Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Not sure if infected - Easylife app


  • Please log in to reply
12 replies to this topic

#1 Kajet

Kajet

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:55 AM

Posted 23 January 2013 - 06:16 AM

I downloaded something from sendspace.com and afterwards my homepages and search engines were changed to something called "Easylife app search" or something like that. How can I be sure if I've successfully removed it or not from my computer?

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,538 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:55 AM

Posted 23 January 2013 - 10:25 AM

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Kajet

Kajet
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:55 AM

Posted 23 January 2013 - 05:32 PM

Okay, this is what the Result.txt contained.

MiniToolBox by Farbar Version:10-01-2013
Ran by Kajet (administrator) on 23-01-2013 at 16:21:55
Running from "C:\Users\Kajet\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® 82579V Gigabit Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled
add route prefix=0.0.0.0/0 interface="ethernet_10" nexthop=5.0.0.1 publish=Yes
set interface interface="ethernet_10" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Kajet-PCD
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : domain
Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
Physical Address. . . . . . . . . : 14-DA-E9-DA-33-DF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b12b:5788:44a5:4304%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, January 23, 2013 4:15:00 PM
Lease Expires . . . . . . . . . . : Wednesday, January 23, 2013 6:15:00 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 236247785
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-54-06-6C-14-DA-E9-DA-33-DF
DNS Servers . . . . . . . . . . . : 97.64.168.12
97.64.183.165
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.domain:

Connection-specific DNS Suffix . : domain
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.100%13(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 97.64.168.12
97.64.183.165
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:88c:c91c:52e2:2a67(Preferred)
Link-local IPv6 Address . . . . . : fe80::88c:c91c:52e2:2a67%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dsmdc-dns-dts10.mcomdc.com
Address: 97.64.168.12

Name: google.com
Addresses: 2001:4860:400a:800::1008
74.125.225.8
74.125.225.14
74.125.225.3
74.125.225.5
74.125.225.4
74.125.225.6
74.125.225.7
74.125.225.9
74.125.225.2
74.125.225.1
74.125.225.0


Pinging google.com [74.125.225.3] with 32 bytes of data:
Reply from 74.125.225.3: bytes=32 time=31ms TTL=53
Reply from 74.125.225.3: bytes=32 time=29ms TTL=53

Ping statistics for 74.125.225.3:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 29ms, Maximum = 31ms, Average = 30ms
Server: dsmdc-dns-dts10.mcomdc.com
Address: 97.64.168.12

Name: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=99ms TTL=47
Reply from 206.190.36.45: bytes=32 time=81ms TTL=47

Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 81ms, Maximum = 99ms, Average = 90ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...14 da e9 da 33 df ......Intel® 82579V Gigabit Network Connection
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 276
192.168.1.100 255.255.255.255 On-link 192.168.1.100 276
192.168.1.255 255.255.255.255 On-link 192.168.1.100 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 276
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 5.0.0.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:9d38:953c:88c:c91c:52e2:2a67/128
On-link
11 276 fe80::/64 On-link
12 306 fe80::/64 On-link
13 281 fe80::5efe:192.168.1.100/128
On-link
12 306 fe80::88c:c91c:52e2:2a67/128
On-link
11 276 fe80::b12b:5788:44a5:4304/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 2620:9b::/96 On-link
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/23/2013 04:16:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 06:55:47 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 06:19:31 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 04:20:06 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 04:16:01 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 02:15:35 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 02:05:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 01:27:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 01:18:34 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 00:40:52 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/23/2013 06:14:29 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/23/2013 06:14:29 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/23/2013 06:14:29 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/23/2013 06:12:21 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/23/2013 06:12:21 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/23/2013 06:12:21 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/23/2013 06:07:21 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/23/2013 06:07:21 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/23/2013 06:07:21 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/23/2013 06:05:15 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (01/23/2013 04:16:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 06:55:47 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 06:19:31 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 04:20:06 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 04:16:01 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 02:15:35 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 02:05:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 01:27:00 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 01:18:34 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2013 00:40:52 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
3DMark 11 (Version: 1.0.2)
7-Zip 9.20
A New Zero
Adobe AIR (Version: 3.5.0.600)
Adobe Flash Media Live Encoder 3.2 (Version: 3.2.0)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.135)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
Alchemy and Bejeweled Pack
Altitude - Demo
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
applicationupdater
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.10.0.0)
Audacity 1.3.14 (Unicode)
Audiosurf
Autodesk SketchBookExpress 2011 (Version: 5.00.0000)
Bamboo (Version: 5.2.5-5)
Bamboo Dock (Version: 4.0)
Bamboo Dock (Version: 4.0.0)
Bamboo Tablets Tutorial (Version: 3.0.20)
Bandisoft MPEG-1 Decoder
Batman: Arkham Asylum GOTY Edition
Beat Hazard
BIT.TRIP RUNNER
Blade Kitten
Cave Story+
CCleaner (Version: 2.34)
Chipamp (Version: 1.0)
Chocolate Castle 1.09 (Version: 1.09)
Cockatrice
Digsby
Doomsday Engine 1.9.7
Dragon Nest
Dual-Core Optimizer (Version: 1.1.4.0169)
Duke Nukem 3D (Version: 2.0.0.84)
Dungeon and Dragons: Neverwinter Nights Complete (Version: 1.0.0)
Dungeon Defenders
Dungeons & Dragons Online®
Dungeons of Dredmor
Fallout 3 - Game of the Year Edition
Fallout: New Vegas
Far Cry 2 (Version: 1.03.00)
FEAR Perseus Mandate (Version: 1.00.0000)
Firefall
Firestorm-Release (remove only) (Version: 4.3.1.31155)
Fragment
Furcadia (Version: 29a)
Futuremark SystemInfo (Version: 4.2.0)
GameMaker: Studio
Garry's Mod
Generations Arena 0.99f (remove only)
GIMP 2.8.2 (Version: 2.8.2)
GTA San Andreas (Version: 1.00.00001)
Half-Life 2: Lost Coast
Hawken
HeXen II
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Network Connections 16.5.2.0 (Version: 16.5.2.0)
Intel® Processor Graphics (Version: 9.17.10.2867)
ioquake3
IrfanView (remove only) (Version: 4.30)
Jamestown
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 29 (64-bit) (Version: 6.0.290)
Java™ 6 Update 37 (Version: 6.0.370)
JMicron JMB36X Driver (Version: 1.17.58.2)
Killing Floor
LAME v3.99.3 (for Windows)
Left 4 Dead 2
Legendary (Version: 1.00.0000)
LEGO Batman: The Videogame
LEGO Star Wars II (Version: 1.00.0000)
Livestream Procaster (Version: 20.2.0)
Magicka
Mass Effect
Metro 2033
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE (Version: 3.1.186.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Moonbase Alpha
Moraff's Maximum MahJongg 1.0
Morrowind
Mount & Blade: Warband
Mozilla Firefox 18.0.1 (x86 en-US) (Version: 18.0.1)
Mozilla Maintenance Service (Version: 18.0.1)
Mozilla Thunderbird (8.0) (Version: 8.0 (en-US))
Need for Speed™ Hot Pursuit (Version: 1.0.0.0)
Nexon Game Manager
Nitronic Rush (2012-06-19) version 20120619.0 (Version: 20120619.0)
Nostromo (Version: 3.2.4)
Nostromo Array Programming Software (Version: 3.0.2)
Nuclear Dawn
NVIDIA 3D Vision Controller Driver (Version: 280.19)
NVIDIA 3D Vision Controller Driver 310.90 (Version: 310.90)
NVIDIA 3D Vision Driver 310.90 (Version: 310.90)
NVIDIA Control Panel 310.90 (Version: 310.90)
NVIDIA Graphics Driver 310.90 (Version: 310.90)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.95.599)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1090)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
Oblivion - Construction Set (Version: 1.00.0000)
Oblivion - Horse Armor Pack (Version: 1.00.0000)
Oblivion - Knights of the Nine (Version: 1.00.0000)
Oblivion - Mehrunes Razor (Version: 1.00.0000)
Oblivion - Orrery (Version: 1.00.0000)
Oblivion - Spell Tomes (Version: 1.00.0000)
Oblivion - Thieves Den (Version: 1.00.0000)
Oblivion - Vile Lair (Version: 1.00.0000)
Oblivion - Wizard's Tower (Version: 1.00.0000)
Oblivion (Version: 1.00.0000)
Oblivion mod manager 1.1.12
OpenAL
Opera 12.12 (Version: 12.12.1707)
Paint.NET v3.5.10 (Version: 3.60.0)
PAYDAY: The Heist
PHANTASY STAR ONLINE 2
PHANTASY STAR UNIVERSE
PlanetSide 2
Plants vs. Zombies
PunkBuster Services (Version: 0.986)
Quake III Arena
Quake III Arena Point Release 1.32
QuickTime (Version: 7.71.80.42)
Radegast
RCA Updater 2.1.7.0
Realtek High Definition Audio Driver (Version: 6.0.1.6363)
RGSS-RTP Standard (Version: 1.0.0)
RPG Maker VX RTP (Version: 1.02)
S.T.A.L.K.E.R.: Shadow of Chernobyl
Saints Row: The Third
Sculptris Alpha 6 (Version: 0.6)
SecondLifeViewer (remove only)
Serious Sam 2
SES Driver (Version: 1.0.0)
Skype™ 5.10 (Version: 5.10.116)
Solace - February 2011
Sonic Generations
SpeechRedist (Version: 1.0.0)
Star Trek Online
Steam (Version: 1.0.0.0)
Street Fighter IV
SumatraPDF (Version: 2.2.1)
Super Crate Box
Supercade (Version: 2.0.0.80)
swMSM (Version: 12.0.0.1)
Synergy
Team Fortress 2
Terraria
TES Construction Set
The Binding Of Isaac
The Elder Scrolls V: Skyrim
The Polynomial
Thief: Deadly Shadows
Trillian
Tron 2.0
Tyrian 2000
Unofficial Oblivion Patch v3.2.0 (Version: 3.2.0)
Unofficial Official Mods Patch v16 (Version: v11)
Unofficial Shivering Isles Patch v1.5.1 (Version: 1.5.1)
Unreal Tournament
Unreal Tournament 2004
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Vindictus
VisiPics V1.30
VLC media player 2.0.4 (Version: 2.0.4)
Voxatron 0.2.1 (Version: 0.2.1)
VTFEdit 1.2.5
VVVVVV
Warsow
Warzone 2100-2.3.9 (Version: 2.3.9)
WebTablet FB Plugin (Version: 2.0.0.1)
WebTablet IE Plugin (Version: 1.1.0.12)
WebTablet Netscape Plugin (Version: 1.1.0.10)
Winamp (Version: 5.622 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (03/06/2009 1.0.0008.0) (Version: 03/06/2009 1.0.0008.0)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Wings 3D 1.4.1
Worms Ultimate Mayhem
X-Chat 2.8.6-2 (Version: 2.8.6-2)
Xiph.Org Open Codecs 0.85.17777 (Version: 0.85.17777)
Yar's Revenge

========================= Memory info: ===================================

Percentage of memory in use: 14%
Total physical RAM: 16288.39 MB
Available physical RAM: 13880.25 MB
Total Pagefile: 32574.97 MB
Available Pagefile: 30011.13 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.31 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:508.91 GB) NTFS
3 Drive f: (My Book) (Fixed) (Total:1396.61 GB) (Free:1237.57 GB) NTFS
4 Drive g: (WD SmartWare) (CDROM) (Total:0.43 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\KAJET-PCD

Administrator ASPNET Guest
Kajet UpdatusUser


**** End of log ****

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,538 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:55 AM

Posted 23 January 2013 - 08:25 PM

Hi,that's the first time it didn't show in that log..

Go thru the Control Panel and uninstall these.
Java™ 6 Update 29 (64-bit) (Version: 6.0.290)
Java™ 6 Update 37 (Version: 6.0.370)


Next run these,thanks.

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Kajet

Kajet
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:55 AM

Posted 24 January 2013 - 12:26 AM

Okay, Ran all three of those, Will I have to reinstall Java and uninstall ESET? I'm just wanting to be sure that the Easylife crap is gone from my computer.


19:48:13.0019 4572 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:48:13.0300 4572 ============================================================
19:48:13.0300 4572 Current date / time: 2013/01/23 19:48:13.0300
19:48:13.0300 4572 SystemInfo:
19:48:13.0300 4572
19:48:13.0300 4572 OS Version: 6.1.7601 ServicePack: 1.0
19:48:13.0300 4572 Product type: Workstation
19:48:13.0300 4572 ComputerName: KAJET-PCD
19:48:13.0300 4572 UserName: Kajet
19:48:13.0300 4572 Windows directory: C:\Windows
19:48:13.0300 4572 System windows directory: C:\Windows
19:48:13.0300 4572 Running under WOW64
19:48:13.0300 4572 Processor architecture: Intel x64
19:48:13.0300 4572 Number of processors: 4
19:48:13.0300 4572 Page size: 0x1000
19:48:13.0300 4572 Boot type: Normal boot
19:48:13.0300 4572 ============================================================
19:48:14.0923 4572 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:48:14.0923 4572 Drive \Device\Harddisk1\DR1 - Size: 0x15D27100000 (1396.61 Gb), SectorSize: 0x200, Cylinders: 0x2C82B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:48:14.0923 4572 ============================================================
19:48:14.0923 4572 \Device\Harddisk0\DR0:
19:48:14.0923 4572 MBR partitions:
19:48:14.0923 4572 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:48:14.0923 4572 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
19:48:14.0923 4572 \Device\Harddisk1\DR1:
19:48:14.0923 4572 MBR partitions:
19:48:14.0923 4572 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAE938000
19:48:14.0923 4572 ============================================================
19:48:14.0954 4572 C: <-> \Device\Harddisk0\DR0\Partition2
19:48:15.0032 4572 F: <-> \Device\Harddisk1\DR1\Partition1
19:48:15.0032 4572 ============================================================
19:48:15.0032 4572 Initialize success
19:48:15.0032 4572 ============================================================
19:48:17.0075 4168 ============================================================
19:48:17.0075 4168 Scan started
19:48:17.0075 4168 Mode: Manual;
19:48:17.0075 4168 ============================================================
19:48:18.0542 4168 ================ Scan system memory ========================
19:48:18.0542 4168 System memory - ok
19:48:18.0542 4168 ================ Scan services =============================
19:48:18.0651 4168 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:48:18.0667 4168 1394ohci - ok
19:48:18.0682 4168 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:48:18.0682 4168 ACPI - ok
19:48:18.0698 4168 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:48:18.0698 4168 AcpiPmi - ok
19:48:18.0807 4168 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:48:18.0807 4168 AdobeFlashPlayerUpdateSvc - ok
19:48:18.0854 4168 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:48:18.0869 4168 adp94xx - ok
19:48:18.0947 4168 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:48:19.0025 4168 adpahci - ok
19:48:19.0057 4168 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:48:19.0072 4168 adpu320 - ok
19:48:19.0088 4168 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:48:19.0088 4168 AeLookupSvc - ok
19:48:19.0135 4168 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:48:19.0135 4168 AFD - ok
19:48:19.0150 4168 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:48:19.0150 4168 agp440 - ok
19:48:19.0166 4168 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:48:19.0166 4168 ALG - ok
19:48:19.0166 4168 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:48:19.0166 4168 aliide - ok
19:48:19.0213 4168 [ B3E801135E0C81733542C14D9AA8120A ] Alpham1 C:\Windows\system32\DRIVERS\Alpham164.sys
19:48:19.0213 4168 Alpham1 - ok
19:48:19.0244 4168 [ 6493983FEDBC49D9112703ECE9B251FE ] Alpham2 C:\Windows\system32\DRIVERS\Alpham264.sys
19:48:19.0259 4168 Alpham2 - ok
19:48:19.0259 4168 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:48:19.0259 4168 amdide - ok
19:48:19.0259 4168 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:48:19.0259 4168 AmdK8 - ok
19:48:19.0275 4168 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:48:19.0275 4168 AmdPPM - ok
19:48:19.0306 4168 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:48:19.0322 4168 amdsata - ok
19:48:19.0337 4168 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:48:19.0337 4168 amdsbs - ok
19:48:19.0353 4168 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:48:19.0369 4168 amdxata - ok
19:48:19.0400 4168 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
19:48:19.0400 4168 AppHostSvc - ok
19:48:19.0400 4168 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:48:19.0400 4168 AppID - ok
19:48:19.0415 4168 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:48:19.0415 4168 AppIDSvc - ok
19:48:19.0431 4168 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:48:19.0431 4168 Appinfo - ok
19:48:19.0431 4168 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:48:19.0431 4168 arc - ok
19:48:19.0447 4168 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:48:19.0447 4168 arcsas - ok
19:48:19.0478 4168 [ 954950D11ADA98AC1B7EE3C770E4622C ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
19:48:19.0478 4168 asmthub3 - ok
19:48:19.0493 4168 [ 01DBB05DB1DB95803E3C9F2B49AFE79C ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
19:48:19.0509 4168 asmtxhci - ok
19:48:19.0603 4168 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:48:19.0618 4168 aspnet_state - ok
19:48:19.0649 4168 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:48:19.0649 4168 AsyncMac - ok
19:48:19.0665 4168 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:48:19.0665 4168 atapi - ok
19:48:19.0681 4168 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:48:19.0681 4168 AudioEndpointBuilder - ok
19:48:19.0681 4168 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:48:19.0681 4168 AudioSrv - ok
19:48:19.0712 4168 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:48:19.0712 4168 AxInstSV - ok
19:48:19.0727 4168 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:48:19.0743 4168 b06bdrv - ok
19:48:19.0774 4168 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:48:19.0774 4168 b57nd60a - ok
19:48:19.0805 4168 [ 5BE512E49C43C8466AB7B4740D1927D7 ] bcgame C:\Windows\system32\drivers\bcgame.sys
19:48:19.0805 4168 bcgame - ok
19:48:19.0852 4168 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:48:19.0868 4168 BDESVC - ok
19:48:19.0899 4168 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:48:19.0899 4168 Beep - ok
19:48:19.0930 4168 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:48:19.0946 4168 BFE - ok
19:48:19.0977 4168 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:48:19.0977 4168 BITS - ok
19:48:19.0993 4168 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:48:19.0993 4168 blbdrive - ok
19:48:20.0024 4168 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:48:20.0024 4168 bowser - ok
19:48:20.0024 4168 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:48:20.0039 4168 BrFiltLo - ok
19:48:20.0039 4168 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:48:20.0039 4168 BrFiltUp - ok
19:48:20.0055 4168 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:48:20.0071 4168 Browser - ok
19:48:20.0086 4168 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:48:20.0086 4168 Brserid - ok
19:48:20.0086 4168 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:48:20.0086 4168 BrSerWdm - ok
19:48:20.0086 4168 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:48:20.0086 4168 BrUsbMdm - ok
19:48:20.0102 4168 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:48:20.0102 4168 BrUsbSer - ok
19:48:20.0117 4168 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:48:20.0117 4168 BTHMODEM - ok
19:48:20.0117 4168 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:48:20.0117 4168 bthserv - ok
19:48:20.0117 4168 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:48:20.0117 4168 cdfs - ok
19:48:20.0133 4168 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:48:20.0133 4168 cdrom - ok
19:48:20.0133 4168 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:48:20.0133 4168 CertPropSvc - ok
19:48:20.0133 4168 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:48:20.0133 4168 circlass - ok
19:48:20.0149 4168 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:48:20.0149 4168 CLFS - ok
19:48:20.0195 4168 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:48:20.0195 4168 clr_optimization_v2.0.50727_32 - ok
19:48:20.0227 4168 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:48:20.0227 4168 clr_optimization_v2.0.50727_64 - ok
19:48:20.0492 4168 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:48:20.0507 4168 clr_optimization_v4.0.30319_32 - ok
19:48:20.0539 4168 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:48:20.0539 4168 clr_optimization_v4.0.30319_64 - ok
19:48:20.0554 4168 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:48:20.0554 4168 CmBatt - ok
19:48:20.0554 4168 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:48:20.0554 4168 cmdide - ok
19:48:20.0601 4168 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
19:48:20.0601 4168 CNG - ok
19:48:20.0617 4168 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:48:20.0617 4168 Compbatt - ok
19:48:20.0632 4168 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:48:20.0632 4168 CompositeBus - ok
19:48:20.0648 4168 COMSysApp - ok
19:48:20.0679 4168 [ 78AF1C499BF02F9814DF959A04A4F9C9 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:48:20.0695 4168 cphs - ok
19:48:20.0726 4168 cpuz135 - ok
19:48:20.0726 4168 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:48:20.0741 4168 crcdisk - ok
19:48:20.0788 4168 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:48:20.0788 4168 CryptSvc - ok
19:48:20.0819 4168 [ E6CE7188CC47AE5DAFDAF552D370C52F ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
19:48:20.0819 4168 dc3d - ok
19:48:20.0851 4168 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:48:20.0851 4168 DcomLaunch - ok
19:48:20.0882 4168 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:48:20.0882 4168 defragsvc - ok
19:48:20.0897 4168 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:48:20.0897 4168 DfsC - ok
19:48:20.0929 4168 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:48:20.0929 4168 Dhcp - ok
19:48:20.0944 4168 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:48:20.0944 4168 discache - ok
19:48:20.0960 4168 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:48:20.0960 4168 Disk - ok
19:48:20.0975 4168 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:48:20.0991 4168 Dnscache - ok
19:48:21.0007 4168 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:48:21.0007 4168 dot3svc - ok
19:48:21.0022 4168 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:48:21.0038 4168 DPS - ok
19:48:21.0053 4168 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:48:21.0053 4168 drmkaud - ok
19:48:21.0085 4168 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:48:21.0100 4168 DXGKrnl - ok
19:48:21.0131 4168 [ EAFCB4551836FF44EE775CEDDFA7A77E ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
19:48:21.0131 4168 e1cexpress - ok
19:48:21.0147 4168 EagleX64 - ok
19:48:21.0163 4168 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:48:21.0178 4168 EapHost - ok
19:48:21.0225 4168 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:48:21.0256 4168 ebdrv - ok
19:48:21.0272 4168 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:48:21.0272 4168 EFS - ok
19:48:21.0319 4168 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:48:21.0334 4168 ehRecvr - ok
19:48:21.0334 4168 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:48:21.0334 4168 ehSched - ok
19:48:21.0350 4168 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:48:21.0350 4168 elxstor - ok
19:48:21.0397 4168 [ 09CDF93151AE257C40591905975C0E36 ] emAudio C:\Windows\system32\drivers\emAudio64.sys
19:48:21.0397 4168 emAudio - ok
19:48:21.0397 4168 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:48:21.0397 4168 ErrDev - ok
19:48:21.0428 4168 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:48:21.0428 4168 EventSystem - ok
19:48:21.0459 4168 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:48:21.0459 4168 exfat - ok
19:48:21.0459 4168 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:48:21.0459 4168 fastfat - ok
19:48:21.0475 4168 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:48:21.0490 4168 Fax - ok
19:48:21.0490 4168 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:48:21.0490 4168 fdc - ok
19:48:21.0490 4168 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:48:21.0490 4168 fdPHost - ok
19:48:21.0506 4168 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:48:21.0506 4168 FDResPub - ok
19:48:21.0506 4168 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:48:21.0506 4168 FileInfo - ok
19:48:21.0506 4168 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:48:21.0506 4168 Filetrace - ok
19:48:21.0521 4168 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:48:21.0521 4168 flpydisk - ok
19:48:21.0521 4168 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:48:21.0521 4168 FltMgr - ok
19:48:21.0568 4168 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:48:21.0584 4168 FontCache - ok
19:48:21.0615 4168 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:48:21.0615 4168 FontCache3.0.0.0 - ok
19:48:21.0631 4168 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:48:21.0631 4168 FsDepends - ok
19:48:21.0662 4168 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:48:21.0662 4168 Fs_Rec - ok
19:48:21.0802 4168 [ A33BCF3FAB19DB7D0B501036722F311B ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
19:48:21.0849 4168 Futuremark SystemInfo Service - ok
19:48:21.0865 4168 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:48:21.0865 4168 fvevol - ok
19:48:21.0896 4168 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:48:21.0896 4168 gagp30kx - ok
19:48:21.0911 4168 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:48:21.0927 4168 gpsvc - ok
19:48:21.0958 4168 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
19:48:21.0958 4168 hamachi - ok
19:48:21.0974 4168 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:48:21.0974 4168 hcw85cir - ok
19:48:22.0021 4168 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:48:22.0021 4168 HdAudAddService - ok
19:48:22.0036 4168 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:48:22.0052 4168 HDAudBus - ok
19:48:22.0052 4168 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:48:22.0052 4168 HidBatt - ok
19:48:22.0067 4168 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:48:22.0067 4168 HidBth - ok
19:48:22.0067 4168 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:48:22.0067 4168 HidIr - ok
19:48:22.0083 4168 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:48:22.0099 4168 hidserv - ok
19:48:22.0099 4168 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:48:22.0099 4168 HidUsb - ok
19:48:22.0130 4168 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:48:22.0130 4168 hkmsvc - ok
19:48:22.0145 4168 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:48:22.0145 4168 HomeGroupListener - ok
19:48:22.0161 4168 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:48:22.0177 4168 HomeGroupProvider - ok
19:48:22.0177 4168 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:48:22.0192 4168 HpSAMD - ok
19:48:22.0208 4168 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:48:22.0208 4168 HTTP - ok
19:48:22.0239 4168 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:48:22.0239 4168 hwpolicy - ok
19:48:22.0255 4168 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:48:22.0255 4168 i8042prt - ok
19:48:22.0286 4168 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:48:22.0301 4168 iaStorV - ok
19:48:22.0348 4168 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:48:22.0364 4168 idsvc - ok
19:48:22.0738 4168 [ A1CF07D24EDCDC6870535471654D957C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:48:22.0769 4168 igfx - ok
19:48:22.0801 4168 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:48:22.0801 4168 iirsp - ok
19:48:22.0832 4168 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:48:22.0847 4168 IKEEXT - ok
19:48:22.0941 4168 [ 26407A11D7E222AFB7CE32700ABBD9D1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:48:22.0957 4168 IntcAzAudAddService - ok
19:48:22.0988 4168 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
19:48:22.0988 4168 IntcDAud - ok
19:48:23.0019 4168 [ D7B978F4504D3DA95A21002863D0E7EE ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
19:48:23.0019 4168 Intel® PROSet Monitoring Service - ok
19:48:23.0019 4168 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:48:23.0035 4168 intelide - ok
19:48:23.0050 4168 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:48:23.0050 4168 intelppm - ok
19:48:23.0066 4168 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:48:23.0066 4168 IPBusEnum - ok
19:48:23.0081 4168 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:48:23.0081 4168 IpFilterDriver - ok
19:48:23.0128 4168 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:48:23.0128 4168 iphlpsvc - ok
19:48:23.0144 4168 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:48:23.0144 4168 IPMIDRV - ok
19:48:23.0159 4168 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:48:23.0159 4168 IPNAT - ok
19:48:23.0175 4168 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:48:23.0175 4168 IRENUM - ok
19:48:23.0175 4168 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:48:23.0191 4168 isapnp - ok
19:48:23.0191 4168 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:48:23.0191 4168 iScsiPrt - ok
19:48:23.0206 4168 [ A577F5DB30F70ECA9708C07C2EACBD9D ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
19:48:23.0206 4168 JRAID - ok
19:48:23.0206 4168 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:48:23.0206 4168 kbdclass - ok
19:48:23.0206 4168 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:48:23.0206 4168 kbdhid - ok
19:48:23.0222 4168 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:48:23.0237 4168 KeyIso - ok
19:48:23.0253 4168 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:48:23.0253 4168 KSecDD - ok
19:48:23.0269 4168 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:48:23.0284 4168 KSecPkg - ok
19:48:23.0300 4168 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:48:23.0300 4168 ksthunk - ok
19:48:23.0331 4168 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:48:23.0331 4168 KtmRm - ok
19:48:23.0362 4168 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:48:23.0362 4168 LanmanServer - ok
19:48:23.0393 4168 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:48:23.0393 4168 LanmanWorkstation - ok
19:48:23.0425 4168 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:48:23.0425 4168 lltdio - ok
19:48:23.0440 4168 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:48:23.0440 4168 lltdsvc - ok
19:48:23.0456 4168 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:48:23.0456 4168 lmhosts - ok
19:48:23.0471 4168 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:48:23.0471 4168 LSI_FC - ok
19:48:23.0487 4168 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:48:23.0487 4168 LSI_SAS - ok
19:48:23.0487 4168 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:48:23.0487 4168 LSI_SAS2 - ok
19:48:23.0487 4168 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:48:23.0487 4168 LSI_SCSI - ok
19:48:23.0503 4168 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:48:23.0503 4168 luafv - ok
19:48:23.0518 4168 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:48:23.0534 4168 Mcx2Svc - ok
19:48:23.0549 4168 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:48:23.0549 4168 megasas - ok
19:48:23.0549 4168 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:48:23.0565 4168 MegaSR - ok
19:48:23.0565 4168 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:48:23.0565 4168 MEIx64 - ok
19:48:23.0596 4168 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:48:23.0596 4168 MMCSS - ok
19:48:23.0596 4168 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:48:23.0596 4168 Modem - ok
19:48:23.0612 4168 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:48:23.0612 4168 monitor - ok
19:48:23.0627 4168 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:48:23.0627 4168 mouclass - ok
19:48:23.0627 4168 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:48:23.0627 4168 mouhid - ok
19:48:23.0643 4168 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:48:23.0643 4168 mountmgr - ok
19:48:23.0705 4168 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:48:23.0705 4168 MozillaMaintenance - ok
19:48:23.0752 4168 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:48:23.0752 4168 MpFilter - ok
19:48:23.0783 4168 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:48:23.0783 4168 mpio - ok
19:48:23.0799 4168 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:48:23.0799 4168 mpsdrv - ok
19:48:23.0815 4168 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:48:23.0830 4168 MpsSvc - ok
19:48:23.0830 4168 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:48:23.0846 4168 MRxDAV - ok
19:48:23.0877 4168 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:48:23.0877 4168 mrxsmb - ok
19:48:23.0893 4168 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:48:23.0908 4168 mrxsmb10 - ok
19:48:23.0924 4168 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:48:23.0924 4168 mrxsmb20 - ok
19:48:23.0924 4168 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:48:23.0924 4168 msahci - ok
19:48:23.0939 4168 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:48:23.0939 4168 msdsm - ok
19:48:23.0971 4168 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:48:23.0971 4168 MSDTC - ok
19:48:23.0986 4168 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:48:23.0986 4168 Msfs - ok
19:48:23.0986 4168 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:48:23.0986 4168 mshidkmdf - ok
19:48:24.0002 4168 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:48:24.0002 4168 msisadrv - ok
19:48:24.0017 4168 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:48:24.0017 4168 MSiSCSI - ok
19:48:24.0033 4168 msiserver - ok
19:48:24.0049 4168 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:48:24.0049 4168 MSKSSRV - ok
19:48:24.0142 4168 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
19:48:24.0142 4168 MsMpSvc - ok
19:48:24.0142 4168 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:48:24.0158 4168 MSPCLOCK - ok
19:48:24.0173 4168 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:48:24.0173 4168 MSPQM - ok
19:48:24.0189 4168 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:48:24.0189 4168 MsRPC - ok
19:48:24.0205 4168 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:48:24.0205 4168 mssmbios - ok
19:48:24.0220 4168 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:48:24.0220 4168 MSTEE - ok
19:48:24.0220 4168 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:48:24.0220 4168 MTConfig - ok
19:48:24.0236 4168 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:48:24.0236 4168 Mup - ok
19:48:24.0267 4168 [ 2DFF58E4821866027388570EB78E73ED ] NAL C:\Windows\system32\Drivers\iqvw64e.sys
19:48:24.0267 4168 NAL - ok
19:48:24.0298 4168 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:48:24.0298 4168 napagent - ok
19:48:24.0314 4168 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:48:24.0329 4168 NativeWifiP - ok
19:48:24.0361 4168 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:48:24.0376 4168 NDIS - ok
19:48:24.0392 4168 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:48:24.0392 4168 NdisCap - ok
19:48:24.0407 4168 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:48:24.0407 4168 NdisTapi - ok
19:48:24.0423 4168 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:48:24.0423 4168 Ndisuio - ok
19:48:24.0423 4168 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:48:24.0423 4168 NdisWan - ok
19:48:24.0423 4168 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:48:24.0439 4168 NDProxy - ok
19:48:24.0439 4168 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:48:24.0439 4168 NetBIOS - ok
19:48:24.0454 4168 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:48:24.0454 4168 NetBT - ok
19:48:24.0470 4168 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:48:24.0470 4168 Netlogon - ok
19:48:24.0485 4168 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:48:24.0485 4168 Netman - ok
19:48:24.0563 4168 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:48:24.0579 4168 NetMsmqActivator - ok
19:48:24.0579 4168 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:48:24.0595 4168 NetPipeActivator - ok
19:48:24.0595 4168 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:48:24.0610 4168 netprofm - ok
19:48:24.0610 4168 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:48:24.0610 4168 NetTcpActivator - ok
19:48:24.0610 4168 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:48:24.0610 4168 NetTcpPortSharing - ok
19:48:24.0626 4168 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:48:24.0626 4168 nfrd960 - ok
19:48:24.0641 4168 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:48:24.0657 4168 NisDrv - ok
19:48:24.0688 4168 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
19:48:24.0688 4168 NisSrv - ok
19:48:24.0719 4168 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:48:24.0719 4168 NlaSvc - ok
19:48:24.0719 4168 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:48:24.0719 4168 Npfs - ok
19:48:24.0751 4168 npggsvc - ok
19:48:24.0751 4168 NPPTNT2 - ok
19:48:24.0766 4168 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:48:24.0782 4168 nsi - ok
19:48:24.0782 4168 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:48:24.0782 4168 nsiproxy - ok
19:48:24.0829 4168 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:48:24.0844 4168 Ntfs - ok
19:48:24.0860 4168 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:48:24.0860 4168 Null - ok
19:48:24.0891 4168 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:48:24.0891 4168 NVHDA - ok
19:48:26.0092 4168 [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:48:26.0186 4168 nvlddmkm - ok
19:48:26.0233 4168 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:48:26.0233 4168 nvraid - ok
19:48:26.0248 4168 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:48:26.0248 4168 nvstor - ok
19:48:26.0295 4168 [ A83AC04D672567CAF8BE7A4D73C0B850 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:48:26.0311 4168 nvsvc - ok
19:48:26.0404 4168 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:48:26.0420 4168 nvUpdatusService - ok
19:48:26.0435 4168 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:48:26.0435 4168 nv_agp - ok
19:48:26.0451 4168 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:48:26.0451 4168 ohci1394 - ok
19:48:26.0482 4168 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:48:26.0482 4168 p2pimsvc - ok
19:48:26.0498 4168 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:48:26.0498 4168 p2psvc - ok
19:48:26.0513 4168 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:48:26.0513 4168 Parport - ok
19:48:26.0545 4168 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:48:26.0545 4168 partmgr - ok
19:48:26.0576 4168 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:48:26.0576 4168 PcaSvc - ok
19:48:26.0591 4168 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:48:26.0591 4168 pci - ok
19:48:26.0607 4168 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:48:26.0607 4168 pciide - ok
19:48:26.0623 4168 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:48:26.0623 4168 pcmcia - ok
19:48:26.0638 4168 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:48:26.0638 4168 pcw - ok
19:48:26.0654 4168 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:48:26.0654 4168 PEAUTH - ok
19:48:26.0716 4168 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:48:26.0716 4168 PerfHost - ok
19:48:26.0747 4168 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:48:26.0763 4168 pla - ok
19:48:26.0794 4168 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:48:26.0810 4168 PlugPlay - ok
19:48:26.0825 4168 PnkBstrA - ok
19:48:26.0841 4168 PnkBstrB - ok
19:48:26.0857 4168 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:48:26.0857 4168 PNRPAutoReg - ok
19:48:26.0857 4168 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:48:26.0872 4168 PNRPsvc - ok
19:48:26.0919 4168 [ 32D374C60778253B81FA76C2FE19E155 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
19:48:26.0919 4168 Point64 - ok
19:48:26.0950 4168 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:48:26.0966 4168 PolicyAgent - ok
19:48:26.0997 4168 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:48:26.0997 4168 Power - ok
19:48:27.0013 4168 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:48:27.0013 4168 PptpMiniport - ok
19:48:27.0028 4168 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:48:27.0028 4168 Processor - ok
19:48:27.0044 4168 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:48:27.0059 4168 ProfSvc - ok
19:48:27.0059 4168 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:48:27.0059 4168 ProtectedStorage - ok
19:48:27.0075 4168 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:48:27.0091 4168 Psched - ok
19:48:27.0122 4168 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:48:27.0137 4168 ql2300 - ok
19:48:27.0153 4168 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:48:27.0153 4168 ql40xx - ok
19:48:27.0169 4168 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:48:27.0169 4168 QWAVE - ok
19:48:27.0169 4168 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:48:27.0169 4168 QWAVEdrv - ok
19:48:27.0169 4168 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:48:27.0169 4168 RasAcd - ok
19:48:27.0184 4168 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:48:27.0184 4168 RasAgileVpn - ok
19:48:27.0200 4168 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:48:27.0200 4168 RasAuto - ok
19:48:27.0200 4168 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:48:27.0200 4168 Rasl2tp - ok
19:48:27.0215 4168 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:48:27.0215 4168 RasMan - ok
19:48:27.0215 4168 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:48:27.0215 4168 RasPppoe - ok
19:48:27.0215 4168 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:48:27.0215 4168 RasSstp - ok
19:48:27.0231 4168 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:48:27.0231 4168 rdbss - ok
19:48:27.0247 4168 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:48:27.0247 4168 rdpbus - ok
19:48:27.0262 4168 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:48:27.0262 4168 RDPCDD - ok
19:48:27.0278 4168 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:48:27.0278 4168 RDPENCDD - ok
19:48:27.0293 4168 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:48:27.0293 4168 RDPREFMP - ok
19:48:27.0340 4168 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:48:27.0340 4168 RdpVideoMiniport - ok
19:48:27.0371 4168 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:48:27.0371 4168 RDPWD - ok
19:48:27.0387 4168 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:48:27.0403 4168 rdyboost - ok
19:48:27.0418 4168 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:48:27.0418 4168 RemoteAccess - ok
19:48:27.0434 4168 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:48:27.0449 4168 RemoteRegistry - ok
19:48:27.0449 4168 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:48:27.0449 4168 RpcEptMapper - ok
19:48:27.0465 4168 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:48:27.0465 4168 RpcLocator - ok
19:48:27.0496 4168 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:48:27.0496 4168 RpcSs - ok
19:48:27.0527 4168 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:48:27.0527 4168 rspndr - ok
19:48:27.0527 4168 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:48:27.0527 4168 SamSs - ok
19:48:27.0543 4168 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:48:27.0543 4168 sbp2port - ok
19:48:27.0574 4168 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:48:27.0574 4168 SCardSvr - ok
19:48:27.0590 4168 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:48:27.0590 4168 scfilter - ok
19:48:27.0621 4168 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:48:27.0637 4168 Schedule - ok
19:48:27.0652 4168 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:48:27.0652 4168 SCPolicySvc - ok
19:48:27.0668 4168 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:48:27.0668 4168 SDRSVC - ok
19:48:27.0683 4168 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:48:27.0683 4168 secdrv - ok
19:48:27.0699 4168 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:48:27.0699 4168 seclogon - ok
19:48:27.0715 4168 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:48:27.0715 4168 SENS - ok
19:48:27.0746 4168 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:48:27.0746 4168 SensrSvc - ok
19:48:27.0761 4168 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:48:27.0761 4168 Serenum - ok
19:48:27.0777 4168 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
19:48:27.0777 4168 Serial - ok
19:48:27.0777 4168 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:48:27.0793 4168 sermouse - ok
19:48:27.0808 4168 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:48:27.0808 4168 SessionEnv - ok
19:48:27.0808 4168 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:48:27.0808 4168 sffdisk - ok
19:48:27.0824 4168 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:48:27.0824 4168 sffp_mmc - ok
19:48:27.0824 4168 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:48:27.0824 4168 sffp_sd - ok
19:48:27.0824 4168 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:48:27.0824 4168 sfloppy - ok
19:48:27.0839 4168 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:48:27.0855 4168 SharedAccess - ok
19:48:27.0871 4168 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:48:27.0871 4168 ShellHWDetection - ok
19:48:27.0886 4168 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:48:27.0886 4168 SiSRaid2 - ok
19:48:27.0886 4168 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:48:27.0886 4168 SiSRaid4 - ok
19:48:27.0964 4168 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:48:27.0964 4168 SkypeUpdate - ok
19:48:27.0980 4168 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:48:27.0980 4168 Smb - ok
19:48:28.0011 4168 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:48:28.0027 4168 SNMPTRAP - ok
19:48:28.0027 4168 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:48:28.0027 4168 spldr - ok
19:48:28.0058 4168 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:48:28.0058 4168 Spooler - ok
19:48:28.0120 4168 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:48:28.0167 4168 sppsvc - ok
19:48:28.0167 4168 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:48:28.0167 4168 sppuinotify - ok
19:48:28.0198 4168 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:48:28.0214 4168 srv - ok
19:48:28.0229 4168 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:48:28.0229 4168 srv2 - ok
19:48:28.0245 4168 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:48:28.0245 4168 srvnet - ok
19:48:28.0276 4168 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:48:28.0276 4168 SSDPSRV - ok
19:48:28.0292 4168 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:48:28.0292 4168 SstpSvc - ok
19:48:28.0307 4168 Steam Client Service - ok
19:48:28.0401 4168 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:48:28.0401 4168 Stereo Service - ok
19:48:28.0417 4168 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:48:28.0417 4168 stexstor - ok
19:48:28.0463 4168 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:48:28.0463 4168 stisvc - ok
19:48:28.0479 4168 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:48:28.0479 4168 swenum - ok
19:48:28.0495 4168 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:48:28.0495 4168 swprv - ok
19:48:28.0541 4168 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:48:28.0573 4168 SysMain - ok
19:48:28.0573 4168 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:48:28.0573 4168 TabletInputService - ok
19:48:28.0744 4168 [ C4C20CFA4F42E9B7454E895C5C47BCD3 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
19:48:28.0791 4168 TabletServicePen - ok
19:48:28.0822 4168 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:48:28.0822 4168 TapiSrv - ok
19:48:28.0822 4168 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:48:28.0822 4168 TBS - ok
19:48:28.0916 4168 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:48:28.0931 4168 Tcpip - ok
19:48:28.0947 4168 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:48:28.0947 4168 TCPIP6 - ok
19:48:28.0994 4168 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:48:28.0994 4168 tcpipreg - ok
19:48:29.0009 4168 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:48:29.0009 4168 TDPIPE - ok
19:48:29.0041 4168 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:48:29.0041 4168 TDTCP - ok
19:48:29.0056 4168 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:48:29.0056 4168 tdx - ok
19:48:29.0056 4168 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:48:29.0056 4168 TermDD - ok
19:48:29.0087 4168 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:48:29.0103 4168 TermService - ok
19:48:29.0103 4168 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:48:29.0119 4168 Themes - ok
19:48:29.0134 4168 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:48:29.0150 4168 THREADORDER - ok
19:48:29.0181 4168 [ 7625DCF246E488E523DC1F64C38ABDA2 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
19:48:29.0212 4168 TouchServicePen - ok
19:48:29.0243 4168 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:48:29.0243 4168 TrkWks - ok
19:48:29.0275 4168 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:48:29.0275 4168 TrustedInstaller - ok
19:48:29.0275 4168 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:48:29.0275 4168 tssecsrv - ok
19:48:29.0306 4168 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:48:29.0306 4168 TsUsbFlt - ok
19:48:29.0321 4168 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:48:29.0337 4168 TsUsbGD - ok
19:48:29.0353 4168 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:48:29.0353 4168 tunnel - ok
19:48:29.0368 4168 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:48:29.0368 4168 uagp35 - ok
19:48:29.0384 4168 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:48:29.0399 4168 udfs - ok
19:48:29.0399 4168 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:48:29.0399 4168 UI0Detect - ok
19:48:29.0431 4168 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:48:29.0431 4168 uliagpkx - ok
19:48:29.0446 4168 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:48:29.0446 4168 umbus - ok
19:48:29.0462 4168 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:48:29.0462 4168 UmPass - ok
19:48:29.0477 4168 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:48:29.0477 4168 upnphost - ok
19:48:29.0540 4168 [ 9494736E4865F9B3A0A525EE9AB0D991 ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA64.sys
19:48:29.0555 4168 USB28xxBGA - ok
19:48:29.0571 4168 [ 612FC1CB117CCF62D3C55488C8AEBD82 ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM64.sys
19:48:29.0571 4168 USB28xxOEM - ok
19:48:29.0618 4168 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:48:29.0618 4168 usbaudio - ok
19:48:29.0633 4168 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:48:29.0633 4168 usbccgp - ok
19:48:29.0649 4168 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:48:29.0649 4168 usbcir - ok
19:48:29.0665 4168 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:48:29.0665 4168 usbehci - ok
19:48:29.0680 4168 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:48:29.0680 4168 usbhub - ok
19:48:29.0696 4168 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:48:29.0696 4168 usbohci - ok
19:48:29.0711 4168 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:48:29.0711 4168 usbprint - ok
19:48:29.0711 4168 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:48:29.0711 4168 USBSTOR - ok
19:48:29.0743 4168 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:48:29.0743 4168 usbuhci - ok
19:48:29.0743 4168 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:48:29.0758 4168 UxSms - ok
19:48:29.0758 4168 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:48:29.0758 4168 VaultSvc - ok
19:48:29.0774 4168 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:48:29.0774 4168 vdrvroot - ok
19:48:29.0789 4168 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:48:29.0789 4168 vds - ok
19:48:29.0805 4168 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:48:29.0805 4168 vga - ok
19:48:29.0805 4168 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:48:29.0805 4168 VgaSave - ok
19:48:29.0821 4168 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:48:29.0821 4168 vhdmp - ok
19:48:29.0836 4168 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:48:29.0836 4168 viaide - ok
19:48:29.0836 4168 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:48:29.0836 4168 volmgr - ok
19:48:29.0867 4168 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:48:29.0867 4168 volmgrx - ok
19:48:29.0883 4168 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:48:29.0899 4168 volsnap - ok
19:48:29.0914 4168 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:48:29.0914 4168 vsmraid - ok
19:48:29.0961 4168 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:48:29.0977 4168 VSS - ok
19:48:29.0977 4168 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:48:29.0977 4168 vwifibus - ok
19:48:29.0992 4168 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:48:30.0008 4168 W32Time - ok
19:48:30.0055 4168 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
19:48:30.0055 4168 W3SVC - ok
19:48:30.0086 4168 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
19:48:30.0086 4168 wacommousefilter - ok
19:48:30.0086 4168 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:48:30.0101 4168 WacomPen - ok
19:48:30.0117 4168 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
19:48:30.0117 4168 wacomvhid - ok
19:48:30.0133 4168 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:48:30.0133 4168 WANARP - ok
19:48:30.0133 4168 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:48:30.0133 4168 Wanarpv6 - ok
19:48:30.0148 4168 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
19:48:30.0148 4168 WAS - ok
19:48:30.0226 4168 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:48:30.0242 4168 WatAdminSvc - ok
19:48:30.0273 4168 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:48:30.0289 4168 wbengine - ok
19:48:30.0304 4168 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:48:30.0320 4168 WbioSrvc - ok
19:48:30.0335 4168 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:48:30.0335 4168 wcncsvc - ok
19:48:30.0351 4168 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:48:30.0351 4168 WcsPlugInService - ok
19:48:30.0351 4168 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:48:30.0367 4168 Wd - ok
19:48:30.0382 4168 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
19:48:30.0382 4168 WDC_SAM - ok
19:48:30.0429 4168 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:48:30.0445 4168 Wdf01000 - ok
19:48:30.0460 4168 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:48:30.0460 4168 WdiServiceHost - ok
19:48:30.0460 4168 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:48:30.0460 4168 WdiSystemHost - ok
19:48:30.0476 4168 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:48:30.0476 4168 WebClient - ok
19:48:30.0491 4168 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:48:30.0491 4168 Wecsvc - ok
19:48:30.0491 4168 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:48:30.0491 4168 wercplsupport - ok
19:48:30.0523 4168 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:48:30.0523 4168 WerSvc - ok
19:48:30.0538 4168 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:48:30.0538 4168 WfpLwf - ok
19:48:30.0554 4168 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:48:30.0554 4168 WIMMount - ok
19:48:30.0554 4168 WinDefend - ok
19:48:30.0554 4168 WinHttpAutoProxySvc - ok
19:48:30.0585 4168 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:48:30.0601 4168 Winmgmt - ok
19:48:30.0647 4168 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:48:30.0679 4168 WinRM - ok
19:48:30.0710 4168 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:48:30.0710 4168 Wlansvc - ok
19:48:30.0803 4168 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:48:30.0819 4168 wlidsvc - ok
19:48:30.0850 4168 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:48:30.0850 4168 WmiAcpi - ok
19:48:30.0866 4168 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:48:30.0866 4168 wmiApSrv - ok
19:48:30.0897 4168 WMPNetworkSvc - ok
19:48:30.0913 4168 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:48:30.0913 4168 WPCSvc - ok
19:48:30.0928 4168 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:48:30.0928 4168 WPDBusEnum - ok
19:48:30.0928 4168 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:48:30.0928 4168 ws2ifsl - ok
19:48:30.0944 4168 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:48:30.0944 4168 wscsvc - ok
19:48:30.0944 4168 WSearch - ok
19:48:30.0991 4168 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:48:31.0037 4168 wuauserv - ok
19:48:31.0069 4168 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:48:31.0069 4168 WudfPf - ok
19:48:31.0084 4168 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:48:31.0100 4168 WUDFRd - ok
19:48:31.0115 4168 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:48:31.0131 4168 wudfsvc - ok
19:48:31.0147 4168 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:48:31.0147 4168 WwanSvc - ok
19:48:31.0427 4168 X6va005 - ok
19:48:31.0490 4168 [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
19:48:31.0490 4168 xnacc - ok
19:48:31.0521 4168 [ 38F55D07B1D3391065C40EC065F984E2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
19:48:31.0521 4168 xusb21 - ok
19:48:31.0537 4168 ================ Scan global ===============================
19:48:31.0552 4168 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:48:31.0583 4168 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
19:48:31.0599 4168 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
19:48:31.0630 4168 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:48:31.0646 4168 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:48:31.0661 4168 [Global] - ok
19:48:31.0661 4168 ================ Scan MBR ==================================
19:48:31.0661 4168 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:48:32.0036 4168 \Device\Harddisk0\DR0 - ok
19:48:32.0036 4168 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
19:48:32.0036 4168 \Device\Harddisk1\DR1 - ok
19:48:32.0036 4168 ================ Scan VBR ==================================
19:48:32.0036 4168 [ EA076AD2516580A36BECCC0D881AC4EC ] \Device\Harddisk0\DR0\Partition1
19:48:32.0051 4168 \Device\Harddisk0\DR0\Partition1 - ok
19:48:32.0051 4168 [ 4877E130866D34897FA6151134EA6956 ] \Device\Harddisk0\DR0\Partition2
19:48:32.0051 4168 \Device\Harddisk0\DR0\Partition2 - ok
19:48:32.0051 4168 [ 9B5CE993EB309D3B72A0BFEDBF25D666 ] \Device\Harddisk1\DR1\Partition1
19:48:32.0067 4168 \Device\Harddisk1\DR1\Partition1 - ok
19:48:32.0067 4168 ============================================================
19:48:32.0067 4168 Scan finished
19:48:32.0067 4168 ============================================================
19:48:32.0067 2944 Detected object count: 0
19:48:32.0067 2944 Actual detected object count: 0
19:49:04.0578 0124 Deinitialize success

# AdwCleaner v2.107 - Logfile created 01/23/2013 at 19:50:42
# Updated 21/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Kajet - KAJET-PCD
# Boot Mode : Normal
# Running from : C:\Users\Kajet\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\InstallMate

***** [Registry] *****

Key Deleted : HKCU\Software\Softonic

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\Kajet\AppData\Roaming\Mozilla\Firefox\Profiles\cvwy44ha.default\prefs.js

[OK] File is clean.

-\\ Opera v12.12.1707.0

File : C:\Users\Kajet\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [923 octets] - [23/01/2013 19:50:42]

########## EOF - C:\AdwCleaner[S1].txt - [982 octets] ##########



C:\Users\Kajet\AppData\Local\Mozilla\Firefox\Profiles\cvwy44ha.default\Cache\4\68\21CA0d01 JS/TrojanDownloader.Iframe.NKC trojan

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,538 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:55 AM

Posted 24 January 2013 - 10:27 AM

Any redirects and is the hiome page back?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Kajet

Kajet
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:55 AM

Posted 24 January 2013 - 10:29 AM

As far as I can tell, no. however some google results have been worrying, probably needlessly so.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,538 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:55 AM

Posted 24 January 2013 - 10:43 AM

Ok, lets look at one more thing.. I wouls avoid that site the infection you picked up comes from the site page being infected.

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Kajet

Kajet
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:55 AM

Posted 24 January 2013 - 05:24 PM

aswMBR seems to freeze on specific files, is this normal?

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,538 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:55 AM

Posted 24 January 2013 - 07:21 PM

Not really....

Try this//
Download

http://download.bleepingcomputer.com/rootrepeal/MBRCheck.exe

Double click MBRCheck.exe

It will show a Black screen with some information that will contain either the below line if no problem is found:

Press ENTER to exit...

Or

you will see more information like below if a problem is found:
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Kajet

Kajet
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:55 AM

Posted 24 January 2013 - 07:42 PM

OK aswMBR finally finished, should I run MBRCheck as well?

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-24 16:35:28
-----------------------------
16:35:28.016 OS Version: Windows x64 6.1.7601 Service Pack 1
16:35:28.016 Number of processors: 4 586 0x2A07
16:35:28.016 ComputerName: KAJET-PCD UserName: Kajet
16:35:28.936 Initialize success
16:35:38.125 AVAST engine defs: 13012400
16:35:57.219 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:35:57.219 Disk 0 Vendor: SAMSUNG_HD103SJ 1AJ10001 Size: 953869MB BusType: 11
16:35:57.219 Disk 0 MBR read successfully
16:35:57.219 Disk 0 MBR scan
16:35:57.219 Disk 0 Windows 7 default MBR code
16:35:57.235 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:35:57.235 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
16:35:57.250 Disk 0 scanning C:\Windows\system32\drivers
16:36:01.665 Service scanning
16:36:12.476 Modules scanning
16:36:12.476 Disk 0 trace - called modules:
16:36:12.476 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
16:36:12.492 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800deb1060]
16:36:12.492 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa800db4de40]
16:36:12.492 5 ACPI.sys[fffff88000f177a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800db59060]
16:36:13.381 AVAST engine scan C:\Windows
16:36:15.549 AVAST engine scan C:\Windows\system32
16:38:05.186 AVAST engine scan C:\Windows\system32\drivers
16:38:10.787 AVAST engine scan C:\Users\Kajet
17:44:45.220 AVAST engine scan C:\ProgramData
17:45:57.495 Scan finished successfully
18:25:27.810 Disk 0 MBR has been saved successfully to "C:\Users\Kajet\Desktop\MBR.dat"
18:25:27.810 The log file has been saved successfully to "C:\Users\Kajet\Desktop\aswMBR.txt"

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,538 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:55 AM

Posted 24 January 2013 - 07:50 PM

No,no need MBR is clean.

If all's good then ,,,,Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Kajet

Kajet
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:55 AM

Posted 24 January 2013 - 09:14 PM

Okay, got all of that done, made a new restore point and deleted all the other ones, Thanks for all the help.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users