Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD logging thousands of temporary Internet Files/content.IE5


  • Please log in to reply
13 replies to this topic

#1 tbishop99

tbishop99

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 21 May 2013 - 05:01 PM

I could use some help with my 'bleeping' computer please.  I started getting the BSOD a couple of months ago, someone showed me to use ccleaner to help clear out files, and that helps, but I've been noticing hundreds of thousands of temporary internet files/content.IE5 are being deleted each time, and now my computer has the BSOD regularly (1-2 a day).  I can follow directions on what to run and how, but am not knowledgeable enough to know where to even begin.

 

ALL HELP IS WELCOME :)


Edited by hamluis, 24 May 2013 - 05:02 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,302 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:58 PM

Posted 21 May 2013 - 05:27 PM

Please download MiniToolBox  , save it to your desktop and run it.

 

Checkmark the following checkboxes:

  List last 10 Event Viewer log

  List Installed Programs

 List Users, Partitions and Memory size.

 

Click Go and paste the content into your next post.

 

Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link.

 

Louis


Edited by hamluis, 21 May 2013 - 05:28 PM.


#3 tbishop99

tbishop99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 22 May 2013 - 05:41 AM

http://speccy.piriform.com/results/jNl81TQwgeUdntTWTRg7YD7

 

 

MiniToolBox by Farbar  Version:21-04-2013
Ran by Trina (administrator) on 22-05-2013 at 22:33:58
Running from "C:\Users\Trina\Desktop"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/22/2013 08:05:59 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (05/22/2013 08:04:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (05/22/2013 08:04:14 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (05/21/2013 07:36:26 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/21/2013 07:36:26 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/21/2013 07:36:26 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/21/2013 07:36:26 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (05/21/2013 07:36:25 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/21/2013 07:36:25 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (05/21/2013 07:36:25 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
 
System errors:
=============
Error: (05/22/2013 09:41:16 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147024891
 
Error: (05/22/2013 09:41:16 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147024891
 
Error: (05/22/2013 09:10:48 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147024891
 
Error: (05/22/2013 09:10:48 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147024891
 
Error: (05/22/2013 08:26:24 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147024891
 
Error: (05/22/2013 08:26:24 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147024891
 
Error: (05/22/2013 07:55:36 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147024891
 
Error: (05/22/2013 07:55:36 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147024891
 
Error: (05/22/2013 04:34:00 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147024891
 
Error: (05/22/2013 04:34:00 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147024891
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-02-19 22:29:32.604
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PCHelpForum\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-19 22:29:32.494
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PCHelpForum\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2010-05-03 10:18:59.327
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Trina\AppData\Roaming\DellInfo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2010-05-03 10:18:59.319
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Trina\AppData\Roaming\DellInfo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2010-05-02 20:25:26.143
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Trina\AppData\Roaming\DellInfo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2010-05-02 20:25:26.143
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Trina\AppData\Roaming\DellInfo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.2.443)
Adobe Acrobat 9 Pro - English, Français, Deutsch (Version: 9.5.2)
Adobe Acrobat 9.5.2 - CPSID_83708
Adobe After Effects CS4 (Version: 9)
Adobe After Effects CS4 Presets (Version: 9)
Adobe After Effects CS4 Third Party Content (Version: 9)
Adobe AIR (Version: 1.1.0.5790)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Anchor Service x64 CS4 (Version: 2.0)
Adobe Asset Services CS4 (Version: 4)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe CMaps x64 CS4 (Version: 2.0)
Adobe Color - Photoshop Specific CS4 (Version: 2.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe Color Video Profiles AE CS4 (Version: 2.0)
Adobe Color Video Profiles CS CS4 (Version: 2.0)
Adobe Contribute CS4 (Version: 5.0)
Adobe Creative Suite 4 Master Collection (Version: 4.0)
Adobe CS4 American English Speech Analysis Models (Version: 1)
Adobe CSI CS4 (Version: 1)
Adobe CSI CS4 x64 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS4 (Version: 2)
Adobe Digital Editions
Adobe Dreamweaver CS4 (Version: 10.0)
Adobe Drive CS4 (Version: 1)
Adobe Drive CS4 x64 (Version: 1)
Adobe Dynamiclink Support (Version: 1)
Adobe Encore CS4 (Version: 4)
Adobe Encore CS4 Codecs (Version: 4)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Fireworks CS4 (Version: 10.0)
Adobe Flash CS4 (Version: 10.0)
Adobe Flash CS4 Extension - Flash Lite STI en (Version: 3.0)
Adobe Flash CS4 STI-en (Version: 10.0)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Fonts All (Version: 2.0)
Adobe Fonts All x64 (Version: 2.0)
Adobe Illustrator CS4 (Version: 14.0)
Adobe InDesign CS4 (Version: 6.0)
Adobe InDesign CS4 Application Feature Set Files (Roman) (Version: 6.0)
Adobe InDesign CS4 Common Base Files (Version: 6.0)
Adobe InDesign CS4 Icon Handler (Version: 6.0)
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Linguistics CS4 x64 (Version: 4.0.0)
Adobe Media Encoder CS4 (Version: 1.0)
Adobe Media Encoder CS4 Additional Exporter (Version: 1.0)
Adobe Media Encoder CS4 Dolby (Version: 1.0)
Adobe Media Encoder CS4 Exporter (Version: 1.0)
Adobe Media Encoder CS4 Importer (Version: 1.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe MotionPicture Color Files CS4 (Version: 2.0)
Adobe OnLocation CS4 (Version: 4)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe PDF Library Files x64 CS4 (Version: 9.0)
Adobe Photoshop CS4 (64 Bit) (Version: 11.0)
Adobe Photoshop CS4 (Version: 11.0)
Adobe Photoshop CS4 Support (Version: 11.0)
Adobe Premiere Pro CS4 (Version: 4)
Adobe Premiere Pro CS4 Functional Content (Version: 4)
Adobe Premiere Pro CS4 Third Party Content (Version: 4)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe SGM CS4 (Version: 3.0)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Adobe SING CS4 (Version: 2.0)
Adobe Soundbooth CS4 (Version: 2)
Adobe Soundbooth CS4 Codecs (Version: 2)
Adobe Type Support CS4 (Version: 9.0)
Adobe Type Support x64 CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe Version Cue CS4 Server (Version: 4.0)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
aiofw (Version: 4.2.6.0)
aioprnt (Version: 5.3.1.0)
aioscnnr (Version: 4.2.6.0)
Amyuni PDF Converter
AVG 2013 (Version: 13.0.2904)
AVG 2013 (Version: 13.0.3184)
AVG 2013 (Version: 2013.0.2904)
AVG Security Toolbar (Version: 14.2.0.1)
Bing Bar (Version: 7.0.619.0)
Bonjour (Version: 1.0.106)
C4USelfUpdater (Version: 1.00.0000)
CCleaner (Version: 3.24)
center (Version: 5.0.0.0)
Clip Art Collection (Version: 1.0.0.0)
Connect (Version: 1.0.0.1)
Coupon Printer for Windows (Version: 5.0.0.1)
Creative ALchemy (Version: 1.41)
Creative Audio Control Panel (Version: 2.00)
Creative Console Launcher
Creative MediaSource 5 (Version: 5.26)
Creative Software AutoUpdate (Version: 1.40)
Creative Sound Blaster Properties x64 Edition
D3DX10 (Version: 15.4.2368.0902)
DealCabby (Version: 1.0921.1509)
deskPDF 2.5 Professional Edition
Docudesk GPL Ghostscript 8.15
ESET Online Scanner v3
EZ Invitations (Version: 1.0.0)
Gamers Unite! Snag Bar
GamesBar 2.0.1.73 (Version: 2.0.1.73)
GiftBox+ (Version: 1.0)
Google Chrome (Version: 26.0.1410.64)
Java 7 Update 15 (Version: 7.0.150)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 30 (Version: 6.0.300)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Mega Codec Pack 5.9.0 (Version: 5.9.0)
KODAK AiO Home Center (Version: 5.4.6.4)
ksDIP (Version: 3.20.0000.0001)
kuler (Version: 2.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.1.54.0)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Project 2007 Service Pack 3 (SP3)
Microsoft Office Project MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Project Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer 2007 (Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office SharePoint Designer MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Music Oasis (Version: 1.0.0)
NVIDIA 3D Vision Driver 311.06 (Version: 311.06)
NVIDIA Control Panel 311.06 (Version: 311.06)
NVIDIA Graphics Driver 311.06 (Version: 311.06)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OfficeReady Software for KODAK Printers (Version: 4.0)
OfficeReadyToolBarSetup (Version: 1.0.0)
OpenAL
OverDrive Media Console (Version: 3.2.5)
PDF Settings CS4 (Version: 9.0)
Photoshop Camera Raw (Version: 5.0)
Photoshop Camera Raw_x64 (Version: 5.0)
Pixel Bender Toolkit (Version: 1.0)
Plants vs Zombies
PreReq (Version: 6.0.5.2)
PVSonyDll (Version: 1.00.0001)
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (Version: 1.0.0)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (Version: 1.0.0)
SoundFont Bank Manager (Version: 3.21)
Suite Shared Configuration CS4 (Version: 1.0)
swMSM (Version: 12.0.0.1)
System Requirements Lab
TeamViewer 5 (Version: 5.0.8232 )
TextPad 5 (Version: 5.4.2)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Project 2007 Help (KB963668)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Sharepoint Designer 2007 Help (KB963675)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 8.0.0.35)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 1.0.5 (Version: 1.0.5)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver
Word Riot Deluxe
WorldWinner Games (Version: 1.9.0.23)
Yahoo! Software Update
 
========================= Memory info: ===================================
 
Percentage of memory in use: 47%
Total physical RAM: 4029.91 MB
Available physical RAM: 2106.13 MB
Total Pagefile: 8058.01 MB
Available Pagefile: 4977.03 MB
Total Virtual: 4095.88 MB
Available Virtual: 3989.02 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:465.63 GB) (Free:390.94 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\TRINA-PC
 
Administrator            Guest                    Trina                    
UpdatusUser              
 
 
**** End of log ****

Edited by tbishop99, 22 May 2013 - 09:49 PM.


#4 tbishop99

tbishop99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 24 May 2013 - 08:56 AM

Is there any other information needed from me at this time?

 

Thanks,

Trina



#5 hamluis

hamluis

    Moderator


  • Moderator
  • 56,302 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:58 PM

Posted 24 May 2013 - 04:58 PM

Not in this forum, thanks :).

 

Some of your errors seem to coincide with malware infections so I'm going to move this topic to another forum for better opinions on such.

 

Louis



#6 tbishop99

tbishop99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 24 May 2013 - 07:55 PM

Ok, I'm guessing that I should just wait for an email to know where to look?

 

Thanks



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,493 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:58 PM

Posted 25 May 2013 - 11:15 PM

Hello sorry, for the wait... lets look at these.

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.




Now I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 tbishop99

tbishop99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 26 May 2013 - 09:13 PM

Thank you for your assistance.  

 

Attached are the TDSKiller file, ADWCleaner and ESETScan:

 

 TDSKiller

 

18:28:02.0556 5012  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:28:03.0610 5012  ============================================================
18:28:03.0610 5012  Current date / time: 2013/05/26 18:28:03.0610
18:28:03.0610 5012  SystemInfo:
18:28:03.0610 5012  
18:28:03.0610 5012  OS Version: 6.1.7601 ServicePack: 1.0
18:28:03.0610 5012  Product type: Workstation
18:28:03.0610 5012  ComputerName: TRINA-PC
18:28:03.0610 5012  UserName: Trina
18:28:03.0610 5012  Windows directory: C:\Windows
18:28:03.0610 5012  System windows directory: C:\Windows
18:28:03.0610 5012  Running under WOW64
18:28:03.0610 5012  Processor architecture: Intel x64
18:28:03.0611 5012  Number of processors: 4
18:28:03.0611 5012  Page size: 0x1000
18:28:03.0611 5012  Boot type: Normal boot
18:28:03.0611 5012  ============================================================
18:28:05.0648 5012  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:28:05.0694 5012  ============================================================
18:28:05.0694 5012  \Device\Harddisk0\DR0:
18:28:05.0694 5012  MBR partitions:
18:28:05.0694 5012  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x10000, BlocksNum 0x32000
18:28:05.0694 5012  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x42000, BlocksNum 0x3A343800
18:28:05.0694 5012  ============================================================
18:28:05.0739 5012  C: <-> \Device\Harddisk0\DR0\Partition2
18:28:05.0739 5012  ============================================================
18:28:05.0740 5012  Initialize success
18:28:05.0740 5012  ============================================================
18:28:32.0305 5112  ============================================================
18:28:32.0305 5112  Scan started
18:28:32.0305 5112  Mode: Manual; TDLFS; 
18:28:32.0305 5112  ============================================================
18:28:33.0755 5112  ================ Scan system memory ========================
18:28:33.0755 5112  System memory - ok
18:28:33.0756 5112  ================ Scan services =============================
18:28:33.0877 5112  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:28:33.0881 5112  1394ohci - ok
18:28:33.0919 5112  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:28:33.0924 5112  ACPI - ok
18:28:33.0957 5112  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:28:33.0959 5112  AcpiPmi - ok
18:28:33.0989 5112  [ D44BCAF639E4E45307C2BC80715273D5 ] adfs            C:\Windows\system32\drivers\adfs.sys
18:28:33.0991 5112  adfs - ok
18:28:34.0095 5112  [ 9444A3530C2E88B7ED96A566FF9CCC13 ] Adobe Version Cue CS4 C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
18:28:34.0101 5112  Adobe Version Cue CS4 - ok
18:28:34.0198 5112  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:28:34.0199 5112  AdobeARMservice - ok
18:28:34.0308 5112  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:28:34.0311 5112  AdobeFlashPlayerUpdateSvc - ok
18:28:34.0350 5112  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:28:34.0362 5112  adp94xx - ok
18:28:34.0381 5112  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:28:34.0387 5112  adpahci - ok
18:28:34.0414 5112  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:28:34.0417 5112  adpu320 - ok
18:28:34.0439 5112  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:28:34.0440 5112  AeLookupSvc - ok
18:28:34.0478 5112  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:28:34.0482 5112  AFD - ok
18:28:34.0524 5112  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:28:34.0526 5112  agp440 - ok
18:28:34.0541 5112  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:28:34.0542 5112  ALG - ok
18:28:34.0556 5112  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:28:34.0557 5112  aliide - ok
18:28:34.0567 5112  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:28:34.0568 5112  amdide - ok
18:28:34.0580 5112  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:28:34.0582 5112  AmdK8 - ok
18:28:34.0592 5112  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:28:34.0593 5112  AmdPPM - ok
18:28:34.0631 5112  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:28:34.0634 5112  amdsata - ok
18:28:34.0648 5112  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:28:34.0652 5112  amdsbs - ok
18:28:34.0670 5112  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:28:34.0670 5112  amdxata - ok
18:28:34.0709 5112  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:28:34.0711 5112  AppID - ok
18:28:34.0727 5112  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:28:34.0728 5112  AppIDSvc - ok
18:28:34.0768 5112  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
18:28:34.0769 5112  Appinfo - ok
18:28:34.0787 5112  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:28:34.0789 5112  AppMgmt - ok
18:28:34.0807 5112  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:28:34.0809 5112  arc - ok
18:28:34.0853 5112  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:28:34.0855 5112  arcsas - ok
18:28:34.0865 5112  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:28:34.0866 5112  AsyncMac - ok
18:28:34.0889 5112  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:28:34.0890 5112  atapi - ok
18:28:34.0939 5112  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:28:34.0944 5112  AudioEndpointBuilder - ok
18:28:34.0957 5112  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:28:34.0963 5112  AudioSrv - ok
18:28:35.0000 5112  [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
18:28:35.0001 5112  Avgfwfd - ok
18:28:35.0120 5112  [ D0BE22C910E46550C6308D50DDA76B94 ] avgfws          C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
18:28:35.0130 5112  avgfws - ok
18:28:35.0286 5112  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
18:28:35.0319 5112  AVGIDSAgent - ok
18:28:35.0348 5112  [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
18:28:35.0350 5112  AVGIDSDriver - ok
18:28:35.0361 5112  [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
18:28:35.0362 5112  AVGIDSHA - ok
18:28:35.0371 5112  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
18:28:35.0372 5112  Avgldx64 - ok
18:28:35.0398 5112  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
18:28:35.0400 5112  Avgloga - ok
18:28:35.0414 5112  [ 841C40C193889730848849AC220D9242 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
18:28:35.0415 5112  Avgmfx64 - ok
18:28:35.0426 5112  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
18:28:35.0427 5112  Avgrkx64 - ok
18:28:35.0438 5112  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
18:28:35.0439 5112  Avgtdia - ok
18:28:35.0460 5112  [ 4C05242DC361A217223E9B8EC2B3A76B ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
18:28:35.0461 5112  avgtp - ok
18:28:35.0493 5112  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
18:28:35.0495 5112  avgwd - ok
18:28:35.0537 5112  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:28:35.0538 5112  AxInstSV - ok
18:28:35.0564 5112  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:28:35.0576 5112  b06bdrv - ok
18:28:35.0596 5112  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:28:35.0601 5112  b57nd60a - ok
18:28:35.0676 5112  [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
18:28:35.0680 5112  BBSvc - ok
18:28:35.0707 5112  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:28:35.0709 5112  BDESVC - ok
18:28:35.0716 5112  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:28:35.0718 5112  Beep - ok
18:28:35.0766 5112  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
18:28:35.0773 5112  BITS - ok
18:28:35.0787 5112  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:28:35.0788 5112  blbdrive - ok
18:28:35.0823 5112  [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
18:28:35.0825 5112  Bonjour Service - ok
18:28:35.0859 5112  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:28:35.0860 5112  bowser - ok
18:28:35.0869 5112  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:28:35.0871 5112  BrFiltLo - ok
18:28:35.0879 5112  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:28:35.0880 5112  BrFiltUp - ok
18:28:35.0940 5112  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
18:28:35.0943 5112  BridgeMP - ok
18:28:35.0978 5112  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:28:35.0980 5112  Browser - ok
18:28:35.0996 5112  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:28:36.0001 5112  Brserid - ok
18:28:36.0017 5112  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:28:36.0019 5112  BrSerWdm - ok
18:28:36.0024 5112  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:28:36.0025 5112  BrUsbMdm - ok
18:28:36.0032 5112  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:28:36.0034 5112  BrUsbSer - ok
18:28:36.0077 5112  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
18:28:36.0079 5112  BthEnum - ok
18:28:36.0088 5112  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:28:36.0090 5112  BTHMODEM - ok
18:28:36.0117 5112  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
18:28:36.0119 5112  BthPan - ok
18:28:36.0161 5112  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
18:28:36.0174 5112  BTHPORT - ok
18:28:36.0202 5112  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:28:36.0204 5112  bthserv - ok
18:28:36.0235 5112  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
18:28:36.0238 5112  BTHUSB - ok
18:28:36.0246 5112  catchme - ok
18:28:36.0261 5112  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:28:36.0263 5112  cdfs - ok
18:28:36.0299 5112  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
18:28:36.0302 5112  cdrom - ok
18:28:36.0340 5112  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:28:36.0341 5112  CertPropSvc - ok
18:28:36.0354 5112  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:28:36.0356 5112  circlass - ok
18:28:36.0376 5112  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:28:36.0380 5112  CLFS - ok
18:28:36.0456 5112  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:28:36.0459 5112  clr_optimization_v2.0.50727_32 - ok
18:28:36.0509 5112  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:28:36.0512 5112  clr_optimization_v2.0.50727_64 - ok
18:28:36.0580 5112  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:28:36.0583 5112  clr_optimization_v4.0.30319_32 - ok
18:28:36.0622 5112  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:28:36.0624 5112  clr_optimization_v4.0.30319_64 - ok
18:28:36.0635 5112  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:28:36.0637 5112  CmBatt - ok
18:28:36.0666 5112  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:28:36.0668 5112  cmdide - ok
18:28:36.0712 5112  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
18:28:36.0719 5112  CNG - ok
18:28:36.0725 5112  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:28:36.0726 5112  Compbatt - ok
18:28:36.0758 5112  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:28:36.0759 5112  CompositeBus - ok
18:28:36.0765 5112  COMSysApp - ok
18:28:36.0890 5112  cpuz132 - ok
18:28:36.0896 5112  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:28:36.0897 5112  crcdisk - ok
18:28:36.0952 5112  [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
18:28:36.0955 5112  Creative ALchemy AL6 Licensing Service - ok
18:28:36.0968 5112  [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
18:28:36.0970 5112  Creative Audio Engine Licensing Service - ok
18:28:37.0011 5112  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:28:37.0013 5112  CryptSvc - ok
18:28:37.0059 5112  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
18:28:37.0071 5112  CSC - ok
18:28:37.0155 5112  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
18:28:37.0160 5112  CscService - ok
18:28:37.0214 5112  [ F2E8C13E27A0044A19BA82E5C6E8879E ] CT20XUT         C:\Windows\system32\drivers\CT20XUT.SYS
18:28:37.0216 5112  CT20XUT - ok
18:28:37.0230 5112  [ F2E8C13E27A0044A19BA82E5C6E8879E ] CT20XUT.SYS     C:\Windows\System32\drivers\CT20XUT.SYS
18:28:37.0232 5112  CT20XUT.SYS - ok
18:28:37.0261 5112  [ 15425196A518C4F0D5A5BBA524D60C4B ] ctac32k         C:\Windows\system32\drivers\ctac32k.sys
18:28:37.0265 5112  ctac32k - ok
18:28:37.0330 5112  [ 095F82704725DB00307A9C7193C13B3C ] ctaud2k         C:\Windows\system32\drivers\ctaud2k.sys
18:28:37.0335 5112  ctaud2k - ok
18:28:37.0395 5112  [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
18:28:37.0398 5112  CTAudSvcService - ok
18:28:37.0436 5112  [ 4551FC6A89328995D87DC23E4FD1050B ] CTEXFIFX        C:\Windows\system32\drivers\CTEXFIFX.SYS
18:28:37.0447 5112  CTEXFIFX - ok
18:28:37.0519 5112  [ 4551FC6A89328995D87DC23E4FD1050B ] CTEXFIFX.SYS    C:\Windows\System32\drivers\CTEXFIFX.SYS
18:28:37.0530 5112  CTEXFIFX.SYS - ok
18:28:37.0560 5112  [ 4EC7E207A05B974F59F477E3305CD60D ] CTHWIUT         C:\Windows\system32\drivers\CTHWIUT.SYS
18:28:37.0562 5112  CTHWIUT - ok
18:28:37.0568 5112  [ 4EC7E207A05B974F59F477E3305CD60D ] CTHWIUT.SYS     C:\Windows\System32\drivers\CTHWIUT.SYS
18:28:37.0569 5112  CTHWIUT.SYS - ok
18:28:37.0576 5112  [ 3E4E7A4A3B2F3D0172F276A0A1A60595 ] ctprxy2k        C:\Windows\system32\drivers\ctprxy2k.sys
18:28:37.0577 5112  ctprxy2k - ok
18:28:37.0591 5112  [ 15AC0A5AA8E88FD6843C70C1738EB963 ] ctsfm2k         C:\Windows\system32\drivers\ctsfm2k.sys
18:28:37.0593 5112  ctsfm2k - ok
18:28:37.0628 5112  [ 76E02DB615A03801D698199A2BC4A06A ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
18:28:37.0629 5112  dc3d - ok
18:28:37.0692 5112  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:28:37.0697 5112  DcomLaunch - ok
18:28:37.0730 5112  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:28:37.0733 5112  defragsvc - ok
18:28:37.0769 5112  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:28:37.0770 5112  DfsC - ok
18:28:37.0815 5112  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:28:37.0818 5112  Dhcp - ok
18:28:37.0840 5112  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:28:37.0841 5112  discache - ok
18:28:37.0853 5112  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:28:37.0854 5112  Disk - ok
18:28:37.0889 5112  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:28:37.0891 5112  Dnscache - ok
18:28:37.0929 5112  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:28:37.0932 5112  dot3svc - ok
18:28:37.0970 5112  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:28:37.0972 5112  DPS - ok
18:28:37.0991 5112  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:28:37.0993 5112  drmkaud - ok
18:28:38.0040 5112  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:28:38.0048 5112  DXGKrnl - ok
18:28:38.0088 5112  [ 099E01A94167CA8BDA2CF72037AD0E28 ] e1express       C:\Windows\system32\DRIVERS\e1e6232e.sys
18:28:38.0091 5112  e1express - ok
18:28:38.0101 5112  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:28:38.0103 5112  EapHost - ok
18:28:38.0185 5112  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:28:38.0253 5112  ebdrv - ok
18:28:38.0288 5112  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:28:38.0289 5112  EFS - ok
18:28:38.0342 5112  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:28:38.0347 5112  ehRecvr - ok
18:28:38.0390 5112  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:28:38.0392 5112  ehSched - ok
18:28:38.0411 5112  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:28:38.0422 5112  elxstor - ok
18:28:38.0474 5112  [ C8F9F86A1A078FDB304E2B6029F1E5E2 ] emupia          C:\Windows\system32\drivers\emupia2k.sys
18:28:38.0475 5112  emupia - ok
18:28:38.0522 5112  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:28:38.0523 5112  ErrDev - ok
18:28:38.0566 5112  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:28:38.0568 5112  EventSystem - ok
18:28:38.0579 5112  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:28:38.0582 5112  exfat - ok
18:28:38.0598 5112  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:28:38.0601 5112  fastfat - ok
18:28:38.0646 5112  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:28:38.0671 5112  Fax - ok
18:28:38.0696 5112  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:28:38.0697 5112  fdc - ok
18:28:38.0710 5112  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:28:38.0711 5112  fdPHost - ok
18:28:38.0720 5112  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:28:38.0721 5112  FDResPub - ok
18:28:38.0735 5112  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:28:38.0736 5112  FileInfo - ok
18:28:38.0745 5112  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:28:38.0746 5112  Filetrace - ok
18:28:38.0787 5112  [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:28:38.0826 5112  FLEXnet Licensing Service - ok
18:28:38.0895 5112  [ 1C3FB052A0BB72EDAED90785C34D6EED ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
18:28:38.0920 5112  FLEXnet Licensing Service 64 - ok
18:28:38.0943 5112  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:28:38.0945 5112  flpydisk - ok
18:28:38.0983 5112  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:28:38.0985 5112  FltMgr - ok
18:28:39.0041 5112  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
18:28:39.0050 5112  FontCache - ok
18:28:39.0098 5112  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:28:39.0100 5112  FontCache3.0.0.0 - ok
18:28:39.0105 5112  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:28:39.0107 5112  FsDepends - ok
18:28:39.0152 5112  [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
18:28:39.0154 5112  fssfltr - ok
18:28:39.0275 5112  [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:28:39.0310 5112  fsssvc - ok
18:28:39.0342 5112  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:28:39.0343 5112  Fs_Rec - ok
18:28:39.0380 5112  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:28:39.0382 5112  fvevol - ok
18:28:39.0391 5112  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:28:39.0393 5112  gagp30kx - ok
18:28:39.0448 5112  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:28:39.0454 5112  gpsvc - ok
18:28:39.0495 5112  [ 57F6CF8C66D23B2EBD32B4A00FE82A15 ] ha20x2k         C:\Windows\system32\drivers\ha20x2k.sys
18:28:39.0507 5112  ha20x2k - ok
18:28:39.0526 5112  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:28:39.0528 5112  hcw85cir - ok
18:28:39.0565 5112  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:28:39.0571 5112  HdAudAddService - ok
18:28:39.0582 5112  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:28:39.0585 5112  HDAudBus - ok
18:28:39.0590 5112  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:28:39.0592 5112  HidBatt - ok
18:28:39.0603 5112  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:28:39.0605 5112  HidBth - ok
18:28:39.0616 5112  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:28:39.0618 5112  HidIr - ok
18:28:39.0649 5112  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
18:28:39.0650 5112  hidserv - ok
18:28:39.0682 5112  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:28:39.0684 5112  HidUsb - ok
18:28:39.0724 5112  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:28:39.0727 5112  hkmsvc - ok
18:28:39.0765 5112  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:28:39.0768 5112  HomeGroupListener - ok
18:28:39.0799 5112  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:28:39.0802 5112  HomeGroupProvider - ok
18:28:39.0837 5112  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:28:39.0840 5112  HpSAMD - ok
18:28:39.0893 5112  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:28:39.0899 5112  HTTP - ok
18:28:39.0929 5112  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:28:39.0930 5112  hwpolicy - ok
18:28:39.0970 5112  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:28:39.0972 5112  i8042prt - ok
18:28:40.0010 5112  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:28:40.0013 5112  iaStorV - ok
18:28:40.0056 5112  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:28:40.0082 5112  idsvc - ok
18:28:40.0096 5112  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:28:40.0098 5112  iirsp - ok
18:28:40.0146 5112  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:28:40.0171 5112  IKEEXT - ok
18:28:40.0218 5112  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:28:40.0220 5112  intelide - ok
18:28:40.0250 5112  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:28:40.0251 5112  intelppm - ok
18:28:40.0280 5112  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:28:40.0281 5112  IPBusEnum - ok
18:28:40.0313 5112  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:28:40.0316 5112  IpFilterDriver - ok
18:28:40.0356 5112  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:28:40.0358 5112  IPMIDRV - ok
18:28:40.0372 5112  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:28:40.0375 5112  IPNAT - ok
18:28:40.0401 5112  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:28:40.0402 5112  IRENUM - ok
18:28:40.0444 5112  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:28:40.0445 5112  isapnp - ok
18:28:40.0462 5112  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:28:40.0467 5112  iScsiPrt - ok
18:28:40.0479 5112  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:28:40.0480 5112  kbdclass - ok
18:28:40.0515 5112  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:28:40.0517 5112  kbdhid - ok
18:28:40.0528 5112  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:28:40.0530 5112  KeyIso - ok
18:28:40.0634 5112  [ 1A8D8CB042E2724385227F1A19A8DECC ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe
18:28:40.0637 5112  Kodak AiO Network Discovery Service - ok
18:28:40.0676 5112  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:28:40.0678 5112  KSecDD - ok
18:28:40.0721 5112  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:28:40.0724 5112  KSecPkg - ok
18:28:40.0729 5112  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:28:40.0731 5112  ksthunk - ok
18:28:40.0766 5112  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:28:40.0773 5112  KtmRm - ok
18:28:40.0860 5112  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
18:28:40.0864 5112  LanmanServer - ok
18:28:40.0895 5112  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:28:40.0898 5112  LanmanWorkstation - ok
18:28:40.0914 5112  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:28:40.0915 5112  lltdio - ok
18:28:40.0932 5112  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:28:40.0938 5112  lltdsvc - ok
18:28:40.0997 5112  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:28:40.0999 5112  lmhosts - ok
18:28:41.0018 5112  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:28:41.0024 5112  LSI_FC - ok
18:28:41.0040 5112  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:28:41.0043 5112  LSI_SAS - ok
18:28:41.0058 5112  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:28:41.0060 5112  LSI_SAS2 - ok
18:28:41.0077 5112  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:28:41.0080 5112  LSI_SCSI - ok
18:28:41.0096 5112  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:28:41.0098 5112  luafv - ok
18:28:41.0127 5112  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:28:41.0130 5112  Mcx2Svc - ok
18:28:41.0199 5112  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
18:28:41.0204 5112  MDM - ok
18:28:41.0221 5112  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:28:41.0223 5112  megasas - ok
18:28:41.0240 5112  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:28:41.0245 5112  MegaSR - ok
18:28:41.0255 5112  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:28:41.0257 5112  MMCSS - ok
18:28:41.0270 5112  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:28:41.0271 5112  Modem - ok
18:28:41.0309 5112  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:28:41.0310 5112  monitor - ok
18:28:41.0345 5112  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:28:41.0346 5112  mouclass - ok
18:28:41.0360 5112  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:28:41.0361 5112  mouhid - ok
18:28:41.0403 5112  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:28:41.0405 5112  mountmgr - ok
18:28:41.0442 5112  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:28:41.0446 5112  mpio - ok
18:28:41.0460 5112  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:28:41.0462 5112  mpsdrv - ok
18:28:41.0502 5112  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:28:41.0505 5112  MRxDAV - ok
18:28:41.0543 5112  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:28:41.0545 5112  mrxsmb - ok
18:28:41.0587 5112  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:28:41.0590 5112  mrxsmb10 - ok
18:28:41.0604 5112  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:28:41.0606 5112  mrxsmb20 - ok
18:28:41.0616 5112  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:28:41.0618 5112  msahci - ok
18:28:41.0651 5112  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:28:41.0654 5112  msdsm - ok
18:28:41.0669 5112  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:28:41.0673 5112  MSDTC - ok
18:28:41.0694 5112  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:28:41.0696 5112  Msfs - ok
18:28:41.0700 5112  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:28:41.0702 5112  mshidkmdf - ok
18:28:41.0740 5112  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:28:41.0741 5112  msisadrv - ok
18:28:41.0759 5112  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:28:41.0763 5112  MSiSCSI - ok
18:28:41.0768 5112  msiserver - ok
18:28:41.0784 5112  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:28:41.0786 5112  MSKSSRV - ok
18:28:41.0795 5112  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:28:41.0797 5112  MSPCLOCK - ok
18:28:41.0801 5112  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:28:41.0803 5112  MSPQM - ok
18:28:41.0847 5112  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:28:41.0853 5112  MsRPC - ok
18:28:41.0887 5112  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:28:41.0888 5112  mssmbios - ok
18:28:41.0893 5112  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:28:41.0895 5112  MSTEE - ok
18:28:41.0907 5112  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:28:41.0909 5112  MTConfig - ok
18:28:41.0915 5112  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:28:41.0916 5112  Mup - ok
18:28:41.0956 5112  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:28:41.0964 5112  napagent - ok
18:28:41.0987 5112  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:28:41.0992 5112  NativeWifiP - ok
18:28:42.0039 5112  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:28:42.0045 5112  NDIS - ok
18:28:42.0060 5112  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:28:42.0062 5112  NdisCap - ok
18:28:42.0074 5112  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:28:42.0076 5112  NdisTapi - ok
18:28:42.0111 5112  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:28:42.0113 5112  Ndisuio - ok
18:28:42.0150 5112  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:28:42.0153 5112  NdisWan - ok
18:28:42.0193 5112  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:28:42.0195 5112  NDProxy - ok
18:28:42.0224 5112  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:28:42.0226 5112  NetBIOS - ok
18:28:42.0259 5112  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:28:42.0262 5112  NetBT - ok
18:28:42.0271 5112  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:28:42.0273 5112  Netlogon - ok
18:28:42.0303 5112  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:28:42.0306 5112  Netman - ok
18:28:42.0329 5112  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:28:42.0333 5112  netprofm - ok
18:28:42.0358 5112  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:28:42.0361 5112  NetTcpPortSharing - ok
18:28:42.0379 5112  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:28:42.0381 5112  nfrd960 - ok
18:28:42.0421 5112  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:28:42.0424 5112  NlaSvc - ok
18:28:42.0435 5112  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:28:42.0436 5112  Npfs - ok
18:28:42.0465 5112  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:28:42.0466 5112  nsi - ok
18:28:42.0471 5112  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:28:42.0472 5112  nsiproxy - ok
18:28:42.0553 5112  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:28:42.0588 5112  Ntfs - ok
18:28:42.0626 5112  [ 4C08A14D04E62963E96E0BB57BBC953B ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
18:28:42.0627 5112  NuidFltr - ok
18:28:42.0638 5112  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:28:42.0639 5112  Null - ok
18:28:42.0876 5112  [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:28:42.0935 5112  nvlddmkm - ok
18:28:42.0969 5112  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:28:42.0972 5112  nvraid - ok
18:28:43.0010 5112  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:28:43.0013 5112  nvstor - ok
18:28:43.0070 5112  [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:28:43.0078 5112  nvsvc - ok
18:28:43.0199 5112  [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:28:43.0233 5112  nvUpdatusService - ok
18:28:43.0260 5112  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:28:43.0262 5112  nv_agp - ok
18:28:43.0330 5112  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:28:43.0343 5112  odserv - ok
18:28:43.0371 5112  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:28:43.0373 5112  ohci1394 - ok
18:28:43.0407 5112  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:28:43.0410 5112  ose - ok
18:28:43.0427 5112  [ 64184884B0F505E0E8D8A48F551E13A8 ] ossrv           C:\Windows\system32\drivers\ctoss2k.sys
18:28:43.0429 5112  ossrv - ok
18:28:43.0464 5112  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:28:43.0467 5112  p2pimsvc - ok
18:28:43.0485 5112  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:28:43.0489 5112  p2psvc - ok
18:28:43.0511 5112  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:28:43.0514 5112  Parport - ok
18:28:43.0552 5112  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:28:43.0553 5112  partmgr - ok
18:28:43.0569 5112  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:28:43.0572 5112  PcaSvc - ok
18:28:43.0588 5112  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:28:43.0591 5112  pci - ok
18:28:43.0603 5112  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:28:43.0605 5112  pciide - ok
18:28:43.0623 5112  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:28:43.0627 5112  pcmcia - ok
18:28:43.0642 5112  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:28:43.0643 5112  pcw - ok
18:28:43.0669 5112  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:28:43.0682 5112  PEAUTH - ok
18:28:43.0721 5112  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:28:43.0731 5112  PeerDistSvc - ok
18:28:43.0789 5112  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:28:43.0791 5112  PerfHost - ok
18:28:43.0862 5112  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:28:43.0874 5112  pla - ok
18:28:43.0950 5112  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:28:43.0955 5112  PlugPlay - ok
18:28:43.0966 5112  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:28:43.0968 5112  PNRPAutoReg - ok
18:28:43.0986 5112  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:28:43.0990 5112  PNRPsvc - ok
18:28:44.0023 5112  [ B8D8EC78B0F9ED8E220506181274F3D3 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
18:28:44.0024 5112  Point64 - ok
18:28:44.0066 5112  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:28:44.0078 5112  PolicyAgent - ok
18:28:44.0113 5112  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:28:44.0116 5112  Power - ok
18:28:44.0127 5112  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:28:44.0130 5112  PptpMiniport - ok
18:28:44.0149 5112  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:28:44.0151 5112  Processor - ok
18:28:44.0185 5112  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:28:44.0188 5112  ProfSvc - ok
18:28:44.0196 5112  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:28:44.0198 5112  ProtectedStorage - ok
18:28:44.0240 5112  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:28:44.0242 5112  Psched - ok
18:28:44.0283 5112  [ 901DBA98359966A62A6548596988E931 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
18:28:44.0284 5112  PxHlpa64 - ok
18:28:44.0326 5112  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:28:44.0369 5112  ql2300 - ok
18:28:44.0386 5112  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:28:44.0389 5112  ql40xx - ok
18:28:44.0405 5112  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:28:44.0408 5112  QWAVE - ok
18:28:44.0416 5112  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:28:44.0418 5112  QWAVEdrv - ok
18:28:44.0428 5112  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:28:44.0430 5112  RasAcd - ok
18:28:44.0459 5112  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:28:44.0460 5112  RasAgileVpn - ok
18:28:44.0473 5112  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:28:44.0475 5112  RasAuto - ok
18:28:44.0512 5112  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:28:44.0515 5112  Rasl2tp - ok
18:28:44.0558 5112  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:28:44.0563 5112  RasMan - ok
18:28:44.0575 5112  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:28:44.0578 5112  RasPppoe - ok
18:28:44.0594 5112  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:28:44.0596 5112  RasSstp - ok
18:28:44.0643 5112  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:28:44.0648 5112  rdbss - ok
18:28:44.0674 5112  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:28:44.0675 5112  rdpbus - ok
18:28:44.0689 5112  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:28:44.0690 5112  RDPCDD - ok
18:28:44.0732 5112  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:28:44.0735 5112  RDPDR - ok
18:28:44.0739 5112  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:28:44.0740 5112  RDPENCDD - ok
18:28:44.0746 5112  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:28:44.0747 5112  RDPREFMP - ok
18:28:44.0791 5112  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:28:44.0793 5112  RdpVideoMiniport - ok
18:28:44.0834 5112  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:28:44.0838 5112  RDPWD - ok
18:28:44.0880 5112  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:28:44.0883 5112  rdyboost - ok
18:28:44.0924 5112  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:28:44.0926 5112  RemoteAccess - ok
18:28:44.0966 5112  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:28:44.0969 5112  RemoteRegistry - ok
18:28:44.0987 5112  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
18:28:44.0990 5112  RFCOMM - ok
18:28:45.0008 5112  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:28:45.0011 5112  RpcEptMapper - ok
18:28:45.0033 5112  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:28:45.0034 5112  RpcLocator - ok
18:28:45.0086 5112  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\System32\rpcss.dll
18:28:45.0092 5112  RpcSs - ok
18:28:45.0100 5112  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:28:45.0101 5112  rspndr - ok
18:28:45.0132 5112  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
18:28:45.0133 5112  s3cap - ok
18:28:45.0142 5112  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:28:45.0143 5112  SamSs - ok
18:28:45.0183 5112  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:28:45.0186 5112  sbp2port - ok
18:28:45.0199 5112  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:28:45.0202 5112  SCardSvr - ok
18:28:45.0234 5112  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:28:45.0235 5112  scfilter - ok
18:28:45.0284 5112  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:28:45.0293 5112  Schedule - ok
18:28:45.0369 5112  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:28:45.0370 5112  SCPolicySvc - ok
18:28:45.0407 5112  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:28:45.0411 5112  SDRSVC - ok
18:28:45.0486 5112  [ 78779EE07231C658B483B1F38B5088DF ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
18:28:45.0490 5112  SeaPort - ok
18:28:45.0499 5112  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:28:45.0501 5112  secdrv - ok
18:28:45.0533 5112  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:28:45.0535 5112  seclogon - ok
18:28:45.0547 5112  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
18:28:45.0550 5112  SENS - ok
18:28:45.0562 5112  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:28:45.0565 5112  SensrSvc - ok
18:28:45.0578 5112  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:28:45.0580 5112  Serenum - ok
18:28:45.0595 5112  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:28:45.0597 5112  Serial - ok
18:28:45.0632 5112  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:28:45.0634 5112  sermouse - ok
18:28:45.0675 5112  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:28:45.0678 5112  SessionEnv - ok
18:28:45.0711 5112  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:28:45.0712 5112  sffdisk - ok
18:28:45.0719 5112  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:28:45.0721 5112  sffp_mmc - ok
18:28:45.0727 5112  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:28:45.0729 5112  sffp_sd - ok
18:28:45.0744 5112  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:28:45.0745 5112  sfloppy - ok
18:28:45.0805 5112  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:28:45.0809 5112  ShellHWDetection - ok
18:28:45.0847 5112  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:28:45.0848 5112  SiSRaid2 - ok
18:28:45.0865 5112  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:28:45.0867 5112  SiSRaid4 - ok
18:28:45.0882 5112  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:28:45.0884 5112  Smb - ok
18:28:45.0900 5112  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:28:45.0902 5112  SNMPTRAP - ok
18:28:45.0926 5112  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:28:45.0926 5112  spldr - ok
18:28:45.0975 5112  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
18:28:45.0981 5112  Spooler - ok
18:28:46.0081 5112  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:28:46.0105 5112  sppsvc - ok
18:28:46.0124 5112  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:28:46.0126 5112  sppuinotify - ok
18:28:46.0168 5112  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:28:46.0172 5112  srv - ok
18:28:46.0215 5112  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:28:46.0218 5112  srv2 - ok
18:28:46.0230 5112  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:28:46.0232 5112  srvnet - ok
18:28:46.0246 5112  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:28:46.0249 5112  SSDPSRV - ok
18:28:46.0263 5112  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:28:46.0266 5112  SstpSvc - ok
18:28:46.0346 5112  [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:28:46.0349 5112  Stereo Service - ok
18:28:46.0364 5112  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:28:46.0366 5112  stexstor - ok
18:28:46.0411 5112  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:28:46.0416 5112  stisvc - ok
18:28:46.0424 5112  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
18:28:46.0425 5112  storflt - ok
18:28:46.0463 5112  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:28:46.0465 5112  storvsc - ok
18:28:46.0505 5112  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:28:46.0506 5112  swenum - ok
18:28:46.0525 5112  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:28:46.0531 5112  swprv - ok
18:28:46.0544 5112  Synth3dVsc - ok
18:28:46.0614 5112  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:28:46.0629 5112  SysMain - ok
18:28:46.0666 5112  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:28:46.0668 5112  TabletInputService - ok
18:28:46.0708 5112  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:28:46.0712 5112  TapiSrv - ok
18:28:46.0742 5112  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:28:46.0745 5112  TBS - ok
18:28:46.0815 5112  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:28:46.0857 5112  Tcpip - ok
18:28:46.0897 5112  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:28:46.0907 5112  TCPIP6 - ok
18:28:46.0941 5112  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:28:46.0942 5112  tcpipreg - ok
18:28:46.0955 5112  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:28:46.0957 5112  TDPIPE - ok
18:28:46.0993 5112  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:28:46.0995 5112  TDTCP - ok
18:28:47.0027 5112  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:28:47.0029 5112  tdx - ok
18:28:47.0054 5112  [ 5624ACD0B7900BEABBD329443A4F4454 ] TeamViewer5     C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
18:28:47.0057 5112  TeamViewer5 - ok
18:28:47.0070 5112  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:28:47.0071 5112  TermDD - ok
18:28:47.0119 5112  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:28:47.0126 5112  TermService - ok
18:28:47.0135 5112  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:28:47.0138 5112  Themes - ok
18:28:47.0146 5112  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:28:47.0147 5112  THREADORDER - ok
18:28:47.0164 5112  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:28:47.0166 5112  TrkWks - ok
18:28:47.0223 5112  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:28:47.0225 5112  TrustedInstaller - ok
18:28:47.0266 5112  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:28:47.0267 5112  tssecsrv - ok
18:28:47.0316 5112  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:28:47.0317 5112  TsUsbFlt - ok
18:28:47.0322 5112  tsusbhub - ok
18:28:47.0359 5112  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:28:47.0362 5112  tunnel - ok
18:28:47.0370 5112  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:28:47.0372 5112  uagp35 - ok
18:28:47.0410 5112  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:28:47.0416 5112  udfs - ok
18:28:47.0429 5112  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:28:47.0431 5112  UI0Detect - ok
18:28:47.0444 5112  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:28:47.0446 5112  uliagpkx - ok
18:28:47.0488 5112  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
18:28:47.0490 5112  umbus - ok
18:28:47.0496 5112  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:28:47.0497 5112  UmPass - ok
18:28:47.0554 5112  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
18:28:47.0557 5112  UmRdpService - ok
18:28:47.0601 5112  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:28:47.0605 5112  upnphost - ok
18:28:47.0649 5112  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:28:47.0651 5112  usbaudio - ok
18:28:47.0657 5112  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:28:47.0659 5112  usbccgp - ok
18:28:47.0696 5112  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:28:47.0699 5112  usbcir - ok
18:28:47.0714 5112  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:28:47.0716 5112  usbehci - ok
18:28:47.0732 5112  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:28:47.0738 5112  usbhub - ok
18:28:47.0750 5112  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:28:47.0752 5112  usbohci - ok
18:28:47.0760 5112  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:28:47.0761 5112  usbprint - ok
18:28:47.0787 5112  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:28:47.0789 5112  usbscan - ok
18:28:47.0804 5112  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
18:28:47.0806 5112  USBSTOR - ok
18:28:47.0815 5112  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:28:47.0817 5112  usbuhci - ok
18:28:47.0825 5112  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:28:47.0828 5112  UxSms - ok
18:28:47.0832 5112  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:28:47.0834 5112  VaultSvc - ok
18:28:47.0866 5112  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:28:47.0868 5112  vdrvroot - ok
18:28:47.0913 5112  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:28:47.0919 5112  vds - ok
18:28:47.0930 5112  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:28:47.0932 5112  vga - ok
18:28:47.0940 5112  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:28:47.0942 5112  VgaSave - ok
18:28:47.0953 5112  VGPU - ok
18:28:47.0987 5112  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:28:47.0991 5112  vhdmp - ok
18:28:48.0018 5112  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:28:48.0020 5112  viaide - ok
18:28:48.0027 5112  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:28:48.0030 5112  vmbus - ok
18:28:48.0042 5112  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
18:28:48.0044 5112  VMBusHID - ok
18:28:48.0083 5112  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:28:48.0085 5112  volmgr - ok
18:28:48.0126 5112  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:28:48.0130 5112  volmgrx - ok
18:28:48.0149 5112  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:28:48.0154 5112  volsnap - ok
18:28:48.0169 5112  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:28:48.0173 5112  vsmraid - ok
18:28:48.0242 5112  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:28:48.0256 5112  VSS - ok
18:28:48.0288 5112  [ 93132C69394A99D992095D8CFE464801 ] VST64HWBS2      C:\Windows\system32\DRIVERS\VSTBS26.SYS
18:28:48.0296 5112  VST64HWBS2 - ok
18:28:48.0338 5112  [ 02071D207A9858FBE3A48CBFD59C4A04 ] VST64_DPV       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
18:28:48.0372 5112  VST64_DPV - ok
18:28:48.0387 5112  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:28:48.0388 5112  vwifibus - ok
18:28:48.0403 5112  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:28:48.0406 5112  W32Time - ok
18:28:48.0446 5112  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:28:48.0448 5112  WacomPen - ok
18:28:48.0456 5112  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:28:48.0458 5112  WANARP - ok
18:28:48.0462 5112  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:28:48.0464 5112  Wanarpv6 - ok
18:28:48.0527 5112  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:28:48.0538 5112  wbengine - ok
18:28:48.0568 5112  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:28:48.0571 5112  WbioSrvc - ok
18:28:48.0608 5112  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:28:48.0612 5112  wcncsvc - ok
18:28:48.0621 5112  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:28:48.0623 5112  WcsPlugInService - ok
18:28:48.0630 5112  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:28:48.0631 5112  Wd - ok
18:28:48.0677 5112  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
18:28:48.0679 5112  WDC_SAM - ok
18:28:48.0726 5112  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:28:48.0732 5112  Wdf01000 - ok
18:28:48.0782 5112  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:28:48.0785 5112  WdiServiceHost - ok
18:28:48.0790 5112  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:28:48.0793 5112  WdiSystemHost - ok
18:28:48.0826 5112  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:28:48.0830 5112  WebClient - ok
18:28:48.0838 5112  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:28:48.0842 5112  Wecsvc - ok
18:28:48.0860 5112  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:28:48.0863 5112  wercplsupport - ok
18:28:48.0873 5112  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:28:48.0875 5112  WerSvc - ok
18:28:48.0885 5112  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:28:48.0886 5112  WfpLwf - ok
18:28:48.0891 5112  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:28:48.0893 5112  WIMMount - ok
18:28:48.0932 5112  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
18:28:48.0958 5112  winachsf - ok
18:28:48.0964 5112  WinHttpAutoProxySvc - ok
18:28:49.0018 5112  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:28:49.0021 5112  Winmgmt - ok
18:28:49.0091 5112  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:28:49.0108 5112  WinRM - ok
18:28:49.0151 5112  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\drivers\WinUSB.SYS
18:28:49.0152 5112  WinUsb - ok
18:28:49.0179 5112  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:28:49.0188 5112  Wlansvc - ok
18:28:49.0240 5112  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:28:49.0242 5112  wlcrasvc - ok
18:28:49.0325 5112  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:28:49.0377 5112  wlidsvc - ok
18:28:49.0413 5112  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:28:49.0414 5112  WmiAcpi - ok
18:28:49.0426 5112  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:28:49.0428 5112  wmiApSrv - ok
18:28:49.0455 5112  WMPNetworkSvc - ok
18:28:49.0466 5112  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:28:49.0468 5112  WPCSvc - ok
18:28:49.0503 5112  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:28:49.0506 5112  WPDBusEnum - ok
18:28:49.0531 5112  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:28:49.0532 5112  ws2ifsl - ok
18:28:49.0537 5112  WSearch - ok
18:28:49.0628 5112  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:28:49.0645 5112  wuauserv - ok
18:28:49.0684 5112  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:28:49.0685 5112  WudfPf - ok
18:28:49.0700 5112  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
18:28:49.0702 5112  WUDFRd - ok
18:28:49.0735 5112  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:28:49.0737 5112  wudfsvc - ok
18:28:49.0773 5112  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:28:49.0777 5112  WwanSvc - ok
18:28:49.0828 5112  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:28:49.0841 5112  YahooAUService - ok
18:28:49.0859 5112  ================ Scan global ===============================
18:28:49.0882 5112  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:28:49.0927 5112  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:28:49.0943 5112  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:28:49.0965 5112  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:28:49.0995 5112  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:28:49.0998 5112  [Global] - ok
18:28:49.0999 5112  ================ Scan MBR ==================================
18:28:50.0011 5112  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:28:50.0474 5112  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:28:50.0475 5112  \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:28:50.0475 5112  ================ Scan VBR ==================================
18:28:50.0479 5112  [ C0A5A6974186FCF520F4EED402F0A392 ] \Device\Harddisk0\DR0\Partition1
18:28:50.0481 5112  \Device\Harddisk0\DR0\Partition1 - ok
18:28:50.0515 5112  [ 429FC32965F590D5FA88FF0868E15B02 ] \Device\Harddisk0\DR0\Partition2
18:28:50.0517 5112  \Device\Harddisk0\DR0\Partition2 - ok
18:28:50.0517 5112  ============================================================
18:28:50.0517 5112  Scan finished
18:28:50.0517 5112  ============================================================
18:28:50.0528 3520  Detected object count: 1
18:28:50.0528 3520  Actual detected object count: 1
18:29:15.0158 3520  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
18:29:15.0160 3520  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
18:29:15.0171 3520  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
18:29:15.0178 3520  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
18:29:15.0180 3520  \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
18:29:15.0181 3520  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
18:29:15.0182 3520  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
18:29:15.0184 3520  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
18:29:15.0186 3520  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
18:29:15.0188 3520  \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
18:29:15.0189 3520  \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
18:29:15.0191 3520  \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
18:29:15.0193 3520  \Device\Harddisk0\DR0\TDLFS\cmd32.dll - copied to quarantine
18:29:15.0195 3520  \Device\Harddisk0\DR0\TDLFS\ua - copied to quarantine
18:29:15.0195 3520  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine 
18:29:29.0096 3304  Deinitialize success
 
-- AdwCleaner

 

 
# AdwCleaner v2.301 - Logfile created 05/26/2013 at 18:17:29
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Trina - TRINA-PC
# Boot Mode : Normal
# Running from : C:\Users\Trina\Desktop\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
Stopped & Deleted : vToolbarUpdater14.2.0
 
***** [Files / Folders] *****
 
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\GamesBar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\GamesBar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar
Folder Deleted : C:\Users\Trina\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Trina\AppData\Local\AVG Security Toolbar
Folder Deleted : C:\Users\Trina\AppData\Local\Conduit
Folder Deleted : C:\Users\Trina\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Trina\AppData\LocalLow\Conduit
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E08A9998-D98F-476F-8F5C-37C80FE0A4DA}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1A93C934-025B-4C3A-B38E-9654A7003239}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKU\S-1-5-21-3314727051-194708365-2099986253-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKU\S-1-5-21-3314727051-194708365-2099986253-1004\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKU\S-1-5-21-3314727051-194708365-2099986253-1004\Software\Microsoft\Internet Explorer\SearchScopes\{E08A9998-D98F-476F-8F5C-37C80FE0A4DA}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16483
 
[OK] Registry is clean.
 
-\\ Google Chrome v27.0.1453.94
 
File : C:\Users\Trina\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[S1].txt - [7785 octets] - [26/05/2013 18:17:29]
 
########## EOF - C:\AdwCleaner[S1].txt - [7845 octets] ##########
 

--ESETScan

 

C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\6b9f7f26-347a34d0 a variant of Java/Exploit.CVE-2013-2423.AV trojan
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\134fa768-256238ab a variant of Java/Exploit.CVE-2013-2423.AL trojan
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\4196e3b2-7bb0fe00 a variant of Java/Exploit.CVE-2013-2423.AH trojan
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\47b1c0fd-271d4bf6 a variant of Java/Exploit.CVE-2013-2423.AH trojan
C:\TDSSKiller_Quarantine\26.05.2013_10.12.23\mbr0000\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.05.2013_10.12.23\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.BC trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.05.2013_10.12.23\mbr0000\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.UK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.05.2013_10.12.23\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.05.2013_10.12.23\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.05.2013_10.12.23\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.05.2013_10.12.23\mbr0000\tdlfs0000\tsk0012.dta a variant of Win32/Olmarik.AYZ trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.05.2013_18.28.03\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.05.2013_18.28.03\tdlfs0000\tsk0001.dta Win64/Olmarik.BC trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.05.2013_18.28.03\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.UK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.05.2013_18.28.03\tdlfs0000\tsk0003.dta Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.05.2013_18.28.03\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.05.2013_18.28.03\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.05.2013_18.28.03\tdlfs0000\tsk0012.dta a variant of Win32/Olmarik.AYZ trojan cleaned by deleting - quarantined
C:\Users\Trina\Documents\Recipes\musicoasis.exe probably a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\Trina\Downloads\ccleaner_3.24.1850_setup.exe a variant of Win32/InstallCore.AT application cleaned by deleting - quarantined
C:\Users\Trina\Downloads\ezinvites.exe probably a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\Trina\Downloads\Setup.exe multiple threats cleaned by deleting - quarantined
C:\Users\UpdatusUser\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\34907d15-354a5d0c multiple threats cleaned by deleting - quarantined
C:\Users\UpdatusUser\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\77d2bc6c-47ac3668 Java/Exploit.Agent.ODV trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\6b9f7f26-347a34d0 a variant of Java/Exploit.CVE-2013-2423.AV trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\134fa768-256238ab a variant of Java/Exploit.CVE-2013-2423.AL trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\4196e3b2-7bb0fe00 a variant of Java/Exploit.CVE-2013-2423.AH trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\47b1c0fd-271d4bf6 a variant of Java/Exploit.CVE-2013-2423.AH trojan cleaned by deleting - quarantined


#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,493 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:58 PM

Posted 26 May 2013 - 09:58 PM

Excellent,... pretty dirty machine.
 
Please reboot the system.

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.
thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 tbishop99

tbishop99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 27 May 2013 - 02:45 PM

ok, more logs for you:

 

--aswMBR

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-05-27 15:36:24
-----------------------------
15:36:24.938    OS Version: Windows x64 6.1.7601 Service Pack 1
15:36:24.938    Number of processors: 4 586 0xF0B
15:36:24.938    ComputerName: TRINA-PC  UserName: Trina
15:36:27.840    Initialize success
15:36:40.273    AVAST engine defs: 13052700
15:36:56.372    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:36:56.372    Disk 0 Vendor: WDC_WD50 12.0 Size: 476940MB BusType: 8
15:36:56.388    Disk 0 MBR read successfully
15:36:56.388    Disk 0 MBR scan
15:36:56.388    Disk 0 Windows 7 default MBR code
15:36:56.388    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       31 MB offset 63
15:36:56.404    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 65536
15:36:56.419    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       476807 MB offset 270336
15:36:56.450    Disk 0 scanning C:\Windows\system32\drivers
15:37:06.388    Service scanning
15:37:26.246    Modules scanning
15:37:26.246    Disk 0 trace - called modules:
15:37:26.262    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorV.sys hal.dll 
15:37:26.262    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800550f060]
15:37:26.278    3 CLASSPNP.SYS[fffff88001abb43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004304050]
15:37:27.557    AVAST engine scan C:\Windows
15:37:30.115    AVAST engine scan C:\Windows\system32
15:40:27.472    AVAST engine scan C:\Windows\system32\drivers
15:40:56.067    AVAST engine scan C:\Users\Trina
15:41:54.052    Disk 0 MBR has been saved successfully to "C:\Users\Trina\Desktop\MBR.dat"
15:41:54.052    The log file has been saved successfully to "C:\Users\Trina\Desktop\aswMBR.txt"
 
 

-- JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Ultimate x64
Ran by Trina on Mon 05/27/2013 at 15:20:52.76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\searchengineprotection
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll"
Successfully deleted: [File] "C:\Windows\couponprinter.ocx"
Successfully deleted [File] C:\Windows\svchost.exe  [Check for TDL4 Rootkit!]
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Trina\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Empty Folder] C:\Users\Trina\appdata\local\{1E4F2A3B-984C-4273-A61C-FE79D193A492}
Successfully deleted: [Empty Folder] C:\Users\Trina\appdata\local\{B0210AD6-B383-43E0-89A2-DDD5B6C14290}
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\afbcibndhffhhbokgpbpecjmejjcgcej
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\afbcibndhffhhbokgpbpecjmejjcgcej
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 05/27/2013 at 15:25:14.33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#11 tbishop99

tbishop99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 27 May 2013 - 02:46 PM

BSOD when trying to run the aswMBR, ran cCleaner then started it again.  I will run my computer for a bit then run cCleaner and see if there are still thousands of files.



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,493 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:58 PM

Posted 27 May 2013 - 09:45 PM

OK let me know.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 tbishop99

tbishop99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 29 May 2013 - 04:58 AM

I have been on twice now for an hour or so each time and run cCleaner, and the files are minimal with no BSOD.  I appreciate all the help here.

 

Is there anything in particular that I need to run on a regular basis to keep this from happening again?  I have AVG, but it obviously didn't keep out whatever caused this issue.

 

Thanks!



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,493 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:58 PM

Posted 29 May 2013 - 10:08 AM

In Control Panel/Uninstall ... remove
Java 7 Update 15 (Version: 7.0.150)
Java™ 6 Update 30 (Version: 6.0.300

Reboot

Then install... Java Version 7 Update 21

 

 

Update and run ADWCleaner weekly.

 

I prefer Avira or Avast free.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users