Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

livesearchnow redirect virus


  • Please log in to reply
6 replies to this topic

#1 GTwood

GTwood

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:54 AM

Posted 30 January 2013 - 03:40 PM

Just read one of the livesearchnow redirect virus posts. I have the same problem. Would very much appreciate the help. Thanks

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:54 AM

Posted 30 January 2013 - 03:57 PM

Welcome GTwoodlet's run these then,,,

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 GTwood

GTwood
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:54 AM

Posted 31 January 2013 - 07:13 AM

16:02:16.0205 6368 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:02:16.0595 6368 ============================================================
16:02:16.0595 6368 Current date / time: 2013/01/30 16:02:16.0595
16:02:16.0595 6368 SystemInfo:
16:02:16.0595 6368
16:02:16.0595 6368 OS Version: 6.1.7601 ServicePack: 1.0
16:02:16.0595 6368 Product type: Workstation
16:02:16.0595 6368 ComputerName: EI2DW200
16:02:16.0595 6368 UserName: dw200
16:02:16.0595 6368 Windows directory: C:\Windows
16:02:16.0595 6368 System windows directory: C:\Windows
16:02:16.0595 6368 Processor architecture: Intel x86
16:02:16.0595 6368 Number of processors: 4
16:02:16.0595 6368 Page size: 0x1000
16:02:16.0595 6368 Boot type: Normal boot
16:02:16.0595 6368 ============================================================
16:02:19.0544 6368 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:02:19.0559 6368 ============================================================
16:02:19.0559 6368 \Device\Harddisk0\DR0:
16:02:19.0559 6368 MBR partitions:
16:02:19.0559 6368 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:02:19.0559 6368 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
16:02:19.0559 6368 ============================================================
16:02:19.0575 6368 C: <-> \Device\Harddisk0\DR0\Partition2
16:02:19.0575 6368 ============================================================
16:02:19.0575 6368 Initialize success
16:02:19.0575 6368 ============================================================
16:02:54.0332 2328 ============================================================
16:02:54.0332 2328 Scan started
16:02:54.0332 2328 Mode: Manual; TDLFS;
16:02:54.0332 2328 ============================================================
16:02:55.0283 2328 ================ Scan system memory ========================
16:02:55.0283 2328 System memory - ok
16:02:55.0283 2328 ================ Scan services =============================
16:02:55.0611 2328 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:02:55.0611 2328 1394ohci - ok
16:02:55.0626 2328 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:02:55.0626 2328 ACPI - ok
16:02:55.0642 2328 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:02:55.0642 2328 AcpiPmi - ok
16:02:55.0673 2328 [ 45D8E2A2D8B9F33C32A7ADB6900C6E04 ] acsock C:\Windows\system32\DRIVERS\acsock.sys
16:02:55.0673 2328 acsock - ok
16:02:55.0751 2328 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:02:55.0751 2328 AdobeARMservice - ok
16:02:55.0782 2328 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:02:55.0782 2328 AdobeFlashPlayerUpdateSvc - ok
16:02:55.0814 2328 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:02:55.0829 2328 adp94xx - ok
16:02:55.0845 2328 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:02:55.0845 2328 adpahci - ok
16:02:55.0860 2328 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:02:55.0860 2328 adpu320 - ok
16:02:55.0876 2328 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:02:55.0892 2328 AeLookupSvc - ok
16:02:55.0923 2328 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
16:02:55.0938 2328 AFD - ok
16:02:55.0954 2328 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
16:02:55.0954 2328 agp440 - ok
16:02:55.0970 2328 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
16:02:55.0970 2328 aic78xx - ok
16:02:55.0970 2328 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
16:02:55.0985 2328 ALG - ok
16:02:55.0985 2328 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
16:02:55.0985 2328 aliide - ok
16:02:56.0001 2328 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
16:02:56.0001 2328 amdagp - ok
16:02:56.0016 2328 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
16:02:56.0016 2328 amdide - ok
16:02:56.0032 2328 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:02:56.0032 2328 AmdK8 - ok
16:02:56.0032 2328 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:02:56.0032 2328 AmdPPM - ok
16:02:56.0063 2328 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:02:56.0063 2328 amdsata - ok
16:02:56.0079 2328 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:02:56.0079 2328 amdsbs - ok
16:02:56.0094 2328 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:02:56.0094 2328 amdxata - ok
16:02:56.0094 2328 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
16:02:56.0094 2328 AppID - ok
16:02:56.0094 2328 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:02:56.0094 2328 AppIDSvc - ok
16:02:56.0110 2328 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
16:02:56.0110 2328 Appinfo - ok
16:02:56.0110 2328 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
16:02:56.0110 2328 AppMgmt - ok
16:02:56.0126 2328 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
16:02:56.0126 2328 arc - ok
16:02:56.0141 2328 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:02:56.0141 2328 arcsas - ok
16:02:56.0188 2328 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
16:02:56.0188 2328 aswFsBlk - ok
16:02:56.0235 2328 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
16:02:56.0250 2328 aswMonFlt - ok
16:02:56.0266 2328 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
16:02:56.0266 2328 aswRdr - ok
16:02:56.0297 2328 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
16:02:56.0297 2328 aswSnx - ok
16:02:56.0344 2328 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
16:02:56.0344 2328 aswSP - ok
16:02:56.0360 2328 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
16:02:56.0360 2328 aswTdi - ok
16:02:56.0375 2328 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:02:56.0375 2328 AsyncMac - ok
16:02:56.0391 2328 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
16:02:56.0391 2328 atapi - ok
16:02:56.0422 2328 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:02:56.0438 2328 AudioEndpointBuilder - ok
16:02:56.0438 2328 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:02:56.0438 2328 Audiosrv - ok
16:02:56.0500 2328 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:02:56.0500 2328 avast! Antivirus - ok
16:02:56.0547 2328 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:02:56.0547 2328 AxInstSV - ok
16:02:56.0562 2328 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
16:02:56.0562 2328 b06bdrv - ok
16:02:56.0578 2328 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
16:02:56.0578 2328 b57nd60x - ok
16:02:56.0594 2328 [ AE34E42C247803C13EA206ADE7EFA993 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
16:02:56.0594 2328 BCM42RLY - ok
16:02:56.0703 2328 [ F44E26FB791012A4354FA9FE701B93B6 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
16:02:56.0765 2328 BCM43XX - ok
16:02:56.0796 2328 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
16:02:56.0796 2328 BDESVC - ok
16:02:56.0812 2328 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
16:02:56.0812 2328 Beep - ok
16:02:56.0828 2328 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
16:02:56.0843 2328 BFE - ok
16:02:56.0890 2328 [ 8DC837789BBF0E1BEF252A8F7C101F7B ] BingDesktopUpdate C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
16:02:56.0890 2328 BingDesktopUpdate - ok
16:02:56.0921 2328 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
16:02:56.0937 2328 BITS - ok
16:02:56.0937 2328 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:02:56.0937 2328 blbdrive - ok
16:02:56.0968 2328 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:02:56.0968 2328 bowser - ok
16:02:56.0968 2328 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:02:56.0984 2328 BrFiltLo - ok
16:02:56.0984 2328 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:02:56.0984 2328 BrFiltUp - ok
16:02:56.0999 2328 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
16:02:56.0999 2328 Browser - ok
16:02:57.0015 2328 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:02:57.0015 2328 Brserid - ok
16:02:57.0030 2328 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:02:57.0030 2328 BrSerWdm - ok
16:02:57.0030 2328 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:02:57.0030 2328 BrUsbMdm - ok
16:02:57.0030 2328 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:02:57.0030 2328 BrUsbSer - ok
16:02:57.0062 2328 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:02:57.0062 2328 BthEnum - ok
16:02:57.0062 2328 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:02:57.0077 2328 BTHMODEM - ok
16:02:57.0093 2328 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:02:57.0093 2328 BthPan - ok
16:02:57.0108 2328 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:02:57.0124 2328 BTHPORT - ok
16:02:57.0155 2328 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
16:02:57.0155 2328 bthserv - ok
16:02:57.0171 2328 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:02:57.0171 2328 BTHUSB - ok
16:02:57.0327 2328 [ 34748D4369278157D8606E5012734312 ] CarboniteService C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
16:02:57.0420 2328 CarboniteService - ok
16:02:57.0436 2328 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:02:57.0436 2328 cdfs - ok
16:02:57.0467 2328 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:02:57.0467 2328 cdrom - ok
16:02:57.0498 2328 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
16:02:57.0498 2328 CertPropSvc - ok
16:02:57.0514 2328 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
16:02:57.0514 2328 circlass - ok
16:02:57.0530 2328 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
16:02:57.0530 2328 CLFS - ok
16:02:57.0592 2328 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:02:57.0608 2328 clr_optimization_v2.0.50727_32 - ok
16:02:57.0654 2328 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:02:57.0654 2328 clr_optimization_v4.0.30319_32 - ok
16:02:57.0670 2328 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:02:57.0670 2328 CmBatt - ok
16:02:57.0670 2328 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:02:57.0670 2328 cmdide - ok
16:02:57.0701 2328 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
16:02:57.0701 2328 CNG - ok
16:02:57.0717 2328 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:02:57.0732 2328 Compbatt - ok
16:02:57.0748 2328 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:02:57.0748 2328 CompositeBus - ok
16:02:57.0764 2328 COMSysApp - ok
16:02:57.0779 2328 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:02:57.0779 2328 crcdisk - ok
16:02:57.0810 2328 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:02:57.0810 2328 CryptSvc - ok
16:02:57.0826 2328 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
16:02:57.0826 2328 CSC - ok
16:02:57.0857 2328 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
16:02:57.0857 2328 CscService - ok
16:02:57.0888 2328 [ 0F538DF1673E5216F3BAACB6911D9D0F ] CtAudDrv C:\Windows\system32\Drivers\CtAudDrv.sys
16:02:57.0888 2328 CtAudDrv - ok
16:02:57.0904 2328 [ AA52C0B88C46D5037809D05DD826C61E ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:02:57.0920 2328 CtClsFlt - ok
16:02:57.0951 2328 [ 0C527B30712D735D8CB61B5187C36587 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
16:02:57.0951 2328 dc3d - ok
16:02:57.0982 2328 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
16:02:57.0982 2328 DcomLaunch - ok
16:02:57.0998 2328 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
16:02:57.0998 2328 defragsvc - ok
16:02:58.0029 2328 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:02:58.0029 2328 DfsC - ok
16:02:58.0044 2328 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:02:58.0044 2328 Dhcp - ok
16:02:58.0060 2328 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
16:02:58.0060 2328 discache - ok
16:02:58.0091 2328 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
16:02:58.0091 2328 Disk - ok
16:02:58.0107 2328 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
16:02:58.0107 2328 dmvsc - ok
16:02:58.0122 2328 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:02:58.0122 2328 Dnscache - ok
16:02:58.0154 2328 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
16:02:58.0154 2328 dot3svc - ok
16:02:58.0169 2328 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
16:02:58.0169 2328 DPS - ok
16:02:58.0185 2328 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:02:58.0185 2328 drmkaud - ok
16:02:58.0200 2328 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:02:58.0216 2328 DXGKrnl - ok
16:02:58.0247 2328 [ 27DE93085F73B385AC26E6C63441B5DC ] e1cexpress C:\Windows\system32\DRIVERS\e1c6232.sys
16:02:58.0263 2328 e1cexpress - ok
16:02:58.0263 2328 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
16:02:58.0263 2328 EapHost - ok
16:02:58.0356 2328 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
16:02:58.0434 2328 ebdrv - ok
16:02:58.0450 2328 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
16:02:58.0450 2328 EFS - ok
16:02:58.0497 2328 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:02:58.0497 2328 ehRecvr - ok
16:02:58.0512 2328 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
16:02:58.0512 2328 ehSched - ok
16:02:58.0528 2328 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:02:58.0528 2328 elxstor - ok
16:02:58.0544 2328 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:02:58.0544 2328 ErrDev - ok
16:02:58.0575 2328 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
16:02:58.0590 2328 EventSystem - ok
16:02:58.0590 2328 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
16:02:58.0590 2328 exfat - ok
16:02:58.0606 2328 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:02:58.0606 2328 fastfat - ok
16:02:58.0622 2328 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
16:02:58.0637 2328 Fax - ok
16:02:58.0637 2328 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
16:02:58.0637 2328 fdc - ok
16:02:58.0653 2328 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
16:02:58.0653 2328 fdPHost - ok
16:02:58.0668 2328 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
16:02:58.0668 2328 FDResPub - ok
16:02:58.0684 2328 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:02:58.0684 2328 FileInfo - ok
16:02:58.0700 2328 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:02:58.0700 2328 Filetrace - ok
16:02:58.0700 2328 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:02:58.0700 2328 flpydisk - ok
16:02:58.0715 2328 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:02:58.0715 2328 FltMgr - ok
16:02:58.0746 2328 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
16:02:58.0762 2328 FontCache - ok
16:02:58.0793 2328 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:02:58.0793 2328 FontCache3.0.0.0 - ok
16:02:58.0809 2328 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:02:58.0809 2328 FsDepends - ok
16:02:58.0824 2328 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:02:58.0824 2328 Fs_Rec - ok
16:02:58.0840 2328 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:02:58.0856 2328 fvevol - ok
16:02:58.0856 2328 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:02:58.0856 2328 gagp30kx - ok
16:02:58.0887 2328 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
16:02:58.0887 2328 gpsvc - ok
16:02:58.0949 2328 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:02:58.0949 2328 gupdate - ok
16:02:58.0965 2328 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:02:58.0965 2328 gupdatem - ok
16:02:58.0996 2328 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:02:58.0996 2328 gusvc - ok
16:02:59.0012 2328 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:02:59.0012 2328 hcw85cir - ok
16:02:59.0043 2328 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:02:59.0043 2328 HdAudAddService - ok
16:02:59.0058 2328 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:02:59.0058 2328 HDAudBus - ok
16:02:59.0074 2328 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:02:59.0074 2328 HidBatt - ok
16:02:59.0090 2328 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:02:59.0090 2328 HidBth - ok
16:02:59.0105 2328 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
16:02:59.0105 2328 HidIr - ok
16:02:59.0121 2328 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
16:02:59.0136 2328 hidserv - ok
16:02:59.0136 2328 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:02:59.0152 2328 HidUsb - ok
16:02:59.0152 2328 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:02:59.0152 2328 hkmsvc - ok
16:02:59.0168 2328 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:02:59.0168 2328 HomeGroupListener - ok
16:02:59.0183 2328 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:02:59.0199 2328 HomeGroupProvider - ok
16:02:59.0246 2328 [ D1E9CB573A9EDF7BE12E9C57F32E97F7 ] HP LaserJet Service C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
16:02:59.0246 2328 HP LaserJet Service - ok
16:02:59.0261 2328 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:02:59.0261 2328 HpSAMD - ok
16:02:59.0277 2328 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:02:59.0277 2328 HTTP - ok
16:02:59.0292 2328 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:02:59.0292 2328 hwpolicy - ok
16:02:59.0308 2328 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:02:59.0308 2328 i8042prt - ok
16:02:59.0339 2328 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:02:59.0339 2328 iaStorV - ok
16:02:59.0386 2328 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:02:59.0402 2328 idsvc - ok
16:02:59.0604 2328 [ 721A8D48B2DC8C1C58C61CB948491EA8 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
16:02:59.0776 2328 igfx - ok
16:02:59.0823 2328 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:02:59.0823 2328 iirsp - ok
16:02:59.0854 2328 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
16:02:59.0854 2328 IKEEXT - ok
16:02:59.0870 2328 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
16:02:59.0870 2328 intelide - ok
16:02:59.0885 2328 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:02:59.0885 2328 intelppm - ok
16:02:59.0901 2328 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:02:59.0901 2328 IPBusEnum - ok
16:02:59.0901 2328 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:02:59.0916 2328 IpFilterDriver - ok
16:02:59.0932 2328 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:02:59.0948 2328 iphlpsvc - ok
16:02:59.0948 2328 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:02:59.0948 2328 IPMIDRV - ok
16:02:59.0963 2328 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:02:59.0963 2328 IPNAT - ok
16:02:59.0963 2328 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:02:59.0963 2328 IRENUM - ok
16:02:59.0979 2328 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:02:59.0979 2328 isapnp - ok
16:02:59.0994 2328 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:03:00.0010 2328 iScsiPrt - ok
16:03:00.0026 2328 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:03:00.0026 2328 kbdclass - ok
16:03:00.0041 2328 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:03:00.0041 2328 kbdhid - ok
16:03:00.0057 2328 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
16:03:00.0057 2328 KeyIso - ok
16:03:00.0072 2328 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:03:00.0072 2328 KSecDD - ok
16:03:00.0088 2328 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:03:00.0088 2328 KSecPkg - ok
16:03:00.0119 2328 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
16:03:00.0119 2328 KtmRm - ok
16:03:00.0150 2328 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
16:03:00.0150 2328 LanmanServer - ok
16:03:00.0166 2328 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:03:00.0166 2328 LanmanWorkstation - ok
16:03:00.0182 2328 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:03:00.0197 2328 lltdio - ok
16:03:00.0197 2328 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:03:00.0213 2328 lltdsvc - ok
16:03:00.0213 2328 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
16:03:00.0213 2328 lmhosts - ok
16:03:00.0228 2328 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:03:00.0228 2328 LSI_FC - ok
16:03:00.0244 2328 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:03:00.0244 2328 LSI_SAS - ok
16:03:00.0260 2328 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:03:00.0260 2328 LSI_SAS2 - ok
16:03:00.0275 2328 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:03:00.0275 2328 LSI_SCSI - ok
16:03:00.0291 2328 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
16:03:00.0291 2328 luafv - ok
16:03:00.0338 2328 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:03:00.0338 2328 MBAMProtector - ok
16:03:00.0384 2328 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:03:00.0400 2328 MBAMScheduler - ok
16:03:00.0416 2328 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:03:00.0431 2328 MBAMService - ok
16:03:00.0447 2328 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:03:00.0447 2328 Mcx2Svc - ok
16:03:00.0447 2328 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
16:03:00.0462 2328 megasas - ok
16:03:00.0478 2328 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:03:00.0478 2328 MegaSR - ok
16:03:00.0650 2328 [ D86AC00883B9C98B570E7643AAF8E554 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
16:03:00.0650 2328 MEI - ok
16:03:00.0712 2328 Microsoft SharePoint Workspace Audit Service - ok
16:03:00.0728 2328 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
16:03:00.0728 2328 MMCSS - ok
16:03:00.0743 2328 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
16:03:00.0743 2328 Modem - ok
16:03:00.0759 2328 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:03:00.0759 2328 monitor - ok
16:03:00.0774 2328 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:03:00.0774 2328 mouclass - ok
16:03:00.0790 2328 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:03:00.0790 2328 mouhid - ok
16:03:00.0806 2328 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:03:00.0806 2328 mountmgr - ok
16:03:00.0837 2328 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:03:00.0837 2328 MozillaMaintenance - ok
16:03:00.0868 2328 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
16:03:00.0868 2328 MpFilter - ok
16:03:00.0884 2328 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
16:03:00.0884 2328 mpio - ok
16:03:00.0899 2328 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:03:00.0899 2328 mpsdrv - ok
16:03:00.0915 2328 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:03:00.0930 2328 MpsSvc - ok
16:03:00.0946 2328 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:03:00.0946 2328 MRxDAV - ok
16:03:00.0962 2328 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:03:00.0962 2328 mrxsmb - ok
16:03:00.0977 2328 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:03:00.0977 2328 mrxsmb10 - ok
16:03:00.0993 2328 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:03:00.0993 2328 mrxsmb20 - ok
16:03:01.0008 2328 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
16:03:01.0008 2328 msahci - ok
16:03:01.0024 2328 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:03:01.0024 2328 msdsm - ok
16:03:01.0024 2328 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
16:03:01.0040 2328 MSDTC - ok
16:03:01.0055 2328 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:03:01.0055 2328 Msfs - ok
16:03:01.0055 2328 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:03:01.0071 2328 mshidkmdf - ok
16:03:01.0071 2328 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:03:01.0071 2328 msisadrv - ok
16:03:01.0102 2328 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:03:01.0102 2328 MSiSCSI - ok
16:03:01.0102 2328 msiserver - ok
16:03:01.0118 2328 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:03:01.0118 2328 MSKSSRV - ok
16:03:01.0149 2328 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:03:01.0149 2328 MsMpSvc - ok
16:03:01.0149 2328 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:03:01.0149 2328 MSPCLOCK - ok
16:03:01.0164 2328 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:03:01.0164 2328 MSPQM - ok
16:03:01.0180 2328 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:03:01.0180 2328 MsRPC - ok
16:03:01.0180 2328 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:03:01.0196 2328 mssmbios - ok
16:03:01.0196 2328 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:03:01.0211 2328 MSTEE - ok
16:03:01.0211 2328 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:03:01.0211 2328 MTConfig - ok
16:03:01.0227 2328 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
16:03:01.0227 2328 Mup - ok
16:03:01.0274 2328 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
16:03:01.0274 2328 napagent - ok
16:03:01.0305 2328 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:03:01.0305 2328 NativeWifiP - ok
16:03:01.0352 2328 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:03:01.0352 2328 NDIS - ok
16:03:01.0367 2328 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:03:01.0367 2328 NdisCap - ok
16:03:01.0383 2328 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:03:01.0383 2328 NdisTapi - ok
16:03:01.0398 2328 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:03:01.0398 2328 Ndisuio - ok
16:03:01.0414 2328 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:03:01.0414 2328 NdisWan - ok
16:03:01.0430 2328 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:03:01.0430 2328 NDProxy - ok
16:03:01.0445 2328 [ 80B7A96F908DA13617E7E6832C5C6A64 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:03:01.0461 2328 Net Driver HPZ12 - ok
16:03:01.0476 2328 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:03:01.0476 2328 NetBIOS - ok
16:03:01.0492 2328 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:03:01.0492 2328 NetBT - ok
16:03:01.0508 2328 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
16:03:01.0508 2328 Netlogon - ok
16:03:01.0523 2328 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
16:03:01.0539 2328 Netman - ok
16:03:01.0554 2328 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
16:03:01.0554 2328 netprofm - ok
16:03:01.0586 2328 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:03:01.0586 2328 NetTcpPortSharing - ok
16:03:01.0601 2328 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:03:01.0601 2328 nfrd960 - ok
16:03:01.0632 2328 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:03:01.0632 2328 NisDrv - ok
16:03:01.0648 2328 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
16:03:01.0648 2328 NisSrv - ok
16:03:01.0679 2328 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
16:03:01.0679 2328 NlaSvc - ok
16:03:01.0679 2328 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:03:01.0679 2328 Npfs - ok
16:03:01.0710 2328 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
16:03:01.0710 2328 nsi - ok
16:03:01.0710 2328 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:03:01.0726 2328 nsiproxy - ok
16:03:01.0757 2328 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:03:01.0773 2328 Ntfs - ok
16:03:01.0773 2328 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
16:03:01.0773 2328 Null - ok
16:03:01.0820 2328 [ 3D7FB57354703809B5F0C23287FAC1D6 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
16:03:01.0820 2328 NVHDA - ok
16:03:01.0851 2328 [ 26C34CC92475BBCC02AE2DFA18BC352A ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
16:03:01.0851 2328 nvkflt - ok
16:03:02.0022 2328 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:03:02.0178 2328 nvlddmkm - ok
16:03:02.0241 2328 [ 57B793C433639053B02E0976E426749E ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
16:03:02.0241 2328 nvpciflt - ok
16:03:02.0256 2328 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:03:02.0256 2328 nvraid - ok
16:03:02.0272 2328 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:03:02.0272 2328 nvstor - ok
16:03:02.0303 2328 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:03:02.0319 2328 nvsvc - ok
16:03:02.0350 2328 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:03:02.0366 2328 nvUpdatusService - ok
16:03:02.0381 2328 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:03:02.0381 2328 nv_agp - ok
16:03:02.0397 2328 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:03:02.0397 2328 ohci1394 - ok
16:03:02.0428 2328 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:03:02.0428 2328 ose - ok
16:03:02.0506 2328 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:03:02.0600 2328 osppsvc - ok
16:03:02.0631 2328 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:03:02.0631 2328 p2pimsvc - ok
16:03:02.0662 2328 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
16:03:02.0662 2328 p2psvc - ok
16:03:02.0693 2328 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:03:02.0693 2328 Parport - ok
16:03:02.0709 2328 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:03:02.0724 2328 partmgr - ok
16:03:02.0724 2328 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
16:03:02.0724 2328 Parvdm - ok
16:03:02.0740 2328 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:03:02.0740 2328 PcaSvc - ok
16:03:02.0756 2328 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
16:03:02.0756 2328 pci - ok
16:03:02.0771 2328 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
16:03:02.0771 2328 pciide - ok
16:03:02.0787 2328 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:03:02.0787 2328 pcmcia - ok
16:03:02.0802 2328 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
16:03:02.0802 2328 pcw - ok
16:03:02.0818 2328 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:03:02.0834 2328 PEAUTH - ok
16:03:02.0849 2328 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:03:02.0865 2328 PeerDistSvc - ok
16:03:02.0896 2328 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
16:03:02.0943 2328 pla - ok
16:03:02.0974 2328 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:03:02.0974 2328 PlugPlay - ok
16:03:03.0005 2328 [ 0C155C5D8942B3CBCF9506A9D376B9AD ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:03:03.0005 2328 Pml Driver HPZ12 - ok
16:03:03.0021 2328 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:03:03.0021 2328 PNRPAutoReg - ok
16:03:03.0036 2328 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:03:03.0036 2328 PNRPsvc - ok
16:03:03.0068 2328 [ 0648C9DB881557749039CFEE5E97E1A3 ] Point32 C:\Windows\system32\DRIVERS\point32.sys
16:03:03.0068 2328 Point32 - ok
16:03:03.0114 2328 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:03:03.0114 2328 PolicyAgent - ok
16:03:03.0146 2328 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
16:03:03.0146 2328 Power - ok
16:03:03.0177 2328 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:03:03.0192 2328 PptpMiniport - ok
16:03:03.0192 2328 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
16:03:03.0192 2328 Processor - ok
16:03:03.0224 2328 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
16:03:03.0224 2328 ProfSvc - ok
16:03:03.0239 2328 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:03:03.0239 2328 ProtectedStorage - ok
16:03:03.0239 2328 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:03:03.0255 2328 Psched - ok
16:03:03.0286 2328 [ 03E0FE281823BA64B3782F5B38950E73 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
16:03:03.0286 2328 PxHelp20 - ok
16:03:03.0317 2328 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:03:03.0333 2328 ql2300 - ok
16:03:03.0348 2328 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:03:03.0348 2328 ql40xx - ok
16:03:03.0380 2328 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
16:03:03.0380 2328 QWAVE - ok
16:03:03.0395 2328 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:03:03.0395 2328 QWAVEdrv - ok
16:03:03.0411 2328 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:03:03.0411 2328 RasAcd - ok
16:03:03.0426 2328 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:03:03.0426 2328 RasAgileVpn - ok
16:03:03.0442 2328 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
16:03:03.0442 2328 RasAuto - ok
16:03:03.0458 2328 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:03:03.0458 2328 Rasl2tp - ok
16:03:03.0473 2328 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
16:03:03.0489 2328 RasMan - ok
16:03:03.0489 2328 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:03:03.0489 2328 RasPppoe - ok
16:03:03.0504 2328 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:03:03.0504 2328 RasSstp - ok
16:03:03.0520 2328 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:03:03.0520 2328 rdbss - ok
16:03:03.0536 2328 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:03:03.0536 2328 rdpbus - ok
16:03:03.0551 2328 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:03:03.0551 2328 RDPCDD - ok
16:03:03.0567 2328 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:03:03.0567 2328 RDPDR - ok
16:03:03.0582 2328 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:03:03.0582 2328 RDPENCDD - ok
16:03:03.0598 2328 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:03:03.0598 2328 RDPREFMP - ok
16:03:03.0614 2328 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:03:03.0614 2328 RdpVideoMiniport - ok
16:03:03.0629 2328 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:03:03.0629 2328 RDPWD - ok
16:03:03.0645 2328 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:03:03.0645 2328 rdyboost - ok
16:03:03.0660 2328 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
16:03:03.0660 2328 RemoteAccess - ok
16:03:03.0676 2328 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:03:03.0692 2328 RemoteRegistry - ok
16:03:03.0707 2328 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:03:03.0707 2328 RFCOMM - ok
16:03:03.0738 2328 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:03:03.0738 2328 RpcEptMapper - ok
16:03:03.0754 2328 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
16:03:03.0754 2328 RpcLocator - ok
16:03:03.0770 2328 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
16:03:03.0770 2328 RpcSs - ok
16:03:03.0785 2328 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:03:03.0785 2328 rspndr - ok
16:03:03.0801 2328 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:03:03.0801 2328 s3cap - ok
16:03:03.0816 2328 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
16:03:03.0816 2328 SamSs - ok
16:03:03.0832 2328 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:03:03.0832 2328 sbp2port - ok
16:03:03.0894 2328 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
16:03:03.0894 2328 SBSDWSCService - ok
16:03:03.0926 2328 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:03:03.0926 2328 SCardSvr - ok
16:03:03.0941 2328 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:03:03.0941 2328 scfilter - ok
16:03:03.0972 2328 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
16:03:03.0972 2328 Schedule - ok
16:03:03.0988 2328 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:03:03.0988 2328 SCPolicySvc - ok
16:03:04.0019 2328 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
16:03:04.0019 2328 sdbus - ok
16:03:04.0019 2328 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:03:04.0035 2328 SDRSVC - ok
16:03:04.0066 2328 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:03:04.0066 2328 secdrv - ok
16:03:04.0066 2328 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
16:03:04.0082 2328 seclogon - ok
16:03:04.0097 2328 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
16:03:04.0097 2328 SENS - ok
16:03:04.0113 2328 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:03:04.0113 2328 SensrSvc - ok
16:03:04.0128 2328 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:03:04.0144 2328 Serenum - ok
16:03:04.0144 2328 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
16:03:04.0144 2328 Serial - ok
16:03:04.0160 2328 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:03:04.0175 2328 sermouse - ok
16:03:04.0175 2328 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
16:03:04.0191 2328 SessionEnv - ok
16:03:04.0191 2328 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:03:04.0191 2328 sffdisk - ok
16:03:04.0206 2328 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:03:04.0206 2328 sffp_mmc - ok
16:03:04.0222 2328 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:03:04.0222 2328 sffp_sd - ok
16:03:04.0222 2328 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:03:04.0222 2328 sfloppy - ok
16:03:04.0238 2328 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:03:04.0253 2328 SharedAccess - ok
16:03:04.0269 2328 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:03:04.0269 2328 ShellHWDetection - ok
16:03:04.0284 2328 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
16:03:04.0284 2328 sisagp - ok
16:03:04.0300 2328 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:03:04.0316 2328 SiSRaid2 - ok
16:03:04.0316 2328 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:03:04.0331 2328 SiSRaid4 - ok
16:03:04.0347 2328 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:03:04.0347 2328 Smb - ok
16:03:04.0362 2328 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:03:04.0362 2328 SNMPTRAP - ok
16:03:04.0378 2328 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
16:03:04.0378 2328 spldr - ok
16:03:04.0409 2328 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
16:03:04.0409 2328 Spooler - ok
16:03:04.0472 2328 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
16:03:04.0534 2328 sppsvc - ok
16:03:04.0550 2328 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:03:04.0550 2328 sppuinotify - ok
16:03:04.0581 2328 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:03:04.0581 2328 srv - ok
16:03:04.0596 2328 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:03:04.0596 2328 srv2 - ok
16:03:04.0612 2328 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:03:04.0612 2328 srvnet - ok
16:03:04.0628 2328 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:03:04.0628 2328 SSDPSRV - ok
16:03:04.0659 2328 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:03:04.0659 2328 SstpSvc - ok
16:03:04.0706 2328 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:03:04.0721 2328 Stereo Service - ok
16:03:04.0737 2328 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:03:04.0737 2328 stexstor - ok
16:03:04.0768 2328 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:03:04.0768 2328 StillCam - ok
16:03:04.0784 2328 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
16:03:04.0799 2328 StiSvc - ok
16:03:04.0830 2328 [ E476C66713C842F58E61A95826ED1D57 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
16:03:04.0830 2328 stllssvr - ok
16:03:04.0846 2328 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:03:04.0846 2328 storflt - ok
16:03:04.0862 2328 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
16:03:04.0862 2328 StorSvc - ok
16:03:04.0877 2328 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:03:04.0877 2328 storvsc - ok
16:03:04.0893 2328 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:03:04.0893 2328 swenum - ok
16:03:04.0908 2328 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
16:03:04.0908 2328 swprv - ok
16:03:04.0955 2328 [ F2AD8960812FD111E20E84659EF19D43 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
16:03:04.0955 2328 Synth3dVsc - ok
16:03:04.0971 2328 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
16:03:04.0986 2328 SysMain - ok
16:03:05.0002 2328 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:03:05.0002 2328 TabletInputService - ok
16:03:05.0018 2328 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
16:03:05.0033 2328 TapiSrv - ok
16:03:05.0049 2328 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
16:03:05.0049 2328 TBS - ok
16:03:05.0080 2328 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:03:05.0096 2328 Tcpip - ok
16:03:05.0127 2328 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:03:05.0127 2328 TCPIP6 - ok
16:03:05.0142 2328 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:03:05.0142 2328 tcpipreg - ok
16:03:05.0158 2328 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:03:05.0158 2328 TDPIPE - ok
16:03:05.0189 2328 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:03:05.0189 2328 TDTCP - ok
16:03:05.0189 2328 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:03:05.0189 2328 tdx - ok
16:03:05.0205 2328 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:03:05.0205 2328 TermDD - ok
16:03:05.0220 2328 [ 052306FD76793D5D5AB5D9891FD1ADBB ] terminpt C:\Windows\system32\drivers\terminpt.sys
16:03:05.0220 2328 terminpt - ok
16:03:05.0236 2328 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
16:03:05.0252 2328 TermService - ok
16:03:05.0252 2328 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
16:03:05.0252 2328 Themes - ok
16:03:05.0267 2328 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
16:03:05.0267 2328 THREADORDER - ok
16:03:05.0298 2328 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
16:03:05.0298 2328 TrkWks - ok
16:03:05.0330 2328 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:03:05.0330 2328 TrustedInstaller - ok
16:03:05.0345 2328 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:03:05.0345 2328 tssecsrv - ok
16:03:05.0361 2328 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:03:05.0361 2328 TsUsbFlt - ok
16:03:05.0361 2328 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:03:05.0361 2328 TsUsbGD - ok
16:03:05.0376 2328 [ 045ACB987C650D8186C6B4A692223860 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
16:03:05.0376 2328 tsusbhub - ok
16:03:05.0408 2328 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:03:05.0408 2328 tunnel - ok
16:03:05.0423 2328 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:03:05.0423 2328 uagp35 - ok
16:03:05.0439 2328 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:03:05.0439 2328 udfs - ok
16:03:05.0454 2328 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:03:05.0470 2328 UI0Detect - ok
16:03:05.0486 2328 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:03:05.0486 2328 uliagpkx - ok
16:03:05.0501 2328 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:03:05.0501 2328 umbus - ok
16:03:05.0501 2328 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
16:03:05.0501 2328 UmPass - ok
16:03:05.0517 2328 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
16:03:05.0532 2328 UmRdpService - ok
16:03:05.0548 2328 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
16:03:05.0548 2328 upnphost - ok
16:03:05.0564 2328 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:03:05.0564 2328 usbccgp - ok
16:03:05.0579 2328 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:03:05.0579 2328 usbcir - ok
16:03:05.0595 2328 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:03:05.0610 2328 usbehci - ok
16:03:05.0626 2328 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:03:05.0642 2328 usbhub - ok
16:03:05.0657 2328 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:03:05.0751 2328 usbohci - ok
16:03:05.0813 2328 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:03:05.0860 2328 usbprint - ok
16:03:05.0985 2328 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:03:06.0016 2328 usbscan - ok
16:03:06.0032 2328 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:03:06.0047 2328 USBSTOR - ok
16:03:06.0047 2328 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:03:06.0063 2328 usbuhci - ok
16:03:06.0078 2328 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:03:06.0078 2328 usbvideo - ok
16:03:06.0094 2328 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
16:03:06.0110 2328 UxSms - ok
16:03:06.0110 2328 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
16:03:06.0110 2328 VaultSvc - ok
16:03:06.0141 2328 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:03:06.0141 2328 vdrvroot - ok
16:03:06.0156 2328 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
16:03:06.0172 2328 vds - ok
16:03:06.0188 2328 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:03:06.0188 2328 vga - ok
16:03:06.0203 2328 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:03:06.0203 2328 VgaSave - ok
16:03:06.0203 2328 VGPU - ok
16:03:06.0219 2328 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:03:06.0219 2328 vhdmp - ok
16:03:06.0250 2328 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
16:03:06.0250 2328 viaagp - ok
16:03:06.0266 2328 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
16:03:06.0266 2328 ViaC7 - ok
16:03:06.0281 2328 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
16:03:06.0281 2328 viaide - ok
16:03:06.0297 2328 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:03:06.0297 2328 vmbus - ok
16:03:06.0312 2328 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:03:06.0312 2328 VMBusHID - ok
16:03:06.0312 2328 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:03:06.0312 2328 volmgr - ok
16:03:06.0328 2328 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:03:06.0328 2328 volmgrx - ok
16:03:06.0344 2328 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:03:06.0344 2328 volsnap - ok
16:03:06.0390 2328 [ 18507BDC6C15BD464DE9AB18B6AF1C23 ] vpnagent C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
16:03:06.0390 2328 vpnagent - ok
16:03:06.0406 2328 [ FDDAFA1C89B0B07494AF5879F7ECE857 ] vpnva C:\Windows\system32\DRIVERS\vpnva.sys
16:03:06.0406 2328 vpnva - ok
16:03:06.0422 2328 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:03:06.0422 2328 vsmraid - ok
16:03:06.0453 2328 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
16:03:06.0468 2328 VSS - ok
16:03:06.0484 2328 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:03:06.0484 2328 vwifibus - ok
16:03:06.0500 2328 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:03:06.0500 2328 vwififlt - ok
16:03:06.0515 2328 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:03:06.0515 2328 vwifimp - ok
16:03:06.0515 2328 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
16:03:06.0531 2328 W32Time - ok
16:03:06.0531 2328 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:03:06.0531 2328 WacomPen - ok
16:03:06.0546 2328 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:03:06.0562 2328 WANARP - ok
16:03:06.0562 2328 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:03:06.0562 2328 Wanarpv6 - ok
16:03:06.0640 2328 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:03:06.0656 2328 WatAdminSvc - ok
16:03:06.0687 2328 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
16:03:06.0702 2328 wbengine - ok
16:03:06.0702 2328 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:03:06.0718 2328 WbioSrvc - ok
16:03:06.0718 2328 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:03:06.0734 2328 wcncsvc - ok
16:03:06.0749 2328 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:03:06.0749 2328 WcsPlugInService - ok
16:03:06.0765 2328 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
16:03:06.0765 2328 Wd - ok
16:03:06.0796 2328 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:03:06.0796 2328 Wdf01000 - ok
16:03:06.0812 2328 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:03:06.0812 2328 WdiServiceHost - ok
16:03:06.0827 2328 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:03:06.0827 2328 WdiSystemHost - ok
16:03:06.0843 2328 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
16:03:06.0843 2328 WebClient - ok
16:03:06.0858 2328 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:03:06.0858 2328 Wecsvc - ok
16:03:06.0874 2328 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:03:06.0874 2328 wercplsupport - ok
16:03:06.0890 2328 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
16:03:06.0890 2328 WerSvc - ok
16:03:06.0921 2328 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:03:06.0921 2328 WfpLwf - ok
16:03:06.0936 2328 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:03:06.0936 2328 WIMMount - ok
16:03:06.0968 2328 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:03:06.0983 2328 WinDefend - ok
16:03:06.0983 2328 WinHttpAutoProxySvc - ok
16:03:07.0014 2328 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:03:07.0030 2328 Winmgmt - ok
16:03:07.0061 2328 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
16:03:07.0092 2328 WinRM - ok
16:03:07.0124 2328 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
16:03:07.0124 2328 WinUsb - ok
16:03:07.0155 2328 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:03:07.0170 2328 Wlansvc - ok
16:03:07.0186 2328 [ 9C34BEF4D81728970F3E6D47D6BBB15B ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
16:03:07.0186 2328 wltrysvc - ok
16:03:07.0202 2328 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:03:07.0202 2328 WmiAcpi - ok
16:03:07.0217 2328 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:03:07.0217 2328 wmiApSrv - ok
16:03:07.0264 2328 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:03:07.0280 2328 WMPNetworkSvc - ok
16:03:07.0295 2328 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:03:07.0295 2328 WPCSvc - ok
16:03:07.0311 2328 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:03:07.0311 2328 WPDBusEnum - ok
16:03:07.0326 2328 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:03:07.0326 2328 ws2ifsl - ok
16:03:07.0342 2328 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
16:03:07.0342 2328 wscsvc - ok
16:03:07.0389 2328 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
16:03:07.0404 2328 WSDPrintDevice - ok
16:03:07.0404 2328 WSearch - ok
16:03:07.0467 2328 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
16:03:07.0482 2328 wuauserv - ok
16:03:07.0514 2328 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:03:07.0514 2328 WudfPf - ok
16:03:07.0529 2328 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:03:07.0529 2328 WUDFRd - ok
16:03:07.0560 2328 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:03:07.0576 2328 wudfsvc - ok
16:03:07.0592 2328 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:03:07.0592 2328 WwanSvc - ok
16:03:07.0638 2328 ================ Scan global ===============================
16:03:07.0654 2328 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
16:03:07.0670 2328 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
16:03:07.0685 2328 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
16:03:07.0701 2328 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
16:03:07.0732 2328 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
16:03:07.0748 2328 [Global] - ok
16:03:07.0748 2328 ================ Scan MBR ==================================
16:03:07.0748 2328 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:03:08.0028 2328 \Device\Harddisk0\DR0 - ok
16:03:08.0028 2328 ================ Scan VBR ==================================
16:03:08.0028 2328 [ AA47F20B31D069D71C4899075878EA48 ] \Device\Harddisk0\DR0\Partition1
16:03:08.0028 2328 \Device\Harddisk0\DR0\Partition1 - ok
16:03:08.0060 2328 [ B31B51204804FE488A5D3A6BEE708C35 ] \Device\Harddisk0\DR0\Partition2
16:03:08.0060 2328 \Device\Harddisk0\DR0\Partition2 - ok
16:03:08.0060 2328 ============================================================
16:03:08.0060 2328 Scan finished
16:03:08.0060 2328 ============================================================
16:03:08.0075 5956 Detected object count: 0
16:03:08.0075 5956 Actual detected object count: 0




aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-30 16:11:51
-----------------------------
16:11:51.900 OS Version: Windows 6.1.7601 Service Pack 1
16:11:51.900 Number of processors: 4 586 0x2A07
16:11:51.915 ComputerName: EI2DW200 UserName: dw200
16:11:54.021 Initialize success
16:11:55.316 AVAST engine defs: 13013000
16:12:17.139 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:12:17.139 Disk 0 Vendor: ST950042 0001 Size: 476940MB BusType: 8
16:12:17.155 Disk 0 MBR read successfully
16:12:17.155 Disk 0 MBR scan
16:12:17.155 Disk 0 Windows 7 default MBR code
16:12:17.170 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:12:17.186 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
16:12:17.186 Disk 0 scanning sectors +976771072
16:12:17.248 Disk 0 scanning C:\Windows\system32\drivers
16:12:25.485 Service scanning
16:12:32.723 Service MpKsl8b8a2add c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36B42205-9B8E-4DC7-9609-E6151C7697C6}\MpKsl8b8a2add.sys **LOCKED** 32
16:12:40.180 Modules scanning
16:12:53.487 Disk 0 trace - called modules:
16:12:53.518 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStorV.sys halmacpi.dll
16:12:53.534 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86d3b030]
16:12:53.550 3 CLASSPNP.SYS[8b5be59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85eb6028]
16:13:03.034 AVAST engine scan C:\Windows
16:13:08.900 AVAST engine scan C:\Windows\system32
16:15:08.006 AVAST engine scan C:\Windows\system32\drivers
16:15:23.029 AVAST engine scan C:\Users\dw200
16:32:14.925 AVAST engine scan C:\ProgramData
16:33:16.574 Scan finished successfully
16:33:40.099 Disk 0 MBR has been saved successfully to "C:\Users\dw200\Desktop\MBR.dat"
16:33:40.162 The log file has been saved successfully to "C:\Users\dw200\Desktop\aswMBR.txt"

Esets Scan:
C:\Windows\Temp\_avast_\unp206055144.tmp a variant of Win32/Ponmocup.FR trojan cleaned by deleting (after the next restart) - quarantined
Operating memory probably a variant of Win32/Ponmocup.AA trojan

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:54 AM

Posted 31 January 2013 - 10:07 AM

As we found a downloader ,lets look a bit further.


MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
>>>

ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).



How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 GTwood

GTwood
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:54 AM

Posted 31 January 2013 - 11:04 AM

MiniToolBox by Farbar Version:10-01-2013
Ran by dw200 (administrator) on 31-01-2013 at 10:54:39
Running from "C:\Users\dw200\Desktop"
Windows 7 Enterprise Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15265 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® 82579LM Gigabit Network Connection = Local Area Connection (Connected)
DW1530 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows = Local Area Connection 2 (Hardware not present)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : EI2DW200
Primary Dns Suffix . . . . . . . : ad.gatech.edu
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ad.gatech.edu
cpak.com

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 60-D8-19-9B-BD-A4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : cpak.com
Description . . . . . . . . . . . : DW1530 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : 60-D8-19-9B-BD-A4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::651a:a783:edca:f37a%16(Preferred)
IPv4 Address. . . . . . . . . . . : 172.21.16.108(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, January 29, 2013 7:34:31 AM
Lease Expires . . . . . . . . . . : Friday, February 01, 2013 10:54:30 AM
Default Gateway . . . . . . . . . : 172.21.16.1
DHCP Server . . . . . . . . . . . : 172.21.100.41
DHCPv6 IAID . . . . . . . . . . . : 392222745
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-0A-14-C6-D4-BE-D9-03-1A-46
DNS Servers . . . . . . . . . . . : 172.21.100.40
172.21.100.41
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : cpak.com
Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
Physical Address. . . . . . . . . : D4-BE-D9-03-1A-46
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1502:ee92:beb2:6ed%13(Preferred)
IPv4 Address. . . . . . . . . . . : 172.21.40.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, January 30, 2013 8:23:34 AM
Lease Expires . . . . . . . . . . : Friday, February 01, 2013 9:36:24 AM
Default Gateway . . . . . . . . . : 172.21.40.1
DHCP Server . . . . . . . . . . . : 172.21.100.41
DHCPv6 IAID . . . . . . . . . . . : 299155161
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-0A-14-C6-D4-BE-D9-03-1A-46
DNS Servers . . . . . . . . . . . : 172.21.100.40
172.21.100.41
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : D0-DF-9A-B5-79-3C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{CFB64F80-F393-43FC-A461-D0D74AA04DFF}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{549EADF7-A416-4235-9F8F-BB9DAFB63579}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.cpak.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : cpak.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cpakdc-main.cpak.com
Address: 172.21.100.40

Name: google.com
Addresses: 2607:f8b0:4002:c05::71
74.125.130.102
74.125.130.101
74.125.130.139
74.125.130.100
74.125.130.113
74.125.130.138


Pinging google.com [74.125.130.102] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 74.125.130.102:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server: cpakdc-main.cpak.com
Address: 172.21.100.40

Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=9ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 4ms, Maximum = 9ms, Average = 6ms
===========================================================================
Interface List
18...60 d8 19 9b bd a4 ......Microsoft Virtual WiFi Miniport Adapter
16...60 d8 19 9b bd a4 ......DW1530 Wireless-N WLAN Half-Mini Card
13...d4 be d9 03 1a 46 ......Intel® 82579LM Gigabit Network Connection
12...d0 df 9a b5 79 3c ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 172.21.16.1 172.21.16.108 30
0.0.0.0 0.0.0.0 172.21.40.1 172.21.40.100 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
172.21.16.0 255.255.255.0 On-link 172.21.16.108 286
172.21.16.108 255.255.255.255 On-link 172.21.16.108 286
172.21.16.255 255.255.255.255 On-link 172.21.16.108 286
172.21.40.0 255.255.255.0 On-link 172.21.40.100 266
172.21.40.100 255.255.255.255 On-link 172.21.40.100 266
172.21.40.255 255.255.255.255 On-link 172.21.40.100 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 172.21.40.100 266
224.0.0.0 240.0.0.0 On-link 172.21.16.108 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 172.21.40.100 266
255.255.255.255 255.255.255.255 On-link 172.21.16.108 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 266 fe80::/64 On-link
16 286 fe80::/64 On-link
13 266 fe80::1502:ee92:beb2:6ed/128
On-link
16 286 fe80::651a:a783:edca:f37a/128
On-link
1 306 ff00::/8 On-link
13 266 ff00::/8 On-link
16 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/28/2013 11:31:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (01/28/2013 07:38:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2013 06:55:26 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error DeviceIoControl(\\?\Volume{fab68183-14ab-11e2-804b-806e6f6e6963} - 00000120,0x0053c008,004D9FB0,0,004DAFB8,4096,[0]). hr = 0x80070079, The semaphore timeout period has expired.
.


Operation:
Processing EndPrepareSnapshots

Context:
Execution Context: System Provider

Error: (01/28/2013 02:35:22 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error DeviceIoControl(\\?\Volume{fab68183-14ab-11e2-804b-806e6f6e6963} - 00000120,0x0053c008,004A9FB0,0,004AAFB8,4096,[0]). hr = 0x80070079, The semaphore timeout period has expired.
.


Operation:
Processing EndPrepareSnapshots

Context:
Execution Context: System Provider

Error: (01/27/2013 10:12:31 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error DeviceIoControl(\\?\Volume{fab68183-14ab-11e2-804b-806e6f6e6963} - 00000124,0x0053c008,00199FB0,0,0019AFB8,4096,[0]). hr = 0x80070079, The semaphore timeout period has expired.
.


Operation:
Processing EndPrepareSnapshots

Context:
Execution Context: System Provider

Error: (01/26/2013 09:21:02 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (01/26/2013 08:21:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2013 02:42:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (01/25/2013 07:36:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/22/2013 11:33:03 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (01/31/2013 10:00:32 AM) (Source: Microsoft-Windows-GroupPolicy) (User: AD)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (01/31/2013 08:54:36 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain AD due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (01/31/2013 08:34:48 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (01/31/2013 04:53:05 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain AD due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (01/31/2013 00:51:20 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain AD due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (01/30/2013 08:48:19 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain AD due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (01/30/2013 04:45:18 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain AD due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (01/30/2013 00:41:48 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain AD due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (01/30/2013 08:27:29 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain AD due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (01/30/2013 08:24:39 AM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the CarboniteService service, but this action failed with the following error:
%%1056


Microsoft Office Sessions:
=========================
Error: (01/28/2013 11:31:05 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8

Error: (01/28/2013 07:38:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2013 06:55:26 PM) (Source: VSS)(User: )
Description: DeviceIoControl(\\?\Volume{fab68183-14ab-11e2-804b-806e6f6e6963} - 00000120,0x0053c008,004D9FB0,0,004DAFB8,4096,[0])0x80070079, The semaphore timeout period has expired.


Operation:
Processing EndPrepareSnapshots

Context:
Execution Context: System Provider

Error: (01/28/2013 02:35:22 PM) (Source: VSS)(User: )
Description: DeviceIoControl(\\?\Volume{fab68183-14ab-11e2-804b-806e6f6e6963} - 00000120,0x0053c008,004A9FB0,0,004AAFB8,4096,[0])0x80070079, The semaphore timeout period has expired.


Operation:
Processing EndPrepareSnapshots

Context:
Execution Context: System Provider

Error: (01/27/2013 10:12:31 AM) (Source: VSS)(User: )
Description: DeviceIoControl(\\?\Volume{fab68183-14ab-11e2-804b-806e6f6e6963} - 00000124,0x0053c008,00199FB0,0,0019AFB8,4096,[0])0x80070079, The semaphore timeout period has expired.


Operation:
Processing EndPrepareSnapshots

Context:
Execution Context: System Provider

Error: (01/26/2013 09:21:02 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8

Error: (01/26/2013 08:21:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2013 02:42:07 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8

Error: (01/25/2013 07:36:00 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/22/2013 11:33:03 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 7.1.4)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Adobe Shockwave Player 11.6 (Version: 11.6.7.637)
Ask Toolbar (Version: 1.17.1.0)
Ask Toolbar Updater (Version: 1.4.1.28235)
Auslogics Disk Defrag (Version: 3.5)
avast! Free Antivirus (Version: 7.0.1474.0)
Bing Desktop (Version: 1.1.166.0)
Canon MG5200 series MP Drivers
Carbonite (Version: 5.4.1 build 2615 (Nov-08-2012))
Cisco AnyConnect Secure Mobility Client (Version: 3.0.08057)
Cisco AnyConnect Secure Mobility Client (Version: 3.0.08057)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
CutePDF Writer 3.0 (Version: 3.0)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Webcam Central (Version: 1.40.28)
Dropbox (Version: 1.6.16)
DW WLAN Card Utility (Version: 5.100.82.124)
ESET Online Scanner v3
Foxit Reader (Version: 5.4.3.920)
GIMP 2.8.2 (Version: 2.8.2)
Glary Utilities 2.49.0.1600 (Version: 2.49.0.1600)
Google Chrome (Version: 24.0.1312.56)
Google Drive (Version: 1.7.4018.3496)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
HP LaserJet Professional M1530 MFP Series
HP LJ M1530 MFP Series HP Scan (Version: 1.0.302.0)
HP Update (Version: 5.002.006.003)
HPLaserJetHelp_LearnCenter (Version: 1.02.0000)
HPLJUT (Version: 1.00.0012)
hppFaxDrvM1530 (Version: 003.000.00001)
hppFaxUtilityM1530 (Version: 000.002.00001)
hppLaserJetService (Version: 002.015.00599)
hppM1530LaserJetService (Version: 001.008.00477)
hppSendFaxM1530 (Version: 003.000.00001)
hppTLBXFXM1530 (Version: 001.012.00948)
hpzTLBXFX (Version: 006.015.01163)
I.R.I.S. OCR (Version: 12.3.4.0)
Intel® Network Connections 16.5.2.0 (Version: 16.5.2.0)
Intel® Network Connections Drivers (Version: 16.5)
Intel® Processor Graphics (Version: 8.15.10.2418)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Mouse and Keyboard Center (Version: 2.0.161.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 16.0.1 (x86 en-US) (Version: 16.0.1)
Mozilla Maintenance Service (Version: 16.0.1)
My GaTech Connector for Microsoft Outlook (Version: 7.2.1.529)
NVIDIA 3D Vision Driver 306.97 (Version: 306.97)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA nView 136.53 (Version: 136.53)
NVIDIA Optimus 1.10.8 (Version: 1.10.8)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697)
NVIDIA Update Components (Version: 1.10.8)
PowerDVD DX (Version: 8.3.5424)
Revo Uninstaller 1.94 (Version: 1.94)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE 10.3 (Version: 10.3)
Roxio Creator DE 10.3 (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio Update Manager (Version: 6.0.0)
Skype™ 5.10 (Version: 5.10.116)
Spybot - Search & Destroy (Version: 1.6.2)
swMSM (Version: 12.0.0.1)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

========================= Memory info: ===================================

Percentage of memory in use: 65%
Total physical RAM: 2985.02 MB
Available physical RAM: 1015.96 MB
Total Pagefile: 5968.32 MB
Available Pagefile: 2865.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.7 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:425.71 GB) NTFS
3 Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
4 Drive f: () (Fixed) (Total:297.99 GB) (Free:264.56 GB) NTFS

========================= Users: ========================================

User accounts for \\EI2DW200

Administrator Guest UpdatusUser


**** End of log ****


THIS IS THE MINITOOLBOX log...I'm sending the ADW CLEANER next.

#6 GTwood

GTwood
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:54 AM

Posted 31 January 2013 - 11:43 AM

# AdwCleaner v2.109 - Logfile created 01/31/2013 at 11:03:58
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Enterprise Service Pack 1 (32 bits)
# User : dw200 - EI2DW200
# Boot Mode : Normal
# Running from : C:\Users\dw200\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\ProgramData\AGI
Folder Deleted : C:\Users\dw200\AppData\Local\APN
Folder Deleted : C:\Users\dw200\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\Software\PIP
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.1 (en-US)

File : C:\Users\dw200\AppData\Roaming\Mozilla\Firefox\Profiles\w8wutlq9.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.56

File : C:\Users\dw200\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [5213 octets] - [31/01/2013 11:03:58]

########## EOF - C:\AdwCleaner[S1].txt - [5273 octets] ##########


Here is the Malwarebytes log:
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.31.08

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
dw200 :: EI2DW200 [administrator]

Protection: Disabled

1/31/2013 11:25:09 AM
mbam-log-2013-01-31 (11-25-09).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 267963
Time elapsed: 8 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


seems to be working without any redirects so far! Thank you!

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:54 AM

Posted 31 January 2013 - 12:05 PM

Looksa goopd..
Remove this thru Control Panel...Java 7 Update 7 (Version: 7.0.70)
Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
    64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u11-windows-i586.exe (or jre-7u11-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.


Let's Mop up......
Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.
alternate download link
  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.



Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:


You're welcome!! :thumbup2:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users