Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

rootkit.w32.backboot.gen


  • Please log in to reply
22 replies to this topic

#1 Rickvv

Rickvv

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 30 May 2013 - 07:48 PM

Got an infected laptop with backboot.gen. Had suspicions that something was in there, and ran TDSkiller. Found the backboot, but wouldn't remove.

Would appreciate some help with this.

Thank you!

rickvv



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,656 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:56 AM

Posted 30 May 2013 - 08:52 PM

Same computer?

http://www.bleepingcomputer.com/forums/t/495842/tdss-killer-finds-w32backbootgen-help/


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 30 May 2013 - 08:55 PM

Nope, new one...different friend got infected...



#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,656 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:56 AM

Posted 30 May 2013 - 08:56 PM

Can you post TDSSKiller log?


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 30 May 2013 - 11:22 PM

This is what I got:

13:33:11.0306 7388  TDSS rootkit removing tool 2.8.17.0 Apr 11 2013 11:56:34
13:33:11.0996 7388  ============================================================
13:33:11.0996 7388  Current date / time: 2013/05/30 13:33:11.0996
13:33:11.0996 7388  SystemInfo:
13:33:11.0996 7388 
13:33:11.0996 7388  OS Version: 6.1.7601 ServicePack: 1.0
13:33:11.0996 7388  Product type: Workstation
13:33:11.0996 7388  ComputerName: MANAGERS-PC
13:33:11.0996 7388  UserName: Managers
13:33:11.0996 7388  Windows directory: C:\windows
13:33:11.0996 7388  System windows directory: C:\windows
13:33:11.0996 7388  Running under WOW64
13:33:11.0996 7388  Processor architecture: Intel x64
13:33:11.0996 7388  Number of processors: 4
13:33:11.0996 7388  Page size: 0x1000
13:33:11.0996 7388  Boot type: Normal boot
13:33:11.0996 7388  ============================================================
13:33:12.0356 7388  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:33:12.0356 7388  Drive \Device\Harddisk1\DR1 - Size: 0x7A0D1A00 (1.91 Gb), SectorSize: 0x200, Cylinders: 0xF8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:33:12.0356 7388  ============================================================
13:33:12.0356 7388  \Device\Harddisk0\DR0:
13:33:12.0356 7388  MBR partitions:
13:33:12.0356 7388  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3232800, BlocksNum 0xEE79000
13:33:12.0356 7388  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x120AB800, BlocksNum 0x133832B0
13:33:12.0356 7388  \Device\Harddisk1\DR1:
13:33:12.0356 7388  MBR partitions:
13:33:12.0356 7388  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x3CCAF8
13:33:12.0356 7388  ============================================================
13:33:12.0386 7388  C: <-> \Device\Harddisk0\DR0\Partition1
13:33:12.0416 7388  D: <-> \Device\Harddisk0\DR0\Partition2
13:33:12.0416 7388  ============================================================
13:33:12.0416 7388  Initialize success
13:33:12.0416 7388  ============================================================
13:33:18.0636 7748  ============================================================
13:33:18.0636 7748  Scan started
13:33:18.0636 7748  Mode: Manual; TDLFS;
13:33:18.0636 7748  ============================================================
13:33:18.0956 7748  ================ Scan system memory ========================
13:33:18.0956 7748  System memory - ok
13:33:18.0956 7748  ================ Scan services =============================
13:33:19.0446 7748  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
13:33:19.0446 7748  1394ohci - ok
13:33:19.0517 7748  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\windows\system32\drivers\ACPI.sys
13:33:19.0527 7748  ACPI - ok
13:33:19.0537 7748  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
13:33:19.0547 7748  AcpiPmi - ok
13:33:19.0617 7748  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:33:19.0627 7748  AdobeARMservice - ok
13:33:19.0747 7748  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:33:19.0757 7748  AdobeFlashPlayerUpdateSvc - ok
13:33:19.0817 7748  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
13:33:19.0827 7748  adp94xx - ok
13:33:19.0867 7748  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\windows\system32\drivers\adpahci.sys
13:33:19.0877 7748  adpahci - ok
13:33:19.0917 7748  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\windows\system32\drivers\adpu320.sys
13:33:19.0927 7748  adpu320 - ok
13:33:19.0967 7748  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
13:33:19.0967 7748  AeLookupSvc - ok
13:33:20.0007 7748  [ 69FD46FAC0D9C4A8ECD522AC6A7481F5 ] AFBAgent        C:\windows\system32\FBAgent.exe
13:33:20.0017 7748  AFBAgent - ok
13:33:20.0057 7748  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\windows\system32\drivers\afd.sys
13:33:20.0067 7748  AFD - ok
13:33:20.0117 7748  [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem  C:\windows\system32\DRIVERS\agrsm64.sys
13:33:20.0147 7748  AgereSoftModem - ok
13:33:20.0187 7748  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\windows\system32\drivers\agp440.sys
13:33:20.0187 7748  agp440 - ok
13:33:20.0217 7748  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\windows\System32\alg.exe
13:33:20.0217 7748  ALG - ok
13:33:20.0267 7748  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\windows\system32\drivers\aliide.sys
13:33:20.0277 7748  aliide - ok
13:33:20.0277 7748  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\windows\system32\drivers\amdide.sys
13:33:20.0287 7748  amdide - ok
13:33:20.0317 7748  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
13:33:20.0317 7748  AmdK8 - ok
13:33:20.0327 7748  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
13:33:20.0327 7748  AmdPPM - ok
13:33:20.0347 7748  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\windows\system32\drivers\amdsata.sys
13:33:20.0347 7748  amdsata - ok
13:33:20.0367 7748  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
13:33:20.0367 7748  amdsbs - ok
13:33:20.0377 7748  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\windows\system32\drivers\amdxata.sys
13:33:20.0377 7748  amdxata - ok
13:33:20.0397 7748  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\windows\system32\drivers\appid.sys
13:33:20.0397 7748  AppID - ok
13:33:20.0417 7748  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\windows\System32\appidsvc.dll
13:33:20.0427 7748  AppIDSvc - ok
13:33:20.0437 7748  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\windows\System32\appinfo.dll
13:33:20.0437 7748  Appinfo - ok
13:33:20.0467 7748  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\windows\system32\drivers\arc.sys
13:33:20.0467 7748  arc - ok
13:33:20.0487 7748  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\windows\system32\drivers\arcsas.sys
13:33:20.0487 7748  arcsas - ok
13:33:20.0547 7748  [ A3626C6D3F2DC95497F3F61842D7FD89 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
13:33:20.0547 7748  ASLDRService - ok
13:33:20.0567 7748  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
13:33:20.0567 7748  ASMMAP64 - ok
13:33:20.0617 7748  [ 8569AF4C73747671194EA9EBB2F2D6CF ] asmthub3        C:\windows\system32\DRIVERS\asmthub3.sys
13:33:20.0617 7748  asmthub3 - ok
13:33:20.0637 7748  [ 073716FBFFAC7057CD5FF00A1B558331 ] asmtxhci        C:\windows\system32\DRIVERS\asmtxhci.sys
13:33:20.0647 7748  asmtxhci - ok
13:33:20.0727 7748  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:33:20.0737 7748  aspnet_state - ok
13:33:20.0777 7748  [ 52436245AAEF3B65DF7859949AB6A14E ] ASUS InstantOn  C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
13:33:20.0777 7748  ASUS InstantOn - ok
13:33:20.0827 7748  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
13:33:20.0837 7748  AsyncMac - ok
13:33:20.0877 7748  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\windows\system32\drivers\atapi.sys
13:33:20.0877 7748  atapi - ok
13:33:20.0947 7748  [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr            C:\windows\system32\DRIVERS\athrx.sys
13:33:20.0987 7748  athr - ok
13:33:21.0027 7748  [ DBC598E47E7A382E60E2A4745D41FEF9 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
13:33:21.0027 7748  ATKGFNEXSrv - ok
13:33:21.0057 7748  [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
13:33:21.0057 7748  ATKWMIACPIIO - ok
13:33:21.0127 7748  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
13:33:21.0147 7748  AudioEndpointBuilder - ok
13:33:21.0167 7748  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\windows\System32\Audiosrv.dll
13:33:21.0167 7748  AudioSrv - ok
13:33:21.0207 7748  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\windows\System32\AxInstSV.dll
13:33:21.0207 7748  AxInstSV - ok
13:33:21.0247 7748  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
13:33:21.0247 7748  b06bdrv - ok
13:33:21.0277 7748  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
13:33:21.0277 7748  b57nd60a - ok
13:33:21.0307 7748  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\windows\System32\bdesvc.dll
13:33:21.0307 7748  BDESVC - ok
13:33:21.0327 7748  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\windows\system32\drivers\Beep.sys
13:33:21.0327 7748  Beep - ok
13:33:21.0367 7748  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\windows\System32\bfe.dll
13:33:21.0397 7748  BFE - ok
13:33:21.0437 7748  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\windows\System32\qmgr.dll
13:33:21.0467 7748  BITS - ok
13:33:21.0507 7748  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
13:33:21.0507 7748  blbdrive - ok
13:33:21.0537 7748  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
13:33:21.0537 7748  bowser - ok
13:33:21.0557 7748  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
13:33:21.0557 7748  BrFiltLo - ok
13:33:21.0567 7748  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
13:33:21.0567 7748  BrFiltUp - ok
13:33:21.0587 7748  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\windows\System32\browser.dll
13:33:21.0587 7748  Browser - ok
13:33:21.0597 7748  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\windows\System32\Drivers\Brserid.sys
13:33:21.0607 7748  Brserid - ok
13:33:21.0607 7748  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
13:33:21.0607 7748  BrSerWdm - ok
13:33:21.0617 7748  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
13:33:21.0617 7748  BrUsbMdm - ok
13:33:21.0617 7748  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
13:33:21.0617 7748  BrUsbSer - ok
13:33:21.0667 7748  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
13:33:21.0667 7748  BthEnum - ok
13:33:21.0707 7748  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
13:33:21.0707 7748  BTHMODEM - ok
13:33:21.0727 7748  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
13:33:21.0727 7748  BthPan - ok
13:33:21.0757 7748  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
13:33:21.0767 7748  BTHPORT - ok
13:33:21.0807 7748  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\windows\system32\bthserv.dll
13:33:21.0807 7748  bthserv - ok
13:33:21.0837 7748  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
13:33:21.0837 7748  BTHUSB - ok
13:33:21.0867 7748  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
13:33:21.0867 7748  cdfs - ok
13:33:21.0897 7748  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
13:33:21.0907 7748  cdrom - ok
13:33:21.0937 7748  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\windows\System32\certprop.dll
13:33:21.0937 7748  CertPropSvc - ok
13:33:21.0967 7748  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\windows\system32\drivers\circlass.sys
13:33:21.0967 7748  circlass - ok
13:33:21.0997 7748  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\windows\system32\CLFS.sys
13:33:21.0997 7748  CLFS - ok
13:33:22.0057 7748  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:33:22.0057 7748  clr_optimization_v2.0.50727_32 - ok
13:33:22.0107 7748  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:33:22.0107 7748  clr_optimization_v2.0.50727_64 - ok
13:33:22.0167 7748  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:33:22.0177 7748  clr_optimization_v4.0.30319_32 - ok
13:33:22.0197 7748  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:33:22.0207 7748  clr_optimization_v4.0.30319_64 - ok
13:33:22.0227 7748  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
13:33:22.0227 7748  CmBatt - ok
13:33:22.0247 7748  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\windows\system32\drivers\cmdide.sys
13:33:22.0247 7748  cmdide - ok
13:33:22.0297 7748  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\windows\system32\Drivers\cng.sys
13:33:22.0297 7748  CNG - ok
13:33:22.0327 7748  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
13:33:22.0327 7748  Compbatt - ok
13:33:22.0377 7748  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
13:33:22.0377 7748  CompositeBus - ok
13:33:22.0397 7748  COMSysApp - ok
13:33:22.0407 7748  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
13:33:22.0407 7748  crcdisk - ok
13:33:22.0457 7748  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\windows\system32\cryptsvc.dll
13:33:22.0457 7748  CryptSvc - ok
13:33:22.0487 7748  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\windows\system32\rpcss.dll
13:33:22.0497 7748  DcomLaunch - ok
13:33:22.0537 7748  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\windows\System32\defragsvc.dll
13:33:22.0547 7748  defragsvc - ok
13:33:22.0567 7748  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
13:33:22.0577 7748  DfsC - ok
13:33:22.0607 7748  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\windows\system32\dhcpcore.dll
13:33:22.0607 7748  Dhcp - ok
13:33:22.0627 7748  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\windows\system32\drivers\discache.sys
13:33:22.0627 7748  discache - ok
13:33:22.0657 7748  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\windows\system32\drivers\disk.sys
13:33:22.0657 7748  Disk - ok
13:33:22.0687 7748  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\windows\System32\dnsrslvr.dll
13:33:22.0687 7748  Dnscache - ok
13:33:22.0697 7748  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\windows\System32\dot3svc.dll
13:33:22.0697 7748  dot3svc - ok
13:33:22.0717 7748  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\windows\system32\dps.dll
13:33:22.0727 7748  DPS - ok
13:33:22.0767 7748  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
13:33:22.0767 7748  drmkaud - ok
13:33:22.0817 7748  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
13:33:22.0857 7748  DXGKrnl - ok
13:33:22.0917 7748  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\windows\System32\eapsvc.dll
13:33:22.0917 7748  EapHost - ok
13:33:23.0027 7748  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\windows\system32\drivers\evbda.sys
13:33:23.0117 7748  ebdrv - ok
13:33:23.0137 7748  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\windows\System32\lsass.exe
13:33:23.0137 7748  EFS - ok
13:33:23.0197 7748  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
13:33:23.0217 7748  ehRecvr - ok
13:33:23.0227 7748  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\windows\ehome\ehsched.exe
13:33:23.0227 7748  ehSched - ok
13:33:23.0287 7748  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\windows\system32\drivers\elxstor.sys
13:33:23.0307 7748  elxstor - ok
13:33:23.0307 7748  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\windows\system32\drivers\errdev.sys
13:33:23.0317 7748  ErrDev - ok
13:33:23.0337 7748  [ 4C120D2B2EA269EAE7A5744794EB6DB1 ] ETD             C:\windows\system32\DRIVERS\ETD.sys
13:33:23.0337 7748  ETD - ok
13:33:23.0367 7748  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\windows\system32\es.dll
13:33:23.0377 7748  EventSystem - ok
13:33:23.0417 7748  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\windows\system32\drivers\exfat.sys
13:33:23.0417 7748  exfat - ok
13:33:23.0437 7748  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\windows\system32\drivers\fastfat.sys
13:33:23.0447 7748  fastfat - ok
13:33:23.0487 7748  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\windows\system32\fxssvc.exe
13:33:23.0517 7748  Fax - ok
13:33:23.0537 7748  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\windows\system32\drivers\fdc.sys
13:33:23.0537 7748  fdc - ok
13:33:23.0577 7748  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\windows\system32\fdPHost.dll
13:33:23.0577 7748  fdPHost - ok
13:33:23.0587 7748  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\windows\system32\fdrespub.dll
13:33:23.0587 7748  FDResPub - ok
13:33:23.0617 7748  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
13:33:23.0617 7748  FileInfo - ok
13:33:23.0627 7748  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
13:33:23.0627 7748  Filetrace - ok
13:33:23.0657 7748  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
13:33:23.0657 7748  flpydisk - ok
13:33:23.0677 7748  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
13:33:23.0677 7748  FltMgr - ok
13:33:23.0737 7748  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\windows\system32\FntCache.dll
13:33:23.0757 7748  FontCache - ok
13:33:23.0807 7748  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:33:23.0807 7748  FontCache3.0.0.0 - ok
13:33:23.0837 7748  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
13:33:23.0847 7748  FsDepends - ok
13:33:23.0877 7748  [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys
13:33:23.0877 7748  fssfltr - ok
13:33:23.0947 7748  [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:33:23.0957 7748  fsssvc - ok
13:33:23.0987 7748  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
13:33:23.0987 7748  Fs_Rec - ok
13:33:24.0037 7748  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
13:33:24.0047 7748  fvevol - ok
13:33:24.0077 7748  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
13:33:24.0087 7748  gagp30kx - ok
13:33:24.0117 7748  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\windows\System32\gpsvc.dll
13:33:24.0147 7748  gpsvc - ok
13:33:24.0217 7748  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:33:24.0227 7748  gupdate - ok
13:33:24.0247 7748  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:33:24.0247 7748  gupdatem - ok
13:33:24.0287 7748  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
13:33:24.0287 7748  hcw85cir - ok
13:33:24.0317 7748  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
13:33:24.0327 7748  HdAudAddService - ok
13:33:24.0367 7748  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
13:33:24.0367 7748  HDAudBus - ok
13:33:24.0397 7748  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
13:33:24.0397 7748  HidBatt - ok
13:33:24.0417 7748  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\windows\system32\drivers\hidbth.sys
13:33:24.0417 7748  HidBth - ok
13:33:24.0437 7748  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\windows\system32\drivers\hidir.sys
13:33:24.0447 7748  HidIr - ok
13:33:24.0467 7748  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\windows\system32\hidserv.dll
13:33:24.0467 7748  hidserv - ok
13:33:24.0507 7748  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
13:33:24.0507 7748  HidUsb - ok
13:33:24.0547 7748  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\windows\system32\kmsvc.dll
13:33:24.0547 7748  hkmsvc - ok
13:33:24.0577 7748  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
13:33:24.0577 7748  HomeGroupListener - ok
13:33:24.0597 7748  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
13:33:24.0607 7748  HomeGroupProvider - ok
13:33:24.0627 7748  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
13:33:24.0627 7748  HpSAMD - ok
13:33:24.0667 7748  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\windows\system32\drivers\HTTP.sys
13:33:24.0687 7748  HTTP - ok
13:33:24.0697 7748  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
13:33:24.0697 7748  hwpolicy - ok
13:33:24.0737 7748  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
13:33:24.0737 7748  i8042prt - ok
13:33:24.0807 7748  [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
13:33:24.0817 7748  iaStor - ok
13:33:24.0837 7748  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
13:33:24.0847 7748  iaStorV - ok
13:33:24.0907 7748  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:33:24.0917 7748  idsvc - ok
13:33:25.0197 7748  [ 0089B53F1BEFD34B7D8CA4AB021335FA ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
13:33:25.0417 7748  igfx - ok
13:33:25.0447 7748  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\windows\system32\drivers\iirsp.sys
13:33:25.0447 7748  iirsp - ok
13:33:25.0497 7748  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\windows\System32\ikeext.dll
13:33:25.0527 7748  IKEEXT - ok
13:33:25.0637 7748  [ 651972B4061F940DC154C6F7B948B76A ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
13:33:25.0687 7748  IntcAzAudAddService - ok
13:33:25.0727 7748  [ AE594CC17C33AC146739494615E14851 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
13:33:25.0727 7748  IntcDAud - ok
13:33:25.0747 7748  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\windows\system32\drivers\intelide.sys
13:33:25.0747 7748  intelide - ok
13:33:25.0767 7748  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
13:33:25.0767 7748  intelppm - ok
13:33:25.0807 7748  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\windows\system32\ipbusenum.dll
13:33:25.0807 7748  IPBusEnum - ok
13:33:25.0817 7748  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
13:33:25.0817 7748  IpFilterDriver - ok
13:33:25.0857 7748  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
13:33:25.0877 7748  iphlpsvc - ok
13:33:25.0907 7748  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
13:33:25.0907 7748  IPMIDRV - ok
13:33:25.0907 7748  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
13:33:25.0907 7748  IPNAT - ok
13:33:25.0927 7748  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\windows\system32\drivers\irenum.sys
13:33:25.0927 7748  IRENUM - ok
13:33:25.0937 7748  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\windows\system32\drivers\isapnp.sys
13:33:25.0937 7748  isapnp - ok
13:33:25.0967 7748  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
13:33:25.0967 7748  iScsiPrt - ok
13:33:25.0987 7748  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
13:33:25.0987 7748  kbdclass - ok
13:33:26.0027 7748  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
13:33:26.0027 7748  kbdhid - ok
13:33:26.0057 7748  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\windows\system32\DRIVERS\kbfiltr.sys
13:33:26.0057 7748  kbfiltr - ok
13:33:26.0067 7748  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\windows\system32\lsass.exe
13:33:26.0077 7748  KeyIso - ok
13:33:26.0107 7748  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
13:33:26.0107 7748  KSecDD - ok
13:33:26.0127 7748  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
13:33:26.0137 7748  KSecPkg - ok
13:33:26.0167 7748  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
13:33:26.0167 7748  ksthunk - ok
13:33:26.0197 7748  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\windows\system32\msdtckrm.dll
13:33:26.0197 7748  KtmRm - ok
13:33:26.0237 7748  [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C             C:\windows\system32\DRIVERS\L1C62x64.sys
13:33:26.0237 7748  L1C - ok
13:33:26.0287 7748  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\windows\system32\srvsvc.dll
13:33:26.0297 7748  LanmanServer - ok
13:33:26.0307 7748  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
13:33:26.0317 7748  LanmanWorkstation - ok
13:33:26.0347 7748  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
13:33:26.0357 7748  lltdio - ok
13:33:26.0387 7748  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\windows\System32\lltdsvc.dll
13:33:26.0387 7748  lltdsvc - ok
13:33:26.0407 7748  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\windows\System32\lmhsvc.dll
13:33:26.0407 7748  lmhosts - ok
13:33:26.0427 7748  lmimirr - ok
13:33:26.0507 7748  [ 7F32D4C47A50E7223491E8FB9359907D ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:33:26.0517 7748  LMS - ok
13:33:26.0557 7748  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
13:33:26.0567 7748  LSI_FC - ok
13:33:26.0587 7748  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
13:33:26.0587 7748  LSI_SAS - ok
13:33:26.0597 7748  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
13:33:26.0597 7748  LSI_SAS2 - ok
13:33:26.0617 7748  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
13:33:26.0627 7748  LSI_SCSI - ok
13:33:26.0637 7748  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\windows\system32\drivers\luafv.sys
13:33:26.0637 7748  luafv - ok
13:33:26.0657 7748  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
13:33:26.0657 7748  Mcx2Svc - ok
13:33:26.0657 7748  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\windows\system32\drivers\megasas.sys
13:33:26.0667 7748  megasas - ok
13:33:26.0677 7748  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
13:33:26.0677 7748  MegaSR - ok
13:33:26.0707 7748  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys
13:33:26.0707 7748  MEIx64 - ok
13:33:26.0727 7748  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\windows\system32\mmcss.dll
13:33:26.0747 7748  MMCSS - ok
13:33:26.0767 7748  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\windows\system32\drivers\modem.sys
13:33:26.0787 7748  Modem - ok
13:33:26.0837 7748  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\windows\system32\DRIVERS\monitor.sys
13:33:26.0837 7748  monitor - ok
13:33:26.0897 7748  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
13:33:26.0897 7748  mouclass - ok
13:33:26.0937 7748  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
13:33:26.0937 7748  mouhid - ok
13:33:26.0967 7748  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
13:33:26.0967 7748  mountmgr - ok
13:33:26.0997 7748  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\windows\system32\drivers\mpio.sys
13:33:26.0997 7748  mpio - ok
13:33:27.0007 7748  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
13:33:27.0017 7748  mpsdrv - ok
13:33:27.0057 7748  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\windows\system32\mpssvc.dll
13:33:27.0077 7748  MpsSvc - ok
13:33:27.0087 7748  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
13:33:27.0087 7748  MRxDAV - ok
13:33:27.0127 7748  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
13:33:27.0127 7748  mrxsmb - ok
13:33:27.0167 7748  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
13:33:27.0177 7748  mrxsmb10 - ok
13:33:27.0197 7748  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
13:33:27.0197 7748  mrxsmb20 - ok
13:33:27.0217 7748  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\windows\system32\drivers\msahci.sys
13:33:27.0217 7748  msahci - ok
13:33:27.0237 7748  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\windows\system32\drivers\msdsm.sys
13:33:27.0237 7748  msdsm - ok
13:33:27.0267 7748  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\windows\System32\msdtc.exe
13:33:27.0267 7748  MSDTC - ok
13:33:27.0297 7748  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\windows\system32\drivers\Msfs.sys
13:33:27.0297 7748  Msfs - ok
13:33:27.0327 7748  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
13:33:27.0327 7748  mshidkmdf - ok
13:33:27.0347 7748  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
13:33:27.0347 7748  msisadrv - ok
13:33:27.0367 7748  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
13:33:27.0367 7748  MSiSCSI - ok
13:33:27.0367 7748  msiserver - ok
13:33:27.0387 7748  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
13:33:27.0387 7748  MSKSSRV - ok
13:33:27.0397 7748  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
13:33:27.0397 7748  MSPCLOCK - ok
13:33:27.0397 7748  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
13:33:27.0397 7748  MSPQM - ok
13:33:27.0427 7748  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
13:33:27.0427 7748  MsRPC - ok
13:33:27.0447 7748  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
13:33:27.0447 7748  mssmbios - ok
13:33:27.0467 7748  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
13:33:27.0467 7748  MSTEE - ok
13:33:27.0467 7748  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
13:33:27.0467 7748  MTConfig - ok
13:33:27.0487 7748  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\windows\system32\Drivers\mup.sys
13:33:27.0487 7748  Mup - ok
13:33:27.0517 7748  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\windows\system32\qagentRT.dll
13:33:27.0527 7748  napagent - ok
13:33:27.0587 7748  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
13:33:27.0587 7748  NativeWifiP - ok
13:33:27.0657 7748  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\windows\system32\drivers\ndis.sys
13:33:27.0687 7748  NDIS - ok
13:33:27.0717 7748  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
13:33:27.0717 7748  NdisCap - ok
13:33:27.0737 7748  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
13:33:27.0747 7748  NdisTapi - ok
13:33:27.0757 7748  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
13:33:27.0757 7748  Ndisuio - ok
13:33:27.0777 7748  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
13:33:27.0777 7748  NdisWan - ok
13:33:27.0797 7748  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
13:33:27.0797 7748  NDProxy - ok
13:33:27.0817 7748  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
13:33:27.0817 7748  NetBIOS - ok
13:33:27.0827 7748  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
13:33:27.0837 7748  NetBT - ok
13:33:27.0857 7748  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\windows\system32\lsass.exe
13:33:27.0857 7748  Netlogon - ok
13:33:27.0907 7748  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\windows\System32\netman.dll
13:33:27.0907 7748  Netman - ok
13:33:27.0947 7748  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:33:27.0947 7748  NetMsmqActivator - ok
13:33:27.0967 7748  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:33:27.0967 7748  NetPipeActivator - ok
13:33:27.0997 7748  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\windows\System32\netprofm.dll
13:33:28.0007 7748  netprofm - ok
13:33:28.0087 7748  [ FB21D47BA5606A4EDBBAC353D4BD06F0 ] netr28x         C:\windows\system32\DRIVERS\netr28x.sys
13:33:28.0117 7748  netr28x - ok
13:33:28.0147 7748  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:33:28.0147 7748  NetTcpActivator - ok
13:33:28.0147 7748  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:33:28.0147 7748  NetTcpPortSharing - ok
13:33:28.0197 7748  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
13:33:28.0197 7748  nfrd960 - ok
13:33:28.0247 7748  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\windows\System32\nlasvc.dll
13:33:28.0257 7748  NlaSvc - ok
13:33:28.0277 7748  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\windows\system32\drivers\Npfs.sys
13:33:28.0277 7748  Npfs - ok
13:33:28.0287 7748  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\windows\system32\nsisvc.dll
13:33:28.0297 7748  nsi - ok
13:33:28.0307 7748  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
13:33:28.0307 7748  nsiproxy - ok
13:33:28.0367 7748  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
13:33:28.0417 7748  Ntfs - ok
13:33:28.0417 7748  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\windows\system32\drivers\Null.sys
13:33:28.0427 7748  Null - ok
13:33:28.0457 7748  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\windows\system32\drivers\nvraid.sys
13:33:28.0457 7748  nvraid - ok
13:33:28.0467 7748  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\windows\system32\drivers\nvstor.sys
13:33:28.0467 7748  nvstor - ok
13:33:28.0487 7748  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
13:33:28.0487 7748  nv_agp - ok
13:33:28.0487 7748  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
13:33:28.0487 7748  ohci1394 - ok
13:33:28.0537 7748  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:33:28.0537 7748  ose - ok
13:33:28.0727 7748  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:33:28.0757 7748  osppsvc - ok
13:33:28.0817 7748  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
13:33:28.0827 7748  p2pimsvc - ok
13:33:28.0847 7748  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\windows\system32\p2psvc.dll
13:33:28.0847 7748  p2psvc - ok
13:33:28.0867 7748  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\windows\system32\drivers\parport.sys
13:33:28.0867 7748  Parport - ok
13:33:28.0897 7748  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\windows\system32\drivers\partmgr.sys
13:33:28.0897 7748  partmgr - ok
13:33:28.0927 7748  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\windows\System32\pcasvc.dll
13:33:28.0927 7748  PcaSvc - ok
13:33:28.0947 7748  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\windows\system32\drivers\pci.sys
13:33:28.0947 7748  pci - ok
13:33:28.0967 7748  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\windows\system32\drivers\pciide.sys
13:33:28.0967 7748  pciide - ok
13:33:28.0997 7748  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
13:33:28.0997 7748  pcmcia - ok
13:33:29.0007 7748  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\windows\system32\drivers\pcw.sys
13:33:29.0007 7748  pcw - ok
13:33:29.0027 7748  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\windows\system32\drivers\peauth.sys
13:33:29.0057 7748  PEAUTH - ok
13:33:29.0107 7748  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\windows\SysWow64\perfhost.exe
13:33:29.0107 7748  PerfHost - ok
13:33:29.0147 7748  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\windows\system32\pla.dll
13:33:29.0177 7748  pla - ok
13:33:29.0217 7748  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
13:33:29.0217 7748  PlugPlay - ok
13:33:29.0237 7748  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
13:33:29.0237 7748  PNRPAutoReg - ok
13:33:29.0257 7748  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
13:33:29.0257 7748  PNRPsvc - ok
13:33:29.0277 7748  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
13:33:29.0287 7748  PolicyAgent - ok
13:33:29.0317 7748  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\windows\system32\umpo.dll
13:33:29.0317 7748  Power - ok
13:33:29.0337 7748  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
13:33:29.0337 7748  PptpMiniport - ok
13:33:29.0357 7748  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\windows\system32\drivers\processr.sys
13:33:29.0357 7748  Processor - ok
13:33:29.0387 7748  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\windows\system32\profsvc.dll
13:33:29.0387 7748  ProfSvc - ok
13:33:29.0407 7748  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
13:33:29.0407 7748  ProtectedStorage - ok
13:33:29.0427 7748  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\windows\system32\DRIVERS\pacer.sys
13:33:29.0427 7748  Psched - ok
13:33:29.0467 7748  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\windows\system32\drivers\ql2300.sys
13:33:29.0507 7748  ql2300 - ok
13:33:29.0537 7748  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
13:33:29.0537 7748  ql40xx - ok
13:33:29.0567 7748  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\windows\system32\qwave.dll
13:33:29.0577 7748  QWAVE - ok
13:33:29.0587 7748  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
13:33:29.0587 7748  QWAVEdrv - ok
13:33:29.0597 7748  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
13:33:29.0597 7748  RasAcd - ok
13:33:29.0637 7748  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
13:33:29.0637 7748  RasAgileVpn - ok
13:33:29.0657 7748  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\windows\System32\rasauto.dll
13:33:29.0657 7748  RasAuto - ok
13:33:29.0667 7748  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
13:33:29.0667 7748  Rasl2tp - ok
13:33:29.0697 7748  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\windows\System32\rasmans.dll
13:33:29.0697 7748  RasMan - ok
13:33:29.0717 7748  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
13:33:29.0717 7748  RasPppoe - ok
13:33:29.0737 7748  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
13:33:29.0737 7748  RasSstp - ok
13:33:29.0757 7748  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
13:33:29.0757 7748  rdbss - ok
13:33:29.0777 7748  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
13:33:29.0777 7748  rdpbus - ok
13:33:29.0797 7748  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
13:33:29.0797 7748  RDPCDD - ok
13:33:29.0817 7748  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
13:33:29.0817 7748  RDPENCDD - ok
13:33:29.0817 7748  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
13:33:29.0817 7748  RDPREFMP - ok
13:33:29.0837 7748  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
13:33:29.0837 7748  RDPWD - ok
13:33:29.0877 7748  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
13:33:29.0877 7748  rdyboost - ok
13:33:29.0897 7748  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\windows\System32\mprdim.dll
13:33:29.0907 7748  RemoteAccess - ok
13:33:29.0937 7748  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\windows\system32\regsvc.dll
13:33:29.0937 7748  RemoteRegistry - ok
13:33:29.0957 7748  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
13:33:29.0957 7748  RFCOMM - ok
13:33:29.0977 7748  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
13:33:29.0977 7748  RpcEptMapper - ok
13:33:29.0997 7748  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\windows\system32\locator.exe
13:33:29.0997 7748  RpcLocator - ok
13:33:30.0017 7748  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\windows\system32\rpcss.dll
13:33:30.0017 7748  RpcSs - ok
13:33:30.0067 7748  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
13:33:30.0067 7748  rspndr - ok
13:33:30.0087 7748  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\windows\system32\lsass.exe
13:33:30.0087 7748  SamSs - ok
13:33:30.0097 7748  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
13:33:30.0097 7748  sbp2port - ok
13:33:30.0127 7748  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\windows\System32\SCardSvr.dll
13:33:30.0127 7748  SCardSvr - ok
13:33:30.0137 7748  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
13:33:30.0137 7748  scfilter - ok
13:33:30.0167 7748  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\windows\system32\schedsvc.dll
13:33:30.0187 7748  Schedule - ok
13:33:30.0217 7748  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\windows\System32\certprop.dll
13:33:30.0217 7748  SCPolicySvc - ok
13:33:30.0237 7748  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\windows\System32\SDRSVC.dll
13:33:30.0237 7748  SDRSVC - ok
13:33:30.0267 7748  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
13:33:30.0267 7748  secdrv - ok
13:33:30.0287 7748  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\windows\system32\seclogon.dll
13:33:30.0287 7748  seclogon - ok
13:33:30.0297 7748  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\windows\System32\sens.dll
13:33:30.0297 7748  SENS - ok
13:33:30.0307 7748  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\windows\system32\sensrsvc.dll
13:33:30.0317 7748  SensrSvc - ok
13:33:30.0347 7748  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
13:33:30.0347 7748  Serenum - ok
13:33:30.0377 7748  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\windows\system32\drivers\serial.sys
13:33:30.0377 7748  Serial - ok
13:33:30.0397 7748  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\windows\system32\drivers\sermouse.sys
13:33:30.0397 7748  sermouse - ok
13:33:30.0427 7748  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\windows\system32\sessenv.dll
13:33:30.0427 7748  SessionEnv - ok
13:33:30.0427 7748  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
13:33:30.0427 7748  sffdisk - ok
13:33:30.0437 7748  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
13:33:30.0437 7748  sffp_mmc - ok
13:33:30.0437 7748  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
13:33:30.0437 7748  sffp_sd - ok
13:33:30.0447 7748  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
13:33:30.0447 7748  sfloppy - ok
13:33:30.0487 7748  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\windows\System32\ipnathlp.dll
13:33:30.0487 7748  SharedAccess - ok
13:33:30.0507 7748  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
13:33:30.0507 7748  ShellHWDetection - ok
13:33:30.0537 7748  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\windows\system32\DRIVERS\SiSG664.sys
13:33:30.0537 7748  SiSGbeLH - ok
13:33:30.0567 7748  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
13:33:30.0567 7748  SiSRaid2 - ok
13:33:30.0567 7748  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
13:33:30.0567 7748  SiSRaid4 - ok
13:33:30.0577 7748  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\windows\system32\DRIVERS\smb.sys
13:33:30.0577 7748  Smb - ok
13:33:30.0617 7748  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\windows\System32\snmptrap.exe
13:33:30.0617 7748  SNMPTRAP - ok
13:33:30.0627 7748  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\windows\system32\drivers\spldr.sys
13:33:30.0627 7748  spldr - ok
13:33:30.0667 7748  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\windows\System32\spoolsv.exe
13:33:30.0677 7748  Spooler - ok
13:33:30.0827 7748  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\windows\system32\sppsvc.exe
13:33:30.0887 7748  sppsvc - ok
13:33:30.0927 7748  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\windows\system32\sppuinotify.dll
13:33:30.0927 7748  sppuinotify - ok
13:33:30.0947 7748  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\windows\system32\DRIVERS\srv.sys
13:33:30.0947 7748  srv - ok
13:33:30.0977 7748  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
13:33:30.0977 7748  srv2 - ok
13:33:30.0987 7748  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
13:33:30.0987 7748  srvnet - ok
13:33:31.0017 7748  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
13:33:31.0027 7748  SSDPSRV - ok
13:33:31.0047 7748  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\windows\system32\sstpsvc.dll
13:33:31.0047 7748  SstpSvc - ok
13:33:31.0057 7748  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\windows\system32\drivers\stexstor.sys
13:33:31.0057 7748  stexstor - ok
13:33:31.0107 7748  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\windows\system32\DRIVERS\serscan.sys
13:33:31.0107 7748  StillCam - ok
13:33:31.0147 7748  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\windows\System32\wiaservc.dll
13:33:31.0157 7748  stisvc - ok
13:33:31.0187 7748  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
13:33:31.0187 7748  swenum - ok
13:33:31.0217 7748  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\windows\System32\swprv.dll
13:33:31.0267 7748  swprv - ok
13:33:31.0307 7748  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\windows\system32\sysmain.dll
13:33:31.0347 7748  SysMain - ok
13:33:31.0347 7748  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
13:33:31.0357 7748  TabletInputService - ok
13:33:31.0357 7748  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\windows\System32\tapisrv.dll
13:33:31.0367 7748  TapiSrv - ok
13:33:31.0377 7748  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\windows\System32\tbssvc.dll
13:33:31.0377 7748  TBS - ok
13:33:31.0437 7748  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
13:33:31.0477 7748  Tcpip - ok
13:33:31.0527 7748  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
13:33:31.0537 7748  TCPIP6 - ok
13:33:31.0567 7748  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
13:33:31.0567 7748  tcpipreg - ok
13:33:31.0597 7748  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
13:33:31.0597 7748  TDPIPE - ok
13:33:31.0617 7748  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
13:33:31.0617 7748  TDTCP - ok
13:33:31.0627 7748  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
13:33:31.0627 7748  tdx - ok
13:33:31.0647 7748  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
13:33:31.0647 7748  TermDD - ok
13:33:31.0667 7748  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\windows\System32\termsrv.dll
13:33:31.0687 7748  TermService - ok
13:33:31.0697 7748  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\windows\system32\themeservice.dll
13:33:31.0697 7748  Themes - ok
13:33:31.0707 7748  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\windows\system32\mmcss.dll
13:33:31.0707 7748  THREADORDER - ok
13:33:31.0737 7748  [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM             C:\windows\system32\drivers\tpm.sys
13:33:31.0737 7748  TPM - ok
13:33:31.0757 7748  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\windows\System32\trkwks.dll
13:33:31.0757 7748  TrkWks - ok
13:33:31.0807 7748  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
13:33:31.0807 7748  TrustedInstaller - ok
13:33:31.0827 7748  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
13:33:31.0827 7748  tssecsrv - ok
13:33:31.0847 7748  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
13:33:31.0847 7748  TsUsbFlt - ok
13:33:31.0867 7748  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
13:33:31.0867 7748  TsUsbGD - ok
13:33:31.0877 7748  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
13:33:31.0877 7748  tunnel - ok
13:33:31.0887 7748  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\windows\system32\drivers\uagp35.sys
13:33:31.0887 7748  uagp35 - ok
13:33:31.0897 7748  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
13:33:31.0897 7748  udfs - ok
13:33:31.0917 7748  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\windows\system32\UI0Detect.exe
13:33:31.0917 7748  UI0Detect - ok
13:33:31.0937 7748  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
13:33:31.0937 7748  uliagpkx - ok
13:33:31.0977 7748  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\windows\system32\DRIVERS\umbus.sys
13:33:31.0977 7748  umbus - ok
13:33:31.0977 7748  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\windows\system32\drivers\umpass.sys
13:33:31.0977 7748  UmPass - ok
13:33:32.0047 7748  [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:33:32.0057 7748  UNS - ok
13:33:32.0087 7748  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\windows\System32\upnphost.dll
13:33:32.0097 7748  upnphost - ok
13:33:32.0147 7748  [ 8F275FCC2AD6A3B9F2996C8C6214E046 ] USA19H          C:\windows\system32\DRIVERS\USA19Hx64.sys
13:33:32.0167 7748  USA19H - ok
13:33:32.0187 7748  [ 135F9108AC23636F41226C213DCBC74F ] USA19HP         C:\windows\system32\DRIVERS\USA19Hx64p.SYS
13:33:32.0187 7748  USA19HP - ok
13:33:32.0217 7748  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
13:33:32.0227 7748  usbccgp - ok
13:33:32.0247 7748  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\windows\system32\drivers\usbcir.sys
13:33:32.0247 7748  usbcir - ok
13:33:32.0267 7748  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
13:33:32.0267 7748  usbehci - ok
13:33:32.0297 7748  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
13:33:32.0297 7748  usbhub - ok
13:33:32.0317 7748  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\windows\system32\drivers\usbohci.sys
13:33:32.0317 7748  usbohci - ok
13:33:32.0327 7748  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\windows\system32\drivers\usbprint.sys
13:33:32.0327 7748  usbprint - ok
13:33:32.0327 7748  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
13:33:32.0337 7748  USBSTOR - ok
13:33:32.0337 7748  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
13:33:32.0337 7748  usbuhci - ok
13:33:32.0397 7748  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys
13:33:32.0397 7748  usbvideo - ok
13:33:32.0417 7748  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\windows\System32\uxsms.dll
13:33:32.0417 7748  UxSms - ok
13:33:32.0427 7748  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\windows\system32\lsass.exe
13:33:32.0427 7748  VaultSvc - ok
13:33:32.0447 7748  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
13:33:32.0447 7748  vdrvroot - ok
13:33:32.0467 7748  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\windows\System32\vds.exe
13:33:32.0487 7748  vds - ok
13:33:32.0507 7748  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
13:33:32.0507 7748  vga - ok
13:33:32.0527 7748  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\windows\System32\drivers\vga.sys
13:33:32.0527 7748  VgaSave - ok
13:33:32.0537 7748  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
13:33:32.0537 7748  vhdmp - ok
13:33:32.0557 7748  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\windows\system32\drivers\viaide.sys
13:33:32.0557 7748  viaide - ok
13:33:32.0577 7748  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\windows\system32\drivers\volmgr.sys
13:33:32.0577 7748  volmgr - ok
13:33:32.0597 7748  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
13:33:32.0597 7748  volmgrx - ok
13:33:32.0627 7748  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\windows\system32\drivers\volsnap.sys
13:33:32.0627 7748  volsnap - ok
13:33:32.0647 7748  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
13:33:32.0647 7748  vsmraid - ok
13:33:32.0697 7748  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\windows\system32\vssvc.exe
13:33:32.0737 7748  VSS - ok
13:33:32.0747 7748  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
13:33:32.0777 7748  vwifibus - ok
13:33:32.0787 7748  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
13:33:32.0787 7748  vwififlt - ok
13:33:32.0797 7748  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
13:33:32.0797 7748  vwifimp - ok
13:33:32.0837 7748  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\windows\system32\w32time.dll
13:33:32.0837 7748  W32Time - ok
13:33:32.0867 7748  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\windows\system32\drivers\wacompen.sys
13:33:32.0867 7748  WacomPen - ok
13:33:32.0897 7748  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
13:33:32.0897 7748  WANARP - ok
13:33:32.0917 7748  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
13:33:32.0917 7748  Wanarpv6 - ok
13:33:32.0977 7748  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
13:33:32.0997 7748  WatAdminSvc - ok
13:33:33.0047 7748  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\windows\system32\wbengine.exe
13:33:33.0077 7748  wbengine - ok
13:33:33.0107 7748  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
13:33:33.0117 7748  WbioSrvc - ok
13:33:33.0127 7748  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\windows\System32\wcncsvc.dll
13:33:33.0127 7748  wcncsvc - ok
13:33:33.0147 7748  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
13:33:33.0147 7748  WcsPlugInService - ok
13:33:33.0157 7748  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\windows\system32\drivers\wd.sys
13:33:33.0167 7748  Wd - ok
13:33:33.0197 7748  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
13:33:33.0217 7748  Wdf01000 - ok
13:33:33.0237 7748  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\windows\system32\wdi.dll
13:33:33.0237 7748  WdiServiceHost - ok
13:33:33.0237 7748  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\windows\system32\wdi.dll
13:33:33.0237 7748  WdiSystemHost - ok
13:33:33.0257 7748  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\windows\System32\webclnt.dll
13:33:33.0267 7748  WebClient - ok
13:33:33.0277 7748  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\windows\system32\wecsvc.dll
13:33:33.0277 7748  Wecsvc - ok
13:33:33.0297 7748  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\windows\System32\wercplsupport.dll
13:33:33.0297 7748  wercplsupport - ok
13:33:33.0327 7748  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\windows\System32\WerSvc.dll
13:33:33.0327 7748  WerSvc - ok
13:33:33.0367 7748  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
13:33:33.0367 7748  WfpLwf - ok
13:33:33.0387 7748  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\windows\system32\DRIVERS\wimfltr.sys
13:33:33.0387 7748  WimFltr - ok
13:33:33.0397 7748  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys
13:33:33.0397 7748  WIMMount - ok
13:33:33.0417 7748  WinDefend - ok
13:33:33.0437 7748  WinHttpAutoProxySvc - ok
13:33:33.0487 7748  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
13:33:33.0487 7748  Winmgmt - ok
13:33:33.0537 7748  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\windows\system32\WsmSvc.dll
13:33:33.0607 7748  WinRM - ok
13:33:33.0677 7748  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\windows\system32\DRIVERS\WinUSB.sys
13:33:33.0677 7748  WinUsb - ok
13:33:33.0707 7748  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\windows\System32\wlansvc.dll
13:33:33.0727 7748  Wlansvc - ok
13:33:33.0777 7748  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:33:33.0777 7748  wlcrasvc - ok
13:33:33.0867 7748  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:33:33.0887 7748  wlidsvc - ok
13:33:33.0907 7748  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys
13:33:33.0907 7748  WmiAcpi - ok
13:33:33.0937 7748  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
13:33:33.0937 7748  wmiApSrv - ok
13:33:33.0977 7748  WMPNetworkSvc - ok
13:33:33.0997 7748  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\windows\System32\wpcsvc.dll
13:33:34.0007 7748  WPCSvc - ok
13:33:34.0017 7748  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
13:33:34.0017 7748  WPDBusEnum - ok
13:33:34.0037 7748  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
13:33:34.0037 7748  ws2ifsl - ok
13:33:34.0057 7748  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\windows\System32\wscsvc.dll
13:33:34.0057 7748  wscsvc - ok
13:33:34.0057 7748  WSearch - ok
13:33:34.0137 7748  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\windows\system32\wuaueng.dll
13:33:34.0187 7748  wuauserv - ok
13:33:34.0207 7748  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
13:33:34.0207 7748  WudfPf - ok
13:33:34.0227 7748  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
13:33:34.0227 7748  WUDFRd - ok
13:33:34.0247 7748  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
13:33:34.0247 7748  wudfsvc - ok
13:33:34.0267 7748  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\windows\System32\wwansvc.dll
13:33:34.0277 7748  WwanSvc - ok
13:33:34.0297 7748  ================ Scan global ===============================
13:33:34.0317 7748  [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
13:33:34.0327 7748  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
13:33:34.0337 7748  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
13:33:34.0357 7748  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
13:33:34.0387 7748  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
13:33:34.0387 7748  [Global] - ok
13:33:34.0387 7748  ================ Scan MBR ==================================
13:33:34.0397 7748  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:33:34.0767 7748  \Device\Harddisk0\DR0 - ok
13:33:34.0767 7748  [ 5E9AEF0915A3B50BF575ED81BFB0085F ] \Device\Harddisk1\DR1
13:33:34.0947 7748  \Device\Harddisk1\DR1 ( Rootkit.Win32.BackBoot.gen ) - warning
13:33:34.0947 7748  \Device\Harddisk1\DR1 - detected Rootkit.Win32.BackBoot.gen (1)
13:33:35.0077 7748  ================ Scan VBR ==================================
13:33:35.0097 7748  [ 331DD755B8AF2133481A5210FF18B987 ] \Device\Harddisk0\DR0\Partition1
13:33:35.0097 7748  \Device\Harddisk0\DR0\Partition1 - ok
13:33:35.0117 7748  [ B376CBCB379C4FA3E5E020E07ECACA50 ] \Device\Harddisk0\DR0\Partition2
13:33:35.0117 7748  \Device\Harddisk0\DR0\Partition2 - ok
13:33:35.0127 7748  [ E3F143361A3F40061F25A4F358029F5B ] \Device\Harddisk1\DR1\Partition1
13:33:35.0127 7748  \Device\Harddisk1\DR1\Partition1 - ok
13:33:35.0127 7748  ============================================================
13:33:35.0127 7748  Scan finished
13:33:35.0127 7748  ============================================================
13:33:35.0137 2404  Detected object count: 1
13:33:35.0137 2404  Actual detected object count: 1
13:39:17.0387 2404  \Device\Harddisk1\DR1 ( Rootkit.Win32.BackBoot.gen ) - skipped by user
13:39:17.0387 2404  \Device\Harddisk1\DR1 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip
13:39:19.0037 6272  Deinitialize success
 



#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,656 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:56 AM

Posted 31 May 2013 - 09:56 AM

User select action: Skip

Re-run the tool but this time select "Cure" instead of "Skip".


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 31 May 2013 - 11:31 AM

OK, weird. This time I ran with TLDS selected, and nothing different, and there was no infection found at the end.

=============

11:28:49.0193 19264  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:28:49.0864 19264  ============================================================
11:28:49.0864 19264  Current date / time: 2013/05/31 11:28:49.0864
11:28:49.0864 19264  SystemInfo:
11:28:49.0864 19264 
11:28:49.0864 19264  OS Version: 6.1.7601 ServicePack: 1.0
11:28:49.0864 19264  Product type: Workstation
11:28:49.0864 19264  ComputerName: MANAGERS-PC
11:28:49.0864 19264  UserName: Managers
11:28:49.0864 19264  Windows directory: C:\windows
11:28:49.0864 19264  System windows directory: C:\windows
11:28:49.0864 19264  Running under WOW64
11:28:49.0864 19264  Processor architecture: Intel x64
11:28:49.0864 19264  Number of processors: 4
11:28:49.0864 19264  Page size: 0x1000
11:28:49.0864 19264  Boot type: Normal boot
11:28:49.0864 19264  ============================================================
11:28:50.0285 19264  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:28:50.0285 19264  ============================================================
11:28:50.0285 19264  \Device\Harddisk0\DR0:
11:28:50.0285 19264  MBR partitions:
11:28:50.0285 19264  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3232800, BlocksNum 0xEE79000
11:28:50.0285 19264  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x120AB800, BlocksNum 0x133832B0
11:28:50.0285 19264  ============================================================
11:28:50.0317 19264  C: <-> \Device\Harddisk0\DR0\Partition1
11:28:50.0348 19264  D: <-> \Device\Harddisk0\DR0\Partition2
11:28:50.0348 19264  ============================================================
11:28:50.0348 19264  Initialize success
11:28:50.0348 19264  ============================================================
11:29:03.0873 18796  ============================================================
11:29:03.0873 18796  Scan started
11:29:03.0873 18796  Mode: Manual; TDLFS;
11:29:03.0873 18796  ============================================================
11:29:04.0138 18796  ================ Scan system memory ========================
11:29:04.0138 18796  System memory - ok
11:29:04.0154 18796  ================ Scan services =============================
11:29:04.0466 18796  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
11:29:04.0466 18796  1394ohci - ok
11:29:04.0513 18796  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\windows\system32\drivers\ACPI.sys
11:29:04.0513 18796  ACPI - ok
11:29:04.0559 18796  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
11:29:04.0559 18796  AcpiPmi - ok
11:29:04.0622 18796  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:29:04.0622 18796  AdobeARMservice - ok
11:29:04.0747 18796  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:29:04.0747 18796  AdobeFlashPlayerUpdateSvc - ok
11:29:04.0809 18796  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
11:29:04.0825 18796  adp94xx - ok
11:29:04.0856 18796  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\windows\system32\drivers\adpahci.sys
11:29:04.0871 18796  adpahci - ok
11:29:04.0871 18796  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\windows\system32\drivers\adpu320.sys
11:29:04.0887 18796  adpu320 - ok
11:29:04.0918 18796  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
11:29:04.0918 18796  AeLookupSvc - ok
11:29:04.0965 18796  [ 69FD46FAC0D9C4A8ECD522AC6A7481F5 ] AFBAgent        C:\windows\system32\FBAgent.exe
11:29:04.0965 18796  AFBAgent - ok
11:29:05.0027 18796  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\windows\system32\drivers\afd.sys
11:29:05.0027 18796  AFD - ok
11:29:05.0105 18796  [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem  C:\windows\system32\DRIVERS\agrsm64.sys
11:29:05.0137 18796  AgereSoftModem - ok
11:29:05.0168 18796  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\windows\system32\drivers\agp440.sys
11:29:05.0168 18796  agp440 - ok
11:29:05.0199 18796  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\windows\System32\alg.exe
11:29:05.0199 18796  ALG - ok
11:29:05.0246 18796  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\windows\system32\drivers\aliide.sys
11:29:05.0246 18796  aliide - ok
11:29:05.0246 18796  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\windows\system32\drivers\amdide.sys
11:29:05.0246 18796  amdide - ok
11:29:05.0277 18796  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
11:29:05.0277 18796  AmdK8 - ok
11:29:05.0293 18796  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
11:29:05.0293 18796  AmdPPM - ok
11:29:05.0293 18796  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\windows\system32\drivers\amdsata.sys
11:29:05.0293 18796  amdsata - ok
11:29:05.0324 18796  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
11:29:05.0324 18796  amdsbs - ok
11:29:05.0339 18796  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\windows\system32\drivers\amdxata.sys
11:29:05.0339 18796  amdxata - ok
11:29:05.0371 18796  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\windows\system32\drivers\appid.sys
11:29:05.0371 18796  AppID - ok
11:29:05.0386 18796  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\windows\System32\appidsvc.dll
11:29:05.0402 18796  AppIDSvc - ok
11:29:05.0417 18796  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\windows\System32\appinfo.dll
11:29:05.0417 18796  Appinfo - ok
11:29:05.0433 18796  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\windows\system32\drivers\arc.sys
11:29:05.0433 18796  arc - ok
11:29:05.0449 18796  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\windows\system32\drivers\arcsas.sys
11:29:05.0449 18796  arcsas - ok
11:29:05.0527 18796  [ A3626C6D3F2DC95497F3F61842D7FD89 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
11:29:05.0527 18796  ASLDRService - ok
11:29:05.0527 18796  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
11:29:05.0527 18796  ASMMAP64 - ok
11:29:05.0573 18796  [ 8569AF4C73747671194EA9EBB2F2D6CF ] asmthub3        C:\windows\system32\DRIVERS\asmthub3.sys
11:29:05.0573 18796  asmthub3 - ok
11:29:05.0605 18796  [ 073716FBFFAC7057CD5FF00A1B558331 ] asmtxhci        C:\windows\system32\DRIVERS\asmtxhci.sys
11:29:05.0605 18796  asmtxhci - ok
11:29:05.0698 18796  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:29:05.0698 18796  aspnet_state - ok
11:29:05.0776 18796  [ 52436245AAEF3B65DF7859949AB6A14E ] ASUS InstantOn  C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
11:29:05.0776 18796  ASUS InstantOn - ok
11:29:05.0823 18796  [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk        C:\windows\system32\drivers\aswFsBlk.sys
11:29:05.0823 18796  aswFsBlk - ok
11:29:05.0854 18796  [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt       C:\windows\system32\drivers\aswMonFlt.sys
11:29:05.0854 18796  aswMonFlt - ok
11:29:05.0870 18796  [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr          C:\windows\System32\Drivers\aswrdr2.sys
11:29:05.0870 18796  aswRdr - ok
11:29:05.0901 18796  [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt         C:\windows\system32\drivers\aswRvrt.sys
11:29:05.0901 18796  aswRvrt - ok
11:29:05.0932 18796  [ 10ED1CAB84AA65983C41A11F60294C9B ] aswSnx          C:\windows\system32\drivers\aswSnx.sys
11:29:05.0948 18796  aswSnx - ok
11:29:05.0979 18796  [ 00E5253353717D3CA12A0F5A6F9991EC ] aswSP           C:\windows\system32\drivers\aswSP.sys
11:29:05.0979 18796  aswSP - ok
11:29:05.0995 18796  [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi          C:\windows\system32\drivers\aswTdi.sys
11:29:05.0995 18796  aswTdi - ok
11:29:06.0010 18796  [ 6359B99C955DB9F40B653159A0EED261 ] aswVmm          C:\windows\system32\drivers\aswVmm.sys
11:29:06.0010 18796  aswVmm - ok
11:29:06.0041 18796  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
11:29:06.0041 18796  AsyncMac - ok
11:29:06.0073 18796  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\windows\system32\drivers\atapi.sys
11:29:06.0073 18796  atapi - ok
11:29:06.0119 18796  [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr            C:\windows\system32\DRIVERS\athrx.sys
11:29:06.0166 18796  athr - ok
11:29:06.0197 18796  [ DBC598E47E7A382E60E2A4745D41FEF9 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
11:29:06.0197 18796  ATKGFNEXSrv - ok
11:29:06.0229 18796  [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
11:29:06.0229 18796  ATKWMIACPIIO - ok
11:29:06.0275 18796  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
11:29:06.0291 18796  AudioEndpointBuilder - ok
11:29:06.0322 18796  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\windows\System32\Audiosrv.dll
11:29:06.0322 18796  AudioSrv - ok
11:29:06.0400 18796  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:29:06.0400 18796  avast! Antivirus - ok
11:29:06.0447 18796  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\windows\System32\AxInstSV.dll
11:29:06.0447 18796  AxInstSV - ok
11:29:06.0494 18796  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
11:29:06.0509 18796  b06bdrv - ok
11:29:06.0541 18796  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
11:29:06.0541 18796  b57nd60a - ok
11:29:06.0587 18796  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\windows\System32\bdesvc.dll
11:29:06.0587 18796  BDESVC - ok
11:29:06.0603 18796  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\windows\system32\drivers\Beep.sys
11:29:06.0603 18796  Beep - ok
11:29:06.0665 18796  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\windows\System32\bfe.dll
11:29:06.0681 18796  BFE - ok
11:29:06.0728 18796  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\windows\System32\qmgr.dll
11:29:06.0743 18796  BITS - ok
11:29:06.0775 18796  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
11:29:06.0775 18796  blbdrive - ok
11:29:06.0790 18796  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
11:29:06.0806 18796  bowser - ok
11:29:06.0821 18796  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
11:29:06.0821 18796  BrFiltLo - ok
11:29:06.0821 18796  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
11:29:06.0821 18796  BrFiltUp - ok
11:29:06.0853 18796  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\windows\System32\browser.dll
11:29:06.0853 18796  Browser - ok
11:29:06.0868 18796  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\windows\System32\Drivers\Brserid.sys
11:29:06.0868 18796  Brserid - ok
11:29:06.0884 18796  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
11:29:06.0884 18796  BrSerWdm - ok
11:29:06.0884 18796  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
11:29:06.0884 18796  BrUsbMdm - ok
11:29:06.0884 18796  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
11:29:06.0884 18796  BrUsbSer - ok
11:29:06.0931 18796  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
11:29:06.0931 18796  BthEnum - ok
11:29:06.0977 18796  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
11:29:06.0977 18796  BTHMODEM - ok
11:29:06.0993 18796  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
11:29:06.0993 18796  BthPan - ok
11:29:07.0040 18796  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
11:29:07.0071 18796  BTHPORT - ok
11:29:07.0118 18796  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\windows\system32\bthserv.dll
11:29:07.0118 18796  bthserv - ok
11:29:07.0149 18796  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
11:29:07.0149 18796  BTHUSB - ok
11:29:07.0180 18796  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
11:29:07.0180 18796  cdfs - ok
11:29:07.0211 18796  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
11:29:07.0227 18796  cdrom - ok
11:29:07.0258 18796  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\windows\System32\certprop.dll
11:29:07.0274 18796  CertPropSvc - ok
11:29:07.0289 18796  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\windows\system32\drivers\circlass.sys
11:29:07.0289 18796  circlass - ok
11:29:07.0321 18796  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\windows\system32\CLFS.sys
11:29:07.0336 18796  CLFS - ok
11:29:07.0399 18796  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:29:07.0399 18796  clr_optimization_v2.0.50727_32 - ok
11:29:07.0461 18796  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:29:07.0461 18796  clr_optimization_v2.0.50727_64 - ok
11:29:07.0523 18796  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:29:07.0523 18796  clr_optimization_v4.0.30319_32 - ok
11:29:07.0555 18796  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:29:07.0570 18796  clr_optimization_v4.0.30319_64 - ok
11:29:07.0601 18796  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
11:29:07.0601 18796  CmBatt - ok
11:29:07.0633 18796  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\windows\system32\drivers\cmdide.sys
11:29:07.0633 18796  cmdide - ok
11:29:07.0679 18796  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\windows\system32\Drivers\cng.sys
11:29:07.0695 18796  CNG - ok
11:29:07.0711 18796  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
11:29:07.0711 18796  Compbatt - ok
11:29:07.0757 18796  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
11:29:07.0757 18796  CompositeBus - ok
11:29:07.0773 18796  COMSysApp - ok
11:29:07.0804 18796  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
11:29:07.0820 18796  crcdisk - ok
11:29:07.0851 18796  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\windows\system32\cryptsvc.dll
11:29:07.0867 18796  CryptSvc - ok
11:29:07.0913 18796  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\windows\system32\rpcss.dll
11:29:07.0913 18796  DcomLaunch - ok
11:29:07.0945 18796  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\windows\System32\defragsvc.dll
11:29:07.0945 18796  defragsvc - ok
11:29:07.0976 18796  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
11:29:07.0976 18796  DfsC - ok
11:29:08.0007 18796  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\windows\system32\dhcpcore.dll
11:29:08.0007 18796  Dhcp - ok
11:29:08.0023 18796  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\windows\system32\drivers\discache.sys
11:29:08.0023 18796  discache - ok
11:29:08.0069 18796  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\windows\system32\drivers\disk.sys
11:29:08.0069 18796  Disk - ok
11:29:08.0085 18796  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\windows\System32\dnsrslvr.dll
11:29:08.0101 18796  Dnscache - ok
11:29:08.0101 18796  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\windows\System32\dot3svc.dll
11:29:08.0101 18796  dot3svc - ok
11:29:08.0132 18796  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\windows\system32\dps.dll
11:29:08.0132 18796  DPS - ok
11:29:08.0147 18796  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
11:29:08.0147 18796  drmkaud - ok
11:29:08.0194 18796  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
11:29:08.0210 18796  DXGKrnl - ok
11:29:08.0257 18796  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\windows\System32\eapsvc.dll
11:29:08.0257 18796  EapHost - ok
11:29:08.0350 18796  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\windows\system32\drivers\evbda.sys
11:29:08.0413 18796  ebdrv - ok
11:29:08.0459 18796  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\windows\System32\lsass.exe
11:29:08.0459 18796  EFS - ok
11:29:08.0522 18796  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
11:29:08.0537 18796  ehRecvr - ok
11:29:08.0553 18796  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\windows\ehome\ehsched.exe
11:29:08.0553 18796  ehSched - ok
11:29:08.0615 18796  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\windows\system32\drivers\elxstor.sys
11:29:08.0647 18796  elxstor - ok
11:29:08.0647 18796  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\windows\system32\drivers\errdev.sys
11:29:08.0647 18796  ErrDev - ok
11:29:08.0678 18796  [ 4C120D2B2EA269EAE7A5744794EB6DB1 ] ETD             C:\windows\system32\DRIVERS\ETD.sys
11:29:08.0693 18796  ETD - ok
11:29:08.0725 18796  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\windows\system32\es.dll
11:29:08.0725 18796  EventSystem - ok
11:29:08.0756 18796  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\windows\system32\drivers\exfat.sys
11:29:08.0756 18796  exfat - ok
11:29:08.0771 18796  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\windows\system32\drivers\fastfat.sys
11:29:08.0787 18796  fastfat - ok
11:29:08.0834 18796  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\windows\system32\fxssvc.exe
11:29:08.0834 18796  Fax - ok
11:29:08.0849 18796  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\windows\system32\drivers\fdc.sys
11:29:08.0849 18796  fdc - ok
11:29:08.0896 18796  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\windows\system32\fdPHost.dll
11:29:08.0896 18796  fdPHost - ok
11:29:08.0896 18796  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\windows\system32\fdrespub.dll
11:29:08.0912 18796  FDResPub - ok
11:29:08.0959 18796  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
11:29:08.0959 18796  FileInfo - ok
11:29:08.0974 18796  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
11:29:08.0974 18796  Filetrace - ok
11:29:08.0990 18796  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
11:29:08.0990 18796  flpydisk - ok
11:29:09.0021 18796  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
11:29:09.0021 18796  FltMgr - ok
11:29:09.0083 18796  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\windows\system32\FntCache.dll
11:29:09.0099 18796  FontCache - ok
11:29:09.0146 18796  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:29:09.0146 18796  FontCache3.0.0.0 - ok
11:29:09.0161 18796  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
11:29:09.0177 18796  FsDepends - ok
11:29:09.0208 18796  [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys
11:29:09.0208 18796  fssfltr - ok
11:29:09.0286 18796  [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
11:29:09.0317 18796  fsssvc - ok
11:29:09.0333 18796  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
11:29:09.0349 18796  Fs_Rec - ok
11:29:09.0395 18796  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
11:29:09.0395 18796  fvevol - ok
11:29:09.0427 18796  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
11:29:09.0427 18796  gagp30kx - ok
11:29:09.0473 18796  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\windows\System32\gpsvc.dll
11:29:09.0489 18796  gpsvc - ok
11:29:09.0551 18796  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:29:09.0551 18796  gupdate - ok
11:29:09.0567 18796  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:29:09.0583 18796  gupdatem - ok
11:29:09.0629 18796  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:29:09.0629 18796  gusvc - ok
11:29:09.0676 18796  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
11:29:09.0676 18796  hcw85cir - ok
11:29:09.0707 18796  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:29:09.0723 18796  HdAudAddService - ok
11:29:09.0770 18796  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
11:29:09.0770 18796  HDAudBus - ok
11:29:09.0801 18796  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
11:29:09.0801 18796  HidBatt - ok
11:29:09.0817 18796  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\windows\system32\drivers\hidbth.sys
11:29:09.0817 18796  HidBth - ok
11:29:09.0848 18796  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\windows\system32\drivers\hidir.sys
11:29:09.0848 18796  HidIr - ok
11:29:09.0863 18796  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\windows\system32\hidserv.dll
11:29:09.0863 18796  hidserv - ok
11:29:09.0910 18796  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
11:29:09.0910 18796  HidUsb - ok
11:29:09.0926 18796  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\windows\system32\kmsvc.dll
11:29:09.0926 18796  hkmsvc - ok
11:29:09.0973 18796  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:29:09.0988 18796  HomeGroupListener - ok
11:29:10.0004 18796  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:29:10.0004 18796  HomeGroupProvider - ok
11:29:10.0019 18796  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
11:29:10.0035 18796  HpSAMD - ok
11:29:10.0066 18796  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\windows\system32\drivers\HTTP.sys
11:29:10.0097 18796  HTTP - ok
11:29:10.0097 18796  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
11:29:10.0113 18796  hwpolicy - ok
11:29:10.0144 18796  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
11:29:10.0144 18796  i8042prt - ok
11:29:10.0191 18796  [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
11:29:10.0191 18796  iaStor - ok
11:29:10.0222 18796  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
11:29:10.0222 18796  iaStorV - ok
11:29:10.0300 18796  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:29:10.0347 18796  idsvc - ok
11:29:10.0597 18796  [ 0089B53F1BEFD34B7D8CA4AB021335FA ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
11:29:10.0799 18796  igfx - ok
11:29:10.0831 18796  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\windows\system32\drivers\iirsp.sys
11:29:10.0831 18796  iirsp - ok
11:29:10.0877 18796  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\windows\System32\ikeext.dll
11:29:10.0877 18796  IKEEXT - ok
11:29:10.0987 18796  [ 651972B4061F940DC154C6F7B948B76A ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
11:29:11.0033 18796  IntcAzAudAddService - ok
11:29:11.0080 18796  [ AE594CC17C33AC146739494615E14851 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
11:29:11.0080 18796  IntcDAud - ok
11:29:11.0111 18796  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\windows\system32\drivers\intelide.sys
11:29:11.0111 18796  intelide - ok
11:29:11.0127 18796  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
11:29:11.0127 18796  intelppm - ok
11:29:11.0158 18796  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\windows\system32\ipbusenum.dll
11:29:11.0174 18796  IPBusEnum - ok
11:29:11.0174 18796  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
11:29:11.0189 18796  IpFilterDriver - ok
11:29:11.0221 18796  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
11:29:11.0236 18796  iphlpsvc - ok
11:29:11.0267 18796  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
11:29:11.0267 18796  IPMIDRV - ok
11:29:11.0267 18796  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
11:29:11.0267 18796  IPNAT - ok
11:29:11.0283 18796  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\windows\system32\drivers\irenum.sys
11:29:11.0283 18796  IRENUM - ok
11:29:11.0299 18796  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\windows\system32\drivers\isapnp.sys
11:29:11.0299 18796  isapnp - ok
11:29:11.0314 18796  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
11:29:11.0314 18796  iScsiPrt - ok
11:29:11.0345 18796  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
11:29:11.0345 18796  kbdclass - ok
11:29:11.0377 18796  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
11:29:11.0377 18796  kbdhid - ok
11:29:11.0423 18796  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\windows\system32\DRIVERS\kbfiltr.sys
11:29:11.0423 18796  kbfiltr - ok
11:29:11.0439 18796  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\windows\system32\lsass.exe
11:29:11.0439 18796  KeyIso - ok
11:29:11.0470 18796  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
11:29:11.0470 18796  KSecDD - ok
11:29:11.0486 18796  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
11:29:11.0486 18796  KSecPkg - ok
11:29:11.0533 18796  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
11:29:11.0533 18796  ksthunk - ok
11:29:11.0548 18796  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\windows\system32\msdtckrm.dll
11:29:11.0564 18796  KtmRm - ok
11:29:11.0595 18796  [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C             C:\windows\system32\DRIVERS\L1C62x64.sys
11:29:11.0595 18796  L1C - ok
11:29:11.0642 18796  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\windows\system32\srvsvc.dll
11:29:11.0657 18796  LanmanServer - ok
11:29:11.0689 18796  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
11:29:11.0704 18796  LanmanWorkstation - ok
11:29:11.0767 18796  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
11:29:11.0767 18796  lltdio - ok
11:29:11.0813 18796  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\windows\System32\lltdsvc.dll
11:29:11.0813 18796  lltdsvc - ok
11:29:11.0829 18796  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\windows\System32\lmhsvc.dll
11:29:11.0845 18796  lmhosts - ok
11:29:11.0860 18796  lmimirr - ok
11:29:11.0938 18796  [ 7F32D4C47A50E7223491E8FB9359907D ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:29:11.0938 18796  LMS - ok
11:29:12.0001 18796  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
11:29:12.0001 18796  LSI_FC - ok
11:29:12.0032 18796  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
11:29:12.0032 18796  LSI_SAS - ok
11:29:12.0047 18796  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
11:29:12.0047 18796  LSI_SAS2 - ok
11:29:12.0079 18796  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
11:29:12.0079 18796  LSI_SCSI - ok
11:29:12.0110 18796  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\windows\system32\drivers\luafv.sys
11:29:12.0110 18796  luafv - ok
11:29:12.0141 18796  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
11:29:12.0141 18796  Mcx2Svc - ok
11:29:12.0141 18796  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\windows\system32\drivers\megasas.sys
11:29:12.0141 18796  megasas - ok
11:29:12.0172 18796  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
11:29:12.0172 18796  MegaSR - ok
11:29:12.0203 18796  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys
11:29:12.0203 18796  MEIx64 - ok
11:29:12.0219 18796  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\windows\system32\mmcss.dll
11:29:12.0219 18796  MMCSS - ok
11:29:12.0235 18796  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\windows\system32\drivers\modem.sys
11:29:12.0235 18796  Modem - ok
11:29:12.0266 18796  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\windows\system32\DRIVERS\monitor.sys
11:29:12.0266 18796  monitor - ok
11:29:12.0297 18796  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
11:29:12.0297 18796  mouclass - ok
11:29:12.0328 18796  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
11:29:12.0328 18796  mouhid - ok
11:29:12.0359 18796  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
11:29:12.0359 18796  mountmgr - ok
11:29:12.0375 18796  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\windows\system32\drivers\mpio.sys
11:29:12.0375 18796  mpio - ok
11:29:12.0391 18796  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
11:29:12.0391 18796  mpsdrv - ok
11:29:12.0437 18796  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\windows\system32\mpssvc.dll
11:29:12.0437 18796  MpsSvc - ok
11:29:12.0453 18796  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
11:29:12.0453 18796  MRxDAV - ok
11:29:12.0469 18796  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
11:29:12.0469 18796  mrxsmb - ok
11:29:12.0500 18796  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
11:29:12.0500 18796  mrxsmb10 - ok
11:29:12.0515 18796  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
11:29:12.0515 18796  mrxsmb20 - ok
11:29:12.0531 18796  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\windows\system32\drivers\msahci.sys
11:29:12.0531 18796  msahci - ok
11:29:12.0562 18796  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\windows\system32\drivers\msdsm.sys
11:29:12.0562 18796  msdsm - ok
11:29:12.0593 18796  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\windows\System32\msdtc.exe
11:29:12.0593 18796  MSDTC - ok
11:29:12.0625 18796  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\windows\system32\drivers\Msfs.sys
11:29:12.0625 18796  Msfs - ok
11:29:12.0656 18796  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
11:29:12.0656 18796  mshidkmdf - ok
11:29:12.0671 18796  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
11:29:12.0671 18796  msisadrv - ok
11:29:12.0687 18796  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
11:29:12.0687 18796  MSiSCSI - ok
11:29:12.0703 18796  msiserver - ok
11:29:12.0718 18796  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
11:29:12.0718 18796  MSKSSRV - ok
11:29:12.0718 18796  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
11:29:12.0718 18796  MSPCLOCK - ok
11:29:12.0734 18796  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
11:29:12.0734 18796  MSPQM - ok
11:29:12.0749 18796  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
11:29:12.0765 18796  MsRPC - ok
11:29:12.0765 18796  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
11:29:12.0781 18796  mssmbios - ok
11:29:12.0796 18796  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
11:29:12.0796 18796  MSTEE - ok
11:29:12.0796 18796  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
11:29:12.0796 18796  MTConfig - ok
11:29:12.0812 18796  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\windows\system32\Drivers\mup.sys
11:29:12.0812 18796  Mup - ok
11:29:12.0843 18796  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\windows\system32\qagentRT.dll
11:29:12.0859 18796  napagent - ok
11:29:12.0890 18796  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
11:29:12.0905 18796  NativeWifiP - ok
11:29:12.0952 18796  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\windows\system32\drivers\ndis.sys
11:29:12.0999 18796  NDIS - ok
11:29:13.0015 18796  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
11:29:13.0030 18796  NdisCap - ok
11:29:13.0046 18796  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
11:29:13.0046 18796  NdisTapi - ok
11:29:13.0061 18796  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
11:29:13.0061 18796  Ndisuio - ok
11:29:13.0077 18796  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
11:29:13.0077 18796  NdisWan - ok
11:29:13.0108 18796  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
11:29:13.0108 18796  NDProxy - ok
11:29:13.0139 18796  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
11:29:13.0139 18796  NetBIOS - ok
11:29:13.0171 18796  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
11:29:13.0171 18796  NetBT - ok
11:29:13.0186 18796  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\windows\system32\lsass.exe
11:29:13.0186 18796  Netlogon - ok
11:29:13.0217 18796  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\windows\System32\netman.dll
11:29:13.0233 18796  Netman - ok
11:29:13.0264 18796  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:29:13.0264 18796  NetMsmqActivator - ok
11:29:13.0280 18796  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:29:13.0280 18796  NetPipeActivator - ok
11:29:13.0295 18796  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\windows\System32\netprofm.dll
11:29:13.0311 18796  netprofm - ok
11:29:13.0373 18796  [ FB21D47BA5606A4EDBBAC353D4BD06F0 ] netr28x         C:\windows\system32\DRIVERS\netr28x.sys
11:29:13.0436 18796  netr28x - ok
11:29:13.0467 18796  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:29:13.0467 18796  NetTcpActivator - ok
11:29:13.0467 18796  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:29:13.0467 18796  NetTcpPortSharing - ok
11:29:13.0514 18796  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
11:29:13.0514 18796  nfrd960 - ok
11:29:13.0561 18796  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\windows\System32\nlasvc.dll
11:29:13.0576 18796  NlaSvc - ok
11:29:13.0592 18796  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\windows\system32\drivers\Npfs.sys
11:29:13.0592 18796  Npfs - ok
11:29:13.0623 18796  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\windows\system32\nsisvc.dll
11:29:13.0623 18796  nsi - ok
11:29:13.0623 18796  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
11:29:13.0639 18796  nsiproxy - ok
11:29:13.0701 18796  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
11:29:13.0732 18796  Ntfs - ok
11:29:13.0763 18796  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\windows\system32\drivers\Null.sys
11:29:13.0779 18796  Null - ok
11:29:13.0810 18796  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\windows\system32\drivers\nvraid.sys
11:29:13.0810 18796  nvraid - ok
11:29:13.0826 18796  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\windows\system32\drivers\nvstor.sys
11:29:13.0826 18796  nvstor - ok
11:29:13.0841 18796  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
11:29:13.0841 18796  nv_agp - ok
11:29:13.0857 18796  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
11:29:13.0857 18796  ohci1394 - ok
11:29:13.0904 18796  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:29:13.0904 18796  ose - ok
11:29:14.0075 18796  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:29:14.0200 18796  osppsvc - ok
11:29:14.0247 18796  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
11:29:14.0247 18796  p2pimsvc - ok
11:29:14.0263 18796  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\windows\system32\p2psvc.dll
11:29:14.0278 18796  p2psvc - ok
11:29:14.0294 18796  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\windows\system32\drivers\parport.sys
11:29:14.0294 18796  Parport - ok
11:29:14.0325 18796  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\windows\system32\drivers\partmgr.sys
11:29:14.0325 18796  partmgr - ok
11:29:14.0356 18796  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\windows\System32\pcasvc.dll
11:29:14.0372 18796  PcaSvc - ok
11:29:14.0387 18796  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\windows\system32\drivers\pci.sys
11:29:14.0387 18796  pci - ok
11:29:14.0403 18796  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\windows\system32\drivers\pciide.sys
11:29:14.0403 18796  pciide - ok
11:29:14.0434 18796  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
11:29:14.0434 18796  pcmcia - ok
11:29:14.0450 18796  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\windows\system32\drivers\pcw.sys
11:29:14.0450 18796  pcw - ok
11:29:14.0481 18796  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\windows\system32\drivers\peauth.sys
11:29:14.0497 18796  PEAUTH - ok
11:29:14.0559 18796  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\windows\SysWow64\perfhost.exe
11:29:14.0575 18796  PerfHost - ok
11:29:14.0621 18796  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\windows\system32\pla.dll
11:29:14.0668 18796  pla - ok
11:29:14.0699 18796  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
11:29:14.0699 18796  PlugPlay - ok
11:29:14.0715 18796  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
11:29:14.0715 18796  PNRPAutoReg - ok
11:29:14.0731 18796  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
11:29:14.0746 18796  PNRPsvc - ok
11:29:14.0762 18796  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
11:29:14.0762 18796  PolicyAgent - ok
11:29:14.0777 18796  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\windows\system32\umpo.dll
11:29:14.0793 18796  Power - ok
11:29:14.0809 18796  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
11:29:14.0809 18796  PptpMiniport - ok
11:29:14.0824 18796  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\windows\system32\drivers\processr.sys
11:29:14.0824 18796  Processor - ok
11:29:14.0855 18796  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\windows\system32\profsvc.dll
11:29:14.0855 18796  ProfSvc - ok
11:29:14.0871 18796  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
11:29:14.0871 18796  ProtectedStorage - ok
11:29:14.0902 18796  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\windows\system32\DRIVERS\pacer.sys
11:29:14.0902 18796  Psched - ok
11:29:14.0949 18796  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\windows\system32\drivers\ql2300.sys
11:29:14.0980 18796  ql2300 - ok
11:29:14.0996 18796  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
11:29:14.0996 18796  ql40xx - ok
11:29:15.0027 18796  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\windows\system32\qwave.dll
11:29:15.0043 18796  QWAVE - ok
11:29:15.0043 18796  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
11:29:15.0043 18796  QWAVEdrv - ok
11:29:15.0074 18796  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
11:29:15.0074 18796  RasAcd - ok
11:29:15.0105 18796  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
11:29:15.0105 18796  RasAgileVpn - ok
11:29:15.0136 18796  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\windows\System32\rasauto.dll
11:29:15.0136 18796  RasAuto - ok
11:29:15.0152 18796  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
11:29:15.0152 18796  Rasl2tp - ok
11:29:15.0183 18796  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\windows\System32\rasmans.dll
11:29:15.0183 18796  RasMan - ok
11:29:15.0199 18796  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
11:29:15.0199 18796  RasPppoe - ok
11:29:15.0214 18796  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
11:29:15.0214 18796  RasSstp - ok
11:29:15.0245 18796  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
11:29:15.0245 18796  rdbss - ok
11:29:15.0261 18796  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
11:29:15.0261 18796  rdpbus - ok
11:29:15.0292 18796  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
11:29:15.0292 18796  RDPCDD - ok
11:29:15.0308 18796  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
11:29:15.0308 18796  RDPENCDD - ok
11:29:15.0308 18796  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
11:29:15.0308 18796  RDPREFMP - ok
11:29:15.0339 18796  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
11:29:15.0355 18796  RDPWD - ok
11:29:15.0386 18796  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
11:29:15.0386 18796  rdyboost - ok
11:29:15.0401 18796  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\windows\System32\mprdim.dll
11:29:15.0401 18796  RemoteAccess - ok
11:29:15.0433 18796  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\windows\system32\regsvc.dll
11:29:15.0448 18796  RemoteRegistry - ok
11:29:15.0511 18796  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
11:29:15.0526 18796  RFCOMM - ok
11:29:15.0557 18796  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
11:29:15.0557 18796  RpcEptMapper - ok
11:29:15.0604 18796  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\windows\system32\locator.exe
11:29:15.0604 18796  RpcLocator - ok
11:29:15.0651 18796  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\windows\system32\rpcss.dll
11:29:15.0667 18796  RpcSs - ok
11:29:15.0698 18796  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
11:29:15.0713 18796  rspndr - ok
11:29:15.0713 18796  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\windows\system32\lsass.exe
11:29:15.0729 18796  SamSs - ok
11:29:15.0760 18796  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
11:29:15.0760 18796  sbp2port - ok
11:29:15.0807 18796  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\windows\System32\SCardSvr.dll
11:29:15.0807 18796  SCardSvr - ok
11:29:15.0823 18796  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
11:29:15.0823 18796  scfilter - ok
11:29:15.0869 18796  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\windows\system32\schedsvc.dll
11:29:15.0885 18796  Schedule - ok
11:29:15.0901 18796  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\windows\System32\certprop.dll
11:29:15.0916 18796  SCPolicySvc - ok
11:29:15.0932 18796  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\windows\System32\SDRSVC.dll
11:29:15.0947 18796  SDRSVC - ok
11:29:15.0963 18796  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
11:29:15.0963 18796  secdrv - ok
11:29:15.0979 18796  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\windows\system32\seclogon.dll
11:29:15.0979 18796  seclogon - ok
11:29:15.0994 18796  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\windows\System32\sens.dll
11:29:15.0994 18796  SENS - ok
11:29:16.0010 18796  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\windows\system32\sensrsvc.dll
11:29:16.0010 18796  SensrSvc - ok
11:29:16.0041 18796  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
11:29:16.0041 18796  Serenum - ok
11:29:16.0088 18796  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\windows\system32\drivers\serial.sys
11:29:16.0088 18796  Serial - ok
11:29:16.0103 18796  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\windows\system32\drivers\sermouse.sys
11:29:16.0103 18796  sermouse - ok
11:29:16.0135 18796  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\windows\system32\sessenv.dll
11:29:16.0150 18796  SessionEnv - ok
11:29:16.0150 18796  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
11:29:16.0150 18796  sffdisk - ok
11:29:16.0166 18796  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
11:29:16.0166 18796  sffp_mmc - ok
11:29:16.0166 18796  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
11:29:16.0166 18796  sffp_sd - ok
11:29:16.0181 18796  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
11:29:16.0181 18796  sfloppy - ok
11:29:16.0213 18796  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\windows\System32\ipnathlp.dll
11:29:16.0213 18796  SharedAccess - ok
11:29:16.0228 18796  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:29:16.0228 18796  ShellHWDetection - ok
11:29:16.0259 18796  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\windows\system32\DRIVERS\SiSG664.sys
11:29:16.0259 18796  SiSGbeLH - ok
11:29:16.0291 18796  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
11:29:16.0291 18796  SiSRaid2 - ok
11:29:16.0306 18796  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
11:29:16.0306 18796  SiSRaid4 - ok
11:29:16.0306 18796  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\windows\system32\DRIVERS\smb.sys
11:29:16.0322 18796  Smb - ok
11:29:16.0353 18796  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\windows\System32\snmptrap.exe
11:29:16.0353 18796  SNMPTRAP - ok
11:29:16.0384 18796  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\windows\system32\drivers\spldr.sys
11:29:16.0384 18796  spldr - ok
11:29:16.0415 18796  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\windows\System32\spoolsv.exe
11:29:16.0415 18796  Spooler - ok
11:29:16.0509 18796  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\windows\system32\sppsvc.exe
11:29:16.0540 18796  sppsvc - ok
11:29:16.0556 18796  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\windows\system32\sppuinotify.dll
11:29:16.0556 18796  sppuinotify - ok
11:29:16.0571 18796  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\windows\system32\DRIVERS\srv.sys
11:29:16.0587 18796  srv - ok
11:29:16.0603 18796  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
11:29:16.0603 18796  srv2 - ok
11:29:16.0618 18796  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
11:29:16.0618 18796  srvnet - ok
11:29:16.0649 18796  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
11:29:16.0649 18796  SSDPSRV - ok
11:29:16.0681 18796  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\windows\system32\sstpsvc.dll
11:29:16.0681 18796  SstpSvc - ok
11:29:16.0696 18796  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\windows\system32\drivers\stexstor.sys
11:29:16.0696 18796  stexstor - ok
11:29:16.0743 18796  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\windows\system32\DRIVERS\serscan.sys
11:29:16.0743 18796  StillCam - ok
11:29:16.0790 18796  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\windows\System32\wiaservc.dll
11:29:16.0805 18796  stisvc - ok
11:29:16.0837 18796  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
11:29:16.0837 18796  swenum - ok
11:29:16.0868 18796  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\windows\System32\swprv.dll
11:29:16.0883 18796  swprv - ok
11:29:16.0930 18796  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\windows\system32\sysmain.dll
11:29:16.0946 18796  SysMain - ok
11:29:16.0961 18796  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
11:29:16.0961 18796  TabletInputService - ok
11:29:16.0961 18796  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\windows\System32\tapisrv.dll
11:29:16.0961 18796  TapiSrv - ok
11:29:16.0993 18796  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\windows\System32\tbssvc.dll
11:29:16.0993 18796  TBS - ok
11:29:17.0071 18796  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
11:29:17.0102 18796  Tcpip - ok
11:29:17.0164 18796  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
11:29:17.0164 18796  TCPIP6 - ok
11:29:17.0195 18796  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
11:29:17.0195 18796  tcpipreg - ok
11:29:17.0242 18796  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
11:29:17.0242 18796  TDPIPE - ok
11:29:17.0258 18796  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
11:29:17.0258 18796  TDTCP - ok
11:29:17.0273 18796  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
11:29:17.0289 18796  tdx - ok
11:29:17.0305 18796  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
11:29:17.0305 18796  TermDD - ok
11:29:17.0351 18796  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\windows\System32\termsrv.dll
11:29:17.0351 18796  TermService - ok
11:29:17.0383 18796  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\windows\system32\themeservice.dll
11:29:17.0383 18796  Themes - ok
11:29:17.0383 18796  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\windows\system32\mmcss.dll
11:29:17.0398 18796  THREADORDER - ok
11:29:17.0414 18796  [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM             C:\windows\system32\drivers\tpm.sys
11:29:17.0414 18796  TPM - ok
11:29:17.0429 18796  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\windows\System32\trkwks.dll
11:29:17.0429 18796  TrkWks - ok
11:29:17.0492 18796  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:29:17.0492 18796  TrustedInstaller - ok
11:29:17.0507 18796  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
11:29:17.0507 18796  tssecsrv - ok
11:29:17.0539 18796  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
11:29:17.0539 18796  TsUsbFlt - ok
11:29:17.0554 18796  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
11:29:17.0554 18796  TsUsbGD - ok
11:29:17.0570 18796  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
11:29:17.0570 18796  tunnel - ok
11:29:17.0585 18796  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\windows\system32\drivers\uagp35.sys
11:29:17.0585 18796  uagp35 - ok
11:29:17.0601 18796  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
11:29:17.0601 18796  udfs - ok
11:29:17.0632 18796  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\windows\system32\UI0Detect.exe
11:29:17.0632 18796  UI0Detect - ok
11:29:17.0663 18796  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
11:29:17.0663 18796  uliagpkx - ok
11:29:17.0695 18796  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\windows\system32\DRIVERS\umbus.sys
11:29:17.0695 18796  umbus - ok
11:29:17.0710 18796  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\windows\system32\drivers\umpass.sys
11:29:17.0710 18796  UmPass - ok
11:29:17.0819 18796  [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:29:17.0897 18796  UNS - ok
11:29:17.0944 18796  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\windows\System32\upnphost.dll
11:29:17.0944 18796  upnphost - ok
11:29:18.0007 18796  [ 8F275FCC2AD6A3B9F2996C8C6214E046 ] USA19H          C:\windows\system32\DRIVERS\USA19Hx64.sys
11:29:18.0038 18796  USA19H - ok
11:29:18.0053 18796  [ 135F9108AC23636F41226C213DCBC74F ] USA19HP         C:\windows\system32\DRIVERS\USA19Hx64p.SYS
11:29:18.0053 18796  USA19HP - ok
11:29:18.0100 18796  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
11:29:18.0100 18796  usbccgp - ok
11:29:18.0116 18796  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\windows\system32\drivers\usbcir.sys
11:29:18.0116 18796  usbcir - ok
11:29:18.0131 18796  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
11:29:18.0131 18796  usbehci - ok
11:29:18.0163 18796  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
11:29:18.0163 18796  usbhub - ok
11:29:18.0194 18796  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\windows\system32\drivers\usbohci.sys
11:29:18.0194 18796  usbohci - ok
11:29:18.0194 18796  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\windows\system32\drivers\usbprint.sys
11:29:18.0194 18796  usbprint - ok
11:29:18.0209 18796  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
11:29:18.0209 18796  USBSTOR - ok
11:29:18.0225 18796  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
11:29:18.0225 18796  usbuhci - ok
11:29:18.0241 18796  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys
11:29:18.0241 18796  usbvideo - ok
11:29:18.0272 18796  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\windows\System32\uxsms.dll
11:29:18.0272 18796  UxSms - ok
11:29:18.0272 18796  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\windows\system32\lsass.exe
11:29:18.0272 18796  VaultSvc - ok
11:29:18.0303 18796  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
11:29:18.0303 18796  vdrvroot - ok
11:29:18.0319 18796  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\windows\System32\vds.exe
11:29:18.0334 18796  vds - ok
11:29:18.0365 18796  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
11:29:18.0365 18796  vga - ok
11:29:18.0365 18796  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\windows\System32\drivers\vga.sys
11:29:18.0381 18796  VgaSave - ok
11:29:18.0381 18796  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
11:29:18.0397 18796  vhdmp - ok
11:29:18.0397 18796  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\windows\system32\drivers\viaide.sys
11:29:18.0397 18796  viaide - ok
11:29:18.0428 18796  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\windows\system32\drivers\volmgr.sys
11:29:18.0428 18796  volmgr - ok
11:29:18.0443 18796  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
11:29:18.0443 18796  volmgrx - ok
11:29:18.0475 18796  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\windows\system32\drivers\volsnap.sys
11:29:18.0475 18796  volsnap - ok
11:29:18.0521 18796  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
11:29:18.0521 18796  vsmraid - ok
11:29:18.0599 18796  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\windows\system32\vssvc.exe
11:29:18.0615 18796  VSS - ok
11:29:18.0631 18796  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
11:29:18.0631 18796  vwifibus - ok
11:29:18.0646 18796  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
11:29:18.0646 18796  vwififlt - ok
11:29:18.0662 18796  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
11:29:18.0662 18796  vwifimp - ok
11:29:18.0693 18796  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\windows\system32\w32time.dll
11:29:18.0709 18796  W32Time - ok
11:29:18.0724 18796  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\windows\system32\drivers\wacompen.sys
11:29:18.0724 18796  WacomPen - ok
11:29:18.0755 18796  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
11:29:18.0755 18796  WANARP - ok
11:29:18.0771 18796  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
11:29:18.0771 18796  Wanarpv6 - ok
11:29:18.0865 18796  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
11:29:18.0896 18796  WatAdminSvc - ok
11:29:18.0958 18796  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\windows\system32\wbengine.exe
11:29:18.0989 18796  wbengine - ok
11:29:19.0005 18796  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
11:29:19.0005 18796  WbioSrvc - ok
11:29:19.0036 18796  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\windows\System32\wcncsvc.dll
11:29:19.0036 18796  wcncsvc - ok
11:29:19.0052 18796  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:29:19.0052 18796  WcsPlugInService - ok
11:29:19.0067 18796  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\windows\system32\drivers\wd.sys
11:29:19.0067 18796  Wd - ok
11:29:19.0099 18796  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
11:29:19.0130 18796  Wdf01000 - ok
11:29:19.0145 18796  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\windows\system32\wdi.dll
11:29:19.0145 18796  WdiServiceHost - ok
11:29:19.0145 18796  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\windows\system32\wdi.dll
11:29:19.0145 18796  WdiSystemHost - ok
11:29:19.0177 18796  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\windows\System32\webclnt.dll
11:29:19.0177 18796  WebClient - ok
11:29:19.0192 18796  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\windows\system32\wecsvc.dll
11:29:19.0192 18796  Wecsvc - ok
11:29:19.0208 18796  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\windows\System32\wercplsupport.dll
11:29:19.0223 18796  wercplsupport - ok
11:29:19.0239 18796  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\windows\System32\WerSvc.dll
11:29:19.0239 18796  WerSvc - ok
11:29:19.0286 18796  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
11:29:19.0286 18796  WfpLwf - ok
11:29:19.0317 18796  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\windows\system32\DRIVERS\wimfltr.sys
11:29:19.0317 18796  WimFltr - ok
11:29:19.0333 18796  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys
11:29:19.0333 18796  WIMMount - ok
11:29:19.0364 18796  WinDefend - ok
11:29:19.0379 18796  WinHttpAutoProxySvc - ok
11:29:19.0442 18796  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
11:29:19.0442 18796  Winmgmt - ok
11:29:19.0520 18796  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\windows\system32\WsmSvc.dll
11:29:19.0567 18796  WinRM - ok
11:29:19.0598 18796  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\windows\system32\DRIVERS\WinUSB.sys
11:29:19.0598 18796  WinUsb - ok
11:29:19.0629 18796  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\windows\System32\wlansvc.dll
11:29:19.0645 18796  Wlansvc - ok
11:29:19.0691 18796  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:29:19.0691 18796  wlcrasvc - ok
11:29:19.0801 18796  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:29:19.0863 18796  wlidsvc - ok
11:29:19.0879 18796  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys
11:29:19.0879 18796  WmiAcpi - ok
11:29:19.0910 18796  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
11:29:19.0910 18796  wmiApSrv - ok
11:29:19.0925 18796  WMPNetworkSvc - ok
11:29:19.0972 18796  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\windows\System32\wpcsvc.dll
11:29:19.0972 18796  WPCSvc - ok
11:29:20.0003 18796  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
11:29:20.0003 18796  WPDBusEnum - ok
11:29:20.0019 18796  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
11:29:20.0019 18796  ws2ifsl - ok
11:29:20.0035 18796  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\windows\System32\wscsvc.dll
11:29:20.0050 18796  wscsvc - ok
11:29:20.0050 18796  WSearch - ok
11:29:20.0144 18796  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\windows\system32\wuaueng.dll
11:29:20.0159 18796  wuauserv - ok
11:29:20.0175 18796  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
11:29:20.0175 18796  WudfPf - ok
11:29:20.0206 18796  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
11:29:20.0206 18796  WUDFRd - ok
11:29:20.0237 18796  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
11:29:20.0237 18796  wudfsvc - ok
11:29:20.0253 18796  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\windows\System32\wwansvc.dll
11:29:20.0253 18796  WwanSvc - ok
11:29:20.0269 18796  ================ Scan global ===============================
11:29:20.0284 18796  [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
11:29:20.0300 18796  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
11:29:20.0300 18796  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
11:29:20.0331 18796  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
11:29:20.0347 18796  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
11:29:20.0362 18796  [Global] - ok
11:29:20.0362 18796  ================ Scan MBR ==================================
11:29:20.0378 18796  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:29:20.0846 18796  \Device\Harddisk0\DR0 - ok
11:29:20.0846 18796  ================ Scan VBR ==================================
11:29:20.0861 18796  [ 331DD755B8AF2133481A5210FF18B987 ] \Device\Harddisk0\DR0\Partition1
11:29:20.0877 18796  \Device\Harddisk0\DR0\Partition1 - ok
11:29:20.0893 18796  [ B376CBCB379C4FA3E5E020E07ECACA50 ] \Device\Harddisk0\DR0\Partition2
11:29:20.0893 18796  \Device\Harddisk0\DR0\Partition2 - ok
11:29:20.0893 18796  ============================================================
11:29:20.0893 18796  Scan finished
11:29:20.0893 18796  ============================================================
11:29:20.0908 19392  Detected object count: 0
11:29:20.0908 19392  Actual detected object count: 0
11:29:33.0872 18600  Deinitialize success
 



#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,656 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:56 AM

Posted 31 May 2013 - 11:41 AM

OK, let's run couple more checks...

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

Click Go and post the result.

p22002970.gif Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

p22002970.gifDownload Malwarebytes Anti-Rootkit from HERE to your Desktop.
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt


p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 31 May 2013 - 11:48 AM

Security Check

===

 Results of screen317's Security Check version 0.99.64 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
avast! Antivirus  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Wise Registry Cleaner 7.67 
 Adobe Reader XI 
 Google Chrome 27.0.1453.94 
````````Process Check: objlist.exe by Laurent```````` 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````
 



#10 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 31 May 2013 - 11:49 AM

FSS

=====

Farbar Service Scanner Version: 25-05-2013
Ran by Managers (administrator) on 31-05-2013 at 11:48:39
Running from "C:\Users\Managers\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****



#11 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 31 May 2013 - 11:51 AM

MTB

====

MiniToolBox by Farbar  Version:21-04-2013
Ran by Managers (administrator) on 31-05-2013 at 11:49:54
Running from "C:\Users\Managers\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

 

========================= IP Configuration: ================================

802.11n Wireless LAN Card = Wireless Network Connection (Connected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 icmpredirects=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Managers-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 84-4B-F5-47-4D-7F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 802.11n Wireless LAN Card
   Physical Address. . . . . . . . . : 84-4B-F5-47-4D-7E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8089:bd3d:8ae4:139e%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.114(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, May 31, 2013 11:44:46 AM
   Lease Expires . . . . . . . . . . : Saturday, June 01, 2013 11:44:48 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 394546165
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-A2-55-C3-30-85-A9-14-70-3C
   DNS Servers . . . . . . . . . . . : 204.130.255.3
                                       209.63.0.6
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.mn.comcast.net.
   Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 30-85-A9-14-70-3C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{8FDFCAA7-0831-4348-A506-CD4575D4DE9A}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{54C8C26F-1996-4B46-802D-967BD3F4921B}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:20af:1fca:b99e:4d7d(Preferred)
   Link-local IPv6 Address . . . . . : fe80::20af:1fca:b99e:4d7d%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dnscache-or.integraonline.com
Address:  204.130.255.3

Name:    google.com
Addresses:  2607:f8b0:400a:800::1003
   173.194.33.14
   173.194.33.8
   173.194.33.9
   173.194.33.7
   173.194.33.2
   173.194.33.0
   173.194.33.1
   173.194.33.5
   173.194.33.3
   173.194.33.4
   173.194.33.6

Pinging google.com [173.194.33.14] with 32 bytes of data:
Reply from 173.194.33.14: bytes=32 time=80ms TTL=54
Reply from 173.194.33.14: bytes=32 time=79ms TTL=54

Ping statistics for 173.194.33.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 79ms, Maximum = 80ms, Average = 79ms
Server:  dnscache-or.integraonline.com
Address:  204.130.255.3

Name:    yahoo.com
Addresses:  206.190.36.45
   98.139.183.24
   98.138.253.109

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=369ms TTL=52
Reply from 98.139.183.24: bytes=32 time=821ms TTL=52

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 369ms, Maximum = 821ms, Average = 595ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...84 4b f5 47 4d 7f ......Microsoft Virtual WiFi Miniport Adapter
 12...84 4b f5 47 4d 7e ......802.11n Wireless LAN Card
 11...30 85 a9 14 70 3c ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.114     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.114    281
    192.168.0.114  255.255.255.255         On-link     192.168.0.114    281
    192.168.0.255  255.255.255.255         On-link     192.168.0.114    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.114    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.114    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:953c:20af:1fca:b99e:4d7d/128
                                    On-link
 12    281 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::20af:1fca:b99e:4d7d/128
                                    On-link
 12    281 fe80::8089:bd3d:8ae4:139e/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.

Details:
 0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

Error: (05/30/2013 02:00:44 PM) (Source: ESENT) (User: )
Description: Windows (3892) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0003D.log.

System errors:
=============
Error: (05/30/2013 02:00:44 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (05/30/2013 02:00:44 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (05/25/2013 05:57:05 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (05/25/2013 05:57:05 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (05/25/2013 05:56:50 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (05/25/2013 05:56:50 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (05/25/2013 05:46:59 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (05/25/2013 05:46:59 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (05/25/2013 05:46:52 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (05/25/2013 05:46:52 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Microsoft Office Sessions:
=========================
Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service)(User: )
Description:
Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service)(User: )
Description:
Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service)(User: )
Description:
Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (05/30/2013 02:00:44 PM) (Source: Windows Search Service)(User: )
Description:
Details:
 0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

Error: (05/30/2013 02:00:44 PM) (Source: ESENT)(User: )
Description: Windows3892Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0003D.log-1811

=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Alcor Micro USB Card Reader (Version: 1.2.0117.08443)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.14.4.0)
ASUS AI Recovery (Version: 1.0.23)
ASUS FaceLogon (Version: 1.0.0014)
ASUS FancyStart (Version: 1.1.1)
ASUS Instant Connect (Version: 1.2.2)
ASUS LifeFrame3 (Version: 3.0.29)
ASUS Live Update (Version: 3.1.7)
ASUS Power4Gear Hybrid (Version: 1.2.1)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0041)
ASUS Virtual Camera (Version: 1.0.25)
ASUS_Screensaver
AsusVibe2.0 (Version: 2.0.9.157)
ATK Package (Version: 1.0.0015)
avast! Free Antivirus (Version: 8.0.1489.0)
CCleaner (Version: 3.23)
Control ActiveX de Windows Live Mesh para conexiones remotas (Version: 15.4.5722.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (Version: 15.4.5722.2)
CyberLink LabelPrint (Version: 2.5.3624)
CyberLink Media Suite (Version: 8.0.2926)
CyberLink Power2Go (Version: 7.0.0.1126)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ETDWare PS/2-X64 8.0.5.1_WHQL (Version: 8.0.5.1)
Fast Boot (Version: 1.0.10)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Google Chrome (Version: 27.0.1453.94)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.145)
HP Officejet 6600 Basic Device Software (Version: 25.0.619.0)
HP Officejet 6600 Help (Version: 140.0.2.2)
HP Officejet 6600 Product Improvement Study (Version: 25.0.619.0)
HP Update (Version: 5.003.000.004)
I.R.I.S. OCR (Version: 12.3.4.0)
InstantOn for NB (Version: 2.2.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2559)
Junk Mail filter update (Version: 15.4.3502.0922)
Keyspan USB Serial Adapter (Version: 3.7.2)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
myBitCast 1.0.0.3 (Version: 1.0.0.3)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Ralink RT2860 Wireless LAN Card (Version: 1.2.0.40)
Realtek High Definition Audio Driver (Version: 6.0.1.6454)
Sonic Focus (Version: 1.0.0.4)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinFlash (Version: 2.41.0)
Wireless Console 3 (Version: 3.0.25)
Wise Registry Cleaner 7.67

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 6048.13 MB
Available physical RAM: 4140.25 MB
Total Pagefile: 12094.43 MB
Available Pagefile: 9919.18 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.26 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:119.24 GB) (Free:79.45 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:153.76 GB) (Free:153.47 GB) NTFS

========================= Users: ========================================

User accounts for \\MANAGERS-PC

adalar3                  Administrator            Guest                   
Managers                

**** End of log ****



#12 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 31 May 2013 - 11:55 AM

MBAM

=====

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.05.30.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Managers :: MANAGERS-PC [administrator]

5/31/2013 11:51:43 AM
mbam-log-2013-05-31 (11-51-43).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 235896
Time elapsed: 2 minute(s), 38 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#13 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 31 May 2013 - 12:08 PM

(I didn't reboot after MBAM. Even though results were clean)I will do that now

MBar

====

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.05.30.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Managers :: MANAGERS-PC [administrator]

5/31/2013 11:51:43 AM
mbam-log-2013-05-31 (11-51-43).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 235896
Time elapsed: 2 minute(s), 38 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

======

MBAR2

======

Malwarebytes Anti-Rootkit BETA 1.06.0.1003
www.malwarebytes.org

Database version: v2013.05.31.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Managers :: MANAGERS-PC [administrator]

5/31/2013 11:56:44 AM
mbar-log-2013-05-31 (11-56-44).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: Deep Anti-Rootkit Scan | PUP
Objects scanned: 254184
Time elapsed: 8 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)



#14 Rickvv

Rickvv
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 31 May 2013 - 12:16 PM

Rkill

====

Rkill 2.5.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/31/2013 12:13:08 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\Managers\Desktop\rkill\rkill-05-31-2013-12-13-12.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 05/31/2013 12:15:16 PM
Execution time: 0 hours(s), 2 minute(s), and 8 seconds(s)



#15 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,656 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:56 AM

Posted 31 May 2013 - 12:18 PM

I still need system-log.txt log from MBAR.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users