Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

programme to open Notepad\hosts


  • Please log in to reply
14 replies to this topic

#1 Reena

Reena

  • Members
  • 391 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:06:11 AM

Posted 27 December 2012 - 07:21 AM

I have just run HiJack This as my PC is behaving "oddly" and want to run HJT to check for problems.

The followingmessage pops up:

System denied write access to the hosts file etc. followed by the warning that HJT cannot help with high-jacking problems in the hosts file(s).

I followed the given advice notepadC:\Windows\Sysytem32\drivers\etc\hosts but then I am told:

There is no programme to perform the requested action, Please install programme, or if already installed create an association in the Default Programme's Control Panel.

I would be grateful for any help you can give me in completing this process and offer my thanks in advance.

Edited by hamluis, 27 December 2012 - 03:36 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Allan

Allan

  • BC Advisor
  • 8,602 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:02:11 AM

Posted 27 December 2012 - 07:36 AM

Define "behaving oddly". What EXACT problems are you having?

#3 md2lgyk

md2lgyk

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Virginia USA
  • Local time:01:11 AM

Posted 27 December 2012 - 08:07 AM

Don't know if Notepad is a feature that can be selectively installed or removed, but it comes with every version Windows I've ever used (started with 3.11 for Workgroups). Can you not right-click the hosts file and select to open with Notepad??

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:11 AM

Posted 27 December 2012 - 07:22 PM

Hello, are those the only times you cannot connect.?

Your How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the prompts in the Fix it wizard.


Can you run this?


Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Reena

Reena
  • Topic Starter

  • Members
  • 391 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:06:11 AM

Posted 28 December 2012 - 06:54 AM

Hamluis: Apologies for not including this post in the correct section.

Allan:
"behaving oddly". Freezing, the odd advert popping up , running slow. have used anti -Spyware Malware Antibytes ; (Superware Anti-Spyware Professional) and anti -virus programmes (AVG) and all seems well. Thought I'd have a look with HJT but the above message kept popping up before the report.

md2lgyk
Yes I have Notepad.

boopme: Thank you. I'll have a go at this and report back!

Edited by Reena, 28 December 2012 - 06:56 AM.


#6 Allan

Allan

  • BC Advisor
  • 8,602 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:02:11 AM

Posted 28 December 2012 - 07:41 AM



Allan:
"behaving oddly". Freezing, the odd advert popping up , running slow. have used anti -Spyware Malware Antibytes ; (Superware Anti-Spyware Professional) and anti -virus programmes (AVG) and all seems well. Thought I'd have a look with HJT but the above message kept popping up before the report.


It certainly sounds as though malware is a possibility. I suggest you post in the Am I Infected forum.

#7 Reena

Reena
  • Topic Starter

  • Members
  • 391 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:06:11 AM

Posted 28 December 2012 - 07:42 AM

TDS Skiller downloaded and reported : No threats found . I checked the information section and everything OK. deleted info before I checked log file!!
Tried to download this programme again and could npot do so.

Tried downlaoding MiniTools Box and this also could not be downloaded.

Allan:
Hamluis very kindly has re-posted this in the "Am I Infected " section.

Edited by Reena, 28 December 2012 - 07:44 AM.


#8 Reena

Reena
  • Topic Starter

  • Members
  • 391 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:06:11 AM

Posted 28 December 2012 - 07:52 AM

Saved MiniTools Box and it downloaded!! Here is the report:




MiniToolBox by Farbar Version: 25-11-2012
Ran by Maureen (administrator) on 28-12-2012 at 12:49:31
Running from "C:\Users\Maureen\Downloads"
Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Maureen-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 6C-F0-49-1F-88-26
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e873:565f:841:666%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 28 December 2012 12:08:50
Lease Expires . . . . . . . . . . : 29 December 2012 12:08:50
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 242020425
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-79-2A-EB-6C-F0-49-1F-88-26
DNS Servers . . . . . . . . . . . : 192.168.1.1
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{E1642E92-0487-4B46-9253-FBF1A5130228}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:1c4e:2241:3f57:fefd(Preferred)
Link-local IPv6 Address . . . . . : fe80::1c4e:2241:3f57:fefd%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2a00:1450:4009:806::1003
173.194.41.66
173.194.41.69
173.194.41.73
173.194.41.72
173.194.41.64
173.194.41.67
173.194.41.71
173.194.41.70
173.194.41.68
173.194.41.78
173.194.41.65


Pinging google.com [173.194.41.66] with 32 bytes of data:
Reply from 173.194.41.66: bytes=32 time=48ms TTL=54
Reply from 173.194.41.66: bytes=32 time=49ms TTL=54

Ping statistics for 173.194.41.66:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 48ms, Maximum = 49ms, Average = 48ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=158ms TTL=46
Reply from 98.139.183.24: bytes=32 time=155ms TTL=46

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 155ms, Maximum = 158ms, Average = 156ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...6c f0 49 1f 88 26 ......Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 276
192.168.1.2 255.255.255.255 On-link 192.168.1.2 276
192.168.1.255 255.255.255.255 On-link 192.168.1.2 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:5ef5:79fd:1c4e:2241:3f57:fefd/128
On-link
10 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::1c4e:2241:3f57:fefd/128
On-link
10 276 fe80::e873:565f:841:666/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/28/2012 00:05:39 PM) (Source: Application Hang) (User: )
Description: The program HiJackThis.exe version 2.0.0.4 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 450

Start Time: 01cde4f393fec1b7

Termination Time: 15

Application Path: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

Report Id: e06e0da9-50e6-11e2-b855-6cf0491f8826

Error: (12/28/2012 10:44:02 AM) (Source: Application Error) (User: )
Description: Faulting application name: JL London Advent Calendar.exe, version: 0.0.0.0, time stamp: 0x508e0095
Faulting module name: Adobe AIR.dll, version: 3.5.0.600, time stamp: 0x508e055c
Exception code: 0xc0000005
Fault offset: 0x0010de83
Faulting process id: 0x174
Faulting application start time: 0xJL London Advent Calendar.exe0
Faulting application path: JL London Advent Calendar.exe1
Faulting module path: JL London Advent Calendar.exe2
Report Id: JL London Advent Calendar.exe3

Error: (12/27/2012 04:44:44 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16457 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3f4

Start Time: 01cde449d39dffdd

Termination Time: 15

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (12/17/2012 01:08:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: Agcp.exe, version: 0.0.0.0, time stamp: 0x371273f5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xb7060000
Faulting process id: 0xefc
Faulting application start time: 0xAgcp.exe0
Faulting application path: Agcp.exe1
Faulting module path: Agcp.exe2
Report Id: Agcp.exe3

Error: (12/14/2012 00:38:31 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16457 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 760

Start Time: 01cdd9f7b84269ed

Termination Time: 28

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (12/10/2012 04:02:14 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16455, time stamp: 0x507284ba
Faulting module name: IEFRAME.dll, version: 9.0.8112.16455, time stamp: 0x5072885c
Exception code: 0xc0000005
Fault offset: 0x0024472e
Faulting process id: 0x13f0
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (12/05/2012 00:01:03 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/05/2012 00:01:03 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/05/2012 00:01:03 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/05/2012 00:01:03 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)


System errors:
=============
Error: (12/28/2012 00:09:45 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (12/28/2012 00:09:45 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (12/28/2012 00:08:53 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.01 service failed to start due to the following error:
%%3

Error: (12/28/2012 10:42:16 AM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (12/28/2012 10:42:16 AM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (12/28/2012 10:41:18 AM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.01 service failed to start due to the following error:
%%3

Error: (12/27/2012 03:47:08 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (12/27/2012 11:16:26 AM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (12/27/2012 11:16:26 AM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (12/27/2012 11:15:29 AM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.01 service failed to start due to the following error:
%%3


Microsoft Office Sessions:
=========================
Error: (12/28/2012 00:05:39 PM) (Source: Application Hang)(User: )
Description: HiJackThis.exe2.0.0.445001cde4f393fec1b715C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exee06e0da9-50e6-11e2-b855-6cf0491f8826

Error: (12/28/2012 10:44:02 AM) (Source: Application Error)(User: )
Description: JL London Advent Calendar.exe0.0.0.0508e0095Adobe AIR.dll3.5.0.600508e055cc00000050010de8317401cde4e7e51ee12dC:\Program Files\JL London Advent Calendar\JL London Advent Calendar.exeC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll7e00868f-50db-11e2-b855-6cf0491f8826

Error: (12/27/2012 04:44:44 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.164573f401cde449d39dffdd15C:\Program Files\Internet Explorer\iexplore.exe

Error: (12/17/2012 01:08:12 PM) (Source: Application Error)(User: )
Description: Agcp.exe0.0.0.0371273f5unknown0.0.0.000000000c0000005b7060000efc01cddc56c2a5268bC:\Program Files\Mindscape\CreataParty\Agcp.exeunknowncef3cc27-484a-11e2-b8fb-6cf0491f8826

Error: (12/14/2012 00:38:31 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.1645776001cdd9f7b84269ed28C:\Program Files\Internet Explorer\iexplore.exe

Error: (12/10/2012 04:02:14 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16455507284baIEFRAME.dll9.0.8112.164555072885cc00000050024472e13f001cdd6efb4230facC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\IEFRAME.dllf65a4f11-42e2-11e2-b8f8-6cf0491f8826

Error: (12/05/2012 00:01:03 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/05/2012 00:01:03 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/05/2012 00:01:03 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/05/2012 00:01:03 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer


=========================== Installed Programs ============================

Adobe AIR (Version: 3.5.0.600)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.110)
Adobe Flash Player 11 Plugin (Version: 11.3.300.257)
Adobe Photoshop Elements 2.0 (Version: 2.0)
Adobe Reader X (10.1.4) (Version: 10.1.4)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.923.1)
AMD Catalyst Install Manager (Version: 8.0.873.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0405.2205.37728)
AMD Media Foundation Decoders (Version: 1.0.70405.2224)
AMD VISION Engine Control Center (Version: 2012.0405.2205.37728)
American Greetings CreataParty!
American Greetings® Art & More Store
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
AVG 2012 (Version: 12.0.2180)
AVG 2012 (Version: 12.0.2193)
AVG 2012 (Version: 12.0.2195)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2221)
AVG 2012 (Version: 12.0.2637)
AVG 2012 (Version: 2012.0.2221)
AVG Security Toolbar
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bonjour (Version: 3.0.0.10)
Bookworm Deluxe
Carbonite Online Backup Setup (Version: 3.8.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0405.2205.37728)
Catalyst Control Center InstallProxy (Version: 2012.0405.2205.37728)
Catalyst Control Center Localization All (Version: 2012.0405.2205.37728)
ccc-utility (Version: 2012.0405.2205.37728)
CCC Help Chinese Standard (Version: 2012.0405.2204.37728)
CCC Help Chinese Traditional (Version: 2012.0405.2204.37728)
CCC Help Czech (Version: 2012.0405.2204.37728)
CCC Help Danish (Version: 2012.0405.2204.37728)
CCC Help Dutch (Version: 2012.0405.2204.37728)
CCC Help English (Version: 2012.0405.2204.37728)
CCC Help Finnish (Version: 2012.0405.2204.37728)
CCC Help French (Version: 2012.0405.2204.37728)
CCC Help German (Version: 2012.0405.2204.37728)
CCC Help Greek (Version: 2012.0405.2204.37728)
CCC Help Hungarian (Version: 2012.0405.2204.37728)
CCC Help Italian (Version: 2012.0405.2204.37728)
CCC Help Japanese (Version: 2012.0405.2204.37728)
CCC Help Korean (Version: 2012.0405.2204.37728)
CCC Help Norwegian (Version: 2012.0405.2204.37728)
CCC Help Polish (Version: 2012.0405.2204.37728)
CCC Help Portuguese (Version: 2012.0405.2204.37728)
CCC Help Russian (Version: 2012.0405.2204.37728)
CCC Help Spanish (Version: 2012.0405.2204.37728)
CCC Help Swedish (Version: 2012.0405.2204.37728)
CCC Help Thai (Version: 2012.0405.2204.37728)
CCC Help Turkish (Version: 2012.0405.2204.37728)
CCleaner (Version: 3.24)
ClearSkinFX for Digital Cameras
Cloud System Booster (Version: 1.1)
ColorCastFX for Digital Cameras
Concentration
Coupon Printer (Version: 2.0)
CPUID HWMonitor 1.19
D3DX10 (Version: 15.4.2368.0902)
EPSON Printer Software
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.123)
Google Updater (Version: 2.4.1487.6512)
HiJackThis (Version: 1.0.0)
Info Center 1.0.0.10 (Version: 1.0.0.10)
Internet Explorer (Enable DEP)
IrfanView (remove only) (Version: 4.32)
iTunes (Version: 11.0.1.12)
Jacquie Lawson London Advent Calendar (Version: 1.0.0)
Junk Mail filter update (Version: 15.4.3502.0922)
LizardTech DjVu Control (autoinstall)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office Excel Viewer (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works 7.0 (Version: 07.02.0620)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
muvee Reveal Seagate Edition (Version: 7.0.41.11017)
PC Matic 1.1.0.45 (Version: 1.1.0.45)
Picasa 3 (Version: 3.8)
PrivaZer (Version: 1.5.1.0)
Seagate Manager Installer (Version: 2.01.0600)
Secunia PSI (3.0.0.2004) (Version: 3.0.0.2004)
SUPERAntiSpyware (Version: 5.1.1002)
Vacation Quest: Australia
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Software Update

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 3326.49 MB
Available physical RAM: 2127.8 MB
Total Pagefile: 6651.27 MB
Available Pagefile: 5087.22 MB
Total Virtual: 2047.88 MB
Available Virtual: 1947.25 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:730.39 GB) NTFS
7 Drive i: (FreeAgent Drive) (Fixed) (Total:465.76 GB) (Free:146.03 GB) NTFS

========================= Users: ========================================

User accounts for \\MAUREEN-PC

Administrator Guest Maureen


**** End of log ****

#9 Reena

Reena
  • Topic Starter

  • Members
  • 391 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:06:11 AM

Posted 28 December 2012 - 11:07 AM

Here's the other report:


12:26:38.0726 4180 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:26:38.0926 4180 ============================================================
12:26:38.0926 4180 Current date / time: 2012/12/28 12:26:38.0926
12:26:38.0926 4180 SystemInfo:
12:26:38.0926 4180
12:26:38.0926 4180 OS Version: 6.1.7601 ServicePack: 1.0
12:26:38.0926 4180 Product type: Workstation
12:26:38.0926 4180 ComputerName: MAUREEN-PC
12:26:38.0926 4180 UserName: Maureen
12:26:38.0926 4180 Windows directory: C:\Windows
12:26:38.0926 4180 System windows directory: C:\Windows
12:26:38.0926 4180 Processor architecture: Intel x86
12:26:38.0926 4180 Number of processors: 2
12:26:38.0926 4180 Page size: 0x1000
12:26:38.0926 4180 Boot type: Normal boot
12:26:38.0926 4180 ============================================================
12:26:40.0637 4180 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
12:26:44.0382 4180 Drive \Device\Harddisk5\DR5 - Size: 0x7470C05C00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:26:44.0382 4180 ============================================================
12:26:44.0382 4180 \Device\Harddisk0\DR0:
12:26:44.0382 4180 MBR partitions:
12:26:44.0382 4180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:26:44.0382 4180 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
12:26:44.0382 4180 \Device\Harddisk5\DR5:
12:26:44.0382 4180 MBR partitions:
12:26:44.0382 4180 \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C00
12:26:44.0382 4180 ============================================================
12:26:44.0382 4180 C: <-> \Device\Harddisk0\DR0\Partition2
12:26:44.0445 4180 I: <-> \Device\Harddisk5\DR5\Partition1
12:26:44.0445 4180 ============================================================
12:26:44.0445 4180 Initialize success
12:26:44.0445 4180 ============================================================
12:27:49.0395 5784 ============================================================
12:27:49.0395 5784 Scan started
12:27:49.0395 5784 Mode: Manual; TDLFS;
12:27:49.0395 5784 ============================================================
12:27:50.0190 5784 ================ Scan system memory ========================
12:27:50.0190 5784 System memory - ok
12:27:50.0190 5784 ================ Scan services =============================
12:27:50.0315 5784 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
12:27:50.0315 5784 !SASCORE - ok
12:27:50.0487 5784 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:27:50.0487 5784 1394ohci - ok
12:27:50.0549 5784 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:27:50.0549 5784 ACPI - ok
12:27:50.0580 5784 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:27:50.0580 5784 AcpiPmi - ok
12:27:50.0658 5784 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:27:50.0658 5784 AdobeARMservice - ok
12:27:50.0736 5784 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:27:50.0752 5784 AdobeFlashPlayerUpdateSvc - ok
12:27:50.0799 5784 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:27:50.0814 5784 adp94xx - ok
12:27:50.0830 5784 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:27:50.0830 5784 adpahci - ok
12:27:50.0861 5784 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:27:50.0861 5784 adpu320 - ok
12:27:50.0892 5784 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:27:50.0892 5784 AeLookupSvc - ok
12:27:50.0939 5784 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
12:27:50.0955 5784 AFD - ok
12:27:50.0970 5784 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
12:27:50.0970 5784 agp440 - ok
12:27:50.0986 5784 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
12:27:51.0002 5784 aic78xx - ok
12:27:51.0017 5784 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
12:27:51.0017 5784 ALG - ok
12:27:51.0017 5784 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
12:27:51.0033 5784 aliide - ok
12:27:51.0048 5784 [ 50EBBB86E493BD9AB7DDF914A90EEF8E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:27:51.0064 5784 AMD External Events Utility - ok
12:27:51.0111 5784 AMD FUEL Service - ok
12:27:51.0126 5784 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:27:51.0126 5784 amdagp - ok
12:27:51.0142 5784 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
12:27:51.0142 5784 amdide - ok
12:27:51.0173 5784 [ FF258424F0B2EF25EB98F04EE386E6E3 ] amdiox86 C:\Windows\system32\DRIVERS\amdiox86.sys
12:27:51.0173 5784 amdiox86 - ok
12:27:51.0189 5784 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:27:51.0189 5784 AmdK8 - ok
12:27:51.0376 5784 [ 70EB74785AB7FC603FEF19D87B7A7946 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:27:51.0485 5784 amdkmdag - ok
12:27:51.0501 5784 [ BA99833BBDE9C4FF389FC8114FB14843 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:27:51.0501 5784 amdkmdap - ok
12:27:51.0516 5784 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:27:51.0516 5784 AmdPPM - ok
12:27:51.0532 5784 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:27:51.0532 5784 amdsata - ok
12:27:51.0563 5784 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:27:51.0563 5784 amdsbs - ok
12:27:51.0579 5784 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:27:51.0579 5784 amdxata - ok
12:27:51.0641 5784 AODDriver4.01 - ok
12:27:51.0688 5784 [ 40C15CE1B832B78CC2A2F61807058763 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
12:27:51.0688 5784 AODDriver4.1 - ok
12:27:51.0735 5784 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
12:27:51.0735 5784 AppID - ok
12:27:51.0766 5784 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:27:51.0766 5784 AppIDSvc - ok
12:27:51.0813 5784 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
12:27:51.0813 5784 Appinfo - ok
12:27:51.0938 5784 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:27:51.0938 5784 Apple Mobile Device - ok
12:27:51.0953 5784 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:27:51.0953 5784 arc - ok
12:27:51.0969 5784 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:27:51.0969 5784 arcsas - ok
12:27:51.0984 5784 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:27:51.0984 5784 AsyncMac - ok
12:27:52.0000 5784 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
12:27:52.0000 5784 atapi - ok
12:27:52.0031 5784 [ 6ADC42CF4A6AB84975CA63DCCFAAF5D8 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
12:27:52.0031 5784 AtiHDAudioService - ok
12:27:52.0062 5784 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:27:52.0062 5784 AudioEndpointBuilder - ok
12:27:52.0078 5784 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:27:52.0078 5784 Audiosrv - ok
12:27:52.0234 5784 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files\AVG\AVG2012\avgidsagent.exe
12:27:52.0265 5784 AVGIDSAgent - ok
12:27:52.0281 5784 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
12:27:52.0296 5784 AVGIDSDriver - ok
12:27:52.0296 5784 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfilterx.sys
12:27:52.0296 5784 AVGIDSFilter - ok
12:27:52.0328 5784 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
12:27:52.0328 5784 AVGIDSHX - ok
12:27:52.0343 5784 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
12:27:52.0359 5784 AVGIDSShim - ok
12:27:52.0374 5784 [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
12:27:52.0374 5784 Avgldx86 - ok
12:27:52.0406 5784 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
12:27:52.0406 5784 Avgmfx86 - ok
12:27:52.0452 5784 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
12:27:52.0452 5784 Avgrkx86 - ok
12:27:52.0468 5784 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
12:27:52.0468 5784 Avgtdix - ok
12:27:52.0499 5784 [ 57D83B82117C2DDB9D7E9AEA691CEDFC ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
12:27:52.0499 5784 avgtp - ok
12:27:52.0530 5784 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
12:27:52.0546 5784 avgwd - ok
12:27:52.0593 5784 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:27:52.0593 5784 AxInstSV - ok
12:27:52.0640 5784 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
12:27:52.0655 5784 b06bdrv - ok
12:27:52.0686 5784 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
12:27:52.0686 5784 b57nd60x - ok
12:27:52.0733 5784 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
12:27:52.0733 5784 BDESVC - ok
12:27:52.0749 5784 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
12:27:52.0749 5784 Beep - ok
12:27:52.0811 5784 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
12:27:52.0827 5784 BFE - ok
12:27:52.0874 5784 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
12:27:52.0874 5784 BITS - ok
12:27:52.0905 5784 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:27:52.0905 5784 blbdrive - ok
12:27:52.0952 5784 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:27:52.0967 5784 Bonjour Service - ok
12:27:53.0014 5784 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:27:53.0014 5784 bowser - ok
12:27:53.0014 5784 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:27:53.0030 5784 BrFiltLo - ok
12:27:53.0045 5784 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:27:53.0045 5784 BrFiltUp - ok
12:27:53.0076 5784 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
12:27:53.0076 5784 Browser - ok
12:27:53.0092 5784 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:27:53.0092 5784 Brserid - ok
12:27:53.0108 5784 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:27:53.0108 5784 BrSerWdm - ok
12:27:53.0123 5784 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:27:53.0123 5784 BrUsbMdm - ok
12:27:53.0123 5784 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:27:53.0123 5784 BrUsbSer - ok
12:27:53.0139 5784 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:27:53.0139 5784 BTHMODEM - ok
12:27:53.0170 5784 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
12:27:53.0170 5784 bthserv - ok
12:27:53.0186 5784 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:27:53.0186 5784 cdfs - ok
12:27:53.0232 5784 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:27:53.0232 5784 cdrom - ok
12:27:53.0264 5784 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
12:27:53.0279 5784 CertPropSvc - ok
12:27:53.0295 5784 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:27:53.0295 5784 circlass - ok
12:27:53.0326 5784 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
12:27:53.0326 5784 CLFS - ok
12:27:53.0373 5784 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:27:53.0388 5784 clr_optimization_v2.0.50727_32 - ok
12:27:53.0451 5784 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:27:53.0451 5784 clr_optimization_v4.0.30319_32 - ok
12:27:53.0466 5784 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:27:53.0466 5784 CmBatt - ok
12:27:53.0482 5784 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:27:53.0498 5784 cmdide - ok
12:27:53.0529 5784 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
12:27:53.0529 5784 CNG - ok
12:27:53.0529 5784 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:27:53.0544 5784 Compbatt - ok
12:27:53.0544 5784 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:27:53.0544 5784 CompositeBus - ok
12:27:53.0544 5784 COMSysApp - ok
12:27:53.0591 5784 [ 3411FDF098AA20193EEE5FFA36BA43B2 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x32.sys
12:27:53.0591 5784 cpuz135 - ok
12:27:53.0591 5784 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:27:53.0591 5784 crcdisk - ok
12:27:53.0622 5784 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:27:53.0622 5784 CryptSvc - ok
12:27:53.0669 5784 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
12:27:53.0685 5784 DcomLaunch - ok
12:27:53.0700 5784 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
12:27:53.0716 5784 defragsvc - ok
12:27:53.0732 5784 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:27:53.0732 5784 DfsC - ok
12:27:53.0747 5784 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:27:53.0747 5784 Dhcp - ok
12:27:53.0763 5784 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
12:27:53.0763 5784 discache - ok
12:27:53.0794 5784 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:27:53.0794 5784 Disk - ok
12:27:53.0856 5784 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:27:53.0856 5784 Dnscache - ok
12:27:53.0888 5784 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
12:27:53.0888 5784 dot3svc - ok
12:27:53.0919 5784 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
12:27:53.0919 5784 DPS - ok
12:27:53.0966 5784 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:27:53.0966 5784 drmkaud - ok
12:27:54.0028 5784 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:27:54.0044 5784 DXGKrnl - ok
12:27:54.0075 5784 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
12:27:54.0075 5784 EapHost - ok
12:27:54.0153 5784 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
12:27:54.0184 5784 ebdrv - ok
12:27:54.0215 5784 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
12:27:54.0215 5784 EFS - ok
12:27:54.0262 5784 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:27:54.0278 5784 ehRecvr - ok
12:27:54.0293 5784 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
12:27:54.0293 5784 ehSched - ok
12:27:54.0324 5784 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:27:54.0324 5784 elxstor - ok
12:27:54.0340 5784 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:27:54.0340 5784 ErrDev - ok
12:27:54.0356 5784 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
12:27:54.0356 5784 EventSystem - ok
12:27:54.0387 5784 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
12:27:54.0387 5784 exfat - ok
12:27:54.0402 5784 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:27:54.0402 5784 fastfat - ok
12:27:54.0434 5784 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
12:27:54.0434 5784 Fax - ok
12:27:54.0449 5784 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:27:54.0449 5784 fdc - ok
12:27:54.0465 5784 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
12:27:54.0465 5784 fdPHost - ok
12:27:54.0480 5784 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
12:27:54.0480 5784 FDResPub - ok
12:27:54.0512 5784 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:27:54.0512 5784 FileInfo - ok
12:27:54.0543 5784 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:27:54.0543 5784 Filetrace - ok
12:27:54.0558 5784 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:27:54.0558 5784 flpydisk - ok
12:27:54.0574 5784 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:27:54.0574 5784 FltMgr - ok
12:27:54.0621 5784 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
12:27:54.0636 5784 FontCache - ok
12:27:54.0668 5784 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:27:54.0668 5784 FontCache3.0.0.0 - ok
12:27:54.0761 5784 [ 9513B437B7ADB1E6065B7F0D83D11ECF ] FreeAgentGoNext Service C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
12:27:54.0761 5784 FreeAgentGoNext Service - ok
12:27:54.0792 5784 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:27:54.0792 5784 FsDepends - ok
12:27:54.0839 5784 [ B0082808A6856A252F7CDD939892CE50 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
12:27:54.0839 5784 fssfltr - ok
12:27:54.0964 5784 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
12:27:54.0980 5784 fsssvc - ok
12:27:55.0011 5784 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:27:55.0011 5784 Fs_Rec - ok
12:27:55.0042 5784 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:27:55.0042 5784 fvevol - ok
12:27:55.0073 5784 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:27:55.0073 5784 gagp30kx - ok
12:27:55.0089 5784 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:27:55.0089 5784 GEARAspiWDM - ok
12:27:55.0151 5784 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
12:27:55.0151 5784 gpsvc - ok
12:27:55.0245 5784 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:27:55.0245 5784 gupdate - ok
12:27:55.0260 5784 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:27:55.0260 5784 gupdatem - ok
12:27:55.0292 5784 [ FC0ADDE7828FD440039EA25BED0A7E88 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:27:55.0307 5784 gusvc - ok
12:27:55.0323 5784 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:27:55.0323 5784 hcw85cir - ok
12:27:55.0370 5784 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:27:55.0370 5784 HdAudAddService - ok
12:27:55.0385 5784 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:27:55.0401 5784 HDAudBus - ok
12:27:55.0432 5784 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:27:55.0432 5784 HidBatt - ok
12:27:55.0448 5784 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:27:55.0448 5784 HidBth - ok
12:27:55.0448 5784 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:27:55.0463 5784 HidIr - ok
12:27:55.0479 5784 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
12:27:55.0479 5784 hidserv - ok
12:27:55.0526 5784 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:27:55.0526 5784 HidUsb - ok
12:27:55.0557 5784 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:27:55.0557 5784 hkmsvc - ok
12:27:55.0604 5784 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:27:55.0604 5784 HomeGroupListener - ok
12:27:55.0635 5784 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:27:55.0650 5784 HomeGroupProvider - ok
12:27:55.0666 5784 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:27:55.0666 5784 HpSAMD - ok
12:27:55.0713 5784 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:27:55.0713 5784 HTTP - ok
12:27:55.0744 5784 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:27:55.0744 5784 hwpolicy - ok
12:27:55.0760 5784 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:27:55.0760 5784 i8042prt - ok
12:27:55.0760 5784 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:27:55.0775 5784 iaStorV - ok
12:27:55.0822 5784 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:27:55.0838 5784 idsvc - ok
12:27:55.0869 5784 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:27:55.0884 5784 iirsp - ok
12:27:55.0900 5784 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
12:27:55.0916 5784 IKEEXT - ok
12:27:55.0931 5784 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
12:27:55.0931 5784 intelide - ok
12:27:55.0947 5784 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:27:55.0947 5784 intelppm - ok
12:27:55.0978 5784 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:27:55.0978 5784 IPBusEnum - ok
12:27:55.0994 5784 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:27:55.0994 5784 IpFilterDriver - ok
12:27:56.0025 5784 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:27:56.0040 5784 iphlpsvc - ok
12:27:56.0040 5784 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:27:56.0040 5784 IPMIDRV - ok
12:27:56.0056 5784 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:27:56.0056 5784 IPNAT - ok
12:27:56.0103 5784 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:27:56.0118 5784 iPod Service - ok
12:27:56.0118 5784 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:27:56.0134 5784 IRENUM - ok
12:27:56.0150 5784 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:27:56.0150 5784 isapnp - ok
12:27:56.0165 5784 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:27:56.0165 5784 iScsiPrt - ok
12:27:56.0181 5784 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:27:56.0181 5784 kbdclass - ok
12:27:56.0196 5784 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:27:56.0196 5784 kbdhid - ok
12:27:56.0196 5784 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
12:27:56.0196 5784 KeyIso - ok
12:27:56.0212 5784 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:27:56.0212 5784 KSecDD - ok
12:27:56.0259 5784 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:27:56.0259 5784 KSecPkg - ok
12:27:56.0290 5784 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
12:27:56.0290 5784 KtmRm - ok
12:27:56.0321 5784 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
12:27:56.0321 5784 LanmanServer - ok
12:27:56.0337 5784 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:27:56.0352 5784 LanmanWorkstation - ok
12:27:56.0399 5784 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:27:56.0399 5784 lltdio - ok
12:27:56.0430 5784 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:27:56.0430 5784 lltdsvc - ok
12:27:56.0430 5784 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
12:27:56.0430 5784 lmhosts - ok
12:27:56.0446 5784 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:27:56.0446 5784 LSI_FC - ok
12:27:56.0462 5784 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:27:56.0477 5784 LSI_SAS - ok
12:27:56.0477 5784 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:27:56.0477 5784 LSI_SAS2 - ok
12:27:56.0493 5784 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:27:56.0493 5784 LSI_SCSI - ok
12:27:56.0508 5784 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
12:27:56.0508 5784 luafv - ok
12:27:56.0555 5784 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:27:56.0555 5784 Mcx2Svc - ok
12:27:56.0571 5784 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:27:56.0571 5784 megasas - ok
12:27:56.0586 5784 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:27:56.0586 5784 MegaSR - ok
12:27:56.0602 5784 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
12:27:56.0618 5784 MMCSS - ok
12:27:56.0618 5784 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
12:27:56.0618 5784 Modem - ok
12:27:56.0633 5784 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:27:56.0633 5784 monitor - ok
12:27:56.0664 5784 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:27:56.0664 5784 mouclass - ok
12:27:56.0696 5784 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:27:56.0696 5784 mouhid - ok
12:27:56.0727 5784 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:27:56.0727 5784 mountmgr - ok
12:27:56.0789 5784 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
12:27:56.0789 5784 MpFilter - ok
12:27:56.0805 5784 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
12:27:56.0805 5784 mpio - ok
12:27:56.0914 5784 [ A69630D039C38018689190234F866D77 ] MpKsl1da5fe18 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8918C146-1975-4DDA-B727-B467325843BA}\MpKsl1da5fe18.sys
12:27:56.0914 5784 MpKsl1da5fe18 - ok
12:27:56.0945 5784 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:27:56.0945 5784 mpsdrv - ok
12:27:56.0992 5784 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:27:56.0992 5784 MpsSvc - ok
12:27:57.0023 5784 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:27:57.0023 5784 MRxDAV - ok
12:27:57.0039 5784 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:27:57.0054 5784 mrxsmb - ok
12:27:57.0054 5784 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:27:57.0054 5784 mrxsmb10 - ok
12:27:57.0101 5784 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:27:57.0101 5784 mrxsmb20 - ok
12:27:57.0101 5784 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
12:27:57.0101 5784 msahci - ok
12:27:57.0132 5784 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:27:57.0132 5784 msdsm - ok
12:27:57.0164 5784 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
12:27:57.0164 5784 MSDTC - ok
12:27:57.0195 5784 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:27:57.0195 5784 Msfs - ok
12:27:57.0195 5784 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:27:57.0195 5784 mshidkmdf - ok
12:27:57.0210 5784 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:27:57.0210 5784 msisadrv - ok
12:27:57.0226 5784 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:27:57.0226 5784 MSiSCSI - ok
12:27:57.0242 5784 msiserver - ok
12:27:57.0257 5784 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:27:57.0257 5784 MSKSSRV - ok
12:27:57.0304 5784 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:27:57.0304 5784 MsMpSvc - ok
12:27:57.0320 5784 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:27:57.0320 5784 MSPCLOCK - ok
12:27:57.0335 5784 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:27:57.0351 5784 MSPQM - ok
12:27:57.0366 5784 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:27:57.0366 5784 MsRPC - ok
12:27:57.0382 5784 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:27:57.0382 5784 mssmbios - ok
12:27:57.0382 5784 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:27:57.0382 5784 MSTEE - ok
12:27:57.0413 5784 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:27:57.0413 5784 MTConfig - ok
12:27:57.0429 5784 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
12:27:57.0429 5784 Mup - ok
12:27:57.0444 5784 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
12:27:57.0444 5784 napagent - ok
12:27:57.0491 5784 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:27:57.0491 5784 NativeWifiP - ok
12:27:57.0569 5784 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:27:57.0585 5784 NDIS - ok
12:27:57.0600 5784 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:27:57.0600 5784 NdisCap - ok
12:27:57.0632 5784 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:27:57.0632 5784 NdisTapi - ok
12:27:57.0647 5784 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:27:57.0647 5784 Ndisuio - ok
12:27:57.0678 5784 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:27:57.0678 5784 NdisWan - ok
12:27:57.0694 5784 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:27:57.0694 5784 NDProxy - ok
12:27:57.0710 5784 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:27:57.0710 5784 NetBIOS - ok
12:27:57.0741 5784 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:27:57.0741 5784 NetBT - ok
12:27:57.0756 5784 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
12:27:57.0756 5784 Netlogon - ok
12:27:57.0788 5784 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
12:27:57.0788 5784 Netman - ok
12:27:57.0803 5784 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
12:27:57.0803 5784 netprofm - ok
12:27:57.0819 5784 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:27:57.0819 5784 NetTcpPortSharing - ok
12:27:57.0834 5784 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:27:57.0834 5784 nfrd960 - ok
12:27:57.0897 5784 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:27:57.0897 5784 NisDrv - ok
12:27:57.0928 5784 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
12:27:57.0928 5784 NisSrv - ok
12:27:57.0944 5784 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:27:57.0944 5784 NlaSvc - ok
12:27:57.0959 5784 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:27:57.0959 5784 Npfs - ok
12:27:57.0975 5784 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
12:27:57.0975 5784 nsi - ok
12:27:57.0990 5784 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:27:57.0990 5784 nsiproxy - ok
12:27:58.0037 5784 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:27:58.0053 5784 Ntfs - ok
12:27:58.0068 5784 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
12:27:58.0068 5784 Null - ok
12:27:58.0084 5784 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:27:58.0084 5784 nvraid - ok
12:27:58.0100 5784 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:27:58.0115 5784 nvstor - ok
12:27:58.0146 5784 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:27:58.0146 5784 nv_agp - ok
12:27:58.0178 5784 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:27:58.0178 5784 ohci1394 - ok
12:27:58.0209 5784 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:27:58.0209 5784 p2pimsvc - ok
12:27:58.0224 5784 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
12:27:58.0224 5784 p2psvc - ok
12:27:58.0256 5784 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:27:58.0256 5784 Parport - ok
12:27:58.0287 5784 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:27:58.0287 5784 partmgr - ok
12:27:58.0302 5784 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
12:27:58.0302 5784 Parvdm - ok
12:27:58.0318 5784 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:27:58.0318 5784 PcaSvc - ok
12:27:58.0334 5784 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
12:27:58.0334 5784 pci - ok
12:27:58.0349 5784 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
12:27:58.0349 5784 pciide - ok
12:27:58.0365 5784 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:27:58.0365 5784 pcmcia - ok
12:27:58.0443 5784 [ 65A66EB40254DF662E32E89BBBA55E89 ] PCPitstop Scheduling C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
12:28:01.0875 5784 PCPitstop Scheduling - ok
12:28:01.0890 5784 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
12:28:01.0890 5784 pcw - ok
12:28:01.0953 5784 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:28:01.0953 5784 PEAUTH - ok
12:28:02.0015 5784 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
12:28:02.0031 5784 pla - ok
12:28:02.0078 5784 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:28:02.0078 5784 PlugPlay - ok
12:28:02.0093 5784 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:28:02.0093 5784 PNRPAutoReg - ok
12:28:02.0109 5784 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:28:02.0109 5784 PNRPsvc - ok
12:28:02.0140 5784 [ 896D916DE06F5502D301E8C4DC442AE8 ] Point32 C:\Windows\system32\DRIVERS\point32.sys
12:28:02.0140 5784 Point32 - ok
12:28:02.0156 5784 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:28:02.0156 5784 PolicyAgent - ok
12:28:02.0218 5784 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
12:28:02.0234 5784 Power - ok
12:28:02.0327 5784 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:28:02.0327 5784 PptpMiniport - ok
12:28:02.0358 5784 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:28:02.0358 5784 Processor - ok
12:28:02.0390 5784 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
12:28:02.0390 5784 ProfSvc - ok
12:28:02.0390 5784 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:28:02.0390 5784 ProtectedStorage - ok
12:28:02.0421 5784 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:28:02.0421 5784 Psched - ok
12:28:02.0452 5784 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
12:28:02.0468 5784 PSI - ok
12:28:02.0514 5784 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:28:02.0546 5784 ql2300 - ok
12:28:02.0561 5784 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:28:02.0561 5784 ql40xx - ok
12:28:02.0577 5784 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
12:28:02.0592 5784 QWAVE - ok
12:28:02.0608 5784 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:28:02.0608 5784 QWAVEdrv - ok
12:28:02.0608 5784 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:28:02.0608 5784 RasAcd - ok
12:28:02.0655 5784 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:28:02.0655 5784 RasAgileVpn - ok
12:28:02.0670 5784 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
12:28:02.0670 5784 RasAuto - ok
12:28:02.0702 5784 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:28:02.0702 5784 Rasl2tp - ok
12:28:02.0748 5784 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
12:28:02.0748 5784 RasMan - ok
12:28:02.0780 5784 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:28:02.0780 5784 RasPppoe - ok
12:28:02.0811 5784 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:28:02.0811 5784 RasSstp - ok
12:28:02.0826 5784 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:28:02.0842 5784 rdbss - ok
12:28:02.0858 5784 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:28:02.0858 5784 rdpbus - ok
12:28:02.0889 5784 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:28:02.0889 5784 RDPCDD - ok
12:28:02.0904 5784 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:28:02.0904 5784 RDPENCDD - ok
12:28:02.0920 5784 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:28:02.0920 5784 RDPREFMP - ok
12:28:02.0967 5784 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:28:02.0967 5784 RdpVideoMiniport - ok
12:28:02.0998 5784 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:28:02.0998 5784 RDPWD - ok
12:28:03.0029 5784 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:28:03.0029 5784 rdyboost - ok
12:28:03.0060 5784 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
12:28:03.0060 5784 RemoteAccess - ok
12:28:03.0107 5784 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:28:03.0123 5784 RemoteRegistry - ok
12:28:03.0138 5784 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:28:03.0138 5784 RpcEptMapper - ok
12:28:03.0170 5784 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
12:28:03.0170 5784 RpcLocator - ok
12:28:03.0185 5784 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
12:28:03.0185 5784 RpcSs - ok
12:28:03.0201 5784 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:28:03.0201 5784 rspndr - ok
12:28:03.0248 5784 [ 3983CEA05BB855351D75F5482B6C42CE ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
12:28:03.0248 5784 RTL8167 - ok
12:28:03.0248 5784 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
12:28:03.0263 5784 SamSs - ok
12:28:03.0326 5784 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
12:28:03.0326 5784 SASDIFSV - ok
12:28:03.0357 5784 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
12:28:03.0357 5784 SASKUTIL - ok
12:28:03.0388 5784 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:28:03.0388 5784 sbp2port - ok
12:28:03.0404 5784 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:28:03.0404 5784 SCardSvr - ok
12:28:03.0419 5784 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:28:03.0419 5784 scfilter - ok
12:28:03.0450 5784 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
12:28:03.0466 5784 Schedule - ok
12:28:03.0482 5784 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:28:03.0482 5784 SCPolicySvc - ok
12:28:03.0513 5784 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:28:03.0513 5784 SDRSVC - ok
12:28:03.0528 5784 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:28:03.0528 5784 secdrv - ok
12:28:03.0560 5784 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
12:28:03.0575 5784 seclogon - ok
12:28:03.0653 5784 [ F70A51EB03EE7046784EF62EFCE9528E ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
12:28:03.0762 5784 Secunia PSI Agent - ok
12:28:03.0794 5784 [ AD56CEB08EEB517332355FDE9E5939C8 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
12:28:03.0887 5784 Secunia Update Agent - ok
12:28:03.0903 5784 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
12:28:03.0903 5784 SENS - ok
12:28:03.0934 5784 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:28:03.0934 5784 SensrSvc - ok
12:28:03.0965 5784 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:28:03.0981 5784 Serenum - ok
12:28:03.0996 5784 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:28:03.0996 5784 Serial - ok
12:28:03.0996 5784 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:28:03.0996 5784 sermouse - ok
12:28:04.0028 5784 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
12:28:04.0028 5784 SessionEnv - ok
12:28:04.0043 5784 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:28:04.0043 5784 sffdisk - ok
12:28:04.0059 5784 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:28:04.0074 5784 sffp_mmc - ok
12:28:04.0090 5784 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:28:04.0090 5784 sffp_sd - ok
12:28:04.0106 5784 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:28:04.0106 5784 sfloppy - ok
12:28:04.0137 5784 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:28:04.0152 5784 SharedAccess - ok
12:28:04.0168 5784 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:28:04.0168 5784 ShellHWDetection - ok
12:28:04.0168 5784 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:28:04.0184 5784 sisagp - ok
12:28:04.0199 5784 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:28:04.0199 5784 SiSRaid2 - ok
12:28:04.0215 5784 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:28:04.0215 5784 SiSRaid4 - ok
12:28:04.0230 5784 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:28:04.0230 5784 Smb - ok
12:28:04.0246 5784 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:28:04.0262 5784 SNMPTRAP - ok
12:28:04.0262 5784 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
12:28:04.0262 5784 spldr - ok
12:28:04.0293 5784 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
12:28:04.0293 5784 Spooler - ok
12:28:04.0402 5784 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
12:28:04.0418 5784 sppsvc - ok
12:28:04.0464 5784 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:28:04.0480 5784 sppuinotify - ok
12:28:04.0511 5784 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:28:04.0527 5784 srv - ok
12:28:04.0542 5784 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:28:04.0558 5784 srv2 - ok
12:28:04.0589 5784 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:28:04.0589 5784 srvnet - ok
12:28:04.0620 5784 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:28:04.0620 5784 SSDPSRV - ok
12:28:04.0636 5784 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:28:04.0652 5784 SstpSvc - ok
12:28:04.0652 5784 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:28:04.0652 5784 stexstor - ok
12:28:04.0683 5784 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
12:28:04.0698 5784 StiSvc - ok
12:28:04.0714 5784 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
12:28:04.0714 5784 swenum - ok
12:28:04.0745 5784 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
12:28:04.0761 5784 swprv - ok
12:28:04.0792 5784 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
12:28:04.0808 5784 SysMain - ok
12:28:04.0823 5784 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:28:04.0823 5784 TabletInputService - ok
12:28:04.0854 5784 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
12:28:04.0854 5784 TapiSrv - ok
12:28:04.0886 5784 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
12:28:04.0901 5784 TBS - ok
12:28:04.0964 5784 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:28:04.0995 5784 Tcpip - ok
12:28:05.0026 5784 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:28:05.0026 5784 TCPIP6 - ok
12:28:05.0057 5784 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:28:05.0057 5784 tcpipreg - ok
12:28:05.0088 5784 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:28:05.0088 5784 TDPIPE - ok
12:28:05.0120 5784 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:28:05.0120 5784 TDTCP - ok
12:28:05.0151 5784 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:28:05.0151 5784 tdx - ok
12:28:05.0166 5784 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:28:05.0166 5784 TermDD - ok
12:28:05.0213 5784 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
12:28:05.0229 5784 TermService - ok
12:28:05.0244 5784 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
12:28:05.0244 5784 Themes - ok
12:28:05.0260 5784 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
12:28:05.0260 5784 THREADORDER - ok
12:28:05.0276 5784 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
12:28:05.0276 5784 TrkWks - ok
12:28:05.0322 5784 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:28:05.0322 5784 TrustedInstaller - ok
12:28:05.0338 5784 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:28:05.0338 5784 tssecsrv - ok
12:28:05.0385 5784 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:28:05.0385 5784 TsUsbFlt - ok
12:28:05.0385 5784 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:28:05.0385 5784 tunnel - ok
12:28:05.0432 5784 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:28:05.0432 5784 uagp35 - ok
12:28:05.0447 5784 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:28:05.0447 5784 udfs - ok
12:28:05.0478 5784 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:28:05.0478 5784 UI0Detect - ok
12:28:05.0494 5784 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:28:05.0494 5784 uliagpkx - ok
12:28:05.0510 5784 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
12:28:05.0510 5784 umbus - ok
12:28:05.0525 5784 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:28:05.0525 5784 UmPass - ok
12:28:05.0541 5784 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
12:28:05.0541 5784 upnphost - ok
12:28:05.0572 5784 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
12:28:05.0603 5784 USBAAPL - ok
12:28:05.0603 5784 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:28:05.0603 5784 usbccgp - ok
12:28:05.0619 5784 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:28:05.0619 5784 usbcir - ok
12:28:05.0619 5784 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:28:05.0619 5784 usbehci - ok
12:28:05.0634 5784 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:28:05.0634 5784 usbhub - ok
12:28:05.0634 5784 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:28:05.0634 5784 usbohci - ok
12:28:05.0666 5784 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:28:05.0666 5784 usbprint - ok
12:28:05.0666 5784 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:28:05.0681 5784 USBSTOR - ok
12:28:05.0681 5784 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:28:05.0681 5784 usbuhci - ok
12:28:05.0697 5784 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
12:28:05.0712 5784 UxSms - ok
12:28:05.0728 5784 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
12:28:05.0728 5784 VaultSvc - ok
12:28:05.0728 5784 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:28:05.0744 5784 vdrvroot - ok
12:28:05.0775 5784 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
12:28:05.0790 5784 vds - ok
12:28:05.0806 5784 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:28:05.0806 5784 vga - ok
12:28:05.0837 5784 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:28:05.0837 5784 VgaSave - ok
12:28:05.0853 5784 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:28:05.0853 5784 vhdmp - ok
12:28:05.0884 5784 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:28:05.0884 5784 viaagp - ok
12:28:05.0900 5784 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
12:28:05.0900 5784 ViaC7 - ok
12:28:05.0915 5784 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
12:28:05.0915 5784 viaide - ok
12:28:05.0931 5784 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:28:05.0931 5784 volmgr - ok
12:28:05.0946 5784 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:28:05.0946 5784 volmgrx - ok
12:28:05.0962 5784 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:28:05.0962 5784 volsnap - ok
12:28:05.0993 5784 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:28:05.0993 5784 vsmraid - ok
12:28:06.0040 5784 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
12:28:06.0040 5784 VSS - ok
12:28:06.0134 5784 [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
12:28:06.0134 5784 vToolbarUpdater13.2.0 - ok
12:28:06.0149 5784 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:28:06.0149 5784 vwifibus - ok
12:28:06.0180 5784 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
12:28:06.0180 5784 W32Time - ok
12:28:06.0196 5784 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:28:06.0196 5784 WacomPen - ok
12:28:06.0212 5784 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:28:06.0212 5784 WANARP - ok
12:28:06.0212 5784 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:28:06.0227 5784 Wanarpv6 - ok
12:28:06.0290 5784 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:28:06.0321 5784 WatAdminSvc - ok
12:28:06.0352 5784 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
12:28:06.0368 5784 wbengine - ok
12:28:06.0383 5784 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:28:06.0383 5784 WbioSrvc - ok
12:28:06.0414 5784 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:28:06.0430 5784 wcncsvc - ok
12:28:06.0430 5784 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:28:06.0430 5784 WcsPlugInService - ok
12:28:06.0446 5784 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:28:06.0446 5784 Wd - ok
12:28:06.0477 5784 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:28:06.0477 5784 Wdf01000 - ok
12:28:06.0508 5784 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:28:06.0508 5784 WdiServiceHost - ok
12:28:06.0508 5784 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:28:06.0508 5784 WdiSystemHost - ok
12:28:06.0539 5784 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
12:28:06.0539 5784 WebClient - ok
12:28:06.0555 5784 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:28:06.0570 5784 Wecsvc - ok
12:28:06.0570 5784 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:28:06.0570 5784 wercplsupport - ok
12:28:06.0586 5784 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
12:28:06.0586 5784 WerSvc - ok
12:28:06.0602 5784 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:28:06.0602 5784 WfpLwf - ok
12:28:06.0602 5784 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:28:06.0617 5784 WIMMount - ok
12:28:06.0680 5784 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:28:06.0695 5784 WinDefend - ok
12:28:06.0711 5784 WinHttpAutoProxySvc - ok
12:28:06.0773 5784 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:28:06.0773 5784 Winmgmt - ok
12:28:06.0820 5784 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
12:28:06.0836 5784 WinRM - ok
12:28:06.0882 5784 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:28:06.0898 5784 WinUsb - ok
12:28:06.0929 5784 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:28:06.0945 5784 Wlansvc - ok
12:28:06.0992 5784 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:28:06.0992 5784 wlcrasvc - ok
12:28:07.0070 5784 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:28:07.0085 5784 wlidsvc - ok
12:28:07.0116 5784 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:28:07.0116 5784 WmiAcpi - ok
12:28:07.0132 5784 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:28:07.0132 5784 wmiApSrv - ok
12:28:07.0194 5784 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:28:07.0210 5784 WMPNetworkSvc - ok
12:28:07.0241 5784 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:28:07.0241 5784 WPCSvc - ok
12:28:07.0288 5784 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:28:07.0288 5784 WPDBusEnum - ok
12:28:07.0304 5784 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:28:07.0304 5784 ws2ifsl - ok
12:28:07.0335 5784 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
12:28:07.0366 5784 wscsvc - ok
12:28:07.0382 5784 WSearch - ok
12:28:07.0444 5784 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:28:07.0460 5784 wuauserv - ok
12:28:07.0491 5784 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:28:07.0491 5784 WudfPf - ok
12:28:07.0538 5784 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:28:07.0538 5784 WUDFRd - ok
12:28:07.0569 5784 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:28:07.0569 5784 wudfsvc - ok
12:28:07.0600 5784 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
12:28:07.0600 5784 WwanSvc - ok
12:28:07.0647 5784 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:28:07.0662 5784 YahooAUService - ok
12:28:07.0694 5784 ================ Scan global ===============================
12:28:07.0709 5784 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
12:28:07.0740 5784 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll
12:28:07.0787 5784 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll
12:28:07.0818 5784 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
12:28:07.0834 5784 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
12:28:07.0834 5784 [Global] - ok
12:28:07.0850 5784 ================ Scan MBR ==================================
12:28:07.0865 5784 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:28:08.0115 5784 \Device\Harddisk0\DR0 - ok
12:28:08.0130 5784 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
12:28:08.0988 5784 \Device\Harddisk5\DR5 - ok
12:28:08.0988 5784 ================ Scan VBR ==================================
12:28:08.0988 5784 [ E788520B84867FD1A51DDE728A207D06 ] \Device\Harddisk0\DR0\Partition1
12:28:09.0004 5784 \Device\Harddisk0\DR0\Partition1 - ok
12:28:09.0004 5784 [ 33805DC4B36295F7F99A59C51F60725A ] \Device\Harddisk0\DR0\Partition2
12:28:09.0020 5784 \Device\Harddisk0\DR0\Partition2 - ok
12:28:09.0020 5784 [ 675E6902482354F806C3BF38E1518E5B ] \Device\Harddisk5\DR5\Partition1
12:28:09.0020 5784 \Device\Harddisk5\DR5\Partition1 - ok
12:28:09.0020 5784 ============================================================
12:28:09.0020 5784 Scan finished
12:28:09.0020 5784 ============================================================
12:28:09.0035 4504 Detected object count: 0
12:28:09.0035 4504 Actual detected object count: 0
12:29:46.0561 2968 Deinitialize success

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:11 AM

Posted 28 December 2012 - 08:43 PM

Hi, you idi reset the Hosts,correct?
If you still have the issue run one more tool please.

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Reena

Reena
  • Topic Starter

  • Members
  • 391 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:06:11 AM

Posted 29 December 2012 - 11:32 AM

I have downloaded HJT .exe and got the same message It scans and I get a report but I don't know how to set up the means of reading the hosts file.



Here is the aswMBR report:


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-29 15:19:49
-----------------------------
15:19:49.356 OS Version: Windows 6.1.7601 Service Pack 1
15:19:49.356 Number of processors: 2 586 0x402
15:19:49.372 ComputerName: MAUREEN-PC UserName: Maureen
15:20:18.610 Initialize success
15:45:29.437 AVAST engine defs: 12122900
15:46:06.861 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:46:06.861 Disk 0 Vendor: SAMSUNG_HD103SI 1AG01118 Size: 953869MB BusType: 3
15:46:06.877 Disk 0 MBR read successfully
15:46:06.877 Disk 0 MBR scan
15:46:06.892 Disk 0 Windows 7 default MBR code
15:46:06.908 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
15:46:06.970 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
15:46:07.002 Disk 0 scanning sectors +1953521664
15:46:07.064 Disk 0 scanning C:\Windows\system32\drivers
15:46:20.262 Service scanning
15:46:32.648 Service MpKsl4966b6b4 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1FC1364B-BCF1-4E3F-9E98-1B79ACB137CD}\MpKsl4966b6b4.sys **LOCKED** 32
15:46:49.746 Modules scanning
15:46:57.015 Disk 0 trace - called modules:
15:46:57.514 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
15:46:57.530 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8633a4b8]
15:46:57.546 3 CLASSPNP.SYS[8bd7359e] -> nt!IofCallDriver -> [0x85e65f08]
15:46:57.546 5 ACPI.sys[833b03d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8556f908]
15:47:00.260 AVAST engine scan C:\Windows
15:47:05.470 AVAST engine scan C:\Windows\system32
15:50:33.455 AVAST engine scan C:\Windows\system32\drivers
15:50:51.443 AVAST engine scan C:\Users\Maureen
16:05:17.515 AVAST engine scan C:\ProgramData
16:07:10.631 Scan finished successfully
16:17:09.844 Disk 0 MBR has been saved successfully to "C:\Users\Maureen\Desktop\MBR.dat"
16:17:09.860 The log file has been saved successfully to "C:\Users\Maureen\Desktop\aswMBR.txt"
16:17:22.408 Disk 0 MBR has been saved successfully to "C:\Users\Maureen\Desktop\MBR.dat"
16:17:22.423 The log file has been saved successfully to "C:\Users\Maureen\Desktop\aswMBR.txt 2.txt"

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:11 AM

Posted 29 December 2012 - 08:50 PM

The HOSTS file is a text file that maps an IP address to a name. It has no extension and can be viewed using notepad.
  • Double-click on the HOSTS file.
  • A message will appear saying Windows can't open the file or Choose the program you want to open this file.
  • Scroll down the list of programs until you see Notepad.
  • Select it and click OK.
To view the Hosts file in Notepad automatically, go to Start > Run and type: notepad %windir%\system32\drivers\etc\hosts

Since the Hosts file is often used and altered by malware, some security programs (like Spybot S&D) will lock the file's read-only attributes as protection so it cannot be changed without your knowledge unless that feature is disabled.

The "system denied writes access" is normal when using HijackThis and other tools on Vista/Windows 7 due to the restrictions imposed by the Users Access Control (UAC). The HOSTS file is being protected. There is no need to worry about it and you can ignore the message when there is no evidence of malware infection.


That said HJT is somewhat considered an outdated tool and is no longer the toll of choice for Malware removal at BC.
I also see this version which should be uninstalled as it is the older version and using it would be dangerous... HiJackThis (Version: 1.0.0)
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Reena

Reena
  • Topic Starter

  • Members
  • 391 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:06:11 AM

Posted 30 December 2012 - 08:07 AM

My thanks to everyone who helped me, and, particularly to boopme ; much appreciated.

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:11 AM

Posted 30 December 2012 - 06:58 PM

Your welcome from us all. Have a great new year!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Reena

Reena
  • Topic Starter

  • Members
  • 391 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:06:11 AM

Posted 31 December 2012 - 10:30 AM




A HAPPY NEW YEAR TO ALL




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users