Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Viral infection results in Blue Screen of death.


  • Please log in to reply
12 replies to this topic

#1 destry.stevens

destry.stevens

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 PM

Posted 01 February 2013 - 12:07 PM

I am working on HP G60 running Windows 7 Ultimate, Had MSE running but obviously didn't cover well enough.

Laptop will turn on and operate properly in safe mode.

When Windows is started normally, it boots up, the icons appear on the desktop appropriately, then they disappear and I get a warning that the machine has recovered from a critical error do I want to check online for solutions, but before I can click anything hear the blue screen of death appears and the cycle starts over.

I logged on in Safe mode and attempted to install Avast to utilize the Boot-time scan, but couldn't successfully install it. MSE appears to be disabled. I did successful download, install, and run Malware Bytes from your site. IT removed over 20 infected files in the quick scan, and 1 more when I did the deeper scan. I have those logs if you should want them.

I would appreciate any help I can get, just let me know where to start.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:17 PM

Posted 01 February 2013 - 12:08 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 destry.stevens

destry.stevens
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 PM

Posted 01 February 2013 - 05:37 PM

Here are the logs from the scans you requested.
11:23:43.0413 4288 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:23:44.0003 4288 ============================================================
11:23:44.0003 4288 Current date / time: 2013/02/01 11:23:44.0003
11:23:44.0003 4288 SystemInfo:
11:23:44.0003 4288
11:23:44.0003 4288 OS Version: 6.1.7600 ServicePack: 0.0
11:23:44.0003 4288 Product type: Workstation
11:23:44.0003 4288 ComputerName: NICK-PC
11:23:44.0003 4288 UserName: Nick
11:23:44.0003 4288 Windows directory: C:\Windows
11:23:44.0003 4288 System windows directory: C:\Windows
11:23:44.0003 4288 Processor architecture: Intel x86
11:23:44.0003 4288 Number of processors: 2
11:23:44.0003 4288 Page size: 0x1000
11:23:44.0003 4288 Boot type: Safe boot with network
11:23:44.0003 4288 ============================================================
11:23:45.0613 4288 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:23:45.0623 4288 ============================================================
11:23:45.0623 4288 \Device\Harddisk0\DR0:
11:23:45.0623 4288 MBR partitions:
11:23:45.0623 4288 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23E68FC1
11:23:45.0623 4288 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23E69000, BlocksNum 0x15C4000
11:23:45.0623 4288 ============================================================
11:23:45.0633 4288 C: <-> \Device\Harddisk0\DR0\Partition1
11:23:45.0683 4288 D: <-> \Device\Harddisk0\DR0\Partition2
11:23:45.0683 4288 ============================================================
11:23:45.0683 4288 Initialize success
11:23:45.0683 4288 ============================================================
11:23:49.0833 2472 ============================================================
11:23:49.0833 2472 Scan started
11:23:49.0833 2472 Mode: Manual;
11:23:49.0833 2472 ============================================================
11:23:51.0613 2472 ================ Scan system memory ========================
11:23:51.0613 2472 System memory - ok
11:23:51.0613 2472 ================ Scan services =============================
11:23:51.0783 2472 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
11:23:51.0783 2472 1394ohci - ok
11:23:51.0803 2472 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
11:23:51.0813 2472 ACPI - ok
11:23:51.0833 2472 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
11:23:51.0833 2472 AcpiPmi - ok
11:23:51.0923 2472 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:23:51.0933 2472 AdobeFlashPlayerUpdateSvc - ok
11:23:51.0963 2472 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:23:51.0983 2472 adp94xx - ok
11:23:52.0013 2472 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:23:52.0023 2472 adpahci - ok
11:23:52.0063 2472 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:23:52.0063 2472 adpu320 - ok
11:23:52.0223 2472 [ CBFAA333EBA2E402A0439A3A0E5413F3 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
11:23:52.0263 2472 AdvancedSystemCareService6 - ok
11:23:52.0283 2472 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:23:52.0283 2472 AeLookupSvc - ok
11:23:52.0333 2472 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
11:23:52.0343 2472 AFD - ok
11:23:52.0363 2472 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
11:23:52.0363 2472 agp440 - ok
11:23:52.0393 2472 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
11:23:52.0403 2472 aic78xx - ok
11:23:52.0423 2472 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
11:23:52.0423 2472 ALG - ok
11:23:52.0443 2472 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
11:23:52.0443 2472 aliide - ok
11:23:52.0463 2472 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
11:23:52.0463 2472 amdagp - ok
11:23:52.0483 2472 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
11:23:52.0483 2472 amdide - ok
11:23:52.0513 2472 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:23:52.0513 2472 AmdK8 - ok
11:23:52.0523 2472 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:23:52.0523 2472 AmdPPM - ok
11:23:52.0553 2472 [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
11:23:52.0553 2472 amdsata - ok
11:23:52.0583 2472 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:23:52.0583 2472 amdsbs - ok
11:23:52.0603 2472 [ B81C2B5616F6420A9941EA093A92B150 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
11:23:52.0603 2472 amdxata - ok
11:23:52.0623 2472 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
11:23:52.0633 2472 AppID - ok
11:23:52.0663 2472 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:23:52.0673 2472 AppIDSvc - ok
11:23:52.0693 2472 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
11:23:52.0693 2472 Appinfo - ok
11:23:52.0773 2472 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:23:52.0773 2472 Apple Mobile Device - ok
11:23:52.0793 2472 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
11:23:52.0803 2472 AppMgmt - ok
11:23:52.0823 2472 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
11:23:52.0833 2472 arc - ok
11:23:52.0843 2472 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:23:52.0843 2472 arcsas - ok
11:23:52.0873 2472 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:23:52.0873 2472 AsyncMac - ok
11:23:52.0893 2472 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
11:23:52.0893 2472 atapi - ok
11:23:52.0953 2472 [ 614A60AEE03A6151FDCBAC295854A9CB ] athr C:\Windows\system32\DRIVERS\athr.sys
11:23:52.0983 2472 athr - ok
11:23:53.0023 2472 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:23:53.0053 2472 AudioEndpointBuilder - ok
11:23:53.0073 2472 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:23:53.0073 2472 Audiosrv - ok
11:23:53.0103 2472 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:23:53.0113 2472 AxInstSV - ok
11:23:53.0143 2472 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
11:23:53.0153 2472 b06bdrv - ok
11:23:53.0183 2472 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
11:23:53.0193 2472 b57nd60x - ok
11:23:53.0233 2472 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
11:23:53.0243 2472 BDESVC - ok
11:23:53.0253 2472 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
11:23:53.0253 2472 Beep - ok
11:23:53.0293 2472 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
11:23:53.0303 2472 BFE - ok
11:23:53.0333 2472 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
11:23:53.0393 2472 BITS - ok
11:23:53.0423 2472 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:23:53.0423 2472 blbdrive - ok
11:23:53.0503 2472 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:23:53.0513 2472 Bonjour Service - ok
11:23:53.0593 2472 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:23:53.0603 2472 bowser - ok
11:23:53.0613 2472 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:23:53.0613 2472 BrFiltLo - ok
11:23:53.0613 2472 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:23:53.0613 2472 BrFiltUp - ok
11:23:53.0653 2472 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
11:23:53.0663 2472 Browser - ok
11:23:53.0673 2472 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:23:53.0683 2472 Brserid - ok
11:23:53.0733 2472 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:23:53.0733 2472 BrSerWdm - ok
11:23:53.0743 2472 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:23:53.0743 2472 BrUsbMdm - ok
11:23:53.0763 2472 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:23:53.0763 2472 BrUsbSer - ok
11:23:53.0773 2472 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:23:53.0773 2472 BTHMODEM - ok
11:23:53.0813 2472 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
11:23:53.0813 2472 bthserv - ok
11:23:53.0853 2472 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:23:53.0863 2472 cdfs - ok
11:23:53.0893 2472 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:23:53.0903 2472 cdrom - ok
11:23:53.0923 2472 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
11:23:53.0923 2472 CertPropSvc - ok
11:23:53.0943 2472 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:23:53.0943 2472 circlass - ok
11:23:53.0963 2472 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
11:23:53.0973 2472 CLFS - ok
11:23:54.0043 2472 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:23:54.0043 2472 clr_optimization_v2.0.50727_32 - ok
11:23:54.0093 2472 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:23:54.0093 2472 CmBatt - ok
11:23:54.0103 2472 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
11:23:54.0103 2472 cmdide - ok
11:23:54.0143 2472 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
11:23:54.0153 2472 CNG - ok
11:23:54.0173 2472 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:23:54.0173 2472 Compbatt - ok
11:23:54.0213 2472 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:23:54.0213 2472 CompositeBus - ok
11:23:54.0223 2472 COMSysApp - ok
11:23:54.0243 2472 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:23:54.0243 2472 crcdisk - ok
11:23:54.0333 2472 [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:23:54.0373 2472 CryptSvc - ok
11:23:54.0523 2472 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys
11:23:54.0533 2472 CSC - ok
11:23:54.0563 2472 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll
11:23:54.0603 2472 CscService - ok
11:23:54.0643 2472 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
11:23:54.0653 2472 DcomLaunch - ok
11:23:54.0683 2472 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
11:23:54.0693 2472 defragsvc - ok
11:23:54.0743 2472 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:23:54.0753 2472 DfsC - ok
11:23:54.0783 2472 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:23:54.0793 2472 Dhcp - ok
11:23:54.0833 2472 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
11:23:54.0833 2472 discache - ok
11:23:54.0873 2472 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:23:54.0873 2472 Disk - ok
11:23:54.0913 2472 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:23:54.0913 2472 Dnscache - ok
11:23:54.0943 2472 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
11:23:54.0943 2472 dot3svc - ok
11:23:54.0963 2472 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
11:23:54.0973 2472 DPS - ok
11:23:55.0003 2472 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:23:55.0003 2472 drmkaud - ok
11:23:55.0053 2472 [ C94B6C3CC628179CB9B9061C19888B99 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:23:55.0083 2472 DXGKrnl - ok
11:23:55.0143 2472 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
11:23:55.0143 2472 EapHost - ok
11:23:55.0233 2472 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
11:23:55.0313 2472 ebdrv - ok
11:23:55.0343 2472 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
11:23:55.0343 2472 EFS - ok
11:23:55.0403 2472 [ 3A74A6E33685662B125A3269B1F2114F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:23:55.0433 2472 ehRecvr - ok
11:23:55.0463 2472 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
11:23:55.0463 2472 ehSched - ok
11:23:55.0483 2472 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:23:55.0513 2472 elxstor - ok
11:23:55.0523 2472 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
11:23:55.0523 2472 ErrDev - ok
11:23:55.0573 2472 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
11:23:55.0573 2472 EventSystem - ok
11:23:55.0603 2472 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
11:23:55.0603 2472 exfat - ok
11:23:55.0623 2472 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:23:55.0623 2472 fastfat - ok
11:23:55.0663 2472 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
11:23:55.0693 2472 Fax - ok
11:23:55.0723 2472 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:23:55.0723 2472 fdc - ok
11:23:55.0733 2472 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
11:23:55.0743 2472 fdPHost - ok
11:23:55.0753 2472 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
11:23:55.0753 2472 FDResPub - ok
11:23:55.0763 2472 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:23:55.0773 2472 FileInfo - ok
11:23:55.0783 2472 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:23:55.0783 2472 Filetrace - ok
11:23:55.0793 2472 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:23:55.0793 2472 flpydisk - ok
11:23:55.0823 2472 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:23:55.0823 2472 FltMgr - ok
11:23:55.0873 2472 [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache C:\Windows\system32\FntCache.dll
11:23:55.0913 2472 FontCache - ok
11:23:55.0953 2472 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:23:55.0953 2472 FontCache3.0.0.0 - ok
11:23:55.0973 2472 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:23:55.0973 2472 FsDepends - ok
11:23:56.0013 2472 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:23:56.0013 2472 Fs_Rec - ok
11:23:56.0053 2472 [ 5592F5DBA26282D24D2B080EB438A4D7 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:23:56.0053 2472 fvevol - ok
11:23:56.0083 2472 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:23:56.0083 2472 gagp30kx - ok
11:23:56.0173 2472 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
11:23:56.0183 2472 GamesAppService - ok
11:23:56.0213 2472 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:23:56.0213 2472 GEARAspiWDM - ok
11:23:56.0253 2472 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
11:23:56.0283 2472 gpsvc - ok
11:23:56.0373 2472 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:23:56.0373 2472 gupdate - ok
11:23:56.0393 2472 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:23:56.0393 2472 gupdatem - ok
11:23:56.0423 2472 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:23:56.0423 2472 hcw85cir - ok
11:23:56.0463 2472 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:23:56.0473 2472 HdAudAddService - ok
11:23:56.0493 2472 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:23:56.0493 2472 HDAudBus - ok
11:23:56.0513 2472 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:23:56.0523 2472 HidBatt - ok
11:23:56.0533 2472 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:23:56.0533 2472 HidBth - ok
11:23:56.0563 2472 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:23:56.0563 2472 HidIr - ok
11:23:56.0593 2472 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
11:23:56.0603 2472 hidserv - ok
11:23:56.0633 2472 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:23:56.0633 2472 HidUsb - ok
11:23:56.0683 2472 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:23:56.0683 2472 hkmsvc - ok
11:23:56.0703 2472 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:23:56.0713 2472 HomeGroupListener - ok
11:23:56.0733 2472 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:23:56.0743 2472 HomeGroupProvider - ok
11:23:56.0783 2472 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
11:23:56.0783 2472 HpSAMD - ok
11:23:56.0813 2472 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:23:56.0843 2472 HTTP - ok
11:23:56.0873 2472 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:23:56.0873 2472 hwpolicy - ok
11:23:56.0923 2472 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:23:56.0923 2472 i8042prt - ok
11:23:56.0963 2472 [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
11:23:56.0973 2472 iaStorV - ok
11:23:57.0033 2472 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:23:57.0063 2472 idsvc - ok
11:23:57.0303 2472 [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
11:23:57.0503 2472 igfx - ok
11:23:57.0543 2472 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:23:57.0543 2472 iirsp - ok
11:23:57.0593 2472 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
11:23:57.0613 2472 IKEEXT - ok
11:23:57.0653 2472 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
11:23:57.0653 2472 intelide - ok
11:23:57.0683 2472 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:23:57.0683 2472 intelppm - ok
11:23:57.0693 2472 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:23:57.0703 2472 IPBusEnum - ok
11:23:57.0713 2472 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:23:57.0713 2472 IpFilterDriver - ok
11:23:57.0753 2472 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:23:57.0763 2472 iphlpsvc - ok
11:23:57.0763 2472 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:23:57.0763 2472 IPMIDRV - ok
11:23:57.0773 2472 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:23:57.0783 2472 IPNAT - ok
11:23:57.0853 2472 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:23:57.0873 2472 iPod Service - ok
11:23:57.0893 2472 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:23:57.0893 2472 IRENUM - ok
11:23:57.0903 2472 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
11:23:57.0903 2472 isapnp - ok
11:23:57.0923 2472 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:23:57.0933 2472 iScsiPrt - ok
11:23:57.0963 2472 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:23:57.0963 2472 kbdclass - ok
11:23:57.0983 2472 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:23:57.0983 2472 kbdhid - ok
11:23:57.0993 2472 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
11:23:58.0003 2472 KeyIso - ok
11:23:58.0033 2472 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:23:58.0033 2472 KSecDD - ok
11:23:58.0053 2472 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:23:58.0053 2472 KSecPkg - ok
11:23:58.0083 2472 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
11:23:58.0103 2472 KtmRm - ok
11:23:58.0143 2472 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
11:23:58.0143 2472 LanmanServer - ok
11:23:58.0183 2472 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:23:58.0183 2472 LanmanWorkstation - ok
11:23:58.0223 2472 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:23:58.0223 2472 lltdio - ok
11:23:58.0243 2472 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:23:58.0253 2472 lltdsvc - ok
11:23:58.0273 2472 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
11:23:58.0273 2472 lmhosts - ok
11:23:58.0303 2472 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:23:58.0303 2472 LSI_FC - ok
11:23:58.0333 2472 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:23:58.0333 2472 LSI_SAS - ok
11:23:58.0363 2472 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:23:58.0363 2472 LSI_SAS2 - ok
11:23:58.0393 2472 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:23:58.0403 2472 LSI_SCSI - ok
11:23:58.0413 2472 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
11:23:58.0413 2472 luafv - ok
11:23:58.0493 2472 [ BE074BAD48BE291FE0E8F518B10AF455 ] lxeaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeaserv.exe
11:23:58.0503 2472 lxeaCATSCustConnectService - ok
11:23:58.0533 2472 lxea_device - ok
11:23:58.0563 2472 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:23:58.0563 2472 Mcx2Svc - ok
11:23:58.0653 2472 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
11:23:58.0653 2472 MDM - ok
11:23:58.0693 2472 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:23:58.0693 2472 megasas - ok
11:23:58.0723 2472 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:23:58.0723 2472 MegaSR - ok
11:23:58.0773 2472 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
11:23:58.0783 2472 Microsoft Office Groove Audit Service - ok
11:23:58.0803 2472 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
11:23:58.0813 2472 MMCSS - ok
11:23:58.0863 2472 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
11:23:58.0863 2472 Modem - ok
11:23:58.0893 2472 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:23:58.0893 2472 monitor - ok
11:23:58.0913 2472 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:23:58.0913 2472 mouclass - ok
11:23:58.0923 2472 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:23:58.0923 2472 mouhid - ok
11:23:58.0963 2472 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:23:58.0963 2472 mountmgr - ok
11:23:59.0003 2472 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
11:23:59.0013 2472 MpFilter - ok
11:23:59.0033 2472 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
11:23:59.0033 2472 mpio - ok
11:23:59.0053 2472 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:23:59.0063 2472 mpsdrv - ok
11:23:59.0093 2472 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
11:23:59.0123 2472 MpsSvc - ok
11:23:59.0143 2472 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:23:59.0143 2472 MRxDAV - ok
11:23:59.0173 2472 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:23:59.0183 2472 mrxsmb - ok
11:23:59.0223 2472 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:23:59.0223 2472 mrxsmb10 - ok
11:23:59.0263 2472 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:23:59.0273 2472 mrxsmb20 - ok
11:23:59.0293 2472 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
11:23:59.0293 2472 msahci - ok
11:23:59.0303 2472 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
11:23:59.0303 2472 msdsm - ok
11:23:59.0343 2472 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
11:23:59.0343 2472 MSDTC - ok
11:23:59.0363 2472 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:23:59.0363 2472 Msfs - ok
11:23:59.0383 2472 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:23:59.0383 2472 mshidkmdf - ok
11:23:59.0393 2472 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
11:23:59.0403 2472 msisadrv - ok
11:23:59.0433 2472 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:23:59.0443 2472 MSiSCSI - ok
11:23:59.0443 2472 msiserver - ok
11:23:59.0463 2472 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:23:59.0463 2472 MSKSSRV - ok
11:23:59.0583 2472 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:23:59.0583 2472 MsMpSvc - ok
11:23:59.0603 2472 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:23:59.0603 2472 MSPCLOCK - ok
11:23:59.0633 2472 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:23:59.0633 2472 MSPQM - ok
11:23:59.0653 2472 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:23:59.0653 2472 MsRPC - ok
11:23:59.0683 2472 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:23:59.0683 2472 mssmbios - ok
11:23:59.0703 2472 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:23:59.0703 2472 MSTEE - ok
11:23:59.0723 2472 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:23:59.0723 2472 MTConfig - ok
11:23:59.0733 2472 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
11:23:59.0733 2472 Mup - ok
11:23:59.0773 2472 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
11:23:59.0783 2472 napagent - ok
11:23:59.0803 2472 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:23:59.0813 2472 NativeWifiP - ok
11:23:59.0843 2472 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:23:59.0883 2472 NDIS - ok
11:23:59.0913 2472 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:23:59.0913 2472 NdisCap - ok
11:23:59.0953 2472 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:23:59.0953 2472 NdisTapi - ok
11:23:59.0973 2472 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:23:59.0973 2472 Ndisuio - ok
11:23:59.0983 2472 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:23:59.0983 2472 NdisWan - ok
11:24:00.0013 2472 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:24:00.0013 2472 NDProxy - ok
11:24:00.0033 2472 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:24:00.0033 2472 NetBIOS - ok
11:24:00.0053 2472 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:24:00.0053 2472 NetBT - ok
11:24:00.0063 2472 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
11:24:00.0063 2472 Netlogon - ok
11:24:00.0113 2472 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
11:24:00.0113 2472 Netman - ok
11:24:00.0153 2472 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
11:24:00.0163 2472 netprofm - ok
11:24:00.0183 2472 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:24:00.0183 2472 NetTcpPortSharing - ok
11:24:00.0213 2472 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:24:00.0213 2472 nfrd960 - ok
11:24:00.0243 2472 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:24:00.0253 2472 NisDrv - ok
11:24:00.0273 2472 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
11:24:00.0283 2472 NisSrv - ok
11:24:00.0303 2472 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
11:24:00.0313 2472 NlaSvc - ok
11:24:00.0333 2472 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:24:00.0333 2472 Npfs - ok
11:24:00.0363 2472 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
11:24:00.0363 2472 nsi - ok
11:24:00.0383 2472 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:24:00.0383 2472 nsiproxy - ok
11:24:00.0423 2472 [ 3795DCD21F740EE799FB7223234215AF ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:24:00.0463 2472 Ntfs - ok
11:24:00.0493 2472 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
11:24:00.0493 2472 Null - ok
11:24:00.0513 2472 [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
11:24:00.0523 2472 nvraid - ok
11:24:00.0533 2472 [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
11:24:00.0533 2472 nvstor - ok
11:24:00.0553 2472 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
11:24:00.0563 2472 nv_agp - ok
11:24:00.0613 2472 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:24:00.0633 2472 odserv - ok
11:24:00.0643 2472 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
11:24:00.0643 2472 ohci1394 - ok
11:24:00.0683 2472 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:24:00.0683 2472 ose - ok
11:24:00.0723 2472 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:24:00.0733 2472 p2pimsvc - ok
11:24:00.0763 2472 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
11:24:00.0773 2472 p2psvc - ok
11:24:00.0813 2472 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:24:00.0813 2472 Parport - ok
11:24:00.0843 2472 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:24:00.0843 2472 partmgr - ok
11:24:00.0873 2472 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
11:24:00.0873 2472 Parvdm - ok
11:24:00.0893 2472 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:24:00.0903 2472 PcaSvc - ok
11:24:00.0913 2472 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
11:24:00.0923 2472 pci - ok
11:24:00.0973 2472 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
11:24:00.0973 2472 pciide - ok
11:24:00.0983 2472 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:24:00.0993 2472 pcmcia - ok
11:24:01.0043 2472 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
11:24:01.0043 2472 pcw - ok
11:24:01.0073 2472 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:24:01.0093 2472 PEAUTH - ok
11:24:01.0163 2472 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:24:01.0193 2472 PeerDistSvc - ok
11:24:01.0273 2472 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
11:24:01.0313 2472 pla - ok
11:24:01.0373 2472 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:24:01.0383 2472 PlugPlay - ok
11:24:01.0403 2472 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:24:01.0413 2472 PNRPAutoReg - ok
11:24:01.0443 2472 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:24:01.0443 2472 PNRPsvc - ok
11:24:01.0463 2472 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:24:01.0473 2472 PolicyAgent - ok
11:24:01.0513 2472 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
11:24:01.0523 2472 Power - ok
11:24:01.0563 2472 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:24:01.0563 2472 PptpMiniport - ok
11:24:01.0573 2472 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:24:01.0573 2472 Processor - ok
11:24:01.0643 2472 [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc C:\Windows\system32\profsvc.dll
11:24:01.0653 2472 ProfSvc - ok
11:24:01.0663 2472 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:24:01.0663 2472 ProtectedStorage - ok
11:24:01.0703 2472 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:24:01.0703 2472 Psched - ok
11:24:01.0753 2472 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:24:01.0803 2472 ql2300 - ok
11:24:01.0823 2472 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:24:01.0833 2472 ql40xx - ok
11:24:01.0863 2472 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
11:24:01.0863 2472 QWAVE - ok
11:24:01.0883 2472 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:24:01.0893 2472 QWAVEdrv - ok
11:24:01.0893 2472 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:24:01.0893 2472 RasAcd - ok
11:24:01.0923 2472 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:24:01.0923 2472 RasAgileVpn - ok
11:24:01.0943 2472 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
11:24:01.0943 2472 RasAuto - ok
11:24:01.0963 2472 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:24:01.0963 2472 Rasl2tp - ok
11:24:02.0013 2472 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
11:24:02.0013 2472 RasMan - ok
11:24:02.0033 2472 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:24:02.0043 2472 RasPppoe - ok
11:24:02.0053 2472 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:24:02.0053 2472 RasSstp - ok
11:24:02.0073 2472 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:24:02.0083 2472 rdbss - ok
11:24:02.0093 2472 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:24:02.0093 2472 rdpbus - ok
11:24:02.0103 2472 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:24:02.0103 2472 RDPCDD - ok
11:24:02.0143 2472 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:24:02.0143 2472 RDPDR - ok
11:24:02.0173 2472 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:24:02.0173 2472 RDPENCDD - ok
11:24:02.0183 2472 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:24:02.0183 2472 RDPREFMP - ok
11:24:02.0243 2472 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:24:02.0243 2472 RDPWD - ok
11:24:02.0263 2472 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:24:02.0273 2472 rdyboost - ok
11:24:02.0303 2472 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
11:24:02.0303 2472 RemoteAccess - ok
11:24:02.0333 2472 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:24:02.0333 2472 RemoteRegistry - ok
11:24:02.0363 2472 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:24:02.0363 2472 RpcEptMapper - ok
11:24:02.0383 2472 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
11:24:02.0383 2472 RpcLocator - ok
11:24:02.0423 2472 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
11:24:02.0423 2472 RpcSs - ok
11:24:02.0443 2472 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:24:02.0443 2472 rspndr - ok
11:24:02.0493 2472 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
11:24:02.0503 2472 RTL8167 - ok
11:24:02.0543 2472 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
11:24:02.0553 2472 s3cap - ok
11:24:02.0563 2472 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
11:24:02.0563 2472 SamSs - ok
11:24:02.0583 2472 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
11:24:02.0593 2472 sbp2port - ok
11:24:02.0613 2472 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:24:02.0623 2472 SCardSvr - ok
11:24:02.0643 2472 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:24:02.0653 2472 scfilter - ok
11:24:02.0703 2472 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
11:24:02.0723 2472 Schedule - ok
11:24:02.0733 2472 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:24:02.0733 2472 SCPolicySvc - ok
11:24:02.0753 2472 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:24:02.0753 2472 SDRSVC - ok
11:24:02.0793 2472 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:24:02.0793 2472 secdrv - ok
11:24:02.0823 2472 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
11:24:02.0823 2472 seclogon - ok
11:24:02.0863 2472 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
11:24:02.0873 2472 SENS - ok
11:24:02.0893 2472 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:24:02.0903 2472 SensrSvc - ok
11:24:02.0913 2472 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:24:02.0913 2472 Serenum - ok
11:24:02.0933 2472 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:24:02.0933 2472 Serial - ok
11:24:02.0943 2472 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:24:02.0943 2472 sermouse - ok
11:24:02.0973 2472 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
11:24:02.0973 2472 SessionEnv - ok
11:24:02.0983 2472 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
11:24:02.0983 2472 sffdisk - ok
11:24:03.0003 2472 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:24:03.0003 2472 sffp_mmc - ok
11:24:03.0023 2472 [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
11:24:03.0023 2472 sffp_sd - ok
11:24:03.0033 2472 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:24:03.0033 2472 sfloppy - ok
11:24:03.0073 2472 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:24:03.0083 2472 SharedAccess - ok
11:24:03.0123 2472 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:24:03.0123 2472 ShellHWDetection - ok
11:24:03.0163 2472 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
11:24:03.0163 2472 sisagp - ok
11:24:03.0183 2472 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:24:03.0183 2472 SiSRaid2 - ok
11:24:03.0203 2472 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:24:03.0203 2472 SiSRaid4 - ok
11:24:03.0263 2472 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
11:24:03.0263 2472 SkypeUpdate - ok
11:24:03.0293 2472 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:24:03.0293 2472 Smb - ok
11:24:03.0323 2472 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:24:03.0333 2472 SNMPTRAP - ok
11:24:03.0353 2472 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
11:24:03.0353 2472 spldr - ok
11:24:03.0403 2472 [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler C:\Windows\System32\spoolsv.exe
11:24:03.0423 2472 Spooler - ok
11:24:03.0513 2472 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
11:24:03.0583 2472 sppsvc - ok
11:24:03.0613 2472 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:24:03.0623 2472 sppuinotify - ok
11:24:03.0673 2472 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:24:03.0693 2472 srv - ok
11:24:03.0733 2472 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:24:03.0743 2472 srv2 - ok
11:24:03.0803 2472 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
11:24:03.0803 2472 SrvHsfHDA - ok
11:24:03.0843 2472 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
11:24:03.0873 2472 SrvHsfV92 - ok
11:24:03.0933 2472 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
11:24:03.0963 2472 SrvHsfWinac - ok
11:24:04.0013 2472 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:24:04.0013 2472 srvnet - ok
11:24:04.0043 2472 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:24:04.0043 2472 SSDPSRV - ok
11:24:04.0083 2472 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:24:04.0093 2472 SstpSvc - ok
11:24:04.0113 2472 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:24:04.0123 2472 stexstor - ok
11:24:04.0153 2472 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
11:24:04.0183 2472 StiSvc - ok
11:24:04.0213 2472 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
11:24:04.0213 2472 storflt - ok
11:24:04.0233 2472 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
11:24:04.0233 2472 storvsc - ok
11:24:04.0253 2472 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:24:04.0263 2472 swenum - ok
11:24:04.0293 2472 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
11:24:04.0293 2472 swprv - ok
11:24:04.0343 2472 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
11:24:04.0403 2472 SysMain - ok
11:24:04.0423 2472 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:24:04.0423 2472 TabletInputService - ok
11:24:04.0453 2472 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
11:24:04.0453 2472 TapiSrv - ok
11:24:04.0473 2472 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
11:24:04.0473 2472 TBS - ok
11:24:04.0553 2472 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:24:04.0593 2472 Tcpip - ok
11:24:04.0643 2472 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:24:04.0653 2472 TCPIP6 - ok
11:24:04.0693 2472 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:24:04.0693 2472 tcpipreg - ok
11:24:04.0713 2472 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:24:04.0713 2472 TDPIPE - ok
11:24:04.0753 2472 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:24:04.0753 2472 TDTCP - ok
11:24:04.0763 2472 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:24:04.0773 2472 tdx - ok
11:24:04.0783 2472 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:24:04.0783 2472 TermDD - ok
11:24:04.0823 2472 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
11:24:04.0843 2472 TermService - ok
11:24:04.0873 2472 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
11:24:04.0873 2472 Themes - ok
11:24:04.0883 2472 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
11:24:04.0893 2472 THREADORDER - ok
11:24:04.0913 2472 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
11:24:04.0923 2472 TrkWks - ok
11:24:04.0983 2472 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:24:04.0983 2472 TrustedInstaller - ok
11:24:05.0003 2472 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:24:05.0003 2472 tssecsrv - ok
11:24:05.0053 2472 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:24:05.0053 2472 tunnel - ok
11:24:05.0073 2472 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:24:05.0073 2472 uagp35 - ok
11:24:05.0093 2472 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:24:05.0103 2472 udfs - ok
11:24:05.0143 2472 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:24:05.0143 2472 UI0Detect - ok
11:24:05.0173 2472 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
11:24:05.0183 2472 uliagpkx - ok
11:24:05.0193 2472 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:24:05.0203 2472 umbus - ok
11:24:05.0203 2472 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:24:05.0203 2472 UmPass - ok
11:24:05.0243 2472 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
11:24:05.0253 2472 UmRdpService - ok
11:24:05.0273 2472 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
11:24:05.0273 2472 upnphost - ok
11:24:05.0333 2472 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
11:24:05.0333 2472 USBAAPL - ok
11:24:05.0353 2472 [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:24:05.0363 2472 usbccgp - ok
11:24:05.0383 2472 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
11:24:05.0383 2472 usbcir - ok
11:24:05.0403 2472 [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:24:05.0403 2472 usbehci - ok
11:24:05.0433 2472 [ EE6EF93CCFA94FAE8C6AB298273D8AE2 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:24:05.0443 2472 usbhub - ok
11:24:05.0463 2472 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
11:24:05.0463 2472 usbohci - ok
11:24:05.0483 2472 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:24:05.0493 2472 usbprint - ok
11:24:05.0513 2472 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:24:05.0513 2472 usbscan - ok
11:24:05.0533 2472 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:24:05.0533 2472 USBSTOR - ok
11:24:05.0543 2472 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:24:05.0543 2472 usbuhci - ok
11:24:05.0583 2472 [ F642A7E4BF78CFA359CCA0A3557C28D7 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:24:05.0593 2472 usbvideo - ok
11:24:05.0603 2472 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
11:24:05.0613 2472 UxSms - ok
11:24:05.0643 2472 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
11:24:05.0643 2472 VaultSvc - ok
11:24:05.0693 2472 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
11:24:05.0693 2472 vdrvroot - ok
11:24:05.0723 2472 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
11:24:05.0743 2472 vds - ok
11:24:05.0763 2472 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:24:05.0763 2472 vga - ok
11:24:05.0783 2472 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:24:05.0783 2472 VgaSave - ok
11:24:05.0823 2472 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
11:24:05.0833 2472 vhdmp - ok
11:24:05.0853 2472 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
11:24:05.0853 2472 viaagp - ok
11:24:05.0863 2472 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
11:24:05.0873 2472 ViaC7 - ok
11:24:05.0883 2472 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
11:24:05.0893 2472 viaide - ok
11:24:05.0913 2472 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
11:24:05.0923 2472 vmbus - ok
11:24:05.0933 2472 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
11:24:05.0943 2472 VMBusHID - ok
11:24:05.0973 2472 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
11:24:05.0973 2472 volmgr - ok
11:24:05.0993 2472 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:24:05.0993 2472 volmgrx - ok
11:24:06.0043 2472 [ 59F06B4968E58BC83DFC56CA4517960E ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:24:06.0043 2472 volsnap - ok
11:24:06.0083 2472 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:24:06.0083 2472 vsmraid - ok
11:24:06.0143 2472 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
11:24:06.0173 2472 VSS - ok
11:24:06.0183 2472 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:24:06.0183 2472 vwifibus - ok
11:24:06.0203 2472 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:24:06.0213 2472 vwififlt - ok
11:24:06.0223 2472 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:24:06.0223 2472 vwifimp - ok
11:24:06.0243 2472 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
11:24:06.0253 2472 W32Time - ok
11:24:06.0283 2472 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:24:06.0293 2472 WacomPen - ok
11:24:06.0323 2472 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:24:06.0323 2472 WANARP - ok
11:24:06.0333 2472 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:24:06.0333 2472 Wanarpv6 - ok
11:24:06.0433 2472 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:24:06.0463 2472 WatAdminSvc - ok
11:24:06.0533 2472 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
11:24:06.0563 2472 wbengine - ok
11:24:06.0593 2472 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:24:06.0603 2472 WbioSrvc - ok
11:24:06.0633 2472 [ D0F88AA11EE1A62BCC6D6A8A7783CA11 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:24:06.0633 2472 wcncsvc - ok
11:24:06.0663 2472 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:24:06.0663 2472 WcsPlugInService - ok
11:24:06.0723 2472 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:24:06.0733 2472 Wd - ok
11:24:06.0773 2472 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:24:06.0793 2472 Wdf01000 - ok
11:24:06.0813 2472 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:24:06.0823 2472 WdiServiceHost - ok
11:24:06.0823 2472 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:24:06.0833 2472 WdiSystemHost - ok
11:24:06.0863 2472 [ D87C7D2C517F82A5AB7A73E203063D9E ] WebClient C:\Windows\System32\webclnt.dll
11:24:06.0863 2472 WebClient - ok
11:24:06.0903 2472 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:24:06.0913 2472 Wecsvc - ok
11:24:06.0943 2472 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:24:06.0943 2472 wercplsupport - ok
11:24:06.0973 2472 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
11:24:06.0973 2472 WerSvc - ok
11:24:07.0003 2472 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:24:07.0003 2472 WfpLwf - ok
11:24:07.0023 2472 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:24:07.0023 2472 WIMMount - ok
11:24:07.0093 2472 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:24:07.0113 2472 WinDefend - ok
11:24:07.0113 2472 WinHttpAutoProxySvc - ok
11:24:07.0183 2472 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:24:07.0193 2472 Winmgmt - ok
11:24:07.0243 2472 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
11:24:07.0273 2472 WinRM - ok
11:24:07.0353 2472 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:24:07.0353 2472 WinUsb - ok
11:24:07.0383 2472 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:24:07.0413 2472 Wlansvc - ok
11:24:07.0433 2472 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:24:07.0433 2472 WmiAcpi - ok
11:24:07.0463 2472 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:24:07.0473 2472 wmiApSrv - ok
11:24:07.0563 2472 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:24:07.0593 2472 WMPNetworkSvc - ok
11:24:07.0613 2472 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:24:07.0613 2472 WPCSvc - ok
11:24:07.0643 2472 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:24:07.0643 2472 WPDBusEnum - ok
11:24:07.0653 2472 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:24:07.0653 2472 ws2ifsl - ok
11:24:07.0673 2472 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
11:24:07.0683 2472 wscsvc - ok
11:24:07.0683 2472 WSearch - ok
11:24:07.0773 2472 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
11:24:07.0823 2472 wuauserv - ok
11:24:07.0843 2472 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:24:07.0853 2472 WudfPf - ok
11:24:07.0873 2472 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:24:07.0873 2472 WUDFRd - ok
11:24:07.0903 2472 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:24:07.0903 2472 wudfsvc - ok
11:24:07.0933 2472 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
11:24:07.0933 2472 WwanSvc - ok
11:24:07.0963 2472 ================ Scan global ===============================
11:24:07.0983 2472 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
11:24:08.0023 2472 [ A9E43C040F405DB689FC29534EF0389B ] C:\Windows\system32\winsrv.dll
11:24:08.0033 2472 [ A9E43C040F405DB689FC29534EF0389B ] C:\Windows\system32\winsrv.dll
11:24:08.0063 2472 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
11:24:08.0083 2472 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
11:24:08.0093 2472 [Global] - ok
11:24:08.0093 2472 ================ Scan MBR ==================================
11:24:08.0113 2472 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:24:08.0113 2472 Suspicious mbr (Forged): \Device\Harddisk0\DR0
11:24:08.0143 2472 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
11:24:08.0153 2472 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
11:24:08.0153 2472 ================ Scan VBR ==================================
11:24:08.0153 2472 [ 86C90C2207D6CE3DC54DFE0CBDEBBDA4 ] \Device\Harddisk0\DR0\Partition1
11:24:08.0163 2472 \Device\Harddisk0\DR0\Partition1 - ok
11:24:08.0203 2472 [ 6199E8029FFD6C65F3A618C7B42A18E3 ] \Device\Harddisk0\DR0\Partition2
11:24:08.0203 2472 \Device\Harddisk0\DR0\Partition2 - ok
11:24:08.0203 2472 ============================================================
11:24:08.0203 2472 Scan finished
11:24:08.0203 2472 ============================================================
11:24:08.0213 3360 Detected object count: 1
11:24:08.0213 3360 Actual detected object count: 1
11:24:23.0713 3360 \Device\Harddisk0\DR0\# - copied to quarantine
11:24:23.0723 3360 \Device\Harddisk0\DR0 - copied to quarantine
11:24:23.0773 3360 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
11:24:23.0783 3360 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
11:24:23.0783 3360 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
11:24:23.0783 3360 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
11:24:23.0803 3360 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
11:24:23.0813 3360 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
11:24:23.0813 3360 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
11:24:23.0813 3360 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
11:24:23.0813 3360 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
11:24:23.0813 3360 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
11:24:23.0823 3360 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
11:24:23.0823 3360 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
11:24:23.0843 3360 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
11:24:23.0843 3360 \Device\Harddisk0\DR0 - ok
11:24:24.0433 3360 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
11:24:29.0063 5344 Deinitialize success

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-01 11:44:41
-----------------------------
11:44:41.568 OS Version: Windows 6.1.7600
11:44:41.568 Number of processors: 2 586 0x170A
11:44:41.568 ComputerName: NICK-PC UserName: Nick
11:44:42.380 Initialize success
11:45:52.127 AVAST engine defs: 13020100
11:48:26.358 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:48:26.374 Disk 0 Vendor: FUJITSU_MHZ2320BH_G2 8909 Size: 305245MB BusType: 11
11:48:26.390 Disk 0 MBR read successfully
11:48:26.390 Disk 0 MBR scan
11:48:26.405 Disk 0 Windows 7 default MBR code
11:48:26.405 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 294097 MB offset 63
11:48:26.436 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 11144 MB offset 602312704
11:48:26.452 Disk 0 scanning sectors +625135616
11:48:26.514 Disk 0 scanning C:\Windows\system32\drivers
11:48:34.954 Service scanning
11:48:57.652 Modules scanning
11:49:02.769 Disk 0 trace - called modules:
11:49:02.784 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
11:49:02.800 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8552d0a0]
11:49:02.800 3 CLASSPNP.SYS[8a3ae59e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84756908]
11:49:03.611 AVAST engine scan C:\Windows
11:49:06.029 AVAST engine scan C:\Windows\system32
11:51:44.655 AVAST engine scan C:\Windows\system32\drivers
11:51:54.499 AVAST engine scan C:\Users\Nick
11:54:12.575 File: C:\Users\Nick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T3YIUVZE\calc[1].exe **INFECTED** Win32:Trojan-gen
12:08:32.480 Disk 0 MBR has been saved successfully to "C:\Users\Nick\Desktop\MBR.dat"
12:08:32.480 The log file has been saved successfully to "C:\Users\Nick\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-01 12:09:15
-----------------------------
12:09:15.473 OS Version: Windows 6.1.7600
12:09:15.473 Number of processors: 2 586 0x170A
12:09:15.473 ComputerName: NICK-PC UserName: Nick
12:09:16.565 Initialize success
12:09:24.646 AVAST engine defs: 13020100
12:10:25.439 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:10:25.455 Disk 0 Vendor: FUJITSU_MHZ2320BH_G2 8909 Size: 305245MB BusType: 11
12:10:25.455 Disk 0 MBR read successfully
12:10:25.455 Disk 0 MBR scan
12:10:25.471 Disk 0 Windows 7 default MBR code
12:10:25.471 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 294097 MB offset 63
12:10:25.845 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 11144 MB offset 602312704
12:10:25.861 Disk 0 scanning sectors +625135616
12:10:26.032 Disk 0 scanning C:\Windows\system32\drivers
12:10:36.453 Service scanning
12:10:58.168 Modules scanning
12:11:02.021 Disk 0 trace - called modules:
12:11:02.053 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
12:11:02.068 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8552d0a0]
12:11:02.068 3 CLASSPNP.SYS[8a3ae59e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84756908]
12:11:03.051 AVAST engine scan C:\Windows
12:11:07.606 AVAST engine scan C:\Windows\system32
12:13:36.774 AVAST engine scan C:\Windows\system32\drivers
12:13:46.461 AVAST engine scan C:\Users\Nick
12:15:40.919 File: C:\Users\Nick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T3YIUVZE\calc[1].exe **INFECTED** Win32:Trojan-gen
12:27:45.150 File: C:\Users\Nick\AppData\Local\Temp\150A.tmp **INFECTED** Win32:Trojan-gen
12:27:54.510 File: C:\Users\Nick\AppData\Local\Temp\88C3.tmp **INFECTED** Win32:Trojan-gen
12:31:07.077 File: C:\Users\Nick\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\23e1db20-514069b9 **INFECTED** Win32:Trojan-gen
12:34:29.940 AVAST engine scan C:\ProgramData
12:35:46.707 Scan finished successfully
14:07:43.033 Disk 0 MBR has been saved successfully to "C:\Users\Nick\Desktop\MBR.dat"
14:07:43.033 The log file has been saved successfully to "C:\Users\Nick\Desktop\aswMBR.txt"

C:\Users\All Users\Microsoft\Windows\DRM\6155.tmp Win32/Olmarik.AYD trojan
C:\Users\All Users\Microsoft\Windows\DRM\FBA0.tmp Win32/Olmarik.AYD trojan
C:\ProgramData\Microsoft\Windows\DRM\6155.tmp Win32/Olmarik.AYD trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\FBA0.tmp Win32/Olmarik.AYD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\01.02.2013_11.23.44\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\01.02.2013_11.23.44\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\01.02.2013_11.23.44\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.SG trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\01.02.2013_11.23.44\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\01.02.2013_11.23.44\mbr0000\tdlfs0000\tsk0008.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\01.02.2013_11.23.44\mbr0000\tdlfs0000\tsk0009.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\Users\Nick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T3YIUVZE\calc[1].exe Win32/Olmarik.AYD trojan cleaned by deleting - quarantined
C:\Users\Nick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G4XWM9M8\oven-baked-pot-roast-with-potatoes-and-carrots[1].htm JS/Kryptik.AH trojan cleaned by deleting - quarantined
C:\Users\Nick\AppData\Local\Temp\150A.tmp Win32/Olmarik.AYD trojan cleaned by deleting - quarantined
C:\Users\Nick\AppData\Local\Temp\88C3.tmp Win32/Olmarik.AYD trojan cleaned by deleting - quarantined
C:\Users\Nick\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\23e1db20-514069b9 Win32/Olmarik.AYD trojan cleaned by deleting - quarantined
C:\Users\Nick\AppData\Roaming\mscaui.dll a variant of Win32/Medfos.JK trojan cleaned by deleting - quarantined
C:\Users\Nick\AppData\Roaming\utasat.dll a variant of Win32/Medfos.JK trojan cleaned by deleting - quarantined
C:\Windows\System32\sysprep\cryptbase.dll Win32/Olmarik.AYD trojan cleaned by deleting - quarantined
C:\Windows\System32\sysprep\syssetup.dll Win32/Olmarik.AYD trojan cleaned by deleting - quarantined

Running a little better, not getting the blue screen of death any more, and no crash and restart. however i still have no icons or taskbar on the desktop. Task manager won't show won't show unless I open it in the first 10 seconds the desktop appears.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:17 PM

Posted 01 February 2013 - 05:40 PM

Run TDSSkiller again and post the new log

Download UNHIDE from here

http://www.bleepingcomputer.com/download/unhide/dl/6/

This should restore hidden icons

All these scans should be done in normal mode


Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.



Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 destry.stevens

destry.stevens
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 PM

Posted 01 February 2013 - 06:43 PM

I ran this scan in Safe mode

16:46:30.0315 0588 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:46:30.0814 0588 ============================================================
16:46:30.0814 0588 Current date / time: 2013/02/01 16:46:30.0814
16:46:30.0814 0588 SystemInfo:
16:46:30.0814 0588
16:46:30.0814 0588 OS Version: 6.1.7600 ServicePack: 0.0
16:46:30.0814 0588 Product type: Workstation
16:46:30.0814 0588 ComputerName: NICK-PC
16:46:30.0814 0588 UserName: Nick
16:46:30.0814 0588 Windows directory: C:\Windows
16:46:30.0814 0588 System windows directory: C:\Windows
16:46:30.0814 0588 Processor architecture: Intel x86
16:46:30.0814 0588 Number of processors: 2
16:46:30.0814 0588 Page size: 0x1000
16:46:30.0814 0588 Boot type: Safe boot with network
16:46:30.0814 0588 ============================================================
16:46:31.0922 0588 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:46:31.0922 0588 ============================================================
16:46:31.0922 0588 \Device\Harddisk0\DR0:
16:46:31.0922 0588 MBR partitions:
16:46:31.0922 0588 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23E68FC1
16:46:31.0922 0588 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23E69000, BlocksNum 0x15C4000
16:46:31.0922 0588 ============================================================
16:46:31.0937 0588 C: <-> \Device\Harddisk0\DR0\Partition1
16:46:31.0969 0588 D: <-> \Device\Harddisk0\DR0\Partition2
16:46:31.0969 0588 ============================================================
16:46:31.0969 0588 Initialize success
16:46:31.0969 0588 ============================================================
16:46:34.0215 0760 ============================================================
16:46:34.0215 0760 Scan started
16:46:34.0215 0760 Mode: Manual;
16:46:34.0215 0760 ============================================================
16:46:34.0777 0760 ================ Scan system memory ========================
16:46:34.0777 0760 System memory - ok
16:46:34.0777 0760 ================ Scan services =============================
16:46:34.0917 0760 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:46:34.0933 0760 1394ohci - ok
16:46:34.0948 0760 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
16:46:34.0964 0760 ACPI - ok
16:46:34.0979 0760 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
16:46:34.0979 0760 AcpiPmi - ok
16:46:35.0073 0760 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:46:35.0089 0760 AdobeFlashPlayerUpdateSvc - ok
16:46:35.0135 0760 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:46:35.0151 0760 adp94xx - ok
16:46:35.0182 0760 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:46:35.0182 0760 adpahci - ok
16:46:35.0229 0760 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:46:35.0229 0760 adpu320 - ok
16:46:35.0385 0760 [ CBFAA333EBA2E402A0439A3A0E5413F3 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
16:46:35.0416 0760 AdvancedSystemCareService6 - ok
16:46:35.0447 0760 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:46:35.0447 0760 AeLookupSvc - ok
16:46:35.0494 0760 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
16:46:35.0494 0760 AFD - ok
16:46:35.0525 0760 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
16:46:35.0525 0760 agp440 - ok
16:46:35.0557 0760 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
16:46:35.0557 0760 aic78xx - ok
16:46:35.0572 0760 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
16:46:35.0572 0760 ALG - ok
16:46:35.0603 0760 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
16:46:35.0603 0760 aliide - ok
16:46:35.0619 0760 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
16:46:35.0619 0760 amdagp - ok
16:46:35.0635 0760 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
16:46:35.0635 0760 amdide - ok
16:46:35.0666 0760 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:46:35.0666 0760 AmdK8 - ok
16:46:35.0681 0760 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:46:35.0681 0760 AmdPPM - ok
16:46:35.0697 0760 [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
16:46:35.0697 0760 amdsata - ok
16:46:35.0728 0760 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:46:35.0728 0760 amdsbs - ok
16:46:35.0744 0760 [ B81C2B5616F6420A9941EA093A92B150 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
16:46:35.0759 0760 amdxata - ok
16:46:35.0759 0760 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
16:46:35.0759 0760 AppID - ok
16:46:35.0791 0760 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:46:35.0791 0760 AppIDSvc - ok
16:46:35.0822 0760 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
16:46:35.0822 0760 Appinfo - ok
16:46:35.0900 0760 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:46:35.0900 0760 Apple Mobile Device - ok
16:46:35.0947 0760 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
16:46:35.0947 0760 AppMgmt - ok
16:46:35.0978 0760 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:46:35.0978 0760 arc - ok
16:46:35.0993 0760 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:46:35.0993 0760 arcsas - ok
16:46:36.0025 0760 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:46:36.0025 0760 AsyncMac - ok
16:46:36.0025 0760 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
16:46:36.0025 0760 atapi - ok
16:46:36.0087 0760 [ 614A60AEE03A6151FDCBAC295854A9CB ] athr C:\Windows\system32\DRIVERS\athr.sys
16:46:36.0134 0760 athr - ok
16:46:36.0181 0760 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:46:36.0212 0760 AudioEndpointBuilder - ok
16:46:36.0227 0760 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:46:36.0227 0760 Audiosrv - ok
16:46:36.0259 0760 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:46:36.0259 0760 AxInstSV - ok
16:46:36.0290 0760 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
16:46:36.0321 0760 b06bdrv - ok
16:46:36.0352 0760 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
16:46:36.0352 0760 b57nd60x - ok
16:46:36.0399 0760 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
16:46:36.0399 0760 BDESVC - ok
16:46:36.0415 0760 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
16:46:36.0415 0760 Beep - ok
16:46:36.0446 0760 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
16:46:36.0477 0760 BFE - ok
16:46:36.0508 0760 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
16:46:36.0602 0760 BITS - ok
16:46:36.0617 0760 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:46:36.0617 0760 blbdrive - ok
16:46:36.0695 0760 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:46:36.0711 0760 Bonjour Service - ok
16:46:36.0758 0760 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:46:36.0773 0760 bowser - ok
16:46:36.0773 0760 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:46:36.0773 0760 BrFiltLo - ok
16:46:36.0789 0760 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:46:36.0789 0760 BrFiltUp - ok
16:46:36.0820 0760 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
16:46:36.0820 0760 Browser - ok
16:46:36.0851 0760 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:46:36.0851 0760 Brserid - ok
16:46:36.0867 0760 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:46:36.0883 0760 BrSerWdm - ok
16:46:36.0898 0760 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:46:36.0898 0760 BrUsbMdm - ok
16:46:36.0898 0760 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:46:36.0898 0760 BrUsbSer - ok
16:46:36.0914 0760 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:46:36.0914 0760 BTHMODEM - ok
16:46:36.0945 0760 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
16:46:36.0945 0760 bthserv - ok
16:46:36.0976 0760 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:46:36.0976 0760 cdfs - ok
16:46:37.0023 0760 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:46:37.0023 0760 cdrom - ok
16:46:37.0054 0760 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
16:46:37.0054 0760 CertPropSvc - ok
16:46:37.0070 0760 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:46:37.0070 0760 circlass - ok
16:46:37.0085 0760 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
16:46:37.0101 0760 CLFS - ok
16:46:37.0163 0760 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:46:37.0163 0760 clr_optimization_v2.0.50727_32 - ok
16:46:37.0210 0760 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:46:37.0210 0760 CmBatt - ok
16:46:37.0226 0760 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
16:46:37.0226 0760 cmdide - ok
16:46:37.0273 0760 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
16:46:37.0273 0760 CNG - ok
16:46:37.0304 0760 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:46:37.0304 0760 Compbatt - ok
16:46:37.0319 0760 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:46:37.0319 0760 CompositeBus - ok
16:46:37.0335 0760 COMSysApp - ok
16:46:37.0366 0760 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:46:37.0366 0760 crcdisk - ok
16:46:37.0413 0760 [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:46:37.0413 0760 CryptSvc - ok
16:46:37.0460 0760 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys
16:46:37.0460 0760 CSC - ok
16:46:37.0475 0760 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll
16:46:37.0522 0760 CscService - ok
16:46:37.0553 0760 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
16:46:37.0569 0760 DcomLaunch - ok
16:46:37.0585 0760 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
16:46:37.0585 0760 defragsvc - ok
16:46:37.0631 0760 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:46:37.0631 0760 DfsC - ok
16:46:37.0663 0760 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:46:37.0663 0760 Dhcp - ok
16:46:37.0694 0760 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
16:46:37.0694 0760 discache - ok
16:46:37.0725 0760 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:46:37.0725 0760 Disk - ok
16:46:37.0756 0760 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:46:37.0756 0760 Dnscache - ok
16:46:37.0787 0760 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
16:46:37.0787 0760 dot3svc - ok
16:46:37.0819 0760 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
16:46:37.0834 0760 DPS - ok
16:46:37.0850 0760 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:46:37.0850 0760 drmkaud - ok
16:46:37.0912 0760 [ C94B6C3CC628179CB9B9061C19888B99 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:46:37.0928 0760 DXGKrnl - ok
16:46:37.0975 0760 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
16:46:37.0975 0760 EapHost - ok
16:46:38.0084 0760 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
16:46:38.0146 0760 ebdrv - ok
16:46:38.0177 0760 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
16:46:38.0177 0760 EFS - ok
16:46:38.0240 0760 [ 3A74A6E33685662B125A3269B1F2114F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:46:38.0255 0760 ehRecvr - ok
16:46:38.0271 0760 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
16:46:38.0271 0760 ehSched - ok
16:46:38.0318 0760 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:46:38.0318 0760 elxstor - ok
16:46:38.0333 0760 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
16:46:38.0333 0760 ErrDev - ok
16:46:38.0380 0760 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
16:46:38.0396 0760 EventSystem - ok
16:46:38.0411 0760 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
16:46:38.0411 0760 exfat - ok
16:46:38.0427 0760 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:46:38.0427 0760 fastfat - ok
16:46:38.0458 0760 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
16:46:38.0489 0760 Fax - ok
16:46:38.0505 0760 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:46:38.0505 0760 fdc - ok
16:46:38.0521 0760 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
16:46:38.0536 0760 fdPHost - ok
16:46:38.0552 0760 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
16:46:38.0552 0760 FDResPub - ok
16:46:38.0567 0760 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:46:38.0567 0760 FileInfo - ok
16:46:38.0583 0760 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:46:38.0583 0760 Filetrace - ok
16:46:38.0599 0760 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:46:38.0599 0760 flpydisk - ok
16:46:38.0630 0760 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:46:38.0630 0760 FltMgr - ok
16:46:38.0677 0760 [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache C:\Windows\system32\FntCache.dll
16:46:38.0692 0760 FontCache - ok
16:46:38.0739 0760 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:46:38.0739 0760 FontCache3.0.0.0 - ok
16:46:38.0755 0760 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:46:38.0770 0760 FsDepends - ok
16:46:38.0801 0760 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:46:38.0801 0760 Fs_Rec - ok
16:46:38.0848 0760 [ 5592F5DBA26282D24D2B080EB438A4D7 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:46:38.0848 0760 fvevol - ok
16:46:38.0879 0760 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:46:38.0879 0760 gagp30kx - ok
16:46:38.0957 0760 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
16:46:38.0973 0760 GamesAppService - ok
16:46:39.0004 0760 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:46:39.0004 0760 GEARAspiWDM - ok
16:46:39.0035 0760 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
16:46:39.0067 0760 gpsvc - ok
16:46:39.0145 0760 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:46:39.0145 0760 gupdate - ok
16:46:39.0176 0760 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:46:39.0176 0760 gupdatem - ok
16:46:39.0207 0760 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:46:39.0207 0760 hcw85cir - ok
16:46:39.0254 0760 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:46:39.0269 0760 HdAudAddService - ok
16:46:39.0332 0760 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:46:39.0332 0760 HDAudBus - ok
16:46:39.0441 0760 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:46:39.0441 0760 HidBatt - ok
16:46:39.0503 0760 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:46:39.0503 0760 HidBth - ok
16:46:39.0503 0760 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:46:39.0503 0760 HidIr - ok
16:46:39.0535 0760 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
16:46:39.0550 0760 hidserv - ok
16:46:39.0566 0760 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:46:39.0566 0760 HidUsb - ok
16:46:39.0581 0760 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:46:39.0581 0760 hkmsvc - ok
16:46:39.0613 0760 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:46:39.0613 0760 HomeGroupListener - ok
16:46:39.0644 0760 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:46:39.0644 0760 HomeGroupProvider - ok
16:46:39.0691 0760 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
16:46:39.0691 0760 HpSAMD - ok
16:46:39.0722 0760 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:46:39.0753 0760 HTTP - ok
16:46:39.0769 0760 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:46:39.0769 0760 hwpolicy - ok
16:46:39.0800 0760 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:46:39.0800 0760 i8042prt - ok
16:46:39.0847 0760 [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
16:46:39.0847 0760 iaStorV - ok
16:46:39.0909 0760 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:46:39.0940 0760 idsvc - ok
16:46:40.0174 0760 [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
16:46:40.0377 0760 igfx - ok
16:46:40.0408 0760 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:46:40.0408 0760 iirsp - ok
16:46:40.0455 0760 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
16:46:40.0486 0760 IKEEXT - ok
16:46:40.0517 0760 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
16:46:40.0517 0760 intelide - ok
16:46:40.0549 0760 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:46:40.0549 0760 intelppm - ok
16:46:40.0564 0760 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:46:40.0564 0760 IPBusEnum - ok
16:46:40.0580 0760 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:46:40.0580 0760 IpFilterDriver - ok
16:46:40.0611 0760 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:46:40.0642 0760 iphlpsvc - ok
16:46:40.0673 0760 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:46:40.0673 0760 IPMIDRV - ok
16:46:40.0689 0760 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:46:40.0689 0760 IPNAT - ok
16:46:40.0736 0760 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:46:40.0767 0760 iPod Service - ok
16:46:40.0798 0760 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:46:40.0798 0760 IRENUM - ok
16:46:40.0798 0760 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
16:46:40.0798 0760 isapnp - ok
16:46:40.0829 0760 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:46:40.0829 0760 iScsiPrt - ok
16:46:40.0861 0760 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:46:40.0861 0760 kbdclass - ok
16:46:40.0876 0760 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:46:40.0876 0760 kbdhid - ok
16:46:40.0892 0760 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
16:46:40.0907 0760 KeyIso - ok
16:46:40.0923 0760 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:46:40.0939 0760 KSecDD - ok
16:46:40.0954 0760 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:46:40.0954 0760 KSecPkg - ok
16:46:40.0985 0760 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
16:46:40.0985 0760 KtmRm - ok
16:46:41.0032 0760 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
16:46:41.0032 0760 LanmanServer - ok
16:46:41.0063 0760 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:46:41.0079 0760 LanmanWorkstation - ok
16:46:41.0110 0760 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:46:41.0110 0760 lltdio - ok
16:46:41.0141 0760 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:46:41.0141 0760 lltdsvc - ok
16:46:41.0157 0760 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
16:46:41.0157 0760 lmhosts - ok
16:46:41.0188 0760 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:46:41.0204 0760 LSI_FC - ok
16:46:41.0219 0760 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:46:41.0219 0760 LSI_SAS - ok
16:46:41.0251 0760 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:46:41.0251 0760 LSI_SAS2 - ok
16:46:41.0266 0760 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:46:41.0266 0760 LSI_SCSI - ok
16:46:41.0282 0760 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
16:46:41.0282 0760 luafv - ok
16:46:41.0344 0760 [ BE074BAD48BE291FE0E8F518B10AF455 ] lxeaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeaserv.exe
16:46:41.0360 0760 lxeaCATSCustConnectService - ok
16:46:41.0375 0760 lxea_device - ok
16:46:41.0391 0760 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:46:41.0407 0760 Mcx2Svc - ok
16:46:41.0469 0760 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
16:46:41.0485 0760 MDM - ok
16:46:41.0516 0760 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:46:41.0516 0760 megasas - ok
16:46:41.0547 0760 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:46:41.0547 0760 MegaSR - ok
16:46:41.0594 0760 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
16:46:41.0609 0760 Microsoft Office Groove Audit Service - ok
16:46:41.0625 0760 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
16:46:41.0641 0760 MMCSS - ok
16:46:41.0656 0760 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
16:46:41.0656 0760 Modem - ok
16:46:41.0672 0760 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:46:41.0687 0760 monitor - ok
16:46:41.0703 0760 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:46:41.0703 0760 mouclass - ok
16:46:41.0719 0760 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:46:41.0719 0760 mouhid - ok
16:46:41.0734 0760 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:46:41.0734 0760 mountmgr - ok
16:46:41.0781 0760 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
16:46:41.0781 0760 MpFilter - ok
16:46:41.0797 0760 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
16:46:41.0797 0760 mpio - ok
16:46:41.0812 0760 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:46:41.0812 0760 mpsdrv - ok
16:46:41.0843 0760 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
16:46:41.0875 0760 MpsSvc - ok
16:46:41.0906 0760 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:46:41.0906 0760 MRxDAV - ok
16:46:41.0953 0760 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:46:41.0953 0760 mrxsmb - ok
16:46:41.0984 0760 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:46:41.0984 0760 mrxsmb10 - ok
16:46:41.0999 0760 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:46:41.0999 0760 mrxsmb20 - ok
16:46:42.0031 0760 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
16:46:42.0031 0760 msahci - ok
16:46:42.0046 0760 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
16:46:42.0046 0760 msdsm - ok
16:46:42.0062 0760 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
16:46:42.0093 0760 MSDTC - ok
16:46:42.0109 0760 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:46:42.0109 0760 Msfs - ok
16:46:42.0124 0760 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:46:42.0124 0760 mshidkmdf - ok
16:46:42.0140 0760 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
16:46:42.0140 0760 msisadrv - ok
16:46:42.0187 0760 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:46:42.0187 0760 MSiSCSI - ok
16:46:42.0187 0760 msiserver - ok
16:46:42.0202 0760 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:46:42.0202 0760 MSKSSRV - ok
16:46:42.0280 0760 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:46:42.0280 0760 MsMpSvc - ok
16:46:42.0296 0760 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:46:42.0296 0760 MSPCLOCK - ok
16:46:42.0327 0760 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:46:42.0327 0760 MSPQM - ok
16:46:42.0343 0760 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:46:42.0343 0760 MsRPC - ok
16:46:42.0374 0760 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:46:42.0374 0760 mssmbios - ok
16:46:42.0374 0760 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:46:42.0389 0760 MSTEE - ok
16:46:42.0405 0760 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:46:42.0421 0760 MTConfig - ok
16:46:42.0436 0760 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
16:46:42.0436 0760 Mup - ok
16:46:42.0467 0760 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
16:46:42.0483 0760 napagent - ok
16:46:42.0514 0760 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:46:42.0514 0760 NativeWifiP - ok
16:46:42.0561 0760 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:46:42.0592 0760 NDIS - ok
16:46:42.0608 0760 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:46:42.0608 0760 NdisCap - ok
16:46:42.0655 0760 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:46:42.0655 0760 NdisTapi - ok
16:46:42.0670 0760 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:46:42.0670 0760 Ndisuio - ok
16:46:42.0686 0760 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:46:42.0686 0760 NdisWan - ok
16:46:42.0701 0760 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:46:42.0701 0760 NDProxy - ok
16:46:42.0701 0760 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:46:42.0717 0760 NetBIOS - ok
16:46:42.0733 0760 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:46:42.0733 0760 NetBT - ok
16:46:42.0748 0760 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
16:46:42.0748 0760 Netlogon - ok
16:46:42.0779 0760 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
16:46:42.0779 0760 Netman - ok
16:46:42.0811 0760 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
16:46:42.0826 0760 netprofm - ok
16:46:42.0842 0760 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:46:42.0857 0760 NetTcpPortSharing - ok
16:46:42.0873 0760 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:46:42.0889 0760 nfrd960 - ok
16:46:42.0904 0760 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:46:42.0920 0760 NisDrv - ok
16:46:42.0951 0760 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
16:46:42.0951 0760 NisSrv - ok
16:46:42.0967 0760 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
16:46:42.0982 0760 NlaSvc - ok
16:46:42.0998 0760 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:46:42.0998 0760 Npfs - ok
16:46:43.0013 0760 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
16:46:43.0013 0760 nsi - ok
16:46:43.0029 0760 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:46:43.0029 0760 nsiproxy - ok
16:46:43.0060 0760 [ 3795DCD21F740EE799FB7223234215AF ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:46:43.0107 0760 Ntfs - ok
16:46:43.0138 0760 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
16:46:43.0138 0760 Null - ok
16:46:43.0169 0760 [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
16:46:43.0169 0760 nvraid - ok
16:46:43.0185 0760 [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
16:46:43.0201 0760 nvstor - ok
16:46:43.0216 0760 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
16:46:43.0216 0760 nv_agp - ok
16:46:43.0263 0760 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:46:43.0294 0760 odserv - ok
16:46:43.0325 0760 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
16:46:43.0325 0760 ohci1394 - ok
16:46:43.0357 0760 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:46:43.0357 0760 ose - ok
16:46:43.0403 0760 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:46:43.0403 0760 p2pimsvc - ok
16:46:43.0419 0760 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
16:46:43.0435 0760 p2psvc - ok
16:46:43.0450 0760 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:46:43.0450 0760 Parport - ok
16:46:43.0497 0760 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:46:43.0497 0760 partmgr - ok
16:46:43.0513 0760 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
16:46:43.0513 0760 Parvdm - ok
16:46:43.0528 0760 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:46:43.0544 0760 PcaSvc - ok
16:46:43.0559 0760 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
16:46:43.0559 0760 pci - ok
16:46:43.0591 0760 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
16:46:43.0591 0760 pciide - ok
16:46:43.0606 0760 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:46:43.0606 0760 pcmcia - ok
16:46:43.0637 0760 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
16:46:43.0637 0760 pcw - ok
16:46:43.0669 0760 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:46:43.0700 0760 PEAUTH - ok
16:46:43.0747 0760 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:46:43.0793 0760 PeerDistSvc - ok
16:46:43.0856 0760 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
16:46:43.0918 0760 pla - ok
16:46:43.0981 0760 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:46:43.0981 0760 PlugPlay - ok
16:46:43.0996 0760 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:46:43.0996 0760 PNRPAutoReg - ok
16:46:44.0012 0760 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:46:44.0027 0760 PNRPsvc - ok
16:46:44.0059 0760 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:46:44.0059 0760 PolicyAgent - ok
16:46:44.0090 0760 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
16:46:44.0105 0760 Power - ok
16:46:44.0137 0760 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:46:44.0137 0760 PptpMiniport - ok
16:46:44.0152 0760 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:46:44.0152 0760 Processor - ok
16:46:44.0183 0760 [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc C:\Windows\system32\profsvc.dll
16:46:44.0199 0760 ProfSvc - ok
16:46:44.0215 0760 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:46:44.0215 0760 ProtectedStorage - ok
16:46:44.0230 0760 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:46:44.0246 0760 Psched - ok
16:46:44.0293 0760 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:46:44.0324 0760 ql2300 - ok
16:46:44.0355 0760 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:46:44.0355 0760 ql40xx - ok
16:46:44.0371 0760 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
16:46:44.0371 0760 QWAVE - ok
16:46:44.0402 0760 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:46:44.0402 0760 QWAVEdrv - ok
16:46:44.0402 0760 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:46:44.0402 0760 RasAcd - ok
16:46:44.0433 0760 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:46:44.0433 0760 RasAgileVpn - ok
16:46:44.0449 0760 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
16:46:44.0449 0760 RasAuto - ok
16:46:44.0480 0760 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:46:44.0480 0760 Rasl2tp - ok
16:46:44.0573 0760 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
16:46:44.0573 0760 RasMan - ok
16:46:44.0589 0760 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:46:44.0605 0760 RasPppoe - ok
16:46:44.0620 0760 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:46:44.0620 0760 RasSstp - ok
16:46:44.0636 0760 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:46:44.0636 0760 rdbss - ok
16:46:44.0651 0760 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:46:44.0651 0760 rdpbus - ok
16:46:44.0667 0760 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:46:44.0667 0760 RDPCDD - ok
16:46:44.0683 0760 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:46:44.0698 0760 RDPDR - ok
16:46:44.0714 0760 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:46:44.0714 0760 RDPENCDD - ok
16:46:44.0745 0760 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:46:44.0745 0760 RDPREFMP - ok
16:46:44.0792 0760 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:46:44.0792 0760 RDPWD - ok
16:46:44.0807 0760 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:46:44.0823 0760 rdyboost - ok
16:46:44.0839 0760 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
16:46:44.0854 0760 RemoteAccess - ok
16:46:44.0885 0760 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:46:44.0885 0760 RemoteRegistry - ok
16:46:44.0901 0760 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:46:44.0917 0760 RpcEptMapper - ok
16:46:44.0932 0760 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
16:46:44.0932 0760 RpcLocator - ok
16:46:44.0963 0760 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
16:46:44.0963 0760 RpcSs - ok
16:46:44.0979 0760 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:46:44.0979 0760 rspndr - ok
16:46:45.0026 0760 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
16:46:45.0026 0760 RTL8167 - ok
16:46:45.0057 0760 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
16:46:45.0057 0760 s3cap - ok
16:46:45.0073 0760 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
16:46:45.0073 0760 SamSs - ok
16:46:45.0104 0760 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
16:46:45.0104 0760 sbp2port - ok
16:46:45.0119 0760 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:46:45.0135 0760 SCardSvr - ok
16:46:45.0151 0760 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:46:45.0151 0760 scfilter - ok
16:46:45.0197 0760 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
16:46:45.0229 0760 Schedule - ok
16:46:45.0244 0760 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:46:45.0244 0760 SCPolicySvc - ok
16:46:45.0260 0760 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:46:45.0275 0760 SDRSVC - ok
16:46:45.0307 0760 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:46:45.0307 0760 secdrv - ok
16:46:45.0322 0760 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
16:46:45.0322 0760 seclogon - ok
16:46:45.0353 0760 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
16:46:45.0353 0760 SENS - ok
16:46:45.0400 0760 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:46:45.0400 0760 SensrSvc - ok
16:46:45.0416 0760 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:46:45.0416 0760 Serenum - ok
16:46:45.0431 0760 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:46:45.0431 0760 Serial - ok
16:46:45.0447 0760 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:46:45.0447 0760 sermouse - ok
16:46:45.0463 0760 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
16:46:45.0463 0760 SessionEnv - ok
16:46:45.0478 0760 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
16:46:45.0478 0760 sffdisk - ok
16:46:45.0494 0760 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:46:45.0494 0760 sffp_mmc - ok
16:46:45.0509 0760 [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
16:46:45.0509 0760 sffp_sd - ok
16:46:45.0541 0760 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:46:45.0541 0760 sfloppy - ok
16:46:45.0572 0760 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:46:45.0572 0760 SharedAccess - ok
16:46:45.0603 0760 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:46:45.0619 0760 ShellHWDetection - ok
16:46:45.0634 0760 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
16:46:45.0650 0760 sisagp - ok
16:46:45.0665 0760 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:46:45.0665 0760 SiSRaid2 - ok
16:46:45.0681 0760 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:46:45.0681 0760 SiSRaid4 - ok
16:46:45.0743 0760 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:46:45.0743 0760 SkypeUpdate - ok
16:46:45.0775 0760 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:46:45.0775 0760 Smb - ok
16:46:45.0806 0760 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:46:45.0806 0760 SNMPTRAP - ok
16:46:45.0821 0760 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
16:46:45.0821 0760 spldr - ok
16:46:45.0868 0760 [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler C:\Windows\System32\spoolsv.exe
16:46:45.0868 0760 Spooler - ok
16:46:45.0946 0760 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
16:46:46.0040 0760 sppsvc - ok
16:46:46.0071 0760 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:46:46.0087 0760 sppuinotify - ok
16:46:46.0118 0760 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:46:46.0118 0760 srv - ok
16:46:46.0149 0760 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:46:46.0149 0760 srv2 - ok
16:46:46.0180 0760 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
16:46:46.0180 0760 SrvHsfHDA - ok
16:46:46.0211 0760 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
16:46:46.0243 0760 SrvHsfV92 - ok
16:46:46.0289 0760 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
16:46:46.0321 0760 SrvHsfWinac - ok
16:46:46.0367 0760 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:46:46.0367 0760 srvnet - ok
16:46:46.0383 0760 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:46:46.0399 0760 SSDPSRV - ok
16:46:46.0414 0760 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:46:46.0414 0760 SstpSvc - ok
16:46:46.0445 0760 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:46:46.0445 0760 stexstor - ok
16:46:46.0477 0760 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
16:46:46.0508 0760 StiSvc - ok
16:46:46.0539 0760 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
16:46:46.0539 0760 storflt - ok
16:46:46.0555 0760 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
16:46:46.0555 0760 storvsc - ok
16:46:46.0586 0760 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:46:46.0586 0760 swenum - ok
16:46:46.0601 0760 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
16:46:46.0601 0760 swprv - ok
16:46:46.0648 0760 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
16:46:46.0695 0760 SysMain - ok
16:46:46.0711 0760 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:46:46.0711 0760 TabletInputService - ok
16:46:46.0757 0760 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
16:46:46.0757 0760 TapiSrv - ok
16:46:46.0773 0760 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
16:46:46.0773 0760 TBS - ok
16:46:46.0835 0760 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:46:46.0882 0760 Tcpip - ok
16:46:46.0929 0760 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:46:46.0929 0760 TCPIP6 - ok
16:46:46.0960 0760 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:46:46.0960 0760 tcpipreg - ok
16:46:46.0991 0760 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:46:46.0991 0760 TDPIPE - ok
16:46:47.0023 0760 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:46:47.0023 0760 TDTCP - ok
16:46:47.0038 0760 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:46:47.0038 0760 tdx - ok
16:46:47.0054 0760 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:46:47.0054 0760 TermDD - ok
16:46:47.0085 0760 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
16:46:47.0132 0760 TermService - ok
16:46:47.0147 0760 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
16:46:47.0147 0760 Themes - ok
16:46:47.0163 0760 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
16:46:47.0163 0760 THREADORDER - ok
16:46:47.0179 0760 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
16:46:47.0194 0760 TrkWks - ok
16:46:47.0241 0760 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:46:47.0241 0760 TrustedInstaller - ok
16:46:47.0257 0760 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:46:47.0257 0760 tssecsrv - ok
16:46:47.0319 0760 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:46:47.0319 0760 tunnel - ok
16:46:47.0319 0760 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:46:47.0335 0760 uagp35 - ok
16:46:47.0350 0760 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:46:47.0350 0760 udfs - ok
16:46:47.0397 0760 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:46:47.0397 0760 UI0Detect - ok
16:46:47.0428 0760 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
16:46:47.0428 0760 uliagpkx - ok
16:46:47.0459 0760 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:46:47.0459 0760 umbus - ok
16:46:47.0459 0760 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:46:47.0459 0760 UmPass - ok
16:46:47.0506 0760 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
16:46:47.0506 0760 UmRdpService - ok
16:46:47.0522 0760 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
16:46:47.0537 0760 upnphost - ok
16:46:47.0569 0760 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
16:46:47.0569 0760 USBAAPL - ok
16:46:47.0584 0760 [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:46:47.0600 0760 usbccgp - ok
16:46:47.0615 0760 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
16:46:47.0615 0760 usbcir - ok
16:46:47.0631 0760 [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:46:47.0631 0760 usbehci - ok
16:46:47.0662 0760 [ EE6EF93CCFA94FAE8C6AB298273D8AE2 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:46:47.0678 0760 usbhub - ok
16:46:47.0678 0760 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:46:47.0693 0760 usbohci - ok
16:46:47.0709 0760 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:46:47.0709 0760 usbprint - ok
16:46:47.0740 0760 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:46:47.0740 0760 usbscan - ok
16:46:47.0756 0760 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:46:47.0756 0760 USBSTOR - ok
16:46:47.0771 0760 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:46:47.0771 0760 usbuhci - ok
16:46:47.0803 0760 [ F642A7E4BF78CFA359CCA0A3557C28D7 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:46:47.0803 0760 usbvideo - ok
16:46:47.0818 0760 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
16:46:47.0818 0760 UxSms - ok
16:46:47.0834 0760 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
16:46:47.0834 0760 VaultSvc - ok
16:46:47.0865 0760 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
16:46:47.0865 0760 vdrvroot - ok
16:46:47.0896 0760 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
16:46:47.0927 0760 vds - ok
16:46:47.0959 0760 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:46:47.0959 0760 vga - ok
16:46:47.0974 0760 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:46:47.0974 0760 VgaSave - ok
16:46:47.0990 0760 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
16:46:48.0005 0760 vhdmp - ok
16:46:48.0021 0760 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
16:46:48.0021 0760 viaagp - ok
16:46:48.0037 0760 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
16:46:48.0037 0760 ViaC7 - ok
16:46:48.0052 0760 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
16:46:48.0052 0760 viaide - ok
16:46:48.0083 0760 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
16:46:48.0083 0760 vmbus - ok
16:46:48.0099 0760 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
16:46:48.0115 0760 VMBusHID - ok
16:46:48.0130 0760 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
16:46:48.0130 0760 volmgr - ok
16:46:48.0146 0760 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:46:48.0146 0760 volmgrx - ok
16:46:48.0193 0760 [ 59F06B4968E58BC83DFC56CA4517960E ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:46:48.0208 0760 volsnap - ok
16:46:48.0224 0760 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:46:48.0224 0760 vsmraid - ok
16:46:48.0271 0760 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
16:46:48.0317 0760 VSS - ok
16:46:48.0333 0760 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:46:48.0349 0760 vwifibus - ok
16:46:48.0364 0760 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:46:48.0364 0760 vwififlt - ok
16:46:48.0380 0760 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:46:48.0380 0760 vwifimp - ok
16:46:48.0395 0760 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
16:46:48.0395 0760 W32Time - ok
16:46:48.0442 0760 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:46:48.0442 0760 WacomPen - ok
16:46:48.0473 0760 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:46:48.0473 0760 WANARP - ok
16:46:48.0473 0760 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:46:48.0473 0760 Wanarpv6 - ok
16:46:48.0583 0760 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:46:48.0629 0760 WatAdminSvc - ok
16:46:48.0692 0760 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
16:46:48.0723 0760 wbengine - ok
16:46:48.0739 0760 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:46:48.0739 0760 WbioSrvc - ok
16:46:48.0770 0760 [ D0F88AA11EE1A62BCC6D6A8A7783CA11 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:46:48.0785 0760 wcncsvc - ok
16:46:48.0801 0760 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:46:48.0801 0760 WcsPlugInService - ok
16:46:48.0832 0760 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:46:48.0832 0760 Wd - ok
16:46:48.0848 0760 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:46:48.0895 0760 Wdf01000 - ok
16:46:48.0910 0760 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:46:48.0910 0760 WdiServiceHost - ok
16:46:48.0910 0760 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:46:48.0926 0760 WdiSystemHost - ok
16:46:48.0941 0760 [ D87C7D2C517F82A5AB7A73E203063D9E ] WebClient C:\Windows\System32\webclnt.dll
16:46:48.0941 0760 WebClient - ok
16:46:48.0957 0760 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:46:48.0973 0760 Wecsvc - ok
16:46:48.0988 0760 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:46:48.0988 0760 wercplsupport - ok
16:46:49.0019 0760 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
16:46:49.0019 0760 WerSvc - ok
16:46:49.0051 0760 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:46:49.0051 0760 WfpLwf - ok
16:46:49.0066 0760 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:46:49.0066 0760 WIMMount - ok
16:46:49.0129 0760 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:46:49.0160 0760 WinDefend - ok
16:46:49.0191 0760 WinHttpAutoProxySvc - ok
16:46:49.0222 0760 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:46:49.0238 0760 Winmgmt - ok
16:46:49.0285 0760 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
16:46:49.0331 0760 WinRM - ok
16:46:49.0394 0760 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:46:49.0394 0760 WinUsb - ok
16:46:49.0425 0760 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:46:49.0472 0760 Wlansvc - ok
16:46:49.0487 0760 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:46:49.0487 0760 WmiAcpi - ok
16:46:49.0519 0760 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:46:49.0534 0760 wmiApSrv - ok
16:46:49.0690 0760 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:46:49.0768 0760 WMPNetworkSvc - ok
16:46:49.0877 0760 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:46:49.0877 0760 WPCSvc - ok
16:46:49.0893 0760 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:46:49.0909 0760 WPDBusEnum - ok
16:46:49.0924 0760 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:46:49.0924 0760 ws2ifsl - ok
16:46:49.0940 0760 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
16:46:49.0955 0760 wscsvc - ok
16:46:49.0955 0760 WSearch - ok
16:46:50.0033 0760 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
16:46:50.0080 0760 wuauserv - ok
16:46:50.0111 0760 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:46:50.0111 0760 WudfPf - ok
16:46:50.0127 0760 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:46:50.0127 0760 WUDFRd - ok
16:46:50.0158 0760 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:46:50.0158 0760 wudfsvc - ok
16:46:50.0174 0760 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:46:50.0174 0760 WwanSvc - ok
16:46:50.0205 0760 ================ Scan global ===============================
16:46:50.0236 0760 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
16:46:50.0267 0760 [ A9E43C040F405DB689FC29534EF0389B ] C:\Windows\system32\winsrv.dll
16:46:50.0283 0760 [ A9E43C040F405DB689FC29534EF0389B ] C:\Windows\system32\winsrv.dll
16:46:50.0299 0760 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
16:46:50.0314 0760 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
16:46:50.0330 0760 [Global] - ok
16:46:50.0330 0760 ================ Scan MBR ==================================
16:46:50.0330 0760 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:46:50.0720 0760 \Device\Harddisk0\DR0 - ok
16:46:50.0720 0760 ================ Scan VBR ==================================
16:46:50.0720 0760 [ 86C90C2207D6CE3DC54DFE0CBDEBBDA4 ] \Device\Harddisk0\DR0\Partition1
16:46:50.0720 0760 \Device\Harddisk0\DR0\Partition1 - ok
16:46:50.0751 0760 [ 6199E8029FFD6C65F3A618C7B42A18E3 ] \Device\Harddisk0\DR0\Partition2
16:46:50.0751 0760 \Device\Harddisk0\DR0\Partition2 - ok
16:46:50.0767 0760 ============================================================
16:46:50.0767 0760 Scan finished
16:46:50.0767 0760 ============================================================
16:46:50.0767 1068 Detected object count: 0
16:46:50.0767 1068 Actual detected object count: 0
16:49:24.0552 0448 Deinitialize success

I attempted to run Unhide.exe, but I could only get it to run in Safe Mode.

In Regular Mode Windows Explorer stops working before I can open any programs.

Any ideas.

#6 destry.stevens

destry.stevens
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 PM

Posted 01 February 2013 - 08:03 PM

I finally got one of the scans to run in regular mode. I think it was just because it was a small enough program that it started running before windows explorer shut down.

MiniToolBox by Farbar Version:10-01-2013
Ran by Nick (administrator) on 01-02-2013 at 18:41:57
Running from "C:\Users\Nick\Desktop"
Windows 7 Ultimate (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR5007 802.11b/g WiFi Adapter = Wireless Network Connection (Connected)
Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Nick-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 06-24-2B-B6-29-95
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5007 802.11b/g WiFi Adapter
Physical Address. . . . . . . . . : 00-24-2B-B6-29-95
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::15e:1608:ce41:2010%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, February 01, 2013 6:40:15 PM
Lease Expires . . . . . . . . . . : Saturday, February 02, 2013 6:40:15 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 218113067
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-9D-00-EE-00-1F-16-75-13-1E
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : tctwest.net
Description . . . . . . . . . . . : Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 00-1F-16-75-13-1E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:30e1:1678:ba6f:1b1b(Preferred)
Link-local IPv6 Address . . . . . : fe80::30e1:1678:ba6f:1b1b%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.tctwest.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {8C562BD1-B0D5-41C3-AB08-5A14DB597958}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{72ED516D-FEAF-48C6-94CF-8EE91D09C638}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: ThePlantation
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:400a:801::1002
173.194.33.36
173.194.33.37
173.194.33.38
173.194.33.39
173.194.33.40
173.194.33.41
173.194.33.46
173.194.33.32
173.194.33.33
173.194.33.34
173.194.33.35


Pinging google.com [173.194.33.35] with 32 bytes of data:
Reply from 173.194.33.35: bytes=32 time=36ms TTL=53
Reply from 173.194.33.35: bytes=32 time=31ms TTL=53

Ping statistics for 173.194.33.35:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 31ms, Maximum = 36ms, Average = 33ms
Server: ThePlantation
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=42ms TTL=50
Reply from 206.190.36.45: bytes=32 time=37ms TTL=50

Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 37ms, Maximum = 42ms, Average = 39ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...06 24 2b b6 29 95 ......Microsoft Virtual WiFi Miniport Adapter
12...00 24 2b b6 29 95 ......Atheros AR5007 802.11b/g WiFi Adapter
11...00 1f 16 75 13 1e ......Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 281
192.168.1.101 255.255.255.255 On-link 192.168.1.101 281
192.168.1.255 255.255.255.255 On-link 192.168.1.101 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:30e1:1678:ba6f:1b1b/128
On-link
12 281 fe80::/64 On-link
13 306 fe80::/64 On-link
12 281 fe80::15e:1608:ce41:2010/128
On-link
13 306 fe80::30e1:1678:ba6f:1b1b/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/01/2013 06:41:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: reader_sl.exe, version: 8.0.0.0, time stamp: 0x46444e31
Faulting module name: USER32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb2f
Exception code: 0xc0000005
Fault offset: 0x00036e8b
Faulting process id: 0x158
Faulting application start time: 0xreader_sl.exe0
Faulting application path: reader_sl.exe1
Faulting module path: reader_sl.exe2
Report Id: reader_sl.exe3

Error: (02/01/2013 06:41:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: ONENOTEM.EXE, version: 12.0.6500.5000, time stamp: 0x49a6b036
Faulting module name: USER32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb2f
Exception code: 0xc0000005
Fault offset: 0x00036e8b
Faulting process id: 0xa64
Faulting application start time: 0xONENOTEM.EXE0
Faulting application path: ONENOTEM.EXE1
Faulting module path: ONENOTEM.EXE2
Report Id: ONENOTEM.EXE3

Error: (02/01/2013 06:41:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: igfxpers.exe, version: 8.15.10.2202, time stamp: 0x4c756824
Faulting module name: USER32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb2f
Exception code: 0xc0000005
Fault offset: 0x00036e8b
Faulting process id: 0x938
Faulting application start time: 0xigfxpers.exe0
Faulting application path: igfxpers.exe1
Faulting module path: igfxpers.exe2
Report Id: igfxpers.exe3

Error: (02/01/2013 06:41:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: iTunesHelper.exe, version: 10.6.1.7, time stamp: 0x4f71a478
Faulting module name: USER32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb2f
Exception code: 0xc0000005
Fault offset: 0x00036e8b
Faulting process id: 0x978
Faulting application start time: 0xiTunesHelper.exe0
Faulting application path: iTunesHelper.exe1
Faulting module path: iTunesHelper.exe2
Report Id: iTunesHelper.exe3

Error: (02/01/2013 06:41:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: lxeamon.exe, version: 0.1.25.0, time stamp: 0x4b2912fa
Faulting module name: USER32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb2f
Exception code: 0xc0000005
Fault offset: 0x00036e8b
Faulting process id: 0x178
Faulting application start time: 0xlxeamon.exe0
Faulting application path: lxeamon.exe1
Faulting module path: lxeamon.exe2
Report Id: lxeamon.exe3

Error: (02/01/2013 06:41:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc225
Faulting module name: USER32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb2f
Exception code: 0xc0000005
Fault offset: 0x00036e8b
Faulting process id: 0x6ac
Faulting application start time: 0xDwm.exe0
Faulting application path: Dwm.exe1
Faulting module path: Dwm.exe2
Report Id: Dwm.exe3

Error: (02/01/2013 06:41:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: msseces.exe, version: 4.1.522.0, time stamp: 0x5051253e
Faulting module name: USER32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb2f
Exception code: 0xc0000005
Fault offset: 0x00036e8b
Faulting process id: 0x968
Faulting application start time: 0xmsseces.exe0
Faulting application path: msseces.exe1
Faulting module path: msseces.exe2
Report Id: msseces.exe3

Error: (02/01/2013 06:41:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: ezprint.exe, version: 3.207.0.0, time stamp: 0x49d0bd13
Faulting module name: USER32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb2f
Exception code: 0xc0000005
Fault offset: 0x00036e8b
Faulting process id: 0x854
Faulting application start time: 0xezprint.exe0
Faulting application path: ezprint.exe1
Faulting module path: ezprint.exe2
Report Id: ezprint.exe3

Error: (02/01/2013 06:41:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: taskhost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc0f9
Faulting module name: USER32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb2f
Exception code: 0xc0000005
Fault offset: 0x00036e8b
Faulting process id: 0x6b4
Faulting application start time: 0xtaskhost.exe0
Faulting application path: taskhost.exe1
Faulting module path: taskhost.exe2
Report Id: taskhost.exe3

Error: (02/01/2013 06:41:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: igfxtray.exe, version: 8.15.10.2202, time stamp: 0x4c75683c
Faulting module name: USER32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb2f
Exception code: 0xc0000005
Fault offset: 0x00036e8b
Faulting process id: 0x8bc
Faulting application start time: 0xigfxtray.exe0
Faulting application path: igfxtray.exe1
Faulting module path: igfxtray.exe2
Report Id: igfxtray.exe3


System errors:
=============
Error: (02/01/2013 06:13:49 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/01/2013 06:13:49 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/01/2013 06:13:49 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/01/2013 06:13:09 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/01/2013 06:13:09 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/01/2013 06:13:09 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/01/2013 06:13:05 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/01/2013 06:13:05 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/01/2013 06:13:05 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/01/2013 06:10:17 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-02-01 07:57:38.526
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-01 07:48:03.767
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-01 07:43:10.076
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-31 23:50:13.646
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-31 23:16:34.487
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-31 23:03:03.975
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-31 00:04:58.543
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 23:13:03.927
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 23:07:15.235
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 13:11:00.800
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Reader 8.1.0 (Version: 8.1.0)
Advanced SystemCare 6 (Version: 6.1)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
Brownstone Equation Editor 5 (Version: 5.2)
Chronicles of Albian (Version: 2.2.0.95)
Comprehensive Review for NCLEX-PN, 2e
ESET Online Scanner v3
Google Chrome (Version: 24.0.1312.57)
Google Update Helper (Version: 1.3.21.123)
HP Games (Version: 1.0.2.5)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
Lexmark Printable Web (Version: 1.0.0.0)
Lexmark S300-S400 Series
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NCLEX-RN Strategy Practice Exam
NCLEX Tutorial (Version: 2.11.8.94)
QuickTime (Version: 7.66.73.0)
Revo Uninstaller 1.94 (Version: 1.94)
Saunders Q and A Review for PN
Saxton Review Questions 6e
Skype Toolbars (Version: 5.3.7280)
Skype™ 5.10 (Version: 5.10.116)
Tutor
Unity Web Player (Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update Installer for WildTangent Games App
WildTangent Games App (HP Games) (Version: 4.0.5.21)
Wizard101 (Version: 1.0.0)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 3003.2 MB
Available physical RAM: 2344.11 MB
Total Pagefile: 6004.67 MB
Available Pagefile: 5324.85 MB
Total Virtual: 2047.88 MB
Available Virtual: 1936.55 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:287.21 GB) (Free:244.76 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10.88 GB) (Free:1.82 GB) NTFS

========================= Users: ========================================

User accounts for \\NICK-PC

Administrator Guest Nick


**** End of log ****

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:17 PM

Posted 01 February 2013 - 09:56 PM

Run malwarebytes scan in safemode with networking,remove infections,reboot into normal mode and try to run other scans.

#8 destry.stevens

destry.stevens
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 PM

Posted 01 February 2013 - 11:59 PM

16:46:30.0315 0588 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:46:30.0814 0588 ============================================================
16:46:30.0814 0588 Current date / time: 2013/02/01 16:46:30.0814
16:46:30.0814 0588 SystemInfo:
16:46:30.0814 0588
16:46:30.0814 0588 OS Version: 6.1.7600 ServicePack: 0.0
16:46:30.0814 0588 Product type: Workstation
16:46:30.0814 0588 ComputerName: NICK-PC
16:46:30.0814 0588 UserName: Nick
16:46:30.0814 0588 Windows directory: C:\Windows
16:46:30.0814 0588 System windows directory: C:\Windows
16:46:30.0814 0588 Processor architecture: Intel x86
16:46:30.0814 0588 Number of processors: 2
16:46:30.0814 0588 Page size: 0x1000
16:46:30.0814 0588 Boot type: Safe boot with network
16:46:30.0814 0588 ============================================================
16:46:31.0922 0588 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:46:31.0922 0588 ============================================================
16:46:31.0922 0588 \Device\Harddisk0\DR0:
16:46:31.0922 0588 MBR partitions:
16:46:31.0922 0588 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23E68FC1
16:46:31.0922 0588 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23E69000, BlocksNum 0x15C4000
16:46:31.0922 0588 ============================================================
16:46:31.0937 0588 C: <-> \Device\Harddisk0\DR0\Partition1
16:46:31.0969 0588 D: <-> \Device\Harddisk0\DR0\Partition2
16:46:31.0969 0588 ============================================================
16:46:31.0969 0588 Initialize success
16:46:31.0969 0588 ============================================================
16:46:34.0215 0760 ============================================================
16:46:34.0215 0760 Scan started
16:46:34.0215 0760 Mode: Manual;
16:46:34.0215 0760 ============================================================
16:46:34.0777 0760 ================ Scan system memory ========================
16:46:34.0777 0760 System memory - ok
16:46:34.0777 0760 ================ Scan services =============================
16:46:34.0917 0760 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:46:34.0933 0760 1394ohci - ok
16:46:34.0948 0760 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
16:46:34.0964 0760 ACPI - ok
16:46:34.0979 0760 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
16:46:34.0979 0760 AcpiPmi - ok
16:46:35.0073 0760 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:46:35.0089 0760 AdobeFlashPlayerUpdateSvc - ok
16:46:35.0135 0760 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:46:35.0151 0760 adp94xx - ok
16:46:35.0182 0760 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:46:35.0182 0760 adpahci - ok
16:46:35.0229 0760 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:46:35.0229 0760 adpu320 - ok
16:46:35.0385 0760 [ CBFAA333EBA2E402A0439A3A0E5413F3 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
16:46:35.0416 0760 AdvancedSystemCareService6 - ok
16:46:35.0447 0760 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:46:35.0447 0760 AeLookupSvc - ok
16:46:35.0494 0760 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
16:46:35.0494 0760 AFD - ok
16:46:35.0525 0760 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
16:46:35.0525 0760 agp440 - ok
16:46:35.0557 0760 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
16:46:35.0557 0760 aic78xx - ok
16:46:35.0572 0760 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
16:46:35.0572 0760 ALG - ok
16:46:35.0603 0760 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
16:46:35.0603 0760 aliide - ok
16:46:35.0619 0760 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
16:46:35.0619 0760 amdagp - ok
16:46:35.0635 0760 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
16:46:35.0635 0760 amdide - ok
16:46:35.0666 0760 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:46:35.0666 0760 AmdK8 - ok
16:46:35.0681 0760 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:46:35.0681 0760 AmdPPM - ok
16:46:35.0697 0760 [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
16:46:35.0697 0760 amdsata - ok
16:46:35.0728 0760 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:46:35.0728 0760 amdsbs - ok
16:46:35.0744 0760 [ B81C2B5616F6420A9941EA093A92B150 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
16:46:35.0759 0760 amdxata - ok
16:46:35.0759 0760 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
16:46:35.0759 0760 AppID - ok
16:46:35.0791 0760 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:46:35.0791 0760 AppIDSvc - ok
16:46:35.0822 0760 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
16:46:35.0822 0760 Appinfo - ok
16:46:35.0900 0760 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:46:35.0900 0760 Apple Mobile Device - ok
16:46:35.0947 0760 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
16:46:35.0947 0760 AppMgmt - ok
16:46:35.0978 0760 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:46:35.0978 0760 arc - ok
16:46:35.0993 0760 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:46:35.0993 0760 arcsas - ok
16:46:36.0025 0760 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:46:36.0025 0760 AsyncMac - ok
16:46:36.0025 0760 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
16:46:36.0025 0760 atapi - ok
16:46:36.0087 0760 [ 614A60AEE03A6151FDCBAC295854A9CB ] athr C:\Windows\system32\DRIVERS\athr.sys
16:46:36.0134 0760 athr - ok
16:46:36.0181 0760 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:46:36.0212 0760 AudioEndpointBuilder - ok
16:46:36.0227 0760 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:46:36.0227 0760 Audiosrv - ok
16:46:36.0259 0760 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:46:36.0259 0760 AxInstSV - ok
16:46:36.0290 0760 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
16:46:36.0321 0760 b06bdrv - ok
16:46:36.0352 0760 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
16:46:36.0352 0760 b57nd60x - ok
16:46:36.0399 0760 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
16:46:36.0399 0760 BDESVC - ok
16:46:36.0415 0760 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
16:46:36.0415 0760 Beep - ok
16:46:36.0446 0760 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
16:46:36.0477 0760 BFE - ok
16:46:36.0508 0760 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
16:46:36.0602 0760 BITS - ok
16:46:36.0617 0760 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:46:36.0617 0760 blbdrive - ok
16:46:36.0695 0760 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:46:36.0711 0760 Bonjour Service - ok
16:46:36.0758 0760 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:46:36.0773 0760 bowser - ok
16:46:36.0773 0760 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:46:36.0773 0760 BrFiltLo - ok
16:46:36.0789 0760 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:46:36.0789 0760 BrFiltUp - ok
16:46:36.0820 0760 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
16:46:36.0820 0760 Browser - ok
16:46:36.0851 0760 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:46:36.0851 0760 Brserid - ok
16:46:36.0867 0760 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:46:36.0883 0760 BrSerWdm - ok
16:46:36.0898 0760 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:46:36.0898 0760 BrUsbMdm - ok
16:46:36.0898 0760 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:46:36.0898 0760 BrUsbSer - ok
16:46:36.0914 0760 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:46:36.0914 0760 BTHMODEM - ok
16:46:36.0945 0760 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
16:46:36.0945 0760 bthserv - ok
16:46:36.0976 0760 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:46:36.0976 0760 cdfs - ok
16:46:37.0023 0760 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:46:37.0023 0760 cdrom - ok
16:46:37.0054 0760 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
16:46:37.0054 0760 CertPropSvc - ok
16:46:37.0070 0760 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:46:37.0070 0760 circlass - ok
16:46:37.0085 0760 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
16:46:37.0101 0760 CLFS - ok
16:46:37.0163 0760 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:46:37.0163 0760 clr_optimization_v2.0.50727_32 - ok
16:46:37.0210 0760 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:46:37.0210 0760 CmBatt - ok
16:46:37.0226 0760 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
16:46:37.0226 0760 cmdide - ok
16:46:37.0273 0760 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
16:46:37.0273 0760 CNG - ok
16:46:37.0304 0760 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:46:37.0304 0760 Compbatt - ok
16:46:37.0319 0760 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:46:37.0319 0760 CompositeBus - ok
16:46:37.0335 0760 COMSysApp - ok
16:46:37.0366 0760 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:46:37.0366 0760 crcdisk - ok
16:46:37.0413 0760 [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:46:37.0413 0760 CryptSvc - ok
16:46:37.0460 0760 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys
16:46:37.0460 0760 CSC - ok
16:46:37.0475 0760 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll
16:46:37.0522 0760 CscService - ok
16:46:37.0553 0760 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
16:46:37.0569 0760 DcomLaunch - ok
16:46:37.0585 0760 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
16:46:37.0585 0760 defragsvc - ok
16:46:37.0631 0760 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:46:37.0631 0760 DfsC - ok
16:46:37.0663 0760 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:46:37.0663 0760 Dhcp - ok
16:46:37.0694 0760 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
16:46:37.0694 0760 discache - ok
16:46:37.0725 0760 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:46:37.0725 0760 Disk - ok
16:46:37.0756 0760 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:46:37.0756 0760 Dnscache - ok
16:46:37.0787 0760 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
16:46:37.0787 0760 dot3svc - ok
16:46:37.0819 0760 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
16:46:37.0834 0760 DPS - ok
16:46:37.0850 0760 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:46:37.0850 0760 drmkaud - ok
16:46:37.0912 0760 [ C94B6C3CC628179CB9B9061C19888B99 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:46:37.0928 0760 DXGKrnl - ok
16:46:37.0975 0760 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
16:46:37.0975 0760 EapHost - ok
16:46:38.0084 0760 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
16:46:38.0146 0760 ebdrv - ok
16:46:38.0177 0760 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
16:46:38.0177 0760 EFS - ok
16:46:38.0240 0760 [ 3A74A6E33685662B125A3269B1F2114F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:46:38.0255 0760 ehRecvr - ok
16:46:38.0271 0760 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
16:46:38.0271 0760 ehSched - ok
16:46:38.0318 0760 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:46:38.0318 0760 elxstor - ok
16:46:38.0333 0760 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
16:46:38.0333 0760 ErrDev - ok
16:46:38.0380 0760 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
16:46:38.0396 0760 EventSystem - ok
16:46:38.0411 0760 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
16:46:38.0411 0760 exfat - ok
16:46:38.0427 0760 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:46:38.0427 0760 fastfat - ok
16:46:38.0458 0760 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
16:46:38.0489 0760 Fax - ok
16:46:38.0505 0760 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:46:38.0505 0760 fdc - ok
16:46:38.0521 0760 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
16:46:38.0536 0760 fdPHost - ok
16:46:38.0552 0760 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
16:46:38.0552 0760 FDResPub - ok
16:46:38.0567 0760 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:46:38.0567 0760 FileInfo - ok
16:46:38.0583 0760 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:46:38.0583 0760 Filetrace - ok
16:46:38.0599 0760 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:46:38.0599 0760 flpydisk - ok
16:46:38.0630 0760 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:46:38.0630 0760 FltMgr - ok
16:46:38.0677 0760 [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache C:\Windows\system32\FntCache.dll
16:46:38.0692 0760 FontCache - ok
16:46:38.0739 0760 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:46:38.0739 0760 FontCache3.0.0.0 - ok
16:46:38.0755 0760 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:46:38.0770 0760 FsDepends - ok
16:46:38.0801 0760 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:46:38.0801 0760 Fs_Rec - ok
16:46:38.0848 0760 [ 5592F5DBA26282D24D2B080EB438A4D7 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:46:38.0848 0760 fvevol - ok
16:46:38.0879 0760 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:46:38.0879 0760 gagp30kx - ok
16:46:38.0957 0760 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
16:46:38.0973 0760 GamesAppService - ok
16:46:39.0004 0760 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:46:39.0004 0760 GEARAspiWDM - ok
16:46:39.0035 0760 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
16:46:39.0067 0760 gpsvc - ok
16:46:39.0145 0760 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:46:39.0145 0760 gupdate - ok
16:46:39.0176 0760 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:46:39.0176 0760 gupdatem - ok
16:46:39.0207 0760 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:46:39.0207 0760 hcw85cir - ok
16:46:39.0254 0760 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:46:39.0269 0760 HdAudAddService - ok
16:46:39.0332 0760 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:46:39.0332 0760 HDAudBus - ok
16:46:39.0441 0760 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:46:39.0441 0760 HidBatt - ok
16:46:39.0503 0760 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:46:39.0503 0760 HidBth - ok
16:46:39.0503 0760 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:46:39.0503 0760 HidIr - ok
16:46:39.0535 0760 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
16:46:39.0550 0760 hidserv - ok
16:46:39.0566 0760 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:46:39.0566 0760 HidUsb - ok
16:46:39.0581 0760 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:46:39.0581 0760 hkmsvc - ok
16:46:39.0613 0760 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:46:39.0613 0760 HomeGroupListener - ok
16:46:39.0644 0760 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:46:39.0644 0760 HomeGroupProvider - ok
16:46:39.0691 0760 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
16:46:39.0691 0760 HpSAMD - ok
16:46:39.0722 0760 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:46:39.0753 0760 HTTP - ok
16:46:39.0769 0760 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:46:39.0769 0760 hwpolicy - ok
16:46:39.0800 0760 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:46:39.0800 0760 i8042prt - ok
16:46:39.0847 0760 [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
16:46:39.0847 0760 iaStorV - ok
16:46:39.0909 0760 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:46:39.0940 0760 idsvc - ok
16:46:40.0174 0760 [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
16:46:40.0377 0760 igfx - ok
16:46:40.0408 0760 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:46:40.0408 0760 iirsp - ok
16:46:40.0455 0760 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
16:46:40.0486 0760 IKEEXT - ok
16:46:40.0517 0760 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
16:46:40.0517 0760 intelide - ok
16:46:40.0549 0760 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:46:40.0549 0760 intelppm - ok
16:46:40.0564 0760 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:46:40.0564 0760 IPBusEnum - ok
16:46:40.0580 0760 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:46:40.0580 0760 IpFilterDriver - ok
16:46:40.0611 0760 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:46:40.0642 0760 iphlpsvc - ok
16:46:40.0673 0760 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:46:40.0673 0760 IPMIDRV - ok
16:46:40.0689 0760 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:46:40.0689 0760 IPNAT - ok
16:46:40.0736 0760 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:46:40.0767 0760 iPod Service - ok
16:46:40.0798 0760 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:46:40.0798 0760 IRENUM - ok
16:46:40.0798 0760 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
16:46:40.0798 0760 isapnp - ok
16:46:40.0829 0760 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:46:40.0829 0760 iScsiPrt - ok
16:46:40.0861 0760 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:46:40.0861 0760 kbdclass - ok
16:46:40.0876 0760 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:46:40.0876 0760 kbdhid - ok
16:46:40.0892 0760 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
16:46:40.0907 0760 KeyIso - ok
16:46:40.0923 0760 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:46:40.0939 0760 KSecDD - ok
16:46:40.0954 0760 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:46:40.0954 0760 KSecPkg - ok
16:46:40.0985 0760 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
16:46:40.0985 0760 KtmRm - ok
16:46:41.0032 0760 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
16:46:41.0032 0760 LanmanServer - ok
16:46:41.0063 0760 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:46:41.0079 0760 LanmanWorkstation - ok
16:46:41.0110 0760 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:46:41.0110 0760 lltdio - ok
16:46:41.0141 0760 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:46:41.0141 0760 lltdsvc - ok
16:46:41.0157 0760 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
16:46:41.0157 0760 lmhosts - ok
16:46:41.0188 0760 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:46:41.0204 0760 LSI_FC - ok
16:46:41.0219 0760 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:46:41.0219 0760 LSI_SAS - ok
16:46:41.0251 0760 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:46:41.0251 0760 LSI_SAS2 - ok
16:46:41.0266 0760 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:46:41.0266 0760 LSI_SCSI - ok
16:46:41.0282 0760 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
16:46:41.0282 0760 luafv - ok
16:46:41.0344 0760 [ BE074BAD48BE291FE0E8F518B10AF455 ] lxeaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeaserv.exe
16:46:41.0360 0760 lxeaCATSCustConnectService - ok
16:46:41.0375 0760 lxea_device - ok
16:46:41.0391 0760 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:46:41.0407 0760 Mcx2Svc - ok
16:46:41.0469 0760 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
16:46:41.0485 0760 MDM - ok
16:46:41.0516 0760 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:46:41.0516 0760 megasas - ok
16:46:41.0547 0760 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:46:41.0547 0760 MegaSR - ok
16:46:41.0594 0760 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
16:46:41.0609 0760 Microsoft Office Groove Audit Service - ok
16:46:41.0625 0760 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
16:46:41.0641 0760 MMCSS - ok
16:46:41.0656 0760 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
16:46:41.0656 0760 Modem - ok
16:46:41.0672 0760 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:46:41.0687 0760 monitor - ok
16:46:41.0703 0760 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:46:41.0703 0760 mouclass - ok
16:46:41.0719 0760 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:46:41.0719 0760 mouhid - ok
16:46:41.0734 0760 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:46:41.0734 0760 mountmgr - ok
16:46:41.0781 0760 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
16:46:41.0781 0760 MpFilter - ok
16:46:41.0797 0760 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
16:46:41.0797 0760 mpio - ok
16:46:41.0812 0760 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:46:41.0812 0760 mpsdrv - ok
16:46:41.0843 0760 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
16:46:41.0875 0760 MpsSvc - ok
16:46:41.0906 0760 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:46:41.0906 0760 MRxDAV - ok
16:46:41.0953 0760 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:46:41.0953 0760 mrxsmb - ok
16:46:41.0984 0760 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:46:41.0984 0760 mrxsmb10 - ok
16:46:41.0999 0760 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:46:41.0999 0760 mrxsmb20 - ok
16:46:42.0031 0760 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
16:46:42.0031 0760 msahci - ok
16:46:42.0046 0760 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
16:46:42.0046 0760 msdsm - ok
16:46:42.0062 0760 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
16:46:42.0093 0760 MSDTC - ok
16:46:42.0109 0760 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:46:42.0109 0760 Msfs - ok
16:46:42.0124 0760 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:46:42.0124 0760 mshidkmdf - ok
16:46:42.0140 0760 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
16:46:42.0140 0760 msisadrv - ok
16:46:42.0187 0760 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:46:42.0187 0760 MSiSCSI - ok
16:46:42.0187 0760 msiserver - ok
16:46:42.0202 0760 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:46:42.0202 0760 MSKSSRV - ok
16:46:42.0280 0760 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:46:42.0280 0760 MsMpSvc - ok
16:46:42.0296 0760 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:46:42.0296 0760 MSPCLOCK - ok
16:46:42.0327 0760 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:46:42.0327 0760 MSPQM - ok
16:46:42.0343 0760 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:46:42.0343 0760 MsRPC - ok
16:46:42.0374 0760 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:46:42.0374 0760 mssmbios - ok
16:46:42.0374 0760 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:46:42.0389 0760 MSTEE - ok
16:46:42.0405 0760 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:46:42.0421 0760 MTConfig - ok
16:46:42.0436 0760 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
16:46:42.0436 0760 Mup - ok
16:46:42.0467 0760 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
16:46:42.0483 0760 napagent - ok
16:46:42.0514 0760 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:46:42.0514 0760 NativeWifiP - ok
16:46:42.0561 0760 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:46:42.0592 0760 NDIS - ok
16:46:42.0608 0760 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:46:42.0608 0760 NdisCap - ok
16:46:42.0655 0760 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:46:42.0655 0760 NdisTapi - ok
16:46:42.0670 0760 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:46:42.0670 0760 Ndisuio - ok
16:46:42.0686 0760 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:46:42.0686 0760 NdisWan - ok
16:46:42.0701 0760 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:46:42.0701 0760 NDProxy - ok
16:46:42.0701 0760 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:46:42.0717 0760 NetBIOS - ok
16:46:42.0733 0760 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:46:42.0733 0760 NetBT - ok
16:46:42.0748 0760 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
16:46:42.0748 0760 Netlogon - ok
16:46:42.0779 0760 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
16:46:42.0779 0760 Netman - ok
16:46:42.0811 0760 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
16:46:42.0826 0760 netprofm - ok
16:46:42.0842 0760 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:46:42.0857 0760 NetTcpPortSharing - ok
16:46:42.0873 0760 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:46:42.0889 0760 nfrd960 - ok
16:46:42.0904 0760 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:46:42.0920 0760 NisDrv - ok
16:46:42.0951 0760 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
16:46:42.0951 0760 NisSrv - ok
16:46:42.0967 0760 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
16:46:42.0982 0760 NlaSvc - ok
16:46:42.0998 0760 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:46:42.0998 0760 Npfs - ok
16:46:43.0013 0760 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
16:46:43.0013 0760 nsi - ok
16:46:43.0029 0760 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:46:43.0029 0760 nsiproxy - ok
16:46:43.0060 0760 [ 3795DCD21F740EE799FB7223234215AF ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:46:43.0107 0760 Ntfs - ok
16:46:43.0138 0760 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
16:46:43.0138 0760 Null - ok
16:46:43.0169 0760 [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
16:46:43.0169 0760 nvraid - ok
16:46:43.0185 0760 [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
16:46:43.0201 0760 nvstor - ok
16:46:43.0216 0760 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
16:46:43.0216 0760 nv_agp - ok
16:46:43.0263 0760 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:46:43.0294 0760 odserv - ok
16:46:43.0325 0760 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
16:46:43.0325 0760 ohci1394 - ok
16:46:43.0357 0760 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:46:43.0357 0760 ose - ok
16:46:43.0403 0760 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:46:43.0403 0760 p2pimsvc - ok
16:46:43.0419 0760 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
16:46:43.0435 0760 p2psvc - ok
16:46:43.0450 0760 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:46:43.0450 0760 Parport - ok
16:46:43.0497 0760 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:46:43.0497 0760 partmgr - ok
16:46:43.0513 0760 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
16:46:43.0513 0760 Parvdm - ok
16:46:43.0528 0760 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:46:43.0544 0760 PcaSvc - ok
16:46:43.0559 0760 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
16:46:43.0559 0760 pci - ok
16:46:43.0591 0760 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
16:46:43.0591 0760 pciide - ok
16:46:43.0606 0760 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:46:43.0606 0760 pcmcia - ok
16:46:43.0637 0760 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
16:46:43.0637 0760 pcw - ok
16:46:43.0669 0760 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:46:43.0700 0760 PEAUTH - ok
16:46:43.0747 0760 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:46:43.0793 0760 PeerDistSvc - ok
16:46:43.0856 0760 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
16:46:43.0918 0760 pla - ok
16:46:43.0981 0760 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:46:43.0981 0760 PlugPlay - ok
16:46:43.0996 0760 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:46:43.0996 0760 PNRPAutoReg - ok
16:46:44.0012 0760 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:46:44.0027 0760 PNRPsvc - ok
16:46:44.0059 0760 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:46:44.0059 0760 PolicyAgent - ok
16:46:44.0090 0760 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
16:46:44.0105 0760 Power - ok
16:46:44.0137 0760 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:46:44.0137 0760 PptpMiniport - ok
16:46:44.0152 0760 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:46:44.0152 0760 Processor - ok
16:46:44.0183 0760 [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc C:\Windows\system32\profsvc.dll
16:46:44.0199 0760 ProfSvc - ok
16:46:44.0215 0760 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:46:44.0215 0760 ProtectedStorage - ok
16:46:44.0230 0760 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:46:44.0246 0760 Psched - ok
16:46:44.0293 0760 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:46:44.0324 0760 ql2300 - ok
16:46:44.0355 0760 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:46:44.0355 0760 ql40xx - ok
16:46:44.0371 0760 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
16:46:44.0371 0760 QWAVE - ok
16:46:44.0402 0760 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:46:44.0402 0760 QWAVEdrv - ok
16:46:44.0402 0760 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:46:44.0402 0760 RasAcd - ok
16:46:44.0433 0760 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:46:44.0433 0760 RasAgileVpn - ok
16:46:44.0449 0760 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
16:46:44.0449 0760 RasAuto - ok
16:46:44.0480 0760 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:46:44.0480 0760 Rasl2tp - ok
16:46:44.0573 0760 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
16:46:44.0573 0760 RasMan - ok
16:46:44.0589 0760 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:46:44.0605 0760 RasPppoe - ok
16:46:44.0620 0760 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:46:44.0620 0760 RasSstp - ok
16:46:44.0636 0760 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:46:44.0636 0760 rdbss - ok
16:46:44.0651 0760 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:46:44.0651 0760 rdpbus - ok
16:46:44.0667 0760 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:46:44.0667 0760 RDPCDD - ok
16:46:44.0683 0760 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:46:44.0698 0760 RDPDR - ok
16:46:44.0714 0760 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:46:44.0714 0760 RDPENCDD - ok
16:46:44.0745 0760 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:46:44.0745 0760 RDPREFMP - ok
16:46:44.0792 0760 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:46:44.0792 0760 RDPWD - ok
16:46:44.0807 0760 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:46:44.0823 0760 rdyboost - ok
16:46:44.0839 0760 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
16:46:44.0854 0760 RemoteAccess - ok
16:46:44.0885 0760 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:46:44.0885 0760 RemoteRegistry - ok
16:46:44.0901 0760 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:46:44.0917 0760 RpcEptMapper - ok
16:46:44.0932 0760 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
16:46:44.0932 0760 RpcLocator - ok
16:46:44.0963 0760 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
16:46:44.0963 0760 RpcSs - ok
16:46:44.0979 0760 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:46:44.0979 0760 rspndr - ok
16:46:45.0026 0760 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
16:46:45.0026 0760 RTL8167 - ok
16:46:45.0057 0760 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
16:46:45.0057 0760 s3cap - ok
16:46:45.0073 0760 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
16:46:45.0073 0760 SamSs - ok
16:46:45.0104 0760 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
16:46:45.0104 0760 sbp2port - ok
16:46:45.0119 0760 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:46:45.0135 0760 SCardSvr - ok
16:46:45.0151 0760 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:46:45.0151 0760 scfilter - ok
16:46:45.0197 0760 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
16:46:45.0229 0760 Schedule - ok
16:46:45.0244 0760 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:46:45.0244 0760 SCPolicySvc - ok
16:46:45.0260 0760 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:46:45.0275 0760 SDRSVC - ok
16:46:45.0307 0760 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:46:45.0307 0760 secdrv - ok
16:46:45.0322 0760 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
16:46:45.0322 0760 seclogon - ok
16:46:45.0353 0760 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
16:46:45.0353 0760 SENS - ok
16:46:45.0400 0760 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:46:45.0400 0760 SensrSvc - ok
16:46:45.0416 0760 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:46:45.0416 0760 Serenum - ok
16:46:45.0431 0760 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:46:45.0431 0760 Serial - ok
16:46:45.0447 0760 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:46:45.0447 0760 sermouse - ok
16:46:45.0463 0760 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
16:46:45.0463 0760 SessionEnv - ok
16:46:45.0478 0760 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
16:46:45.0478 0760 sffdisk - ok
16:46:45.0494 0760 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:46:45.0494 0760 sffp_mmc - ok
16:46:45.0509 0760 [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
16:46:45.0509 0760 sffp_sd - ok
16:46:45.0541 0760 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:46:45.0541 0760 sfloppy - ok
16:46:45.0572 0760 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:46:45.0572 0760 SharedAccess - ok
16:46:45.0603 0760 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:46:45.0619 0760 ShellHWDetection - ok
16:46:45.0634 0760 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
16:46:45.0650 0760 sisagp - ok
16:46:45.0665 0760 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:46:45.0665 0760 SiSRaid2 - ok
16:46:45.0681 0760 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:46:45.0681 0760 SiSRaid4 - ok
16:46:45.0743 0760 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:46:45.0743 0760 SkypeUpdate - ok
16:46:45.0775 0760 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:46:45.0775 0760 Smb - ok
16:46:45.0806 0760 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:46:45.0806 0760 SNMPTRAP - ok
16:46:45.0821 0760 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
16:46:45.0821 0760 spldr - ok
16:46:45.0868 0760 [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler C:\Windows\System32\spoolsv.exe
16:46:45.0868 0760 Spooler - ok
16:46:45.0946 0760 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
16:46:46.0040 0760 sppsvc - ok
16:46:46.0071 0760 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:46:46.0087 0760 sppuinotify - ok
16:46:46.0118 0760 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:46:46.0118 0760 srv - ok
16:46:46.0149 0760 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:46:46.0149 0760 srv2 - ok
16:46:46.0180 0760 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
16:46:46.0180 0760 SrvHsfHDA - ok
16:46:46.0211 0760 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
16:46:46.0243 0760 SrvHsfV92 - ok
16:46:46.0289 0760 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
16:46:46.0321 0760 SrvHsfWinac - ok
16:46:46.0367 0760 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:46:46.0367 0760 srvnet - ok
16:46:46.0383 0760 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:46:46.0399 0760 SSDPSRV - ok
16:46:46.0414 0760 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:46:46.0414 0760 SstpSvc - ok
16:46:46.0445 0760 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:46:46.0445 0760 stexstor - ok
16:46:46.0477 0760 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
16:46:46.0508 0760 StiSvc - ok
16:46:46.0539 0760 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
16:46:46.0539 0760 storflt - ok
16:46:46.0555 0760 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
16:46:46.0555 0760 storvsc - ok
16:46:46.0586 0760 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:46:46.0586 0760 swenum - ok
16:46:46.0601 0760 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
16:46:46.0601 0760 swprv - ok
16:46:46.0648 0760 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
16:46:46.0695 0760 SysMain - ok
16:46:46.0711 0760 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:46:46.0711 0760 TabletInputService - ok
16:46:46.0757 0760 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
16:46:46.0757 0760 TapiSrv - ok
16:46:46.0773 0760 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
16:46:46.0773 0760 TBS - ok
16:46:46.0835 0760 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:46:46.0882 0760 Tcpip - ok
16:46:46.0929 0760 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:46:46.0929 0760 TCPIP6 - ok
16:46:46.0960 0760 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:46:46.0960 0760 tcpipreg - ok
16:46:46.0991 0760 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:46:46.0991 0760 TDPIPE - ok
16:46:47.0023 0760 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:46:47.0023 0760 TDTCP - ok
16:46:47.0038 0760 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:46:47.0038 0760 tdx - ok
16:46:47.0054 0760 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:46:47.0054 0760 TermDD - ok
16:46:47.0085 0760 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
16:46:47.0132 0760 TermService - ok
16:46:47.0147 0760 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
16:46:47.0147 0760 Themes - ok
16:46:47.0163 0760 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
16:46:47.0163 0760 THREADORDER - ok
16:46:47.0179 0760 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
16:46:47.0194 0760 TrkWks - ok
16:46:47.0241 0760 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:46:47.0241 0760 TrustedInstaller - ok
16:46:47.0257 0760 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:46:47.0257 0760 tssecsrv - ok
16:46:47.0319 0760 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:46:47.0319 0760 tunnel - ok
16:46:47.0319 0760 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:46:47.0335 0760 uagp35 - ok
16:46:47.0350 0760 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:46:47.0350 0760 udfs - ok
16:46:47.0397 0760 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:46:47.0397 0760 UI0Detect - ok
16:46:47.0428 0760 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
16:46:47.0428 0760 uliagpkx - ok
16:46:47.0459 0760 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:46:47.0459 0760 umbus - ok
16:46:47.0459 0760 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:46:47.0459 0760 UmPass - ok
16:46:47.0506 0760 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
16:46:47.0506 0760 UmRdpService - ok
16:46:47.0522 0760 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
16:46:47.0537 0760 upnphost - ok
16:46:47.0569 0760 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
16:46:47.0569 0760 USBAAPL - ok
16:46:47.0584 0760 [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:46:47.0600 0760 usbccgp - ok
16:46:47.0615 0760 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
16:46:47.0615 0760 usbcir - ok
16:46:47.0631 0760 [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:46:47.0631 0760 usbehci - ok
16:46:47.0662 0760 [ EE6EF93CCFA94FAE8C6AB298273D8AE2 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:46:47.0678 0760 usbhub - ok
16:46:47.0678 0760 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:46:47.0693 0760 usbohci - ok
16:46:47.0709 0760 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:46:47.0709 0760 usbprint - ok
16:46:47.0740 0760 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:46:47.0740 0760 usbscan - ok
16:46:47.0756 0760 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:46:47.0756 0760 USBSTOR - ok
16:46:47.0771 0760 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:46:47.0771 0760 usbuhci - ok
16:46:47.0803 0760 [ F642A7E4BF78CFA359CCA0A3557C28D7 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:46:47.0803 0760 usbvideo - ok
16:46:47.0818 0760 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
16:46:47.0818 0760 UxSms - ok
16:46:47.0834 0760 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
16:46:47.0834 0760 VaultSvc - ok
16:46:47.0865 0760 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
16:46:47.0865 0760 vdrvroot - ok
16:46:47.0896 0760 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
16:46:47.0927 0760 vds - ok
16:46:47.0959 0760 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:46:47.0959 0760 vga - ok
16:46:47.0974 0760 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:46:47.0974 0760 VgaSave - ok
16:46:47.0990 0760 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
16:46:48.0005 0760 vhdmp - ok
16:46:48.0021 0760 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
16:46:48.0021 0760 viaagp - ok
16:46:48.0037 0760 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
16:46:48.0037 0760 ViaC7 - ok
16:46:48.0052 0760 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
16:46:48.0052 0760 viaide - ok
16:46:48.0083 0760 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
16:46:48.0083 0760 vmbus - ok
16:46:48.0099 0760 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
16:46:48.0115 0760 VMBusHID - ok
16:46:48.0130 0760 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
16:46:48.0130 0760 volmgr - ok
16:46:48.0146 0760 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:46:48.0146 0760 volmgrx - ok
16:46:48.0193 0760 [ 59F06B4968E58BC83DFC56CA4517960E ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:46:48.0208 0760 volsnap - ok
16:46:48.0224 0760 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:46:48.0224 0760 vsmraid - ok
16:46:48.0271 0760 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
16:46:48.0317 0760 VSS - ok
16:46:48.0333 0760 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:46:48.0349 0760 vwifibus - ok
16:46:48.0364 0760 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:46:48.0364 0760 vwififlt - ok
16:46:48.0380 0760 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:46:48.0380 0760 vwifimp - ok
16:46:48.0395 0760 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
16:46:48.0395 0760 W32Time - ok
16:46:48.0442 0760 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:46:48.0442 0760 WacomPen - ok
16:46:48.0473 0760 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:46:48.0473 0760 WANARP - ok
16:46:48.0473 0760 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:46:48.0473 0760 Wanarpv6 - ok
16:46:48.0583 0760 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:46:48.0629 0760 WatAdminSvc - ok
16:46:48.0692 0760 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
16:46:48.0723 0760 wbengine - ok
16:46:48.0739 0760 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:46:48.0739 0760 WbioSrvc - ok
16:46:48.0770 0760 [ D0F88AA11EE1A62BCC6D6A8A7783CA11 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:46:48.0785 0760 wcncsvc - ok
16:46:48.0801 0760 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:46:48.0801 0760 WcsPlugInService - ok
16:46:48.0832 0760 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:46:48.0832 0760 Wd - ok
16:46:48.0848 0760 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:46:48.0895 0760 Wdf01000 - ok
16:46:48.0910 0760 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:46:48.0910 0760 WdiServiceHost - ok
16:46:48.0910 0760 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:46:48.0926 0760 WdiSystemHost - ok
16:46:48.0941 0760 [ D87C7D2C517F82A5AB7A73E203063D9E ] WebClient C:\Windows\System32\webclnt.dll
16:46:48.0941 0760 WebClient - ok
16:46:48.0957 0760 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:46:48.0973 0760 Wecsvc - ok
16:46:48.0988 0760 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:46:48.0988 0760 wercplsupport - ok
16:46:49.0019 0760 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
16:46:49.0019 0760 WerSvc - ok
16:46:49.0051 0760 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:46:49.0051 0760 WfpLwf - ok
16:46:49.0066 0760 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:46:49.0066 0760 WIMMount - ok
16:46:49.0129 0760 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:46:49.0160 0760 WinDefend - ok
16:46:49.0191 0760 WinHttpAutoProxySvc - ok
16:46:49.0222 0760 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:46:49.0238 0760 Winmgmt - ok
16:46:49.0285 0760 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
16:46:49.0331 0760 WinRM - ok
16:46:49.0394 0760 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:46:49.0394 0760 WinUsb - ok
16:46:49.0425 0760 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:46:49.0472 0760 Wlansvc - ok
16:46:49.0487 0760 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:46:49.0487 0760 WmiAcpi - ok
16:46:49.0519 0760 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:46:49.0534 0760 wmiApSrv - ok
16:46:49.0690 0760 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:46:49.0768 0760 WMPNetworkSvc - ok
16:46:49.0877 0760 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:46:49.0877 0760 WPCSvc - ok
16:46:49.0893 0760 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:46:49.0909 0760 WPDBusEnum - ok
16:46:49.0924 0760 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:46:49.0924 0760 ws2ifsl - ok
16:46:49.0940 0760 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
16:46:49.0955 0760 wscsvc - ok
16:46:49.0955 0760 WSearch - ok
16:46:50.0033 0760 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
16:46:50.0080 0760 wuauserv - ok
16:46:50.0111 0760 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:46:50.0111 0760 WudfPf - ok
16:46:50.0127 0760 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:46:50.0127 0760 WUDFRd - ok
16:46:50.0158 0760 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:46:50.0158 0760 wudfsvc - ok
16:46:50.0174 0760 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:46:50.0174 0760 WwanSvc - ok
16:46:50.0205 0760 ================ Scan global ===============================
16:46:50.0236 0760 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
16:46:50.0267 0760 [ A9E43C040F405DB689FC29534EF0389B ] C:\Windows\system32\winsrv.dll
16:46:50.0283 0760 [ A9E43C040F405DB689FC29534EF0389B ] C:\Windows\system32\winsrv.dll
16:46:50.0299 0760 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
16:46:50.0314 0760 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
16:46:50.0330 0760 [Global] - ok
16:46:50.0330 0760 ================ Scan MBR ==================================
16:46:50.0330 0760 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:46:50.0720 0760 \Device\Harddisk0\DR0 - ok
16:46:50.0720 0760 ================ Scan VBR ==================================
16:46:50.0720 0760 [ 86C90C2207D6CE3DC54DFE0CBDEBBDA4 ] \Device\Harddisk0\DR0\Partition1
16:46:50.0720 0760 \Device\Harddisk0\DR0\Partition1 - ok
16:46:50.0751 0760 [ 6199E8029FFD6C65F3A618C7B42A18E3 ] \Device\Harddisk0\DR0\Partition2
16:46:50.0751 0760 \Device\Harddisk0\DR0\Partition2 - ok
16:46:50.0767 0760 ============================================================
16:46:50.0767 0760 Scan finished
16:46:50.0767 0760 ============================================================
16:46:50.0767 1068 Detected object count: 0
16:46:50.0767 1068 Actual detected object count: 0
16:49:24.0552 0448 Deinitialize success

MiniToolBox by Farbar Version:10-01-2013
Ran by Nick (administrator) on 01-02-2013 at 21:52:11
Running from "C:\Users\Nick\Desktop"
Windows 7 Ultimate (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR5007 802.11b/g WiFi Adapter = Wireless Network Connection (Connected)
Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Nick-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 06-24-2B-B6-29-95
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5007 802.11b/g WiFi Adapter
Physical Address. . . . . . . . . : 00-24-2B-B6-29-95
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::15e:1608:ce41:2010%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, February 01, 2013 7:04:37 PM
Lease Expires . . . . . . . . . . : Saturday, February 02, 2013 9:49:53 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 218113067
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-9D-00-EE-00-1F-16-75-13-1E
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : tctwest.net
Description . . . . . . . . . . . : Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 00-1F-16-75-13-1E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:30c7:3375:ba6f:1b1b(Preferred)
Link-local IPv6 Address . . . . . : fe80::30c7:3375:ba6f:1b1b%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.tctwest.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {8C562BD1-B0D5-41C3-AB08-5A14DB597958}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{72ED516D-FEAF-48C6-94CF-8EE91D09C638}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Ping request could not find host google.com. Please check the name and try again.
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=69ms TTL=48
Reply from 98.138.253.109: bytes=32 time=103ms TTL=48

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 69ms, Maximum = 103ms, Average = 86ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...06 24 2b b6 29 95 ......Microsoft Virtual WiFi Miniport Adapter
12...00 24 2b b6 29 95 ......Atheros AR5007 802.11b/g WiFi Adapter
11...00 1f 16 75 13 1e ......Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
36...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
37...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 281
192.168.1.101 255.255.255.255 On-link 192.168.1.101 281
192.168.1.255 255.255.255.255 On-link 192.168.1.101 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:30c7:3375:ba6f:1b1b/128
On-link
12 281 fe80::/64 On-link
13 306 fe80::/64 On-link
12 281 fe80::15e:1608:ce41:2010/128
On-link
13 306 fe80::30c7:3375:ba6f:1b1b/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/01/2013 09:49:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3418185

Error: (02/01/2013 09:49:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3418185

Error: (02/01/2013 09:49:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/01/2013 08:52:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2372

Error: (02/01/2013 08:52:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2372

Error: (02/01/2013 08:52:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/01/2013 08:52:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1233

Error: (02/01/2013 08:52:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1233

Error: (02/01/2013 08:52:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/01/2013 07:14:40 PM) (Source: Microsoft-Windows-RestartManager) (User: Nick-PC)
Description: Application or service 'Apple Mobile Device' could not be restarted.


System errors:
=============
Error: (02/01/2013 07:14:40 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service failed to start due to the following error:
%%1053

Error: (02/01/2013 07:14:40 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.

Error: (02/01/2013 06:59:43 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/01/2013 06:59:43 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/01/2013 06:59:43 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/01/2013 06:59:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/01/2013 06:59:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/01/2013 06:59:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/01/2013 06:57:43 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/01/2013 06:57:43 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-02-01 07:57:38.526
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-01 07:48:03.767
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-01 07:43:10.076
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-31 23:50:13.646
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-31 23:16:34.487
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-31 23:03:03.975
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-31 00:04:58.543
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 23:13:03.927
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 23:07:15.235
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 13:11:00.800
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Reader 8.1.0 (Version: 8.1.0)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
Brownstone Equation Editor 5 (Version: 5.2)
Chronicles of Albian (Version: 2.2.0.95)
Comprehensive Review for NCLEX-PN, 2e
ESET Online Scanner v3
Google Chrome (Version: 24.0.1312.57)
Google Update Helper (Version: 1.3.21.123)
HP Games (Version: 1.0.2.5)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
Lexmark Printable Web (Version: 1.0.0.0)
Lexmark S300-S400 Series
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NCLEX-RN Strategy Practice Exam
NCLEX Tutorial (Version: 2.11.8.94)
QuickTime (Version: 7.66.73.0)
Revo Uninstaller 1.94 (Version: 1.94)
Saunders Q and A Review for PN
Saxton Review Questions 6e
Skype™ 5.10 (Version: 5.10.116)
Tutor
Unity Web Player (Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update Installer for WildTangent Games App
WildTangent Games App (HP Games) (Version: 4.0.5.21)
Wizard101 (Version: 1.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 61%
Total physical RAM: 3003.2 MB
Available physical RAM: 1164.3 MB
Total Pagefile: 6004.67 MB
Available Pagefile: 4038.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 1936.55 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:287.21 GB) (Free:245.78 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10.88 GB) (Free:1.82 GB) NTFS

========================= Users: ========================================

User accounts for \\NICK-PC

Administrator Guest Nick

========================= Restore Points ==================================

09-01-2013 23:16:20 Windows Update
10-01-2013 04:21:23 Windows Update
13-01-2013 15:52:08 Windows Update
17-01-2013 22:36:35 Windows Update
21-01-2013 21:45:46 Windows Update
27-01-2013 15:06:15 Windows Update
02-02-2013 00:37:27 Windows Update
02-02-2013 01:07:12 Revo Uninstaller's restore point - Advanced SystemCare 6
02-02-2013 01:13:22 Revo Uninstaller's restore point - Apple Application Support
02-02-2013 01:27:00 Revo Uninstaller's restore point - Microsoft Security Essentials
02-02-2013 01:32:01 Revo Uninstaller's restore point - Skype Toolbars

**** End of log ****


Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.01.03

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Nick :: NICK-PC [administrator]

2/1/2013 7:37:50 PM
mbam-log-2013-02-01 (19-37-50).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 407390
Time elapsed: 1 hour(s), 13 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Farbar Service Scanner Version: 30-01-2013
Ran by Nick (administrator) on 01-02-2013 at 21:56:55
Running from "C:\Users\Nick\Desktop"
Windows 7 Ultimate (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-05-10 15:48] - [2012-03-30 04:29] - 1287024 ____A (Microsoft Corporation) 55E9965552741F3850CB22CBBA9671ED

C:\Windows\system32\dnsrslvr.dll
[2011-04-14 17:28] - [2011-03-02 23:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\Windows\system32\mpssvc.dll
[2009-07-13 17:53] - [2009-07-13 19:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\Windows\system32\bfe.dll
[2009-07-13 17:54] - [2009-07-13 19:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll
[2009-07-13 17:23] - [2009-07-13 19:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\Windows\system32\vssvc.exe
[2009-07-13 17:24] - [2009-07-13 19:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll
[2009-07-13 17:30] - [2009-07-13 19:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-10-09 16:08] - [2012-06-01 22:45] - 0139264 ____A (Microsoft Corporation) F2FDE6C8DBAAD44CC58D1E07E4AF4EED

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll
[2009-07-13 17:54] - [2009-07-13 19:15] - 0497152 ____A (Microsoft Corporation) 477397B432A256A50EE7E4339EB9EA14

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

# AdwCleaner v2.109 - Logfile created 02/01/2013 at 21:59:06
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Ultimate (32 bits)
# User : Nick - NICK-PC
# Boot Mode : Normal
# Running from : C:\Users\Nick\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1781 octets] - [01/02/2013 21:59:06]

########## EOF - C:\AdwCleaner[S1].txt - [1841 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.5.8 (01.31.2013:1)
OS: Windows 7 Ultimate x86
Ran by Nick on Fri 02/01/2013 at 22:06:02.97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

Val Name Type Value Data
======== ==== ==========
GrooveHTML REG_SZ rundll32.exe "C:\Users\Nick\AppData\Local\Groove HTML Table Layout Control Info\fxMainEnum.dll",CvtmapVdm olecfgCres
MediaChance REG_SZ rundll32.exe C:\Users\Nick\AppData\Local\MediaChance\ypnsnkjp.dll,VisioLibMain




~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{443789b7-f39c-4b5c-9287-da72d38f4fe6}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{443789b7-f39c-4b5c-9287-da72d38f4fe6}
Failed to delete: [Registry Key] "hkey_local_machine\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\scheduled update for ask toolbar"



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 02/01/2013 at 22:08:36.44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/01/2013 10:26:48 PM in x86 mode.
Windows Version: Windows 7 Ultimate

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 02/01/2013 10:26:58 PM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 8.0\reader\reader_sl.exe"
+ "EzPrint" "" "" "c:\program files\lexmark s300-s400 series\ezprint.exe"
+ "GrooveMonitor" "GrooveMonitor Utility" "Microsoft Corporation" "c:\program files\microsoft office\office12\groovemonitor.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "lxeamon.exe" "Printer Device Monitor" "" "c:\program files\lexmark s300-s400 series\lxeamon.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
"C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OneNote 2007 Screen Clipper and Launcher.lnk" "Microsoft Office OneNote Quick Launcher" "Microsoft Corporation" "c:\program files\microsoft office\office12\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files\google\chrome\application\24.0.1312.57\installer\chrmstp.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "GrooveHTML" "" "" "c:\users\nick\appdata\local\groove html table layout control info\fxmainenum.dll"
+ "MediaChance" "" "" "c:\users\nick\appdata\local\mediachance\ypnsnkjp.dll"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "grooveLocalGWS" "GrooveSystemServices Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\groovesystemservices.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "" "" "File not found: C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "" "" "File not found: C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "" "" "File not found: C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "" "" "File not found: C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "" "" "File not found: C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "" "" "File not found: C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "" "" "File not found: C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "" "" "File not found: C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "" "" "File not found: C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "" "" "File not found: C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "" "" "File not found: C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Reader Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Defender\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files\Ask.com\UpdateTask.exe"
+ "\{7FE84FD3-CACD-422C-98A8-D7031E272FBF}" "Skype " "Skype Technologies S.A." "c:\program files\skype\phone\skype.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files\wildtangent games\app\gamesappservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "lxea_device" "Printer Communication System" " " "c:\windows\system32\lxeacoms.exe"
+ "lxeaCATSCustConnectService" "Lexmark Connect Service Executable" "Lexmark International, Inc." "c:\windows\system32\spool\drivers\w32x86\3\lxeaserv.exe"
+ "MDM" "Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly." "Microsoft Corporation" "c:\program files\common files\microsoft shared\vs7debug\mdm.exe"
+ "Microsoft Office Groove Audit Service" "Groove Audit Service" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveauditservice.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files\skype\updater\updater.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athr.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver " "Realtek Corporation " "c:\windows\system32\drivers\rt86win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SrvHsfHDA" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl3.sys"
+ "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv3.sys"
+ "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt3.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKCU\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Pearson Decryption Source Filter" "DecryptionSourceFilter" "Pearson VUE" "c:\users\nick\appdata\local\pearson vue common\decryptionsourcefilter-2.0.5.ax"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Epson Inbox Language Monitor01" "Epson Printer Driver" "SEIKO EPSON CORPORATION" "c:\windows\system32\ep0slm01.dll"
+ "S300-S400 Series Port" "Printer Communication System" " " "c:\windows\system32\lxealmpm.dll"

Here are all the scan logs as you requested.

The machine is running much better now. Everything is in place, and available for use. I have not reinstalled any antivirus on the machine. I would like to install MSE and Avast, and Advanced System Care and run a scan with each when you tell me it is okay.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:17 PM

Posted 02 February 2013 - 09:12 AM

Launch Autoruns and uncheck these entries

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "GrooveHTML" "" "" "c:\users\nick\appdata\local\groove html table layout control info\fxmainenum.dll"
+ "MediaChance" "" "" "c:\users\nick\appdata\local\mediachance\ypnsnkjp.dll"

Restart the PC and delete both the files

c:\users\nick\appdata\local\groove html table layout control info\fxmainenum.dll
c:\users\nick\appdata\local\mediachance\ypnsnkjp.dll


Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#10 destry.stevens

destry.stevens
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 PM

Posted 02 February 2013 - 03:15 PM

when I am finished which programs due I need to uninstall from the machine?(from the list you had me install and utilize)

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:17 PM

Posted 02 February 2013 - 03:28 PM

Remove all of them except for malwarebytes

#12 destry.stevens

destry.stevens
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 PM

Posted 02 February 2013 - 03:36 PM

Thank you very much for assistance.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:17 PM

Posted 02 February 2013 - 03:45 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users