Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help remove Optimizer Pro Speed Guard


  • Please log in to reply
9 replies to this topic

#1 tntmm6

tntmm6

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Local time:10:36 AM

Posted 21 December 2012 - 03:07 PM

Hello -

We opened Firefox this morning and saw that its home page was changed, and so was Chrome's. And then Optimizer Pro SPeed Guard popped up. We haven't touched it, and have run Spybot and MWB, and are currently running Avast virus scan, though it's running very slowly. Spybot found a couple of toolbars and adware to remove, MWB didn't find anything. We are running Windows 7.

I'm not sure what else to do.

Thank you

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:36 AM

Posted 21 December 2012 - 03:20 PM

Hello tntmm6
Next, please go to Start>Control Panel>Programs>Programs and Features and uninstall the following (if present):
PC Optimizer Pro Guard
Reboot...

Please also run these.

ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by boopme, 21 December 2012 - 03:20 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 tntmm6

tntmm6
  • Topic Starter

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Local time:10:36 AM

Posted 21 December 2012 - 10:22 PM

# AdwCleaner v2.101 - Logfile created 12/21/2012 at 15:48:56
# Updated 16/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Moran - MORAN-HP
# Boot Mode : Normal
# Running from : C:\Users\Moran\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Moran\AppData\Roaming\Mozilla\Firefox\Profiles\01qbjldh.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Tessa\AppData\Roaming\Mozilla\Firefox\Profiles\5jqim8f9.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Tessa\AppData\Roaming\Mozilla\Firefox\Profiles\5jqim8f9.default\bprotector_prefs.js
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Moran\AppData\Local\APN
Folder Deleted : C:\Users\Moran\AppData\Local\Conduit
Folder Deleted : C:\Users\Moran\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Moran\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Moran\AppData\Roaming\Mozilla\Firefox\Profiles\01qbjldh.default\extensions\plugin@yontoo.com
Folder Deleted : C:\Users\Tessa\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Tessa\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Tully\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Tully\AppData\LocalLow\facemoods.com

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default
File : C:\Users\Moran\AppData\Roaming\Mozilla\Firefox\Profiles\01qbjldh.default\prefs.js

C:\Users\Moran\AppData\Roaming\Mozilla\Firefox\Profiles\01qbjldh.default\user.js ... Deleted !

Deleted : user_pref("avg.install.userHPSettings", "hxxp://www.claro-search.com/?affID=117459&tt=5112_4&babsrc=[...]
Deleted : user_pref("avg.install.userSPSettings", "Claro Search");
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultthis.engineName", "NCH EN Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&Sea[...]
Deleted : user_pref("browser.search.selectedEngine", "Claro Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://www.claro-search.com/?affID=117459&tt=5112_4&babsrc=HP[...]
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=117459&tt=511[...]
Deleted : user_pref("extensions.claro.admin", false);
Deleted : user_pref("extensions.claro.aflt", "babsst");
Deleted : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Deleted : user_pref("extensions.claro.dfltLng", "en");
Deleted : user_pref("extensions.claro.excTlbr", false);
Deleted : user_pref("extensions.claro.id", "145fb27a00000000000026de2b3e33a1");
Deleted : user_pref("extensions.claro.instlDay", "15694");
Deleted : user_pref("extensions.claro.instlRef", "sst");
Deleted : user_pref("extensions.claro.prdct", "claro");
Deleted : user_pref("extensions.claro.prtnrId", "claro");
Deleted : user_pref("extensions.claro.tlbrId", "base");
Deleted : user_pref("extensions.claro.tlbrSrchUrl", "");
Deleted : user_pref("extensions.claro.vrsn", "1.8.3.10");
Deleted : user_pref("extensions.claro.vrsni", "1.8.3.10");
Deleted : user_pref("extensions.claro_i.smplGrp", "none");
Deleted : user_pref("extensions.claro_i.vrsnTs", "1.8.3.1010:55:55");
Deleted : user_pref("extensions.facemoods.DNSErrUrl", "hxxp://start.facemoods.com/?a=ironto&f=5");
Deleted : user_pref("extensions.facemoods.aflt", "ironto");
Deleted : user_pref("extensions.facemoods.dfltSrch", true);
Deleted : user_pref("extensions.facemoods.dfltSrchPrvdr", "Facemoods Search");
Deleted : user_pref("extensions.facemoods.dnsErr", true);
Deleted : user_pref("extensions.facemoods.firstRun", true);
Deleted : user_pref("extensions.facemoods.hmpg", true);
Deleted : user_pref("extensions.facemoods.hmpgUrl", "hxxp://start.facemoods.com/?a=ironto");
Deleted : user_pref("extensions.facemoods.id", "145fb27a00000000000016de2b3e33a1");
Deleted : user_pref("extensions.facemoods.instlDay", "15341");
Deleted : user_pref("extensions.facemoods.mntz", "");
Deleted : user_pref("extensions.facemoods.newTab", true);
Deleted : user_pref("extensions.facemoods.newTabUrl", "hxxp://start.facemoods.com/?a=ironto&f=2");
Deleted : user_pref("extensions.facemoods.prtnrId", "facemoods.com");
Deleted : user_pref("extensions.facemoods.searchProviderAdded", true);
Deleted : user_pref("extensions.facemoods.sid", "63795560997f4d0c9ea29bfdc7584f5f");
Deleted : user_pref("extensions.facemoods.tlbrSrchUrl", "hxxp://start.facemoods.com/?a=ironto&f=3");
Deleted : user_pref("extensions.facemoods.vrsn", "1.4.17.11");

Profile name : default
File : C:\Users\Tully\AppData\Roaming\Mozilla\Firefox\Profiles\ptrmn2rb.default\prefs.js

Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Deleted : user_pref("browser.startup.homepage", "hxxp://www.ask.com/?l=dis&o=APN10379&gct=hp");
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=OVO2&o=APN10379&loca[...]

Profile name : default
File : C:\Users\Tessa\AppData\Roaming\Mozilla\Firefox\Profiles\5jqim8f9.default\prefs.js

Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=OVO2&o=APN10379&loca[...]

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Moran\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.16] : homepage = "hxxp://www.claro-search.com/?affID=117459&tt=5112_4&babsrc=HP_ss&mntrId=145fb27a0[...]
Deleted [l.20] : urls_to_restore_on_startup = [ "hxxp://www.claro-search.com/?affID=117459&tt=5112_4&babsrc[...]
Deleted [l.69] : icon_url = "hxxp://www.claro-search.com/favicon.ico",
Deleted [l.72] : keyword = "claro-search.com",
Deleted [l.75] : search_url = "hxxp://www.claro-search.com/?q={searchTerms}&affID=117459&tt=5112_4&babsrc=SP_s[...]
Deleted [l.1870] : homepage = "hxxp://www.claro-search.com/?affID=117459&tt=5112_4&babsrc=HP_ss&mntrId=145fb27a0000[...]
Deleted [l.2106] : urls_to_restore_on_startup = [ "hxxp://www.claro-search.com/?affID=117459&tt=5112_4&babsrc=HP[...]

File : C:\Users\Tully\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Tessa\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [9804 octets] - [21/12/2012 15:48:56]

########## EOF - C:\AdwCleaner[S1].txt - [9864 octets] ##########


ESET Scan
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ToolbarFacemood83.zip Win32/Bagle.gen.zip worm unable to clean
C:\ProgramData\Spybot - Search & Destroy\Recovery\ToolbarFacemood83.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Users\Moran\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L75GH62X\pack[1].7z multiple threats deleted - quarantined
C:\Users\Moran\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XO8GD50L\16[1].7z a variant of Win32/bProtector.B application deleted - quarantined
C:\Users\Moran\AppData\Local\Temp\C5549C65-BAB0-7891-819B-AB4B1BC4AE18\Latest\MyBabylonTB.exe Win32/Toolbar.Funmoods application cleaned by deleting - quarantined
C:\Users\Moran\AppData\Local\Temp\DM\CamStudio_oeototudio_2_6_exe_036\software\OptimizerPro.exe a variant of Win32/Adware.SpeedingUpMyPC.A application cleaned by deleting - quarantined
C:\Users\Tessa\FoxTabFLVPlayer\FLVPlayer.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined
C:\Windows\Temp\RegistryOptimizer.exe a variant of Win32/SpeedingUpMyPC application cleaned by deleting - quarantined

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:36 AM

Posted 21 December 2012 - 11:07 PM

Wow! you had a lot of really bad stuff on here. Be careful when you add applications to UNcheck the add Toolbar choice.
Looks like we got it also..

But with what was found ...
You should also run these...

First clean the TEMP folder

Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.
alternate download link
  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.


MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed

>>>>

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.

>>>>

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Edited by boopme, 21 December 2012 - 11:09 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 tntmm6

tntmm6
  • Topic Starter

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Local time:10:36 AM

Posted 22 December 2012 - 10:54 AM

Hi boopme. Thank you for your help.

I am equally surprised. We run mwb and spybot frequently and have all the shields active on avast.

During tfc scan I received an exception error: unknown software exception (0xc0020043) occurred in the application @ location 0x7613cd019

I clicked ok waited for some sort of message, which I never saw so I rebooted. The reboot asked to force IE to close and something else and then I waited nearly an hour before I powered off and booted back up. I haven't done anything else.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:36 AM

Posted 22 December 2012 - 11:16 AM

OK, we try that again later.. Move on thru the scans.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 tntmm6

tntmm6
  • Topic Starter

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Local time:10:36 AM

Posted 22 December 2012 - 11:55 AM

Attached are the MiniToolBox and tdss logs. When I ran aswMBR scan, it didn't ask to update definitions, and part way thru I got a blue screen. I've rebooted, but I haven't done anything else.


MiniToolBox by Farbar Version: 25-11-2012
Ran by Moran (administrator) on 22-12-2012 at 11:42:30
Running from "C:\Users\Moran\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Wireless Network Connection 2" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Moran-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 26-DE-2B-3E-33-A1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : SWDLED01.COM
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 2C-76-8A-D2-18-C6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 74-DE-2B-3E-33-A1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6928:d345:85fa:236a%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.107(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, December 22, 2012 10:46:11 AM
Lease Expires . . . . . . . . . . : Sunday, December 23, 2012 10:46:11 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 292871723
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-12-CE-54-74-DE-2B-3E-33-A1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:2813:f25:b7a4:b8df(Preferred)
Link-local IPv6 Address . . . . . : fe80::2813:f25:b7a4:b8df%21(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{DD5FD304-2A13-488F-A611-26CB73F1CEE9}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.SWDLED01.COM:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Pinging google.com [173.194.37.142] with 32 bytes of data:
Reply from 173.194.37.142: bytes=32 time=17ms TTL=55
Reply from 173.194.37.142: bytes=32 time=17ms TTL=55

Ping statistics for 173.194.37.142:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 17ms, Average = 17ms

Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=101ms TTL=56
Reply from 72.30.38.140: bytes=32 time=152ms TTL=56

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 101ms, Maximum = 152ms, Average = 126ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...26 de 2b 3e 33 a1 ......Microsoft Virtual WiFi Miniport Adapter
16...2c 76 8a d2 18 c6 ......Realtek PCIe FE Family Controller
13...74 de 2b 3e 33 a1 ......Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter
1...........................Software Loopback Interface 1
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
21...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
38...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
39...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.107 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.107 281
192.168.1.107 255.255.255.255 On-link 192.168.1.107 281
192.168.1.255 255.255.255.255 On-link 192.168.1.107 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.107 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.107 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
21 58 ::/0 On-link
1 306 ::1/128 On-link
21 58 2001::/32 On-link
21 306 2001:0:9d38:6ab8:2813:f25:b7a4:b8df/128
On-link
13 281 fe80::/64 On-link
21 306 fe80::/64 On-link
21 306 fe80::2813:f25:b7a4:b8df/128
On-link
13 281 fe80::6928:d345:85fa:236a/128
On-link
1 306 ff00::/8 On-link
21 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 02 C:\Windows\SysWOW64\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 03 C:\Windows\SysWOW64\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 04 C:\Windows\SysWOW64\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 05 C:\Windows\SysWOW64\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 06 C:\Windows\SysWOW64\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 07 C:\Windows\SysWOW64\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 08 C:\Windows\SysWOW64\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 09 C:\Windows\SysWOW64\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 10 C:\Windows\SysWOW64\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 11 C:\Windows\SysWOW64\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 12 C:\Windows\SysWOW64\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\SysWOW64\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 25 C:\Windows\SysWOW64\cwalsp.dll [1053760] (ContentWatch, Inc.)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 02 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 03 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 04 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 05 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 06 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 07 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 08 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 09 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 10 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 11 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 12 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 16 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 17 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 18 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 19 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 20 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 21 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 22 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 23 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 24 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 25 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/22/2012 10:46:55 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/22/2012 10:22:44 AM) (Source: Application Error) (User: )
Description: Faulting application name: TFC (1).exe, version: 3.1.9.0, time stamp: 0x2a425e19
Faulting module name: RPCRT4.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ba59
Exception code: 0xc0020043
Fault offset: 0x0005cd99
Faulting process id: 0x1038
Faulting application start time: 0xTFC (1).exe0
Faulting application path: TFC (1).exe1
Faulting module path: TFC (1).exe2
Report Id: TFC (1).exe3

Error: (12/22/2012 10:17:24 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/22/2012 10:13:45 AM) (Source: Application Error) (User: )
Description: Faulting application name: winlogon.exe, version: 6.1.7601.17514, time stamp: 0x4ce79fa6
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x0000000000020a4a
Faulting process id: 0x270
Faulting application start time: 0xwinlogon.exe0
Faulting application path: winlogon.exe1
Faulting module path: winlogon.exe2
Report Id: winlogon.exe3

Error: (12/22/2012 09:55:58 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/21/2012 08:38:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2698521

Error: (12/21/2012 08:38:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2698521

Error: (12/21/2012 08:38:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/21/2012 07:53:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3728

Error: (12/21/2012 07:53:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3728


System errors:
=============
Error: (12/22/2012 10:47:38 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (12/22/2012 10:46:04 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:42:55 AM on ?12/?22/?2012 was unexpected.

Error: (12/22/2012 10:17:58 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (12/22/2012 10:15:49 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (12/22/2012 09:57:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (12/22/2012 09:55:58 AM) (Source: Service Control Manager) (User: )
Description: The IHA_MessageCenter service failed to start due to the following error:
%%1053

Error: (12/22/2012 09:55:58 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the IHA_MessageCenter service to connect.

Error: (12/21/2012 05:17:12 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{5A26051C-8D51-4F6E-B2DC-66558FE65D2A}.
The backup browser is stopping.

Error: (12/21/2012 03:51:46 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (12/21/2012 03:47:52 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (12/22/2012 10:46:55 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/22/2012 10:22:44 AM) (Source: Application Error)(User: )
Description: TFC (1).exe3.1.9.02a425e19RPCRT4.dll6.1.7601.175144ce7ba59c00200430005cd99103801cde057b651fe6cC:\Users\Moran\Downloads\TFC (1).exeC:\Windows\syswow64\RPCRT4.dll6eaa6e6e-4c4b-11e2-b812-2c768ad218c6

Error: (12/22/2012 10:17:24 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/22/2012 10:13:45 AM) (Source: Application Error)(User: )
Description: winlogon.exe6.1.7601.175144ce79fa6ntdll.dll6.1.7601.177254ec4aa8ec00000050000000000020a4a27001cde054571bb4bcC:\Windows\system32\winlogon.exeC:\Windows\SYSTEM32\ntdll.dll2d32488c-4c4a-11e2-bb92-2c768ad218c6

Error: (12/22/2012 09:55:58 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/21/2012 08:38:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2698521

Error: (12/21/2012 08:38:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2698521

Error: (12/21/2012 08:38:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/21/2012 07:53:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3728

Error: (12/21/2012 07:53:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3728


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.5.502.135)
Adobe Flash Player 11 Plugin (Version: 11.5.502.135)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Atheros Driver Installation Program (Version: 9.2)
avast! Free Antivirus (Version: 7.0.1474.0)
Bejeweled 3 (Version: 2.2.0.97)
Bing Bar (Version: 7.0.619.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.97)
Bluetooth Win7 Suite (64) (Version: 7.04.000.70)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (Version: 2.2.0.97)
Cake Mania (Version: 2.2.0.95)
CCleaner (Version: 3.25)
Chronicles of Albian (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
couponamazing (Version: 1.1355522592)
Cradle of Rome 2 (Version: 2.2.0.95)
CyberLink YouCam (Version: 3.5.1.4119)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ESET Online Scanner v3
ESU for Microsoft Windows 7 SP1 (Version: 2.1.1)
Facebook Messenger 2.1.4570.0 (Version: 2.1.4570.0)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.97)
Google Chrome (Version: 23.0.1271.97)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.123)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.1.1.0 (Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Connection Manager (Version: 4.1.23.1)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP FWUpdateEDO2 (Version: 1.2.0.0)
HP Games (Version: 1.0.2.5)
HP Photosmart 5510 series Basic Device Software (Version: 25.0.621.0)
HP Photosmart 5510 series Help (Version: 140.0.2.2)
HP Update (Version: 5.003.001.001)
iCloud (Version: 1.1.0.40)
IHA_MessageCenter (Version: 1.8.8)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2353)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 37 (Version: 6.0.370)
Jewel Quest: The Sleepless Star - Collector's Edition (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mnemosyne 2.1
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery of Mortlake Mansion (Version: 2.2.0.97)
Namco All-Stars: PAC-MAN (Version: 2.2.0.95)
Net Nanny Parental Controls (Version: 6.5)
ooVoo (Version: 3.5.1071)
Penguins! (Version: 2.2.0.95)
Pirate101 (Version: 1.0.0)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.95)
Quicken 2012 (Version: 21.1.4.22)
Realtek Ethernet Controller Driver (Version: 7.42.304.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6287)
Realtek PCIE Card Reader (Version: 6.1.7600.77)
Recovery Manager (Version: 2.0.0)
RoxioNow Player (Version: 1.9.5.103)
Scratch (Version: 1.4.0.0)
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.10 (Version: 5.10.116)
Slingo Supreme (Version: 2.2.0.97)
SPORE™ Creature Creator Trial Edition (Version: 1.00.0000)
Spybot - Search & Destroy (Version: 1.6.2)
Synaptics TouchPad Driver (Version: 15.3.11.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Vacation Quest - The Hawaiian Islands (Version: 2.2.0.97)
Virtual Villagers 5 - New Believers (Version: 2.2.0.97)
Vz In Home Agent (Version: 8.03.53)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Wizard101 (Version: 1.0.0)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 49%
Total physical RAM: 3947.86 MB
Available physical RAM: 2006.63 MB
Total Pagefile: 7893.91 MB
Available Pagefile: 5697.31 MB
Total Virtual: 4095.88 MB
Available Virtual: 3982.05 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:446.98 GB) (Free:331.09 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:14.61 GB) (Free:1.62 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:3.9 GB) FAT32

========================= Users: ========================================

User accounts for \\MORAN-HP

Administrator Guest Moran
Tessa Tully


**** End of log ****

11:45:00.0231 2144 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:45:02.0242 2144 ============================================================
11:45:02.0242 2144 Current date / time: 2012/12/22 11:45:02.0242
11:45:02.0242 2144 SystemInfo:
11:45:02.0242 2144
11:45:02.0242 2144 OS Version: 6.1.7601 ServicePack: 1.0
11:45:02.0242 2144 Product type: Workstation
11:45:02.0242 2144 ComputerName: MORAN-HP
11:45:02.0243 2144 UserName: Moran
11:45:02.0243 2144 Windows directory: C:\Windows
11:45:02.0243 2144 System windows directory: C:\Windows
11:45:02.0243 2144 Running under WOW64
11:45:02.0243 2144 Processor architecture: Intel x64
11:45:02.0243 2144 Number of processors: 2
11:45:02.0243 2144 Page size: 0x1000
11:45:02.0243 2144 Boot type: Normal boot
11:45:02.0243 2144 ============================================================
11:45:02.0754 2144 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:45:02.0759 2144 ============================================================
11:45:02.0759 2144 \Device\Harddisk0\DR0:
11:45:02.0760 2144 MBR partitions:
11:45:02.0760 2144 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
11:45:02.0760 2144 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37DF8000
11:45:02.0760 2144 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37E5C000, BlocksNum 0x1D3A000
11:45:02.0760 2144 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39B96000, BlocksNum 0x7EF830
11:45:02.0760 2144 ============================================================
11:45:02.0779 2144 C: <-> \Device\Harddisk0\DR0\Partition2
11:45:02.0889 2144 D: <-> \Device\Harddisk0\DR0\Partition3
11:45:02.0939 2144 E: <-> \Device\Harddisk0\DR0\Partition4
11:45:02.0939 2144 ============================================================
11:45:02.0939 2144 Initialize success
11:45:02.0939 2144 ============================================================
11:45:18.0464 7144 ============================================================
11:45:18.0464 7144 Scan started
11:45:18.0464 7144 Mode: Manual; TDLFS;
11:45:18.0464 7144 ============================================================
11:45:18.0920 7144 ================ Scan system memory ========================
11:45:18.0921 7144 System memory - ok
11:45:18.0922 7144 ================ Scan services =============================
11:45:19.0131 7144 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:45:19.0138 7144 1394ohci - ok
11:45:19.0186 7144 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:45:19.0195 7144 ACPI - ok
11:45:19.0256 7144 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:45:19.0258 7144 AcpiPmi - ok
11:45:19.0393 7144 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:45:19.0397 7144 AdobeARMservice - ok
11:45:19.0599 7144 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:45:19.0605 7144 AdobeFlashPlayerUpdateSvc - ok
11:45:19.0672 7144 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:45:19.0684 7144 adp94xx - ok
11:45:19.0742 7144 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:45:19.0751 7144 adpahci - ok
11:45:19.0784 7144 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:45:19.0789 7144 adpu320 - ok
11:45:19.0827 7144 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:45:19.0831 7144 AeLookupSvc - ok
11:45:19.0926 7144 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:45:19.0930 7144 AERTFilters - ok
11:45:19.0994 7144 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:45:20.0006 7144 AFD - ok
11:45:20.0063 7144 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:45:20.0067 7144 agp440 - ok
11:45:20.0105 7144 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:45:20.0109 7144 ALG - ok
11:45:20.0185 7144 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:45:20.0187 7144 aliide - ok
11:45:20.0213 7144 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:45:20.0216 7144 amdide - ok
11:45:20.0254 7144 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:45:20.0257 7144 AmdK8 - ok
11:45:20.0276 7144 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:45:20.0279 7144 AmdPPM - ok
11:45:20.0310 7144 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:45:20.0314 7144 amdsata - ok
11:45:20.0394 7144 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:45:20.0400 7144 amdsbs - ok
11:45:20.0418 7144 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:45:20.0421 7144 amdxata - ok
11:45:20.0466 7144 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:45:20.0469 7144 AppID - ok
11:45:20.0540 7144 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:45:20.0543 7144 AppIDSvc - ok
11:45:20.0561 7144 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:45:20.0565 7144 Appinfo - ok
11:45:20.0630 7144 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:45:20.0635 7144 Apple Mobile Device - ok
11:45:20.0663 7144 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
11:45:20.0668 7144 arc - ok
11:45:20.0695 7144 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:45:20.0699 7144 arcsas - ok
11:45:20.0736 7144 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
11:45:20.0738 7144 aswFsBlk - ok
11:45:20.0774 7144 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
11:45:20.0777 7144 aswMonFlt - ok
11:45:20.0832 7144 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
11:45:20.0836 7144 aswRdr - ok
11:45:20.0881 7144 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
11:45:20.0916 7144 aswSnx - ok
11:45:20.0958 7144 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
11:45:20.0968 7144 aswSP - ok
11:45:21.0008 7144 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
11:45:21.0012 7144 aswTdi - ok
11:45:21.0052 7144 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:45:21.0053 7144 AsyncMac - ok
11:45:21.0085 7144 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:45:21.0088 7144 atapi - ok
11:45:21.0131 7144 [ A434E093CD25870E5D32CB0B70C442ED ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
11:45:21.0134 7144 AthBTPort - ok
11:45:21.0182 7144 [ 4C4A576818EA028257C624AE36FF7A03 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
11:45:21.0187 7144 Atheros Bt&Wlan Coex Agent - ok
11:45:21.0216 7144 [ B5D481BF07E7026D05798F4AD84D25D2 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
11:45:21.0220 7144 AtherosSvc - ok
11:45:21.0373 7144 [ B4421D8CDADC441F76BA39532A3E3414 ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:45:21.0492 7144 athr - ok
11:45:21.0574 7144 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:45:21.0608 7144 AudioEndpointBuilder - ok
11:45:21.0637 7144 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:45:21.0648 7144 AudioSrv - ok
11:45:21.0720 7144 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:45:21.0722 7144 avast! Antivirus - ok
11:45:21.0760 7144 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:45:21.0764 7144 AxInstSV - ok
11:45:21.0825 7144 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:45:21.0835 7144 b06bdrv - ok
11:45:21.0855 7144 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:45:21.0862 7144 b57nd60a - ok
11:45:21.0945 7144 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
11:45:21.0950 7144 BBSvc - ok
11:45:22.0012 7144 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
11:45:22.0058 7144 BCM43XX - ok
11:45:22.0106 7144 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:45:22.0111 7144 BDESVC - ok
11:45:22.0130 7144 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:45:22.0133 7144 Beep - ok
11:45:22.0185 7144 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:45:22.0207 7144 BFE - ok
11:45:22.0263 7144 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
11:45:22.0298 7144 BITS - ok
11:45:22.0344 7144 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:45:22.0347 7144 blbdrive - ok
11:45:22.0400 7144 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:45:22.0411 7144 Bonjour Service - ok
11:45:22.0454 7144 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:45:22.0458 7144 bowser - ok
11:45:22.0481 7144 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:45:22.0484 7144 BrFiltLo - ok
11:45:22.0511 7144 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:45:22.0513 7144 BrFiltUp - ok
11:45:22.0561 7144 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:45:22.0566 7144 Browser - ok
11:45:22.0592 7144 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:45:22.0601 7144 Brserid - ok
11:45:22.0620 7144 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:45:22.0623 7144 BrSerWdm - ok
11:45:22.0642 7144 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:45:22.0645 7144 BrUsbMdm - ok
11:45:22.0666 7144 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:45:22.0669 7144 BrUsbSer - ok
11:45:22.0713 7144 [ 403C0207E3822C418019F102547C5554 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
11:45:22.0723 7144 BTATH_A2DP - ok
11:45:22.0751 7144 [ BB87CFD9B40ABB0FEC1C7C229F1E2382 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
11:45:22.0756 7144 btath_avdt - ok
11:45:22.0796 7144 [ D6EAD8F45ECBEDE3B1ADBEE5F075E0E2 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
11:45:22.0800 7144 BTATH_BUS - ok
11:45:22.0836 7144 [ 557BC22D5AC7FB5DD51AD00F0A03BE09 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
11:45:22.0841 7144 BTATH_HCRP - ok
11:45:22.0873 7144 [ F4838669AB510FEEBAF9142B778FE816 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
11:45:22.0876 7144 BTATH_LWFLT - ok
11:45:22.0902 7144 [ 4225B326514F20BAB3751E532F403D1D ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
11:45:22.0910 7144 BTATH_RCP - ok
11:45:22.0967 7144 [ EDA7D9B1137004A0CC0FF84330010103 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
11:45:22.0987 7144 BtFilter - ok
11:45:23.0053 7144 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
11:45:23.0056 7144 BthEnum - ok
11:45:23.0099 7144 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:45:23.0103 7144 BTHMODEM - ok
11:45:23.0128 7144 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:45:23.0133 7144 BthPan - ok
11:45:23.0172 7144 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
11:45:23.0191 7144 BTHPORT - ok
11:45:23.0225 7144 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:45:23.0229 7144 bthserv - ok
11:45:23.0254 7144 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
11:45:23.0258 7144 BTHUSB - ok
11:45:23.0287 7144 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:45:23.0291 7144 cdfs - ok
11:45:23.0345 7144 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:45:23.0350 7144 cdrom - ok
11:45:23.0395 7144 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:45:23.0399 7144 CertPropSvc - ok
11:45:23.0447 7144 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
11:45:23.0450 7144 circlass - ok
11:45:23.0477 7144 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:45:23.0486 7144 CLFS - ok
11:45:23.0567 7144 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:45:23.0571 7144 clr_optimization_v2.0.50727_32 - ok
11:45:23.0622 7144 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:45:23.0628 7144 clr_optimization_v2.0.50727_64 - ok
11:45:23.0725 7144 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:45:23.0757 7144 clr_optimization_v4.0.30319_32 - ok
11:45:23.0808 7144 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:45:23.0813 7144 clr_optimization_v4.0.30319_64 - ok
11:45:23.0863 7144 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
11:45:23.0867 7144 clwvd - ok
11:45:23.0897 7144 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
11:45:23.0900 7144 CmBatt - ok
11:45:23.0917 7144 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:45:23.0920 7144 cmdide - ok
11:45:23.0989 7144 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:45:24.0001 7144 CNG - ok
11:45:24.0075 7144 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:45:24.0078 7144 Compbatt - ok
11:45:24.0158 7144 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:45:24.0161 7144 CompositeBus - ok
11:45:24.0187 7144 COMSysApp - ok
11:45:24.0208 7144 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:45:24.0211 7144 crcdisk - ok
11:45:24.0274 7144 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:45:24.0281 7144 CryptSvc - ok
11:45:24.0454 7144 [ B06CBD99F70A05210AD6D3CE9ABD3E66 ] CwAltaService20 C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe
11:45:24.0547 7144 CwAltaService20 - ok
11:45:24.0606 7144 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:45:24.0641 7144 DcomLaunch - ok
11:45:24.0684 7144 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:45:24.0694 7144 defragsvc - ok
11:45:24.0726 7144 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:45:24.0731 7144 DfsC - ok
11:45:24.0766 7144 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:45:24.0776 7144 Dhcp - ok
11:45:24.0796 7144 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:45:24.0799 7144 discache - ok
11:45:24.0847 7144 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
11:45:24.0852 7144 Disk - ok
11:45:24.0894 7144 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:45:24.0902 7144 Dnscache - ok
11:45:24.0924 7144 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:45:24.0933 7144 dot3svc - ok
11:45:24.0958 7144 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:45:24.0965 7144 DPS - ok
11:45:25.0004 7144 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:45:25.0007 7144 drmkaud - ok
11:45:25.0056 7144 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:45:25.0091 7144 DXGKrnl - ok
11:45:25.0107 7144 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:45:25.0113 7144 EapHost - ok
11:45:25.0216 7144 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:45:25.0308 7144 ebdrv - ok
11:45:25.0354 7144 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:45:25.0359 7144 EFS - ok
11:45:25.0432 7144 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:45:25.0451 7144 ehRecvr - ok
11:45:25.0473 7144 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:45:25.0476 7144 ehSched - ok
11:45:25.0519 7144 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:45:25.0530 7144 elxstor - ok
11:45:25.0557 7144 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:45:25.0559 7144 ErrDev - ok
11:45:25.0614 7144 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:45:25.0626 7144 EventSystem - ok
11:45:25.0650 7144 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:45:25.0656 7144 exfat - ok
11:45:25.0682 7144 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:45:25.0689 7144 fastfat - ok
11:45:25.0746 7144 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:45:25.0781 7144 Fax - ok
11:45:25.0819 7144 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
11:45:25.0823 7144 fdc - ok
11:45:25.0851 7144 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:45:25.0855 7144 fdPHost - ok
11:45:25.0876 7144 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:45:25.0882 7144 FDResPub - ok
11:45:25.0897 7144 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:45:25.0901 7144 FileInfo - ok
11:45:25.0916 7144 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:45:25.0919 7144 Filetrace - ok
11:45:25.0950 7144 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:45:25.0953 7144 flpydisk - ok
11:45:25.0983 7144 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:45:25.0990 7144 FltMgr - ok
11:45:26.0057 7144 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:45:26.0104 7144 FontCache - ok
11:45:26.0166 7144 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:45:26.0170 7144 FontCache3.0.0.0 - ok
11:45:26.0188 7144 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:45:26.0191 7144 FsDepends - ok
11:45:26.0237 7144 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
11:45:26.0240 7144 fssfltr - ok
11:45:26.0370 7144 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
11:45:26.0416 7144 fsssvc - ok
11:45:26.0463 7144 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:45:26.0466 7144 Fs_Rec - ok
11:45:26.0522 7144 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:45:26.0528 7144 fvevol - ok
11:45:26.0570 7144 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:45:26.0574 7144 gagp30kx - ok
11:45:26.0626 7144 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:45:26.0630 7144 GEARAspiWDM - ok
11:45:26.0671 7144 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:45:26.0706 7144 gpsvc - ok
11:45:26.0804 7144 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:45:26.0809 7144 gupdate - ok
11:45:26.0836 7144 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:45:26.0839 7144 gupdatem - ok
11:45:26.0875 7144 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:45:26.0878 7144 hcw85cir - ok
11:45:26.0916 7144 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:45:26.0925 7144 HdAudAddService - ok
11:45:26.0949 7144 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:45:26.0954 7144 HDAudBus - ok
11:45:26.0982 7144 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:45:26.0985 7144 HidBatt - ok
11:45:27.0007 7144 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:45:27.0011 7144 HidBth - ok
11:45:27.0035 7144 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
11:45:27.0039 7144 HidIr - ok
11:45:27.0061 7144 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:45:27.0067 7144 hidserv - ok
11:45:27.0106 7144 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:45:27.0109 7144 HidUsb - ok
11:45:27.0148 7144 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:45:27.0155 7144 hkmsvc - ok
11:45:27.0183 7144 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:45:27.0193 7144 HomeGroupListener - ok
11:45:27.0222 7144 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:45:27.0233 7144 HomeGroupProvider - ok
11:45:27.0313 7144 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
11:45:27.0346 7144 HPAuto - ok
11:45:27.0391 7144 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
11:45:27.0400 7144 HPClientSvc - ok
11:45:27.0521 7144 [ 8F123D1FA65ADECEA0244C615EA95DFA ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
11:45:27.0556 7144 hpCMSrv - ok
11:45:27.0614 7144 [ C958976C7DAAF47084A33EBBC6E28B84 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
11:45:27.0618 7144 HPDrvMntSvc.exe - ok
11:45:27.0710 7144 [ 09FBD4C4DB2FD84B9AB1C5BFDCC95559 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
11:45:27.0744 7144 hpqwmiex - ok
11:45:27.0809 7144 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:45:27.0813 7144 HpSAMD - ok
11:45:27.0849 7144 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:45:27.0884 7144 HTTP - ok
11:45:27.0903 7144 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:45:27.0906 7144 hwpolicy - ok
11:45:27.0945 7144 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:45:27.0950 7144 i8042prt - ok
11:45:28.0011 7144 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:45:28.0019 7144 iaStor - ok
11:45:28.0080 7144 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:45:28.0083 7144 IAStorDataMgrSvc - ok
11:45:28.0126 7144 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:45:28.0136 7144 iaStorV - ok
11:45:28.0242 7144 [ E4693409D06785477A49FB34AFAE1B92 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
11:45:28.0622 7144 IconMan_R - ok
11:45:28.0701 7144 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:45:28.0708 7144 IDriverT - ok
11:45:28.0777 7144 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:45:28.0812 7144 idsvc - ok
11:45:29.0165 7144 [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:45:29.0478 7144 igfx - ok
11:45:29.0615 7144 [ 23E1BCADABE423C35C19BBDFF10CCE6D ] IHA_MessageCenter C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
11:45:29.0624 7144 IHA_MessageCenter - ok
11:45:29.0660 7144 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:45:29.0663 7144 iirsp - ok
11:45:29.0707 7144 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:45:29.0742 7144 IKEEXT - ok
11:45:29.0836 7144 [ 336C3A6BF14D5A9AF35AF07C6B6B29CD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:45:29.0926 7144 IntcAzAudAddService - ok
11:45:29.0966 7144 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:45:29.0969 7144 intelide - ok
11:45:30.0009 7144 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:45:30.0013 7144 intelppm - ok
11:45:30.0044 7144 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:45:30.0051 7144 IPBusEnum - ok
11:45:30.0100 7144 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:45:30.0104 7144 IpFilterDriver - ok
11:45:30.0185 7144 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:45:30.0218 7144 iphlpsvc - ok
11:45:30.0281 7144 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:45:30.0289 7144 IPMIDRV - ok
11:45:30.0309 7144 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:45:30.0314 7144 IPNAT - ok
11:45:30.0388 7144 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:45:30.0422 7144 iPod Service - ok
11:45:30.0461 7144 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:45:30.0465 7144 IRENUM - ok
11:45:30.0482 7144 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:45:30.0485 7144 isapnp - ok
11:45:30.0509 7144 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:45:30.0518 7144 iScsiPrt - ok
11:45:30.0541 7144 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
11:45:30.0544 7144 kbdclass - ok
11:45:30.0576 7144 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:45:30.0579 7144 kbdhid - ok
11:45:30.0620 7144 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:45:30.0625 7144 KeyIso - ok
11:45:30.0674 7144 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:45:30.0679 7144 KSecDD - ok
11:45:30.0702 7144 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:45:30.0707 7144 KSecPkg - ok
11:45:30.0722 7144 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:45:30.0725 7144 ksthunk - ok
11:45:30.0773 7144 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:45:30.0787 7144 KtmRm - ok
11:45:30.0826 7144 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:45:30.0839 7144 LanmanServer - ok
11:45:30.0876 7144 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:45:30.0888 7144 LanmanWorkstation - ok
11:45:30.0931 7144 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:45:30.0935 7144 lltdio - ok
11:45:30.0957 7144 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:45:30.0969 7144 lltdsvc - ok
11:45:31.0000 7144 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:45:31.0006 7144 lmhosts - ok
11:45:31.0062 7144 [ D7E0BED3EA21D7BDDD410ADE51708D90 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:45:31.0070 7144 LMS - ok
11:45:31.0129 7144 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:45:31.0134 7144 LSI_FC - ok
11:45:31.0172 7144 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:45:31.0176 7144 LSI_SAS - ok
11:45:31.0204 7144 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:45:31.0208 7144 LSI_SAS2 - ok
11:45:31.0232 7144 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:45:31.0237 7144 LSI_SCSI - ok
11:45:31.0256 7144 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:45:31.0261 7144 luafv - ok
11:45:31.0313 7144 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:45:31.0322 7144 Mcx2Svc - ok
11:45:31.0364 7144 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
11:45:31.0367 7144 megasas - ok
11:45:31.0398 7144 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:45:31.0406 7144 MegaSR - ok
11:45:31.0449 7144 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:45:31.0452 7144 MEIx64 - ok
11:45:31.0482 7144 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:45:31.0489 7144 MMCSS - ok
11:45:31.0518 7144 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:45:31.0521 7144 Modem - ok
11:45:31.0557 7144 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:45:31.0559 7144 monitor - ok
11:45:31.0590 7144 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:45:31.0594 7144 mouclass - ok
11:45:31.0619 7144 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:45:31.0623 7144 mouhid - ok
11:45:31.0675 7144 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:45:31.0679 7144 mountmgr - ok
11:45:31.0736 7144 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:45:31.0741 7144 MozillaMaintenance - ok
11:45:31.0770 7144 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:45:31.0776 7144 mpio - ok
11:45:31.0795 7144 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:45:31.0799 7144 mpsdrv - ok
11:45:31.0845 7144 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:45:31.0880 7144 MpsSvc - ok
11:45:31.0903 7144 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:45:31.0908 7144 MRxDAV - ok
11:45:31.0947 7144 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:45:31.0953 7144 mrxsmb - ok
11:45:32.0014 7144 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:45:32.0023 7144 mrxsmb10 - ok
11:45:32.0050 7144 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:45:32.0055 7144 mrxsmb20 - ok
11:45:32.0069 7144 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:45:32.0072 7144 msahci - ok
11:45:32.0104 7144 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:45:32.0110 7144 msdsm - ok
11:45:32.0127 7144 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:45:32.0137 7144 MSDTC - ok
11:45:32.0167 7144 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:45:32.0170 7144 Msfs - ok
11:45:32.0189 7144 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:45:32.0191 7144 mshidkmdf - ok
11:45:32.0228 7144 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:45:32.0231 7144 msisadrv - ok
11:45:32.0268 7144 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:45:32.0277 7144 MSiSCSI - ok
11:45:32.0284 7144 msiserver - ok
11:45:32.0312 7144 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:45:32.0316 7144 MSKSSRV - ok
11:45:32.0346 7144 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:45:32.0349 7144 MSPCLOCK - ok
11:45:32.0356 7144 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:45:32.0359 7144 MSPQM - ok
11:45:32.0384 7144 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:45:32.0393 7144 MsRPC - ok
11:45:32.0434 7144 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:45:32.0437 7144 mssmbios - ok
11:45:32.0453 7144 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:45:32.0455 7144 MSTEE - ok
11:45:32.0476 7144 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:45:32.0480 7144 MTConfig - ok
11:45:32.0499 7144 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:45:32.0503 7144 Mup - ok
11:45:32.0540 7144 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:45:32.0574 7144 napagent - ok
11:45:32.0624 7144 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:45:32.0633 7144 NativeWifiP - ok
11:45:32.0706 7144 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:45:32.0741 7144 NDIS - ok
11:45:32.0774 7144 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:45:32.0777 7144 NdisCap - ok
11:45:32.0806 7144 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:45:32.0808 7144 NdisTapi - ok
11:45:32.0821 7144 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:45:32.0824 7144 Ndisuio - ok
11:45:32.0845 7144 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:45:32.0851 7144 NdisWan - ok
11:45:32.0874 7144 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:45:32.0878 7144 NDProxy - ok
11:45:32.0897 7144 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:45:32.0900 7144 NetBIOS - ok
11:45:32.0916 7144 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:45:32.0922 7144 NetBT - ok
11:45:32.0942 7144 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:45:32.0947 7144 Netlogon - ok
11:45:32.0995 7144 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:45:33.0009 7144 Netman - ok
11:45:33.0037 7144 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:45:33.0058 7144 netprofm - ok
11:45:33.0102 7144 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:45:33.0107 7144 NetTcpPortSharing - ok
11:45:33.0149 7144 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:45:33.0153 7144 nfrd960 - ok
11:45:33.0208 7144 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:45:33.0222 7144 NlaSvc - ok
11:45:33.0252 7144 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:45:33.0256 7144 Npfs - ok
11:45:33.0267 7144 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:45:33.0275 7144 nsi - ok
11:45:33.0287 7144 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:45:33.0291 7144 nsiproxy - ok
11:45:33.0376 7144 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:45:33.0433 7144 Ntfs - ok
11:45:33.0455 7144 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:45:33.0458 7144 Null - ok
11:45:33.0502 7144 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
11:45:33.0513 7144 NVENETFD - ok
11:45:33.0550 7144 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:45:33.0557 7144 nvraid - ok
11:45:33.0594 7144 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:45:33.0600 7144 nvstor - ok
11:45:33.0624 7144 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:45:33.0629 7144 nv_agp - ok
11:45:33.0650 7144 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:45:33.0654 7144 ohci1394 - ok
11:45:33.0733 7144 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:45:33.0739 7144 ose - ok
11:45:33.0951 7144 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:45:34.0075 7144 osppsvc - ok
11:45:34.0116 7144 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:45:34.0127 7144 p2pimsvc - ok
11:45:34.0163 7144 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:45:34.0186 7144 p2psvc - ok
11:45:34.0220 7144 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
11:45:34.0226 7144 Parport - ok
11:45:34.0264 7144 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:45:34.0268 7144 partmgr - ok
11:45:34.0280 7144 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:45:34.0290 7144 PcaSvc - ok
11:45:34.0332 7144 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:45:34.0339 7144 pci - ok
11:45:34.0374 7144 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:45:34.0377 7144 pciide - ok
11:45:34.0400 7144 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:45:34.0407 7144 pcmcia - ok
11:45:34.0423 7144 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:45:34.0426 7144 pcw - ok
11:45:34.0461 7144 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:45:34.0484 7144 PEAUTH - ok
11:45:34.0599 7144 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:45:34.0606 7144 PerfHost - ok
11:45:34.0683 7144 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:45:34.0741 7144 pla - ok
11:45:34.0790 7144 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:45:34.0823 7144 PlugPlay - ok
11:45:34.0843 7144 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:45:34.0852 7144 PNRPAutoReg - ok
11:45:34.0883 7144 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:45:34.0895 7144 PNRPsvc - ok
11:45:34.0932 7144 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:45:34.0950 7144 PolicyAgent - ok
11:45:34.0983 7144 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:45:34.0996 7144 Power - ok
11:45:35.0046 7144 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:45:35.0051 7144 PptpMiniport - ok
11:45:35.0092 7144 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
11:45:35.0096 7144 Processor - ok
11:45:35.0151 7144 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:45:35.0162 7144 ProfSvc - ok
11:45:35.0187 7144 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:45:35.0193 7144 ProtectedStorage - ok
11:45:35.0219 7144 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:45:35.0225 7144 Psched - ok
11:45:35.0289 7144 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:45:35.0336 7144 ql2300 - ok
11:45:35.0360 7144 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:45:35.0366 7144 ql40xx - ok
11:45:35.0404 7144 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:45:35.0416 7144 QWAVE - ok
11:45:35.0455 7144 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:45:35.0459 7144 QWAVEdrv - ok
11:45:35.0478 7144 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:45:35.0482 7144 RasAcd - ok
11:45:35.0524 7144 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:45:35.0527 7144 RasAgileVpn - ok
11:45:35.0551 7144 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:45:35.0561 7144 RasAuto - ok
11:45:35.0581 7144 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:45:35.0586 7144 Rasl2tp - ok
11:45:35.0615 7144 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:45:35.0636 7144 RasMan - ok
11:45:35.0661 7144 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:45:35.0666 7144 RasPppoe - ok
11:45:35.0682 7144 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:45:35.0686 7144 RasSstp - ok
11:45:35.0714 7144 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:45:35.0723 7144 rdbss - ok
11:45:35.0762 7144 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
11:45:35.0766 7144 rdpbus - ok
11:45:35.0785 7144 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:45:35.0788 7144 RDPCDD - ok
11:45:35.0835 7144 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:45:35.0838 7144 RDPENCDD - ok
11:45:35.0859 7144 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:45:35.0863 7144 RDPREFMP - ok
11:45:35.0912 7144 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:45:35.0919 7144 RDPWD - ok
11:45:35.0948 7144 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:45:35.0955 7144 rdyboost - ok
11:45:36.0016 7144 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:45:36.0025 7144 RemoteAccess - ok
11:45:36.0057 7144 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:45:36.0068 7144 RemoteRegistry - ok
11:45:36.0126 7144 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:45:36.0133 7144 RFCOMM - ok
11:45:36.0194 7144 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
11:45:36.0206 7144 RoxioNow Service - ok
11:45:36.0237 7144 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:45:36.0246 7144 RpcEptMapper - ok
11:45:36.0278 7144 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:45:36.0284 7144 RpcLocator - ok
11:45:36.0333 7144 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:45:36.0348 7144 RpcSs - ok
11:45:36.0392 7144 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
11:45:36.0406 7144 RSPCIESTOR - ok
11:45:36.0450 7144 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:45:36.0454 7144 rspndr - ok
11:45:36.0504 7144 [ 3372196F61AF48503656EF6AA3E92D1B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:45:36.0515 7144 RTL8167 - ok
11:45:36.0531 7144 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:45:36.0537 7144 SamSs - ok
11:45:36.0560 7144 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:45:36.0565 7144 sbp2port - ok
11:45:36.0661 7144 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
11:45:36.0697 7144 SBSDWSCService - ok
11:45:36.0725 7144 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:45:36.0740 7144 SCardSvr - ok
11:45:36.0757 7144 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:45:36.0761 7144 scfilter - ok
11:45:36.0802 7144 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:45:36.0849 7144 Schedule - ok
11:45:36.0882 7144 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:45:36.0885 7144 SCPolicySvc - ok
11:45:36.0920 7144 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
11:45:36.0925 7144 sdbus - ok
11:45:36.0945 7144 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:45:36.0957 7144 SDRSVC - ok
11:45:37.0071 7144 [ 78779EE07231C658B483B1F38B5088DF ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
11:45:37.0077 7144 SeaPort - ok
11:45:37.0111 7144 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:45:37.0115 7144 secdrv - ok
11:45:37.0130 7144 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:45:37.0139 7144 seclogon - ok
11:45:37.0156 7144 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:45:37.0166 7144 SENS - ok
11:45:37.0196 7144 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:45:37.0205 7144 SensrSvc - ok
11:45:37.0257 7144 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
11:45:37.0261 7144 Serenum - ok
11:45:37.0292 7144 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
11:45:37.0297 7144 Serial - ok
11:45:37.0339 7144 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:45:37.0343 7144 sermouse - ok
11:45:37.0385 7144 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:45:37.0396 7144 SessionEnv - ok
11:45:37.0415 7144 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:45:37.0418 7144 sffdisk - ok
11:45:37.0463 7144 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:45:37.0466 7144 sffp_mmc - ok
11:45:37.0494 7144 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:45:37.0498 7144 sffp_sd - ok
11:45:37.0531 7144 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:45:37.0535 7144 sfloppy - ok
11:45:37.0581 7144 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:45:37.0620 7144 SharedAccess - ok
11:45:37.0667 7144 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:45:37.0687 7144 ShellHWDetection - ok
11:45:37.0705 7144 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:45:37.0709 7144 SiSRaid2 - ok
11:45:37.0738 7144 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:45:37.0742 7144 SiSRaid4 - ok
11:45:37.0834 7144 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:45:37.0839 7144 SkypeUpdate - ok
11:45:37.0878 7144 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:45:37.0883 7144 Smb - ok
11:45:37.0932 7144 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:45:37.0941 7144 SNMPTRAP - ok
11:45:37.0974 7144 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:45:37.0978 7144 spldr - ok
11:45:38.0037 7144 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:45:38.0071 7144 Spooler - ok
11:45:38.0194 7144 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:45:38.0297 7144 sppsvc - ok
11:45:38.0317 7144 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:45:38.0327 7144 sppuinotify - ok
11:45:38.0366 7144 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:45:38.0378 7144 srv - ok
11:45:38.0408 7144 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:45:38.0420 7144 srv2 - ok
11:45:38.0462 7144 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
11:45:38.0471 7144 SrvHsfHDA - ok
11:45:38.0533 7144 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
11:45:38.0579 7144 SrvHsfV92 - ok
11:45:38.0620 7144 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
11:45:38.0654 7144 SrvHsfWinac - ok
11:45:38.0680 7144 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:45:38.0686 7144 srvnet - ok
11:45:38.0744 7144 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:45:38.0756 7144 SSDPSRV - ok
11:45:38.0783 7144 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:45:38.0794 7144 SstpSvc - ok
11:45:38.0824 7144 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:45:38.0829 7144 stexstor - ok
11:45:38.0892 7144 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
11:45:38.0896 7144 StillCam - ok
11:45:38.0938 7144 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:45:38.0972 7144 stisvc - ok
11:45:39.0003 7144 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:45:39.0006 7144 swenum - ok
11:45:39.0038 7144 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:45:39.0073 7144 swprv - ok
11:45:39.0158 7144 [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:45:39.0203 7144 SynTP - ok
11:45:39.0269 7144 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:45:39.0327 7144 SysMain - ok
11:45:39.0349 7144 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:45:39.0360 7144 TabletInputService - ok
11:45:39.0391 7144 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:45:39.0413 7144 TapiSrv - ok
11:45:39.0433 7144 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:45:39.0443 7144 TBS - ok
11:45:39.0571 7144 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:45:39.0673 7144 Tcpip - ok
11:45:39.0747 7144 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:45:39.0776 7144 TCPIP6 - ok
11:45:39.0841 7144 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:45:39.0845 7144 tcpipreg - ok
11:45:39.0878 7144 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:45:39.0881 7144 TDPIPE - ok
11:45:39.0929 7144 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:45:39.0932 7144 TDTCP - ok
11:45:39.0955 7144 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:45:39.0963 7144 tdx - ok
11:45:40.0018 7144 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:45:40.0022 7144 TermDD - ok
11:45:40.0071 7144 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:45:40.0105 7144 TermService - ok
11:45:40.0130 7144 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:45:40.0140 7144 Themes - ok
11:45:40.0171 7144 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:45:40.0177 7144 THREADORDER - ok
11:45:40.0198 7144 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:45:40.0210 7144 TrkWks - ok
11:45:40.0269 7144 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:45:40.0275 7144 TrustedInstaller - ok
11:45:40.0296 7144 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:45:40.0300 7144 tssecsrv - ok
11:45:40.0359 7144 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:45:40.0363 7144 TsUsbFlt - ok
11:45:40.0394 7144 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:45:40.0398 7144 TsUsbGD - ok
11:45:40.0437 7144 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:45:40.0442 7144 tunnel - ok
11:45:40.0468 7144 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:45:40.0472 7144 uagp35 - ok
11:45:40.0500 7144 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:45:40.0510 7144 udfs - ok
11:45:40.0544 7144 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:45:40.0555 7144 UI0Detect - ok
11:45:40.0598 7144 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:45:40.0602 7144 uliagpkx - ok
11:45:40.0652 7144 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:45:40.0656 7144 umbus - ok
11:45:40.0674 7144 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
11:45:40.0678 7144 UmPass - ok
11:45:40.0781 7144 [ A678E5DDD974903DD71F503BDCACA218 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:45:40.0862 7144 UNS - ok
11:45:40.0904 7144 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:45:40.0926 7144 upnphost - ok
11:45:40.0977 7144 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:45:40.0982 7144 USBAAPL64 - ok
11:45:40.0998 7144 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:45:41.0004 7144 usbccgp - ok
11:45:41.0048 7144 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:45:41.0053 7144 usbcir - ok
11:45:41.0081 7144 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:45:41.0084 7144 usbehci - ok
11:45:41.0128 7144 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
11:45:41.0138 7144 usbhub - ok
11:45:41.0168 7144 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:45:41.0172 7144 usbohci - ok
11:45:41.0195 7144 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
11:45:41.0198 7144 usbprint - ok
11:45:41.0226 7144 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:45:41.0230 7144 USBSTOR - ok
11:45:41.0275 7144 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:45:41.0278 7144 usbuhci - ok
11:45:41.0324 7144 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:45:41.0331 7144 usbvideo - ok
11:45:41.0369 7144 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:45:41.0379 7144 UxSms - ok
11:45:41.0387 7144 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:45:41.0393 7144 VaultSvc - ok
11:45:41.0404 7144 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:45:41.0408 7144 vdrvroot - ok
11:45:41.0444 7144 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:45:41.0478 7144 vds - ok
11:45:41.0510 7144 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:45:41.0514 7144 vga - ok
11:45:41.0540 7144 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:45:41.0543 7144 VgaSave - ok
11:45:41.0574 7144 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:45:41.0581 7144 vhdmp - ok
11:45:41.0604 7144 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:45:41.0608 7144 viaide - ok
11:45:41.0635 7144 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:45:41.0639 7144 volmgr - ok
11:45:41.0671 7144 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:45:41.0681 7144 volmgrx - ok
11:45:41.0721 7144 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:45:41.0729 7144 volsnap - ok
11:45:41.0795 7144 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
11:45:41.0802 7144 vpcbus - ok
11:45:41.0858 7144 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
11:45:41.0862 7144 vpcnfltr - ok
11:45:41.0876 7144 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
11:45:41.0881 7144 vpcusb - ok
11:45:41.0949 7144 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
11:45:41.0960 7144 vpcvmm - ok
11:45:42.0028 7144 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:45:42.0035 7144 vsmraid - ok
11:45:42.0116 7144 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:45:42.0185 7144 VSS - ok
11:45:42.0223 7144 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:45:42.0227 7144 vwifibus - ok
11:45:42.0255 7144 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:45:42.0260 7144 vwififlt - ok
11:45:42.0279 7144 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:45:42.0282 7144 vwifimp - ok
11:45:42.0328 7144 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:45:42.0362 7144 W32Time - ok
11:45:42.0417 7144 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:45:42.0420 7144 WacomPen - ok
11:45:42.0491 7144 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:45:42.0496 7144 WANARP - ok
11:45:42.0519 7144 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:45:42.0522 7144 Wanarpv6 - ok
11:45:42.0609 7144 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:45:42.0656 7144 WatAdminSvc - ok
11:45:42.0723 7144 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:45:42.0780 7144 wbengine - ok
11:45:42.0808 7144 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:45:42.0822 7144 WbioSrvc - ok
11:45:42.0852 7144 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:45:42.0898 7144 wcncsvc - ok
11:45:42.0919 7144 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:45:42.0930 7144 WcsPlugInService - ok
11:45:42.0959 7144 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
11:45:42.0963 7144 Wd - ok
11:45:43.0021 7144 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:45:43.0056 7144 Wdf01000 - ok
11:45:43.0073 7144 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:45:43.0085 7144 WdiServiceHost - ok
11:45:43.0094 7144 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:45:43.0104 7144 WdiSystemHost - ok
11:45:43.0134 7144 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:45:43.0179 7144 WebClient - ok
11:45:43.0212 7144 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:45:43.0234 7144 Wecsvc - ok
11:45:43.0259 7144 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:45:43.0269 7144 wercplsupport - ok
11:45:43.0306 7144 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:45:43.0317 7144 WerSvc - ok
11:45:43.0358 7144 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:45:43.0362 7144 WfpLwf - ok
11:45:43.0387 7144 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:45:43.0390 7144 WIMMount - ok
11:45:43.0407 7144 WinDefend - ok
11:45:43.0418 7144 WinHttpAutoProxySvc - ok
11:45:43.0481 7144 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:45:43.0488 7144 Winmgmt - ok
11:45:43.0582 7144 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:45:43.0654 7144 WinRM - ok
11:45:43.0752 7144 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:45:43.0756 7144 WinUsb - ok
11:45:43.0804 7144 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:45:43.0848 7144 Wlansvc - ok
11:45:43.0910 7144 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:45:43.0914 7144 wlcrasvc - ok
11:45:44.0049 7144 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:45:44.0142 7144 wlidsvc - ok
11:45:44.0185 7144 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:45:44.0188 7144 WmiAcpi - ok
11:45:44.0232 7144 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:45:44.0239 7144 wmiApSrv - ok
11:45:44.0272 7144 WMPNetworkSvc - ok
11:45:44.0313 7144 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:45:44.0324 7144 WPCSvc - ok
11:45:44.0349 7144 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:45:44.0361 7144 WPDBusEnum - ok
11:45:44.0384 7144 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:45:44.0388 7144 ws2ifsl - ok
11:45:44.0407 7144 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
11:45:44.0419 7144 wscsvc - ok
11:45:44.0477 7144 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
11:45:44.0480 7144 WSDPrintDevice - ok
11:45:44.0487 7144 WSearch - ok
11:45:44.0601 7144 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:45:44.0682 7144 wuauserv - ok
11:45:44.0722 7144 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:45:44.0726 7144 WudfPf - ok
11:45:44.0751 7144 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:45:44.0757 7144 WUDFRd - ok
11:45:44.0795 7144 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:45:44.0807 7144 wudfsvc - ok
11:45:44.0844 7144 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
11:45:44.0866 7144 WwanSvc - ok
11:45:44.0927 7144 ================ Scan global ===============================
11:45:44.0951 7144 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:45:45.0011 7144 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
11:45:45.0039 7144 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
11:45:45.0084 7144 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:45:45.0135 7144 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:45:45.0157 7144 [Global] - ok
11:45:45.0158 7144 ================ Scan MBR ==================================
11:45:45.0170 7144 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:45:45.0536 7144 \Device\Harddisk0\DR0 - ok
11:45:45.0537 7144 ================ Scan VBR ==================================
11:45:45.0542 7144 [ BA72FC8F011517BAE74A14E1D32BC442 ] \Device\Harddisk0\DR0\Partition1
11:45:45.0545 7144 \Device\Harddisk0\DR0\Partition1 - ok
11:45:45.0582 7144 [ BAD902B82DA51254F6C18DAB28B744D6 ] \Device\Harddisk0\DR0\Partition2
11:45:45.0586 7144 \Device\Harddisk0\DR0\Partition2 - ok
11:45:45.0622 7144 [ F3D18C8FFABACF410AA7EC08B14CE07E ] \Device\Harddisk0\DR0\Partition3
11:45:45.0626 7144 \Device\Harddisk0\DR0\Partition3 - ok
11:45:45.0644 7144 [ 9049B407F5F88DD1CA8590C9C42E4F2F ] \Device\Harddisk0\DR0\Partition4
11:45:45.0646 7144 \Device\Harddisk0\DR0\Partition4 - ok
11:45:45.0647 7144 ============================================================
11:45:45.0647 7144 Scan finished
11:45:45.0647 7144 ============================================================
11:45:45.0666 3188 Detected object count: 0
11:45:45.0666 3188 Actual detected object count: 0

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:36 AM

Posted 22 December 2012 - 08:10 PM

OK,that was good ,no rootkits.

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
    64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u10-windows-i586.exe (or jre-7u10-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.




MBR Check
Download

http://download.bleepingcomputer.com/rootrepeal/MBRCheck.exe

Double click MBRCheck.exe

It will show a Black screen with some information that will contain either the below line if no problem is found:

Press ENTER to exit...

Or

you will see more information like below if a problem is found:
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:



How is it running now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 tntmm6

tntmm6
  • Topic Starter

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Local time:10:36 AM

Posted 23 December 2012 - 09:28 AM

Good Morning -

The MBR check found no errors. Everything seems to be ok, except in this forum when I scroll up and down the screen flashes to black and then to where I scrolled to, this is new behavior.

Edited by tntmm6, 23 December 2012 - 09:29 AM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:36 AM

Posted 23 December 2012 - 05:33 PM

Looks good to go...

Now you should Create a New Restore Point (alternate method) to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > All Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
Then use Disk Cleanup to remove all but the newly created Restore Point.

Merry Christmas :santa:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users