Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Exploit:Java/CVE-2012-5076


  • Please log in to reply
8 replies to this topic

#1 bomber1712

bomber1712

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wisconsin, USA
  • Local time:09:18 PM

Posted 30 December 2012 - 01:20 PM

I am running 64 bit Win7 Home Premium SP1. I was surfing to www.teamuscellular.com and noticed a redirect. Wasn't sure if it was something wrong with the site or my computer. I ran MBAM, SAS, and MSE full scan. SAS found some tracking cookies, and that was all.

When I restarted my computer, I noticed MSE "working". It stated that it was cleaning files. When I looked at the History, it showed "Exploit:Java/CVE-2012-5076" was prevented from running and quarantined. I read some info on it, checked and uninstalled my Java (was 6). I told MSE to remove the file. Upon restart, however, MSE gave the same message.

I ran MBAM, again, and it found nothing. Upon restart, MSE did not report it again. Can I assume that I am clean?

Can someone please help me to make sure I remove this thing for good? Thanks!

Edited by bomber1712, 30 December 2012 - 01:30 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,404 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:18 PM

Posted 30 December 2012 - 09:25 PM

Welcome bomber
If this detection is reported then it is likely that your computer has been compromised .

We can check a bit further for malwares neccessarily spotted by those.

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


>>>>
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



And I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 bomber1712

bomber1712
  • Topic Starter

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wisconsin, USA
  • Local time:09:18 PM

Posted 31 December 2012 - 09:15 AM

Thanks for your help boopme.


Here are the logs:

Minitoolbox
MiniToolBox by Farbar Version: 25-11-2012
Ran by Bomber (administrator) on 30-12-2012 at 21:15:37
Running from "C:\Users\Bomber\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\59PFVD48"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 1000 = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=10.0.0.41 metric=1 publish=Yes
add address name="Wireless Network Connection 3" address=192.168.16.2 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Bomber-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : westell.com

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 74-E5-0B-1D-6E-C5
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 74-E5-0B-1D-6E-C5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 1000
Physical Address. . . . . . . . . : 74-E5-0B-1D-6E-C4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9816:68af:48d7:a248%13(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.23(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, December 30, 2012 9:11:29 PM
Lease Expires . . . . . . . . . . : Monday, December 31, 2012 9:11:31 PM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 326427915
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-DC-3C-50-08-2E-5F-88-E6-AE
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 08-2E-5F-88-E6-AE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.westell.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:439:19d5:3089:7428(Preferred)
Link-local IPv6 Address . . . . . : fe80::439:19d5:3089:7428%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dslrouter.westell.com
Address: 10.0.0.1

Name: google.com
Addresses: 2607:f8b0:4009:800::1008
74.125.225.39
74.125.225.40
74.125.225.41
74.125.225.46
74.125.225.32
74.125.225.33
74.125.225.34
74.125.225.35
74.125.225.36
74.125.225.37
74.125.225.38


Pinging google.com [74.125.225.38] with 32 bytes of data:
Reply from 74.125.225.38: bytes=32 time=38ms TTL=55
Reply from 74.125.225.38: bytes=32 time=50ms TTL=55

Ping statistics for 74.125.225.38:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 38ms, Maximum = 50ms, Average = 44ms
Server: dslrouter.westell.com
Address: 10.0.0.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=58ms TTL=52
Reply from 98.138.253.109: bytes=32 time=203ms TTL=52

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 58ms, Maximum = 203ms, Average = 130ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...74 e5 0b 1d 6e c5 ......Microsoft Virtual WiFi Miniport Adapter #2
14...74 e5 0b 1d 6e c5 ......Microsoft Virtual WiFi Miniport Adapter
13...74 e5 0b 1d 6e c4 ......Intel® Centrino® Wireless-N 1000
11...08 2e 5f 88 e6 ae ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.23 25
10.0.0.0 255.255.255.0 On-link 10.0.0.23 281
10.0.0.23 255.255.255.255 On-link 10.0.0.23 281
10.0.0.255 255.255.255.255 On-link 10.0.0.23 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 10.0.0.41 10.0.0.23 26
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.23 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.23 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
169.254.0.0 255.255.0.0 10.0.0.41 1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
18 58 ::/0 On-link
1 306 ::1/128 On-link
18 58 2001::/32 On-link
18 306 2001:0:9d38:953c:439:19d5:3089:7428/128
On-link
13 281 fe80::/64 On-link
18 306 fe80::/64 On-link
18 306 fe80::439:19d5:3089:7428/128
On-link
13 281 fe80::9816:68af:48d7:a248/128
On-link
1 306 ff00::/8 On-link
18 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/30/2012 09:11:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2012 08:41:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2012 00:46:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2012 00:21:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2012 00:11:50 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/30/2012 00:11:50 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/30/2012 00:11:50 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/30/2012 00:11:50 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (12/30/2012 00:11:50 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/30/2012 00:11:50 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)


System errors:
=============
Error: (12/30/2012 00:11:50 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (12/30/2012 00:11:50 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (12/28/2012 00:40:00 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (12/26/2012 09:36:26 PM) (Source: DCOM) (User: Bomber-HP)
Description: application-specificLocalActivation{D3DCB472-7261-43CE-924B-0704BD730D5F}{D3DCB472-7261-43CE-924B-0704BD730D5F}Bomber-HPBomberS-1-5-21-3088581911-2625412762-2777078570-1000LocalHost (Using LRPC)

Error: (12/26/2012 09:36:26 PM) (Source: DCOM) (User: Bomber-HP)
Description: application-specificLocalActivation{145B4335-FE2A-4927-A040-7C35AD3180EF}{145B4335-FE2A-4927-A040-7C35AD3180EF}Bomber-HPBomberS-1-5-21-3088581911-2625412762-2777078570-1000LocalHost (Using LRPC)

Error: (12/26/2012 09:29:31 PM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (12/26/2012 09:28:52 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (12/26/2012 00:11:49 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

Error: (12/25/2012 07:51:03 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (12/24/2012 00:15:41 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (12/30/2012 09:11:27 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2012 08:41:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2012 00:46:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2012 00:21:52 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2012 00:11:50 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/30/2012 00:11:50 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/30/2012 00:11:50 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/30/2012 00:11:50 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (12/30/2012 00:11:50 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (12/30/2012 00:11:50 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)


CodeIntegrity Errors:
===================================
Date: 2012-12-30 12:06:12.815
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\WinSxS\x86_microsoft-windows-webservices_31bf3856ad364e35_6.2.9200.16384_none_0b27641a00190493\webservices.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-12-30 12:06:12.794
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\WinSxS\x86_microsoft-windows-webservices_31bf3856ad364e35_6.2.9200.16384_none_0b27641a00190493\webservices.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-12-30 12:06:12.780
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\WinSxS\x86_microsoft-windows-webservices_31bf3856ad364e35_6.2.9200.16384_none_0b27641a00190493\webservices.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-12-30 12:06:12.514
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\WinSxS\x86_microsoft-windows-webcamexperience_31bf3856ad364e35_6.2.9200.16384_none_6993dc2a7d34dbae\CameraSettingsUIHost.exe because the set of per-page image hashes could not be found on the system.

Date: 2012-12-30 12:06:12.512
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\WinSxS\x86_microsoft-windows-webcamexperience_31bf3856ad364e35_6.2.9200.16384_none_6993dc2a7d34dbae\CameraSettingsUIHost.exe because the set of per-page image hashes could not be found on the system.

Date: 2012-12-30 12:06:12.510
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\WinSxS\x86_microsoft-windows-webcamexperience_31bf3856ad364e35_6.2.9200.16384_none_6993dc2a7d34dbae\CameraSettingsUIHost.exe because the set of per-page image hashes could not be found on the system.

Date: 2012-12-30 12:06:08.465
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\WinSxS\x86_microsoft-windows-userenv_31bf3856ad364e35_6.2.9200.16384_none_8ceb76541ca99e63\userenv.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-12-30 12:06:08.418
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\WinSxS\x86_microsoft-windows-userenv_31bf3856ad364e35_6.2.9200.16384_none_8ceb76541ca99e63\userenv.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-12-30 12:06:08.373
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\WinSxS\x86_microsoft-windows-userenv_31bf3856ad364e35_6.2.9200.16384_none_8ceb76541ca99e63\userenv.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-12-30 12:06:07.900
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\WinSxS\x86_microsoft-windows-usercpl-usermgrbroker_31bf3856ad364e35_6.2.9200.16384_none_13571d40a61e6d8c\UserAccountBroker.exe because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Acrobat 9 Pro (Version: 9.5.2)
Adobe Acrobat 9.5.2 - CPSID_83708
Adobe Flash Player 11 ActiveX (Version: 11.5.502.135)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
AMD APP SDK Runtime (Version: 2.5.709.2)
AMD Catalyst Install Manager (Version: 3.0.838.0)
Auslogics Disk Defrag (Version: version 3.3)
AuthenTec TrueAPI (Version: 1.3.0.144)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bejeweled 3 (Version: 2.2.0.95)
Bing Bar (Version: 7.1.391.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.95)
Blio (Version: 2.2.7689)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP560 series MP Drivers
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0930.2209.37895)
Catalyst Control Center Graphics Previews Common (Version: 2011.0930.2209.37895)
Catalyst Control Center InstallProxy (Version: 2011.0930.2209.37895)
Catalyst Control Center Localization All (Version: 2011.0930.2209.37895)
Catalyst Control Center Profiles Mobile (Version: 2011.0930.2209.37895)
ccc-utility64 (Version: 2011.0930.2209.37895)
CCC Help Chinese Standard (Version: 2011.0930.2208.37895)
CCC Help Chinese Traditional (Version: 2011.0930.2208.37895)
CCC Help Czech (Version: 2011.0930.2208.37895)
CCC Help Danish (Version: 2011.0930.2208.37895)
CCC Help Dutch (Version: 2011.0930.2208.37895)
CCC Help English (Version: 2011.0930.2208.37895)
CCC Help Finnish (Version: 2011.0930.2208.37895)
CCC Help French (Version: 2011.0930.2208.37895)
CCC Help German (Version: 2011.0930.2208.37895)
CCC Help Greek (Version: 2011.0930.2208.37895)
CCC Help Hungarian (Version: 2011.0930.2208.37895)
CCC Help Italian (Version: 2011.0930.2208.37895)
CCC Help Japanese (Version: 2011.0930.2208.37895)
CCC Help Korean (Version: 2011.0930.2208.37895)
CCC Help Norwegian (Version: 2011.0930.2208.37895)
CCC Help Polish (Version: 2011.0930.2208.37895)
CCC Help Portuguese (Version: 2011.0930.2208.37895)
CCC Help Russian (Version: 2011.0930.2208.37895)
CCC Help Spanish (Version: 2011.0930.2208.37895)
CCC Help Swedish (Version: 2011.0930.2208.37895)
CCC Help Thai (Version: 2011.0930.2208.37895)
CCC Help Turkish (Version: 2011.0930.2208.37895)
CCleaner (Version: 3.26)
Chuzzle Deluxe (Version: 2.2.0.95)
CutePDF Writer 2.8
CyberLink YouCam (Version: 3.5.1.3922)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
Dropbox (Version: 1.6.11)
Energy Star Digital Logo (Version: 1.0.1)
ESU for Microsoft Windows 7 (Version: 1.0.0)
Evernote v. 4.6 (Version: 4.6.0.7670)
Farm Frenzy (Version: 2.2.0.95)
FATE - The Traitor Soul (Version: 2.2.0.95)
Freemake Video Converter version 3.1.2 (Version: 3.1.2)
Glary Utilities 2.51.0.1666 (Version: 2.51.0.1666)
Google Drive (Version: 1.6.3837.2778)
Google Update Helper (Version: 1.3.21.123)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.1.16.1)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Connection Manager (Version: 4.1.23.1)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.1.0.0)
HP DVB-T TV Tuner 8.0.64.43 (Version: 8.0.64.43)
HP Games (Version: 1.0.2.4)
HP MovieStore (Version: 1.0.047)
HP MovieStore (Version: 2.0)
HP On Screen Display (Version: 1.1.2)
HP Power Manager (Version: 1.4.8)
HP Quick Launch (Version: 2.7.2)
HP Setup (Version: 8.6.4530.3651)
HP Setup Manager (Version: 1.1.13253.3682)
HP SimplePass 2011 (Version: 5.3.0.273)
HP Software Framework (Version: 4.5.10.1)
IDT Audio (Version: 1.0.6418.0)
ImgBurn (Version: 2.5.7.0)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Display Audio Driver (Version: 6.14.00.3074)
Intel® Identity Protection Technology 1.2.22.0 (Version: 1.2.22.0)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.1.0.0096)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
Intel® WiDi (Version: 2.1.39.0)
Intel® Wireless Display
Intel® PROSet/Wireless WiFi Software (Version: 15.01.0500.0903)
Java 7 Update 10 (Version: 7.0.100)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Junk Mail filter update (Version: 15.4.3502.0922)
Kies Air Discovery Service
Macrium Reflect Free Edition (Version: 5.0.5154)
Magic Desktop (Version: 3.0)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.5131.5000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Picture It! Photo Premium 9 (Version: 9.0.0.0000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MotoHelper 2.0.51 Driver 5.1.0 (Version: 2.0.51)
MotoHelper MergeModules (Version: 1.2.0)
MOTOROLA MEDIA LINK (Version: 1.5.4090.2)
Motorola Mobile Drivers Installation 5.1.0 (Version: 5.1.0)
Mozilla Thunderbird 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Thunderbird 17.0 (x86 en-US) (Version: 17.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - Stolen in San Francisco (Version: 2.2.0.95)
Namco All-Stars PAC-MAN (Version: 2.2.0.95)
OverDrive Media Console (Version: 3.2.20)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
PX Profile Update (Version: 1.00.1.)
Realtek Ethernet Controller Driver (Version: 7.41.216.2011)
Realtek PCIE Card Reader (Version: 6.1.7601.83)
Recovery Manager (Version: 2.0.0)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.1.19.0)
Revo Uninstaller 1.94 (Version: 1.94)
RoxioNow Player (Version: 1.9.5.103)
Skype™ 6.0 (Version: 6.0.120)
Slingo Supreme (Version: 2.2.0.95)
Sweet Home 3D
swMSM (Version: 12.0.0.1)
Synaptics TouchPad Driver (Version: 15.3.29.0)
TeamViewer 7 (Version: 7.0.13989)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.3351)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0496)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0222)
TurboTax 2011 wrapper (Version: 011.000.0121)
TurboTax 2011 wwiiper (Version: 011.000.1840)
TurboTax 2012 (Version: 2012.0)
TurboTax 2012 WinPerFedFormset (Version: 012.000.1434)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0347)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0152)
TurboTax 2012 wrapper (Version: 012.000.0126)
Ubuntu One (Version: 3.0.2b)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
Validity WBF DDK (Version: 4.3.205.0)
VIP Access SDK (1.1.0.4) (Version: 1.1.0.4)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Wheel of Fortune 2 (Version: 2.2.0.95)
WildTangent Games App (HP Games) (Version: 4.0.5.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 6091.86 MB
Available physical RAM: 3705.84 MB
Total Pagefile: 12181.91 MB
Available Pagefile: 9364.71 MB
Total Virtual: 4095.88 MB
Available Virtual: 3957.04 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:583.67 GB) (Free:475.98 GB) NTFS
2 Drive d: () (Fixed) (Total:114.67 GB) (Free:88.22 GB) NTFS

========================= Users: ========================================

User accounts for \\BOMBER-HP

Administrator Bomber Guest
Logan Nikki Noah


**** End of log ****


TDSSkiller Log

21:17:18.0024 2756 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:17:18.0392 2756 ============================================================
21:17:18.0392 2756 Current date / time: 2012/12/30 21:17:18.0392
21:17:18.0392 2756 SystemInfo:
21:17:18.0392 2756
21:17:18.0392 2756 OS Version: 6.1.7601 ServicePack: 1.0
21:17:18.0392 2756 Product type: Workstation
21:17:18.0393 2756 ComputerName: BOMBER-HP
21:17:18.0393 2756 UserName: Bomber
21:17:18.0393 2756 Windows directory: C:\Windows
21:17:18.0393 2756 System windows directory: C:\Windows
21:17:18.0393 2756 Running under WOW64
21:17:18.0393 2756 Processor architecture: Intel x64
21:17:18.0393 2756 Number of processors: 8
21:17:18.0393 2756 Page size: 0x1000
21:17:18.0393 2756 Boot type: Normal boot
21:17:18.0393 2756 ============================================================
21:17:20.0390 2756 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:17:20.0395 2756 ============================================================
21:17:20.0395 2756 \Device\Harddisk0\DR0:
21:17:20.0396 2756 MBR partitions:
21:17:20.0396 2756 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
21:17:20.0396 2756 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48F56800
21:17:20.0396 2756 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x48FBA800, BlocksNum 0xE558000
21:17:20.0396 2756 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x57512800, BlocksNum 0x336F0
21:17:20.0396 2756 ============================================================
21:17:20.0419 2756 C: <-> \Device\Harddisk0\DR0\Partition2
21:17:20.0459 2756 D: <-> \Device\Harddisk0\DR0\Partition3
21:17:20.0459 2756 ============================================================
21:17:20.0459 2756 Initialize success
21:17:20.0459 2756 ============================================================
21:17:38.0503 3300 ============================================================
21:17:38.0503 3300 Scan started
21:17:38.0503 3300 Mode: Manual; TDLFS;
21:17:38.0503 3300 ============================================================
21:17:40.0030 3300 ================ Scan system memory ========================
21:17:40.0030 3300 System memory - ok
21:17:40.0031 3300 ================ Scan services =============================
21:17:40.0327 3300 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:17:40.0334 3300 1394ohci - ok
21:17:40.0366 3300 [ 733CA4DF8BE48A1009B86FA442551CA4 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
21:17:40.0368 3300 Accelerometer - ok
21:17:40.0412 3300 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:17:40.0419 3300 ACPI - ok
21:17:40.0452 3300 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:17:40.0454 3300 AcpiPmi - ok
21:17:40.0570 3300 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:17:40.0572 3300 AdobeARMservice - ok
21:17:40.0799 3300 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:17:40.0805 3300 AdobeFlashPlayerUpdateSvc - ok
21:17:40.0868 3300 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:17:40.0879 3300 adp94xx - ok
21:17:40.0906 3300 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:17:40.0906 3300 adpahci - ok
21:17:40.0943 3300 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:17:40.0948 3300 adpu320 - ok
21:17:40.0990 3300 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:17:40.0993 3300 AeLookupSvc - ok
21:17:41.0153 3300 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
21:17:41.0156 3300 AESTFilters - ok
21:17:41.0209 3300 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:17:41.0219 3300 AFD - ok
21:17:41.0244 3300 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:17:41.0247 3300 agp440 - ok
21:17:41.0280 3300 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:17:41.0284 3300 ALG - ok
21:17:41.0320 3300 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:17:41.0322 3300 aliide - ok
21:17:41.0357 3300 [ C53D784D7303C463D004C0D5782917B4 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:17:41.0362 3300 AMD External Events Utility - ok
21:17:41.0369 3300 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:17:41.0371 3300 amdide - ok
21:17:41.0407 3300 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:17:41.0410 3300 AmdK8 - ok
21:17:41.0869 3300 [ 06778049A44C316E8D016039B9D14667 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:17:42.0118 3300 amdkmdag - ok
21:17:42.0172 3300 [ 94B4028F0EEA1F166D78186A254676B5 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:17:42.0177 3300 amdkmdap - ok
21:17:42.0218 3300 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:17:42.0221 3300 AmdPPM - ok
21:17:42.0263 3300 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:17:42.0266 3300 amdsata - ok
21:17:42.0276 3300 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:17:42.0280 3300 amdsbs - ok
21:17:42.0301 3300 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:17:42.0302 3300 amdxata - ok
21:17:42.0344 3300 [ 157B1C973637919DCD0D0464167C86BA ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
21:17:42.0349 3300 AMPPAL - ok
21:17:42.0379 3300 [ 157B1C973637919DCD0D0464167C86BA ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
21:17:42.0382 3300 AMPPALP - ok
21:17:42.0447 3300 [ FB70F8C1283C8CC6BFAA6F9971107E68 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
21:17:42.0450 3300 AMPPALR3 - ok
21:17:42.0510 3300 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:17:42.0513 3300 AppID - ok
21:17:42.0537 3300 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:17:42.0539 3300 AppIDSvc - ok
21:17:42.0554 3300 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:17:42.0556 3300 Appinfo - ok
21:17:42.0585 3300 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
21:17:42.0588 3300 arc - ok
21:17:42.0595 3300 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:17:42.0598 3300 arcsas - ok
21:17:42.0616 3300 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:17:42.0618 3300 AsyncMac - ok
21:17:42.0636 3300 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:17:42.0637 3300 atapi - ok
21:17:42.0719 3300 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:17:42.0733 3300 AudioEndpointBuilder - ok
21:17:42.0749 3300 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:17:42.0759 3300 AudioSrv - ok
21:17:42.0794 3300 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:17:42.0798 3300 AxInstSV - ok
21:17:42.0850 3300 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:17:42.0861 3300 b06bdrv - ok
21:17:42.0894 3300 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:17:42.0901 3300 b57nd60a - ok
21:17:42.0984 3300 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
21:17:42.0988 3300 BBSvc - ok
21:17:43.0030 3300 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
21:17:43.0035 3300 BBUpdate - ok
21:17:43.0095 3300 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
21:17:43.0113 3300 BCM43XX - ok
21:17:43.0169 3300 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:17:43.0173 3300 BDESVC - ok
21:17:43.0216 3300 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:17:43.0218 3300 Beep - ok
21:17:43.0272 3300 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:17:43.0285 3300 BFE - ok
21:17:43.0334 3300 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:17:43.0353 3300 BITS - ok
21:17:43.0375 3300 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
21:17:43.0375 3300 blbdrive - ok
21:17:43.0414 3300 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:17:43.0417 3300 bowser - ok
21:17:43.0440 3300 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:17:43.0442 3300 BrFiltLo - ok
21:17:43.0460 3300 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:17:43.0476 3300 BrFiltUp - ok
21:17:43.0508 3300 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:17:43.0512 3300 Browser - ok
21:17:43.0542 3300 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:17:43.0548 3300 Brserid - ok
21:17:43.0555 3300 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:17:43.0558 3300 BrSerWdm - ok
21:17:43.0569 3300 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:17:43.0571 3300 BrUsbMdm - ok
21:17:43.0590 3300 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:17:43.0592 3300 BrUsbSer - ok
21:17:43.0636 3300 [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
21:17:43.0637 3300 BTCFilterService - ok
21:17:43.0674 3300 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:17:43.0677 3300 BTHMODEM - ok
21:17:43.0703 3300 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:17:43.0719 3300 bthserv - ok
21:17:43.0765 3300 [ FA2D081709A764F6BEE16B7FFE03E36C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
21:17:43.0769 3300 BTHSSecurityMgr - ok
21:17:43.0812 3300 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:17:43.0816 3300 cdfs - ok
21:17:43.0840 3300 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:17:43.0845 3300 cdrom - ok
21:17:43.0887 3300 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:17:43.0891 3300 CertPropSvc - ok
21:17:43.0927 3300 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:17:43.0929 3300 circlass - ok
21:17:43.0950 3300 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:17:43.0958 3300 CLFS - ok
21:17:44.0076 3300 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:17:44.0080 3300 clr_optimization_v2.0.50727_32 - ok
21:17:44.0136 3300 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:17:44.0138 3300 clr_optimization_v2.0.50727_64 - ok
21:17:44.0199 3300 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:17:44.0202 3300 clr_optimization_v4.0.30319_32 - ok
21:17:44.0239 3300 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:17:44.0243 3300 clr_optimization_v4.0.30319_64 - ok
21:17:44.0277 3300 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
21:17:44.0279 3300 clwvd - ok
21:17:44.0319 3300 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:17:44.0320 3300 CmBatt - ok
21:17:44.0333 3300 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:17:44.0335 3300 cmdide - ok
21:17:44.0382 3300 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:17:44.0391 3300 CNG - ok
21:17:44.0430 3300 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:17:44.0432 3300 Compbatt - ok
21:17:44.0469 3300 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:17:44.0472 3300 CompositeBus - ok
21:17:44.0489 3300 COMSysApp - ok
21:17:44.0508 3300 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:17:44.0509 3300 crcdisk - ok
21:17:44.0561 3300 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:17:44.0567 3300 CryptSvc - ok
21:17:44.0716 3300 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:17:44.0729 3300 cvhsvc - ok
21:17:44.0806 3300 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:17:44.0820 3300 DcomLaunch - ok
21:17:44.0867 3300 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:17:44.0875 3300 defragsvc - ok
21:17:44.0988 3300 [ 0259948FFE5F7E69CD1D8A8E74E0547C ] DeviceMonitorService C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
21:17:44.0991 3300 DeviceMonitorService - ok
21:17:45.0014 3300 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:17:45.0017 3300 DfsC - ok
21:17:45.0060 3300 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:17:45.0068 3300 Dhcp - ok
21:17:45.0078 3300 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:17:45.0078 3300 discache - ok
21:17:45.0105 3300 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
21:17:45.0105 3300 Disk - ok
21:17:45.0152 3300 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:17:45.0157 3300 Dnscache - ok
21:17:45.0181 3300 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:17:45.0191 3300 dot3svc - ok
21:17:45.0215 3300 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:17:45.0219 3300 DPS - ok
21:17:45.0248 3300 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:17:45.0250 3300 drmkaud - ok
21:17:45.0298 3300 [ A4F408AD1065C7AD2ED332C68025B435 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:17:45.0311 3300 DXGKrnl - ok
21:17:45.0351 3300 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:17:45.0355 3300 EapHost - ok
21:17:45.0555 3300 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:17:45.0641 3300 ebdrv - ok
21:17:45.0733 3300 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:17:45.0737 3300 EFS - ok
21:17:45.0809 3300 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:17:45.0823 3300 ehRecvr - ok
21:17:45.0841 3300 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:17:45.0845 3300 ehSched - ok
21:17:45.0896 3300 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:17:45.0908 3300 elxstor - ok
21:17:45.0922 3300 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:17:45.0924 3300 ErrDev - ok
21:17:45.0994 3300 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:17:46.0003 3300 EventSystem - ok
21:17:46.0089 3300 [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:17:46.0133 3300 EvtEng - ok
21:17:46.0171 3300 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:17:46.0174 3300 exfat - ok
21:17:46.0189 3300 ezSharedSvc - ok
21:17:46.0210 3300 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:17:46.0216 3300 fastfat - ok
21:17:46.0270 3300 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:17:46.0274 3300 Fax - ok
21:17:46.0308 3300 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
21:17:46.0310 3300 fdc - ok
21:17:46.0323 3300 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:17:46.0325 3300 fdPHost - ok
21:17:46.0335 3300 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:17:46.0335 3300 FDResPub - ok
21:17:46.0365 3300 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:17:46.0368 3300 FileInfo - ok
21:17:46.0391 3300 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:17:46.0393 3300 Filetrace - ok
21:17:46.0452 3300 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:17:46.0572 3300 FLEXnet Licensing Service - ok
21:17:46.0595 3300 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:17:46.0596 3300 flpydisk - ok
21:17:46.0618 3300 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:17:46.0625 3300 FltMgr - ok
21:17:46.0664 3300 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:17:46.0682 3300 FontCache - ok
21:17:46.0720 3300 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:17:46.0722 3300 FontCache3.0.0.0 - ok
21:17:46.0787 3300 [ 6AA4E6B4EA50620AB622A048394C4AA2 ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
21:17:46.0793 3300 FPLService - ok
21:17:46.0808 3300 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:17:46.0811 3300 FsDepends - ok
21:17:46.0841 3300 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:17:46.0843 3300 Fs_Rec - ok
21:17:46.0861 3300 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:17:46.0878 3300 fvevol - ok
21:17:46.0903 3300 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:17:46.0906 3300 gagp30kx - ok
21:17:46.0966 3300 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
21:17:46.0973 3300 GamesAppService - ok
21:17:47.0022 3300 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:17:47.0039 3300 gpsvc - ok
21:17:47.0133 3300 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:17:47.0136 3300 gupdate - ok
21:17:47.0142 3300 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:17:47.0144 3300 gupdatem - ok
21:17:47.0187 3300 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:17:47.0188 3300 hcw85cir - ok
21:17:47.0234 3300 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:17:47.0242 3300 HdAudAddService - ok
21:17:47.0282 3300 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:17:47.0284 3300 HDAudBus - ok
21:17:47.0304 3300 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:17:47.0306 3300 HidBatt - ok
21:17:47.0327 3300 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:17:47.0330 3300 HidBth - ok
21:17:47.0372 3300 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
21:17:47.0374 3300 HidIr - ok
21:17:47.0411 3300 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:17:47.0414 3300 hidserv - ok
21:17:47.0458 3300 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:17:47.0461 3300 HidUsb - ok
21:17:47.0492 3300 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:17:47.0497 3300 hkmsvc - ok
21:17:47.0541 3300 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:17:47.0548 3300 HomeGroupListener - ok
21:17:47.0617 3300 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:17:47.0624 3300 HomeGroupProvider - ok
21:17:47.0708 3300 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
21:17:47.0711 3300 HP Support Assistant Service - ok
21:17:47.0748 3300 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
21:17:47.0756 3300 HPClientSvc - ok
21:17:47.0833 3300 [ 8F123D1FA65ADECEA0244C615EA95DFA ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
21:17:47.0854 3300 hpCMSrv - ok
21:17:47.0895 3300 [ BDFE112FA2F3422842E83DA631065B37 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
21:17:47.0896 3300 hpdskflt - ok
21:17:48.0019 3300 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
21:17:48.0051 3300 hpqwmiex - ok
21:17:48.0088 3300 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:17:48.0091 3300 HpSAMD - ok
21:17:48.0126 3300 [ A92D6DE158BC0671D9336580F6414044 ] hpsrv C:\Windows\system32\Hpservice.exe
21:17:48.0129 3300 hpsrv - ok
21:17:48.0198 3300 [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
21:17:48.0200 3300 HPWMISVC - ok
21:17:48.0261 3300 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:17:48.0276 3300 HTTP - ok
21:17:48.0293 3300 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:17:48.0295 3300 hwpolicy - ok
21:17:48.0315 3300 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:17:48.0315 3300 i8042prt - ok
21:17:48.0379 3300 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:17:48.0388 3300 iaStor - ok
21:17:48.0559 3300 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
21:17:48.0561 3300 IAStorDataMgrSvc - ok
21:17:48.0618 3300 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:17:48.0627 3300 iaStorV - ok
21:17:48.0757 3300 [ D72BF0AE484F88399E8343E821C10D6A ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
21:17:48.0922 3300 IconMan_R - ok
21:17:48.0980 3300 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:17:48.0998 3300 idsvc - ok
21:17:49.0046 3300 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:17:49.0048 3300 iirsp - ok
21:17:49.0094 3300 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:17:49.0111 3300 IKEEXT - ok
21:17:49.0146 3300 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:17:49.0146 3300 intaud_WaveExtensible - ok
21:17:49.0198 3300 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:17:49.0205 3300 IntcDAud - ok
21:17:49.0235 3300 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:17:49.0237 3300 intelide - ok
21:17:49.0908 3300 [ 33FAA40B288002C89529DBD14F3AB72C ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
21:17:50.0163 3300 intelkmd - ok
21:17:50.0188 3300 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:17:50.0188 3300 intelppm - ok
21:17:50.0275 3300 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
21:17:50.0277 3300 IntuitUpdateServiceV4 - ok
21:17:50.0311 3300 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:17:50.0314 3300 IPBusEnum - ok
21:17:50.0336 3300 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:17:50.0339 3300 IpFilterDriver - ok
21:17:50.0406 3300 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:17:50.0419 3300 iphlpsvc - ok
21:17:50.0442 3300 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:17:50.0446 3300 IPMIDRV - ok
21:17:50.0454 3300 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:17:50.0458 3300 IPNAT - ok
21:17:50.0490 3300 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:17:50.0492 3300 IRENUM - ok
21:17:50.0522 3300 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:17:50.0524 3300 isapnp - ok
21:17:50.0550 3300 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:17:50.0557 3300 iScsiPrt - ok
21:17:50.0586 3300 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
21:17:50.0586 3300 iwdbus - ok
21:17:50.0671 3300 [ 5A9894E80575647DC77A7D1954B05CE7 ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
21:17:50.0675 3300 jhi_service - ok
21:17:50.0699 3300 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:17:50.0701 3300 kbdclass - ok
21:17:50.0731 3300 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:17:50.0733 3300 kbdhid - ok
21:17:50.0746 3300 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:17:50.0748 3300 KeyIso - ok
21:17:50.0785 3300 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:17:50.0788 3300 KSecDD - ok
21:17:50.0814 3300 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:17:50.0818 3300 KSecPkg - ok
21:17:50.0836 3300 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:17:50.0837 3300 ksthunk - ok
21:17:50.0856 3300 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:17:50.0879 3300 KtmRm - ok
21:17:50.0922 3300 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:17:50.0931 3300 LanmanServer - ok
21:17:50.0962 3300 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:17:50.0969 3300 LanmanWorkstation - ok
21:17:50.0996 3300 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:17:50.0999 3300 lltdio - ok
21:17:51.0038 3300 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:17:51.0046 3300 lltdsvc - ok
21:17:51.0074 3300 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:17:51.0074 3300 lmhosts - ok
21:17:51.0146 3300 [ D7E0BED3EA21D7BDDD410ADE51708D90 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:17:51.0153 3300 LMS - ok
21:17:51.0197 3300 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:17:51.0200 3300 LSI_FC - ok
21:17:51.0225 3300 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:17:51.0229 3300 LSI_SAS - ok
21:17:51.0246 3300 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:17:51.0249 3300 LSI_SAS2 - ok
21:17:51.0256 3300 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:17:51.0259 3300 LSI_SCSI - ok
21:17:51.0259 3300 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:17:51.0277 3300 luafv - ok
21:17:51.0319 3300 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:17:51.0324 3300 Mcx2Svc - ok
21:17:51.0346 3300 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
21:17:51.0349 3300 megasas - ok
21:17:51.0362 3300 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:17:51.0368 3300 MegaSR - ok
21:17:51.0431 3300 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:17:51.0433 3300 MEIx64 - ok
21:17:51.0501 3300 Microsoft SharePoint Workspace Audit Service - ok
21:17:51.0531 3300 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:17:51.0536 3300 MMCSS - ok
21:17:51.0560 3300 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:17:51.0562 3300 Modem - ok
21:17:51.0587 3300 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:17:51.0588 3300 monitor - ok
21:17:51.0643 3300 [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
21:17:51.0646 3300 motccgp - ok
21:17:51.0680 3300 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
21:17:51.0682 3300 motccgpfl - ok
21:17:51.0724 3300 [ 060F0EF84F430802DF3788F3DCFD009C ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
21:17:51.0726 3300 motmodem - ok
21:17:51.0801 3300 [ 3BBC6C2402242401F791548AAEBF3D39 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
21:17:51.0921 3300 MotoHelper - ok
21:17:51.0946 3300 [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
21:17:51.0948 3300 MotoSwitchService - ok
21:17:52.0000 3300 [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys
21:17:52.0002 3300 Motousbnet - ok
21:17:52.0045 3300 [ 307727F9829FB46FF4BE0E4D1DAC5002 ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys
21:17:52.0047 3300 motusbdevice - ok
21:17:52.0082 3300 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:17:52.0084 3300 mouclass - ok
21:17:52.0102 3300 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
21:17:52.0104 3300 mouhid - ok
21:17:52.0140 3300 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:17:52.0143 3300 mountmgr - ok
21:17:52.0223 3300 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:17:52.0229 3300 MpFilter - ok
21:17:52.0246 3300 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:17:52.0250 3300 mpio - ok
21:17:52.0271 3300 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:17:52.0273 3300 mpsdrv - ok
21:17:52.0322 3300 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:17:52.0338 3300 MpsSvc - ok
21:17:52.0363 3300 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:17:52.0367 3300 MRxDAV - ok
21:17:52.0395 3300 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:17:52.0399 3300 mrxsmb - ok
21:17:52.0435 3300 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:17:52.0442 3300 mrxsmb10 - ok
21:17:52.0462 3300 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:17:52.0465 3300 mrxsmb20 - ok
21:17:52.0480 3300 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:17:52.0482 3300 msahci - ok
21:17:52.0495 3300 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:17:52.0495 3300 msdsm - ok
21:17:52.0522 3300 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:17:52.0522 3300 MSDTC - ok
21:17:52.0568 3300 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:17:52.0570 3300 Msfs - ok
21:17:52.0579 3300 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:17:52.0581 3300 mshidkmdf - ok
21:17:52.0600 3300 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:17:52.0601 3300 msisadrv - ok
21:17:52.0648 3300 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:17:52.0654 3300 MSiSCSI - ok
21:17:52.0660 3300 msiserver - ok
21:17:52.0690 3300 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:17:52.0692 3300 MSKSSRV - ok
21:17:52.0764 3300 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
21:17:52.0765 3300 MsMpSvc - ok
21:17:52.0800 3300 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:17:52.0803 3300 MSPCLOCK - ok
21:17:52.0820 3300 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:17:52.0822 3300 MSPQM - ok
21:17:52.0840 3300 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:17:52.0848 3300 MsRPC - ok
21:17:52.0873 3300 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:17:52.0875 3300 mssmbios - ok
21:17:52.0898 3300 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:17:52.0900 3300 MSTEE - ok
21:17:52.0921 3300 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:17:52.0924 3300 MTConfig - ok
21:17:52.0939 3300 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:17:52.0941 3300 Mup - ok
21:17:52.0988 3300 [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:17:53.0094 3300 MyWiFiDHCPDNS - ok
21:17:53.0134 3300 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:17:53.0142 3300 napagent - ok
21:17:53.0188 3300 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:17:53.0193 3300 NativeWifiP - ok
21:17:53.0280 3300 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:17:53.0297 3300 NDIS - ok
21:17:53.0327 3300 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:17:53.0329 3300 NdisCap - ok
21:17:53.0381 3300 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:17:53.0383 3300 NdisTapi - ok
21:17:53.0404 3300 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:17:53.0407 3300 Ndisuio - ok
21:17:53.0424 3300 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:17:53.0428 3300 NdisWan - ok
21:17:53.0445 3300 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:17:53.0448 3300 NDProxy - ok
21:17:53.0476 3300 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:17:53.0479 3300 NetBIOS - ok
21:17:53.0501 3300 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:17:53.0507 3300 NetBT - ok
21:17:53.0535 3300 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:17:53.0537 3300 Netlogon - ok
21:17:53.0576 3300 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:17:53.0584 3300 Netman - ok
21:17:53.0615 3300 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:17:53.0626 3300 netprofm - ok
21:17:53.0655 3300 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:17:53.0659 3300 NetTcpPortSharing - ok
21:17:53.0972 3300 [ FAD6C5610D020534401966CD72A1C306 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
21:17:54.0186 3300 NETwNs64 - ok
21:17:54.0217 3300 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:17:54.0220 3300 nfrd960 - ok
21:17:54.0260 3300 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:17:54.0263 3300 NisDrv - ok
21:17:54.0286 3300 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
21:17:54.0294 3300 NisSrv - ok
21:17:54.0322 3300 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:17:54.0328 3300 NlaSvc - ok
21:17:54.0351 3300 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:17:54.0353 3300 Npfs - ok
21:17:54.0376 3300 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:17:54.0381 3300 nsi - ok
21:17:54.0398 3300 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:17:54.0400 3300 nsiproxy - ok
21:17:54.0471 3300 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:17:54.0503 3300 Ntfs - ok
21:17:54.0519 3300 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:17:54.0521 3300 Null - ok
21:17:54.0560 3300 [ 9A33100AC62A0463C49E47EE8E77083A ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
21:17:54.0563 3300 nusb3hub - ok
21:17:54.0600 3300 [ 87C321F7BEE646B7EC6EEDD6EB725741 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
21:17:54.0606 3300 nusb3xhc - ok
21:17:54.0636 3300 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
21:17:54.0639 3300 NVENETFD - ok
21:17:54.0663 3300 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:17:54.0668 3300 nvraid - ok
21:17:54.0692 3300 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:17:54.0697 3300 nvstor - ok
21:17:54.0711 3300 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:17:54.0716 3300 nv_agp - ok
21:17:54.0721 3300 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:17:54.0737 3300 ohci1394 - ok
21:17:54.0784 3300 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:17:54.0789 3300 ose - ok
21:17:54.0929 3300 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:17:54.0997 3300 osppsvc - ok
21:17:55.0024 3300 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:17:55.0031 3300 p2pimsvc - ok
21:17:55.0049 3300 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:17:55.0056 3300 p2psvc - ok
21:17:55.0070 3300 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
21:17:55.0073 3300 Parport - ok
21:17:55.0098 3300 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:17:55.0100 3300 partmgr - ok
21:17:55.0122 3300 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:17:55.0128 3300 PcaSvc - ok
21:17:55.0165 3300 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:17:55.0168 3300 pci - ok
21:17:55.0199 3300 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:17:55.0200 3300 pciide - ok
21:17:55.0220 3300 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:17:55.0223 3300 pcmcia - ok
21:17:55.0241 3300 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:17:55.0243 3300 pcw - ok
21:17:55.0269 3300 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:17:55.0281 3300 PEAUTH - ok
21:17:55.0392 3300 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:17:55.0396 3300 PerfHost - ok
21:17:55.0460 3300 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:17:55.0490 3300 pla - ok
21:17:55.0531 3300 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:17:55.0542 3300 PlugPlay - ok
21:17:55.0584 3300 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:17:55.0588 3300 PNRPAutoReg - ok
21:17:55.0626 3300 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:17:55.0634 3300 PNRPsvc - ok
21:17:55.0717 3300 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:17:55.0729 3300 PolicyAgent - ok
21:17:55.0770 3300 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:17:55.0777 3300 Power - ok
21:17:55.0825 3300 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:17:55.0829 3300 PptpMiniport - ok
21:17:55.0852 3300 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
21:17:55.0855 3300 Processor - ok
21:17:55.0883 3300 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:17:55.0888 3300 ProfSvc - ok
21:17:55.0913 3300 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:17:55.0916 3300 ProtectedStorage - ok
21:17:55.0946 3300 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:17:55.0950 3300 Psched - ok
21:17:56.0011 3300 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:17:56.0042 3300 ql2300 - ok
21:17:56.0072 3300 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:17:56.0077 3300 ql40xx - ok
21:17:56.0088 3300 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:17:56.0111 3300 QWAVE - ok
21:17:56.0128 3300 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:17:56.0131 3300 QWAVEdrv - ok
21:17:56.0152 3300 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:17:56.0155 3300 RasAcd - ok
21:17:56.0199 3300 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:17:56.0202 3300 RasAgileVpn - ok
21:17:56.0240 3300 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:17:56.0246 3300 RasAuto - ok
21:17:56.0268 3300 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:17:56.0272 3300 Rasl2tp - ok
21:17:56.0299 3300 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:17:56.0309 3300 RasMan - ok
21:17:56.0347 3300 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:17:56.0351 3300 RasPppoe - ok
21:17:56.0378 3300 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:17:56.0381 3300 RasSstp - ok
21:17:56.0402 3300 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:17:56.0410 3300 rdbss - ok
21:17:56.0425 3300 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
21:17:56.0427 3300 rdpbus - ok
21:17:56.0452 3300 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:17:56.0454 3300 RDPCDD - ok
21:17:56.0477 3300 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:17:56.0479 3300 RDPENCDD - ok
21:17:56.0502 3300 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:17:56.0504 3300 RDPREFMP - ok
21:17:56.0547 3300 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:17:56.0552 3300 RDPWD - ok
21:17:56.0592 3300 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:17:56.0598 3300 rdyboost - ok
21:17:56.0694 3300 [ C181C9A44FB9DCB1B2E05EDCAAFB0B95 ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
21:17:56.0778 3300 ReflectService.exe - ok
21:17:56.0848 3300 [ 0C2B4C3B10D183BE116A38353E937F62 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:17:56.0851 3300 RegSrvc - ok
21:17:56.0867 3300 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:17:56.0871 3300 RemoteAccess - ok
21:17:56.0903 3300 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:17:56.0909 3300 RemoteRegistry - ok
21:17:56.0965 3300 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
21:17:56.0974 3300 RoxioNow Service - ok
21:17:57.0002 3300 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:17:57.0007 3300 RpcEptMapper - ok
21:17:57.0019 3300 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:17:57.0038 3300 RpcLocator - ok
21:17:57.0073 3300 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:17:57.0084 3300 RpcSs - ok
21:17:57.0131 3300 [ 1F5E7AF59B390261A85F5BEDB1BB88B3 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
21:17:57.0137 3300 RSPCIESTOR - ok
21:17:57.0175 3300 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:17:57.0178 3300 rspndr - ok
21:17:57.0216 3300 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:17:57.0223 3300 RTL8167 - ok
21:17:57.0253 3300 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:17:57.0253 3300 SamSs - ok
21:17:57.0320 3300 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:17:57.0325 3300 sbp2port - ok
21:17:57.0366 3300 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:17:57.0374 3300 SCardSvr - ok
21:17:57.0390 3300 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:17:57.0393 3300 scfilter - ok
21:17:57.0437 3300 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:17:57.0462 3300 Schedule - ok
21:17:57.0489 3300 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:17:57.0491 3300 SCPolicySvc - ok
21:17:57.0527 3300 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
21:17:57.0531 3300 sdbus - ok
21:17:57.0559 3300 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:17:57.0567 3300 SDRSVC - ok
21:17:57.0615 3300 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:17:57.0617 3300 secdrv - ok
21:17:57.0642 3300 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:17:57.0646 3300 seclogon - ok
21:17:57.0667 3300 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:17:57.0672 3300 SENS - ok
21:17:57.0719 3300 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:17:57.0724 3300 SensrSvc - ok
21:17:57.0768 3300 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
21:17:57.0770 3300 Serenum - ok
21:17:57.0788 3300 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
21:17:57.0792 3300 Serial - ok
21:17:57.0831 3300 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:17:57.0834 3300 sermouse - ok
21:17:57.0870 3300 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:17:57.0877 3300 SessionEnv - ok
21:17:57.0912 3300 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:17:57.0915 3300 sffdisk - ok
21:17:57.0924 3300 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:17:57.0926 3300 sffp_mmc - ok
21:17:57.0943 3300 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:17:57.0944 3300 sffp_sd - ok
21:17:57.0977 3300 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:17:57.0977 3300 sfloppy - ok
21:17:58.0041 3300 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
21:17:58.0053 3300 Sftfs - ok
21:17:58.0172 3300 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:17:58.0191 3300 sftlist - ok
21:17:58.0219 3300 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:17:58.0224 3300 Sftplay - ok
21:17:58.0240 3300 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:17:58.0242 3300 Sftredir - ok
21:17:58.0259 3300 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
21:17:58.0261 3300 Sftvol - ok
21:17:58.0278 3300 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:17:58.0283 3300 sftvsa - ok
21:17:58.0307 3300 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:17:58.0329 3300 SharedAccess - ok
21:17:58.0368 3300 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:17:58.0378 3300 ShellHWDetection - ok
21:17:58.0422 3300 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:17:58.0425 3300 SiSRaid2 - ok
21:17:58.0438 3300 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:17:58.0438 3300 SiSRaid4 - ok
21:17:58.0486 3300 [ B866E8C5ED1DCBEA72285BA4107892C2 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:17:58.0490 3300 SkypeUpdate - ok
21:17:58.0512 3300 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:17:58.0516 3300 Smb - ok
21:17:58.0562 3300 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:17:58.0567 3300 SNMPTRAP - ok
21:17:58.0602 3300 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:17:58.0604 3300 spldr - ok
21:17:58.0648 3300 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:17:58.0662 3300 Spooler - ok
21:17:58.0755 3300 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:17:58.0822 3300 sppsvc - ok
21:17:58.0843 3300 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:17:58.0861 3300 sppuinotify - ok
21:17:58.0891 3300 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:17:58.0901 3300 srv - ok
21:17:58.0923 3300 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:17:58.0930 3300 srv2 - ok
21:17:58.0975 3300 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:17:58.0982 3300 SrvHsfHDA - ok
21:17:59.0032 3300 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:17:59.0061 3300 SrvHsfV92 - ok
21:17:59.0096 3300 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:17:59.0110 3300 SrvHsfWinac - ok
21:17:59.0142 3300 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:17:59.0146 3300 srvnet - ok
21:17:59.0192 3300 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:17:59.0198 3300 SSDPSRV - ok
21:17:59.0215 3300 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:17:59.0220 3300 SstpSvc - ok
21:17:59.0303 3300 [ 97F839E8AEC48EE271509BF4BC764C24 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
21:17:59.0311 3300 STacSV - ok
21:17:59.0323 3300 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:17:59.0323 3300 stexstor - ok
21:17:59.0390 3300 [ 7E89F65EB250463EE8665CFE19566FC3 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
21:17:59.0401 3300 STHDA - ok
21:17:59.0453 3300 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:17:59.0468 3300 stisvc - ok
21:17:59.0500 3300 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:17:59.0502 3300 swenum - ok
21:17:59.0541 3300 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:17:59.0555 3300 swprv - ok
21:17:59.0612 3300 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:17:59.0619 3300 SynTP - ok
21:17:59.0688 3300 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:17:59.0721 3300 SysMain - ok
21:17:59.0751 3300 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:17:59.0756 3300 TabletInputService - ok
21:17:59.0794 3300 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:17:59.0804 3300 TapiSrv - ok
21:17:59.0827 3300 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:17:59.0833 3300 TBS - ok
21:18:00.0031 3300 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:18:00.0093 3300 Tcpip - ok
21:18:00.0153 3300 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:18:00.0181 3300 TCPIP6 - ok
21:18:00.0219 3300 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:18:00.0221 3300 tcpipreg - ok
21:18:00.0255 3300 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:18:00.0257 3300 TDPIPE - ok
21:18:00.0288 3300 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:18:00.0291 3300 TDTCP - ok
21:18:00.0310 3300 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:18:00.0314 3300 tdx - ok
21:18:00.0536 3300 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
21:18:00.0560 3300 TeamViewer7 - ok
21:18:00.0603 3300 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:18:00.0605 3300 TermDD - ok
21:18:00.0675 3300 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:18:00.0693 3300 TermService - ok
21:18:00.0724 3300 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:18:00.0729 3300 Themes - ok
21:18:00.0765 3300 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:18:00.0769 3300 THREADORDER - ok
21:18:00.0795 3300 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:18:00.0801 3300 TrkWks - ok
21:18:00.0854 3300 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:18:00.0859 3300 TrustedInstaller - ok
21:18:00.0883 3300 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:18:00.0886 3300 tssecsrv - ok
21:18:00.0910 3300 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:18:00.0913 3300 TsUsbFlt - ok
21:18:00.0931 3300 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:18:00.0933 3300 TsUsbGD - ok
21:18:00.0981 3300 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:18:00.0985 3300 tunnel - ok
21:18:00.0997 3300 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:18:00.0997 3300 uagp35 - ok
21:18:01.0034 3300 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:18:01.0041 3300 udfs - ok
21:18:01.0078 3300 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:18:01.0083 3300 UI0Detect - ok
21:18:01.0130 3300 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:18:01.0133 3300 uliagpkx - ok
21:18:01.0173 3300 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:18:01.0176 3300 umbus - ok
21:18:01.0198 3300 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
21:18:01.0200 3300 UmPass - ok
21:18:01.0445 3300 [ A678E5DDD974903DD71F503BDCACA218 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:18:01.0519 3300 UNS - ok
21:18:01.0562 3300 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:18:01.0571 3300 upnphost - ok
21:18:01.0598 3300 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:18:01.0601 3300 usbccgp - ok
21:18:01.0631 3300 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:18:01.0635 3300 usbcir - ok
21:18:01.0651 3300 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:18:01.0654 3300 usbehci - ok
21:18:01.0698 3300 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:18:01.0706 3300 usbhub - ok
21:18:01.0729 3300 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:18:01.0731 3300 usbohci - ok
21:18:01.0744 3300 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:18:01.0746 3300 usbprint - ok
21:18:01.0774 3300 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:18:01.0777 3300 USBSTOR - ok
21:18:01.0791 3300 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:18:01.0794 3300 usbuhci - ok
21:18:01.0824 3300 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:18:01.0829 3300 usbvideo - ok
21:18:01.0852 3300 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:18:01.0852 3300 UxSms - ok
21:18:01.0868 3300 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:18:01.0871 3300 VaultSvc - ok
21:18:01.0900 3300 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:18:01.0902 3300 vdrvroot - ok
21:18:01.0947 3300 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:18:01.0960 3300 vds - ok
21:18:01.0974 3300 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:18:01.0976 3300 vga - ok
21:18:01.0990 3300 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:18:01.0992 3300 VgaSave - ok
21:18:02.0017 3300 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:18:02.0023 3300 vhdmp - ok
21:18:02.0052 3300 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:18:02.0054 3300 viaide - ok
21:18:02.0070 3300 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:18:02.0073 3300 volmgr - ok
21:18:02.0094 3300 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:18:02.0100 3300 volmgrx - ok
21:18:02.0119 3300 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:18:02.0125 3300 volsnap - ok
21:18:02.0153 3300 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:18:02.0158 3300 vsmraid - ok
21:18:02.0261 3300 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:18:02.0287 3300 VSS - ok
21:18:02.0298 3300 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:18:02.0300 3300 vwifibus - ok
21:18:02.0319 3300 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:18:02.0321 3300 vwififlt - ok
21:18:02.0362 3300 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:18:02.0364 3300 vwifimp - ok
21:18:02.0398 3300 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:18:02.0409 3300 W32Time - ok
21:18:02.0427 3300 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:18:02.0429 3300 WacomPen - ok
21:18:02.0470 3300 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:18:02.0473 3300 WANARP - ok
21:18:02.0480 3300 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:18:02.0483 3300 Wanarpv6 - ok
21:18:02.0552 3300 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:18:02.0578 3300 WatAdminSvc - ok
21:18:02.0673 3300 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:18:02.0715 3300 wbengine - ok
21:18:02.0736 3300 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:18:02.0743 3300 WbioSrvc - ok
21:18:02.0779 3300 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:18:02.0789 3300 wcncsvc - ok
21:18:02.0802 3300 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:18:02.0807 3300 WcsPlugInService - ok
21:18:02.0837 3300 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
21:18:02.0839 3300 Wd - ok
21:18:02.0889 3300 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:18:02.0903 3300 Wdf01000 - ok
21:18:02.0943 3300 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:18:02.0949 3300 WdiServiceHost - ok
21:18:02.0957 3300 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:18:02.0962 3300 WdiSystemHost - ok
21:18:02.0988 3300 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:18:02.0997 3300 WebClient - ok
21:18:03.0017 3300 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:18:03.0026 3300 Wecsvc - ok
21:18:03.0045 3300 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:18:03.0050 3300 wercplsupport - ok
21:18:03.0084 3300 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:18:03.0090 3300 WerSvc - ok
21:18:03.0117 3300 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:18:03.0119 3300 WfpLwf - ok
21:18:03.0166 3300 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:18:03.0169 3300 WIMMount - ok
21:18:03.0182 3300 WinDefend - ok
21:18:03.0191 3300 WinHttpAutoProxySvc - ok
21:18:03.0257 3300 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:18:03.0276 3300 Winmgmt - ok
21:18:03.0361 3300 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:18:03.0403 3300 WinRM - ok
21:18:03.0443 3300 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
21:18:03.0445 3300 WinUsb - ok
21:18:03.0492 3300 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:18:03.0515 3300 Wlansvc - ok
21:18:03.0562 3300 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:18:03.0564 3300 wlcrasvc - ok
21:18:03.0677 3300 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:18:03.0714 3300 wlidsvc - ok
21:18:03.0733 3300 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:18:03.0734 3300 WmiAcpi - ok
21:18:03.0790 3300 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:18:03.0796 3300 wmiApSrv - ok
21:18:03.0827 3300 WMPNetworkSvc - ok
21:18:03.0850 3300 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:18:03.0856 3300 WPCSvc - ok
21:18:03.0874 3300 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:18:03.0880 3300 WPDBusEnum - ok
21:18:03.0898 3300 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:18:03.0901 3300 ws2ifsl - ok
21:18:03.0936 3300 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:18:03.0936 3300 wscsvc - ok
21:18:03.0936 3300 WSearch - ok
21:18:04.0084 3300 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:18:04.0134 3300 wuauserv - ok
21:18:04.0175 3300 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:18:04.0177 3300 WudfPf - ok
21:18:04.0205 3300 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:18:04.0208 3300 WUDFRd - ok
21:18:04.0237 3300 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:18:04.0243 3300 wudfsvc - ok
21:18:04.0279 3300 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:18:04.0288 3300 WwanSvc - ok
21:18:04.0434 3300 [ D2FE4103450E52CB248D842501F84B90 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:18:04.0581 3300 ZeroConfigService - ok
21:18:04.0626 3300 ================ Scan global ===============================
21:18:04.0654 3300 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:18:04.0694 3300 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
21:18:04.0710 3300 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
21:18:04.0746 3300 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:18:04.0777 3300 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:18:04.0786 3300 [Global] - ok
21:18:04.0787 3300 ================ Scan MBR ==================================
21:18:04.0805 3300 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:18:05.0338 3300 \Device\Harddisk0\DR0 - ok
21:18:05.0339 3300 ================ Scan VBR ==================================
21:18:05.0347 3300 [ 00A5A957B4AF6933D414E8DD73613564 ] \Device\Harddisk0\DR0\Partition1
21:18:05.0349 3300 \Device\Harddisk0\DR0\Partition1 - ok
21:18:05.0369 3300 [ 76425FD6388909165A23CB310F27DE8F ] \Device\Harddisk0\DR0\Partition2
21:18:05.0372 3300 \Device\Harddisk0\DR0\Partition2 - ok
21:18:05.0399 3300 [ 44F11BC1ACF66BBFB21DF032BAFE4847 ] \Device\Harddisk0\DR0\Partition3
21:18:05.0402 3300 \Device\Harddisk0\DR0\Partition3 - ok
21:18:05.0448 3300 [ FDA9BA06F115A1BFC9417FE0554E7D6A ] \Device\Harddisk0\DR0\Partition4
21:18:05.0450 3300 \Device\Harddisk0\DR0\Partition4 - ok
21:18:05.0451 3300 ============================================================
21:18:05.0451 3300 Scan finished
21:18:05.0451 3300 ============================================================
21:18:05.0468 7888 Detected object count: 0
21:18:05.0468 7888 Actual detected object count: 0
21:19:10.0586 2928 Deinitialize success


ESET Log

C:\Users\Bomber\Desktop\Noah SD Card\Android\data\com.amazon.venezia\cache\vnz572623489.apk a variant of Android/Leadbolt.B application unable to clean
C:\Documents and Settings\Bomber\Desktop\Noah SD Card\Android\data\com.amazon.venezia\cache\vnz572623489.apk a variant of Android/Leadbolt.B application deleted - quarantined

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,404 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:18 PM

Posted 31 December 2012 - 06:24 PM

Please in another.

ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


Uninstall this and reboot,older versioms are exploitable.
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 bomber1712

bomber1712
  • Topic Starter

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wisconsin, USA
  • Local time:09:18 PM

Posted 31 December 2012 - 06:54 PM

I checked my Java version, and I am running Version 7 Update 10.

For the latest scan, I actually didn't download and then run. I just ran it. Does that matter?

Here is the log:


# AdwCleaner v2.104 - Logfile created 12/31/2012 at 17:47:15
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Bomber - BOMBER-HP
# Boot Mode : Normal
# Running from : C:\Users\Bomber\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\59PFVD48\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [1029 octets] - [31/12/2012 17:47:15]

########## EOF - C:\AdwCleaner[S1].txt - [1089 octets] ##########

Edited by bomber1712, 31 December 2012 - 06:57 PM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,404 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:18 PM

Posted 03 January 2013 - 10:11 AM

OK, Yes I lost you...
You ran it fine.

How is it running now?


I checked my Java version, and I am running Version 7 Update 10.

Uninstall this and reboot,older versioms are exploitable.
Java™ 6 Update 24 (64-bit) (Version: 6.0.240) <<-- But the older one needs to go
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 bomber1712

bomber1712
  • Topic Starter

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wisconsin, USA
  • Local time:09:18 PM

Posted 03 January 2013 - 04:43 PM

It seems to be running fine. As for the Java, I will double check, but I did not see the old one in Add/Remove.

If you think I am OK, I feel OK.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,404 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:18 PM

Posted 03 January 2013 - 06:10 PM

Well it looks clean... Now you should Create a New Restore Point (alternate method) to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > All Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
Then use Disk Cleanup to remove all but the newly created Restore Point.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 bomber1712

bomber1712
  • Topic Starter

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wisconsin, USA
  • Local time:09:18 PM

Posted 04 January 2013 - 07:32 AM

Got it! Thanks for your help!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users