Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FF killing my HDD, DNS does not resolve well +


  • Please log in to reply
18 replies to this topic

#1 Zebra Jack

Zebra Jack

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 16 December 2012 - 04:19 AM

1. So I am running Win 7 Ultimate 64 and the computer does not resolve some sites... Although my router does. When I try to open them with Firefox the HDD starts working and never stops.

2. Recently I downloaded something from the internet and although it went to the Chest of Avast my computer started to run quite slow.

What I've done till now:
Avast in Windows safe mode
Avast boot scan

Both found some stuff and hopefully deleted. I will run Avast boot scan again now.

What to do next?

BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:43 AM

Posted 19 December 2012 - 01:31 PM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.


:step2:

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the full contents of that document.


:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.


:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 Zebra Jack

Zebra Jack
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 19 December 2012 - 04:34 PM

I'm on it
Thanks

1
_______________________________________________________________
13:35:57.0206 2800 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:35:57.0580 2800 ============================================================
13:35:57.0580 2800 Current date / time: 2012/12/19 13:35:57.0580
13:35:57.0580 2800 SystemInfo:
13:35:57.0580 2800
13:35:57.0580 2800 OS Version: 6.1.7601 ServicePack: 1.0
13:35:57.0580 2800 Product type: Workstation
13:35:57.0580 2800 ComputerName: NONEY-PC
13:35:57.0580 2800 UserName: noney
13:35:57.0580 2800 Windows directory: C:\Windows
13:35:57.0580 2800 System windows directory: C:\Windows
13:35:57.0580 2800 Running under WOW64
13:35:57.0580 2800 Processor architecture: Intel x64
13:35:57.0580 2800 Number of processors: 4
13:35:57.0580 2800 Page size: 0x1000
13:35:57.0580 2800 Boot type: Normal boot
13:35:57.0580 2800 ============================================================
13:35:58.0345 2800 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:35:58.0360 2800 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:35:58.0376 2800 Drive \Device\Harddisk2\DR3 - Size: 0x3C1800000 (15.02 Gb), SectorSize: 0x200, Cylinders: 0x7A9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:35:58.0376 2800 ============================================================
13:35:58.0376 2800 \Device\Harddisk1\DR1:
13:35:58.0392 2800 MBR partitions:
13:35:58.0392 2800 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
13:35:58.0392 2800 \Device\Harddisk0\DR0:
13:35:58.0392 2800 MBR partitions:
13:35:58.0392 2800 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7B036DD4
13:35:58.0392 2800 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7B036E13, BlocksNum 0x30D409F1
13:35:58.0392 2800 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xABD77804, BlocksNum 0x3D08FCBD
13:35:58.0392 2800 \Device\Harddisk2\DR3:
13:35:58.0392 2800 MBR partitions:
13:35:58.0392 2800 \Device\Harddisk2\DR3\Partition1: MBR, Type 0xB, StartLBA 0x800, BlocksNum 0x1E0D600
13:35:58.0392 2800 ============================================================
13:35:58.0407 2800 C: <-> \Device\Harddisk1\DR1\Partition1
13:35:58.0423 2800 D: <-> \Device\Harddisk0\DR0\Partition1
13:35:58.0454 2800 E: <-> \Device\Harddisk0\DR0\Partition2
13:35:58.0485 2800 F: <-> \Device\Harddisk0\DR0\Partition3
13:35:58.0485 2800 ============================================================
13:35:58.0485 2800 Initialize success
13:35:58.0485 2800 ============================================================
13:36:08.0656 4844 ============================================================
13:36:08.0656 4844 Scan started
13:36:08.0656 4844 Mode: Manual; SigCheck;
13:36:08.0656 4844 ============================================================
13:36:10.0279 4844 ================ Scan system memory ========================
13:36:10.0279 4844 System memory - ok
13:36:10.0279 4844 ================ Scan services =============================
13:36:10.0404 4844 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:36:10.0482 4844 1394ohci - ok
13:36:10.0513 4844 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:36:10.0528 4844 ACPI - ok
13:36:10.0544 4844 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:36:10.0560 4844 AcpiPmi - ok
13:36:10.0591 4844 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:36:10.0606 4844 adp94xx - ok
13:36:10.0638 4844 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:36:10.0653 4844 adpahci - ok
13:36:10.0684 4844 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:36:10.0700 4844 adpu320 - ok
13:36:10.0716 4844 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:36:10.0747 4844 AeLookupSvc - ok
13:36:10.0794 4844 [ D5B031C308A409A0A576BFF4CF083D30 ] AFD C:\Windows\system32\drivers\afd.sys
13:36:10.0856 4844 AFD - ok
13:36:10.0872 4844 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:36:10.0887 4844 agp440 - ok
13:36:10.0903 4844 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:36:10.0934 4844 ALG - ok
13:36:10.0965 4844 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:36:10.0981 4844 aliide - ok
13:36:10.0996 4844 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:36:11.0012 4844 amdide - ok
13:36:11.0028 4844 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:36:11.0059 4844 AmdK8 - ok
13:36:11.0059 4844 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
13:36:11.0074 4844 AmdPPM - ok
13:36:11.0090 4844 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:36:11.0090 4844 amdsata - ok
13:36:11.0121 4844 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:36:11.0137 4844 amdsbs - ok
13:36:11.0152 4844 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:36:11.0168 4844 amdxata - ok
13:36:11.0199 4844 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:36:11.0246 4844 AppID - ok
13:36:11.0277 4844 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:36:11.0293 4844 AppIDSvc - ok
13:36:11.0324 4844 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:36:11.0371 4844 Appinfo - ok
13:36:11.0402 4844 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
13:36:11.0418 4844 AppMgmt - ok
13:36:11.0449 4844 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
13:36:11.0464 4844 arc - ok
13:36:11.0464 4844 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:36:11.0480 4844 arcsas - ok
13:36:11.0542 4844 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:36:11.0558 4844 aspnet_state - ok
13:36:11.0589 4844 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
13:36:11.0620 4844 aswFsBlk - ok
13:36:11.0636 4844 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
13:36:11.0652 4844 aswMonFlt - ok
13:36:11.0698 4844 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
13:36:11.0714 4844 aswRdr - ok
13:36:11.0745 4844 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
13:36:11.0776 4844 aswSnx - ok
13:36:11.0823 4844 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
13:36:11.0839 4844 aswSP - ok
13:36:11.0854 4844 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
13:36:11.0870 4844 aswTdi - ok
13:36:11.0901 4844 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:36:11.0948 4844 AsyncMac - ok
13:36:11.0964 4844 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:36:11.0979 4844 atapi - ok
13:36:12.0010 4844 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:36:12.0042 4844 AudioEndpointBuilder - ok
13:36:12.0042 4844 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:36:12.0073 4844 AudioSrv - ok
13:36:12.0135 4844 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:36:12.0151 4844 avast! Antivirus - ok
13:36:12.0229 4844 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:36:12.0276 4844 AxInstSV - ok
13:36:12.0307 4844 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:36:12.0369 4844 b06bdrv - ok
13:36:12.0463 4844 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:36:12.0510 4844 b57nd60a - ok
13:36:12.0541 4844 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:36:12.0572 4844 BDESVC - ok
13:36:12.0619 4844 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:36:12.0666 4844 Beep - ok
13:36:12.0712 4844 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:36:12.0790 4844 BFE - ok
13:36:12.0837 4844 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
13:36:12.0915 4844 BITS - ok
13:36:12.0946 4844 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:36:12.0962 4844 blbdrive - ok
13:36:13.0024 4844 [ 7091E0EA045A50952C57EB309B9CEA62 ] bmdrvr C:\Windows\syswow64\drivers\bmdrvr.sys
13:36:13.0040 4844 bmdrvr - ok
13:36:13.0056 4844 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:36:13.0118 4844 bowser - ok
13:36:13.0118 4844 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:36:13.0149 4844 BrFiltLo - ok
13:36:13.0165 4844 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:36:13.0180 4844 BrFiltUp - ok
13:36:13.0196 4844 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
13:36:13.0258 4844 BridgeMP - ok
13:36:13.0274 4844 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
13:36:13.0336 4844 Browser - ok
13:36:13.0352 4844 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:36:13.0368 4844 Brserid - ok
13:36:13.0368 4844 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:36:13.0383 4844 BrSerWdm - ok
13:36:13.0383 4844 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:36:13.0414 4844 BrUsbMdm - ok
13:36:13.0414 4844 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:36:13.0430 4844 BrUsbSer - ok
13:36:13.0430 4844 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:36:13.0446 4844 BTHMODEM - ok
13:36:13.0477 4844 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:36:13.0508 4844 bthserv - ok
13:36:13.0524 4844 catchme - ok
13:36:13.0555 4844 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:36:13.0602 4844 cdfs - ok
13:36:13.0633 4844 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:36:13.0648 4844 cdrom - ok
13:36:13.0680 4844 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:36:13.0711 4844 CertPropSvc - ok
13:36:13.0726 4844 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
13:36:13.0742 4844 circlass - ok
13:36:13.0789 4844 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:36:13.0804 4844 CLFS - ok
13:36:13.0851 4844 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:36:13.0867 4844 clr_optimization_v2.0.50727_32 - ok
13:36:13.0898 4844 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:36:13.0914 4844 clr_optimization_v2.0.50727_64 - ok
13:36:13.0960 4844 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:36:13.0976 4844 clr_optimization_v4.0.30319_32 - ok
13:36:13.0992 4844 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:36:14.0007 4844 clr_optimization_v4.0.30319_64 - ok
13:36:14.0038 4844 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
13:36:14.0054 4844 CmBatt - ok
13:36:14.0070 4844 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:36:14.0085 4844 cmdide - ok
13:36:14.0101 4844 [ D5FEA92400F12412B3922087C09DA6A5 ] CNG C:\Windows\system32\Drivers\cng.sys
13:36:14.0132 4844 CNG - ok
13:36:14.0148 4844 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:36:14.0163 4844 Compbatt - ok
13:36:14.0179 4844 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:36:14.0241 4844 CompositeBus - ok
13:36:14.0241 4844 COMSysApp - ok
13:36:14.0257 4844 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:36:14.0257 4844 crcdisk - ok

Edited by Zebra Jack, 19 December 2012 - 04:40 PM.


#4 Zebra Jack

Zebra Jack
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 19 December 2012 - 04:42 PM

13:36:14.0288 4844 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:36:14.0382 4844 CryptSvc - ok
13:36:14.0413 4844 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
13:36:14.0444 4844 CSC - ok
13:36:14.0475 4844 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
13:36:14.0506 4844 CscService - ok
13:36:14.0538 4844 [ 8491CB08BD8248EAA31FBCA5135794B1 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
13:36:14.0553 4844 dc3d - ok
13:36:14.0584 4844 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:36:14.0647 4844 DcomLaunch - ok
13:36:14.0678 4844 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:36:14.0740 4844 defragsvc - ok
13:36:14.0756 4844 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:36:14.0803 4844 DfsC - ok
13:36:14.0834 4844 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:36:14.0896 4844 Dhcp - ok
13:36:14.0928 4844 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:36:14.0959 4844 discache - ok
13:36:14.0990 4844 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
13:36:15.0006 4844 Disk - ok
13:36:15.0021 4844 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
13:36:15.0037 4844 dmvsc - ok
13:36:15.0068 4844 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:36:15.0099 4844 Dnscache - ok
13:36:15.0115 4844 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:36:15.0162 4844 dot3svc - ok
13:36:15.0177 4844 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:36:15.0224 4844 DPS - ok
13:36:15.0240 4844 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:36:15.0271 4844 drmkaud - ok
13:36:15.0302 4844 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:36:15.0333 4844 DXGKrnl - ok
13:36:15.0349 4844 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:36:15.0411 4844 EapHost - ok
13:36:15.0474 4844 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:36:15.0567 4844 ebdrv - ok
13:36:15.0583 4844 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
13:36:15.0598 4844 EFS - ok
13:36:15.0645 4844 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:36:15.0692 4844 ehRecvr - ok
13:36:15.0692 4844 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:36:15.0723 4844 ehSched - ok
13:36:15.0754 4844 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:36:15.0770 4844 elxstor - ok
13:36:15.0786 4844 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:36:15.0817 4844 ErrDev - ok
13:36:15.0832 4844 [ DB6AEC32FAF5BD002D9ED6C38692D42B ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
13:36:15.0848 4844 EtronHub3 - ok
13:36:15.0864 4844 [ 9CC2F24274741E12F9DF92125EA6D6D8 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
13:36:15.0895 4844 EtronXHCI - ok
13:36:15.0926 4844 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:36:15.0973 4844 EventSystem - ok
13:36:15.0988 4844 ewusbmbb - ok
13:36:15.0988 4844 ew_hwusbdev - ok
13:36:15.0988 4844 ew_usbenumfilter - ok
13:36:16.0020 4844 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:36:16.0051 4844 exfat - ok
13:36:16.0082 4844 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:36:16.0129 4844 fastfat - ok
13:36:16.0160 4844 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:36:16.0191 4844 Fax - ok
13:36:16.0207 4844 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
13:36:16.0222 4844 fdc - ok
13:36:16.0238 4844 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:36:16.0269 4844 fdPHost - ok
13:36:16.0300 4844 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:36:16.0332 4844 FDResPub - ok
13:36:16.0347 4844 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:36:16.0347 4844 FileInfo - ok
13:36:16.0363 4844 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:36:16.0394 4844 Filetrace - ok
13:36:16.0410 4844 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:36:16.0425 4844 flpydisk - ok
13:36:16.0441 4844 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:36:16.0441 4844 FltMgr - ok
13:36:16.0488 4844 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:36:16.0534 4844 FontCache - ok
13:36:16.0581 4844 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:36:16.0581 4844 FontCache3.0.0.0 - ok
13:36:16.0612 4844 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:36:16.0628 4844 FsDepends - ok
13:36:16.0659 4844 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:36:16.0675 4844 Fs_Rec - ok
13:36:16.0690 4844 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:36:16.0706 4844 fvevol - ok
13:36:16.0722 4844 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:36:16.0737 4844 gagp30kx - ok
13:36:16.0768 4844 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:36:16.0815 4844 gpsvc - ok
13:36:16.0831 4844 [ ADB4348DA1345877B04E22203AFC8993 ] hcmon C:\Windows\system32\drivers\hcmon.sys
13:36:16.0846 4844 hcmon - ok
13:36:16.0846 4844 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:36:16.0862 4844 hcw85cir - ok
13:36:16.0909 4844 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:36:16.0956 4844 HdAudAddService - ok
13:36:16.0971 4844 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:36:17.0002 4844 HDAudBus - ok
13:36:17.0002 4844 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:36:17.0034 4844 HidBatt - ok
13:36:17.0034 4844 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:36:17.0049 4844 HidBth - ok
13:36:17.0065 4844 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
13:36:17.0080 4844 HidIr - ok
13:36:17.0096 4844 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
13:36:17.0127 4844 hidserv - ok
13:36:17.0158 4844 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:36:17.0158 4844 HidUsb - ok
13:36:17.0190 4844 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:36:17.0236 4844 hkmsvc - ok
13:36:17.0252 4844 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:36:17.0314 4844 HomeGroupListener - ok
13:36:17.0377 4844 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:36:17.0424 4844 HomeGroupProvider - ok
13:36:17.0455 4844 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:36:17.0455 4844 HpSAMD - ok
13:36:17.0533 4844 [ 4E9CAE3200A46135DE01CE22BAF832BE ] HPSIService C:\Windows\system32\HPSIsvc.exe
13:36:17.0548 4844 HPSIService - ok
13:36:17.0564 4844 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:36:17.0611 4844 HTTP - ok
13:36:17.0626 4844 huawei_cdcacm - ok
13:36:17.0626 4844 huawei_enumerator - ok
13:36:17.0626 4844 huawei_ext_ctrl - ok
13:36:17.0626 4844 huawei_wwanecm - ok
13:36:17.0642 4844 hwdatacard - ok
13:36:17.0658 4844 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:36:17.0673 4844 hwpolicy - ok
13:36:17.0689 4844 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:36:17.0704 4844 i8042prt - ok
13:36:17.0736 4844 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:36:17.0767 4844 iaStorV - ok
13:36:17.0814 4844 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:36:17.0860 4844 idsvc - ok
13:36:18.0126 4844 [ 6383899C5F964D71B0F96B81FBE59BB8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:36:18.0438 4844 igfx - ok
13:36:18.0453 4844 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:36:18.0469 4844 iirsp - ok
13:36:18.0500 4844 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:36:18.0547 4844 IKEEXT - ok
13:36:18.0656 4844 [ 718A4008EE5DA174400396B27509EF82 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:36:18.0734 4844 IntcAzAudAddService - ok
13:36:18.0765 4844 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
13:36:18.0781 4844 IntcDAud - ok
13:36:18.0796 4844 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:36:18.0812 4844 intelide - ok
13:36:18.0828 4844 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:36:18.0843 4844 intelppm - ok
13:36:18.0874 4844 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:36:18.0921 4844 IPBusEnum - ok
13:36:18.0937 4844 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:36:18.0952 4844 IpFilterDriver - ok
13:36:18.0968 4844 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:36:19.0015 4844 iphlpsvc - ok
13:36:19.0030 4844 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:36:19.0046 4844 IPMIDRV - ok
13:36:19.0046 4844 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:36:19.0077 4844 IPNAT - ok
13:36:19.0108 4844 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:36:19.0124 4844 IRENUM - ok
13:36:19.0140 4844 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:36:19.0140 4844 isapnp - ok
13:36:19.0155 4844 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:36:19.0171 4844 iScsiPrt - ok
13:36:19.0186 4844 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:36:19.0202 4844 kbdclass - ok
13:36:19.0218 4844 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:36:19.0249 4844 kbdhid - ok
13:36:19.0264 4844 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
13:36:19.0280 4844 KeyIso - ok
13:36:19.0296 4844 [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:36:19.0311 4844 KSecDD - ok
13:36:19.0311 4844 [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:36:19.0327 4844 KSecPkg - ok
13:36:19.0342 4844 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:36:19.0374 4844 ksthunk - ok
13:36:19.0405 4844 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:36:19.0436 4844 KtmRm - ok
13:36:19.0452 4844 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
13:36:19.0498 4844 LanmanServer - ok
13:36:19.0514 4844 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:36:19.0545 4844 LanmanWorkstation - ok

13:36:19.0592 4844 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:36:19.0639 4844 lltdio - ok
13:36:19.0670 4844 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:36:19.0701 4844 lltdsvc - ok
13:36:19.0701 4844 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:36:19.0732 4844 lmhosts - ok
13:36:19.0810 4844 [ 9AD4BEE2FE76D4CA39AC969B617E94FB ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:36:19.0826 4844 LMS - ok
13:36:19.0857 4844 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:36:19.0873 4844 LSI_FC - ok
13:36:19.0873 4844 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:36:19.0888 4844 LSI_SAS - ok
13:36:19.0904 4844 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:36:19.0920 4844 LSI_SAS2 - ok
13:36:19.0920 4844 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:36:19.0935 4844 LSI_SCSI - ok
13:36:19.0951 4844 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:36:19.0998 4844 luafv - ok
13:36:20.0013 4844 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
13:36:20.0013 4844 MBfilt - ok
13:36:20.0044 4844 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:36:20.0076 4844 Mcx2Svc - ok
13:36:20.0091 4844 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
13:36:20.0091 4844 megasas - ok
13:36:20.0107 4844 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:36:20.0122 4844 MegaSR - ok
13:36:20.0154 4844 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:36:20.0169 4844 MEIx64 - ok
13:36:20.0200 4844 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
13:36:20.0216 4844 Microsoft Office Groove Audit Service - ok
13:36:20.0247 4844 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:36:20.0294 4844 MMCSS - ok
13:36:20.0310 4844 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:36:20.0341 4844 Modem - ok
13:36:20.0372 4844 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:36:20.0388 4844 monitor - ok
13:36:20.0403 4844 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:36:20.0419 4844 mouclass - ok
13:36:20.0434 4844 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:36:20.0466 4844 mouhid - ok
13:36:20.0497 4844 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:36:20.0512 4844 mountmgr - ok
13:36:20.0528 4844 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:36:20.0544 4844 mpio - ok
13:36:20.0544 4844 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:36:20.0575 4844 mpsdrv - ok
13:36:20.0606 4844 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:36:20.0653 4844 MpsSvc - ok
13:36:20.0668 4844 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:36:20.0684 4844 MRxDAV - ok
13:36:20.0715 4844 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:36:20.0731 4844 mrxsmb - ok
13:36:20.0762 4844 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:36:20.0762 4844 mrxsmb10 - ok
13:36:20.0778 4844 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:36:20.0793 4844 mrxsmb20 - ok
13:36:20.0809 4844 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:36:20.0809 4844 msahci - ok
13:36:20.0856 4844 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:36:20.0871 4844 msdsm - ok
13:36:20.0918 4844 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:36:20.0949 4844 MSDTC - ok
13:36:20.0965 4844 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:36:20.0996 4844 Msfs - ok
13:36:21.0012 4844 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:36:21.0043 4844 mshidkmdf - ok
13:36:21.0043 4844 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:36:21.0058 4844 msisadrv - ok
13:36:21.0090 4844 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:36:21.0136 4844 MSiSCSI - ok
13:36:21.0136 4844 msiserver - ok
13:36:21.0152 4844 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:36:21.0199 4844 MSKSSRV - ok
13:36:21.0199 4844 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:36:21.0246 4844 MSPCLOCK - ok
13:36:21.0246 4844 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:36:21.0277 4844 MSPQM - ok
13:36:21.0308 4844 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:36:21.0324 4844 MsRPC - ok
13:36:21.0339 4844 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:36:21.0355 4844 mssmbios - ok
13:36:21.0355 4844 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:36:21.0386 4844 MSTEE - ok
13:36:21.0402 4844 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:36:21.0417 4844 MTConfig - ok
13:36:21.0433 4844 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:36:21.0433 4844 Mup - ok
13:36:21.0464 4844 [ 09818558C2579B45D78AB18A759B0CA8 ] mvusbews C:\Windows\system32\Drivers\mvusbews.sys
13:36:21.0495 4844 mvusbews - ok
13:36:21.0511 4844 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:36:21.0558 4844 napagent - ok
13:36:21.0589 4844 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:36:21.0620 4844 NativeWifiP - ok
13:36:21.0667 4844 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
13:36:21.0698 4844 NDIS - ok
13:36:21.0698 4844 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:36:21.0729 4844 NdisCap - ok
13:36:21.0745 4844 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:36:21.0776 4844 NdisTapi - ok
13:36:21.0776 4844 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:36:21.0807 4844 Ndisuio - ok
13:36:21.0838 4844 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:36:21.0885 4844 NdisWan - ok
13:36:21.0885 4844 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:36:21.0916 4844 NDProxy - ok
13:36:21.0932 4844 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:36:21.0979 4844 NetBIOS - ok
13:36:21.0994 4844 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:36:22.0010 4844 NetBT - ok
13:36:22.0041 4844 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
13:36:22.0057 4844 Netlogon - ok
13:36:22.0088 4844 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:36:22.0150 4844 Netman - ok
13:36:22.0182 4844 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:36:22.0182 4844 NetMsmqActivator - ok
13:36:22.0182 4844 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:36:22.0197 4844 NetPipeActivator - ok
13:36:22.0213 4844 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:36:22.0260 4844 netprofm - ok
13:36:22.0260 4844 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:36:22.0275 4844 NetTcpActivator - ok
13:36:22.0275 4844 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:36:22.0291 4844 NetTcpPortSharing - ok
13:36:22.0306 4844 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:36:22.0322 4844 nfrd960 - ok
13:36:22.0353 4844 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:36:22.0400 4844 NlaSvc - ok
13:36:22.0400 4844 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:36:22.0431 4844 Npfs - ok
13:36:22.0447 4844 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:36:22.0494 4844 nsi - ok
13:36:22.0509 4844 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:36:22.0540 4844 nsiproxy - ok
13:36:22.0587 4844 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:36:22.0618 4844 Ntfs - ok
13:36:22.0634 4844 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:36:22.0665 4844 Null - ok
13:36:22.0696 4844 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:36:22.0712 4844 nvraid - ok
13:36:22.0712 4844 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:36:22.0728 4844 nvstor - ok
13:36:22.0743 4844 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:36:22.0759 4844 nv_agp - ok
13:36:22.0837 4844 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:36:22.0852 4844 odserv - ok
13:36:22.0868 4844 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:36:22.0884 4844 ohci1394 - ok
13:36:22.0915 4844 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:36:22.0915 4844 ose - ok
13:36:22.0946 4844 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:36:22.0977 4844 p2pimsvc - ok
13:36:23.0008 4844 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:36:23.0024 4844 p2psvc - ok
13:36:23.0040 4844 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
13:36:23.0055 4844 Parport - ok
13:36:23.0071 4844 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:36:23.0071 4844 partmgr - ok
13:36:23.0102 4844 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:36:23.0118 4844 PcaSvc - ok
13:36:23.0149 4844 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:36:23.0149 4844 pci - ok
13:36:23.0180 4844 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:36:23.0180 4844 pciide - ok
13:36:23.0196 4844 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:36:23.0211 4844 pcmcia - ok
13:36:23.0227 4844 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:36:23.0227 4844 pcw - ok
13:36:23.0242 4844 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:36:23.0289 4844 PEAUTH - ok
13:36:23.0336 4844 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:36:23.0367 4844 PeerDistSvc - ok
13:36:23.0445 4844 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:36:23.0476 4844 PerfHost - ok
13:36:23.0523 4844 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:36:23.0586 4844 pla - ok
13:36:23.0632 4844 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:36:23.0679 4844 PlugPlay - ok
13:36:23.0695 4844 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:36:23.0710 4844 PNRPAutoReg - ok
13:36:23.0710 4844 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:36:23.0742 4844 PNRPsvc - ok
13:36:23.0757 4844 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:36:23.0820 4844 PolicyAgent - ok
13:36:23.0835 4844 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:36:23.0866 4844 Power - ok
13:36:23.0898 4844 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:36:23.0929 4844 PptpMiniport - ok
13:36:23.0944 4844 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
13:36:23.0960 4844 Processor - ok
13:36:23.0991 4844 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
13:36:24.0022 4844 ProfSvc - ok
13:36:24.0038 4844 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
13:36:24.0054 4844 ProtectedStorage - ok
13:36:24.0085 4844 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:36:24.0116 4844 Psched - ok
13:36:24.0147 4844 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
13:36:24.0147 4844 PxHlpa64 - ok
13:36:24.0210 4844 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:36:24.0256 4844 ql2300 - ok
13:36:24.0272 4844 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:36:24.0288 4844 ql40xx - ok
13:36:24.0303 4844 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:36:24.0319 4844 QWAVE - ok
13:36:24.0334 4844 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:36:24.0350 4844 QWAVEdrv - ok
13:36:24.0366 4844 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:36:24.0397 4844 RasAcd - ok
13:36:24.0412 4844 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:36:24.0459 4844 RasAgileVpn - ok
13:36:24.0475 4844 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:36:24.0506 4844 RasAuto - ok
13:36:24.0522 4844 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:36:24.0553 4844 Rasl2tp - ok
13:36:24.0584 4844 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:36:24.0631 4844 RasMan - ok
13:36:24.0646 4844 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:36:24.0678 4844 RasPppoe - ok
13:36:24.0709 4844 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:36:24.0756 4844 RasSstp - ok
13:36:24.0771 4844 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:36:24.0802 4844 rdbss - ok
13:36:24.0818 4844 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:36:24.0849 4844 rdpbus - ok
13:36:24.0849 4844 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:36:24.0880 4844 RDPCDD - ok
13:36:24.0896 4844 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:36:24.0896 4844 RDPDR - ok
13:36:24.0927 4844 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:36:24.0974 4844 RDPENCDD - ok
13:36:25.0005 4844 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:36:25.0036 4844 RDPREFMP - ok
13:36:25.0036 4844 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:36:25.0052 4844 RdpVideoMiniport - ok
13:36:25.0083 4844 [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:36:25.0099 4844 RDPWD - ok
13:36:25.0114 4844 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:36:25.0130 4844 rdyboost - ok
13:36:25.0146 4844 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:36:25.0177 4844 RemoteAccess - ok
13:36:25.0208 4844 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:36:25.0270 4844 RemoteRegistry - ok
13:36:25.0270 4844 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:36:25.0317 4844 RpcEptMapper - ok
13:36:25.0333 4844 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:36:25.0333 4844 RpcLocator - ok
13:36:25.0348 4844 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
13:36:25.0380 4844 RpcSs - ok
13:36:25.0411 4844 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:36:25.0458 4844 rspndr - ok
13:36:25.0504 4844 [ B358C047E081AC70035017BD1D7ED818 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:36:25.0536 4844 RTL8167 - ok
13:36:25.0551 4844 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:36:25.0567 4844 s3cap - ok
13:36:25.0582 4844 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
13:36:25.0598 4844 SamSs - ok
13:36:25.0614 4844 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:36:25.0614 4844 sbp2port - ok
13:36:25.0645 4844 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:36:25.0676 4844 SCardSvr - ok
13:36:25.0692 4844 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:36:25.0723 4844 scfilter - ok
13:36:25.0754 4844 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:36:25.0801 4844 Schedule - ok
13:36:25.0816 4844 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:36:25.0848 4844 SCPolicySvc - ok
13:36:25.0879 4844 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:36:25.0894 4844 SDRSVC - ok
13:36:25.0926 4844 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:36:25.0972 4844 secdrv - ok
13:36:25.0988 4844 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:36:26.0004 4844 seclogon - ok
13:36:26.0035 4844 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
13:36:26.0066 4844 SENS - ok

13:36:26.0097 4844 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:36:26.0097 4844 SensrSvc - ok
13:36:26.0113 4844 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:36:26.0128 4844 Serenum - ok
13:36:26.0160 4844 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:36:26.0191 4844 Serial - ok
13:36:26.0206 4844 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:36:26.0222 4844 sermouse - ok
13:36:26.0253 4844 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:36:26.0300 4844 SessionEnv - ok
13:36:26.0300 4844 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:36:26.0331 4844 sffdisk - ok
13:36:26.0331 4844 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:36:26.0347 4844 sffp_mmc - ok
13:36:26.0362 4844 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:36:26.0394 4844 sffp_sd - ok
13:36:26.0394 4844 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:36:26.0409 4844 sfloppy - ok
13:36:26.0440 4844 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:36:26.0472 4844 SharedAccess - ok
13:36:26.0503 4844 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:36:26.0550 4844 ShellHWDetection - ok
13:36:26.0565 4844 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:36:26.0581 4844 SiSRaid2 - ok
13:36:26.0596 4844 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:36:26.0612 4844 SiSRaid4 - ok
13:36:26.0674 4844 Skype C2C Service - ok
13:36:26.0721 4844 [ D0C0B700152B1F610F10B356483B3401 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:36:26.0737 4844 SkypeUpdate - ok
13:36:26.0768 4844 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:36:26.0815 4844 Smb - ok
13:36:26.0846 4844 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:36:26.0877 4844 SNMPTRAP - ok
13:36:26.0893 4844 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:36:26.0908 4844 spldr - ok
13:36:26.0924 4844 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
13:36:26.0955 4844 Spooler - ok
13:36:27.0049 4844 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:36:27.0158 4844 sppsvc - ok
13:36:27.0158 4844 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:36:27.0189 4844 sppuinotify - ok
13:36:27.0205 4844 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:36:27.0236 4844 srv - ok
13:36:27.0267 4844 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:36:27.0283 4844 srv2 - ok
13:36:27.0298 4844 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:36:27.0314 4844 srvnet - ok
13:36:27.0345 4844 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:36:27.0376 4844 SSDPSRV - ok
13:36:27.0392 4844 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:36:27.0423 4844 SstpSvc - ok
13:36:27.0439 4844 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:36:27.0454 4844 stexstor - ok
13:36:27.0486 4844 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:36:27.0517 4844 stisvc - ok
13:36:27.0532 4844 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:36:27.0548 4844 storflt - ok
13:36:27.0564 4844 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:36:27.0579 4844 storvsc - ok
13:36:27.0595 4844 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:36:27.0595 4844 swenum - ok
13:36:27.0626 4844 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:36:27.0673 4844 swprv - ok
13:36:27.0688 4844 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
13:36:27.0688 4844 Synth3dVsc - ok
13:36:27.0766 4844 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:36:27.0813 4844 SysMain - ok
13:36:27.0844 4844 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:36:27.0860 4844 TabletInputService - ok
13:36:27.0860 4844 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:36:27.0907 4844 TapiSrv - ok
13:36:27.0922 4844 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:36:27.0938 4844 TBS - ok
13:36:28.0000 4844 [ FC62769E7BFF2896035AEED399108162 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:36:28.0032 4844 Tcpip - ok
13:36:28.0063 4844 [ FC62769E7BFF2896035AEED399108162 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:36:28.0094 4844 TCPIP6 - ok
13:36:28.0110 4844 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:36:28.0156 4844 tcpipreg - ok
13:36:28.0156 4844 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:36:28.0188 4844 TDPIPE - ok
13:36:28.0188 4844 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:36:28.0219 4844 TDTCP - ok
13:36:28.0234 4844 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:36:28.0266 4844 tdx - ok
13:36:28.0453 4844 [ 851C5080261DFC1FCDC21DF0E5EA3BCB ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
13:36:28.0515 4844 TeamViewer8 - ok
13:36:28.0515 4844 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:36:28.0531 4844 TermDD - ok
13:36:28.0546 4844 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\Windows\system32\drivers\terminpt.sys
13:36:28.0578 4844 terminpt - ok
13:36:28.0609 4844 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:36:28.0671 4844 TermService - ok
13:36:28.0687 4844 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:36:28.0702 4844 Themes - ok
13:36:28.0718 4844 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:36:28.0734 4844 THREADORDER - ok
13:36:28.0749 4844 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:36:28.0796 4844 TrkWks - ok
13:36:28.0843 4844 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:36:28.0890 4844 TrustedInstaller - ok
13:36:28.0921 4844 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:36:28.0952 4844 tssecsrv - ok
13:36:28.0968 4844 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:36:28.0983 4844 TsUsbFlt - ok
13:36:28.0983 4844 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:36:29.0014 4844 TsUsbGD - ok
13:36:29.0030 4844 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
13:36:29.0046 4844 tsusbhub - ok
13:36:29.0077 4844 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:36:29.0139 4844 tunnel - ok
13:36:29.0155 4844 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:36:29.0155 4844 uagp35 - ok
13:36:29.0186 4844 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:36:29.0233 4844 udfs - ok
13:36:29.0248 4844 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:36:29.0264 4844 UI0Detect - ok
13:36:29.0280 4844 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:36:29.0295 4844 uliagpkx - ok
13:36:29.0311 4844 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:36:29.0326 4844 umbus - ok
13:36:29.0342 4844 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:36:29.0358 4844 UmPass - ok
13:36:29.0373 4844 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
13:36:29.0389 4844 UmRdpService - ok
13:36:29.0482 4844 [ CD114CE02A10FA79C229770788106842 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:36:29.0529 4844 UNS - ok
13:36:29.0545 4844 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:36:29.0592 4844 upnphost - ok
13:36:29.0607 4844 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:36:29.0623 4844 usbccgp - ok
13:36:29.0638 4844 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:36:29.0654 4844 usbcir - ok
13:36:29.0670 4844 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:36:29.0685 4844 usbehci - ok
13:36:29.0701 4844 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:36:29.0732 4844 usbhub - ok
13:36:29.0748 4844 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:36:29.0763 4844 usbohci - ok
13:36:29.0779 4844 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:36:29.0810 4844 usbprint - ok
13:36:29.0826 4844 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:36:29.0857 4844 usbscan - ok
13:36:29.0872 4844 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:36:29.0872 4844 USBSTOR - ok
13:36:29.0888 4844 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:36:29.0904 4844 usbuhci - ok
13:36:29.0919 4844 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:36:29.0966 4844 UxSms - ok
13:36:29.0966 4844 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
13:36:29.0982 4844 VaultSvc - ok
13:36:29.0997 4844 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:36:29.0997 4844 vdrvroot - ok
13:36:30.0028 4844 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:36:30.0060 4844 vds - ok
13:36:30.0091 4844 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:36:30.0091 4844 vga - ok
13:36:30.0106 4844 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:36:30.0138 4844 VgaSave - ok
13:36:30.0138 4844 VGPU - ok
13:36:30.0153 4844 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:36:30.0169 4844 vhdmp - ok
13:36:30.0184 4844 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:36:30.0184 4844 viaide - ok
13:36:30.0231 4844 [ 16073F2BC424558EBD277A15188D329E ] VMAuthdService C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
13:36:30.0247 4844 VMAuthdService ( UnsignedFile.Multi.Generic ) - warning
13:36:30.0247 4844 VMAuthdService - detected UnsignedFile.Multi.Generic (1)
13:36:30.0262 4844 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:36:30.0294 4844 vmbus - ok
13:36:30.0309 4844 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:36:30.0325 4844 VMBusHID - ok
13:36:30.0340 4844 [ 87FC1DD880E8CAC4FAEBB84AF61A87C4 ] vmci C:\Windows\system32\DRIVERS\vmci.sys
13:36:30.0340 4844 vmci - ok
13:36:30.0372 4844 [ 3A717D3E29C107351347B478A9D0043F ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
13:36:30.0372 4844 vmkbd - ok
13:36:30.0387 4844 [ B259C31378BC855AFD1B53F59311C251 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
13:36:30.0387 4844 VMnetAdapter - ok
13:36:30.0403 4844 [ DEC4CE720FFEDA939CF1BA315CFBD993 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
13:36:30.0403 4844 VMnetBridge - ok
13:36:30.0403 4844 VMnetDHCP - ok
13:36:30.0418 4844 [ 6B17D7FAD2D61D5A2C2B6D3EA25BDCA8 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
13:36:30.0434 4844 VMnetuserif - ok
13:36:30.0481 4844 [ 415B167695C4B5960A13098622EF3D80 ] vmusb C:\Windows\system32\Drivers\vmusb.sys
13:36:30.0481 4844 vmusb - ok
13:36:30.0528 4844 [ 18903CA7936912C337C9D28858880CF2 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
13:36:30.0559 4844 VMUSBArbService - ok
13:36:30.0574 4844 VMware NAT Service - ok
13:36:30.0621 4844 [ 75BC28F58C95B90DFFA5367310BC82EB ] vmware-converter-agent C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
13:36:30.0637 4844 vmware-converter-agent - ok
13:36:30.0668 4844 [ 3B7FF15F4F50D3AA3983A3D41FBE2835 ] vmware-converter-server C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
13:36:30.0684 4844 vmware-converter-server - ok
13:36:30.0699 4844 [ 3B7FF15F4F50D3AA3983A3D41FBE2835 ] vmware-converter-worker C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
13:36:30.0699 4844 vmware-converter-worker - ok
13:36:30.0980 4844 [ D580C4EDC87A6AC6C2E0607CCFA685F4 ] VMwareHostd C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
13:36:31.0120 4844 VMwareHostd ( UnsignedFile.Multi.Generic ) - warning
13:36:31.0120 4844 VMwareHostd - detected UnsignedFile.Multi.Generic (1)
13:36:31.0136 4844 [ E2A591ECC4525EB0B05C65A9B24CF05E ] vmx86 C:\Windows\system32\drivers\vmx86.sys
13:36:31.0152 4844 vmx86 - ok
13:36:31.0152 4844 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:36:31.0167 4844 volmgr - ok
13:36:31.0183 4844 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:36:31.0198 4844 volmgrx - ok
13:36:31.0214 4844 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:36:31.0214 4844 volsnap - ok
13:36:31.0245 4844 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:36:31.0261 4844 vsmraid - ok
13:36:31.0323 4844 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:36:31.0386 4844 VSS - ok
13:36:31.0417 4844 [ 65EFAEC68FA234F36880533A79D7B1C1 ] vstor2-mntapi10-shared C:\Windows\syswow64\drivers\vstor2-mntapi10-shared.sys
13:36:31.0432 4844 vstor2-mntapi10-shared - ok
13:36:31.0432 4844 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:36:31.0448 4844 vwifibus - ok
13:36:31.0479 4844 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:36:31.0510 4844 W32Time - ok
13:36:31.0526 4844 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:36:31.0557 4844 WacomPen - ok
13:36:31.0557 4844 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:36:31.0604 4844 WANARP - ok
13:36:31.0604 4844 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:36:31.0620 4844 Wanarpv6 - ok
13:36:31.0666 4844 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:36:31.0729 4844 wbengine - ok
13:36:31.0744 4844 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:36:31.0760 4844 WbioSrvc - ok
13:36:31.0776 4844 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:36:31.0807 4844 wcncsvc - ok
13:36:31.0838 4844 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:36:31.0854 4844 WcsPlugInService - ok
13:36:31.0869 4844 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
13:36:31.0885 4844 Wd - ok
13:36:31.0900 4844 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:36:31.0932 4844 Wdf01000 - ok
13:36:31.0932 4844 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:36:31.0963 4844 WdiServiceHost - ok
13:36:31.0963 4844 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:36:31.0978 4844 WdiSystemHost - ok
13:36:31.0994 4844 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:36:32.0025 4844 WebClient - ok
13:36:32.0056 4844 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:36:32.0088 4844 Wecsvc - ok
13:36:32.0103 4844 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:36:32.0134 4844 wercplsupport - ok
13:36:32.0150 4844 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:36:32.0181 4844 WerSvc - ok
13:36:32.0212 4844 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:36:32.0244 4844 WfpLwf - ok
13:36:32.0259 4844 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:36:32.0259 4844 WIMMount - ok
13:36:32.0275 4844 WinDefend - ok
13:36:32.0275 4844 WinHttpAutoProxySvc - ok
13:36:32.0322 4844 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:36:32.0384 4844 Winmgmt - ok
13:36:32.0446 4844 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:36:32.0493 4844 WinRM - ok
13:36:32.0540 4844 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:36:32.0587 4844 WinUsb - ok
13:36:32.0634 4844 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:36:32.0680 4844 Wlansvc - ok
13:36:32.0712 4844 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:36:32.0727 4844 WmiAcpi - ok
13:36:32.0758 4844 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:36:32.0790 4844 wmiApSrv - ok
13:36:32.0805 4844 WMPNetworkSvc - ok
13:36:32.0836 4844 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:36:32.0852 4844 WPCSvc - ok
13:36:32.0883 4844 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:36:32.0883 4844 WPDBusEnum - ok
13:36:32.0930 4844 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:36:32.0961 4844 ws2ifsl - ok
13:36:33.0024 4844 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
13:36:33.0086 4844 wscsvc - ok
13:36:33.0086 4844 WSearch - ok
13:36:33.0180 4844 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:36:33.0226 4844 wuauserv - ok
13:36:33.0226 4844 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:36:33.0258 4844 WudfPf - ok
13:36:33.0289 4844 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:36:33.0336 4844 WUDFRd - ok
13:36:33.0351 4844 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:36:33.0367 4844 wudfsvc - ok
13:36:33.0382 4844 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:36:33.0414 4844 WwanSvc - ok
13:36:33.0429 4844 ================ Scan global ===============================
13:36:33.0445 4844 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:36:33.0476 4844 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:36:33.0476 4844 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:36:33.0492 4844 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:36:33.0523 4844 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:36:33.0523 4844 [Global] - ok
13:36:33.0523 4844 ================ Scan MBR ==================================
13:36:33.0538 4844 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:36:33.0819 4844 \Device\Harddisk1\DR1 - ok
13:36:33.0819 4844 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
13:36:33.0835 4844 \Device\Harddisk0\DR0 - ok
13:36:33.0835 4844 [ 66D0B28C8B44E531D0C19F436252ABAA ] \Device\Harddisk2\DR3
13:36:33.0835 4844 \Device\Harddisk2\DR3 - ok
13:36:33.0835 4844 ================ Scan VBR ==================================
13:36:33.0835 4844 [ 18F3D42F71279A3AE7C11A5E7D963FDA ] \Device\Harddisk1\DR1\Partition1
13:36:33.0835 4844 \Device\Harddisk1\DR1\Partition1 - ok
13:36:33.0835 4844 [ 881E4CCB047B60430936CDA9CAD6A52A ] \Device\Harddisk0\DR0\Partition1
13:36:33.0835 4844 \Device\Harddisk0\DR0\Partition1 - ok
13:36:33.0850 4844 [ BBE0478A139917C1C00B3E48E2AE1273 ] \Device\Harddisk0\DR0\Partition2
13:36:33.0850 4844 \Device\Harddisk0\DR0\Partition2 - ok
13:36:33.0850 4844 [ 6F1FA8BA5B95413946DB739B4AF842FF ] \Device\Harddisk0\DR0\Partition3
13:36:33.0850 4844 \Device\Harddisk0\DR0\Partition3 - ok
13:36:33.0850 4844 [ A0A45374EC13CF583E1B2384631AE6B1 ] \Device\Harddisk2\DR3\Partition1
13:36:33.0850 4844 \Device\Harddisk2\DR3\Partition1 - ok
13:36:33.0850 4844 ============================================================
13:36:33.0850 4844 Scan finished
13:36:33.0850 4844 ============================================================
13:36:33.0850 4932 Detected object count: 2
13:36:33.0850 4932 Actual detected object count: 2
13:36:47.0797 4932 VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user
13:36:47.0797 4932 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:36:47.0797 4932 VMwareHostd ( UnsignedFile.Multi.Generic ) - skipped by user
13:36:47.0797 4932 VMwareHostd ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:36:52.0726 3128 Deinitialize success

#5 Zebra Jack

Zebra Jack
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 19 December 2012 - 04:44 PM

2
________________________________
Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
Java™ 6 Update 31
Java version out of Date!
Adobe Flash Player 11.5.502.135
Mozilla Firefox (17.0.1)
Google Chrome 20.0.1132.47
Google Chrome 20.0.1132.57
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

#6 Zebra Jack

Zebra Jack
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 19 December 2012 - 04:46 PM

3
______________________________
Farbar Service Scanner Version: 10-12-2012
Ran by xxx (administrator) on 19-12-2012 at 13:46:26
Running from "C:\Users\xxx\Desktop"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#7 Zebra Jack

Zebra Jack
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 19 December 2012 - 04:56 PM

4
_________________
MiniToolBox by Farbar Version: 25-11-2012
Ran by xxx (administrator) on 19-12-2012 at 13:48:20
Running from "C:\Users\xxx\Desktop"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="VMware Network Adapter VMnet1" address=192.168.203.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet8" address=192.168.113.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : xxx-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-25-22-F8-C1-4B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, December 16, 2012 3:16:39 AM
Lease Expires . . . . . . . . . . : Wednesday, December 19, 2012 2:55:34 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : xxx
xxx
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VMware Network Adapter VMnet1:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1
Physical Address. . . . . . . . . : 00-50-56-C0-00-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::cdfb:2452:50ff:7095%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.203.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 318787670
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-67-D5-38-00-25-22-F8-C1-4B
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VMware Network Adapter VMnet8:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
Physical Address. . . . . . . . . : 00-50-56-C0-00-08
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9406:aa76:402:8a41%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.113.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 352342102
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-67-D5-38-00-25-22-F8-C1-4B
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{7E247F2F-CF46-4CC7-AF18-EFC6B47F89EA}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{443C41E5-E831-4FE7-A12A-E025681C6E05}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{49764D00-A8C5-40DA-8B59-437DCCDE7604}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: xxx

Name: google.com
Addresses: 2a00:1450:4001:c02::66
173.194.70.139
173.194.70.100
173.194.70.101
173.194.70.102
173.194.70.113
173.194.70.138


Pinging google.com [173.194.70.138] with 32 bytes of data:
Reply from 173.194.70.138: bytes=32 time=43ms TTL=50
Reply from 173.194.70.138: bytes=32 time=42ms TTL=50

Ping statistics for 173.194.70.138:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 42ms, Maximum = 43ms, Average = 42ms
Server: UnKnown
Address: xxx

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=161ms TTL=54
Reply from 98.139.183.24: bytes=32 time=188ms TTL=54

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 161ms, Maximum = 188ms, Average = 174ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
19...00 25 22 f8 c1 4b ......Realtek PCIe GBE Family Controller
12...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
14...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 276
192.168.1.100 255.255.255.255 On-link 192.168.1.100 276
192.168.1.255 255.255.255.255 On-link 192.168.1.100 276
192.168.113.0 255.255.255.0 On-link 192.168.113.1 276
192.168.113.1 255.255.255.255 On-link 192.168.113.1 276
192.168.113.255 255.255.255.255 On-link 192.168.113.1 276
192.168.203.0 255.255.255.0 On-link 192.168.203.1 276
192.168.203.1 255.255.255.255 On-link 192.168.203.1 276
192.168.203.255 255.255.255.255 On-link 192.168.203.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 276
224.0.0.0 240.0.0.0 On-link 192.168.203.1 276
224.0.0.0 240.0.0.0 On-link 192.168.113.1 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 276
255.255.255.255 255.255.255.255 On-link 192.168.203.1 276
255.255.255.255 255.255.255.255 On-link 192.168.113.1 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 276 fe80::/64 On-link
14 276 fe80::/64 On-link
14 276 fe80::9406:aa76:402:8a41/128
On-link
12 276 fe80::cdfb:2452:50ff:7095/128
On-link
1 306 ff00::/8 On-link
12 276 ff00::/8 On-link
14 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/16/2012 03:18:03 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/16/2012 00:42:04 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/15/2012 10:22:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/15/2012 10:19:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/15/2012 10:16:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/15/2012 02:17:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/15/2012 02:10:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/15/2012 01:59:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/19/2012 07:36:59 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (12/19/2012 07:31:20 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (12/19/2012 04:11:26 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (12/19/2012 02:59:28 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (12/17/2012 00:16:20 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (12/16/2012 03:18:07 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (12/16/2012 00:45:19 AM) (Source: Service Control Manager) (User: )
Description: The HP SI Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (12/16/2012 00:42:09 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (12/15/2012 10:21:39 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (12/15/2012 10:18:25 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================


=========================== Installed Programs ============================

Active Ports
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.5.502.135)
Adobe Story (Version: 1.0.571)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
Amazon Kindle
avast! Free Antivirus (Version: 7.0.1474.0)
Etron USB3.0 Host Controller (Version: 0.104)
Google Chrome (Version: 23.0.1271.97)
Google Talk (remove only)
HP LaserJet Professional M1130-M1210 MFP Series
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2372)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MassFindReplace (Version: 1.3.0)
MetaProducts Offline Explorer Enterprise
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft CAPICOM 2.1.0.2 SDK (Version: 2.1.0.2)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 17.0.1 (x86 en-US) (Version: 17.0.1)
PremiumSoft Navicat 9.0 for MySQL
PxMergeModule (Version: 1.00.0000)
Realtek Ethernet Controller Driver (Version: 7.44.421.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6392)
Scan To (Version: 2.0.1)
Skype Click to Call (Version: 6.1.10441)
Skype™ 6.0 (Version: 6.0.126)
System Requirements Lab for Intel (Version: 4.4.24.0)
TeamViewer 8 (Version: 8.0.16447)
TextPad 5 (Version: 5.4.2)
The KMPlayer (Version: 3.4.0.59)
tools-freebsd (Version: 8.8.1.528992)
tools-linux (Version: 8.8.1.528992)
tools-netware (Version: 8.8.1.528992)
tools-solaris (Version: 8.8.1.528992)
tools-windows (Version: 8.8.1.528992)
tools-winPre2k (Version: 8.8.1.528992)
VmciSockets (Version: 9.1.54.1)
VMware vCenter Converter Standalone (Version: 5.0.0.470252)
VMware Workstation (Version: 8.0.1.27038)
Windows Media Encoder 9 Series SDK (Version: 9.00.2980)
WinRAR 4.10 beta 4 (64-bit) (Version: 4.10.4)
WPF Toolkit February 2010 (Version 3.5.50211.1) (Version: 3.5.50211.1)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 16104.67 MB
Available physical RAM: 12700.51 MB
Total Pagefile: 32207.54 MB
Available Pagefile: 28881.03 MB
Total Virtual: 4095.88 MB
Available Virtual: 3956.2 MB

========================= Partitions: =====================================

1 Drive c: (New Volume) (Fixed) (Total:149.05 GB) (Free:67.16 GB) NTFS
2 Drive d: (Video) (Fixed) (Total:984.11 GB) (Free:111.5 GB) NTFS
3 Drive e: (Install) (Fixed) (Total:390.63 GB) (Free:19.34 GB) NTFS
4 Drive f: (Pics) (Fixed) (Total:488.28 GB) (Free:245.98 GB) NTFS

========================= Users: ========================================

User accounts for \\xxx-PC

___VMware_Conv_SA___ Administrator Guest
xxx

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

05-12-2012 09:51:09 Scheduled Checkpoint
13-12-2012 17:50:10 Scheduled Checkpoint
14-12-2012 09:25:52 ##IDS_ERROR_1717##
15-12-2012 06:36:55 Windows Update

**** End of log ****

That's it

#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:43 AM

Posted 19 December 2012 - 06:31 PM

Hi

Please do the following next:

:step1:

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log in your next reply.

Note: Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


:step2:

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


:step3:

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


:step4:

How is the computer running now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 Zebra Jack

Zebra Jack
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 20 December 2012 - 02:54 AM

MBAM did not find anything and did not write a log for some reason

I just started the ESET but should I run it 2 times?

Computer is running better but still can't resolve some sites... strange thing

#10 Zebra Jack

Zebra Jack
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 20 December 2012 - 06:23 AM

Here is ESET

C:\Users\xxx\Downloads\Chapenettoer8Thin_downloader_by_Fonts101.exe a variant of Win32/Somoto.A application
D:\Install\Install_AIM_np.exe Win32/Adware.WBug.A application
D:\Music\adi\autorun.inf INF/Autorun.gen worm

#11 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:43 AM

Posted 20 December 2012 - 09:16 AM

Hi

Please do the following next:

:step1:

Please set your system to show all hidden files, folders, and file extensions.

  • Click the "Windows Orb" Posted Image button on your desktop,
  • Type "Control" without the quotes in the search box and press enter
  • Double click "Folder options"
  • Select the View Tab. Under Advanced settings
    • Select Show hidden files and folders.
    • Uncheck: Hide file extensions for known file types.
    • Uncheck: Hide protected operating system files (recommended).
  • Click Yes to confirm.
  • Click Apply then Ok.


:step2:

Is the MBAM log visible at the below path?

C:\Users\xxx\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\<log-date>.txt

If yes please post it in your next reply.


:step3:

Please visit the online Jotti Virus Scanner Posted Image<--link
  • Browse to the following filepath:


    C:\Users\xxx\Downloads\Chapenettoer8Thin_downloader_by_Fonts101.exe

  • Click on the Posted Image button.
    The scanner will check the file with various AV companies.
  • If Jotti says the file has been scanned before, then click scan again.
  • Copy and paste the results box into a reply to this thread.
  • Repeat the above for the following:


    D:\Install\Install_AIM_np.exe
    D:\Music\adi\autorun.inf

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#12 Zebra Jack

Zebra Jack
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 20 December 2012 - 02:34 PM

1 was already done on my PC

2 still no log there

3 unfortunately I deleted all files mentioned above as I thought they are dangerous to have and are in old folders which I will never need again. Should I rerun ESET to make sure I'm clean?


Thanks

#13 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:43 AM

Posted 20 December 2012 - 02:59 PM

Hi

3 unfortunately I deleted all files mentioned above as I thought they are dangerous to have and are in old folders which I will never need again. Should I rerun ESET to make sure I'm clean?

Ok. Next time please don't delete the files unless asked - as the results in the ESET log may have been false positives.
No need to rerun ESET for the time being.

Please do the following next:

:step1:

Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#14 Zebra Jack

Zebra Jack
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 20 December 2012 - 04:42 PM

I don't need the files deleted so it's not a big deal even if those were just FP

Here is the log:

# AdwCleaner v2.101 - Logfile created 12/20/2012 at 13:40:40
# Updated 16/12/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : xxx - xxx-PC
# Boot Mode : Normal
# Running from : C:\Users\xxx\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

Profile name : default
File : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\8hclzjq2.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [831 octets] - [20/12/2012 13:40:40]

########## EOF - C:\AdwCleaner[R1].txt - [1010 octets] ##########

#15 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:43 AM

Posted 20 December 2012 - 05:27 PM

Ok the Adwcleaner log is clean.

How is the computer running now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users