Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Excessive CPU usage - infection?


  • Please log in to reply
11 replies to this topic

#1 D&S+14

D&S+14

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:42 PM

Posted 15 May 2013 - 12:25 AM

Hello.  I'm running Windows 7 32-bit with AVG Free and the Windows Firewall.

 

I'm really not having any problems save for my processor constantly running at 40-50%, sometimes up to 80%.  Even when I kill all of the programs that I'm aware of, the CPU continues to "spin up."  It would really be nice to have that processing power available to actually do things.

 

I've scanned my computer with any number of anti-virus, anti-malware and anti root-kits but generally they only return "suspicious" files that I don't know, or files that really, really seem like they should be there (as in, looking at other forums, and they're supposed to be there).

 

Can anyone give me a helping hand on this one?

Many thanks.


Edited by D&S+14, 15 May 2013 - 11:29 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:42 PM

Posted 15 May 2013 - 10:12 AM

Hello, lets look a little farther.

 

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

 

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

 

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

 

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

>>>>>

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.

 

 

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

NOTE:Sometimes if ESET finds no infections it will not create a log.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 D&S+14

D&S+14
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:42 PM

Posted 15 May 2013 - 03:32 PM

Hello, thanks for the help.  These are all of the logs from the programs, posted in order.  Also the basic sytem information.  I don't know if that is any help at all, but at least it's more information.  The computer itself was purchased in 2006 under Windows Vista, later gifted to me with most of the software and then migrated to Windows 7.

 

systemdetails.jpg

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

 

 

---------------------------

MiniToolBox by Farbar  Version:21-04-2013
Ran by Administrator (administrator) on 15-05-2013 at 06:53:49
Running from "C:\Users\Administrator\Desktop"
Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom 802.11g Network Adapter = Wireless Network Connection (Connected)
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Hope
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-19-7D-B0-6E-B9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
   Physical Address. . . . . . . . . : 00-0F-B0-D3-6E-07
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter
   Physical Address. . . . . . . . . : 00-19-7D-B0-6E-B9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.66(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, May 14, 2013 7:13:14 PM
   Lease Expires . . . . . . . . . . : Thursday, May 16, 2013 5:48:14 AM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  home
Address:  192.168.1.254

Name:    google.com
Addresses:  2607:f8b0:4007:801::1008
      74.125.224.161
      74.125.224.162
      74.125.224.163
      74.125.224.164
      74.125.224.165
      74.125.224.166
      74.125.224.167
      74.125.224.168
      74.125.224.169
      74.125.224.174
      74.125.224.160


Pinging google.com [74.125.224.193] with 32 bytes of data:
Reply from 74.125.224.193: bytes=32 time=18ms TTL=55
Reply from 74.125.224.193: bytes=32 time=17ms TTL=55

Ping statistics for 74.125.224.193:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 17ms, Maximum = 18ms, Average = 17ms
Server:  home
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=731ms TTL=49
Reply from 206.190.36.45: bytes=32 time=917ms TTL=49

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 731ms, Maximum = 917ms, Average = 824ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...00 19 7d b0 6e b9 ......Microsoft Virtual WiFi Miniport Adapter
 11...00 0f b0 d3 6e 07 ......Realtek RTL8139/810x Family Fast Ethernet NIC
 10...00 19 7d b0 6e b9 ......Broadcom 802.11g Network Adapter
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.66     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.66    281
     192.168.1.66  255.255.255.255         On-link      192.168.1.66    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.66    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.66    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.66    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/13/2013 07:59:20 AM) (Source: Application Error) (User: )
Description: Faulting application name: audacity.exe, version: 2.0.3.0, time stamp: 0x50f9bdca
Faulting module name: wxbase28u_vc_custom.dll, version: 2.8.12.0, time stamp: 0x4ed419fc
Exception code: 0xc0000005
Fault offset: 0x00018780
Faulting process id: 0x16a0
Faulting application start time: 0xaudacity.exe0
Faulting application path: audacity.exe1
Faulting module path: audacity.exe2
Report Id: audacity.exe3

Error: (05/11/2013 06:03:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: EXTCON~1.DLL_unloaded, version: 0.0.0.0, time stamp: 0x2a425e19
Exception code: 0xc0000005
Fault offset: 0x042211dc
Faulting process id: 0x2af8
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3

Error: (05/09/2013 08:06:58 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

System Error:
The system cannot find the file specified.
.

Error: (05/09/2013 00:41:40 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

System Error:
The system cannot find the file specified.
.

Error: (05/09/2013 11:43:33 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

System Error:
The system cannot find the file specified.
.

Error: (05/09/2013 11:36:08 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

System Error:
The system cannot find the file specified.
.

Error: (05/09/2013 10:59:33 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

System Error:
The system cannot find the file specified.
.

Error: (05/09/2013 09:37:58 AM) (Source: ESENT) (User: )
Description: DllHost (4812) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (05/09/2013 09:37:58 AM) (Source: ESENT) (User: )
Description: DllHost (4812) WebCacheLocal: An attempt to open the file "C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (05/09/2013 09:37:48 AM) (Source: ESENT) (User: )
Description: DllHost (4812) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log.


System errors:
=============
Error: (05/14/2013 07:14:01 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (05/14/2013 07:13:21 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (05/14/2013 06:56:14 PM) (Source: Service Control Manager) (User: )
Description: The Freemake Improver service failed to start due to the following error:
%%3

Error: (05/14/2013 06:03:23 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (05/13/2013 06:17:34 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (05/12/2013 06:11:36 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR5.

Error: (05/11/2013 06:03:56 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (05/09/2013 06:59:18 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.

Error: (05/09/2013 10:30:53 AM) (Source: Ntfs) (User: )
Description: The default transaction resource manager on volume \\?\Volume{e53eae9e-f3c3-11e1-a9a3-000fb0d36e07} encountered a non-retryable error and could not start.  The data contains the error code.

Error: (05/09/2013 10:10:05 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058


Microsoft Office Sessions:
=========================
Error: (05/13/2013 07:59:20 AM) (Source: Application Error)(User: )
Description: audacity.exe2.0.3.050f9bdcawxbase28u_vc_custom.dll2.8.12.04ed419fcc00000050001878016a001ce5002abf75253C:\Program Files\Audacity\audacity.exeC:\Program Files\Audacity\wxbase28u_vc_custom.dlld59f4383-bbf6-11e2-b58a-000fb0d36e07

Error: (05/11/2013 06:03:03 PM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d6727a7EXTCON~1.DLL_unloaded0.0.0.02a425e19c0000005042211dc2af801ce4dacee0a7500C:\Windows\explorer.exeEXTCON~1.DLLd7a44b4e-bab8-11e2-b58a-000fb0d36e07

Error: (05/09/2013 08:06:58 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

System Error:
The system cannot find the file specified.

Error: (05/09/2013 00:41:40 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

System Error:
The system cannot find the file specified.

Error: (05/09/2013 11:43:33 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

System Error:
The system cannot find the file specified.

Error: (05/09/2013 11:36:08 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

System Error:
The system cannot find the file specified.

Error: (05/09/2013 10:59:33 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

System Error:
The system cannot find the file specified.

Error: (05/09/2013 09:37:58 AM) (Source: ESENT)(User: )
Description: DllHost4812WebCacheLocal: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)

Error: (05/09/2013 09:37:58 AM) (Source: ESENT)(User: )
Description: DllHost4812WebCacheLocal: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (05/09/2013 09:37:48 AM) (Source: ESENT)(User: )
Description: DllHost4812WebCacheLocal: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)


CodeIntegrity Errors:
===================================
  Date: 2012-11-01 07:08:23.244
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-10-31 23:16:18.258
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-10-31 21:20:04.245
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-10-31 21:08:40.284
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-10-31 20:53:44.069
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-10-31 20:32:45.171
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-10-31 20:23:22.176
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-10-31 20:05:35.479
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-10-31 19:57:48.375
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-10-31 19:46:29.772
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Adobe AIR (Version: 3.7.0.1530)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe Setup (Version: 1.0)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
Advanced SystemCare 6 (Version: 6.2)
Any Video Converter Professional 3.4.1
AoA Audio Extractor
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
Audacity 2.0.3 (Version: 2.0.3)
AVG 2013 (Version: 13.0.2904)
AVG 2013 (Version: 13.0.3162)
AVG 2013 (Version: 2013.0.2904)
AVG SafeGuard toolbar (Version: 15.2.0.5)
Axis & Allies (Version: 1.00.000)
Battlestations: Midway (Version: 1.00.0000)
Battlestations: Midway Patch V1.1 (Version: 1.00.0000)
Battlestations: Midway Patch V1.1.1 (Version: 1.00.0000)
Blowfish Advanced CS (Version: 2.57.122)
Bulk Rename Utility 2.7.1.2
BurnAware Free 6.2
Civilization III
Civilization III v1.29f
Converber 2.3.1 (Version: 2.3.1)
D3DX10 (Version: 15.4.2368.0902)
Extension Changer (Version: 0.5)
FastStone Photo Resizer 3.1 (Version: 3.1)
FFmpeg v0.6.2 for Audacity
Freespace 2
Freespace with Silent Threat Expansion
Google Earth (Version: 6.2.2.6613)
Google Earth Plug-in (Version: 7.0.1.8244)
Google Update Helper (Version: 1.3.21.145)
Heritage of Kings - The Settlers (Version: 1.00.0000)
Homeworld
Horizon33 (Version: 1.3.4)
ImgBurn (Version: 2.5.7.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1930)
IZArc 4.1.6 (Version: 4.1.6)
Jagged Alliance 2 Gold
Jagged Alliance 2 Gold - 1.12
Jane's Fleet Command
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
jStrip 3.3 (Version: 3.3)
K-Lite Codec Pack 9.3.0 (Standard) (Version: 9.3.0)
LAME v3.98.3 for Audacity
LucasArts' Rogue Squadron
LucasArts' Star Wars Rebellion
LucasArts' The Phantom Menace
LucasArts' TIE Fighter
LucasArts' XvT: Flight School
LucasArts' X-Wing
LucasArts' X-Wing Alliance
LView Pro Full Version
Macrium Reflect Free Edition (Version: 5.1.5870)
Magic ISO Maker v5.3 (build 0221)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Medieval II Total War (Version: 1.03.000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual J# .NET Redistributable Package 1.1 (Version: 1.1.4322)
Movie Maker (Version: 16.4.3505.0912)
Movie Studio Platinum 12.0 (Version: 12.0.333)
Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
Mozilla Thunderbird 17.0.5 (x86 en-US) (Version: 17.0.5)
Mp3tag v2.55a (Version: v2.55a)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT110 (Version: 16.4.1108.0727)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MUSHclient (remove only)
NirSoft ShellExView
OpenOffice.org 3.4.1 (Version: 3.41.9593)
Pacific Fighters (Version: 1.00.0000)
Paint.NET v3.5.10 (Version: 3.60.0)
Photo Gallery (Version: 16.4.3505.0912)
Port Royale 2
QuickTime (Version: 7.73.80.64)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
RealUpgrade 1.1 (Version: 1.1.0)
Sid Meier's Pirates! (Version: 1.00.0000)
Sid Meier's Planetary Pack
Smart Defrag 2 (Version: 2.7)
SnapShot (Version: 1.0.6)
Star Trek: Armada
Star Wars - Force Commander
Star Wars Battlefront II (Version: 1.0)
Star Wars Empire at War (Version: 1.0)
Star Wars Empire at War Forces of Corruption (Version: 1.0)
Star Wars Galactic Battlegrounds: Saga
Star Wars Jedi Knight Jedi Academy
Star Wars® Knights of the Old Republic® II: The Sith Lords™ (Version: 1.00.0000)
Star Wars®: Knights of the Old Republic ™
swMSM (Version: 12.0.0.1)
tinySpell 1.9.44
Tixati
Trillian
Tropico
Unlocker 1.9.1 (Version: 1.9.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VisiPics V1.30
VLC media player 2.0.3 (Version: 2.0.3)
Winamp (Version: 5.63 )
Windows Automated Installation Kit (Version: 2.0.0.0)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
Wing Commander Prophecy
Wing Commander Secret Ops
WinPcap 4.1.2 (Version: 4.1.0.2001)
X-Wing & TIE Fighter 95 Compatibility Fix
ZoneAlarm LTD Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 2038.49 MB
Available physical RAM: 1393.46 MB
Total Pagefile: 4076.98 MB
Available Pagefile: 2863.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1931.95 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.2 GB) (Free:62.91 GB) NTFS
3 Drive f: (Seagate FreeAgent Drive) (Fixed) (Total:298.09 GB) (Free:44.35 GB) NTFS
4 Drive g: (SUPERDRIVE) (Removable) (Total:29.8 GB) (Free:16.23 GB) FAT32

========================= Users: ========================================

User accounts for \\HOPE

Administrator            ASPNET                   Guest                    


**** End of log ****
 

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

 

06:55:34.0546 1388  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
06:55:35.0117 1388  ============================================================
06:55:35.0117 1388  Current date / time: 2013/05/15 06:55:35.0117
06:55:35.0117 1388  SystemInfo:
06:55:35.0117 1388  
06:55:35.0117 1388  OS Version: 6.1.7601 ServicePack: 1.0
06:55:35.0117 1388  Product type: Workstation
06:55:35.0117 1388  ComputerName: HOPE
06:55:35.0117 1388  UserName: Administrator
06:55:35.0117 1388  Windows directory: C:\Windows
06:55:35.0117 1388  System windows directory: C:\Windows
06:55:35.0117 1388  Processor architecture: Intel x86
06:55:35.0117 1388  Number of processors: 2
06:55:35.0117 1388  Page size: 0x1000
06:55:35.0117 1388  Boot type: Normal boot
06:55:35.0117 1388  ============================================================
06:55:36.0646 1388  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
06:55:36.0646 1388  Drive \Device\Harddisk1\DR1 - Size: 0x4A85D55C00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9CFD, SectorsPerTrack: 0x3D, TracksPerCylinder: 0xFF, Type 'W'
06:55:36.0973 1388  Drive \Device\Harddisk2\DR2 - Size: 0x774488000 (29.82 Gb), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
06:55:36.0973 1388  ============================================================
06:55:36.0973 1388  \Device\Harddisk0\DR0:
06:55:36.0973 1388  MBR partitions:
06:55:36.0973 1388  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x15E800, BlocksNum 0x1D066970
06:55:36.0973 1388  \Device\Harddisk1\DR1:
06:55:37.0036 1388  MBR partitions:
06:55:37.0036 1388  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D680
06:55:37.0036 1388  \Device\Harddisk2\DR2:
06:55:37.0036 1388  MBR partitions:
06:55:37.0036 1388  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x3BA2420
06:55:37.0036 1388  ============================================================
06:55:37.0067 1388  C: <-> \Device\Harddisk0\DR0\Partition1
06:55:37.0114 1388  F: <-> \Device\Harddisk1\DR1\Partition1
06:55:37.0114 1388  ============================================================
06:55:37.0114 1388  Initialize success
06:55:37.0114 1388  ============================================================
06:56:17.0884 5964  ============================================================
06:56:17.0884 5964  Scan started
06:56:17.0884 5964  Mode: Manual; TDLFS;
06:56:17.0884 5964  ============================================================
06:56:19.0975 5964  ================ Scan system memory ========================
06:56:19.0975 5964  System memory - ok
06:56:19.0975 5964  ================ Scan services =============================
06:56:20.0179 5964  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
06:56:20.0194 5964  1394ohci - ok
06:56:20.0210 5964  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
06:56:20.0225 5964  ACPI - ok
06:56:20.0272 5964  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
06:56:20.0288 5964  AcpiPmi - ok
06:56:20.0397 5964  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
06:56:20.0397 5964  AdobeARMservice - ok
06:56:20.0444 5964  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
06:56:20.0459 5964  AdobeFlashPlayerUpdateSvc - ok
06:56:20.0522 5964  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
06:56:20.0537 5964  adp94xx - ok
06:56:20.0600 5964  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
06:56:20.0615 5964  adpahci - ok
06:56:20.0647 5964  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
06:56:20.0647 5964  adpu320 - ok
06:56:20.0725 5964  [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
06:56:20.0740 5964  AdvancedSystemCareService6 - ok
06:56:20.0787 5964  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
06:56:20.0803 5964  AeLookupSvc - ok
06:56:20.0834 5964  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
06:56:20.0865 5964  AFD - ok
06:56:20.0927 5964  [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
06:56:20.0974 5964  AgereSoftModem - ok
06:56:21.0037 5964  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
06:56:21.0037 5964  agp440 - ok
06:56:21.0083 5964  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
06:56:21.0083 5964  aic78xx - ok
06:56:21.0130 5964  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
06:56:21.0130 5964  ALG - ok
06:56:21.0161 5964  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
06:56:21.0161 5964  aliide - ok
06:56:21.0208 5964  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
06:56:21.0208 5964  amdagp - ok
06:56:21.0224 5964  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
06:56:21.0239 5964  amdide - ok
06:56:21.0271 5964  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
06:56:21.0286 5964  AmdK8 - ok
06:56:21.0302 5964  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
06:56:21.0317 5964  AmdPPM - ok
06:56:21.0364 5964  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
06:56:21.0380 5964  amdsata - ok
06:56:21.0395 5964  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
06:56:21.0411 5964  amdsbs - ok
06:56:21.0427 5964  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
06:56:21.0427 5964  amdxata - ok
06:56:21.0473 5964  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
06:56:21.0473 5964  AppID - ok
06:56:21.0505 5964  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
06:56:21.0520 5964  AppIDSvc - ok
06:56:21.0567 5964  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
06:56:21.0567 5964  Appinfo - ok
06:56:21.0645 5964  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
06:56:21.0661 5964  arc - ok
06:56:21.0692 5964  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
06:56:21.0692 5964  arcsas - ok
06:56:21.0801 5964  [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
06:56:21.0817 5964  aspnet_state - ok
06:56:21.0848 5964  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
06:56:21.0848 5964  AsyncMac - ok
06:56:21.0895 5964  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
06:56:21.0895 5964  atapi - ok
06:56:21.0941 5964  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:56:21.0957 5964  AudioEndpointBuilder - ok
06:56:21.0988 5964  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
06:56:21.0988 5964  Audiosrv - ok
06:56:22.0207 5964  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
06:56:22.0331 5964  AVGIDSAgent - ok
06:56:22.0378 5964  [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
06:56:22.0394 5964  AVGIDSDriver - ok
06:56:22.0425 5964  [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
06:56:22.0425 5964  AVGIDSHX - ok
06:56:22.0441 5964  [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
06:56:22.0441 5964  AVGIDSShim - ok
06:56:22.0487 5964  [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
06:56:22.0487 5964  Avgldx86 - ok
06:56:22.0534 5964  [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
06:56:22.0550 5964  Avglogx - ok
06:56:22.0612 5964  [ AF7AA9BA434CD28833A66E90993E8DFD ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
06:56:22.0612 5964  Avgmfx86 - ok
06:56:22.0643 5964  [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
06:56:22.0643 5964  Avgrkx86 - ok
06:56:22.0675 5964  [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
06:56:22.0675 5964  Avgtdix - ok
06:56:22.0737 5964  [ 543E3EA927AD7FCBCFAB9617CED8ED67 ] avgtp           C:\Windows\system32\drivers\avgtpx86.sys
06:56:22.0753 5964  avgtp - ok
06:56:22.0799 5964  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
06:56:22.0799 5964  avgwd - ok
06:56:22.0846 5964  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
06:56:22.0862 5964  AxInstSV - ok
06:56:22.0909 5964  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
06:56:22.0924 5964  b06bdrv - ok
06:56:22.0955 5964  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
06:56:22.0971 5964  b57nd60x - ok
06:56:23.0189 5964  [ F9CE9B5E049EFC66B8E6C73C18EE8438 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
06:56:23.0252 5964  BCM43XX - ok
06:56:23.0283 5964  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
06:56:23.0299 5964  BDESVC - ok
06:56:23.0314 5964  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
06:56:23.0330 5964  Beep - ok
06:56:23.0470 5964  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
06:56:23.0501 5964  BFE - ok
06:56:23.0579 5964  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
06:56:23.0642 5964  BITS - ok
06:56:23.0657 5964  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
06:56:23.0673 5964  blbdrive - ok
06:56:23.0704 5964  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
06:56:23.0735 5964  bowser - ok
06:56:23.0782 5964  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:56:23.0782 5964  BrFiltLo - ok
06:56:23.0813 5964  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:56:23.0813 5964  BrFiltUp - ok
06:56:23.0860 5964  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
06:56:23.0860 5964  Browser - ok
06:56:23.0907 5964  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
06:56:23.0907 5964  Brserid - ok
06:56:23.0938 5964  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
06:56:23.0954 5964  BrSerWdm - ok
06:56:23.0969 5964  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
06:56:23.0969 5964  BrUsbMdm - ok
06:56:23.0985 5964  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
06:56:23.0985 5964  BrUsbSer - ok
06:56:24.0016 5964  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
06:56:24.0016 5964  BTHMODEM - ok
06:56:24.0063 5964  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
06:56:24.0063 5964  bthserv - ok
06:56:24.0094 5964  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
06:56:24.0094 5964  cdfs - ok
06:56:24.0141 5964  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
06:56:24.0141 5964  cdrom - ok
06:56:24.0188 5964  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
06:56:24.0188 5964  CertPropSvc - ok
06:56:24.0203 5964  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
06:56:24.0219 5964  circlass - ok
06:56:24.0250 5964  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
06:56:24.0266 5964  CLFS - ok
06:56:24.0297 5964  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:56:24.0313 5964  clr_optimization_v2.0.50727_32 - ok
06:56:24.0391 5964  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:56:24.0422 5964  clr_optimization_v4.0.30319_32 - ok
06:56:24.0453 5964  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
06:56:24.0469 5964  CmBatt - ok
06:56:24.0500 5964  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
06:56:24.0515 5964  cmdide - ok
06:56:24.0547 5964  [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG             C:\Windows\system32\Drivers\cng.sys
06:56:24.0562 5964  CNG - ok
06:56:24.0625 5964  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
06:56:24.0640 5964  Compbatt - ok
06:56:24.0734 5964  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
06:56:24.0781 5964  CompositeBus - ok
06:56:24.0796 5964  COMSysApp - ok
06:56:24.0843 5964  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
06:56:24.0874 5964  crcdisk - ok
06:56:24.0968 5964  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
06:56:24.0968 5964  CryptSvc - ok
06:56:25.0030 5964  [ 418114393BFCCE0B4F7CAE96405F4428 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
06:56:25.0046 5964  dc3d - ok
06:56:25.0124 5964  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
06:56:25.0171 5964  DcomLaunch - ok
06:56:25.0233 5964  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
06:56:25.0265 5964  defragsvc - ok
06:56:25.0296 5964  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
06:56:25.0312 5964  DfsC - ok
06:56:25.0359 5964  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
06:56:25.0390 5964  Dhcp - ok
06:56:25.0421 5964  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
06:56:25.0421 5964  discache - ok
06:56:25.0452 5964  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
06:56:25.0452 5964  Disk - ok
06:56:25.0484 5964  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
06:56:25.0530 5964  Dnscache - ok
06:56:25.0577 5964  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
06:56:25.0608 5964  dot3svc - ok
06:56:25.0702 5964  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
06:56:25.0718 5964  DPS - ok
06:56:25.0749 5964  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
06:56:25.0764 5964  drmkaud - ok
06:56:25.0827 5964  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
06:56:25.0858 5964  DXGKrnl - ok
06:56:25.0905 5964  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
06:56:25.0920 5964  EapHost - ok
06:56:26.0264 5964  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
06:56:26.0373 5964  ebdrv - ok
06:56:26.0420 5964  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
06:56:26.0435 5964  EFS - ok
06:56:26.0529 5964  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
06:56:26.0560 5964  ehRecvr - ok
06:56:26.0591 5964  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
06:56:26.0591 5964  ehSched - ok
06:56:26.0700 5964  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
06:56:26.0716 5964  elxstor - ok
06:56:26.0778 5964  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
06:56:26.0778 5964  ErrDev - ok
06:56:26.0856 5964  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
06:56:26.0888 5964  EventSystem - ok
06:56:26.0903 5964  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
06:56:26.0919 5964  exfat - ok
06:56:26.0950 5964  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
06:56:26.0950 5964  fastfat - ok
06:56:27.0012 5964  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
06:56:27.0044 5964  Fax - ok
06:56:27.0090 5964  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
06:56:27.0106 5964  fdc - ok
06:56:27.0137 5964  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
06:56:27.0153 5964  fdPHost - ok
06:56:27.0200 5964  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
06:56:27.0231 5964  FDResPub - ok
06:56:27.0246 5964  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
06:56:27.0262 5964  FileInfo - ok
06:56:27.0278 5964  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
06:56:27.0293 5964  Filetrace - ok
06:56:27.0340 5964  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
06:56:27.0371 5964  FLEXnet Licensing Service - ok
06:56:27.0387 5964  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
06:56:27.0402 5964  flpydisk - ok
06:56:27.0418 5964  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
06:56:27.0418 5964  FltMgr - ok
06:56:27.0558 5964  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
06:56:27.0636 5964  FontCache - ok
06:56:27.0730 5964  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
06:56:27.0730 5964  FontCache3.0.0.0 - ok
06:56:27.0761 5964  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
06:56:27.0777 5964  FsDepends - ok
06:56:27.0808 5964  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
06:56:27.0824 5964  Fs_Rec - ok
06:56:27.0870 5964  [ E306A24D9694C724FA2491278BF50FDB ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
06:56:27.0886 5964  fvevol - ok
06:56:27.0933 5964  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
06:56:27.0933 5964  gagp30kx - ok
06:56:28.0011 5964  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
06:56:28.0042 5964  gpsvc - ok
06:56:28.0104 5964  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
06:56:28.0104 5964  gupdate - ok
06:56:28.0120 5964  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
06:56:28.0120 5964  gupdatem - ok
06:56:28.0151 5964  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
06:56:28.0151 5964  hcw85cir - ok
06:56:28.0198 5964  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:56:28.0214 5964  HdAudAddService - ok
06:56:28.0245 5964  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
06:56:28.0245 5964  HDAudBus - ok
06:56:28.0276 5964  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
06:56:28.0276 5964  HidBatt - ok
06:56:28.0307 5964  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
06:56:28.0323 5964  HidBth - ok
06:56:28.0338 5964  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
06:56:28.0338 5964  HidIr - ok
06:56:28.0385 5964  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
06:56:28.0401 5964  hidserv - ok
06:56:28.0416 5964  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
06:56:28.0432 5964  HidUsb - ok
06:56:28.0479 5964  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
06:56:28.0494 5964  hkmsvc - ok
06:56:28.0557 5964  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
06:56:28.0588 5964  HomeGroupListener - ok
06:56:28.0635 5964  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
06:56:28.0682 5964  HomeGroupProvider - ok
06:56:28.0728 5964  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
06:56:28.0744 5964  HpSAMD - ok
06:56:28.0822 5964  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
06:56:28.0838 5964  HTTP - ok
06:56:28.0884 5964  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
06:56:28.0900 5964  hwpolicy - ok
06:56:28.0931 5964  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
06:56:28.0947 5964  i8042prt - ok
06:56:28.0994 5964  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
06:56:29.0009 5964  iaStorV - ok
06:56:29.0056 5964  [ DAF66902F08796F9C694901660E5A64A ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
06:56:29.0056 5964  IDriverT - ok
06:56:29.0212 5964  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
06:56:29.0243 5964  idsvc - ok
06:56:29.0477 5964  [ 9467514EA189475A6E7FDC5D7BDE9D3F ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
06:56:29.0633 5964  igfx - ok
06:56:29.0680 5964  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
06:56:29.0680 5964  iirsp - ok
06:56:29.0742 5964  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
06:56:29.0820 5964  IKEEXT - ok
06:56:29.0867 5964  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
06:56:29.0867 5964  intelide - ok
06:56:29.0914 5964  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
06:56:29.0914 5964  intelppm - ok
06:56:29.0961 5964  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
06:56:29.0992 5964  IPBusEnum - ok
06:56:30.0023 5964  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:56:30.0023 5964  IpFilterDriver - ok
06:56:30.0070 5964  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
06:56:30.0101 5964  iphlpsvc - ok
06:56:30.0148 5964  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
06:56:30.0148 5964  IPMIDRV - ok
06:56:30.0179 5964  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
06:56:30.0195 5964  IPNAT - ok
06:56:30.0210 5964  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
06:56:30.0210 5964  IRENUM - ok
06:56:30.0242 5964  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
06:56:30.0257 5964  isapnp - ok
06:56:30.0357 5964  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
06:56:30.0372 5964  iScsiPrt - ok
06:56:30.0388 5964  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
06:56:30.0388 5964  kbdclass - ok
06:56:30.0419 5964  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
06:56:30.0435 5964  kbdhid - ok
06:56:30.0450 5964  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
06:56:30.0482 5964  KeyIso - ok
06:56:30.0513 5964  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
06:56:30.0528 5964  KSecDD - ok
06:56:30.0544 5964  [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
06:56:30.0560 5964  KSecPkg - ok
06:56:30.0606 5964  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
06:56:30.0653 5964  KtmRm - ok
06:56:30.0700 5964  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
06:56:30.0747 5964  LanmanServer - ok
06:56:30.0794 5964  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:56:30.0840 5964  LanmanWorkstation - ok
06:56:30.0918 5964  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
06:56:30.0918 5964  lltdio - ok
06:56:30.0981 5964  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
06:56:31.0043 5964  lltdsvc - ok
06:56:31.0059 5964  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
06:56:31.0090 5964  lmhosts - ok
06:56:31.0121 5964  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
06:56:31.0121 5964  LSI_FC - ok
06:56:31.0152 5964  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
06:56:31.0152 5964  LSI_SAS - ok
06:56:31.0184 5964  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
06:56:31.0199 5964  LSI_SAS2 - ok
06:56:31.0230 5964  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
06:56:31.0230 5964  LSI_SCSI - ok
06:56:31.0262 5964  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
06:56:31.0262 5964  luafv - ok
06:56:31.0324 5964  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
06:56:31.0355 5964  Mcx2Svc - ok
06:56:31.0386 5964  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
06:56:31.0402 5964  megasas - ok
06:56:31.0418 5964  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
06:56:31.0433 5964  MegaSR - ok
06:56:31.0464 5964  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
06:56:31.0496 5964  MMCSS - ok
06:56:31.0511 5964  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
06:56:31.0511 5964  Modem - ok
06:56:31.0542 5964  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
06:56:31.0542 5964  monitor - ok
06:56:31.0574 5964  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
06:56:31.0589 5964  mouclass - ok
06:56:31.0605 5964  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
06:56:31.0620 5964  mouhid - ok
06:56:31.0667 5964  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
06:56:31.0667 5964  mountmgr - ok
06:56:31.0714 5964  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
06:56:31.0714 5964  MozillaMaintenance - ok
06:56:31.0761 5964  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
06:56:31.0776 5964  mpio - ok
06:56:31.0808 5964  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
06:56:31.0823 5964  mpsdrv - ok
06:56:31.0870 5964  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
06:56:31.0932 5964  MpsSvc - ok
06:56:31.0979 5964  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
06:56:31.0995 5964  MRxDAV - ok
06:56:32.0042 5964  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
06:56:32.0042 5964  mrxsmb - ok
06:56:32.0088 5964  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:56:32.0104 5964  mrxsmb10 - ok
06:56:32.0151 5964  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:56:32.0151 5964  mrxsmb20 - ok
06:56:32.0182 5964  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
06:56:32.0182 5964  msahci - ok
06:56:32.0213 5964  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
06:56:32.0213 5964  msdsm - ok
06:56:32.0244 5964  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
06:56:32.0276 5964  MSDTC - ok
06:56:32.0322 5964  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
06:56:32.0338 5964  Msfs - ok
06:56:32.0369 5964  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
06:56:32.0369 5964  mshidkmdf - ok
06:56:32.0416 5964  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
06:56:32.0432 5964  msisadrv - ok
06:56:32.0463 5964  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
06:56:32.0494 5964  MSiSCSI - ok
06:56:32.0510 5964  msiserver - ok
06:56:32.0525 5964  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
06:56:32.0541 5964  MSKSSRV - ok
06:56:32.0603 5964  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
06:56:32.0603 5964  MSPCLOCK - ok
06:56:32.0619 5964  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
06:56:32.0634 5964  MSPQM - ok
06:56:32.0666 5964  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
06:56:32.0666 5964  MsRPC - ok
06:56:32.0712 5964  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
06:56:32.0712 5964  mssmbios - ok
06:56:32.0728 5964  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
06:56:32.0744 5964  MSTEE - ok
06:56:32.0775 5964  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
06:56:32.0775 5964  MTConfig - ok
06:56:32.0806 5964  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
06:56:32.0806 5964  Mup - ok
06:56:32.0853 5964  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
06:56:32.0900 5964  napagent - ok
06:56:32.0915 5964  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
06:56:32.0931 5964  NativeWifiP - ok
06:56:32.0993 5964  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
06:56:33.0009 5964  NDIS - ok
06:56:33.0040 5964  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
06:56:33.0056 5964  NdisCap - ok
06:56:33.0071 5964  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
06:56:33.0087 5964  NdisTapi - ok
06:56:33.0118 5964  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
06:56:33.0118 5964  Ndisuio - ok
06:56:33.0165 5964  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
06:56:33.0180 5964  NdisWan - ok
06:56:33.0196 5964  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
06:56:33.0212 5964  NDProxy - ok
06:56:33.0227 5964  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
06:56:33.0243 5964  NetBIOS - ok
06:56:33.0274 5964  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
06:56:33.0290 5964  NetBT - ok
06:56:33.0336 5964  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
06:56:33.0368 5964  Netlogon - ok
06:56:33.0414 5964  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
06:56:33.0461 5964  Netman - ok
06:56:33.0492 5964  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
06:56:33.0555 5964  netprofm - ok
06:56:33.0633 5964  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
06:56:33.0664 5964  NetTcpPortSharing - ok
06:56:33.0726 5964  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
06:56:33.0726 5964  nfrd960 - ok
06:56:33.0804 5964  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
06:56:33.0851 5964  NlaSvc - ok
06:56:33.0898 5964  [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] npf             C:\Windows\system32\drivers\npf.sys
06:56:33.0914 5964  npf - ok
06:56:33.0929 5964  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
06:56:33.0945 5964  Npfs - ok
06:56:33.0976 5964  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
06:56:34.0007 5964  nsi - ok
06:56:34.0038 5964  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
06:56:34.0038 5964  nsiproxy - ok
06:56:34.0132 5964  [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
06:56:34.0163 5964  Ntfs - ok
06:56:34.0194 5964  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
06:56:34.0194 5964  Null - ok
06:56:34.0257 5964  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
06:56:34.0257 5964  nvraid - ok
06:56:34.0288 5964  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
06:56:34.0288 5964  nvstor - ok
06:56:34.0319 5964  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
06:56:34.0335 5964  nv_agp - ok
06:56:34.0382 5964  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
06:56:34.0382 5964  ohci1394 - ok
06:56:34.0475 5964  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
06:56:34.0522 5964  p2pimsvc - ok
06:56:34.0584 5964  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
06:56:34.0662 5964  p2psvc - ok
06:56:34.0709 5964  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
06:56:34.0725 5964  Parport - ok
06:56:34.0756 5964  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
06:56:34.0772 5964  partmgr - ok
06:56:34.0787 5964  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
06:56:34.0787 5964  Parvdm - ok
06:56:34.0818 5964  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
06:56:34.0865 5964  PcaSvc - ok
06:56:34.0912 5964  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
06:56:34.0912 5964  pci - ok
06:56:34.0943 5964  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
06:56:34.0943 5964  pciide - ok
06:56:34.0990 5964  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
06:56:35.0006 5964  pcmcia - ok
06:56:35.0099 5964  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
06:56:35.0162 5964  pcw - ok
06:56:35.0302 5964  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
06:56:35.0356 5964  PEAUTH - ok
06:56:35.0481 5964  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
06:56:35.0590 5964  pla - ok
06:56:35.0652 5964  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
06:56:35.0715 5964  PlugPlay - ok
06:56:35.0746 5964  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
06:56:35.0793 5964  PNRPAutoReg - ok
06:56:35.0824 5964  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
06:56:35.0855 5964  PNRPsvc - ok
06:56:35.0902 5964  [ 226BAACBFA1BA1A4937935DBC23CB1CD ] Point32         C:\Windows\system32\DRIVERS\point32.sys
06:56:35.0902 5964  Point32 - ok
06:56:35.0949 5964  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
06:56:35.0980 5964  PolicyAgent - ok
06:56:36.0042 5964  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
06:56:36.0089 5964  Power - ok
06:56:36.0136 5964  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
06:56:36.0136 5964  PptpMiniport - ok
06:56:36.0167 5964  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
06:56:36.0167 5964  Processor - ok
06:56:36.0229 5964  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
06:56:36.0276 5964  ProfSvc - ok
06:56:36.0323 5964  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
06:56:36.0339 5964  ProtectedStorage - ok
06:56:36.0370 5964  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
06:56:36.0385 5964  Psched - ok
06:56:36.0417 5964  [ D252A1B7DE9D521B9F8C193AE2759850 ] pssnap          C:\Windows\system32\DRIVERS\pssnap.sys
06:56:36.0432 5964  pssnap - ok
06:56:36.0463 5964  [ 9F074D9AE28CC00CF481C82D36212E20 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
06:56:36.0479 5964  PxHelp20 - ok
06:56:36.0541 5964  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
06:56:36.0635 5964  ql2300 - ok
06:56:36.0697 5964  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
06:56:36.0697 5964  ql40xx - ok
06:56:36.0744 5964  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
06:56:36.0807 5964  QWAVE - ok
06:56:36.0822 5964  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
06:56:36.0838 5964  QWAVEdrv - ok
06:56:36.0853 5964  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
06:56:36.0869 5964  RasAcd - ok
06:56:36.0916 5964  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
06:56:36.0916 5964  RasAgileVpn - ok
06:56:36.0963 5964  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
06:56:37.0041 5964  RasAuto - ok
06:56:37.0072 5964  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
06:56:37.0072 5964  Rasl2tp - ok
06:56:37.0134 5964  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
06:56:37.0181 5964  RasMan - ok
06:56:37.0212 5964  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
06:56:37.0228 5964  RasPppoe - ok
06:56:37.0243 5964  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
06:56:37.0259 5964  RasSstp - ok
06:56:37.0306 5964  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
06:56:37.0321 5964  rdbss - ok
06:56:37.0337 5964  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
06:56:37.0353 5964  rdpbus - ok
06:56:37.0384 5964  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
06:56:37.0415 5964  RDPCDD - ok
06:56:37.0446 5964  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
06:56:37.0446 5964  RDPENCDD - ok
06:56:37.0477 5964  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
06:56:37.0477 5964  RDPREFMP - ok
06:56:37.0524 5964  [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
06:56:37.0524 5964  RdpVideoMiniport - ok
06:56:37.0602 5964  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
06:56:37.0602 5964  RDPWD - ok
06:56:37.0649 5964  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
06:56:37.0665 5964  rdyboost - ok
06:56:37.0758 5964  [ 23F9FEFB64F1C9DC283EAD5D74B7BD3B ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
06:56:37.0758 5964  ReflectService.exe - ok
06:56:37.0836 5964  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
06:56:37.0867 5964  RemoteAccess - ok
06:56:37.0899 5964  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
06:56:37.0945 5964  RemoteRegistry - ok
06:56:37.0977 5964  [ D65AC8797F0286ED269500747D6290A4 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
06:56:37.0992 5964  rimmptsk - ok
06:56:38.0039 5964  [ 9BFB54D3559F2FF7301271D29D383564 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
06:56:38.0039 5964  rimsptsk - ok
06:56:38.0086 5964  [ DCB87DA83CC1010CBC9FC4DC9E395BBC ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
06:56:38.0101 5964  rismxdp - ok
06:56:38.0117 5964  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
06:56:38.0164 5964  RpcEptMapper - ok
06:56:38.0195 5964  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
06:56:38.0211 5964  RpcLocator - ok
06:56:38.0257 5964  [ 6684437F3628EF237C354F77D33426D1 ] rpcnet          C:\Windows\system32\rpcnet.exe
06:56:38.0304 5964  rpcnet - ok
06:56:38.0320 5964  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
06:56:38.0367 5964  RpcSs - ok
06:56:38.0429 5964  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
06:56:38.0429 5964  rspndr - ok
06:56:38.0476 5964  [ 166911EADA13CD34DD8F8C667707BE94 ] RTL8023xp       C:\Windows\system32\DRIVERS\Rtnicxp.sys
06:56:38.0476 5964  RTL8023xp - ok
06:56:38.0523 5964  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
06:56:38.0554 5964  SamSs - ok
06:56:38.0585 5964  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
06:56:38.0585 5964  sbp2port - ok
06:56:38.0632 5964  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
06:56:38.0694 5964  SCardSvr - ok
06:56:38.0741 5964  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
06:56:38.0757 5964  scfilter - ok
06:56:38.0803 5964  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
06:56:38.0881 5964  Schedule - ok
06:56:38.0897 5964  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
06:56:38.0913 5964  SCPolicySvc - ok
06:56:38.0944 5964  [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus           C:\Windows\system32\drivers\sdbus.sys
06:56:38.0944 5964  sdbus - ok
06:56:39.0006 5964  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
06:56:39.0053 5964  SDRSVC - ok
06:56:39.0100 5964  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
06:56:39.0100 5964  secdrv - ok
06:56:39.0147 5964  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
06:56:39.0178 5964  seclogon - ok
06:56:39.0209 5964  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
06:56:39.0256 5964  SENS - ok
06:56:39.0287 5964  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
06:56:39.0318 5964  SensrSvc - ok
06:56:39.0349 5964  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
06:56:39.0349 5964  Serenum - ok
06:56:39.0381 5964  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
06:56:39.0381 5964  Serial - ok
06:56:39.0427 5964  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
06:56:39.0427 5964  sermouse - ok
06:56:39.0490 5964  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
06:56:39.0537 5964  SessionEnv - ok
06:56:39.0599 5964  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
06:56:39.0615 5964  sffdisk - ok
06:56:39.0630 5964  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
06:56:39.0646 5964  sffp_mmc - ok
06:56:39.0661 5964  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
06:56:39.0661 5964  sffp_sd - ok
06:56:39.0708 5964  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
06:56:39.0708 5964  sfloppy - ok
06:56:39.0802 5964  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
06:56:39.0833 5964  SharedAccess - ok
06:56:39.0927 5964  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:56:39.0973 5964  ShellHWDetection - ok
06:56:40.0020 5964  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
06:56:40.0020 5964  sisagp - ok
06:56:40.0051 5964  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
06:56:40.0083 5964  SiSRaid2 - ok
06:56:40.0098 5964  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
06:56:40.0114 5964  SiSRaid4 - ok
06:56:40.0145 5964  [ BF302072DC8374CF4E118FD88AA817A2 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
06:56:40.0145 5964  SmartDefragDriver - ok
06:56:40.0176 5964  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
06:56:40.0192 5964  Smb - ok
06:56:40.0254 5964  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
06:56:40.0301 5964  SNMPTRAP - ok
06:56:40.0348 5964  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
06:56:40.0348 5964  spldr - ok
06:56:40.0459 5964  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
06:56:40.0521 5964  Spooler - ok
06:56:40.0724 5964  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
06:56:40.0802 5964  sppsvc - ok
06:56:40.0849 5964  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
06:56:40.0896 5964  sppuinotify - ok
06:56:40.0927 5964  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
06:56:40.0943 5964  srv - ok
06:56:40.0989 5964  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
06:56:41.0005 5964  srv2 - ok
06:56:41.0052 5964  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
06:56:41.0052 5964  srvnet - ok
06:56:41.0114 5964  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
06:56:41.0161 5964  SSDPSRV - ok
06:56:41.0208 5964  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
06:56:41.0239 5964  SstpSvc - ok
06:56:41.0286 5964  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
06:56:41.0286 5964  stexstor - ok
06:56:41.0333 5964  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
06:56:41.0395 5964  StiSvc - ok
06:56:41.0442 5964  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
06:56:41.0442 5964  swenum - ok
06:56:41.0473 5964  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
06:56:41.0535 5964  swprv - ok
06:56:41.0629 5964  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
06:56:41.0707 5964  SysMain - ok
06:56:41.0769 5964  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:56:41.0816 5964  TabletInputService - ok
06:56:41.0863 5964  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
06:56:41.0925 5964  TapiSrv - ok
06:56:41.0972 5964  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
06:56:42.0019 5964  TBS - ok
06:56:42.0081 5964  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
06:56:42.0144 5964  Tcpip - ok
06:56:42.0175 5964  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
06:56:42.0206 5964  TCPIP6 - ok
06:56:42.0253 5964  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
06:56:42.0253 5964  tcpipreg - ok
06:56:42.0315 5964  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
06:56:42.0331 5964  TDPIPE - ok
06:56:42.0362 5964  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
06:56:42.0362 5964  TDTCP - ok
06:56:42.0425 5964  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
06:56:42.0425 5964  tdx - ok
06:56:42.0456 5964  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
06:56:42.0471 5964  TermDD - ok
06:56:42.0518 5964  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
06:56:42.0581 5964  TermService - ok
06:56:42.0627 5964  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
06:56:42.0674 5964  Themes - ok
06:56:42.0690 5964  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
06:56:42.0721 5964  THREADORDER - ok
06:56:42.0752 5964  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
06:56:42.0799 5964  TrkWks - ok
06:56:42.0877 5964  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:56:42.0877 5964  TrustedInstaller - ok
06:56:42.0924 5964  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
06:56:42.0924 5964  tssecsrv - ok
06:56:42.0971 5964  [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
06:56:42.0971 5964  TsUsbFlt - ok
06:56:43.0033 5964  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
06:56:43.0049 5964  tunnel - ok
06:56:43.0095 5964  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
06:56:43.0095 5964  uagp35 - ok
06:56:43.0158 5964  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
06:56:43.0173 5964  udfs - ok
06:56:43.0236 5964  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
06:56:43.0283 5964  UI0Detect - ok
06:56:43.0298 5964  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
06:56:43.0329 5964  uliagpkx - ok
06:56:43.0361 5964  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
06:56:43.0361 5964  umbus - ok
06:56:43.0392 5964  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
06:56:43.0407 5964  UmPass - ok
06:56:43.0470 5964  [ BB879DCFD22926EFBEB3298129898CBB ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
06:56:43.0517 5964  UnlockerDriver5 - ok
06:56:43.0563 5964  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
06:56:43.0626 5964  upnphost - ok
06:56:43.0657 5964  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
06:56:43.0673 5964  usbaudio - ok
06:56:43.0704 5964  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
06:56:43.0719 5964  usbccgp - ok
06:56:43.0766 5964  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
06:56:43.0782 5964  usbcir - ok
06:56:43.0813 5964  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
06:56:43.0813 5964  usbehci - ok
06:56:43.0844 5964  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
06:56:43.0860 5964  usbhub - ok
06:56:43.0891 5964  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
06:56:43.0891 5964  usbohci - ok
06:56:43.0938 5964  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
06:56:43.0953 5964  usbprint - ok
06:56:44.0000 5964  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
06:56:44.0000 5964  usbscan - ok
06:56:44.0031 5964  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:56:44.0047 5964  USBSTOR - ok
06:56:44.0094 5964  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
06:56:44.0094 5964  usbuhci - ok
06:56:44.0125 5964  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
06:56:44.0187 5964  UxSms - ok
06:56:44.0203 5964  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
06:56:44.0234 5964  VaultSvc - ok
06:56:44.0265 5964  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
06:56:44.0265 5964  vdrvroot - ok
06:56:44.0312 5964  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
06:56:44.0390 5964  vds - ok
06:56:44.0421 5964  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
06:56:44.0437 5964  vga - ok
06:56:44.0484 5964  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
06:56:44.0499 5964  VgaSave - ok
06:56:44.0546 5964  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
06:56:44.0562 5964  vhdmp - ok
06:56:44.0577 5964  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
06:56:44.0593 5964  viaagp - ok
06:56:44.0624 5964  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
06:56:44.0624 5964  ViaC7 - ok
06:56:44.0640 5964  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
06:56:44.0655 5964  viaide - ok
06:56:44.0687 5964  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
06:56:44.0702 5964  volmgr - ok
06:56:44.0733 5964  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
06:56:44.0749 5964  volmgrx - ok
06:56:44.0780 5964  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
06:56:44.0796 5964  volsnap - ok
06:56:44.0811 5964  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
06:56:44.0827 5964  vsmraid - ok
06:56:44.0905 5964  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
06:56:45.0014 5964  VSS - ok
06:56:45.0155 5964  [ F1E8C5167F849D1089D8108C50E6FF11 ] vToolbarUpdater15.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
06:56:45.0186 5964  vToolbarUpdater15.2.0 - ok
06:56:45.0201 5964  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
06:56:45.0217 5964  vwifibus - ok
06:56:45.0233 5964  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
06:56:45.0248 5964  vwififlt - ok
06:56:45.0264 5964  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
06:56:45.0279 5964  vwifimp - ok
06:56:45.0326 5964  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
06:56:45.0389 5964  W32Time - ok
06:56:45.0435 5964  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
06:56:45.0456 5964  WacomPen - ok
06:56:45.0533 5964  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
06:56:45.0580 5964  WANARP - ok
06:56:45.0611 5964  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
06:56:45.0626 5964  Wanarpv6 - ok
06:56:45.0720 5964  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
06:56:45.0767 5964  WatAdminSvc - ok
06:56:45.0829 5964  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
06:56:45.0923 5964  wbengine - ok
06:56:45.0970 5964  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
06:56:46.0016 5964  WbioSrvc - ok
06:56:46.0063 5964  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
06:56:46.0110 5964  wcncsvc - ok
06:56:46.0141 5964  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:56:46.0204 5964  WcsPlugInService - ok
06:56:46.0250 5964  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
06:56:46.0250 5964  Wd - ok
06:56:46.0297 5964  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
06:56:46.0344 5964  Wdf01000 - ok
06:56:46.0360 5964  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
06:56:46.0406 5964  WdiServiceHost - ok
06:56:46.0422 5964  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
06:56:46.0469 5964  WdiSystemHost - ok
06:56:46.0500 5964  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
06:56:46.0578 5964  WebClient - ok
06:56:46.0609 5964  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
06:56:46.0672 5964  Wecsvc - ok
06:56:46.0703 5964  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
06:56:46.0750 5964  wercplsupport - ok
06:56:46.0765 5964  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
06:56:46.0828 5964  WerSvc - ok
06:56:46.0859 5964  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
06:56:46.0874 5964  WfpLwf - ok
06:56:46.0890 5964  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
06:56:46.0906 5964  WIMMount - ok
06:56:46.0999 5964  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
06:56:47.0015 5964  WinDefend - ok
06:56:47.0062 5964  [ CD113101EB1CF7B2CCECE47D7C7D864C ] WinFPdrv        C:\Windows\system32\WinFPdrv.sys
06:56:47.0108 5964  Suspicious file (Hidden): C:\Windows\system32\WinFPdrv.sys. md5: CD113101EB1CF7B2CCECE47D7C7D864C
06:56:47.0108 5964  WinFPdrv ( HiddenFile.Multi.Generic ) - warning
06:56:47.0108 5964  WinFPdrv - detected HiddenFile.Multi.Generic (1)
06:56:47.0108 5964  WinHttpAutoProxySvc - ok
06:56:47.0186 5964  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
06:56:47.0202 5964  Winmgmt - ok
06:56:47.0264 5964  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
06:56:47.0358 5964  WinRM - ok
06:56:47.0452 5964  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
06:56:47.0545 5964  Wlansvc - ok
06:56:47.0654 5964  [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
06:56:47.0701 5964  wlidsvc - ok
06:56:47.0748 5964  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
06:56:47.0764 5964  WmiAcpi - ok
06:56:47.0826 5964  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
06:56:47.0842 5964  wmiApSrv - ok
06:56:47.0935 5964  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
06:56:47.0966 5964  WMPNetworkSvc - ok
06:56:48.0013 5964  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
06:56:48.0060 5964  WPCSvc - ok
06:56:48.0107 5964  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
06:56:48.0154 5964  WPDBusEnum - ok
06:56:48.0200 5964  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
06:56:48.0216 5964  ws2ifsl - ok
06:56:48.0247 5964  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
06:56:48.0294 5964  wscsvc - ok
06:56:48.0341 5964  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
06:56:48.0341 5964  WSDPrintDevice - ok
06:56:48.0356 5964  WSearch - ok
06:56:48.0466 5964  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
06:56:48.0575 5964  wuauserv - ok
06:56:48.0622 5964  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
06:56:48.0637 5964  WudfPf - ok
06:56:48.0668 5964  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
06:56:48.0684 5964  WUDFRd - ok
06:56:48.0715 5964  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
06:56:48.0762 5964  wudfsvc - ok
06:56:48.0824 5964  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
06:56:48.0887 5964  WwanSvc - ok
06:56:48.0934 5964  ================ Scan global ===============================
06:56:49.0043 5964  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
06:56:49.0105 5964  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
06:56:49.0168 5964  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
06:56:49.0261 5964  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
06:56:49.0339 5964  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
06:56:49.0402 5964  [Global] - ok
06:56:49.0402 5964  ================ Scan MBR ==================================
06:56:49.0417 5964  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
06:56:49.0776 5964  \Device\Harddisk0\DR0 - ok
06:56:49.0807 5964  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
06:56:50.0072 5964  \Device\Harddisk1\DR1 - ok
06:56:50.0088 5964  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
06:56:50.0260 5964  \Device\Harddisk2\DR2 - ok
06:56:50.0260 5964  ================ Scan VBR ==================================
06:56:50.0291 5964  [ 83719C18F3444AFEF31933ACE0A1CA80 ] \Device\Harddisk0\DR0\Partition1
06:56:50.0291 5964  \Device\Harddisk0\DR0\Partition1 - ok
06:56:50.0306 5964  [ 76EE32CB0C2333492DA3AE38FADAC958 ] \Device\Harddisk1\DR1\Partition1
06:56:50.0322 5964  \Device\Harddisk1\DR1\Partition1 - ok
06:56:50.0322 5964  [ 6900A310F205F6D42F8CEBA43ADF6E86 ] \Device\Harddisk2\DR2\Partition1
06:56:50.0322 5964  \Device\Harddisk2\DR2\Partition1 - ok
06:56:50.0338 5964  ============================================================
06:56:50.0338 5964  Scan finished
06:56:50.0338 5964  ============================================================
06:56:50.0369 5948  Detected object count: 1
06:56:50.0369 5948  Actual detected object count: 1
06:57:10.0177 5948  WinFPdrv ( HiddenFile.Multi.Generic ) - skipped by user
06:57:10.0177 5948  WinFPdrv ( HiddenFile.Multi.Generic ) - User select action: Skip
06:57:15.0889 5756  Deinitialize success
 

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

 

# AdwCleaner v2.300 - Logfile created 05/15/2013 at 06:58:41
# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Administrator - HOPE
# Boot Mode : Normal
# Running from : C:\Users\Administrator\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bt1kags9.default\extensions\browserprotect@browserprotect.com.xpi
Folder Deleted : C:\Program Files\Web Assistant
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bt1kags9.default\jetpack

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bt1kags9.default\prefs.js

C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\bt1kags9.default\user.js ... Deleted !

Deleted : user_pref("de.soerenrinne.googlebuttons.userlist", "Accounts,Calendar,Docs,Image Search,Custom Butto[...]
Deleted : user_pref("extensions.browserprotect.searchProviderExceptions", "hxxp://en.wikipedia.org/wiki/Specia[...]

*************************

AdwCleaner[S1].txt - [4389 octets] - [15/05/2013 06:58:41]

########## EOF - C:\AdwCleaner[S1].txt - [4449 octets] ##########
 

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

 

C:\Program Files\IZArc\CyberLink PowerDirector 10 Ultra (Activated).zip    a variant of Win32/Keygen.AC application    deleted - quarantined
C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\5e7299b1-61791cfd    multiple threats    cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_data\stubinst_pkg_en-us.cab    Win32/OpenCandy application    deleted - quarantined
 

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>


Edited by D&S+14, 15 May 2013 - 03:34 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:42 PM

Posted 15 May 2013 - 07:32 PM

Not certain if you downloaded a keygenerator and it is infected and was removed, but these are usually infected. It's why they are free.

Anyway it looks clean now. Hiw is it running?

 

I think you need to re install audacity.

 

Also you may have some file corruption. 

Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'

You will need your operating system  CD handy.

Open Windows Task Manager....by pressing CTRL+SHIFT+ESC

Then click  File.. then New Task(Run)

In the box that opens type sfc /scannow ......There is a space between c and /

Click OK
Let it run and insert the CD when asked.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 D&S+14

D&S+14
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:42 PM

Posted 16 May 2013 - 12:57 PM

Well, the CPU seems to be better. It's running down up to 10%, which is probably reasonable.

 

However, when I ran the sfc /scannow as an administrator, I got this:

 

cbslog.jpg

 

So there are corrupt files.. but it can't fix them, and it never asked me for the CD.  I ran it a second time with the CD already in the computer, but it made no difference.

 

I can post the CBS.log if you would like to see it, but I don't want to spam you with it if it's of no use.

 

Thanks again for helping me with this.



#6 D&S+14

D&S+14
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:42 PM

Posted 16 May 2013 - 08:06 PM

I don't know if this means anything, but a brief scan of the CBS.log seems to say that "autochk" is the file that can't be fixed.



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:42 PM

Posted 16 May 2013 - 08:54 PM

OK, I need you to start anew topic in WIN 7 with these last 2 posts as I know they know how to fix it,but I don't. :(


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 D&S+14

D&S+14
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:42 PM

Posted 16 May 2013 - 09:12 PM

Will do, thank you very much!



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:42 PM

Posted 16 May 2013 - 09:34 PM

You're welcome!


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 D&S+14

D&S+14
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:42 PM

Posted 17 May 2013 - 01:42 PM

Out of curiosity... what were these things doing on my computer to make the CPU run up?  Logging keystrokes?  Funneling information?



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:42 PM

Posted 17 May 2013 - 02:00 PM

Hi all those spywares and toolbars are talking back to their home. Fortunately these ones are not info stealers but info sharing. they only take info that is geared for sending you adware.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 D&S+14

D&S+14
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:42 PM

Posted 17 May 2013 - 04:35 PM

Oh, very interesting!  Thanks much!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users