Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google search results links redirected to various other sites


  • Please log in to reply
8 replies to this topic

#1 mphelps06

mphelps06

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 15 May 2013 - 12:01 AM

Hi All,

 

I'm new to bleeping computer, and appreciative of any help. I freaking hate malware- I'm going to get educated and join the fight. But in the meantime:

 

*Suddenly today, Google search result links are redirected to various sites when clicked- yellowbook.com, yellomoxie.com, and searchmoxie.com were a few I wrote down. On other non-Google websites, there are now pop-ups.

 

*I have Windows Vista, AVG Free, and IE9

 

*What can I do?

 

*If I "rescue" my files by moving them to another computer, will I infect that computer?

 

*Apparently this thing got passed AVG. What antivirus/antimalware software should I be using?

 

Thanks again.

 

 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:01 PM

Posted 15 May 2013 - 09:46 AM

Welcome.  If you decide to reformat or do a factory restore due to malware infection, you can back up all your important documents, personal data files, photos to a CD or DVD drive, not a flash drive or external hard drive as they may become compromised in the process. The safest practice is not to backup any executable files (*.exe), screensavers (*.scr), autorun (.ini) or script files (.php, .asp, .htm, .html, .xml ) files because they may be infected by malware. Avoid backing up compressed files (.zip, .cab, .rar) that have executables inside them as some types of malware can penetrate compressed files and infect the .exe files within them. Other types of malware may even disguise itself by hiding a file extension or adding to the existing extension as shown here (click Figure 1 to enlarge) so be sure you look closely at the full file name. If you cannot see the file extension, you may need to reconfigure Windows to show file name extensions. Then make sure you scan the backed up data with your anti-virus prior to to copying it back to your hard drive.

If your CD/DVD drive is unusable, another word of caution if you are considering backing up to an external usb hard drive as your only alternative. External drives are more susceptible to infection and can become compromised in the process of backing up data. I'm not saying you should not try using such devices but I want to make you aware of all your options and associated risks so you can make an informed decision if its worth that risk.

Again, do not back up any files with the following file extensions: exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.

If you need additional assistance with reformatting or partitioning, you can start a new topic in the appropriate Windows Operating System Subforum.

 

 

 

lets run these and see how it is after.

 

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

 

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

 

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

>>>>>

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.

 

 

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

NOTE:Sometimes if ESET finds no infections it will not create a log.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 mphelps06

mphelps06
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 15 May 2013 - 12:50 PM

MiniToolBox by Farbar  Version:21-04-2013
Ran by sam (administrator) on 15-05-2013 at 12:47:07
Running from "C:\Users\sam\Desktop"
Windows Vista ™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1             localhost

127.0.0.1       localhost

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : sam-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
   Physical Address. . . . . . . . . : 00-25-64-57-A9-96
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
   Physical Address. . . . . . . . . : 00-22-5F-FF-AC-67
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c9a:a129:e1f:ba9d%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.0.67(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, May 14, 2013 11:45:29 PM
   Lease Expires . . . . . . . . . . : Thursday, May 16, 2013 12:42:30 PM
   Default Gateway . . . . . . . . . : 10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 218112607
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-C3-01-C0-00-22-5F-FF-AC-67
   DNS Servers . . . . . . . . . . . : 10.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{A2F2E451-BA36-4511-85F0-3922E399A933}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:28f3:23e3:f5ff:ffbc(Preferred)
   Link-local IPv6 Address . . . . . : fe80::28f3:23e3:f5ff:ffbc%11(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{A6C94A75-88C9-4B3F-85D6-DE663811F0B9}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  10.0.0.1

Name:    google.com
Addresses:  2607:f8b0:400f:801::1008
   74.125.225.200
   74.125.225.192
   74.125.225.195
   74.125.225.197
   74.125.225.206
   74.125.225.196
   74.125.225.194
   74.125.225.198
   74.125.225.193
   74.125.225.199
   74.125.225.201

 

Pinging google.com [74.125.225.194] with 32 bytes of data:

Reply from 74.125.225.194: bytes=32 time=62ms TTL=48

Reply from 74.125.225.194: bytes=32 time=62ms TTL=48

 

Ping statistics for 74.125.225.194:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 62ms, Maximum = 62ms, Average = 62ms

Server:  UnKnown
Address:  10.0.0.1

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=461ms TTL=49

Reply from 98.139.183.24: bytes=32 time=473ms TTL=49

 

Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 461ms, Maximum = 473ms, Average = 467ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 12 ...00 25 64 57 a9 96 ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
 10 ...00 22 5f ff ac 67 ...... Dell Wireless 1397 WLAN Mini-Card
  1 ........................... Software Loopback Interface 1
 14 ...00 00 00 00 00 00 00 e0  isatap.{A2F2E451-BA36-4511-85F0-3922E399A933}
 11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 13 ...00 00 00 00 00 00 00 e0  isatap.{A6C94A75-88C9-4B3F-85D6-DE663811F0B9}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.67     25
         10.0.0.0    255.255.255.0         On-link         10.0.0.67    281
        10.0.0.67  255.255.255.255         On-link         10.0.0.67    281
       10.0.0.255  255.255.255.255         On-link         10.0.0.67    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.0.67    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.0.67    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 11     18 2001::/32                On-link
 11    266 2001:0:9d38:953c:28f3:23e3:f5ff:ffbc/128
                                    On-link
 10    281 fe80::/64                On-link
 11    266 fe80::/64                On-link
 10    281 fe80::c9a:a129:e1f:ba9d/128
                                    On-link
 11    266 fe80::28f3:23e3:f5ff:ffbc/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/15/2013 00:40:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46139496

Error: (05/15/2013 00:40:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 46139496

Error: (05/15/2013 00:40:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/15/2013 00:40:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46119761

Error: (05/15/2013 00:40:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 46119761

Error: (05/15/2013 00:40:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/15/2013 00:40:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46118513

Error: (05/15/2013 00:40:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 46118513

Error: (05/15/2013 00:40:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/15/2013 00:40:25 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46117499

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (08/30/2011 11:11:07 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28182 seconds with 60 seconds of active time.  This session ended with a crash.

CodeIntegrity Errors:
===================================
  Date: 2013-05-14 09:51:43.725
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:51:43.388
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:51:43.059
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:51:42.705
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:51:38.410
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:51:37.960
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:51:37.590
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:51:37.250
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:50:46.214
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:50:45.852
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

========================= Memory info: ===================================

Percentage of memory in use: 68%
Total physical RAM: 2007.63 MB
Available physical RAM: 623.32 MB
Total Pagefile: 4268.55 MB
Available Pagefile: 2597.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1951 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:134.36 GB) (Free:59.57 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:14.55 GB) NTFS

========================= Users: ========================================

User accounts for \\SAM-PC

Administrator            Guest                    sam                     

**** End of log ****

MiniToolBox by Farbar  Version:21-04-2013
Ran by sam (administrator) on 15-05-2013 at 12:47:07
Running from "C:\Users\sam\Desktop"
Windows Vista ™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1             localhost

127.0.0.1       localhost

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : sam-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
   Physical Address. . . . . . . . . : 00-25-64-57-A9-96
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
   Physical Address. . . . . . . . . : 00-22-5F-FF-AC-67
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c9a:a129:e1f:ba9d%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.0.67(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, May 14, 2013 11:45:29 PM
   Lease Expires . . . . . . . . . . : Thursday, May 16, 2013 12:42:30 PM
   Default Gateway . . . . . . . . . : 10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 218112607
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-C3-01-C0-00-22-5F-FF-AC-67
   DNS Servers . . . . . . . . . . . : 10.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{A2F2E451-BA36-4511-85F0-3922E399A933}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:28f3:23e3:f5ff:ffbc(Preferred)
   Link-local IPv6 Address . . . . . : fe80::28f3:23e3:f5ff:ffbc%11(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{A6C94A75-88C9-4B3F-85D6-DE663811F0B9}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  10.0.0.1

Name:    google.com
Addresses:  2607:f8b0:400f:801::1008
   74.125.225.200
   74.125.225.192
   74.125.225.195
   74.125.225.197
   74.125.225.206
   74.125.225.196
   74.125.225.194
   74.125.225.198
   74.125.225.193
   74.125.225.199
   74.125.225.201

 

Pinging google.com [74.125.225.194] with 32 bytes of data:

Reply from 74.125.225.194: bytes=32 time=62ms TTL=48

Reply from 74.125.225.194: bytes=32 time=62ms TTL=48

 

Ping statistics for 74.125.225.194:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 62ms, Maximum = 62ms, Average = 62ms

Server:  UnKnown
Address:  10.0.0.1

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=461ms TTL=49

Reply from 98.139.183.24: bytes=32 time=473ms TTL=49

 

Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 461ms, Maximum = 473ms, Average = 467ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 12 ...00 25 64 57 a9 96 ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
 10 ...00 22 5f ff ac 67 ...... Dell Wireless 1397 WLAN Mini-Card
  1 ........................... Software Loopback Interface 1
 14 ...00 00 00 00 00 00 00 e0  isatap.{A2F2E451-BA36-4511-85F0-3922E399A933}
 11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 13 ...00 00 00 00 00 00 00 e0  isatap.{A6C94A75-88C9-4B3F-85D6-DE663811F0B9}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.67     25
         10.0.0.0    255.255.255.0         On-link         10.0.0.67    281
        10.0.0.67  255.255.255.255         On-link         10.0.0.67    281
       10.0.0.255  255.255.255.255         On-link         10.0.0.67    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.0.67    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.0.67    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 11     18 2001::/32                On-link
 11    266 2001:0:9d38:953c:28f3:23e3:f5ff:ffbc/128
                                    On-link
 10    281 fe80::/64                On-link
 11    266 fe80::/64                On-link
 10    281 fe80::c9a:a129:e1f:ba9d/128
                                    On-link
 11    266 fe80::28f3:23e3:f5ff:ffbc/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/15/2013 00:40:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46139496

Error: (05/15/2013 00:40:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 46139496

Error: (05/15/2013 00:40:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/15/2013 00:40:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46119761

Error: (05/15/2013 00:40:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 46119761

Error: (05/15/2013 00:40:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/15/2013 00:40:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46118513

Error: (05/15/2013 00:40:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 46118513

Error: (05/15/2013 00:40:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/15/2013 00:40:25 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46117499

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (08/30/2011 11:11:07 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28182 seconds with 60 seconds of active time.  This session ended with a crash.

CodeIntegrity Errors:
===================================
  Date: 2013-05-14 09:51:43.725
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:51:43.388
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:51:43.059
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:51:42.705
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:51:38.410
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:51:37.960
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:51:37.590
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:51:37.250
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:50:46.214
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-14 09:50:45.852
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\AVG2012\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

========================= Memory info: ===================================

Percentage of memory in use: 68%
Total physical RAM: 2007.63 MB
Available physical RAM: 623.32 MB
Total Pagefile: 4268.55 MB
Available Pagefile: 2597.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1951 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:134.36 GB) (Free:59.57 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:14.55 GB) NTFS

========================= Users: ========================================

User accounts for \\SAM-PC

Administrator            Guest                    sam                     

**** End of log ****



#4 mphelps06

mphelps06
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 15 May 2013 - 12:55 PM

12:53:11.0895 7648  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:53:12.0406 7648  ============================================================
12:53:12.0406 7648  Current date / time: 2013/05/15 12:53:12.0406
12:53:12.0406 7648  SystemInfo:
12:53:12.0406 7648 
12:53:12.0406 7648  OS Version: 6.0.6002 ServicePack: 2.0
12:53:12.0406 7648  Product type: Workstation
12:53:12.0406 7648  ComputerName: SAM-PC
12:53:12.0407 7648  UserName: sam
12:53:12.0407 7648  Windows directory: C:\Windows
12:53:12.0407 7648  System windows directory: C:\Windows
12:53:12.0407 7648  Processor architecture: Intel x86
12:53:12.0407 7648  Number of processors: 1
12:53:12.0407 7648  Page size: 0x1000
12:53:12.0407 7648  Boot type: Normal boot
12:53:12.0407 7648  ============================================================
12:53:13.0535 7648  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:53:13.0542 7648  ============================================================
12:53:13.0542 7648  \Device\Harddisk0\DR0:
12:53:13.0543 7648  MBR partitions:
12:53:13.0543 7648  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
12:53:13.0543 7648  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x10CB96B0
12:53:13.0543 7648  ============================================================
12:53:13.0578 7648  C: <-> \Device\Harddisk0\DR0\Partition2
12:53:13.0614 7648  D: <-> \Device\Harddisk0\DR0\Partition1
12:53:13.0614 7648  ============================================================
12:53:13.0614 7648  Initialize success
12:53:13.0614 7648  ============================================================
12:53:31.0308 2268  ============================================================
12:53:31.0308 2268  Scan started
12:53:31.0308 2268  Mode: Manual; TDLFS;
12:53:31.0308 2268  ============================================================
12:53:34.0748 2268  ================ Scan system memory ========================
12:53:34.0748 2268  System memory - ok
12:53:34.0748 2268  ================ Scan services =============================
12:53:35.0649 2268  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
12:53:35.0651 2268  ACPI - ok
12:53:35.0847 2268  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:53:35.0848 2268  AdobeARMservice - ok
12:53:35.0905 2268  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:53:35.0907 2268  AdobeFlashPlayerUpdateSvc - ok
12:53:35.0972 2268  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:53:35.0975 2268  adp94xx - ok
12:53:36.0003 2268  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:53:36.0005 2268  adpahci - ok
12:53:36.0029 2268  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
12:53:36.0030 2268  adpu160m - ok
12:53:36.0060 2268  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:53:36.0062 2268  adpu320 - ok
12:53:36.0114 2268  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:53:36.0115 2268  AeLookupSvc - ok
12:53:36.0198 2268  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
12:53:36.0200 2268  AFD - ok
12:53:36.0290 2268  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:53:36.0290 2268  agp440 - ok
12:53:36.0325 2268  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
12:53:36.0326 2268  aic78xx - ok
12:53:36.0347 2268  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
12:53:36.0347 2268  ALG - ok
12:53:36.0452 2268  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:53:36.0452 2268  aliide - ok
12:53:36.0475 2268  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
12:53:36.0476 2268  amdagp - ok
12:53:36.0487 2268  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
12:53:36.0488 2268  amdide - ok
12:53:36.0515 2268  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
12:53:36.0515 2268  AmdK7 - ok
12:53:36.0579 2268  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:53:36.0579 2268  AmdK8 - ok
12:53:36.0752 2268  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
12:53:36.0753 2268  Appinfo - ok
12:53:37.0698 2268  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:53:37.0699 2268  Apple Mobile Device - ok
12:53:37.0765 2268  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
12:53:37.0799 2268  arc - ok
12:53:37.0831 2268  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:53:37.0832 2268  arcsas - ok
12:53:38.0793 2268  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:53:38.0794 2268  aspnet_state - ok
12:53:38.0813 2268  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:53:38.0814 2268  AsyncMac - ok
12:53:38.0866 2268  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:53:38.0867 2268  atapi - ok
12:53:39.0803 2268  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:53:39.0806 2268  AudioEndpointBuilder - ok
12:53:39.0826 2268  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:53:39.0828 2268  Audiosrv - ok
12:53:40.0239 2268  [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent     C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
12:53:40.0269 2268  AVGIDSAgent - ok
12:53:40.0323 2268  [ EF67527CC2AD77D22AB1405C6470407E ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
12:53:40.0324 2268  AVGIDSDriver - ok
12:53:40.0368 2268  [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter    C:\Windows\system32\DRIVERS\avgidsfilterx.sys
12:53:40.0369 2268  AVGIDSFilter - ok
12:53:40.0643 2268  [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
12:53:40.0644 2268  AVGIDSHX - ok
12:53:40.0684 2268  [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
12:53:40.0684 2268  AVGIDSShim - ok
12:53:40.0717 2268  [ 6671345A6E2669AF1966BAF68EC5620F ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
12:53:40.0719 2268  Avgldx86 - ok
12:53:40.0749 2268  [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
12:53:40.0749 2268  Avgmfx86 - ok
12:53:40.0762 2268  [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
12:53:40.0763 2268  Avgrkx86 - ok
12:53:40.0803 2268  [ 1647C720358DCC98ACF51E597C461C4D ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
12:53:40.0805 2268  Avgtdix - ok
12:53:40.0838 2268  [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd           C:\Program Files\AVG\AVG2012\avgwdsvc.exe
12:53:40.0839 2268  avgwd - ok
12:53:40.0880 2268  [ 55070D71BBB424A56D5125C61FCC2897 ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
12:53:40.0881 2268  BCM42RLY - ok
12:53:40.0984 2268  [ FA6707A346CD122407F3B0BAD1C47639 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
12:53:40.0991 2268  BCM43XX - ok
12:53:41.0111 2268  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:53:41.0111 2268  Beep - ok
12:53:41.0177 2268  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
12:53:41.0180 2268  BFE - ok
12:53:41.0521 2268  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
12:53:41.0527 2268  BITS - ok
12:53:41.0553 2268  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
12:53:41.0554 2268  blbdrive - ok
12:53:41.0634 2268  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:53:41.0637 2268  Bonjour Service - ok
12:53:42.0864 2268  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:53:42.0865 2268  bowser - ok
12:53:42.0952 2268  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
12:53:42.0953 2268  BrFiltLo - ok
12:53:42.0972 2268  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
12:53:42.0972 2268  BrFiltUp - ok
12:53:43.0173 2268  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
12:53:43.0174 2268  Browser - ok
12:53:43.0210 2268  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
12:53:43.0211 2268  Brserid - ok
12:53:43.0234 2268  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
12:53:43.0235 2268  BrSerWdm - ok
12:53:43.0262 2268  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
12:53:43.0262 2268  BrUsbMdm - ok
12:53:43.0277 2268  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
12:53:43.0278 2268  BrUsbSer - ok
12:53:43.0293 2268  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:53:43.0293 2268  BTHMODEM - ok
12:53:43.0334 2268  [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5        C:\Windows\system32\drivers\BVRPMPR5.SYS
12:53:43.0334 2268  BVRPMPR5 - ok
12:53:43.0354 2268  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:53:43.0355 2268  cdfs - ok
12:53:43.0490 2268  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:53:43.0491 2268  cdrom - ok
12:53:43.0576 2268  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:53:43.0581 2268  CertPropSvc - ok
12:53:44.0007 2268  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
12:53:44.0008 2268  circlass - ok
12:53:44.0103 2268  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
12:53:44.0105 2268  CLFS - ok
12:53:44.0146 2268  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:53:44.0147 2268  clr_optimization_v2.0.50727_32 - ok
12:53:44.0251 2268  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:53:44.0253 2268  clr_optimization_v4.0.30319_32 - ok
12:53:44.0304 2268  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:53:44.0304 2268  CmBatt - ok
12:53:44.0337 2268  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:53:44.0338 2268  cmdide - ok
12:53:44.0344 2268  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:53:44.0345 2268  Compbatt - ok
12:53:44.0353 2268  COMSysApp - ok
12:53:44.0363 2268  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:53:44.0364 2268  crcdisk - ok
12:53:44.0393 2268  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
12:53:44.0393 2268  Crusoe - ok
12:53:44.0463 2268  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:53:44.0464 2268  CryptSvc - ok
12:53:44.0883 2268  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:53:44.0903 2268  DcomLaunch - ok
12:53:44.0944 2268  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:53:44.0945 2268  DfsC - ok
12:53:45.0368 2268  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
12:53:45.0380 2268  DFSR - ok
12:53:45.0545 2268  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
12:53:45.0547 2268  Dhcp - ok
12:53:45.0842 2268  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
12:53:45.0843 2268  disk - ok
12:53:45.0896 2268  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:53:45.0898 2268  Dnscache - ok
12:53:46.0181 2268  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:53:46.0183 2268  dot3svc - ok
12:53:46.0227 2268  [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
12:53:46.0228 2268  Dot4 - ok
12:53:46.0270 2268  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:53:46.0271 2268  Dot4Print - ok
12:53:46.0296 2268  [ C55004CA6B419B6695970DFE849B122F ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
12:53:46.0297 2268  dot4usb - ok
12:53:46.0379 2268  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
12:53:46.0380 2268  DPS - ok
12:53:46.0406 2268  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:53:46.0407 2268  drmkaud - ok
12:53:46.0466 2268  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:53:46.0470 2268  DXGKrnl - ok
12:53:46.0603 2268  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
12:53:46.0604 2268  E1G60 - ok
12:53:46.0688 2268  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
12:53:46.0689 2268  EapHost - ok
12:53:46.0835 2268  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
12:53:46.0836 2268  Ecache - ok
12:53:46.0878 2268  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:53:46.0882 2268  elxstor - ok
12:53:46.0991 2268  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
12:53:46.0995 2268  EMDMgmt - ok
12:53:47.0113 2268  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:53:47.0113 2268  ErrDev - ok
12:53:47.0233 2268  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
12:53:47.0235 2268  EventSystem - ok
12:53:47.0288 2268  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
12:53:47.0290 2268  exfat - ok
12:53:47.0502 2268  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:53:47.0504 2268  fastfat - ok
12:53:47.0565 2268  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:53:47.0566 2268  fdc - ok
12:53:47.0590 2268  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
12:53:47.0592 2268  fdPHost - ok
12:53:47.0601 2268  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:53:47.0602 2268  FDResPub - ok
12:53:47.0618 2268  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:53:47.0619 2268  FileInfo - ok
12:53:47.0637 2268  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:53:47.0638 2268  Filetrace - ok
12:53:47.0656 2268  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:53:47.0656 2268  flpydisk - ok
12:53:47.0698 2268  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:53:47.0700 2268  FltMgr - ok
12:53:47.0829 2268  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
12:53:47.0835 2268  FontCache - ok
12:53:48.0176 2268  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:53:48.0177 2268  FontCache3.0.0.0 - ok
12:53:48.0432 2268  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:53:48.0433 2268  Fs_Rec - ok
12:53:48.0622 2268  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:53:48.0623 2268  gagp30kx - ok
12:53:48.0694 2268  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:53:48.0695 2268  GEARAspiWDM - ok
12:53:48.0859 2268  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:53:48.0863 2268  gpsvc - ok
12:53:48.0934 2268  [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:53:48.0936 2268  HdAudAddService - ok
12:53:49.0279 2268  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:53:49.0283 2268  HDAudBus - ok
12:53:49.0324 2268  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:53:49.0326 2268  HidBth - ok
12:53:49.0344 2268  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:53:49.0346 2268  HidIr - ok
12:53:49.0397 2268  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
12:53:49.0399 2268  hidserv - ok
12:53:49.0435 2268  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:53:49.0437 2268  HidUsb - ok
12:53:49.0520 2268  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:53:49.0523 2268  hkmsvc - ok
12:53:50.0863 2268  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
12:53:50.0864 2268  HpCISSs - ok
12:53:51.0510 2268  [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:53:51.0541 2268  HTTP - ok
12:53:51.0582 2268  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
12:53:51.0584 2268  i2omp - ok
12:53:51.0628 2268  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:53:51.0630 2268  i8042prt - ok
12:53:51.0659 2268  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
12:53:51.0664 2268  iaStorV - ok
12:53:51.0750 2268  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:53:51.0783 2268  idsvc - ok
12:53:51.0907 2268  [ 8DAD27DD28A4274866767C89C0BF154F ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
12:53:52.0039 2268  igfx - ok
12:53:52.0062 2268  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:53:52.0065 2268  iirsp - ok
12:53:52.0116 2268  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:53:52.0124 2268  IKEEXT - ok
12:53:52.0200 2268  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:53:52.0204 2268  intelide - ok
12:53:52.0225 2268  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:53:52.0228 2268  intelppm - ok
12:53:52.0258 2268  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:53:52.0261 2268  IPBusEnum - ok
12:53:52.0283 2268  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:53:52.0285 2268  IpFilterDriver - ok
12:53:52.0913 2268  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:53:52.0918 2268  iphlpsvc - ok
12:53:52.0924 2268  IpInIp - ok
12:53:52.0965 2268  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
12:53:52.0968 2268  IPMIDRV - ok
12:53:53.0038 2268  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
12:53:53.0040 2268  IPNAT - ok
12:53:53.0516 2268  [ E46B17060D3962A384AE484094614788 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:53:53.0538 2268  iPod Service - ok
12:53:53.0572 2268  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:53:53.0574 2268  IRENUM - ok
12:53:53.0597 2268  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:53:53.0599 2268  isapnp - ok
12:53:53.0935 2268  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
12:53:54.0005 2268  iScsiPrt - ok
12:53:54.0048 2268  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
12:53:54.0050 2268  iteatapi - ok
12:53:54.0101 2268  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
12:53:54.0162 2268  iteraid - ok
12:53:54.0192 2268  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:53:54.0193 2268  kbdclass - ok
12:53:54.0218 2268  [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:53:54.0219 2268  kbdhid - ok
12:53:54.0266 2268  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
12:53:54.0268 2268  KeyIso - ok
12:53:55.0518 2268  [ 775C6D5D60146D7DB08A01CB596D7EC6 ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
12:53:55.0527 2268  Kodak AiO Network Discovery Service - ok
12:53:55.0871 2268  [ 17AFF68AB32F8671BC46612D35351099 ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
12:53:55.0897 2268  Kodak AiO Status Monitor Service - ok
12:53:56.0511 2268  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:53:56.0521 2268  KSecDD - ok
12:53:56.0569 2268  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:53:56.0579 2268  KtmRm - ok
12:53:56.0620 2268  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:53:56.0625 2268  LanmanServer - ok
12:53:56.0694 2268  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:53:56.0700 2268  LanmanWorkstation - ok
12:53:56.0735 2268  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:53:56.0737 2268  lltdio - ok
12:53:56.0781 2268  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:53:56.0786 2268  lltdsvc - ok
12:53:56.0841 2268  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:53:56.0844 2268  lmhosts - ok
12:53:56.0872 2268  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:53:56.0875 2268  LSI_FC - ok
12:53:56.0894 2268  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:53:56.0898 2268  LSI_SAS - ok
12:53:56.0917 2268  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:53:56.0921 2268  LSI_SCSI - ok
12:53:56.0933 2268  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
12:53:56.0936 2268  luafv - ok
12:53:56.0962 2268  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:53:56.0964 2268  megasas - ok
12:53:56.0995 2268  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
12:53:57.0003 2268  MegaSR - ok
12:53:57.0013 2268  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
12:53:57.0015 2268  MMCSS - ok
12:53:57.0041 2268  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
12:53:57.0042 2268  Modem - ok
12:53:57.0066 2268  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:53:57.0067 2268  monitor - ok
12:53:57.0079 2268  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:53:57.0081 2268  mouclass - ok
12:53:57.0095 2268  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:53:57.0096 2268  mouhid - ok
12:53:57.0119 2268  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
12:53:57.0121 2268  MountMgr - ok
12:53:57.0149 2268  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:53:57.0152 2268  mpio - ok
12:53:57.0170 2268  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:53:57.0175 2268  mpsdrv - ok
12:53:57.0235 2268  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:53:57.0243 2268  MpsSvc - ok
12:53:57.0419 2268  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
12:53:57.0420 2268  Mraid35x - ok
12:53:57.0568 2268  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:53:57.0571 2268  MRxDAV - ok
12:53:57.0634 2268  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:53:57.0636 2268  mrxsmb - ok
12:53:57.0716 2268  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:53:57.0721 2268  mrxsmb10 - ok
12:53:57.0736 2268  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:53:57.0739 2268  mrxsmb20 - ok
12:53:57.0796 2268  [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:53:57.0798 2268  msahci - ok
12:53:57.0842 2268  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:53:57.0845 2268  msdsm - ok
12:53:57.0910 2268  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
12:53:57.0914 2268  MSDTC - ok
12:53:57.0950 2268  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:53:57.0953 2268  Msfs - ok
12:53:58.0022 2268  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:53:58.0023 2268  msisadrv - ok
12:53:58.0062 2268  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:53:58.0066 2268  MSiSCSI - ok
12:53:58.0071 2268  msiserver - ok
12:53:58.0126 2268  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:53:58.0127 2268  MSKSSRV - ok
12:53:58.0143 2268  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:53:58.0144 2268  MSPCLOCK - ok
12:53:58.0161 2268  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:53:58.0163 2268  MSPQM - ok
12:53:58.0206 2268  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:53:58.0210 2268  MsRPC - ok
12:53:58.0889 2268  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:53:58.0891 2268  mssmbios - ok
12:53:58.0908 2268  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:53:58.0911 2268  MSTEE - ok
12:53:58.0956 2268  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
12:53:58.0958 2268  Mup - ok
12:53:59.0688 2268  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
12:53:59.0700 2268  napagent - ok
12:53:59.0753 2268  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:53:59.0758 2268  NativeWifiP - ok
12:53:59.0866 2268  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:53:59.0883 2268  NDIS - ok
12:54:00.0783 2268  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:54:00.0784 2268  NdisTapi - ok
12:54:00.0794 2268  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:54:00.0795 2268  Ndisuio - ok
12:54:00.0865 2268  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:54:00.0868 2268  NdisWan - ok
12:54:00.0881 2268  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:54:00.0883 2268  NDProxy - ok
12:54:00.0923 2268  [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:54:00.0926 2268  Net Driver HPZ12 - ok
12:54:00.0934 2268  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:54:00.0937 2268  NetBIOS - ok
12:54:00.0983 2268  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
12:54:00.0987 2268  netbt - ok
12:54:01.0037 2268  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
12:54:01.0039 2268  Netlogon - ok
12:54:01.0076 2268  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
12:54:01.0083 2268  Netman - ok
12:54:01.0121 2268  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:54:01.0125 2268  NetMsmqActivator - ok
12:54:01.0131 2268  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:54:01.0132 2268  NetPipeActivator - ok
12:54:01.0175 2268  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
12:54:01.0181 2268  netprofm - ok
12:54:01.0188 2268  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:54:01.0189 2268  NetTcpActivator - ok
12:54:01.0198 2268  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:54:01.0200 2268  NetTcpPortSharing - ok
12:54:01.0229 2268  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:54:01.0230 2268  nfrd960 - ok
12:54:01.0275 2268  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:54:01.0281 2268  NlaSvc - ok
12:54:01.0331 2268  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:54:01.0333 2268  Npfs - ok
12:54:01.0356 2268  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
12:54:01.0360 2268  nsi - ok
12:54:01.0378 2268  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:54:01.0379 2268  nsiproxy - ok
12:54:01.0451 2268  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:54:01.0486 2268  Ntfs - ok
12:54:01.0512 2268  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
12:54:01.0514 2268  ntrigdigi - ok
12:54:01.0534 2268  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
12:54:01.0536 2268  Null - ok
12:54:01.0553 2268  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:54:01.0556 2268  nvraid - ok
12:54:01.0569 2268  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:54:01.0571 2268  nvstor - ok
12:54:01.0592 2268  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:54:01.0595 2268  nv_agp - ok
12:54:01.0601 2268  NwlnkFlt - ok
12:54:01.0609 2268  NwlnkFwd - ok
12:54:01.0897 2268  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:54:01.0906 2268  odserv - ok
12:54:01.0930 2268  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:54:01.0932 2268  ohci1394 - ok
12:54:01.0975 2268  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:54:01.0979 2268  ose - ok
12:54:02.0045 2268  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
12:54:02.0065 2268  p2pimsvc - ok
12:54:02.0080 2268  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:54:02.0085 2268  p2psvc - ok
12:54:02.0117 2268  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
12:54:02.0120 2268  Parport - ok
12:54:02.0180 2268  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:54:02.0182 2268  partmgr - ok
12:54:02.0199 2268  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
12:54:02.0200 2268  Parvdm - ok
12:54:02.0232 2268  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:54:02.0235 2268  PcaSvc - ok
12:54:02.0303 2268  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
12:54:02.0304 2268  pci - ok
12:54:02.0664 2268  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
12:54:02.0666 2268  pciide - ok
12:54:02.0694 2268  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:54:02.0698 2268  pcmcia - ok
12:54:02.0753 2268  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:54:02.0773 2268  PEAUTH - ok
12:54:02.0879 2268  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
12:54:02.0977 2268  pla - ok
12:54:03.0090 2268  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:54:03.0097 2268  PlugPlay - ok
12:54:03.0133 2268  [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:54:03.0135 2268  Pml Driver HPZ12 - ok
12:54:03.0168 2268  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
12:54:03.0173 2268  PNRPAutoReg - ok
12:54:03.0511 2268  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
12:54:03.0517 2268  PNRPsvc - ok
12:54:03.0594 2268  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:54:03.0602 2268  PolicyAgent - ok
12:54:03.0665 2268  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:54:03.0667 2268  PptpMiniport - ok
12:54:03.0706 2268  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
12:54:03.0710 2268  Processor - ok
12:54:03.0787 2268  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:54:03.0792 2268  ProfSvc - ok
12:54:03.0804 2268  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:54:03.0807 2268  ProtectedStorage - ok
12:54:03.0858 2268  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
12:54:03.0860 2268  PSched - ok
12:54:03.0977 2268  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:54:04.0008 2268  ql2300 - ok
12:54:04.0053 2268  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:54:04.0056 2268  ql40xx - ok
12:54:04.0100 2268  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
12:54:04.0107 2268  QWAVE - ok
12:54:04.0122 2268  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:54:04.0124 2268  QWAVEdrv - ok
12:54:04.0136 2268  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:54:04.0137 2268  RasAcd - ok
12:54:04.0158 2268  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
12:54:04.0162 2268  RasAuto - ok
12:54:04.0187 2268  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:54:04.0190 2268  Rasl2tp - ok
12:54:04.0237 2268  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
12:54:04.0243 2268  RasMan - ok
12:54:04.0322 2268  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:54:04.0328 2268  RasPppoe - ok
12:54:04.0383 2268  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:54:04.0386 2268  RasSstp - ok
12:54:04.0491 2268  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:54:04.0526 2268  rdbss - ok
12:54:04.0590 2268  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:54:04.0612 2268  RDPCDD - ok
12:54:04.0646 2268  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
12:54:04.0651 2268  rdpdr - ok
12:54:04.0657 2268  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:54:04.0662 2268  RDPENCDD - ok
12:54:04.0746 2268  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:54:04.0750 2268  RDPWD - ok
12:54:04.0789 2268  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:54:04.0793 2268  RemoteAccess - ok
12:54:04.0850 2268  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:54:04.0854 2268  RemoteRegistry - ok
12:54:04.0865 2268  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
12:54:04.0867 2268  RpcLocator - ok
12:54:04.0938 2268  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
12:54:04.0943 2268  RpcSs - ok
12:54:05.0138 2268  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:54:05.0140 2268  rspndr - ok
12:54:05.0150 2268  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
12:54:05.0151 2268  SamSs - ok
12:54:05.0168 2268  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:54:05.0171 2268  sbp2port - ok
12:54:05.0269 2268  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:54:05.0273 2268  SCardSvr - ok
12:54:05.0359 2268  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
12:54:05.0381 2268  Schedule - ok
12:54:05.0409 2268  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:54:05.0410 2268  SCPolicySvc - ok
12:54:05.0437 2268  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:54:05.0441 2268  SDRSVC - ok
12:54:05.0458 2268  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:54:05.0462 2268  secdrv - ok
12:54:05.0479 2268  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
12:54:05.0482 2268  seclogon - ok
12:54:05.0508 2268  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
12:54:05.0511 2268  SENS - ok
12:54:05.0540 2268  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
12:54:05.0542 2268  Serenum - ok
12:54:05.0568 2268  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
12:54:05.0571 2268  Serial - ok
12:54:05.0595 2268  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:54:05.0597 2268  sermouse - ok
12:54:05.0635 2268  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:54:05.0638 2268  SessionEnv - ok
12:54:05.0661 2268  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:54:05.0663 2268  sffdisk - ok
12:54:05.0678 2268  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:54:05.0680 2268  sffp_mmc - ok
12:54:05.0691 2268  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:54:05.0692 2268  sffp_sd - ok
12:54:05.0709 2268  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:54:05.0714 2268  sfloppy - ok
12:54:05.0750 2268  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:54:05.0756 2268  SharedAccess - ok
12:54:06.0019 2268  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:54:06.0026 2268  ShellHWDetection - ok
12:54:06.0102 2268  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
12:54:06.0104 2268  sisagp - ok
12:54:06.0181 2268  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
12:54:06.0183 2268  SiSRaid2 - ok
12:54:06.0201 2268  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:54:06.0204 2268  SiSRaid4 - ok
12:54:06.0435 2268  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
12:54:06.0578 2268  slsvc - ok
12:54:06.0615 2268  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
12:54:06.0618 2268  SLUINotify - ok
12:54:06.0849 2268  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:54:06.0852 2268  Smb - ok
12:54:06.0899 2268  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:54:06.0901 2268  SNMPTRAP - ok
12:54:06.0934 2268  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
12:54:06.0936 2268  spldr - ok
12:54:07.0314 2268  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
12:54:07.0319 2268  Spooler - ok
12:54:07.0366 2268  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:54:07.0373 2268  srv - ok
12:54:07.0429 2268  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:54:07.0433 2268  srv2 - ok
12:54:07.0499 2268  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:54:07.0505 2268  srvnet - ok
12:54:07.0549 2268  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:54:07.0554 2268  SSDPSRV - ok
12:54:07.0615 2268  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:54:07.0620 2268  SstpSvc - ok
12:54:07.0724 2268  [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
12:54:07.0726 2268  StillCam - ok
12:54:07.0804 2268  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
12:54:07.0815 2268  stisvc - ok
12:54:07.0843 2268  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:54:07.0845 2268  swenum - ok
12:54:07.0896 2268  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
12:54:07.0904 2268  swprv - ok
12:54:07.0956 2268  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
12:54:07.0958 2268  Symc8xx - ok
12:54:07.0980 2268  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
12:54:07.0983 2268  Sym_hi - ok
12:54:08.0010 2268  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
12:54:08.0011 2268  Sym_u3 - ok
12:54:08.0066 2268  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
12:54:08.0086 2268  SysMain - ok
12:54:08.0165 2268  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:54:08.0169 2268  TabletInputService - ok
12:54:08.0216 2268  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:54:08.0223 2268  TapiSrv - ok
12:54:08.0284 2268  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
12:54:08.0287 2268  TBS - ok
12:54:08.0410 2268  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:54:08.0472 2268  Tcpip - ok
12:54:08.0492 2268  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
12:54:08.0498 2268  Tcpip6 - ok
12:54:08.0881 2268  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:54:08.0883 2268  tcpipreg - ok
12:54:08.0912 2268  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:54:08.0913 2268  TDPIPE - ok
12:54:08.0932 2268  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:54:08.0934 2268  TDTCP - ok
12:54:08.0982 2268  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:54:08.0985 2268  tdx - ok
12:54:09.0039 2268  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:54:09.0041 2268  TermDD - ok
12:54:09.0094 2268  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
12:54:09.0104 2268  TermService - ok
12:54:09.0177 2268  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
12:54:09.0180 2268  Themes - ok
12:54:09.0208 2268  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
12:54:09.0210 2268  THREADORDER - ok
12:54:09.0241 2268  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
12:54:09.0245 2268  TrkWks - ok
12:54:09.0320 2268  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:54:09.0322 2268  TrustedInstaller - ok
12:54:09.0399 2268  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:54:09.0401 2268  tssecsrv - ok
12:54:09.0542 2268  [ 9DF6AD6FC51A802808621CBFB2A88453 ] TuneUp.UtilitiesSvc C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
12:54:09.0576 2268  TuneUp.UtilitiesSvc - ok
12:54:09.0691 2268  [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys
12:54:09.0692 2268  TuneUpUtilitiesDrv - ok
12:54:09.0706 2268  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
12:54:09.0708 2268  tunmp - ok
12:54:09.0797 2268  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:54:09.0799 2268  tunnel - ok
12:54:09.0823 2268  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:54:09.0825 2268  uagp35 - ok
12:54:09.0863 2268  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:54:09.0868 2268  udfs - ok
12:54:09.0940 2268  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:54:09.0943 2268  UI0Detect - ok
12:54:09.0993 2268  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:54:09.0995 2268  uliagpkx - ok
12:54:10.0030 2268  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
12:54:10.0035 2268  uliahci - ok
12:54:10.0050 2268  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
12:54:10.0054 2268  UlSata - ok
12:54:10.0070 2268  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
12:54:10.0073 2268  ulsata2 - ok
12:54:10.0091 2268  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:54:10.0093 2268  umbus - ok
12:54:10.0115 2268  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
12:54:10.0123 2268  upnphost - ok
12:54:10.0155 2268  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
12:54:10.0156 2268  USBAAPL - ok
12:54:10.0208 2268  [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:54:10.0210 2268  usbaudio - ok
12:54:10.0267 2268  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:54:10.0270 2268  usbccgp - ok
12:54:10.0297 2268  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:54:10.0300 2268  usbcir - ok
12:54:10.0319 2268  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:54:10.0321 2268  usbehci - ok
12:54:10.0380 2268  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:54:10.0385 2268  usbhub - ok
12:54:10.0405 2268  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:54:10.0406 2268  usbohci - ok
12:54:10.0434 2268  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:54:10.0436 2268  usbprint - ok
12:54:10.0533 2268  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:54:10.0535 2268  usbscan - ok
12:54:10.0587 2268  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:54:10.0589 2268  USBSTOR - ok
12:54:10.0606 2268  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:54:10.0608 2268  usbuhci - ok
12:54:10.0654 2268  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
12:54:10.0658 2268  UxSms - ok
12:54:10.0718 2268  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
12:54:10.0727 2268  vds - ok
12:54:10.0756 2268  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:54:10.0758 2268  vga - ok
12:54:10.0765 2268  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:54:10.0773 2268  VgaSave - ok
12:54:10.0809 2268  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
12:54:10.0811 2268  viaagp - ok
12:54:10.0852 2268  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
12:54:10.0854 2268  ViaC7 - ok
12:54:10.0894 2268  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
12:54:10.0896 2268  viaide - ok
12:54:10.0905 2268  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:54:10.0909 2268  volmgr - ok
12:54:10.0985 2268  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:54:10.0992 2268  volmgrx - ok
12:54:11.0044 2268  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:54:11.0049 2268  volsnap - ok
12:54:11.0114 2268  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:54:11.0117 2268  vsmraid - ok
12:54:11.0164 2268  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
12:54:11.0228 2268  VSS - ok
12:54:11.0287 2268  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
12:54:11.0295 2268  W32Time - ok
12:54:11.0313 2268  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:54:11.0315 2268  WacomPen - ok
12:54:11.0335 2268  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
12:54:11.0337 2268  Wanarp - ok
12:54:11.0343 2268  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:54:11.0344 2268  Wanarpv6 - ok
12:54:11.0367 2268  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:54:11.0378 2268  wcncsvc - ok
12:54:11.0409 2268  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:54:11.0412 2268  WcsPlugInService - ok
12:54:11.0439 2268  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
12:54:11.0442 2268  Wd - ok
12:54:11.0504 2268  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:54:11.0524 2268  Wdf01000 - ok
12:54:11.0562 2268  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:54:11.0566 2268  WdiServiceHost - ok
12:54:11.0572 2268  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:54:11.0576 2268  WdiSystemHost - ok
12:54:11.0879 2268  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
12:54:11.0885 2268  WebClient - ok
12:54:11.0934 2268  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:54:11.0939 2268  Wecsvc - ok
12:54:11.0996 2268  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:54:12.0000 2268  wercplsupport - ok
12:54:12.0063 2268  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:54:12.0067 2268  WerSvc - ok
12:54:12.0144 2268  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
12:54:12.0149 2268  WinDefend - ok
12:54:12.0162 2268  WinHttpAutoProxySvc - ok
12:54:12.0358 2268  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:54:12.0362 2268  Winmgmt - ok
12:54:12.0440 2268  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:54:12.0473 2268  WinRM - ok
12:54:12.0534 2268  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:54:12.0553 2268  Wlansvc - ok
12:54:12.0568 2268  wltrysvc - ok
12:54:12.0605 2268  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:54:12.0606 2268  WmiAcpi - ok
12:54:12.0658 2268  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:54:12.0662 2268  wmiApSrv - ok
12:54:12.0754 2268  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
12:54:12.0775 2268  WMPNetworkSvc - ok
12:54:12.0813 2268  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:54:12.0818 2268  WPCSvc - ok
12:54:12.0865 2268  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:54:12.0869 2268  WPDBusEnum - ok
12:54:12.0923 2268  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
12:54:12.0925 2268  WpdUsb - ok
12:54:13.0264 2268  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:54:13.0285 2268  WPFFontCache_v0400 - ok
12:54:13.0317 2268  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:54:13.0318 2268  ws2ifsl - ok
12:54:13.0364 2268  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
12:54:13.0367 2268  wscsvc - ok
12:54:13.0374 2268  WSearch - ok
12:54:13.0461 2268  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
12:54:13.0540 2268  wuauserv - ok
12:54:13.0600 2268  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:54:13.0601 2268  WudfPf - ok
12:54:13.0658 2268  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:54:13.0662 2268  WUDFRd - ok
12:54:13.0724 2268  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:54:13.0728 2268  wudfsvc - ok
12:54:13.0742 2268  yksvc - ok
12:54:13.0793 2268  [ 1A51DF1A5C658D534ED980D18F7982DE ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
12:54:13.0800 2268  yukonwlh - ok
12:54:13.0824 2268  ================ Scan global ===============================
12:54:13.0871 2268  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
12:54:13.0987 2268  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
12:54:14.0004 2268  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
12:54:14.0056 2268  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
12:54:14.0063 2268  [Global] - ok
12:54:14.0063 2268  ================ Scan MBR ==================================
12:54:14.0080 2268  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
12:54:14.0888 2268  \Device\Harddisk0\DR0 - ok
12:54:14.0891 2268  ================ Scan VBR ==================================
12:54:14.0919 2268  [ C47B0D836BBC2C4C015C568DD530FF9D ] \Device\Harddisk0\DR0\Partition1
12:54:14.0921 2268  \Device\Harddisk0\DR0\Partition1 - ok
12:54:14.0951 2268  [ 97B8C8D560B5BD33CD4EE7104052549D ] \Device\Harddisk0\DR0\Partition2
12:54:14.0953 2268  \Device\Harddisk0\DR0\Partition2 - ok
12:54:14.0956 2268  ============================================================
12:54:14.0956 2268  Scan finished
12:54:14.0956 2268  ============================================================
12:54:14.0971 5032  Detected object count: 0
12:54:14.0971 5032  Actual detected object count: 0
 



#5 mphelps06

mphelps06
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 15 May 2013 - 01:10 PM

# AdwCleaner v2.300 - Logfile created 05/15/2013 at 12:57:21
# Updated 28/04/2013 by Xplode
# Operating system : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# User : sam - SAM-PC
# Boot Mode : Normal
# Running from : C:\Users\sam\Desktop\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\Program Files\FunWebProducts
Folder Deleted : C:\Users\sam\AppData\LocalLow\Toolbar4

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProductsInstaller.Start
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProductsInstaller.Start.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D4DB7D0-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\FunWebProducts
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@funwebproducts.com/Plugin

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [7478 octets] - [15/05/2013 12:57:21]

########## EOF - C:\AdwCleaner[S1].txt - [7538 octets] ##########



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:01 PM

Posted 15 May 2013 - 01:32 PM

Looks a lot better.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 mphelps06

mphelps06
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 15 May 2013 - 07:10 PM

C:\Users\sam\AppData\Local\Google\Apple Computer\echirit.dll Win32/TrojanDownloader.Tracur.V trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\sam\AppData\Local\Temp\0.6932113730325155 Win32/TrojanDownloader.Tracur.V trojan cleaned by deleting - quarantined
C:\Users\sam\AppData\Local\Temp\echirit\echirit.dll Win32/TrojanDownloader.Tracur.V trojan cleaned by deleting - quarantined
C:\Users\sam\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\4612776c-580a1804 Java/Exploit.Blacole trojan cleaned by deleting - quarantined
C:\Users\sam\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6e333046-50565115 a variant of Java/TrojanDownloader.OpenConnection.AQ trojan cleaned by deleting - quarantined
C:\Users\sam\AppData\Roaming\AB53.tmp a variant of Win32/Kryptik.VMC trojan cleaned by deleting - quarantined
C:\Users\sam\AppData\Roaming\C643.tmp a variant of Win32/Kryptik.VMC trojan cleaned by deleting - quarantined
C:\Users\sam\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_data\stubinst_pkg_en-us.cab Win32/OpenCandy application deleted - quarantined
C:\Users\sam\Downloads\winrar setup.exe a variant of Win32/Soft32Downloader.C application cleaned by deleting - quarantined
C:\Users\sam\Downloads\Your_file_download.exe a variant of Win32/Adware.MediaFinder.F application cleaned by deleting - quarantined
 



#8 mphelps06

mphelps06
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 15 May 2013 - 07:15 PM

That last post was the ESET log. Boopme, thanks so much. That seems to have taken care of the problem.

 

Is there a discussion somewhere that lays out the rationale for each step? Just curious. Feel free to ignore- I imagine you're quite busy.

 

Thanks again for your help.



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:01 PM

Posted 15 May 2013 - 08:05 PM

Hello. no nothing etched in stone..

 

But I went with ...You had a re direct. so in short

 

 I asked for Mini... that gives some system info.

Hosts file data which shows some types of redirects.

Tdds shows another

Adwcleaner or Malware bytes another

and ESET usually finds what others do not see.

 

And now if all's good...

You should  Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can re-infect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is:

  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  •  
  • Then use Disk Cleanup
  • to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically. Vista and Windows 7 users can refer to these links:
  • Create a New Restore Point in Vista
  • Create a New Restore Point in Windows 7 (alternate method)
  • Disk Cleanup in Vista
  • Disk Cleanup in Windows 7

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users