.0388 5508 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:45:56.0418 5508 udfs - ok
16:45:56.0550 5508 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:45:56.0550 5508 UI0Detect - ok
16:45:56.0600 5508 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:45:56.0600 5508 uliagpkx - ok
16:45:56.0660 5508 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
16:45:56.0660 5508 umbus - ok
16:45:56.0690 5508 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:45:56.0690 5508 UmPass - ok
16:45:56.0730 5508 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:45:56.0759 5508 upnphost - ok
16:45:56.0782 5508 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:45:56.0782 5508 usbccgp - ok
16:45:56.0842 5508 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:45:56.0842 5508 usbcir - ok
16:45:56.0912 5508 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:45:56.0912 5508 usbehci - ok
16:45:56.0972 5508 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:45:56.0972 5508 usbhub - ok
16:45:57.0012 5508 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:45:57.0122 5508 usbohci - ok
16:45:57.0192 5508 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:45:57.0202 5508 usbprint - ok
16:45:57.0282 5508 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
16:45:57.0292 5508 USBSTOR - ok
16:45:57.0312 5508 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:45:57.0322 5508 usbuhci - ok
16:45:57.0362 5508 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:45:57.0372 5508 usbvideo - ok
16:45:57.0402 5508 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:45:57.0415 5508 UxSms - ok
16:45:57.0445 5508 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:45:57.0448 5508 VaultSvc - ok
16:45:57.0504 5508 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:45:57.0504 5508 vdrvroot - ok
16:45:57.0574 5508 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:45:57.0594 5508 vds - ok
16:45:57.0624 5508 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:45:57.0644 5508 vga - ok
16:45:57.0654 5508 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:45:57.0654 5508 VgaSave - ok
16:45:57.0704 5508 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:45:57.0714 5508 vhdmp - ok
16:45:57.0754 5508 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:45:57.0754 5508 viaide - ok
16:45:57.0774 5508 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:45:57.0784 5508 volmgr - ok
16:45:57.0824 5508 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:45:57.0834 5508 volmgrx - ok
16:45:57.0864 5508 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:45:57.0874 5508 volsnap - ok
16:45:57.0949 5508 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:45:57.0954 5508 vsmraid - ok
16:45:58.0036 5508 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:45:58.0086 5508 VSS - ok
16:45:58.0138 5508 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:45:58.0138 5508 vwifibus - ok
16:45:58.0168 5508 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:45:58.0178 5508 vwififlt - ok
16:45:58.0228 5508 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:45:58.0228 5508 vwifimp - ok
16:45:58.0289 5508 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:45:58.0310 5508 W32Time - ok
16:45:58.0340 5508 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:45:58.0352 5508 WacomPen - ok
16:45:58.0402 5508 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:45:58.0412 5508 WANARP - ok
16:45:58.0442 5508 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:45:58.0442 5508 Wanarpv6 - ok
16:45:58.0542 5508 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:45:58.0582 5508 WatAdminSvc - ok
16:45:58.0674 5508 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:45:58.0724 5508 wbengine - ok
16:45:58.0771 5508 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:45:58.0776 5508 WbioSrvc - ok
16:45:58.0826 5508 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:45:58.0836 5508 wcncsvc - ok
16:45:58.0866 5508 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:45:58.0866 5508 WcsPlugInService - ok
16:45:58.0938 5508 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:45:58.0948 5508 Wd - ok
16:45:59.0068 5508 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:45:59.0098 5508 Wdf01000 - ok
16:45:59.0128 5508 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:45:59.0138 5508 WdiServiceHost - ok
16:45:59.0158 5508 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:45:59.0168 5508 WdiSystemHost - ok
16:45:59.0230 5508 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:45:59.0230 5508 WebClient - ok
16:45:59.0270 5508 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:45:59.0270 5508 Wecsvc - ok
16:45:59.0300 5508 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:45:59.0310 5508 wercplsupport - ok
16:45:59.0340 5508 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:45:59.0340 5508 WerSvc - ok
16:45:59.0392 5508 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:45:59.0392 5508 WfpLwf - ok
16:45:59.0462 5508 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
16:45:59.0472 5508 WimFltr - ok
16:45:59.0512 5508 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:45:59.0512 5508 WIMMount - ok
16:45:59.0542 5508 WinDefend - ok
16:45:59.0582 5508 WinHttpAutoProxySvc - ok
16:45:59.0664 5508 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:45:59.0674 5508 Winmgmt - ok
16:45:59.0776 5508 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:45:59.0826 5508 WinRM - ok
16:45:59.0918 5508 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:45:59.0948 5508 Wlansvc - ok
16:46:00.0168 5508 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:46:00.0240 5508 wlidsvc - ok
16:46:00.0292 5508 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:46:00.0292 5508 WmiAcpi - ok
16:46:00.0332 5508 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:46:00.0342 5508 wmiApSrv - ok
16:46:00.0382 5508 WMPNetworkSvc - ok
16:46:00.0422 5508 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:46:00.0452 5508 WPCSvc - ok
16:46:00.0502 5508 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:46:00.0502 5508 WPDBusEnum - ok
16:46:00.0552 5508 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:46:00.0552 5508 ws2ifsl - ok
16:46:00.0582 5508 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:46:00.0582 5508 wscsvc - ok
16:46:00.0602 5508 WSearch - ok
16:46:00.0724 5508 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:46:00.0786 5508 wuauserv - ok
16:46:00.0838 5508 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:46:00.0848 5508 WudfPf - ok
16:46:00.0868 5508 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:46:00.0878 5508 WUDFRd - ok
16:46:00.0918 5508 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:46:00.0918 5508 wudfsvc - ok
16:46:00.0990 5508 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:46:01.0020 5508 WwanSvc - ok
16:46:01.0070 5508 ================ Scan global ===============================
16:46:01.0100 5508 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:46:01.0140 5508 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
16:46:01.0160 5508 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
16:46:01.0190 5508 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:46:01.0230 5508 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:46:01.0250 5508 [Global] - ok
16:46:01.0260 5508 ================ Scan MBR ==================================
16:46:01.0270 5508 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:46:01.0270 5508 Suspicious mbr (Forged): \Device\Harddisk0\DR0
16:46:01.0340 5508 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
16:46:01.0340 5508 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
16:46:01.0440 5508 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:46:01.0440 5508 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:46:01.0450 5508 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
16:46:06.0582 5508 \Device\Harddisk1\DR1 - ok
16:46:06.0582 5508 ================ Scan VBR ==================================
16:46:06.0592 5508 [ 7FD528609A7676A9DA5750437FAE7FE2 ] \Device\Harddisk0\DR0\Partition1
16:46:06.0592 5508 \Device\Harddisk0\DR0\Partition1 - ok
16:46:06.0662 5508 [ 41619F04182975F3B0DA985E0C611EA2 ] \Device\Harddisk0\DR0\Partition2
16:46:06.0662 5508 \Device\Harddisk0\DR0\Partition2 - ok
16:46:06.0672 5508 [ A54FD65639C41A152FDE30520B920CFA ] \Device\Harddisk1\DR1\Partition1
16:46:06.0672 5508 \Device\Harddisk1\DR1\Partition1 - ok
16:46:06.0672 5508 ============================================================
16:46:06.0672 5508 Scan finished
16:46:06.0672 5508 ============================================================
16:46:06.0754 5500 Detected object count: 2
16:46:06.0754 5500 Actual detected object count: 2
16:46:41.0453 5500 \Device\Harddisk0\DR0\# - copied to quarantine
16:46:41.0565 5500 \Device\Harddisk0\DR0 - copied to quarantine
16:46:41.0804 5500 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
16:46:41.0879 5500 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
16:46:41.0961 5500 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
16:46:50.0024 5500 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
16:46:54.0505 5500 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
16:46:54.0637 5500 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
16:46:54.0743 5500 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
16:46:55.0497 5500 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
16:46:55.0644 5500 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
16:46:55.0930 5500 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
16:46:55.0988 5500 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
16:46:56.0649 5500 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
16:46:57.0367 5500 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
16:46:57.0369 5500 \Device\Harddisk0\DR0 - ok
16:46:57.0422 5500 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
16:46:57.0422 5500 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:46:57.0422 5500 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
End of TDSSkiller log


Here is the aswMBR log

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-30 16:51:53
-----------------------------
16:51:53.661 OS Version: Windows x64 6.1.7601 Service Pack 1
16:51:53.661 Number of processors: 2 586 0x170A
16:51:53.677 ComputerName: DAWN-ASUS UserName: Dawn
16:51:56.360 Initialize success
17:21:02.527 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
17:21:02.537 Disk 0 Vendor: ST950032 0002 Size: 476940MB BusType: 3
17:21:02.537 Device \Driver\iaStor -> MajorFunction fffffa8004f445e8
17:21:02.547 Disk 0 MBR read successfully
17:21:02.547 Disk 0 MBR scan
17:21:02.547 Disk 0 Windows VISTA default MBR code
17:21:02.567 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 14998 MB offset 2048
17:21:02.587 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119231 MB offset 30717952
17:21:02.587 Disk 0 Partition - 00 0F Extended LBA 342706 MB offset 274904280
17:21:02.617 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 342706 MB offset 274904343
17:21:02.647 Disk 0 scanning C:\Windows\system32\drivers
17:21:12.657 Service scanning
17:21:34.707 Modules scanning
17:21:34.727 Disk 0 trace - called modules:
17:21:34.737 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8004f445e8]<<
17:21:34.747 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c2a060]
17:21:34.757 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8004a90410]
17:21:34.757 5 ACPI.sys[fffff88000f1e7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8004a91050]
17:21:34.767 \Driver\iaStor[0xfffffa8004ea6c50] -> IRP_MJ_CREATE -> 0xfffffa8004f445e8
17:21:34.777 Scan finished successfully
17:22:09.563 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
17:22:09.563 The log file has been saved successfully to "C:\aswMBR.txt"


Thanks again.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:18 PM

Posted 30 November 2012 - 10:29 PM

Run TDSSkiller again and select DELETE for this entry

16:46:57.0422 5500 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Post the new log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 DanT

DanT
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Arkansas, USA
  • Local time:11:18 PM

Posted 01 December 2012 - 09:51 AM

narenxp,

Here are the results of the previous set of programs.


TDSSkiller log:

05:34:52.0012 5300 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
05:34:52.0467 5300 ============================================================
05:34:52.0467 5300 Current date / time: 2012/12/01 05:34:52.0467
05:34:52.0467 5300 SystemInfo:
05:34:52.0467 5300
05:34:52.0467 5300 OS Version: 6.1.7601 ServicePack: 1.0
05:34:52.0467 5300 Product type: Workstation
05:34:52.0467 5300 ComputerName: DAWN-ASUS
05:34:52.0468 5300 UserName: Dawn
05:34:52.0468 5300 Windows directory: C:\Windows
05:34:52.0468 5300 System windows directory: C:\Windows
05:34:52.0468 5300 Running under WOW64
05:34:52.0468 5300 Processor architecture: Intel x64
05:34:52.0468 5300 Number of processors: 2
05:34:52.0468 5300 Page size: 0x1000
05:34:52.0468 5300 Boot type: Normal boot
05:34:52.0468 5300 ============================================================
05:34:54.0073 5300 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:34:54.0101 5300 Drive \Device\Harddisk1\DR1 - Size: 0x3BC000000 (14.94 Gb), SectorSize: 0x200, Cylinders: 0x79D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
05:34:54.0108 5300 ============================================================
05:34:54.0108 5300 \Device\Harddisk0\DR0:
05:34:54.0109 5300 MBR partitions:
05:34:54.0109 5300 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4B800, BlocksNum 0xE8DFCD8
05:34:54.0124 5300 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1062B517, BlocksNum 0x29D5972A
05:34:54.0124 5300 \Device\Harddisk1\DR1:
05:34:54.0125 5300 MBR partitions:
05:34:54.0125 5300 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x28, BlocksNum 0x1DDFFD8
05:34:54.0125 5300 ============================================================
05:34:54.0156 5300 C: <-> \Device\Harddisk0\DR0\Partition1
05:34:54.0185 5300 D: <-> \Device\Harddisk0\DR0\Partition2
05:34:54.0185 5300 ============================================================
05:34:54.0186 5300 Initialize success
05:34:54.0186 5300 ============================================================
05:34:57.0271 4080 ============================================================
05:34:57.0271 4080 Scan started
05:34:57.0271 4080 Mode: Manual;
05:34:57.0271 4080 ============================================================
05:34:57.0581 4080 ================ Scan system memory ========================
05:34:57.0581 4080 System memory - ok
05:34:57.0581 4080 ================ Scan services =============================
05:34:57.0791 4080 [ 49E0721CBCE4EA122D04ADA7BE90046E ] 09893501 C:\Windows\system32\drivers\76726093.sys
05:34:57.0791 4080 Suspicious file (Forged): C:\Windows\system32\drivers\76726093.sys. Real md5: 49E0721CBCE4EA122D04ADA7BE90046E, Fake md5: 8CCC23B22BB3F48403FD6AA37B6B0772
05:34:57.0791 4080 09893501 ( ForgedFile.Multi.Generic ) - warning
05:34:57.0791 4080 09893501 - detected ForgedFile.Multi.Generic (1)
05:34:57.0861 4080 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
05:34:57.0861 4080 1394ohci - ok
05:34:57.0931 4080 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
05:34:57.0941 4080 ACPI - ok
05:34:57.0981 4080 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
05:34:57.0981 4080 AcpiPmi - ok
05:34:58.0071 4080 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
05:34:58.0081 4080 AdobeActiveFileMonitor6.0 - ok
05:34:58.0201 4080 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
05:34:58.0211 4080 AdobeFlashPlayerUpdateSvc - ok
05:34:58.0271 4080 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
05:34:58.0281 4080 adp94xx - ok
05:34:58.0291 4080 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
05:34:58.0301 4080 adpahci - ok
05:34:58.0321 4080 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
05:34:58.0331 4080 adpu320 - ok
05:34:58.0371 4080 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
05:34:58.0371 4080 AeLookupSvc - ok
05:34:58.0431 4080 [ 114C042FF784B4C5670290A661799357 ] AFBAgent C:\Windows\system32\FBAgent.exe
05:34:58.0441 4080 AFBAgent - ok
05:34:58.0501 4080 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
05:34:58.0531 4080 AFD - ok
05:34:58.0591 4080 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
05:34:58.0591 4080 agp440 - ok
05:34:58.0641 4080 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
05:34:58.0641 4080 ALG - ok
05:34:58.0671 4080 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
05:34:58.0671 4080 aliide - ok
05:34:58.0701 4080 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
05:34:58.0701 4080 amdide - ok
05:34:58.0731 4080 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
05:34:58.0731 4080 AmdK8 - ok
05:34:58.0741 4080 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
05:34:58.0741 4080 AmdPPM - ok
05:34:58.0781 4080 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
05:34:58.0781 4080 amdsata - ok
05:34:58.0801 4080 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
05:34:58.0811 4080 amdsbs - ok
05:34:58.0821 4080 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
05:34:58.0821 4080 amdxata - ok
05:34:58.0871 4080 [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
05:34:58.0871 4080 AmUStor - ok
05:34:58.0921 4080 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
05:34:58.0921 4080 AppID - ok
05:34:58.0951 4080 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
05:34:58.0961 4080 AppIDSvc - ok
05:34:58.0991 4080 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
05:34:58.0991 4080 Appinfo - ok
05:34:59.0021 4080 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
05:34:59.0021 4080 arc - ok
05:34:59.0041 4080 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
05:34:59.0051 4080 arcsas - ok
05:34:59.0141 4080 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
05:34:59.0141 4080 ASLDRService - ok
05:34:59.0231 4080 [ 2DB34EDD17D3A8DA7105A19C95A3DD68 ] ASMMAP64 C:\Program Files\ATKGFNEX\ASMMAP64.sys
05:34:59.0231 4080 ASMMAP64 - ok
05:34:59.0361 4080 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
05:34:59.0361 4080 aspnet_state - ok
05:34:59.0411 4080 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
05:34:59.0411 4080 AsyncMac - ok
05:34:59.0481 4080 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
05:34:59.0481 4080 atapi - ok
05:34:59.0611 4080 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys
05:34:59.0721 4080 athr - ok
05:34:59.0761 4080 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
05:34:59.0761 4080 ATKGFNEXSrv - ok
05:34:59.0831 4080 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
05:34:59.0861 4080 AudioEndpointBuilder - ok
05:34:59.0891 4080 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
05:34:59.0901 4080 AudioSrv - ok
05:34:59.0981 4080 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
05:34:59.0981 4080 AxInstSV - ok
05:35:00.0031 4080 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
05:35:00.0041 4080 b06bdrv - ok
05:35:00.0091 4080 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
05:35:00.0101 4080 b57nd60a - ok
05:35:00.0171 4080 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
05:35:00.0171 4080 BDESVC - ok
05:35:00.0191 4080 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
05:35:00.0191 4080 Beep - ok
05:35:00.0281 4080 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
05:35:00.0311 4080 BFE - ok
05:35:00.0341 4080 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
05:35:00.0371 4080 BITS - ok
05:35:00.0401 4080 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
05:35:00.0411 4080 blbdrive - ok
05:35:00.0461 4080 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
05:35:00.0461 4080 bowser - ok
05:35:00.0491 4080 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
05:35:00.0491 4080 BrFiltLo - ok
05:35:00.0511 4080 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
05:35:00.0511 4080 BrFiltUp - ok
05:35:00.0561 4080 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
05:35:00.0561 4080 Browser - ok
05:35:00.0581 4080 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
05:35:00.0591 4080 Brserid - ok
05:35:00.0601 4080 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
05:35:00.0611 4080 BrSerWdm - ok
05:35:00.0621 4080 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
05:35:00.0621 4080 BrUsbMdm - ok
05:35:00.0641 4080 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
05:35:00.0641 4080 BrUsbSer - ok
05:35:00.0671 4080 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
05:35:00.0681 4080 BTHMODEM - ok
05:35:00.0711 4080 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
05:35:00.0711 4080 bthserv - ok
05:35:00.0751 4080 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
05:35:00.0751 4080 cdfs - ok
05:35:00.0801 4080 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
05:35:00.0811 4080 cdrom - ok
05:35:00.0911 4080 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
05:35:00.0921 4080 CertPropSvc - ok
05:35:00.0971 4080 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
05:35:00.0971 4080 circlass - ok
05:35:01.0021 4080 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
05:35:01.0031 4080 CLFS - ok
05:35:01.0101 4080 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:35:01.0101 4080 clr_optimization_v2.0.50727_32 - ok
05:35:01.0131 4080 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
05:35:01.0131 4080 clr_optimization_v2.0.50727_64 - ok
05:35:01.0221 4080 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:35:01.0231 4080 clr_optimization_v4.0.30319_32 - ok
05:35:01.0251 4080 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
05:35:01.0251 4080 clr_optimization_v4.0.30319_64 - ok
05:35:01.0281 4080 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
05:35:01.0291 4080 CmBatt - ok
05:35:01.0321 4080 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
05:35:01.0331 4080 cmdide - ok
05:35:01.0381 4080 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
05:35:01.0381 4080 CNG - ok
05:35:01.0421 4080 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
05:35:01.0421 4080 Compbatt - ok
05:35:01.0481 4080 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
05:35:01.0481 4080 CompositeBus - ok
05:35:01.0501 4080 COMSysApp - ok
05:35:01.0511 4080 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
05:35:01.0521 4080 crcdisk - ok
05:35:01.0561 4080 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
05:35:01.0571 4080 CryptSvc - ok
05:35:01.0621 4080 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
05:35:01.0651 4080 DcomLaunch - ok
05:35:01.0701 4080 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
05:35:01.0701 4080 defragsvc - ok
05:35:01.0741 4080 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
05:35:01.0751 4080 DfsC - ok
05:35:01.0801 4080 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
05:35:01.0811 4080 Dhcp - ok
05:35:01.0831 4080 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
05:35:01.0831 4080 discache - ok
05:35:01.0871 4080 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
05:35:01.0871 4080 Disk - ok
05:35:01.0921 4080 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
05:35:01.0921 4080 Dnscache - ok
05:35:01.0961 4080 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
05:35:01.0971 4080 dot3svc - ok
05:35:02.0011 4080 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
05:35:02.0021 4080 DPS - ok
05:35:02.0061 4080 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
05:35:02.0061 4080 drmkaud - ok
05:35:02.0121 4080 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
05:35:02.0151 4080 DXGKrnl - ok
05:35:02.0181 4080 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
05:35:02.0181 4080 EapHost - ok
05:35:02.0281 4080 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
05:35:02.0391 4080 ebdrv - ok
05:35:02.0431 4080 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
05:35:02.0431 4080 EFS - ok
05:35:02.0541 4080 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
05:35:02.0581 4080 ehRecvr - ok
05:35:02.0611 4080 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
05:35:02.0611 4080 ehSched - ok
05:35:02.0681 4080 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
05:35:02.0691 4080 elxstor - ok
05:35:02.0731 4080 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
05:35:02.0731 4080 ErrDev - ok
05:35:02.0791 4080 [ 1299D1EA00B7A4BF69C5869DCA31E0F6 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
05:35:02.0791 4080 ETD - ok
05:35:02.0821 4080 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
05:35:02.0831 4080 EventSystem - ok
05:35:02.0851 4080 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
05:35:02.0851 4080 exfat - ok
05:35:02.0871 4080 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
05:35:02.0871 4080 fastfat - ok
05:35:02.0941 4080 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
05:35:02.0971 4080 Fax - ok
05:35:02.0991 4080 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
05:35:03.0001 4080 fdc - ok
05:35:03.0021 4080 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
05:35:03.0021 4080 fdPHost - ok
05:35:03.0051 4080 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
05:35:03.0061 4080 FDResPub - ok
05:35:03.0071 4080 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
05:35:03.0071 4080 FileInfo - ok
05:35:03.0091 4080 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
05:35:03.0091 4080 Filetrace - ok
05:35:03.0161 4080 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
05:35:03.0191 4080 FLEXnet Licensing Service - ok
05:35:03.0201 4080 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
05:35:03.0201 4080 flpydisk - ok
05:35:03.0251 4080 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
05:35:03.0261 4080 FltMgr - ok
05:35:03.0311 4080 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
05:35:03.0351 4080 FontCache - ok
05:35:03.0411 4080 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
05:35:03.0411 4080 FontCache3.0.0.0 - ok
05:35:03.0441 4080 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
05:35:03.0451 4080 FsDepends - ok
05:35:03.0491 4080 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
05:35:03.0491 4080 fssfltr - ok
05:35:03.0621 4080 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
05:35:03.0681 4080 fsssvc - ok
05:35:03.0711 4080 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
05:35:03.0711 4080 Fs_Rec - ok
05:35:03.0761 4080 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
05:35:03.0771 4080 fvevol - ok
05:35:03.0821 4080 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
05:35:03.0821 4080 gagp30kx - ok
05:35:03.0921 4080 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
05:35:03.0931 4080 GamesAppService - ok
05:35:03.0981 4080 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
05:35:04.0001 4080 gpsvc - ok
05:35:04.0081 4080 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:35:04.0081 4080 gupdate - ok
05:35:04.0131 4080 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:35:04.0131 4080 gupdatem - ok
05:35:04.0171 4080 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
05:35:04.0171 4080 gusvc - ok
05:35:04.0191 4080 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
05:35:04.0201 4080 hcw85cir - ok
05:35:04.0241 4080 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
05:35:04.0251 4080 HdAudAddService - ok
05:35:04.0301 4080 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
05:35:04.0301 4080 HDAudBus - ok
05:35:04.0311 4080 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
05:35:04.0311 4080 HidBatt - ok
05:35:04.0321 4080 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
05:35:04.0321 4080 HidBth - ok
05:35:04.0331 4080 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
05:35:04.0331 4080 HidIr - ok
05:35:04.0481 4080 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
05:35:04.0481 4080 hidserv - ok
05:35:04.0541 4080 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
05:35:04.0541 4080 HidUsb - ok
05:35:04.0581 4080 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
05:35:04.0591 4080 hkmsvc - ok
05:35:04.0641 4080 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
05:35:04.0651 4080 HomeGroupListener - ok
05:35:04.0681 4080 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
05:35:04.0691 4080 HomeGroupProvider - ok
05:35:04.0751 4080 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
05:35:04.0751 4080 HpSAMD - ok
05:35:04.0821 4080 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
05:35:04.0841 4080 HTTP - ok
05:35:04.0871 4080 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
05:35:04.0871 4080 hwpolicy - ok
05:35:04.0911 4080 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
05:35:04.0921 4080 i8042prt - ok
05:35:04.0961 4080 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
05:35:04.0971 4080 iaStor - ok
05:35:05.0021 4080 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
05:35:05.0031 4080 iaStorV - ok
05:35:05.0091 4080 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
05:35:05.0121 4080 idsvc - ok
05:35:05.0401 4080 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
05:35:05.0741 4080 igfx - ok
05:35:05.0801 4080 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
05:35:05.0801 4080 iirsp - ok
05:35:05.0871 4080 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
05:35:05.0901 4080 IKEEXT - ok
05:35:06.0001 4080 [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
05:35:06.0141 4080 IntcAzAudAddService - ok
05:35:06.0191 4080 [ D485D3BD3E2179AA86853A182F70699F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
05:35:06.0191 4080 IntcHdmiAddService - ok
05:35:06.0241 4080 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
05:35:06.0251 4080 intelide - ok
05:35:06.0291 4080 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
05:35:06.0291 4080 intelppm - ok
05:35:06.0321 4080 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
05:35:06.0331 4080 IPBusEnum - ok
05:35:06.0381 4080 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
05:35:06.0381 4080 IpFilterDriver - ok
05:35:06.0441 4080 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
05:35:06.0461 4080 iphlpsvc - ok
05:35:06.0511 4080 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
05:35:06.0511 4080 IPMIDRV - ok
05:35:06.0541 4080 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
05:35:06.0541 4080 IPNAT - ok
05:35:06.0561 4080 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
05:35:06.0561 4080 IRENUM - ok
05:35:06.0581 4080 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
05:35:06.0581 4080 isapnp - ok
05:35:06.0621 4080 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
05:35:06.0631 4080 iScsiPrt - ok
05:35:06.0711 4080 [ FE1A970E7CE330BB844E333C374C6599 ] iWinTrusted C:\Program Files (x86)\iWin Games\iWinTrusted.exe
05:35:06.0711 4080 iWinTrusted - ok
05:35:06.0741 4080 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
05:35:06.0741 4080 kbdclass - ok
05:35:06.0801 4080 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
05:35:06.0801 4080 kbdhid - ok
05:35:06.0841 4080 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
05:35:06.0841 4080 kbfiltr - ok
05:35:06.0851 4080 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
05:35:06.0861 4080 KeyIso - ok
05:35:06.0891 4080 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
05:35:06.0891 4080 KSecDD - ok
05:35:06.0931 4080 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
05:35:06.0941 4080 KSecPkg - ok
05:35:06.0971 4080 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
05:35:06.0971 4080 ksthunk - ok
05:35:07.0011 4080 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
05:35:07.0021 4080 KtmRm - ok
05:35:07.0061 4080 [ AD88105EFDDC55877EA8D06346D75989 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
05:35:07.0071 4080 L1C - ok
05:35:07.0121 4080 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
05:35:07.0131 4080 LanmanServer - ok
05:35:07.0181 4080 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
05:35:07.0191 4080 LanmanWorkstation - ok
05:35:07.0221 4080 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
05:35:07.0221 4080 lltdio - ok
05:35:07.0261 4080 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
05:35:07.0271 4080 lltdsvc - ok
05:35:07.0291 4080 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
05:35:07.0291 4080 lmhosts - ok
05:35:07.0351 4080 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
05:35:07.0351 4080 LSI_FC - ok
05:35:07.0361 4080 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
05:35:07.0361 4080 LSI_SAS - ok
05:35:07.0381 4080 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
05:35:07.0391 4080 LSI_SAS2 - ok
05:35:07.0401 4080 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
05:35:07.0401 4080 LSI_SCSI - ok
05:35:07.0431 4080 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
05:35:07.0431 4080 luafv - ok
05:35:07.0471 4080 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
05:35:07.0481 4080 Mcx2Svc - ok
05:35:07.0501 4080 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
05:35:07.0501 4080 megasas - ok
05:35:07.0521 4080 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
05:35:07.0531 4080 MegaSR - ok
05:35:07.0561 4080 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
05:35:07.0561 4080 MMCSS - ok
05:35:07.0571 4080 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
05:35:07.0571 4080 Modem - ok
05:35:07.0601 4080 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
05:35:07.0601 4080 monitor - ok
05:35:07.0641 4080 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
05:35:07.0651 4080 mouclass - ok
05:35:07.0651 4080 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
05:35:07.0661 4080 mouhid - ok
05:35:07.0691 4080 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
05:35:07.0701 4080 mountmgr - ok
05:35:07.0791 4080 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
05:35:07.0791 4080 MpFilter - ok
05:35:07.0831 4080 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
05:35:07.0841 4080 mpio - ok
05:35:07.0871 4080 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
05:35:07.0871 4080 mpsdrv - ok
05:35:07.0921 4080 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
05:35:07.0951 4080 MpsSvc - ok
05:35:07.0991 4080 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
05:35:08.0001 4080 MRxDAV - ok
05:35:08.0041 4080 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
05:35:08.0041 4080 mrxsmb - ok
05:35:08.0091 4080 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:35:08.0101 4080 mrxsmb10 - ok
05:35:08.0121 4080 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:35:08.0121 4080 mrxsmb20 - ok
05:35:08.0161 4080 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
05:35:08.0171 4080 msahci - ok
05:35:08.0201 4080 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
05:35:08.0211 4080 msdsm - ok
05:35:08.0231 4080 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
05:35:08.0241 4080 MSDTC - ok
05:35:08.0271 4080 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
05:35:08.0271 4080 Msfs - ok
05:35:08.0281 4080 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
05:35:08.0291 4080 mshidkmdf - ok
05:35:08.0321 4080 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
05:35:08.0331 4080 msisadrv - ok
05:35:08.0381 4080 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
05:35:08.0391 4080 MSiSCSI - ok
05:35:08.0391 4080 msiserver - ok
05:35:08.0421 4080 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
05:35:08.0431 4080 MSKSSRV - ok
05:35:08.0501 4080 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
05:35:08.0501 4080 MsMpSvc - ok
05:35:08.0521 4080 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
05:35:08.0521 4080 MSPCLOCK - ok
05:35:08.0531 4080 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
05:35:08.0541 4080 MSPQM - ok
05:35:08.0581 4080 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
05:35:08.0591 4080 MsRPC - ok
05:35:08.0631 4080 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
05:35:08.0641 4080 mssmbios - ok
05:35:08.0671 4080 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
05:35:08.0681 4080 MSTEE - ok
05:35:08.0691 4080 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
05:35:08.0701 4080 MTConfig - ok
05:35:08.0741 4080 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
05:35:08.0741 4080 MTsensor - ok
05:35:08.0771 4080 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
05:35:08.0771 4080 Mup - ok
05:35:08.0831 4080 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
05:35:08.0851 4080 napagent - ok
05:35:08.0891 4080 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
05:35:08.0901 4080 NativeWifiP - ok
05:35:08.0971 4080 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
05:35:09.0011 4080 NDIS - ok
05:35:09.0052 4080 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
05:35:09.0055 4080 NdisCap - ok
05:35:09.0081 4080 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
05:35:09.0081 4080 NdisTapi - ok
05:35:09.0121 4080 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
05:35:09.0121 4080 Ndisuio - ok
05:35:09.0161 4080 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
05:35:09.0171 4080 NdisWan - ok
05:35:09.0201 4080 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
05:35:09.0201 4080 NDProxy - ok
05:35:09.0231 4080 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
05:35:09.0241 4080 NetBIOS - ok
05:35:09.0291 4080 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
05:35:09.0291 4080 NetBT - ok
05:35:09.0311 4080 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
05:35:09.0311 4080 Netlogon - ok
05:35:09.0361 4080 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
05:35:09.0371 4080 Netman - ok
05:35:09.0411 4080 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:35:09.0421 4080 NetMsmqActivator - ok
05:35:09.0441 4080 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:35:09.0441 4080 NetPipeActivator - ok
05:35:09.0471 4080 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
05:35:09.0481 4080 netprofm - ok
05:35:09.0491 4080 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:35:09.0501 4080 NetTcpActivator - ok
05:35:09.0501 4080 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:35:09.0511 4080 NetTcpPortSharing - ok
05:35:09.0541 4080 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
05:35:09.0541 4080 nfrd960 - ok
05:35:09.0601 4080 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
05:35:09.0601 4080 NisDrv - ok
05:35:09.0661 4080 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
05:35:09.0671 4080 NisSrv - ok
05:35:09.0731 4080 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
05:35:09.0741 4080 NlaSvc - ok
05:35:09.0771 4080 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
05:35:09.0771 4080 Npfs - ok
05:35:09.0801 4080 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
05:35:09.0801 4080 nsi - ok
05:35:09.0811 4080 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
05:35:09.0821 4080 nsiproxy - ok
05:35:09.0901 4080 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
05:35:09.0981 4080 Ntfs - ok
05:35:10.0021 4080 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
05:35:10.0021 4080 Null - ok
05:35:10.0061 4080 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
05:35:10.0061 4080 nvraid - ok
05:35:10.0111 4080 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
05:35:10.0121 4080 nvstor - ok
05:35:10.0141 4080 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
05:35:10.0141 4080 nv_agp - ok
05:35:10.0191 4080 [ 6EEB54E34603DD417ECE187C8402320A ] NWADI C:\Windows\system32\DRIVERS\NWADIenum.sys
05:35:10.0201 4080 NWADI - ok
05:35:10.0251 4080 [ D944D4341429093F55CB7F0EC87C86B3 ] NWUSBCDFIL64 C:\Windows\system32\DRIVERS\NwUsbCdFil64.sys
05:35:10.0251 4080 NWUSBCDFIL64 - ok
05:35:10.0271 4080 [ 877CE72712D7860FD815884438D824B8 ] NWUSBModem_000 C:\Windows\system32\DRIVERS\nwusbmdm_000.sys
05:35:10.0271 4080 NWUSBModem_000 - ok
05:35:10.0291 4080 [ 877CE72712D7860FD815884438D824B8 ] NWUSBPort2_000 C:\Windows\system32\DRIVERS\nwusbser2_000.sys
05:35:10.0291 4080 NWUSBPort2_000 - ok
05:35:10.0331 4080 [ 877CE72712D7860FD815884438D824B8 ] NWUSBPort_000 C:\Windows\system32\DRIVERS\nwusbser_000.sys
05:35:10.0341 4080 NWUSBPort_000 - ok
05:35:10.0431 4080 [ 6F67805EBE1C879DE008ED21BFCF2F02 ] NWVZHelper C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe
05:35:10.0441 4080 NWVZHelper - ok
05:35:10.0521 4080 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
05:35:10.0531 4080 odserv - ok
05:35:10.0581 4080 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
05:35:10.0581 4080 ohci1394 - ok
05:35:10.0621 4080 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:35:10.0621 4080 ose - ok
05:35:10.0661 4080 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
05:35:10.0671 4080 p2pimsvc - ok
05:35:10.0701 4080 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
05:35:10.0711 4080 p2psvc - ok
05:35:10.0741 4080 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
05:35:10.0741 4080 Parport - ok
05:35:10.0771 4080 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
05:35:10.0781 4080 partmgr - ok
05:35:10.0801 4080 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
05:35:10.0801 4080 PcaSvc - ok
05:35:10.0841 4080 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
05:35:10.0851 4080 pci - ok
05:35:10.0871 4080 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
05:35:10.0871 4080 pciide - ok
05:35:10.0891 4080 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
05:35:10.0891 4080 pcmcia - ok
05:35:10.0961 4080 [ 4CAC3AF00E29CE00EA32282E0DD55799 ] PCPitstop Scheduling C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe
05:35:10.0961 4080 PCPitstop Scheduling - ok
05:35:10.0991 4080 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
05:35:10.0991 4080 pcw - ok
05:35:11.0021 4080 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
05:35:11.0041 4080 PEAUTH - ok
05:35:11.0111 4080 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
05:35:11.0111 4080 PerfHost - ok
05:35:11.0191 4080 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
05:35:11.0231 4080 pla - ok
05:35:11.0281 4080 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
05:35:11.0291 4080 PlugPlay - ok
05:35:11.0321 4080 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
05:35:11.0321 4080 PNRPAutoReg - ok
05:35:11.0341 4080 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
05:35:11.0351 4080 PNRPsvc - ok
05:35:11.0401 4080 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
05:35:11.0421 4080 PolicyAgent - ok
05:35:11.0461 4080 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
05:35:11.0471 4080 Power - ok
05:35:11.0511 4080 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
05:35:11.0511 4080 PptpMiniport - ok
05:35:11.0541 4080 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
05:35:11.0541 4080 Processor - ok
05:35:11.0591 4080 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
05:35:11.0591 4080 ProfSvc - ok
05:35:11.0611 4080 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
05:35:11.0611 4080 ProtectedStorage - ok
05:35:11.0641 4080 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
05:35:11.0651 4080 Psched - ok
05:35:11.0701 4080 [ A6BF0A9B5A30D743623CA0D3BE35DF05 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
05:35:11.0711 4080 PxHlpa64 - ok
05:35:11.0781 4080 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
05:35:11.0921 4080 ql2300 - ok
05:35:11.0941 4080 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
05:35:11.0941 4080 ql40xx - ok
05:35:11.0971 4080 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
05:35:11.0981 4080 QWAVE - ok
05:35:11.0981 4080 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
05:35:11.0991 4080 QWAVEdrv - ok
05:35:12.0011 4080 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
05:35:12.0011 4080 RasAcd - ok
05:35:12.0051 4080 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
05:35:12.0051 4080 RasAgileVpn - ok
05:35:12.0061 4080 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
05:35:12.0061 4080 RasAuto - ok
05:35:12.0101 4080 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
05:35:12.0101 4080 Rasl2tp - ok
05:35:12.0141 4080 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
05:35:12.0151 4080 RasMan - ok
05:35:12.0171 4080 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
05:35:12.0171 4080 RasPppoe - ok
05:35:12.0291 4080 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
05:35:12.0291 4080 RasSstp - ok
05:35:12.0331 4080 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
05:35:12.0331 4080 rdbss - ok
05:35:12.0351 4080 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
05:35:12.0361 4080 rdpbus - ok
05:35:12.0381 4080 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
05:35:12.0381 4080 RDPCDD - ok
05:35:12.0411 4080 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
05:35:12.0411 4080 RDPENCDD - ok
05:35:12.0441 4080 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
05:35:12.0441 4080 RDPREFMP - ok
05:35:12.0481 4080 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
05:35:12.0491 4080 RDPWD - ok
05:35:12.0531 4080 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
05:35:12.0531 4080 rdyboost - ok
05:35:12.0571 4080 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
05:35:12.0571 4080 RemoteAccess - ok
05:35:12.0601 4080 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
05:35:12.0611 4080 RemoteRegistry - ok
05:35:12.0631 4080 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
05:35:12.0631 4080 RpcEptMapper - ok
05:35:12.0681 4080 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
05:35:12.0681 4080 RpcLocator - ok
05:35:12.0731 4080 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
05:35:12.0741 4080 RpcSs - ok
05:35:12.0791 4080 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
05:35:12.0791 4080 rspndr - ok
05:35:12.0811 4080 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
05:35:12.0811 4080 SamSs - ok
05:35:12.0851 4080 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
05:35:12.0851 4080 sbp2port - ok
05:35:12.0881 4080 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
05:35:12.0891 4080 SCardSvr - ok
05:35:12.0931 4080 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
05:35:12.0931 4080 scfilter - ok
05:35:13.0001 4080 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
05:35:13.0041 4080 Schedule - ok
05:35:13.0071 4080 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
05:35:13.0071 4080 SCPolicySvc - ok
05:35:13.0101 4080 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
05:35:13.0111 4080 SDRSVC - ok
05:35:13.0211 4080 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
05:35:13.0211 4080 SeaPort - ok
05:35:13.0261 4080 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
05:35:13.0271 4080 secdrv - ok
05:35:13.0311 4080 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
05:35:13.0311 4080 seclogon - ok
05:35:13.0331 4080 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
05:35:13.0341 4080 SENS - ok
05:35:13.0351 4080 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
05:35:13.0361 4080 SensrSvc - ok
05:35:13.0401 4080 [ DE3135E7ED559FC1C1B92AA7BA52CCDB ] Ser2ph C:\Windows\system32\DRIVERS\ser2ph64.sys
05:35:13.0411 4080 Ser2ph - ok
05:35:13.0421 4080 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
05:35:13.0421 4080 Serenum - ok
05:35:13.0441 4080 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
05:35:13.0451 4080 Serial - ok
05:35:13.0481 4080 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
05:35:13.0491 4080 sermouse - ok
05:35:13.0531 4080 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
05:35:13.0541 4080 SessionEnv - ok
05:35:13.0571 4080 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
05:35:13.0581 4080 sffdisk - ok
05:35:13.0581 4080 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
05:35:13.0591 4080 sffp_mmc - ok
05:35:13.0591 4080 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
05:35:13.0601 4080 sffp_sd - ok
05:35:13.0621 4080 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
05:35:13.0621 4080 sfloppy - ok
05:35:13.0661 4080 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
05:35:13.0671 4080 SharedAccess - ok
05:35:13.0721 4080 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
05:35:13.0731 4080 ShellHWDetection - ok
05:35:13.0791 4080 [ 7799106FEE728B907A86D9C9751E02D5 ] silabenm C:\Windows\system32\DRIVERS\silabenm.sys
05:35:13.0791 4080 silabenm - ok
05:35:13.0811 4080 [ 4AD84F9B367B89B48A3338E0AECA06B9 ] silabser C:\Windows\system32\DRIVERS\silabser.sys
05:35:13.0821 4080 silabser - ok
05:35:13.0851 4080 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
05:35:13.0851 4080 SiSGbeLH - ok
05:35:13.0881 4080 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
05:35:13.0881 4080 SiSRaid2 - ok
05:35:13.0891 4080 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
05:35:13.0891 4080 SiSRaid4 - ok
05:35:13.0951 4080 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
05:35:13.0951 4080 SkypeUpdate - ok
05:35:13.0971 4080 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
05:35:13.0981 4080 Smb - ok
05:35:14.0031 4080 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
05:35:14.0041 4080 SNMPTRAP - ok
05:35:14.0131 4080 [ 1D8474722CDFFBB8FCA5FA12C50A05A2 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
05:35:14.0241 4080 SNP2UVC - ok
05:35:14.0271 4080 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
05:35:14.0271 4080 spldr - ok
05:35:14.0331 4080 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
05:35:14.0361 4080 Spooler - ok
05:35:14.0471 4080 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
05:35:14.0611 4080 sppsvc - ok
05:35:14.0641 4080 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
05:35:14.0651 4080 sppuinotify - ok
05:35:14.0681 4080 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
05:35:14.0691 4080 srv - ok
05:35:14.0711 4080 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
05:35:14.0721 4080 srv2 - ok
05:35:14.0741 4080 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
05:35:14.0741 4080 srvnet - ok
05:35:14.0771 4080 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
05:35:14.0781 4080 SSDPSRV - ok
05:35:14.0801 4080 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
05:35:14.0801 4080 SstpSvc - ok
05:35:14.0831 4080 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
05:35:14.0831 4080 stexstor - ok
05:35:14.0881 4080 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
05:35:14.0891 4080 StillCam - ok
05:35:14.0951 4080 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
05:35:14.0981 4080 stisvc - ok
05:35:15.0021 4080 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
05:35:15.0031 4080 swenum - ok
05:35:15.0081 4080 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
05:35:15.0101 4080 swprv - ok
05:35:15.0191 4080 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
05:35:15.0341 4080 SysMain - ok
05:35:15.0381 4080 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
05:35:15.0391 4080 TabletInputService - ok
05:35:15.0441 4080 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
05:35:15.0451 4080 TapiSrv - ok
05:35:15.0481 4080 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
05:35:15.0481 4080 TBS - ok
05:35:15.0571 4080 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
05:35:15.0671 4080 Tcpip - ok
05:35:15.0741 4080 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
05:35:15.0761 4080 TCPIP6 - ok
05:35:15.0791 4080 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
05:35:15.0801 4080 tcpipreg - ok
05:35:15.0851 4080 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
05:35:15.0851 4080 TDPIPE - ok
05:35:15.0881 4080 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
05:35:15.0891 4080 TDTCP - ok
05:35:15.0931 4080 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
05:35:15.0931 4080 tdx - ok
05:35:15.0981 4080 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
05:35:15.0981 4080 TermDD - ok
05:35:16.0031 4080 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
05:35:16.0071 4080 TermService - ok
05:35:16.0101 4080 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
05:35:16.0101 4080 Themes - ok
05:35:16.0131 4080 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
05:35:16.0141 4080 THREADORDER - ok
05:35:16.0181 4080 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
05:35:16.0181 4080 TrkWks - ok
05:35:16.0241 4080 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
05:35:16.0241 4080 TrustedInstaller - ok
05:35:16.0281 4080 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
05:35:16.0281 4080 tssecsrv - ok
05:35:16.0321 4080 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
05:35:16.0321 4080 TsUsbFlt - ok
05:35:16.0381 4080 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
05:35:16.0381 4080 tunnel - ok
05:35:16.0421 4080 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
05:35:16.0421 4080 uagp35 - ok
05:35:16.0461 4080 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
05:35:16.0461 4080 udfs - ok
05:35:16.0501 4080 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
05:35:16.0511 4080 UI0Detect - ok
05:35:16.0541 4080 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
05:35:16.0551 4080 uliagpkx - ok
05:35:16.0591 4080 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
05:35:16.0591 4080 umbus - ok
05:35:16.0621 4080 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
05:35:16.0621 4080 UmPass - ok
05:35:16.0641 4080 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
05:35:16.0651 4080 upnphost - ok
05:35:16.0671 4080 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
05:35:16.0671 4080 usbccgp - ok
05:35:16.0701 4080 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
05:35:16.0701 4080 usbcir - ok
05:35:16.0721 4080 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
05:35:16.0731 4080 usbehci - ok
05:35:16.0751 4080 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
05:35:16.0751 4080 usbhub - ok
05:35:16.0781 4080 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
05:35:16.0781 4080 usbohci - ok
05:35:16.0831 4080 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
05:35:16.0831 4080 usbprint - ok
05:35:16.0881 4080 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
05:35:16.0881 4080 USBSTOR - ok
05:35:16.0931 4080 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
05:35:16.0931 4080 usbuhci - ok
05:35:16.0991 4080 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
05:35:17.0001 4080 usbvideo - ok
05:35:17.0041 4080 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
05:35:17.0051 4080 UxSms - ok
05:35:17.0091 4080 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
05:35:17.0091 4080 VaultSvc - ok
05:35:17.0141 4080 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
05:35:17.0141 4080 vdrvroot - ok
05:35:17.0201 4080 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
05:35:17.0231 4080 vds - ok
05:35:17.0271 4080 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
05:35:17.0271 4080 vga - ok
05:35:17.0291 4080 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
05:35:17.0291 4080 VgaSave - ok
05:35:17.0331 4080 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
05:35:17.0341 4080 vhdmp - ok
05:35:17.0371 4080 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
05:35:17.0371 4080 viaide - ok
05:35:17.0391 4080 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
05:35:17.0391 4080 volmgr - ok
05:35:17.0441 4080 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
05:35:17.0451 4080 volmgrx - ok
05:35:17.0471 4080 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
05:35:17.0471 4080 volsnap - ok
05:35:17.0521 4080 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
05:35:17.0521 4080 vsmraid - ok
05:35:17.0601 4080 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
05:35:17.0671 4080 VSS - ok
05:35:17.0691 4080 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
05:35:17.0691 4080 vwifibus - ok
05:35:17.0711 4080 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
05:35:17.0711 4080 vwififlt - ok
05:35:17.0741 4080 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
05:35:17.0741 4080 vwifimp - ok
05:35:17.0791 4080 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
05:35:17.0801 4080 W32Time - ok
05:35:17.0821 4080 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
05:35:17.0821 4080 WacomPen - ok
05:35:17.0901 4080 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
05:35:17.0901 4080 WANARP - ok
05:35:17.0941 4080 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
05:35:17.0941 4080 Wanarpv6 - ok
05:35:18.0031 4080 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
05:35:18.0061 4080 WatAdminSvc - ok
05:35:18.0141 4080 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
05:35:18.0231 4080 wbengine - ok
05:35:18.0261 4080 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
05:35:18.0271 4080 WbioSrvc - ok
05:35:18.0331 4080 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
05:35:18.0351 4080 wcncsvc - ok
05:35:18.0361 4080 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
05:35:18.0371 4080 WcsPlugInService - ok
05:35:18.0421 4080 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
05:35:18.0421 4080 Wd - ok
05:35:18.0481 4080 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
05:35:18.0501 4080 Wdf01000 - ok
05:35:18.0541 4080 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
05:35:18.0551 4080 WdiServiceHost - ok
05:35:18.0551 4080 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
05:35:18.0561 4080 WdiSystemHost - ok
05:35:18.0601 4080 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
05:35:18.0621 4080 WebClient - ok
05:35:18.0651 4080 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
05:35:18.0651 4080 Wecsvc - ok
05:35:18.0681 4080 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
05:35:18.0681 4080 wercplsupport - ok
05:35:18.0711 4080 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
05:35:18.0711 4080 WerSvc - ok
05:35:18.0741 4080 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
05:35:18.0741 4080 WfpLwf - ok
05:35:18.0781 4080 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
05:35:18.0781 4080 WimFltr - ok
05:35:18.0811 4080 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
05:35:18.0821 4080 WIMMount - ok
05:35:18.0841 4080 WinDefend - ok
05:35:18.0851 4080 WinHttpAutoProxySvc - ok
05:35:18.0931 4080 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
05:35:18.0941 4080 Winmgmt - ok
05:35:19.0021 4080 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
05:35:19.0111 4080 WinRM - ok
05:35:19.0181 4080 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
05:35:19.0211 4080 Wlansvc - ok
05:35:19.0351 4080 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
05:35:19.0451 4080 wlidsvc - ok
05:35:19.0481 4080 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
05:35:19.0491 4080 WmiAcpi - ok
05:35:19.0521 4080 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
05:35:19.0531 4080 wmiApSrv - ok
05:35:19.0571 4080 WMPNetworkSvc - ok
05:35:19.0601 4080 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
05:35:19.0601 4080 WPCSvc - ok
05:35:19.0631 4080 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
05:35:19.0641 4080 WPDBusEnum - ok
05:35:19.0661 4080 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
05:35:19.0671 4080 ws2ifsl - ok
05:35:19.0691 4080 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
05:35:19.0691 4080 wscsvc - ok
05:35:19.0701 4080 WSearch - ok
05:35:19.0801 4080 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
05:35:19.0921 4080 wuauserv - ok
05:35:19.0961 4080 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
05:35:19.0961 4080 WudfPf - ok
05:35:20.0001 4080 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
05:35:20.0011 4080 WUDFRd - ok
05:35:20.0041 4080 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
05:35:20.0051 4080 wudfsvc - ok
05:35:20.0091 4080 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
05:35:20.0091 4080 WwanSvc - ok
05:35:20.0131 4080 ================ Scan global ===============================
05:35:20.0161 4080 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
05:35:20.0201 4080 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
05:35:20.0211 4080 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
05:35:20.0241 4080 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
05:35:20.0281 4080 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
05:35:20.0291 4080 [Global] - ok
05:35:20.0291 4080 ================ Scan MBR ==================================
05:35:20.0301 4080 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
05:35:20.0311 4080 Suspicious mbr (Forged): \Device\Harddisk0\DR0
05:35:20.0391 4080 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
05:35:20.0391 4080 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
05:35:20.0391 4080 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
05:35:24.0621 4080 \Device\Harddisk1\DR1 - ok
05:35:24.0621 4080 ================ Scan VBR ==================================
05:35:24.0631 4080 [ 7FD528609A7676A9DA5750437FAE7FE2 ] \Device\Harddisk0\DR0\Partition1
05:35:24.0631 4080 \Device\Harddisk0\DR0\Partition1 - ok
05:35:24.0701 4080 [ 41619F04182975F3B0DA985E0C611EA2 ] \Device\Harddisk0\DR0\Partition2
05:35:24.0711 4080 \Device\Harddisk0\DR0\Partition2 - ok
05:35:24.0711 4080 [ F0BDE47650D32EE17E15994321A73D86 ] \Device\Harddisk1\DR1\Partition1
05:35:24.0721 4080 \Device\Harddisk1\DR1\Partition1 - ok
05:35:24.0721 4080 ============================================================
05:35:24.0721 4080 Scan finished
05:35:24.0721 4080 ============================================================
05:35:24.0731 6344 Detected object count: 2
05:35:24.0731 6344 Actual detected object count: 2
05:37:34.0228 6344 09893501 ( ForgedFile.Multi.Generic ) - skipped by user
05:37:34.0228 6344 09893501 ( ForgedFile.Multi.Generic ) - User select action: Skip
05:37:35.0182 6344 \Device\Harddisk0\DR0\# - copied to quarantine
05:37:35.0195 6344 \Device\Harddisk0\DR0 - copied to quarantine
05:37:35.0301 6344 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
05:37:35.0456 6344 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
05:37:35.0537 6344 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
05:37:38.0034 6344 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
05:37:38.0084 6344 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
05:37:38.0091 6344 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
05:37:38.0099 6344 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
05:37:38.0366 6344 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
05:37:38.0400 6344 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
05:37:38.0437 6344 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
05:37:38.0446 6344 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
05:37:38.0455 6344 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
05:37:38.0539 6344 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
05:37:38.0541 6344 \Device\Harddisk0\DR0 - ok
05:37:38.0546 6344 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
05:37:50.0689 3956 Deinitialize success


++++++++++++++++++++++++++++++++++++++++++++++++++++

MBAM log:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.01.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Dawn :: DAWN-ASUS [administrator]

12/1/2012 5:52:27 AM
mbam-log-2012-12-01 (05-52-27).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 458865
Time elapsed: 1 hour(s), 58 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RivalGaming (Adware.Gamevance) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\MyWebSearch (PUP.MyWebsearch) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\TDSSKiller_Quarantine\01.12.2012_05.34.52\mbr0000\tdlfs0000\tsk0002.dta (Trojan.Agent.MRGGen) -> Quarantined and deleted successfully.
C:\Users\Dawn\AppData\Local\RivalGaming\Uninstaller.exe (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

++++++++++++++++++++++++++++++++++++++++++

MiniToolBox log:

MiniToolBox by Farbar Version: 25-11-2012
Ran by Dawn (administrator) on 01-12-2012 at 08:22:18
Running from "C:\Users\Dawn\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Dawn-ASUS
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 22-25-D3-C5-F2-01
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 90-E6-BA-8D-8F-56
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 00-25-D3-C5-F2-01
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::69f0:2561:217e:9fc3%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, December 01, 2012 8:02:14 AM
Lease Expires . . . . . . . . . . : Sunday, December 02, 2012 8:02:18 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234890707
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-75-48-72-00-25-D3-C5-F2-01
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{F897F3D0-C641-4C9D-B6F7-2C8C1467625B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4000:801::1002
74.125.227.130
74.125.227.131
74.125.227.132
74.125.227.133
74.125.227.134
74.125.227.135
74.125.227.136
74.125.227.137
74.125.227.142
74.125.227.128
74.125.227.129


Pinging google.com [74.125.227.132] with 32 bytes of data:
Reply from 74.125.227.132: bytes=32 time=76ms TTL=49
Reply from 74.125.227.132: bytes=32 time=69ms TTL=49

Ping statistics for 74.125.227.132:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 69ms, Maximum = 76ms, Average = 72ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=137ms TTL=50
Reply from 98.138.253.109: bytes=32 time=85ms TTL=50

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 85ms, Maximum = 137ms, Average = 111ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...22 25 d3 c5 f2 01 ......Microsoft Virtual WiFi Miniport Adapter
11...90 e6 ba 8d 8f 56 ......Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20)
10...00 25 d3 c5 f2 01 ......Atheros AR9285 Wireless Network Adapter
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.6 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.6 281
192.168.1.6 255.255.255.255 On-link 192.168.1.6 281
192.168.1.255 255.255.255.255 On-link 192.168.1.6 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.6 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.6 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 281 fe80::/64 On-link
10 281 fe80::69f0:2561:217e:9fc3/128
On-link
1 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/01/2012 00:31:42 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/01/2012 00:31:18 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (11/30/2012 08:58:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/30/2012 08:57:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/30/2012 08:57:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (11/30/2012 05:22:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/30/2012 05:22:22 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/30/2012 04:50:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/30/2012 04:50:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/30/2012 04:49:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (12/01/2012 05:49:14 AM) (Source: Microsoft Antimalware) (User: )
Description: %60 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

Signatures Attempted: %24

Error Code: 0x80070002

Error description: The system cannot find the file specified.

Signature version: 1.141.582.0;1.141.582.0

Engine version: %600

Error: (11/30/2012 04:48:43 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
09893501

Error: (11/30/2012 04:48:21 PM) (Source: BugCheck) (User: )
Description: 0x000000b8 (0xfffffa80050ba060, 0xfffffa800a5b1560, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP113012-30638-01

Error: (11/30/2012 04:48:20 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:46:47 PM on ?11/?30/?2012 was unexpected.

Error: (11/30/2012 04:34:35 PM) (Source: Microsoft Antimalware) (User: )
Description: %60 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

Signatures Attempted: %24

Error Code: 0x80070002

Error description: The system cannot find the file specified.

Signature version: 1.141.582.0;1.141.582.0

Engine version: %600

Error: (11/30/2012 08:06:26 AM) (Source: Microsoft Antimalware) (User: )
Description: %60 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

Signatures Attempted: %24

Error Code: 0x80070002

Error description: The system cannot find the file specified.

Signature version: 1.141.254.0;1.141.254.0

Engine version: %600

Error: (11/29/2012 11:34:45 AM) (Source: Microsoft Antimalware) (User: )
Description: %Trojan:JS/IframeRef60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Trojan:JS/IframeRef603

Name: Trojan:JS/IframeRef

ID: 2147638646

Severity: %Trojan:JS/IframeRef600

Category: %Trojan:JS/IframeRef602

Path: 4.1.0522.02

Detection Origin: 4.1.0522.04

Detection Type: 4.1.0522.08

Detection Source: %Trojan:JS/IframeRef608

User: {3C059BF3-CF0B-48B6-9F8F-5D1956912E36}9

Process Name: %Trojan:JS/IframeRef609

Action: {3C059BF3-CF0B-48B6-9F8F-5D1956912E36}1

Action Status: {3C059BF3-CF0B-48B6-9F8F-5D1956912E36}8

Error Code: {3C059BF3-CF0B-48B6-9F8F-5D1956912E36}3

Error description: {3C059BF3-CF0B-48B6-9F8F-5D1956912E36}4

Signature Version: 2012-11-29T17:34:15.290Z1

Engine Version: 2012-11-29T17:34:15.290Z2

Error: (11/29/2012 11:31:38 AM) (Source: Microsoft Antimalware) (User: )
Description: %Trojan:JS/IframeRef60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Trojan:JS/IframeRef603

Name: Trojan:JS/IframeRef

ID: 2147638646

Severity: %Trojan:JS/IframeRef600

Category: %Trojan:JS/IframeRef602

Path: 4.1.0522.02

Detection Origin: 4.1.0522.04

Detection Type: 4.1.0522.08

Detection Source: %Trojan:JS/IframeRef608

User: {B193722F-931F-40ED-8A1B-240E6BADB2F0}9

Process Name: %Trojan:JS/IframeRef609

Action: {B193722F-931F-40ED-8A1B-240E6BADB2F0}1

Action Status: {B193722F-931F-40ED-8A1B-240E6BADB2F0}8

Error Code: {B193722F-931F-40ED-8A1B-240E6BADB2F0}3

Error description: {B193722F-931F-40ED-8A1B-240E6BADB2F0}4

Signature Version: 2012-11-29T17:31:09.172Z1

Engine Version: 2012-11-29T17:31:09.172Z2

Error: (11/29/2012 10:18:47 AM) (Source: Microsoft Antimalware) (User: )
Description: %Trojan:JS/IframeRef60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Trojan:JS/IframeRef603

Name: Trojan:JS/IframeRef

ID: 2147638646

Severity: %Trojan:JS/IframeRef600

Category: %Trojan:JS/IframeRef602

Path: 4.1.0522.02

Detection Origin: 4.1.0522.04

Detection Type: 4.1.0522.08

Detection Source: %Trojan:JS/IframeRef608

User: {9EC8DBC9-20CB-4913-B698-927C065636DB}9

Process Name: %Trojan:JS/IframeRef609

Action: {9EC8DBC9-20CB-4913-B698-927C065636DB}1

Action Status: {9EC8DBC9-20CB-4913-B698-927C065636DB}8

Error Code: {9EC8DBC9-20CB-4913-B698-927C065636DB}3

Error description: {9EC8DBC9-20CB-4913-B698-927C065636DB}4

Signature Version: 2012-11-29T16:18:13.721Z1

Engine Version: 2012-11-29T16:18:13.721Z2

Error: (11/29/2012 06:31:22 AM) (Source: Microsoft Antimalware) (User: )
Description: %60 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

Signatures Attempted: %24

Error Code: 0x80070002

Error description: The system cannot find the file specified.

Signature version: 1.141.582.0;1.141.582.0

Engine version: %600


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
ÊÍÏíË áÜ Microsoft Office Excel 2007 Help (KB963678)
ÊÍÏíË áÜ Microsoft Office Powerpoint 2007 Help (KB963669)
ÊÍÏíË áÜ Microsoft Office Word 2007 Help (KB963665)
7 Wonders II (remove only)
7 Wonders: Magical Mystery Tour
7 Wonders: Magical Mystery Tour (Version: 2.2.0.98)
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Actualização do Microsoft Office Excel 2007 Help (KB963678)
Actualização do Microsoft Office Powerpoint 2007 Help (KB963669)
Actualização do Microsoft Office Word 2007 Help (KB963665)
Adobe AIR (Version: 1.5.3.9130)
Adobe Digital Editions
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Photoshop Elements 6.0 (Version: 6.0)
Adobe Reader 9.5.0 MUI (Version: 9.5.0)
Alcor Micro USB Card Reader (Version: 1.3.17.25001)
Amazing Adventures Riddle of the Two Knights ™
Amazing Adventures: The Forgotten Dynasty (Version: 2.2.0.97)
Around the World in 80 Days
Around the World in 80 Levels (remove only)
Ask Toolbar (Version: 1.15.2.0)
Ask Toolbar Updater (Version: 1.2.0.20007)
ASUS AI Recovery (Version: 1.0.6)
ASUS FancyStart (Version: 1.0.6)
ASUS LifeFrame3 (Version: 3.0.20)
ASUS Live Update (Version: 2.5.8)
ASUS MultiFrame (Version: 1.0.0019)
ASUS Power4Gear Hybrid (Version: 1.1.20)
ASUS SmartLogon (Version: 1.0.0007)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0028)
Asus_ULSeries_ScreenSaver
Atheros Client Installation Program (Version: 7.0)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.5)
ATK Generic Function Service (Version: 1.00.0008)
ATK Hotkey (Version: 1.0.0051)
ATK Media (Version: 2.0.0005)
ATKOSD2 (Version: 7.0.0006)
Atualização do produto Microsoft Office Excel 2007 Help (KB963678)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)
Atualização do produto Microsoft Office Word 2007 Help (KB963665)
Avery Wizard 4.0 (Version: 4.0.4)
BackUp Maker v6.4
Bejeweled 2 Deluxe
Bejeweled 3
Bejeweled 3 (Version: 2.2.0.95)
Big City Adventure - Vancouver (Version: 2.2.0.90)
Big City Adventure: London Story (Version: 2.2.0.98)
Big City Adventure: Sydney, Australia
Big City Adventure: Vancouver
Big City Adventure: Vancouver Collector's Edition
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bing Bar (Version: 6.3.2291.0)
Bing Bar Platform (Version: 6.3.2291.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Casino Chaos
ControlDeck (Version: 1.0.3)
Cradle Of Egypt Collector's Edition (Version: 2.2.0.98)
Crop Busters
CyberLink LabelPrint (Version: 2.5.1720)
CyberLink Power2Go (Version: 6.1.2713)
D3DX10 (Version: 15.4.2368.0902)
Enchanted Cavern 2 (Version: 2.2.0.98)
ETDWare PS/2-x64 7.0.5.7_WHQL
Express Gate (Version: 1.2.13.14)
FamilySearch Indexing 3.12.1 (Version: 3.12.1)
Farm Frenzy (Version: 2.2.0.82)
Farm Frenzy 3 - Ice Age (Version: 2.2.0.95)
Fast Boot (Version: 1.0.3)
Feedback Tool (Version: 1.1.0)
FriendsChecker (Version: 2.5.40)
Google Chrome (Version: 23.0.1271.64)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
Gourmania 3: Zoo Zoom
greenstreet Picture Browser
GSP 100,000 Clipart Vol.1 (Version: 3.20.0000)
Hidden Expedition: Everest ™
Hidden Expedition: The Uncharted Islands
Hidden Mysteries&reg;: Salem Secrets
House of 1000 Doors: Family Secret Collector's Edition
HP Officejet Pro 8500 A910 Basic Device Software (Version: 22.50.231.0)
HP Officejet Pro 8500 A910 Help (Version: 140.0.2.2)
HP Officejet Pro 8500 A910 Product Improvement Study (Version: 22.50.231.0)
HP Update (Version: 5.002.006.003)
I.R.I.S. OCR (Version: 12.3.4.0)
Intel® Graphics Media Accelerator Driver
iWin Games (remove only)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Jewel Keepers: Easter Island (Version: 2.2.0.97)
Jewel Legends: Tree of Life
Jewel Match 3 (remove only)
Jewel Match 3 (Version: 2.2.0.97)
Jewel Quest (remove only)
Jewel Quest Mysteries 2 Trail of the Midnight Heart (Version: 2.2.0.95)
Jewel Quest Mysteries: Curse of the Emerald Tear
Jewel Quest Mysteries: The Oracle of Ur
Jewel Quest Mysteries: The Oracle of Ur - Collector's Edition (remove only)
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (remove only)
Jewel Quest Mysteries: Trail of the Midnight Heart
Jewel Quest: Heritage (remove only)
Jewel Quest: The Sapphire Dragon Survey
Junk Mail filter update (Version: 15.4.3502.0922)
Legacy 7.5 (Version: 7.5 )
Magic Farm 2
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Margrave: The Curse of the Severed Heart (Version: 2.2.0.98)
Marketsplash Shortcuts (Version: 1.0.1.7)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel 2007 Help ©ºÑºÍѾഷ (KB963678)
Microsoft Office Excel 2007 Help ¸üР(KB963678)
Microsoft Office Excel 2007 Help Actualización (KB963678)
Microsoft Office Excel 2007 Help Güncelleþtirmesi (KB963678)
Microsoft Office Excel 2007 Help §ó·sµ{¦¡ (KB963678)
Microsoft Office Excel MUI (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Thai) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office IME (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office IME (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Thai) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Powerpoint 2007 Help ©ºÑºÍѾഷ (KB963669)
Microsoft Office Powerpoint 2007 Help ¸üР(KB963669)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669)
Microsoft Office Powerpoint 2007 Help Güncelleþtirmesi (KB963669)
Microsoft Office Powerpoint 2007 Help §ó·sµ{¦¡ (KB963669)
Microsoft Office PowerPoint 2007 §ó·sµ{¦¡ (KB963669)
Microsoft Office PowerPoint MUI (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Thai) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Basque) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Catalan) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Dutch) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Galician) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Thai) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Arabic) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (Chinese (Simplified)) 2007 (Version: 12.0.4518.1016)
Microsoft Office Proofing (Chinese (Traditional)) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (Chinese (Traditional)) 2007 (Version: 12.0.4518.1016)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019)
Microsoft Office Proofing (Portuguese (Portugal)) 2007 (Version: 12.0.4518.1029)
Microsoft Office Proofing (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (Thai) 2007 (Version: 12.0.4518.1019)
Microsoft Office Proofing (Turkish) 2007 (Version: 12.0.4518.1027)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (Thai) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Thai) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word 2007 Help ©ºÑºÍѾഷ (KB963665)
Microsoft Office Word 2007 Help ¸üР(KB963665)
Microsoft Office Word 2007 Help Actualización (KB963665)
Microsoft Office Word 2007 Help Güncelleþtirmesi (KB963665)
Microsoft Office Word 2007 Help §ó·sµ{¦¡ (KB963665)
Microsoft Office Word 2007 §ó·sµ{¦¡ (KB963665)
Microsoft Office Word MUI (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Thai) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Turkish) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works 6-9 Converter (Version: 14.0.6120.5002)
Mise à jour Microsoft Office Excel 2007 Help (KB963678)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)
Mise à jour Microsoft Office Word 2007 Help (KB963665)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Mystery P.I. - Curious Case of Counterfeit Cove (Version: 2.2.0.98)
Never-Search Application (Version: 1.07.0000)
Never-Search Places Data (Version: 1.03.0000)
Never-Search Street Map Data (2 GB) (Version: 1.06.0000)
NOOK for PC (Version: 2.5.6.9575)
OpenAL
PC Pitstop Optimize3 3.0 (Version: 3.0.0.42)
Pickers: Adventures in Rust (Version: 2.2.0.98)
Puzzle Quest
Realtek High Definition Audio Driver (Version: 6.0.1.5898)
Reel Deal Slots American Adventure (remove only)
Saints and Sinners Bingo
Search Results Toolbar (Version: 1.0.0.12)
SkyCaddie Desktop
SkyHawke CP210x USB to UART Bridge (Driver Removal)
Skype Toolbars (Version: 1.0.4051)
Skype™ 5.10 (Version: 5.10.116)
Slingo Quest Amazon
Slingo Quest Egypt
Slingo Quest Hawaii
Slingo Supreme
Slot Quest: Alice in Wonderland
Slot Quest: The Museum Escape
Slot Quest: The Vampire Lord
Slot Quest: Wild West (Version: 2.2.0.98)
Slots from Bally Gaming (Version: 2.2.0.98)
SRS Premium Sound Control Panel (Version: 1.07.0000)
Strange Cases: The Tarot Card Mystery
SyncBack
The Treasures of Mystery Island: The Ghost Ship (Version: 2.2.0.98)
Treasure Seekers: Follow the Ghosts
Twistingo
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
USB 2.0 VGA UVC WebCam
Vacation Quest™ - Australia (Version: 2.2.0.98)
Vegas Penny Slots
Verizon Mobile Broadband Drivers (Version: 3.02.002.002)
Verizon Wireless MiFi-2200 Firmware Updates (Version: 1.0.3)
VZAccess Manager (Version: 7.3.11.1)
WildTangent Games (Version: 1.0.3.0)
WildTangent Games App (Version: 4.0.5.5)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live OneCare safety scanner
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinFlash
Wireless Console 3 (Version: 3.0.10)

========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 4061.24 MB
Available physical RAM: 2812.14 MB
Total Pagefile: 8120.67 MB
Available Pagefile: 6746.74 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.3 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:37.57 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:334.67 GB) (Free:334.59 GB) NTFS
4 Drive f: (PORT UTILS) (Removable) (Total:14.91 GB) (Free:13.23 GB) FAT32
5 Drive x: (USB_Storage) (Network) (Total:931.51 GB) (Free:843.99 GB) NTFS
6 Drive y: (SharedData) (Network) (Total:908.22 GB) (Free:172.86 GB) NTFS
7 Drive z: (public) (Network) (Total:908.22 GB) (Free:172.86 GB) NTFS

========================= Users: ========================================

User accounts for \\DAWN-ASUS

Administrator Dawn Guest

========================= Restore Points ==================================

26-11-2012 15:26:14 Windows Update
28-11-2012 00:41:41 Windows Update
28-11-2012 11:50:28 Windows Update
30-11-2012 14:10:33 Windows Update
30-11-2012 22:46:14 Windows Update
30-11-2012 23:01:01 Windows Update
01-12-2012 09:00:13 Windows Update
01-12-2012 12:10:27 Windows Update

**** End of log ****

+++++++++++++++++++++++++++++++++++++

FSS log:

Farbar Service Scanner Version: 01-12-2012
Ran by Dawn (administrator) on 01-12-2012 at 08:24:33
Running from "C:\Users\Dawn\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll
[2012-11-16 13:23] - [2012-10-03 11:42] - 0569344 ____A (Microsoft Corporation) 08C2957BB30058E663720C5606885653

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

++++++++++++++++++++++++++++++++++++++

Adware Cleaner log:

# AdwCleaner v2.010 - Logfile created 12/01/2012 at 08:26:40
# Updated 29/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Dawn - DAWN-ASUS
# Boot Mode : Normal
# Running from : C:\Users\Dawn\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\TotalRecipeSearch_14EI
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\iWin
Folder Deleted : C:\Users\Dawn\AppData\Local\iWin
Folder Deleted : C:\Users\Dawn\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Dawn\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Dawn\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Dawn\AppData\Roaming\iWin
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Classes\TotalRecipeSearch_14Installer.Start
Key Deleted : HKLM\SOFTWARE\Classes\TotalRecipeSearch_14Installer.Start.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8E5B29C2-BC6E-40BE-B881-AEE35B1F4035}
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@ei.TotalRecipeSearch_14.com/Plugin
Key Deleted : HKLM\Software\TotalRecipeSearch_14EI
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3B181CF2-878B-4758-8FBD-59D8AC5AB12D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{490A5A0F-1471-47FF-8BB5-719F1F5238AD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B181CF2-878B-4758-8FBD-59D8AC5AB12D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{490A5A0F-1471-47FF-8BB5-719F1F5238AD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKU\S-1-5-21-953359811-585151033-1137679498-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.64

File : C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [9411 octets] - [01/12/2012 08:26:40]

########## EOF - C:\AdwCleaner[S1].txt - [9471 octets] ##########

++++++++++++++++++++++++++++++++++

Junkware Removal log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.7.0 (11.30.2012:3)
OS: Windows 7 Home Premium x64
Ran by Dawn on Sat 12/01/2012 at 8:34:25.58
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{348bd83c-b2cd-4319-a605-c96bb458dd80}



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{348bd83c-b2cd-4319-a605-c96bb458dd80}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{348bd83c-b2cd-4319-a605-c96bb458dd80}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{9afb8248-617f-460d-9366-d71cdeda3179}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Dawn\appdata\local\rivalgaming"
Successfully deleted: [Folder] "C:\Users\Dawn\appdata\locallow\toolbar2"
Successfully deleted: [Folder] "C:\Program Files (x86)\toolbar2"
Successfully deleted: [Folder] "C:\Users\Dawn\AppData\Roaming\microsoft\windows\start menu\programs\rivalgaming"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 12/01/2012 at 8:41:34.93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


+++++++++++++++++++++++++

Thnaks again.

Dan

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:18 PM

Posted 01 December 2012 - 10:04 AM

It seems TDSSkiller is finding rootkit on every scan

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot click on REPAIR

Now run TDSSkiller and malwarebytes again and post the new logs

Edited by narenxp, 01 December 2012 - 10:08 AM.


#7 DanT

DanT
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Arkansas, USA
  • Local time:11:18 PM

Posted 01 December 2012 - 12:37 PM

When I ran the FixTDSS program, it did not find any problems so there was nothing to repair.

The good news is that both the reboot with FixTDSS and MBAM worked without going through the Startup Repair.

Here is the TDSSkiller log:

09:21:30.0657 3508 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:21:32.0279 3508 ============================================================
09:21:32.0279 3508 Current date / time: 2012/12/01 09:21:32.0279
09:21:32.0279 3508 SystemInfo:
09:21:32.0279 3508
09:21:32.0279 3508 OS Version: 6.1.7601 ServicePack: 1.0
09:21:32.0279 3508 Product type: Workstation
09:21:32.0279 3508 ComputerName: DAWN-ASUS
09:21:32.0279 3508 UserName: Dawn
09:21:32.0279 3508 Windows directory: C:\Windows
09:21:32.0279 3508 System windows directory: C:\Windows
09:21:32.0279 3508 Running under WOW64
09:21:32.0279 3508 Processor architecture: Intel x64
09:21:32.0279 3508 Number of processors: 2
09:21:32.0279 3508 Page size: 0x1000
09:21:32.0279 3508 Boot type: Normal boot
09:21:32.0279 3508 ============================================================
09:21:45.0508 3508 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:21:45.0539 3508 Drive \Device\Harddisk1\DR1 - Size: 0x3BC000000 (14.94 Gb), SectorSize: 0x200, Cylinders: 0x79D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:21:45.0539 3508 ============================================================
09:21:45.0539 3508 \Device\Harddisk0\DR0:
09:21:45.0539 3508 MBR partitions:
09:21:45.0539 3508 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4B800, BlocksNum 0xE8DFCD8
09:21:45.0586 3508 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1062B517, BlocksNum 0x29D5972A
09:21:45.0586 3508 \Device\Harddisk1\DR1:
09:21:45.0602 3508 MBR partitions:
09:21:45.0602 3508 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x28, BlocksNum 0x1DDFFD8
09:21:45.0602 3508 ============================================================
09:21:45.0805 3508 C: <-> \Device\Harddisk0\DR0\Partition1
09:21:45.0883 3508 D: <-> \Device\Harddisk0\DR0\Partition2
09:21:45.0883 3508 ============================================================
09:21:45.0883 3508 Initialize success
09:21:45.0883 3508 ============================================================
09:22:35.0943 0172 ============================================================
09:22:35.0943 0172 Scan started
09:22:35.0943 0172 Mode: Manual; TDLFS;
09:22:35.0943 0172 ============================================================
09:22:38.0455 0172 ================ Scan system memory ========================
09:22:38.0455 0172 System memory - ok
09:22:38.0455 0172 ================ Scan services =============================
09:22:38.0658 0172 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:22:38.0673 0172 1394ohci - ok
09:22:38.0720 0172 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:22:38.0736 0172 ACPI - ok
09:22:38.0751 0172 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:22:38.0751 0172 AcpiPmi - ok
09:22:38.0845 0172 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
09:22:38.0860 0172 AdobeActiveFileMonitor6.0 - ok
09:22:38.0985 0172 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:22:39.0001 0172 AdobeFlashPlayerUpdateSvc - ok
09:22:39.0063 0172 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:22:39.0079 0172 adp94xx - ok
09:22:39.0110 0172 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:22:39.0110 0172 adpahci - ok
09:22:39.0141 0172 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:22:39.0157 0172 adpu320 - ok
09:22:39.0188 0172 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:22:39.0188 0172 AeLookupSvc - ok
09:22:39.0219 0172 [ 114C042FF784B4C5670290A661799357 ] AFBAgent C:\Windows\system32\FBAgent.exe
09:22:39.0235 0172 AFBAgent - ok
09:22:39.0297 0172 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:22:39.0313 0172 AFD - ok
09:22:39.0375 0172 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:22:39.0375 0172 agp440 - ok
09:22:39.0406 0172 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:22:39.0422 0172 ALG - ok
09:22:39.0438 0172 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:22:39.0453 0172 aliide - ok
09:22:39.0484 0172 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:22:39.0484 0172 amdide - ok
09:22:39.0516 0172 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:22:39.0531 0172 AmdK8 - ok
09:22:39.0531 0172 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:22:39.0531 0172 AmdPPM - ok
09:22:39.0594 0172 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:22:39.0594 0172 amdsata - ok
09:22:39.0625 0172 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:22:39.0625 0172 amdsbs - ok
09:22:39.0640 0172 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:22:39.0640 0172 amdxata - ok
09:22:39.0687 0172 [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
09:22:39.0687 0172 AmUStor - ok
09:22:39.0765 0172 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:22:39.0765 0172 AppID - ok
09:22:39.0796 0172 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:22:39.0796 0172 AppIDSvc - ok
09:22:39.0843 0172 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:22:39.0843 0172 Appinfo - ok
09:22:39.0874 0172 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:22:39.0890 0172 arc - ok
09:22:39.0906 0172 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:22:39.0906 0172 arcsas - ok
09:22:39.0984 0172 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
09:22:39.0984 0172 ASLDRService - ok
09:22:40.0062 0172 [ 2DB34EDD17D3A8DA7105A19C95A3DD68 ] ASMMAP64 C:\Program Files\ATKGFNEX\ASMMAP64.sys
09:22:40.0062 0172 ASMMAP64 - ok
09:22:40.0218 0172 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:22:40.0311 0172 aspnet_state - ok
09:22:40.0342 0172 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:22:40.0342 0172 AsyncMac - ok
09:22:40.0420 0172 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:22:40.0420 0172 atapi - ok
09:22:40.0530 0172 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:22:40.0623 0172 athr - ok
09:22:40.0654 0172 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
09:22:40.0654 0172 ATKGFNEXSrv - ok
09:22:40.0717 0172 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:22:40.0748 0172 AudioEndpointBuilder - ok
09:22:40.0779 0172 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:22:40.0795 0172 AudioSrv - ok
09:22:40.0842 0172 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:22:40.0857 0172 AxInstSV - ok
09:22:40.0888 0172 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:22:40.0920 0172 b06bdrv - ok
09:22:40.0951 0172 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:22:40.0966 0172 b57nd60a - ok
09:22:41.0013 0172 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:22:41.0029 0172 BDESVC - ok
09:22:41.0044 0172 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:22:41.0044 0172 Beep - ok
09:22:41.0107 0172 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:22:41.0154 0172 BFE - ok
09:22:41.0200 0172 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:22:41.0232 0172 BITS - ok
09:22:41.0247 0172 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:22:41.0263 0172 blbdrive - ok
09:22:41.0294 0172 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:22:41.0294 0172 bowser - ok
09:22:41.0325 0172 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:22:41.0325 0172 BrFiltLo - ok
09:22:41.0341 0172 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:22:41.0356 0172 BrFiltUp - ok
09:22:41.0388 0172 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:22:41.0403 0172 Browser - ok
09:22:41.0419 0172 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:22:41.0434 0172 Brserid - ok
09:22:41.0450 0172 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:22:41.0450 0172 BrSerWdm - ok
09:22:41.0466 0172 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:22:41.0466 0172 BrUsbMdm - ok
09:22:41.0481 0172 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:22:41.0481 0172 BrUsbSer - ok
09:22:41.0497 0172 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:22:41.0497 0172 BTHMODEM - ok
09:22:41.0528 0172 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:22:41.0528 0172 bthserv - ok
09:22:41.0559 0172 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:22:41.0559 0172 cdfs - ok
09:22:41.0622 0172 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
09:22:41.0622 0172 cdrom - ok
09:22:41.0668 0172 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:22:41.0684 0172 CertPropSvc - ok
09:22:41.0700 0172 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:22:41.0715 0172 circlass - ok
09:22:41.0746 0172 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:22:41.0746 0172 CLFS - ok
09:22:41.0824 0172 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:22:41.0840 0172 clr_optimization_v2.0.50727_32 - ok
09:22:41.0871 0172 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:22:41.0887 0172 clr_optimization_v2.0.50727_64 - ok
09:22:41.0980 0172 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:22:42.0261 0172 clr_optimization_v4.0.30319_32 - ok
09:22:42.0292 0172 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:22:42.0526 0172 clr_optimization_v4.0.30319_64 - ok
09:22:42.0558 0172 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:22:42.0558 0172 CmBatt - ok
09:22:42.0589 0172 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:22:42.0589 0172 cmdide - ok
09:22:42.0651 0172 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:22:42.0651 0172 CNG - ok
09:22:42.0714 0172 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:22:42.0714 0172 Compbatt - ok
09:22:42.0760 0172 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:22:42.0760 0172 CompositeBus - ok
09:22:42.0776 0172 COMSysApp - ok
09:22:42.0792 0172 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:22:42.0792 0172 crcdisk - ok
09:22:42.0838 0172 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:22:42.0854 0172 CryptSvc - ok
09:22:42.0901 0172 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:22:42.0932 0172 DcomLaunch - ok
09:22:42.0994 0172 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:22:42.0994 0172 defragsvc - ok
09:22:43.0041 0172 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:22:43.0041 0172 DfsC - ok
09:22:43.0119 0172 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:22:43.0119 0172 Dhcp - ok
09:22:43.0150 0172 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:22:43.0150 0172 discache - ok
09:22:43.0197 0172 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:22:43.0213 0172 Disk - ok
09:22:43.0244 0172 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:22:43.0260 0172 Dnscache - ok
09:22:43.0306 0172 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:22:43.0322 0172 dot3svc - ok
09:22:43.0369 0172 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:22:43.0369 0172 DPS - ok
09:22:43.0400 0172 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:22:43.0400 0172 drmkaud - ok
09:22:43.0462 0172 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:22:43.0478 0172 DXGKrnl - ok
09:22:43.0525 0172 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:22:43.0540 0172 EapHost - ok
09:22:43.0650 0172 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:22:43.0743 0172 ebdrv - ok
09:22:43.0790 0172 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:22:43.0790 0172 EFS - ok
09:22:43.0868 0172 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:22:43.0899 0172 ehRecvr - ok
09:22:43.0930 0172 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:22:43.0930 0172 ehSched - ok
09:22:43.0993 0172 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:22:44.0008 0172 elxstor - ok
09:22:44.0040 0172 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:22:44.0040 0172 ErrDev - ok
09:22:44.0086 0172 [ 1299D1EA00B7A4BF69C5869DCA31E0F6 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
09:22:44.0086 0172 ETD - ok
09:22:44.0118 0172 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:22:44.0133 0172 EventSystem - ok
09:22:44.0149 0172 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:22:44.0149 0172 exfat - ok
09:22:44.0164 0172 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:22:44.0180 0172 fastfat - ok
09:22:44.0242 0172 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:22:44.0274 0172 Fax - ok
09:22:44.0289 0172 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:22:44.0289 0172 fdc - ok
09:22:44.0305 0172 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:22:44.0305 0172 fdPHost - ok
09:22:44.0320 0172 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:22:44.0320 0172 FDResPub - ok
09:22:44.0336 0172 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:22:44.0336 0172 FileInfo - ok
09:22:44.0352 0172 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:22:44.0352 0172 Filetrace - ok
09:22:44.0430 0172 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:22:44.0445 0172 FLEXnet Licensing Service - ok
09:22:44.0461 0172 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:22:44.0461 0172 flpydisk - ok
09:22:44.0508 0172 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:22:44.0508 0172 FltMgr - ok
09:22:44.0570 0172 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:22:44.0632 0172 FontCache - ok
09:22:44.0679 0172 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:22:44.0679 0172 FontCache3.0.0.0 - ok
09:22:44.0726 0172 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:22:44.0726 0172 FsDepends - ok
09:22:44.0757 0172 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
09:22:44.0757 0172 fssfltr - ok
09:22:44.0866 0172 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
09:22:44.0913 0172 fsssvc - ok
09:22:44.0944 0172 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:22:44.0944 0172 Fs_Rec - ok
09:22:44.0991 0172 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:22:45.0007 0172 fvevol - ok
09:22:45.0038 0172 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:22:45.0038 0172 gagp30kx - ok
09:22:45.0163 0172 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
09:22:45.0163 0172 GamesAppService - ok
09:22:45.0210 0172 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:22:45.0256 0172 gpsvc - ok
09:22:45.0319 0172 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:22:45.0334 0172 gupdate - ok
09:22:45.0366 0172 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:22:45.0366 0172 gupdatem - ok
09:22:45.0412 0172 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:22:45.0412 0172 gusvc - ok
09:22:45.0444 0172 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:22:45.0444 0172 hcw85cir - ok
09:22:45.0506 0172 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:22:45.0506 0172 HdAudAddService - ok
09:22:45.0537 0172 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:22:45.0537 0172 HDAudBus - ok
09:22:45.0553 0172 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:22:45.0553 0172 HidBatt - ok
09:22:45.0568 0172 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:22:45.0568 0172 HidBth - ok
09:22:45.0709 0172 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:22:45.0709 0172 HidIr - ok
09:22:45.0756 0172 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:22:45.0756 0172 hidserv - ok
09:22:45.0802 0172 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:22:45.0802 0172 HidUsb - ok
09:22:45.0849 0172 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:22:45.0849 0172 hkmsvc - ok
09:22:45.0912 0172 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:22:45.0912 0172 HomeGroupListener - ok
09:22:45.0943 0172 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:22:45.0958 0172 HomeGroupProvider - ok
09:22:45.0990 0172 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:22:46.0005 0172 HpSAMD - ok
09:22:46.0130 0172 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:22:46.0177 0172 HTTP - ok
09:22:46.0208 0172 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:22:46.0208 0172 hwpolicy - ok
09:22:46.0317 0172 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:22:46.0333 0172 i8042prt - ok
09:22:46.0489 0172 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:22:46.0489 0172 iaStor - ok
09:22:46.0645 0172 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:22:46.0660 0172 iaStorV - ok
09:22:46.0816 0172 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:22:46.0863 0172 idsvc - ok
09:22:47.0721 0172 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:22:48.0002 0172 igfx - ok
09:22:48.0064 0172 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:22:48.0080 0172 iirsp - ok
09:22:48.0205 0172 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:22:48.0252 0172 IKEEXT - ok
09:22:48.0501 0172 [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:22:48.0532 0172 IntcAzAudAddService - ok
09:22:48.0626 0172 [ D485D3BD3E2179AA86853A182F70699F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
09:22:48.0626 0172 IntcHdmiAddService - ok
09:22:48.0673 0172 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:22:48.0673 0172 intelide - ok
09:22:48.0720 0172 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:22:48.0720 0172 intelppm - ok
09:22:48.0782 0172 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:22:48.0782 0172 IPBusEnum - ok
09:22:48.0829 0172 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:22:48.0844 0172 IpFilterDriver - ok
09:22:48.0985 0172 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:22:49.0000 0172 iphlpsvc - ok
09:22:49.0078 0172 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:22:49.0078 0172 IPMIDRV - ok
09:22:49.0125 0172 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:22:49.0141 0172 IPNAT - ok
09:22:49.0172 0172 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:22:49.0172 0172 IRENUM - ok
09:22:49.0203 0172 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:22:49.0203 0172 isapnp - ok
09:22:49.0234 0172 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:22:49.0234 0172 iScsiPrt - ok
09:22:49.0312 0172 [ FE1A970E7CE330BB844E333C374C6599 ] iWinTrusted C:\Program Files (x86)\iWin Games\iWinTrusted.exe
09:22:49.0312 0172 iWinTrusted - ok
09:22:49.0344 0172 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
09:22:49.0344 0172 kbdclass - ok
09:22:49.0390 0172 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:22:49.0390 0172 kbdhid - ok
09:22:49.0437 0172 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
09:22:49.0437 0172 kbfiltr - ok
09:22:49.0468 0172 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:22:49.0468 0172 KeyIso - ok
09:22:49.0515 0172 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:22:49.0515 0172 KSecDD - ok
09:22:49.0562 0172 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:22:49.0562 0172 KSecPkg - ok
09:22:49.0593 0172 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:22:49.0609 0172 ksthunk - ok
09:22:49.0640 0172 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:22:49.0671 0172 KtmRm - ok
09:22:49.0702 0172 [ AD88105EFDDC55877EA8D06346D75989 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
09:22:49.0702 0172 L1C - ok
09:22:49.0749 0172 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:22:49.0765 0172 LanmanServer - ok
09:22:49.0827 0172 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:22:49.0827 0172 LanmanWorkstation - ok
09:22:49.0858 0172 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:22:49.0874 0172 lltdio - ok
09:22:49.0905 0172 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:22:49.0905 0172 lltdsvc - ok
09:22:49.0936 0172 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:22:49.0936 0172 lmhosts - ok
09:22:49.0999 0172 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:22:49.0999 0172 LSI_FC - ok
09:22:49.0999 0172 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:22:49.0999 0172 LSI_SAS - ok
09:22:50.0014 0172 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:22:50.0014 0172 LSI_SAS2 - ok
09:22:50.0030 0172 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:22:50.0030 0172 LSI_SCSI - ok
09:22:50.0061 0172 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:22:50.0061 0172 luafv - ok
09:22:50.0108 0172 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:22:50.0108 0172 Mcx2Svc - ok
09:22:50.0139 0172 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:22:50.0139 0172 megasas - ok
09:22:50.0186 0172 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:22:50.0186 0172 MegaSR - ok
09:22:50.0217 0172 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:22:50.0233 0172 MMCSS - ok
09:22:50.0233 0172 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:22:50.0233 0172 Modem - ok
09:22:50.0264 0172 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:22:50.0264 0172 monitor - ok
09:22:50.0311 0172 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:22:50.0311 0172 mouclass - ok
09:22:50.0326 0172 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:22:50.0326 0172 mouhid - ok
09:22:50.0358 0172 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:22:50.0358 0172 mountmgr - ok
09:22:50.0436 0172 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:22:50.0451 0172 MpFilter - ok
09:22:50.0482 0172 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:22:50.0498 0172 mpio - ok
09:22:50.0514 0172 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:22:50.0529 0172 mpsdrv - ok
09:22:50.0576 0172 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:22:50.0607 0172 MpsSvc - ok
09:22:50.0654 0172 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:22:50.0654 0172 MRxDAV - ok
09:22:50.0685 0172 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:22:50.0701 0172 mrxsmb - ok
09:22:50.0732 0172 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:22:50.0748 0172 mrxsmb10 - ok
09:22:50.0779 0172 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:22:50.0779 0172 mrxsmb20 - ok
09:22:50.0826 0172 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:22:50.0826 0172 msahci - ok
09:22:50.0857 0172 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:22:50.0857 0172 msdsm - ok
09:22:50.0888 0172 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:22:50.0888 0172 MSDTC - ok
09:22:50.0919 0172 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:22:50.0919 0172 Msfs - ok
09:22:50.0950 0172 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:22:50.0950 0172 mshidkmdf - ok
09:22:50.0997 0172 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:22:50.0997 0172 msisadrv - ok
09:22:51.0028 0172 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:22:51.0044 0172 MSiSCSI - ok
09:22:51.0044 0172 msiserver - ok
09:22:51.0075 0172 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:22:51.0075 0172 MSKSSRV - ok
09:22:51.0169 0172 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
09:22:51.0169 0172 MsMpSvc - ok
09:22:51.0200 0172 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:22:51.0200 0172 MSPCLOCK - ok
09:22:51.0216 0172 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:22:51.0216 0172 MSPQM - ok
09:22:51.0262 0172 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:22:51.0278 0172 MsRPC - ok
09:22:51.0325 0172 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:22:51.0325 0172 mssmbios - ok
09:22:51.0340 0172 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:22:51.0340 0172 MSTEE - ok
09:22:51.0356 0172 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:22:51.0356 0172 MTConfig - ok
09:22:51.0403 0172 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
09:22:51.0403 0172 MTsensor - ok
09:22:51.0450 0172 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:22:51.0450 0172 Mup - ok
09:22:51.0512 0172 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:22:51.0528 0172 napagent - ok
09:22:51.0590 0172 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:22:51.0590 0172 NativeWifiP - ok
09:22:51.0668 0172 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:22:51.0699 0172 NDIS - ok
09:22:51.0746 0172 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:22:51.0746 0172 NdisCap - ok
09:22:51.0777 0172 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:22:51.0777 0172 NdisTapi - ok
09:22:51.0808 0172 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:22:51.0808 0172 Ndisuio - ok
09:22:51.0855 0172 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:22:51.0871 0172 NdisWan - ok
09:22:51.0902 0172 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:22:51.0902 0172 NDProxy - ok
09:22:51.0918 0172 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:22:51.0918 0172 NetBIOS - ok
09:22:51.0980 0172 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:22:51.0980 0172 NetBT - ok
09:22:51.0996 0172 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:22:51.0996 0172 Netlogon - ok
09:22:52.0042 0172 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:22:52.0058 0172 Netman - ok
09:22:52.0105 0172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:22:52.0152 0172 NetMsmqActivator - ok
09:22:52.0167 0172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:22:52.0167 0172 NetPipeActivator - ok
09:22:52.0198 0172 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:22:52.0214 0172 netprofm - ok
09:22:52.0214 0172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:22:52.0214 0172 NetTcpActivator - ok
09:22:52.0230 0172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:22:52.0230 0172 NetTcpPortSharing - ok
09:22:52.0339 0172 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:22:52.0339 0172 nfrd960 - ok
09:22:52.0401 0172 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:22:52.0417 0172 NisDrv - ok
09:22:52.0464 0172 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
09:22:52.0479 0172 NisSrv - ok
09:22:52.0542 0172 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:22:52.0542 0172 NlaSvc - ok
09:22:52.0573 0172 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:22:52.0573 0172 Npfs - ok
09:22:52.0604 0172 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:22:52.0604 0172 nsi - ok
09:22:52.0620 0172 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:22:52.0620 0172 nsiproxy - ok
09:22:52.0713 0172 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:22:52.0776 0172 Ntfs - ok
09:22:52.0807 0172 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:22:52.0807 0172 Null - ok
09:22:52.0854 0172 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:22:52.0854 0172 nvraid - ok
09:22:52.0869 0172 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:22:52.0869 0172 nvstor - ok
09:22:52.0900 0172 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:22:52.0900 0172 nv_agp - ok
09:22:52.0963 0172 [ 6EEB54E34603DD417ECE187C8402320A ] NWADI C:\Windows\system32\DRIVERS\NWADIenum.sys
09:22:52.0963 0172 NWADI - ok
09:22:53.0010 0172 [ D944D4341429093F55CB7F0EC87C86B3 ] NWUSBCDFIL64 C:\Windows\system32\DRIVERS\NwUsbCdFil64.sys
09:22:53.0010 0172 NWUSBCDFIL64 - ok
09:22:53.0041 0172 [ 877CE72712D7860FD815884438D824B8 ] NWUSBModem_000 C:\Windows\system32\DRIVERS\nwusbmdm_000.sys
09:22:53.0041 0172 NWUSBModem_000 - ok
09:22:53.0056 0172 [ 877CE72712D7860FD815884438D824B8 ] NWUSBPort2_000 C:\Windows\system32\DRIVERS\nwusbser2_000.sys
09:22:53.0072 0172 NWUSBPort2_000 - ok
09:22:53.0134 0172 [ 877CE72712D7860FD815884438D824B8 ] NWUSBPort_000 C:\Windows\system32\DRIVERS\nwusbser_000.sys
09:22:53.0150 0172 NWUSBPort_000 - ok
09:22:53.0244 0172 [ 6F67805EBE1C879DE008ED21BFCF2F02 ] NWVZHelper C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe
09:22:53.0244 0172 NWVZHelper - ok
09:22:53.0322 0172 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:22:53.0337 0172 odserv - ok
09:22:53.0368 0172 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:22:53.0384 0172 ohci1394 - ok
09:22:53.0431 0172 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:22:53.0431 0172 ose - ok
09:22:53.0478 0172 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:22:53.0493 0172 p2pimsvc - ok
09:22:53.0524 0172 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:22:53.0540 0172 p2psvc - ok
09:22:53.0571 0172 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:22:53.0571 0172 Parport - ok
09:22:53.0634 0172 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:22:53.0634 0172 partmgr - ok
09:22:53.0649 0172 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:22:53.0665 0172 PcaSvc - ok
09:22:53.0696 0172 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:22:53.0696 0172 pci - ok
09:22:53.0712 0172 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:22:53.0727 0172 pciide - ok
09:22:53.0743 0172 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:22:53.0743 0172 pcmcia - ok
09:22:53.0805 0172 [ 4CAC3AF00E29CE00EA32282E0DD55799 ] PCPitstop Scheduling C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe
09:22:53.0805 0172 PCPitstop Scheduling - ok
09:22:53.0821 0172 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:22:53.0836 0172 pcw - ok
09:22:53.0852 0172 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:22:53.0883 0172 PEAUTH - ok
09:22:53.0961 0172 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:22:53.0961 0172 PerfHost - ok
09:22:54.0039 0172 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:22:54.0133 0172 pla - ok
09:22:54.0180 0172 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:22:54.0195 0172 PlugPlay - ok
09:22:54.0226 0172 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:22:54.0226 0172 PNRPAutoReg - ok
09:22:54.0242 0172 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:22:54.0258 0172 PNRPsvc - ok
09:22:54.0304 0172 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:22:54.0336 0172 PolicyAgent - ok
09:22:54.0367 0172 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:22:54.0367 0172 Power - ok
09:22:54.0414 0172 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:22:54.0414 0172 PptpMiniport - ok
09:22:54.0429 0172 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:22:54.0429 0172 Processor - ok
09:22:54.0476 0172 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:22:54.0492 0172 ProfSvc - ok
09:22:54.0507 0172 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:22:54.0507 0172 ProtectedStorage - ok
09:22:54.0538 0172 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:22:54.0538 0172 Psched - ok
09:22:54.0601 0172 [ A6BF0A9B5A30D743623CA0D3BE35DF05 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
09:22:54.0601 0172 PxHlpa64 - ok
09:22:54.0648 0172 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:22:54.0694 0172 ql2300 - ok
09:22:54.0726 0172 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:22:54.0741 0172 ql40xx - ok
09:22:54.0772 0172 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:22:54.0772 0172 QWAVE - ok
09:22:54.0788 0172 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:22:54.0788 0172 QWAVEdrv - ok
09:22:54.0788 0172 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:22:54.0788 0172 RasAcd - ok
09:22:54.0835 0172 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:22:54.0835 0172 RasAgileVpn - ok
09:22:54.0850 0172 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:22:54.0850 0172 RasAuto - ok
09:22:54.0882 0172 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:22:54.0882 0172 Rasl2tp - ok
09:22:54.0944 0172 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:22:54.0975 0172 RasMan - ok
09:22:54.0991 0172 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:22:55.0006 0172 RasPppoe - ok
09:22:55.0022 0172 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:22:55.0022 0172 RasSstp - ok
09:22:55.0053 0172 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:22:55.0053 0172 rdbss - ok
09:22:55.0084 0172 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:22:55.0084 0172 rdpbus - ok
09:22:55.0100 0172 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:22:55.0100 0172 RDPCDD - ok
09:22:55.0116 0172 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:22:55.0131 0172 RDPENCDD - ok
09:22:55.0147 0172 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:22:55.0147 0172 RDPREFMP - ok
09:22:55.0194 0172 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:22:55.0194 0172 RDPWD - ok
09:22:55.0240 0172 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:22:55.0240 0172 rdyboost - ok
09:22:55.0272 0172 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:22:55.0287 0172 RemoteAccess - ok
09:22:55.0318 0172 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:22:55.0350 0172 RemoteRegistry - ok
09:22:55.0365 0172 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:22:55.0381 0172 RpcEptMapper - ok
09:22:55.0412 0172 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:22:55.0412 0172 RpcLocator - ok
09:22:55.0474 0172 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:22:55.0474 0172 RpcSs - ok
09:22:55.0521 0172 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:22:55.0521 0172 rspndr - ok
09:22:55.0537 0172 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:22:55.0537 0172 SamSs - ok
09:22:55.0584 0172 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:22:55.0584 0172 sbp2port - ok
09:22:55.0615 0172 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:22:55.0615 0172 SCardSvr - ok
09:22:55.0662 0172 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:22:55.0662 0172 scfilter - ok
09:22:55.0724 0172 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:22:55.0771 0172 Schedule - ok
09:22:55.0818 0172 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:22:55.0818 0172 SCPolicySvc - ok
09:22:55.0833 0172 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:22:55.0849 0172 SDRSVC - ok
09:22:55.0942 0172 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
09:22:55.0942 0172 SeaPort - ok
09:22:55.0989 0172 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:22:55.0989 0172 secdrv - ok
09:22:56.0036 0172 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:22:56.0052 0172 seclogon - ok
09:22:56.0083 0172 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:22:56.0083 0172 SENS - ok
09:22:56.0098 0172 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:22:56.0098 0172 SensrSvc - ok
09:22:56.0130 0172 [ DE3135E7ED559FC1C1B92AA7BA52CCDB ] Ser2ph C:\Windows\system32\DRIVERS\ser2ph64.sys
09:22:56.0145 0172 Ser2ph - ok
09:22:56.0145 0172 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:22:56.0145 0172 Serenum - ok
09:22:56.0176 0172 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:22:56.0176 0172 Serial - ok
09:22:56.0208 0172 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:22:56.0223 0172 sermouse - ok
09:22:56.0364 0172 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:22:56.0364 0172 SessionEnv - ok
09:22:56.0410 0172 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:22:56.0410 0172 sffdisk - ok
09:22:56.0410 0172 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:22:56.0426 0172 sffp_mmc - ok
09:22:56.0426 0172 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:22:56.0442 0172 sffp_sd - ok
09:22:56.0473 0172 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:22:56.0473 0172 sfloppy - ok
09:22:56.0520 0172 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:22:56.0535 0172 SharedAccess - ok
09:22:56.0566 0172 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:22:56.0566 0172 ShellHWDetection - ok
09:22:56.0629 0172 [ 7799106FEE728B907A86D9C9751E02D5 ] silabenm C:\Windows\system32\DRIVERS\silabenm.sys
09:22:56.0629 0172 silabenm - ok
09:22:56.0660 0172 [ 4AD84F9B367B89B48A3338E0AECA06B9 ] silabser C:\Windows\system32\DRIVERS\silabser.sys
09:22:56.0676 0172 silabser - ok
09:22:56.0707 0172 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
09:22:56.0707 0172 SiSGbeLH - ok
09:22:56.0722 0172 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:22:56.0738 0172 SiSRaid2 - ok
09:22:56.0738 0172 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:22:56.0738 0172 SiSRaid4 - ok
09:22:56.0800 0172 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:22:56.0800 0172 SkypeUpdate - ok
09:22:56.0832 0172 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:22:56.0832 0172 Smb - ok
09:22:56.0878 0172 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:22:56.0878 0172 SNMPTRAP - ok
09:22:56.0972 0172 [ 1D8474722CDFFBB8FCA5FA12C50A05A2 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
09:22:56.0988 0172 SNP2UVC - ok
09:22:57.0003 0172 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:22:57.0003 0172 spldr - ok
09:22:57.0050 0172 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:22:57.0081 0172 Spooler - ok
09:22:57.0190 0172 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:22:57.0315 0172 sppsvc - ok
09:22:57.0346 0172 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:22:57.0346 0172 sppuinotify - ok
09:22:57.0393 0172 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:22:57.0393 0172 srv - ok
09:22:57.0440 0172 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:22:57.0440 0172 srv2 - ok
09:22:57.0456 0172 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:22:57.0456 0172 srvnet - ok
09:22:57.0502 0172 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:22:57.0502 0172 SSDPSRV - ok
09:22:57.0534 0172 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:22:57.0534 0172 SstpSvc - ok
09:22:57.0565 0172 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:22:57.0565 0172 stexstor - ok
09:22:57.0612 0172 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
09:22:57.0612 0172 StillCam - ok
09:22:57.0674 0172 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:22:57.0705 0172 stisvc - ok
09:22:57.0768 0172 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:22:57.0768 0172 swenum - ok
09:22:57.0814 0172 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:22:57.0846 0172 swprv - ok
09:22:57.0939 0172 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:22:58.0002 0172 SysMain - ok
09:22:58.0048 0172 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:22:58.0048 0172 TabletInputService - ok
09:22:58.0080 0172 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:22:58.0095 0172 TapiSrv - ok
09:22:58.0111 0172 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:22:58.0111 0172 TBS - ok
09:22:58.0220 0172 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:22:58.0298 0172 Tcpip - ok
09:22:58.0376 0172 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:22:58.0392 0172 TCPIP6 - ok
09:22:58.0438 0172 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:22:58.0438 0172 tcpipreg - ok
09:22:58.0485 0172 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:22:58.0485 0172 TDPIPE - ok
09:22:58.0516 0172 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:22:58.0516 0172 TDTCP - ok
09:22:58.0563 0172 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:22:58.0563 0172 tdx - ok
09:22:58.0610 0172 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:22:58.0610 0172 TermDD - ok
09:22:58.0672 0172 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:22:58.0704 0172 TermService - ok
09:22:58.0750 0172 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:22:58.0750 0172 Themes - ok
09:22:58.0782 0172 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:22:58.0797 0172 THREADORDER - ok
09:22:58.0828 0172 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:22:58.0844 0172 TrkWks - ok
09:22:58.0906 0172 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:22:58.0906 0172 TrustedInstaller - ok
09:22:58.0938 0172 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:22:58.0953 0172 tssecsrv - ok
09:22:59.0000 0172 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:22:59.0000 0172 TsUsbFlt - ok
09:22:59.0062 0172 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:22:59.0062 0172 tunnel - ok
09:22:59.0094 0172 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:22:59.0094 0172 uagp35 - ok
09:22:59.0140 0172 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:22:59.0156 0172 udfs - ok
09:22:59.0218 0172 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:22:59.0218 0172 UI0Detect - ok
09:22:59.0265 0172 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:22:59.0265 0172 uliagpkx - ok
09:22:59.0328 0172 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
09:22:59.0343 0172 umbus - ok
09:22:59.0374 0172 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:22:59.0374 0172 UmPass - ok
09:22:59.0406 0172 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:22:59.0421 0172 upnphost - ok
09:22:59.0437 0172 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:22:59.0452 0172 usbccgp - ok
09:22:59.0499 0172 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:22:59.0515 0172 usbcir - ok
09:22:59.0530 0172 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:22:59.0530 0172 usbehci - ok
09:22:59.0562 0172 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:22:59.0577 0172 usbhub - ok
09:22:59.0593 0172 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:22:59.0593 0172 usbohci - ok
09:22:59.0624 0172 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:22:59.0624 0172 usbprint - ok
09:22:59.0655 0172 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
09:22:59.0655 0172 USBSTOR - ok
09:22:59.0671 0172 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:22:59.0671 0172 usbuhci - ok
09:22:59.0718 0172 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
09:22:59.0718 0172 usbvideo - ok
09:22:59.0749 0172 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:22:59.0749 0172 UxSms - ok
09:22:59.0780 0172 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:22:59.0780 0172 VaultSvc - ok
09:22:59.0811 0172 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:22:59.0811 0172 vdrvroot - ok
09:22:59.0858 0172 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:22:59.0889 0172 vds - ok
09:22:59.0920 0172 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:22:59.0920 0172 vga - ok
09:22:59.0952 0172 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:22:59.0952 0172 VgaSave - ok
09:22:59.0983 0172 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:22:59.0998 0172 vhdmp - ok
09:23:00.0014 0172 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:23:00.0030 0172 viaide - ok
09:23:00.0045 0172 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:23:00.0045 0172 volmgr - ok
09:23:00.0092 0172 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:23:00.0108 0172 volmgrx - ok
09:23:00.0139 0172 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:23:00.0139 0172 volsnap - ok
09:23:00.0186 0172 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:23:00.0201 0172 vsmraid - ok
09:23:00.0264 0172 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:23:00.0342 0172 VSS - ok
09:23:00.0357 0172 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:23:00.0357 0172 vwifibus - ok
09:23:00.0388 0172 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:23:00.0388 0172 vwififlt - ok
09:23:00.0435 0172 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:23:00.0435 0172 vwifimp - ok
09:23:00.0466 0172 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:23:00.0498 0172 W32Time - ok
09:23:00.0529 0172 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:23:00.0529 0172 WacomPen - ok
09:23:00.0591 0172 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:23:00.0591 0172 WANARP - ok
09:23:00.0607 0172 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:23:00.0607 0172 Wanarpv6 - ok
09:23:00.0685 0172 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:23:00.0716 0172 WatAdminSvc - ok
09:23:00.0794 0172 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:23:00.0856 0172 wbengine - ok
09:23:00.0903 0172 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:23:00.0903 0172 WbioSrvc - ok
09:23:00.0950 0172 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:23:00.0966 0172 wcncsvc - ok
09:23:00.0981 0172 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:23:00.0981 0172 WcsPlugInService - ok
09:23:01.0012 0172 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:23:01.0012 0172 Wd - ok
09:23:01.0075 0172 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:23:01.0106 0172 Wdf01000 - ok
09:23:01.0122 0172 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:23:01.0137 0172 WdiServiceHost - ok
09:23:01.0137 0172 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:23:01.0153 0172 WdiSystemHost - ok
09:23:01.0278 0172 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:23:01.0293 0172 WebClient - ok
09:23:01.0324 0172 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:23:01.0340 0172 Wecsvc - ok
09:23:01.0356 0172 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:23:01.0356 0172 wercplsupport - ok
09:23:01.0387 0172 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:23:01.0402 0172 WerSvc - ok
09:23:01.0434 0172 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:23:01.0434 0172 WfpLwf - ok
09:23:01.0480 0172 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
09:23:01.0480 0172 WimFltr - ok
09:23:01.0512 0172 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:23:01.0512 0172 WIMMount - ok
09:23:01.0558 0172 WinDefend - ok
09:23:01.0574 0172 WinHttpAutoProxySvc - ok
09:23:01.0714 0172 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:23:01.0714 0172 Winmgmt - ok
09:23:01.0808 0172 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:23:01.0886 0172 WinRM - ok
09:23:01.0964 0172 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:23:01.0995 0172 Wlansvc - ok
09:23:02.0151 0172 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:23:02.0214 0172 wlidsvc - ok
09:23:02.0245 0172 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:23:02.0245 0172 WmiAcpi - ok
09:23:02.0292 0172 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:23:02.0292 0172 wmiApSrv - ok
09:23:02.0323 0172 WMPNetworkSvc - ok
09:23:02.0354 0172 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:23:02.0354 0172 WPCSvc - ok
09:23:02.0385 0172 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:23:02.0385 0172 WPDBusEnum - ok
09:23:02.0416 0172 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:23:02.0416 0172 ws2ifsl - ok
09:23:02.0432 0172 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:23:02.0448 0172 wscsvc - ok
09:23:02.0448 0172 WSearch - ok
09:23:02.0557 0172 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:23:02.0635 0172 wuauserv - ok
09:23:02.0682 0172 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:23:02.0682 0172 WudfPf - ok
09:23:02.0728 0172 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:23:02.0728 0172 WUDFRd - ok
09:23:02.0760 0172 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:23:02.0760 0172 wudfsvc - ok
09:23:02.0791 0172 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:23:02.0806 0172 WwanSvc - ok
09:23:02.0822 0172 ================ Scan global ===============================
09:23:02.0853 0172 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:23:02.0900 0172 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
09:23:02.0916 0172 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
09:23:02.0947 0172 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:23:02.0962 0172 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:23:02.0978 0172 [Global] - ok
09:23:02.0978 0172 ================ Scan MBR ==================================
09:23:02.0994 0172 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:23:03.0664 0172 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
09:23:03.0664 0172 \Device\Harddisk0\DR0 - detected TDSS File System (1)
09:23:03.0680 0172 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
09:23:07.0986 0172 \Device\Harddisk1\DR1 - ok
09:23:07.0986 0172 ================ Scan VBR ==================================
09:23:08.0064 0172 [ 7FD528609A7676A9DA5750437FAE7FE2 ] \Device\Harddisk0\DR0\Partition1
09:23:08.0064 0172 \Device\Harddisk0\DR0\Partition1 - ok
09:23:08.0079 0172 [ 41619F04182975F3B0DA985E0C611EA2 ] \Device\Harddisk0\DR0\Partition2
09:23:08.0095 0172 \Device\Harddisk0\DR0\Partition2 - ok
09:23:08.0095 0172 [ 68B3604B155F5A7E3A9BF6457D7FB9C2 ] \Device\Harddisk1\DR1\Partition1
09:23:08.0095 0172 \Device\Harddisk1\DR1\Partition1 - ok
09:23:08.0095 0172 ============================================================
09:23:08.0095 0172 Scan finished
09:23:08.0095 0172 ============================================================
09:23:08.0126 4272 Detected object count: 1
09:23:08.0126 4272 Actual detected object count: 1
09:24:30.0741 4272 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
09:24:30.0990 4272 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
09:24:31.0162 4272 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
09:24:35.0873 4272 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
09:24:35.0935 4272 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
09:24:35.0967 4272 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
09:24:35.0967 4272 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
09:24:36.0372 4272 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
09:24:36.0419 4272 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
09:24:36.0466 4272 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
09:24:36.0528 4272 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
09:24:36.0591 4272 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
09:24:36.0591 4272 \Device\Harddisk0\DR0\TDLFS - deleted
09:24:36.0591 4272 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
09:24:43.0767 3104 Deinitialize success

+++++++++++++++++++++++++++++++++++++++++++++

Here is the MBAM log:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.01.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Dawn :: DAWN-ASUS [administrator]

12/1/2012 9:25:04 AM
mbam-log-2012-12-01 (09-25-04).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 458300
Time elapsed: 1 hour(s), 52 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\TDSSKiller_Quarantine\01.12.2012_09.21.32\tdlfs0000\tsk0002.dta (Trojan.Agent.MRGGen) -> Quarantined and deleted successfully.

(end)


++++++++++++++++++++++++++++++++++++++++++++

It seems that a trojan is still infecting the system after it is repaired.

Thanks, Dan

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:18 PM

Posted 01 December 2012 - 12:50 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#9 DanT

DanT
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Arkansas, USA
  • Local time:11:18 PM

Posted 01 December 2012 - 01:10 PM

Here is the rkill log:

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/01/2012 12:03:52 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\ACEngSvr.exe (PID: 2096) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Dawn\Desktop\rkill\rkill-12-01-2012-12-03-59.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 12/01/2012 12:04:13 PM
Execution time: 0 hours(s), 0 minute(s), and 20 seconds(s)

+++++++++++++++++++++++++++++++++

Here is the Autoruns log:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AmIcoSinglun64" "Single LUN Icon Utility for VID 058F PID 6366" "AlcorMicro Co., Ltd." "c:\program files (x86)\amicosinglun\amicosinglun64.exe"
+ "ETDWare" "ETD Control Center" "ELAN Microelectronic Corp." "c:\program files\elantech\etdctrl.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Microsoft Pinyin IME Migration" "Microsoft Pinyin IME 2007" "Microsoft Corporation" "c:\program files\common files\microsoft shared\ime12\imesc\imscmig.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "ATKOSD2" "ATKOSD2" "ASUS" "c:\program files (x86)\asus\atkosd2\atkosd2.exe"
+ "HControlUser" "HControlUser" "ASUS" "c:\program files (x86)\asus\atk hotkey\hcontroluser.exe"
+ "Microsoft Default Manager" "Microsoft Default Manager" "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\default manager\defmgr.exe"
+ "Microsoft Pinyin IME Migration" "Microsoft Pinyin IME 2007" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\ime12\imesc\imscmig.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "CrashPlan Tray.lnk" "" "" "File not found: C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe"
+ "FancyStart daemon.lnk" "" "" "c:\windows\installer\{f0df4513-3c4c-4eb8-8012-2c5f70af3988}\_a1ddd39913a1970387b7b3.exe"
+ "SRS Premium Sound.lnk" "InstallShield" "Acresso Software Inc." "c:\windows\installer\{d42f84b6-3709-4a50-8502-6719d16ae6c8}\newshortcut5_21c7b668029a47458b27645fe6e4a715.exe"
"C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OneNote 2007 Screen Clipper and Launcher.lnk" "Microsoft Office OneNote Quick Launcher" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Internet Explorer" "" "" "File not found: start"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\dawn\appdata\local\google\update\googleupdate.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar BHO" "Bing Bar" "Microsoft Corporation" "c:\program files (x86)\msn toolbar\platform\6.3.2291.0\npwinext.dll"
+ "FriendsChecker" "" "FriendsChecker" "c:\program files (x86)\friendschecker\ie\common.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "IEHlprObj Class" "iWin Games manager helper for IE" "iWin Inc." "c:\program files (x86)\iwin games\iwingameshookie.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Search Helper" "Search Helper for Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
+ "Skype add-on for Internet Explorer" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100" "Bing Bar" "Microsoft Corporation" "c:\program files (x86)\msn toolbar\platform\6.3.2291.0\npwinext.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
+ "Skype add-on for Internet Explorer" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\GoogleUpdateTaskUserS-1-5-21-953359811-585151033-1137679498-1001Core" "Google Installer" "Google Inc." "c:\users\dawn\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-953359811-585151033-1137679498-1001UA" "Google Installer" "Google Inc." "c:\users\dawn\appdata\local\google\update\googleupdate.exe"
+ "\HPCustParticipation HP Officejet Pro 8500 A910" "HP Customer Participation." "Hewlett-Packard Co." "c:\program files\hp\hp officejet pro 8500 a910\bin\hpcustpartic.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Microsoft Antimalware\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\P4G Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\P4GIntlCtrl" "TODO: <File description>" "TODO: <Company name>" "c:\program files\p4g\intlctrl.exe"
+ "\RGames Updater" "" "" "File not found: C:\Users\Dawn\AppData\Local\RivalGaming\Updater.exe"
+ "\RunAsStdUser Task" "iWin Games Manager application" "iWin Inc." "c:\program files (x86)\iwin games\iwingames.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files (x86)\Ask.com\UpdateTask.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AFBAgent" "ASUS FastBoot" "ASUSTeK Computer Inc." "c:\windows\system32\fbagent.exe"
+ "ASLDRService" "ASLDR Service" "ASUS" "c:\program files (x86)\asus\atk hotkey\asldrsrv.exe"
+ "ATKGFNEXSrv" "GFNEXSrv" "" "c:\program files\atkgfnex\gfnexsrv.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Macrovision Europe Ltd." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "iWinTrusted" "iWin Trusted Game Service" "iWin Inc." "c:\program files (x86)\iwin games\iwintrusted.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "NWVZHelper" "NWHelper Module" "Novatel Wireless Inc." "c:\program files (x86)\novatel wireless\verizon\drivers\nwhelper_001.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "PCPitstop Scheduling" "This service handles the scheduling for PCPitstop Applications" "PC Pitstop LLC" "c:\program files (x86)\pcpitstop\pcpitstopscheduleservice.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly." "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AmUStor" "Alocr Micro USB Mass Storage Driver" "Alcor Micro, Corp." "c:\windows\system32\drivers\amustor.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "ASMMAP64" "" "" "c:\program files\atkgfnex\asmmap64.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "ETD" "ETD Control Center" "ELAN Microelectronic Corp." "c:\windows\system32\drivers\etd.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcHdmiAddService" "Intel® High Definition Audio HDMI" "Intel® Corporation" "c:\windows\system32\drivers\intchdmi.sys"
+ "kbfiltr" "Keyboard Filter Driver" " " "c:\windows\system32\drivers\kbfiltr.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MTsensor" "ATK0100 ACPI Utility" "ASUS" "c:\windows\system32\drivers\atk64amd.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "NWADI" "NWADI Interface Bus Enumerator" "Novatel Wireless Inc" "c:\windows\system32\drivers\nwadienum.sys"
+ "NWUSBCDFIL64" "Novatel Wireless USB CD Filter Driver" "Novatel Wireless Inc." "c:\windows\system32\drivers\nwusbcdfil64.sys"
+ "NWUSBModem_000" "Novatel Wireless USB Modem/Serial Device Driver" "Novatel Wireless Inc." "c:\windows\system32\drivers\nwusbmdm_000.sys"
+ "NWUSBPort2_000" "Novatel Wireless USB Modem/Serial Device Driver" "Novatel Wireless Inc." "c:\windows\system32\drivers\nwusbser2_000.sys"
+ "NWUSBPort_000" "Novatel Wireless USB Modem/Serial Device Driver" "Novatel Wireless Inc." "c:\windows\system32\drivers\nwusbser_000.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Ser2ph" "Microsoft USB GPS driver" "Prolific Technology Inc." "c:\windows\system32\drivers\ser2ph64.sys"
+ "silabenm" "Silicon Labs VCP Serial Enumerator" "Silicon Laboratories" "c:\windows\system32\drivers\silabenm.sys"
+ "silabser" "Silicon Labs CP210x USB to UART Bridge Driver" "Silicon Laboratories" "c:\windows\system32\drivers\silabser.sys"
+ "SiSGbeLH" "NDIS 6.0 Miniport Driver for SiS191/SiS190 Ethernet Device" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisg664.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SNP2UVC" "UVC Camera Streaming Driver" "" "c:\windows\system32\drivers\snp2uvc.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ASUS Color Preview Filter" "ASUS Color Preview Filter" "ASUSTek" "c:\program files (x86)\asus\splendid\rgbtran.ax"
+ "Color Convert" "ASUS Color Preview Filter" "ASUSTek" "c:\program files (x86)\asus\splendid\rgbtran.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "Gargle" "Gargle Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\asus\asus lifeframe3\lifeframeaudio.ax"
+ "LifeFrame Image Effects" "Camera Filter" "ASUS" "c:\program files (x86)\asus\asus lifeframe3\camera_effect.ax"
+ "Logon Effects" "SmartLogon Filter" "ASUS" "c:\program files (x86)\asus\smartlogon\face_filter.ax"
+ "MotionDetect" "" "" "c:\program files (x86)\asus\asus lifeframe3\motiondetect.ax"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Track1Filter" "" "" "c:\program files (x86)\adobe\photoshop elements 6.0\track1filter.dll"
+ "Track2Filter" "" "" "c:\program files (x86)\adobe\photoshop elements 6.0\track2filter.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "FaceCredentialProvider64" "SmartLogon Dynamic Link Library" "ASUS" "c:\program files (x86)\asus\smartlogon\system\facecredentialprovider64.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "BJ Language Monitor4" "Canon Inkjet Printer Driver" "CANON INC." "c:\windows\system32\cnblm4.dll"
+ "Canon BJ Language Monitor MP960" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlm8c.dll"
+ "HP 5312 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts5312lm.dll"
+ "HP Discovery Port Monitor (HP Officejet Pro 8500 A910)" "HP Discovery Port Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpdiscopm5312.dll"
+ "PCL hpz3lw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpz3lw71.dll"
+ "PCL hpz3lwn7" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3lwn7.dll"


Thanks, Dan

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:18 PM

Posted 01 December 2012 - 01:19 PM

Go to

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

and delete this file

c:\windows\installer\{f0df4513-3c4c-4eb8-8012-2c5f70af3988}\_a1ddd39913a1970387b7b3.exe

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#11 DanT

DanT
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Arkansas, USA
  • Local time:11:18 PM

Posted 01 December 2012 - 01:40 PM

I cannot find the file c:\windows\installer\{f0df4513-3c4c-4eb8-8012-2c5f70af3988}\_a1ddd39913a1970387b7b3.exe

in C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup .

Can I just rename or delete c:\windows\installer\{f0df4513-3c4c-4eb8-8012-2c5f70af3988}\_a1ddd39913a1970387b7b3.exe?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:18 PM

Posted 01 December 2012 - 01:44 PM

Sorry posted the file path.

This is filename FancyStart daemon.Delete this file

#13 DanT

DanT
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Arkansas, USA
  • Local time:11:18 PM

Posted 02 December 2012 - 04:23 AM

narenxp,

Thanks for all the help. I completed the tasks and the system seems fine now.

I also deleted all the backup files and am nearly finished recreating a current full backup.

Thanks again, Dan

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:18 PM

Posted 02 December 2012 - 11:14 AM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users