Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

trojan horse generic 29.AHHS


  • This topic is locked This topic is locked
14 replies to this topic

#1 Ekoehler

Ekoehler

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 12 June 2013 - 11:00 PM

Hello, my AVG antivirus informed me this evening that I have been infected by a trojan horse generic 29.AHHS

when it tried to remove the virus, it said the operation failed. After repeated attempts, still no avail. Any help would be appreciated!



BC AdBot (Login to Remove)

 


#2 Ekoehler

Ekoehler
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 12 June 2013 - 11:05 PM

I'm using Windows 7 and Internet Explorer



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:51 AM

Posted 13 June 2013 - 10:49 AM

Welcome Ekoehler
 
Looks like  a  Sireref infection.
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
Do not change the default options on scan results.
 
Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.
 
Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 Ekoehler

Ekoehler
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 14 June 2013 - 10:50 AM

MiniToolBox result txt :

MiniToolBox by Farbar  Version:21-04-2013
Ran by Owner (administrator) on 14-06-2013 at 11:46:31
Running from "C:\Users\Owner\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 1030 = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Intel® Centrino® WiMAX 6150 = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Owner-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® Centrino® WiMAX 6150
   Physical Address. . . . . . . . . : 64-D4-DA-51-27-D8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : BC-77-37-50-9A-4D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : BC-77-37-50-9A-4D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : BC-77-37-50-9A-50
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : pratt.edu
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 14-FE-B5-A8-E5-EB
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 1030
   Physical Address. . . . . . . . . : BC-77-37-50-9A-4C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::19ef:73ec:5eec:b43a%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.6(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, June 14, 2013 11:35:26 AM
   Lease Expires . . . . . . . . . . : Friday, June 14, 2013 12:35:25 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 196900663
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-4E-61-F4-14-FE-B5-A8-E5-EB
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{284C221F-A1D2-4A15-901C-C442C318FB79}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.pratt.edu:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B7F665BC-8D45-4E22-9006-35D6A5645656}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{34821AD9-14E5-495F-9242-667D8E66CE21}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C1D2E1A7-9EFF-4F0A-9BF9-7D020092F517}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{FDB51FD5-0778-439F-BD1A-C73AEE2EC0F9}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:307c:3768:bb52:67f(Preferred)
   Link-local IPv6 Address . . . . . : fe80::307c:3768:bb52:67f%17(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Addresses:  74.125.226.228
   74.125.226.229
   74.125.226.230
   74.125.226.231
   74.125.226.232
   74.125.226.233
   74.125.226.238
   74.125.226.224
   74.125.226.225
   74.125.226.226
   74.125.226.227

Pinging google.com [173.194.43.0] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 173.194.43.0:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Request timed out.
Reply from 98.139.183.24: bytes=32 time=858ms TTL=48

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 858ms, Maximum = 858ms, Average = 858ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...64 d4 da 51 27 d8 ......Intel® Centrino® WiMAX 6150
 15...bc 77 37 50 9a 4d ......Microsoft Virtual WiFi Miniport Adapter #2
 14...bc 77 37 50 9a 4d ......Microsoft Virtual WiFi Miniport Adapter
 13...bc 77 37 50 9a 50 ......Bluetooth Device (Personal Area Network)
 11...14 fe b5 a8 e5 eb ......Realtek PCIe FE Family Controller
 10...bc 77 37 50 9a 4c ......Intel® Centrino® Wireless-N 1030
  1...........................Software Loopback Interface 1
 23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.6     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.6    281
      192.168.0.6  255.255.255.255         On-link       192.168.0.6    281
    192.168.0.255  255.255.255.255         On-link       192.168.0.6    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.6    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.6    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 17     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 17     58 2001::/32                On-link
 17    306 2001:0:9d38:6ab8:307c:3768:bb52:67f/128
                                    On-link
 10    281 fe80::/64                On-link
 17    306 fe80::/64                On-link
 10    281 fe80::19ef:73ec:5eec:b43a/128
                                    On-link
 17    306 fe80::307c:3768:bb52:67f/128
                                    On-link
  1    306 ff00::/8                 On-link
 17    306 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/14/2013 11:34:27 AM) (Source: Google Update) (User: Owner-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (06/13/2013 04:16:16 AM) (Source: Google Update) (User: Owner-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Ht

Error: (06/12/2013 11:19:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 769647

Error: (06/12/2013 11:19:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 769647

Error: (06/12/2013 11:19:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/12/2013 03:00:45 AM) (Source: Google Update) (User: Owner-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (06/12/2013 03:00:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8031181

Error: (06/12/2013 03:00:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8031181

Error: (06/12/2013 03:00:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/12/2013 03:00:35 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8030167

System errors:
=============
Error: (06/12/2013 11:45:18 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (06/12/2013 11:45:18 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (06/12/2013 11:45:17 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (06/12/2013 11:45:17 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (06/12/2013 11:45:17 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (06/12/2013 11:45:17 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (06/12/2013 09:35:46 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (06/12/2013 09:35:46 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (06/12/2013 09:35:46 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (06/12/2013 09:35:46 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Microsoft Office Sessions:
=========================
Error: (06/14/2013 11:34:27 AM) (Source: Google Update)(User: Owner-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (06/13/2013 04:16:16 AM) (Source: Google Update)(User: Owner-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Ht

Error: (06/12/2013 11:19:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 769647

Error: (06/12/2013 11:19:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 769647

Error: (06/12/2013 11:19:45 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/12/2013 03:00:45 AM) (Source: Google Update)(User: Owner-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (06/12/2013 03:00:36 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8031181

Error: (06/12/2013 03:00:36 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8031181

Error: (06/12/2013 03:00:36 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/12/2013 03:00:35 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8030167

CodeIntegrity Errors:
===================================
  Date: 2012-12-17 03:01:43.678
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-12-17 03:01:43.591
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-10-09 21:28:14.091
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-10-09 21:28:14.023
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-10-09 21:27:19.895
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-10-09 21:27:19.804
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-10-09 21:26:28.363
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-10-09 21:26:28.243
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-10-09 21:25:52.934
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-10-09 21:25:52.834
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

=========================== Installed Programs ============================

µTorrent (Version: 3.2.1.28086)
Adobe AIR (Version: 3.1.0.4880)
Adobe CS6 Design and Web Premium (Version: 6)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Help Manager (Version: 4.0.244)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Adobe Widget Browser (Version: 2.0 Build 348)
Adobe Widget Browser (Version: 2.0.348)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
AT&T Communication Manager (Version: 7.02.0316.0)
AVG 2013 (Version: 13.0.3199)
AVG 2013 (Version: 13.0.3272)
AVG 2013 (Version: 13.0.3345)
AVG 2013 (Version: 2013.0.3345)
Best Buy pc app (Version: 3.1.0.0)
Bonjour (Version: 3.0.0.10)
CLEAR™ WiMAX Tutorial (Version: 1.5.0.10)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software
Dell DataSafe Local Backup (Version: 9.4.47)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.3.31.0)
Dell PhotoStage (Version: 1.5.0.19)
Dell Product Registration (Version: 1.0.6)
Dell Stage (Version: 1.7.209.0)
Dell Touchpad (Version: 15.2.5.2)
Dell VideoStage (Version: 1.1.0.1011)
Dell Webcam Central (Version: 2.00.35)
DirectX 9 Runtime (Version: 1.00.0000)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2253)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 1.0.1.0489)
Intel® PROSet/Wireless WiFi Software (Version: 14.00.1000)
Intel® Wireless Display
Intel® Wireless Display (Version: 2.0.27.0)
Intel® PROSet/Wireless WiMAX Software (Version: 6.02.1000)
iTunes (Version: 11.0.3.42)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 37 (Version: 6.0.370)
Junk Mail filter update (Version: 15.4.3502.0922)
Memeo Instant Backup (Version: 4.60.0.7252)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My Dell (Version: 3.3.6261.27)
PDF Settings CS6 (Version: 11.0)
PhotoShowExpress (Version: 2.0.063)
Quickset64 (Version: 11.0.10)
QuickTime (Version: 7.73.80.64)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6267)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Seagate Dashboard (Version: 1.0.0.809)
SketchUp 8 (Version: 3.0.15158)
Skype Click to Call (Version: 6.9.12585)
Skype™ 6.3 (Version: 6.3.107)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Spotify (Version: 0.9.1.53.g876fa9df)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
uTorrentControl_v2 Toolbar (Version: 6.9.0.16)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.4 (Version: 2.0.4)
Webroot SecureAnywhere (Version: 8.0.2.147)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.11 (32-bit) (Version: 4.11.0)

========================= Memory info: ===================================

Percentage of memory in use: 56%
Total physical RAM: 4010.17 MB
Available physical RAM: 1735.86 MB
Total Pagefile: 8018.53 MB
Available Pagefile: 3574.77 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.02 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:281.1 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator            Guest                    Owner                   

**** End of log ****

 


 



#5 Ekoehler

Ekoehler
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 14 June 2013 - 10:53 AM

TDS Skiller Log:11:51:22.0536 8984  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:51:23.0908 8984  ============================================================
11:51:23.0908 8984  Current date / time: 2013/06/14 11:51:23.0908
11:51:23.0908 8984  SystemInfo:
11:51:23.0908 8984 
11:51:23.0908 8984  OS Version: 6.1.7601 ServicePack: 1.0
11:51:23.0908 8984  Product type: Workstation
11:51:23.0908 8984  ComputerName: OWNER-PC
11:51:23.0908 8984  UserName: Owner
11:51:23.0908 8984  Windows directory: C:\Windows
11:51:23.0908 8984  System windows directory: C:\Windows
11:51:23.0908 8984  Running under WOW64
11:51:23.0908 8984  Processor architecture: Intel x64
11:51:23.0908 8984  Number of processors: 4
11:51:23.0908 8984  Page size: 0x1000
11:51:23.0908 8984  Boot type: Normal boot
11:51:23.0908 8984  ============================================================
11:51:25.0344 8984  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:51:25.0359 8984  ============================================================
11:51:25.0359 8984  \Device\Harddisk0\DR0:
11:51:25.0359 8984  MBR partitions:
11:51:25.0359 8984  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32FCD, BlocksNum 0x1D4C000
11:51:25.0359 8984  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7EFCD, BlocksNum 0x38606863
11:51:25.0359 8984  ============================================================
11:51:25.0390 8984  C: <-> \Device\Harddisk0\DR0\Partition2
11:51:25.0406 8984  ============================================================
11:51:25.0406 8984  Initialize success
11:51:25.0406 8984  ============================================================
11:51:46.0965 12500  ============================================================
11:51:46.0965 12500  Scan started
11:51:46.0965 12500  Mode: Manual; TDLFS;
11:51:46.0965 12500  ============================================================
11:51:47.0324 12500  ================ Scan system memory ========================
11:51:47.0324 12500  System memory - ok
11:51:47.0324 12500  ================ Scan services =============================
11:51:47.0480 12500  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:51:47.0480 12500  1394ohci - ok
11:51:47.0527 12500  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:51:47.0527 12500  ACPI - ok
11:51:47.0558 12500  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:51:47.0558 12500  AcpiPmi - ok
11:51:47.0683 12500  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:51:47.0683 12500  AdobeARMservice - ok
11:51:47.0792 12500  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:51:47.0808 12500  AdobeFlashPlayerUpdateSvc - ok
11:51:47.0870 12500  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:51:47.0870 12500  adp94xx - ok
11:51:47.0932 12500  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:51:47.0948 12500  adpahci - ok
11:51:47.0979 12500  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:51:47.0979 12500  adpu320 - ok
11:51:48.0026 12500  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:51:48.0026 12500  AeLookupSvc - ok
11:51:48.0104 12500  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:51:48.0104 12500  AERTFilters - ok
11:51:48.0166 12500  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
11:51:48.0182 12500  AFD - ok
11:51:48.0229 12500  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:51:48.0229 12500  agp440 - ok
11:51:48.0244 12500  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
11:51:48.0244 12500  ALG - ok
11:51:48.0291 12500  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:51:48.0291 12500  aliide - ok
11:51:48.0307 12500  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
11:51:48.0307 12500  amdide - ok
11:51:48.0354 12500  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:51:48.0354 12500  AmdK8 - ok
11:51:48.0369 12500  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:51:48.0385 12500  AmdPPM - ok
11:51:48.0416 12500  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:51:48.0416 12500  amdsata - ok
11:51:48.0447 12500  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:51:48.0463 12500  amdsbs - ok
11:51:48.0478 12500  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:51:48.0478 12500  amdxata - ok
11:51:48.0510 12500  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
11:51:48.0510 12500  AppID - ok
11:51:48.0525 12500  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:51:48.0541 12500  AppIDSvc - ok
11:51:48.0572 12500  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
11:51:48.0572 12500  Appinfo - ok
11:51:48.0650 12500  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:51:48.0650 12500  Apple Mobile Device - ok
11:51:48.0681 12500  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:51:48.0681 12500  arc - ok
11:51:48.0697 12500  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:51:48.0712 12500  arcsas - ok
11:51:48.0744 12500  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:51:48.0744 12500  AsyncMac - ok
11:51:48.0790 12500  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
11:51:48.0790 12500  atapi - ok
11:51:48.0868 12500  [ B667D484CBB749E3B37E3D0609421319 ] ATTRcAppSvc     C:\Program Files (x86)\AT&T\Communication Manager\RcAppSvc.exe
11:51:48.0868 12500  ATTRcAppSvc - ok
11:51:48.0931 12500  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:51:49.0461 12500  AudioEndpointBuilder - ok
11:51:49.0773 12500  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:51:49.0773 12500  AudioSrv - ok
11:51:50.0038 12500  [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
11:51:50.0163 12500  AVGIDSAgent - ok
11:51:50.0241 12500  [ 139BD30C32BEE830D0CF39C5324D79DE ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:51:50.0241 12500  AVGIDSDriver - ok
11:51:50.0272 12500  [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
11:51:50.0272 12500  AVGIDSHA - ok
11:51:50.0319 12500  [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
11:51:50.0335 12500  Avgldx64 - ok
11:51:50.0382 12500  [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
11:51:50.0413 12500  Avgloga - ok
11:51:50.0428 12500  [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
11:51:50.0428 12500  Avgmfx64 - ok
11:51:50.0444 12500  [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
11:51:50.0460 12500  Avgrkx64 - ok
11:51:50.0460 12500  [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
11:51:50.0475 12500  Avgtdia - ok
11:51:50.0522 12500  [ CA0D66B63DBD2A22D0AC9B758D67B8E8 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
11:51:50.0522 12500  avgtp - ok
11:51:50.0569 12500  [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
11:51:50.0584 12500  avgwd - ok
11:51:50.0631 12500  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:51:50.0647 12500  AxInstSV - ok
11:51:50.0709 12500  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
11:51:50.0725 12500  b06bdrv - ok
11:51:50.0772 12500  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:51:50.0772 12500  b57nd60a - ok
11:51:50.0818 12500  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:51:50.0818 12500  BDESVC - ok
11:51:50.0834 12500  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:51:50.0834 12500  Beep - ok
11:51:50.0896 12500  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
11:51:50.0928 12500  BFE - ok
11:51:50.0974 12500  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
11:51:51.0006 12500  BITS - ok
11:51:51.0021 12500  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:51:51.0021 12500  blbdrive - ok
11:51:51.0115 12500  [ C620C59D46F43BEECC556F65E801312B ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:51:51.0146 12500  Bluetooth Device Monitor - ok
11:51:51.0240 12500  [ 5E5EDCCEEA4FA3FDF3A907AC204B5828 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
11:51:51.0318 12500  Bluetooth Media Service - ok
11:51:51.0380 12500  [ 826E65C945738CBD64F89EAE4406687F ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:51:51.0411 12500  Bluetooth OBEX Service - ok
11:51:51.0442 12500  [ 98BA874A59481D50916FEBCB472FE69F ] BMLoad          C:\Windows\system32\drivers\BMLoad.sys
11:51:51.0442 12500  BMLoad - ok
11:51:51.0505 12500  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:51:51.0536 12500  Bonjour Service - ok
11:51:51.0583 12500  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:51:51.0583 12500  bowser - ok
11:51:51.0630 12500  [ 3DCB409BCBD02AB0675682F8E42A410F ] bpenum          C:\Windows\system32\DRIVERS\bpenum.sys
11:51:51.0630 12500  bpenum - ok
11:51:51.0645 12500  [ 6C66EEF6669B14DF4F426990A1CA5112 ] bpmp            C:\Windows\system32\DRIVERS\bpmp.sys
11:51:51.0645 12500  bpmp - ok
11:51:51.0661 12500  [ 2EE68405BBADE51CBE1C973FF3A1A400 ] bpusb           C:\Windows\system32\Drivers\bpusb.sys
11:51:51.0676 12500  bpusb - ok
11:51:51.0708 12500  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:51:51.0708 12500  BrFiltLo - ok
11:51:51.0723 12500  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:51:51.0723 12500  BrFiltUp - ok
11:51:52.0363 12500  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
11:51:52.0363 12500  Browser - ok
11:51:52.0410 12500  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:51:52.0410 12500  Brserid - ok
11:51:52.0425 12500  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:51:52.0425 12500  BrSerWdm - ok
11:51:52.0441 12500  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:51:52.0456 12500  BrUsbMdm - ok
11:51:52.0472 12500  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:51:52.0472 12500  BrUsbSer - ok
11:51:52.0503 12500  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
11:51:52.0519 12500  BthEnum - ok
11:51:52.0534 12500  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:51:52.0550 12500  BTHMODEM - ok
11:51:52.0566 12500  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
11:51:52.0566 12500  BthPan - ok
11:51:52.0597 12500  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
11:51:52.0612 12500  BTHPORT - ok
11:51:52.0628 12500  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
11:51:52.0644 12500  bthserv - ok
11:51:52.0644 12500  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
11:51:52.0644 12500  BTHUSB - ok
11:51:52.0675 12500  [ 962BD3689E2C85F0BA97F3D7E7BA540B ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
11:51:52.0675 12500  btmaux - ok
11:51:52.0706 12500  [ EC1220B647F0D995DA5CAD4153454779 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
11:51:52.0706 12500  btmhsf - ok
11:51:52.0737 12500  [ CD6DC7C4305E2DF78610A249B707CCD8 ] CAATT           C:\Program Files (x86)\AT&T\Communication Manager\ConAppsSvc.exe
11:51:52.0737 12500  CAATT - ok
11:51:52.0753 12500  [ 50231AFC383798FD43CC5F14AA86FBBB ] cdc_ecm         C:\Windows\system32\DRIVERS\cdc_ecm.sys
11:51:52.0768 12500  cdc_ecm - ok
11:51:52.0815 12500  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:51:52.0815 12500  cdfs - ok
11:51:52.0846 12500  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:51:52.0846 12500  cdrom - ok
11:51:52.0893 12500  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
11:51:52.0893 12500  CertPropSvc - ok
11:51:52.0909 12500  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:51:52.0909 12500  circlass - ok
11:51:52.0940 12500  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:51:52.0940 12500  CLFS - ok
11:51:53.0018 12500  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:51:53.0018 12500  clr_optimization_v2.0.50727_32 - ok
11:51:53.0065 12500  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:51:53.0065 12500  clr_optimization_v2.0.50727_64 - ok
11:51:53.0127 12500  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:51:53.0143 12500  clr_optimization_v4.0.30319_32 - ok
11:51:53.0174 12500  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:51:53.0190 12500  clr_optimization_v4.0.30319_64 - ok
11:51:53.0205 12500  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:51:53.0221 12500  CmBatt - ok
11:51:53.0236 12500  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:51:53.0252 12500  cmdide - ok
11:51:53.0283 12500  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
11:51:53.0314 12500  CNG - ok
11:51:53.0377 12500  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:51:53.0377 12500  Compbatt - ok
11:51:53.0424 12500  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:51:53.0424 12500  CompositeBus - ok
11:51:53.0439 12500  COMSysApp - ok
11:51:53.0455 12500  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:51:53.0455 12500  crcdisk - ok
11:51:53.0503 12500  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:51:53.0503 12500  CryptSvc - ok
11:51:53.0534 12500  [ FBE228ABEAB2BE13B9C3A3A112D4D8DC ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
11:51:53.0549 12500  CtClsFlt - ok
11:51:53.0659 12500  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:51:53.0674 12500  cvhsvc - ok
11:51:53.0705 12500  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:51:53.0721 12500  DcomLaunch - ok
11:51:53.0752 12500  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
11:51:53.0752 12500  defragsvc - ok
11:51:53.0783 12500  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:51:53.0783 12500  DfsC - ok
11:51:53.0830 12500  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:51:53.0830 12500  Dhcp - ok
11:51:53.0877 12500  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:51:53.0877 12500  discache - ok
11:51:53.0893 12500  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:51:53.0893 12500  Disk - ok
11:51:53.0955 12500  [ EC9D64CC2DD8A4C6D11550F364890DB1 ] DMAgent         C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
11:51:53.0986 12500  DMAgent - ok
11:51:54.0033 12500  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:51:54.0033 12500  Dnscache - ok
11:51:54.0080 12500  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:51:54.0095 12500  dot3svc - ok
11:51:54.0127 12500  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
11:51:54.0127 12500  DPS - ok
11:51:54.0173 12500  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:51:54.0173 12500  drmkaud - ok
11:51:54.0236 12500  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:51:54.0283 12500  DXGKrnl - ok
11:51:54.0329 12500  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
11:51:54.0329 12500  EapHost - ok
11:51:54.0986 12500  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
11:51:55.0079 12500  ebdrv - ok
11:51:55.0110 12500  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
11:51:55.0110 12500  EFS - ok
11:51:55.0173 12500  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:51:55.0204 12500  ehRecvr - ok
11:51:55.0235 12500  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
11:51:55.0251 12500  ehSched - ok
11:51:55.0298 12500  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
11:51:55.0313 12500  elxstor - ok
11:51:55.0329 12500  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:51:55.0344 12500  ErrDev - ok
11:51:55.0391 12500  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
11:51:55.0407 12500  EventSystem - ok
11:51:55.0532 12500  [ 8B6C9924B0D333DBF76086B8258A0891 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:51:55.0594 12500  EvtEng - ok
11:51:55.0610 12500  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
11:51:55.0610 12500  exfat - ok
11:51:55.0641 12500  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:51:55.0641 12500  fastfat - ok
11:51:55.0688 12500  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
11:51:55.0703 12500  Fax - ok
11:51:55.0734 12500  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:51:55.0734 12500  fdc - ok
11:51:55.0766 12500  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:51:55.0766 12500  fdPHost - ok
11:51:55.0781 12500  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:51:55.0781 12500  FDResPub - ok
11:51:55.0812 12500  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:51:55.0812 12500  FileInfo - ok
11:51:55.0828 12500  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:51:55.0828 12500  Filetrace - ok
11:51:55.0844 12500  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:51:55.0844 12500  flpydisk - ok
11:51:55.0875 12500  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:51:55.0890 12500  FltMgr - ok
11:51:55.0953 12500  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
11:51:55.0984 12500  FontCache - ok
11:51:56.0031 12500  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:51:56.0031 12500  FontCache3.0.0.0 - ok
11:51:56.0062 12500  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:51:56.0078 12500  FsDepends - ok
11:51:56.0093 12500  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:51:56.0109 12500  Fs_Rec - ok
11:51:56.0156 12500  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:51:56.0156 12500  fvevol - ok
11:51:56.0171 12500  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:51:56.0187 12500  gagp30kx - ok
11:51:56.0234 12500  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:51:56.0234 12500  GEARAspiWDM - ok
11:51:56.0280 12500  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
11:51:56.0312 12500  gpsvc - ok
11:51:56.0327 12500  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:51:56.0327 12500  hcw85cir - ok
11:51:56.0358 12500  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:51:56.0374 12500  HDAudBus - ok
11:51:56.0390 12500  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
11:51:56.0390 12500  HidBatt - ok
11:51:56.0405 12500  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:51:56.0421 12500  HidBth - ok
11:51:56.0436 12500  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
11:51:56.0436 12500  HidIr - ok
11:51:56.0468 12500  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
11:51:56.0468 12500  hidserv - ok
11:51:56.0514 12500  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
11:51:56.0514 12500  HidUsb - ok
11:51:56.0530 12500  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:51:56.0546 12500  hkmsvc - ok
11:51:56.0561 12500  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:51:56.0577 12500  HomeGroupListener - ok
11:51:56.0592 12500  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:51:56.0608 12500  HomeGroupProvider - ok
11:51:56.0608 12500  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:51:56.0624 12500  HpSAMD - ok
11:51:56.0686 12500  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:51:56.0702 12500  HTTP - ok
11:51:56.0717 12500  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:51:56.0717 12500  hwpolicy - ok
11:51:56.0764 12500  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:51:56.0764 12500  i8042prt - ok
11:51:56.0811 12500  [ D469B77687E12FE43E344806740B624D ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
11:51:56.0826 12500  iaStor - ok
11:51:56.0858 12500  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:51:56.0889 12500  iaStorV - ok
11:51:56.0904 12500  [ E44F0B4DC753C14930B8DC48BB7A1644 ] iBtFltCoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
11:51:56.0904 12500  iBtFltCoex - ok
11:51:57.0450 12500  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:51:57.0513 12500  idsvc - ok
11:51:57.0778 12500  [ 0AC9E321D604BE48A0D72B69BA484BDC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:51:58.0059 12500  igfx - ok
11:51:58.0106 12500  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
11:51:58.0106 12500  iirsp - ok
11:51:58.0152 12500  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:51:58.0184 12500  IKEEXT - ok
11:51:58.0230 12500  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
11:51:58.0230 12500  Impcd - ok
11:51:58.0308 12500  [ A9853214CC97796579D75B1F59C51DCD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:51:58.0402 12500  IntcAzAudAddService - ok
11:51:58.0418 12500  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:51:58.0433 12500  IntcDAud - ok
11:51:58.0464 12500  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
11:51:58.0464 12500  intelide - ok
11:51:58.0480 12500  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:51:58.0496 12500  intelppm - ok
11:51:58.0511 12500  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:51:58.0527 12500  IPBusEnum - ok
11:51:58.0574 12500  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:51:58.0589 12500  IpFilterDriver - ok
11:51:58.0636 12500  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:51:58.0667 12500  iphlpsvc - ok
11:51:58.0683 12500  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:51:58.0683 12500  IPMIDRV - ok
11:51:58.0714 12500  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:51:58.0714 12500  IPNAT - ok
11:51:58.0823 12500  [ 2872B90D57C8310194A78A9787406467 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:51:58.0854 12500  iPod Service - ok
11:51:58.0886 12500  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:51:58.0886 12500  IRENUM - ok
11:51:58.0932 12500  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:51:58.0932 12500  isapnp - ok
11:51:58.0964 12500  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:51:58.0979 12500  iScsiPrt - ok
11:51:59.0010 12500  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
11:51:59.0010 12500  kbdclass - ok
11:51:59.0026 12500  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
11:51:59.0026 12500  kbdhid - ok
11:51:59.0057 12500  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
11:51:59.0057 12500  KeyIso - ok
11:51:59.0088 12500  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:51:59.0088 12500  KSecDD - ok
11:51:59.0120 12500  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:51:59.0135 12500  KSecPkg - ok
11:51:59.0166 12500  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:51:59.0166 12500  ksthunk - ok
11:51:59.0213 12500  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:51:59.0229 12500  KtmRm - ok
11:51:59.0260 12500  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:51:59.0276 12500  LanmanServer - ok
11:51:59.0307 12500  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:51:59.0322 12500  LanmanWorkstation - ok
11:51:59.0369 12500  [ 33B46B2CF793BE56764D9D4AB8BD4E76 ] lgcpo           C:\Windows\system32\DRIVERS\lgcpo.sys
11:51:59.0369 12500  lgcpo - ok
11:51:59.0416 12500  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:51:59.0416 12500  lltdio - ok
11:51:59.0447 12500  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:51:59.0463 12500  lltdsvc - ok
11:51:59.0900 12500  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:52:00.0165 12500  lmhosts - ok
11:52:00.0227 12500  [ 7F32D4C47A50E7223491E8FB9359907D ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:52:00.0243 12500  LMS - ok
11:52:00.0274 12500  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:52:00.0274 12500  LSI_FC - ok
11:52:00.0321 12500  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
11:52:00.0336 12500  LSI_SAS - ok
11:52:00.0352 12500  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:52:00.0368 12500  LSI_SAS2 - ok
11:52:00.0383 12500  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:52:00.0399 12500  LSI_SCSI - ok
11:52:00.0414 12500  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
11:52:00.0414 12500  luafv - ok
11:52:00.0461 12500  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:52:00.0461 12500  Mcx2Svc - ok
11:52:00.0477 12500  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
11:52:00.0492 12500  megasas - ok
11:52:00.0508 12500  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:52:00.0508 12500  MegaSR - ok
11:52:00.0570 12500  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
11:52:00.0570 12500  MEIx64 - ok
11:52:00.0633 12500  [ 9547F37D0E899FD71B52B2AFD4437C79 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
11:52:00.0633 12500  MemeoBackgroundService - ok
11:52:00.0695 12500  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
11:52:00.0695 12500  MMCSS - ok
11:52:00.0726 12500  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
11:52:00.0726 12500  Modem - ok
11:52:00.0758 12500  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:52:00.0758 12500  monitor - ok
11:52:00.0789 12500  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
11:52:00.0789 12500  mouclass - ok
11:52:00.0836 12500  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:52:00.0836 12500  mouhid - ok
11:52:00.0867 12500  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:52:00.0867 12500  mountmgr - ok
11:52:00.0898 12500  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:52:00.0914 12500  mpio - ok
11:52:00.0929 12500  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:52:00.0929 12500  mpsdrv - ok
11:52:00.0976 12500  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:52:01.0007 12500  MpsSvc - ok
11:52:01.0038 12500  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:52:01.0038 12500  MRxDAV - ok
11:52:01.0070 12500  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:52:01.0070 12500  mrxsmb - ok
11:52:01.0101 12500  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:52:01.0101 12500  mrxsmb10 - ok
11:52:01.0116 12500  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:52:01.0132 12500  mrxsmb20 - ok
11:52:01.0163 12500  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:52:01.0163 12500  msahci - ok
11:52:01.0179 12500  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:52:01.0179 12500  msdsm - ok
11:52:01.0210 12500  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
11:52:01.0226 12500  MSDTC - ok
11:52:01.0241 12500  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:52:01.0241 12500  Msfs - ok
11:52:01.0257 12500  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:52:01.0257 12500  mshidkmdf - ok
11:52:01.0288 12500  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:52:01.0288 12500  msisadrv - ok
11:52:01.0319 12500  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:52:01.0319 12500  MSiSCSI - ok
11:52:01.0319 12500  msiserver - ok
11:52:01.0366 12500  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:52:01.0366 12500  MSKSSRV - ok
11:52:01.0382 12500  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:52:01.0382 12500  MSPCLOCK - ok
11:52:01.0397 12500  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:52:01.0397 12500  MSPQM - ok
11:52:01.0444 12500  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:52:01.0444 12500  MsRPC - ok
11:52:01.0491 12500  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:52:01.0491 12500  mssmbios - ok
11:52:01.0506 12500  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:52:01.0506 12500  MSTEE - ok
11:52:01.0522 12500  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:52:01.0522 12500  MTConfig - ok
11:52:01.0569 12500  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:52:01.0569 12500  Mup - ok
11:52:01.0600 12500  [ 6ED8935257672F4CD04A88A0F3DE093D ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:52:01.0616 12500  MyWiFiDHCPDNS - ok
11:52:01.0647 12500  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
11:52:01.0678 12500  napagent - ok
11:52:01.0725 12500  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:52:01.0740 12500  NativeWifiP - ok
11:52:01.0787 12500  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:52:01.0803 12500  NDIS - ok
11:52:01.0834 12500  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:52:01.0834 12500  NdisCap - ok
11:52:01.0865 12500  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:52:01.0865 12500  NdisTapi - ok
11:52:01.0912 12500  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:52:01.0912 12500  Ndisuio - ok
11:52:01.0943 12500  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:52:01.0943 12500  NdisWan - ok
11:52:01.0974 12500  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:52:01.0990 12500  NDProxy - ok
11:52:02.0006 12500  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:52:02.0006 12500  NetBIOS - ok
11:52:02.0052 12500  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:52:02.0052 12500  NetBT - ok
11:52:02.0099 12500  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
11:52:02.0099 12500  Netlogon - ok
11:52:02.0130 12500  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:52:02.0146 12500  Netman - ok
11:52:02.0177 12500  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:52:02.0427 12500  netprofm - ok
11:52:02.0723 12500  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:52:02.0723 12500  NetTcpPortSharing - ok
11:52:02.0957 12500  [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
11:52:03.0051 12500  NETwNs64 - ok
11:52:03.0082 12500  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
11:52:03.0082 12500  nfrd960 - ok
11:52:03.0129 12500  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:52:03.0144 12500  NlaSvc - ok
11:52:03.0160 12500  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:52:03.0160 12500  Npfs - ok
11:52:03.0191 12500  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
11:52:03.0191 12500  nsi - ok
11:52:03.0207 12500  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:52:03.0222 12500  nsiproxy - ok
11:52:03.0300 12500  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:52:03.0347 12500  Ntfs - ok
11:52:03.0363 12500  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:52:03.0363 12500  Null - ok
11:52:03.0394 12500  [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
11:52:03.0394 12500  nusb3hub - ok
11:52:03.0410 12500  [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:52:03.0425 12500  nusb3xhc - ok
11:52:03.0456 12500  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:52:03.0472 12500  nvraid - ok
11:52:03.0488 12500  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:52:03.0488 12500  nvstor - ok
11:52:03.0534 12500  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:52:03.0534 12500  nv_agp - ok
11:52:03.0550 12500  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:52:03.0550 12500  ohci1394 - ok
11:52:03.0581 12500  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:52:03.0597 12500  ose - ok
11:52:03.0768 12500  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:52:03.0800 12500  osppsvc - ok
11:52:03.0831 12500  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:52:03.0862 12500  p2pimsvc - ok
11:52:03.0893 12500  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:52:03.0909 12500  p2psvc - ok
11:52:03.0940 12500  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:52:03.0956 12500  Parport - ok
11:52:03.0971 12500  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:52:03.0971 12500  partmgr - ok
11:52:04.0002 12500  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:52:04.0002 12500  PcaSvc - ok
11:52:04.0034 12500  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
11:52:04.0049 12500  pci - ok
11:52:04.0065 12500  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
11:52:04.0080 12500  pciide - ok
11:52:04.0096 12500  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:52:04.0112 12500  pcmcia - ok
11:52:04.0143 12500  [ B5D3C24E4EA8E6D4850E83DAD8C510D4 ] PCTINDIS5X64    C:\Windows\system32\PCTINDIS5X64.SYS
11:52:04.0143 12500  PCTINDIS5X64 - ok
11:52:04.0158 12500  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:52:04.0158 12500  pcw - ok
11:52:04.0174 12500  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:52:04.0190 12500  PEAUTH - ok
11:52:04.0268 12500  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:52:04.0268 12500  PerfHost - ok
11:52:04.0346 12500  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
11:52:04.0392 12500  pla - ok
11:52:04.0439 12500  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:52:04.0455 12500  PlugPlay - ok
11:52:04.0470 12500  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:52:04.0486 12500  PNRPAutoReg - ok
11:52:04.0502 12500  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:52:04.0517 12500  PNRPsvc - ok
11:52:04.0533 12500  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:52:04.0548 12500  PolicyAgent - ok
11:52:04.0595 12500  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
11:52:04.0611 12500  Power - ok
11:52:04.0642 12500  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:52:04.0642 12500  PptpMiniport - ok
11:52:04.0673 12500  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
11:52:04.0673 12500  Processor - ok
11:52:05.0266 12500  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:52:05.0282 12500  ProfSvc - ok
11:52:05.0297 12500  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:52:05.0297 12500  ProtectedStorage - ok
11:52:05.0344 12500  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:52:05.0344 12500  Psched - ok
11:52:05.0391 12500  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
11:52:05.0391 12500  PxHlpa64 - ok
11:52:05.0484 12500  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:52:05.0531 12500  ql2300 - ok
11:52:05.0547 12500  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:52:05.0562 12500  ql40xx - ok
11:52:05.0594 12500  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
11:52:05.0609 12500  QWAVE - ok
11:52:05.0625 12500  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:52:05.0625 12500  QWAVEdrv - ok
11:52:05.0640 12500  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:52:05.0640 12500  RasAcd - ok
11:52:05.0687 12500  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:52:05.0687 12500  RasAgileVpn - ok
11:52:05.0718 12500  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
11:52:05.0718 12500  RasAuto - ok
11:52:05.0750 12500  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:52:05.0750 12500  Rasl2tp - ok
11:52:05.0781 12500  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
11:52:05.0781 12500  RasMan - ok
11:52:05.0812 12500  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:52:05.0812 12500  RasPppoe - ok
11:52:05.0828 12500  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:52:05.0828 12500  RasSstp - ok
11:52:05.0843 12500  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:52:05.0843 12500  rdbss - ok
11:52:05.0859 12500  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:52:05.0859 12500  rdpbus - ok
11:52:05.0890 12500  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:52:05.0890 12500  RDPCDD - ok
11:52:05.0906 12500  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:52:05.0906 12500  RDPENCDD - ok
11:52:05.0921 12500  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:52:05.0937 12500  RDPREFMP - ok
11:52:05.0968 12500  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:52:05.0968 12500  RDPWD - ok
11:52:05.0999 12500  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:52:06.0015 12500  rdyboost - ok
11:52:06.0093 12500  [ 189C5A8D2098E0AA14FD157A954B34FC ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:52:06.0140 12500  RegSrvc - ok
11:52:06.0155 12500  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:52:06.0155 12500  RemoteAccess - ok
11:52:06.0171 12500  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:52:06.0186 12500  RemoteRegistry - ok
11:52:06.0233 12500  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
11:52:06.0233 12500  RFCOMM - ok
11:52:06.0296 12500  [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
11:52:06.0311 12500  RimVSerPort - ok
11:52:06.0327 12500  [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
11:52:06.0327 12500  ROOTMODEM - ok
11:52:06.0436 12500  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
11:52:06.0483 12500  RoxMediaDB12OEM - ok
11:52:06.0498 12500  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
11:52:06.0514 12500  RoxWatch12 - ok
11:52:06.0545 12500  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:52:06.0561 12500  RpcEptMapper - ok
11:52:06.0592 12500  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:52:06.0592 12500  RpcLocator - ok
11:52:06.0623 12500  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
11:52:06.0623 12500  RpcSs - ok
11:52:06.0654 12500  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:52:06.0654 12500  rspndr - ok
11:52:06.0686 12500  [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
11:52:06.0701 12500  RSUSBSTOR - ok
11:52:06.0748 12500  [ A73ED14670220307874AD6BC2F279349 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:52:06.0779 12500  RTL8167 - ok
11:52:06.0795 12500  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
11:52:06.0795 12500  SamSs - ok
11:52:06.0826 12500  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:52:06.0826 12500  sbp2port - ok
11:52:06.0842 12500  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:52:06.0857 12500  SCardSvr - ok
11:52:06.0888 12500  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:52:06.0888 12500  scfilter - ok
11:52:06.0951 12500  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
11:52:06.0998 12500  Schedule - ok
11:52:07.0013 12500  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:52:07.0029 12500  SCPolicySvc - ok
11:52:07.0060 12500  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:52:07.0060 12500  SDRSVC - ok
11:52:07.0122 12500  [ B29A858AAF869DA38E02278F91512C07 ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
11:52:07.0122 12500  SeagateDashboardService - ok
11:52:07.0154 12500  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:52:07.0169 12500  secdrv - ok
11:52:07.0200 12500  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
11:52:07.0200 12500  seclogon - ok
11:52:07.0232 12500  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
11:52:07.0232 12500  SENS - ok
11:52:07.0247 12500  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:52:07.0247 12500  SensrSvc - ok
11:52:07.0263 12500  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:52:07.0263 12500  Serenum - ok
11:52:07.0278 12500  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:52:07.0497 12500  Serial - ok
11:52:07.0887 12500  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:52:07.0902 12500  sermouse - ok
11:52:07.0949 12500  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:52:07.0949 12500  SessionEnv - ok
11:52:07.0965 12500  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:52:07.0965 12500  sffdisk - ok
11:52:07.0996 12500  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:52:07.0996 12500  sffp_mmc - ok
11:52:08.0012 12500  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:52:08.0012 12500  sffp_sd - ok
11:52:08.0058 12500  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:52:08.0058 12500  sfloppy - ok
11:52:08.0105 12500  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
11:52:08.0136 12500  Sftfs - ok
11:52:08.0214 12500  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:52:08.0230 12500  sftlist - ok
11:52:08.0261 12500  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:52:08.0277 12500  Sftplay - ok
11:52:08.0292 12500  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:52:08.0292 12500  Sftredir - ok
11:52:08.0355 12500  [ E1974A92AC0914A3859359A0A8C82C68 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
11:52:08.0386 12500  SftService - ok
11:52:08.0402 12500  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
11:52:08.0417 12500  Sftvol - ok
11:52:08.0417 12500  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:52:08.0433 12500  sftvsa - ok
11:52:08.0464 12500  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:52:08.0464 12500  SharedAccess - ok
11:52:08.0495 12500  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:52:08.0511 12500  ShellHWDetection - ok
11:52:08.0542 12500  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:52:08.0542 12500  SiSRaid2 - ok
11:52:08.0573 12500  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:52:08.0573 12500  SiSRaid4 - ok
11:52:08.0760 12500  [ EB17DF573B4423DF0B3B2EE3B268A6DE ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
11:52:08.0854 12500  Skype C2C Service - ok
11:52:08.0963 12500  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:52:08.0963 12500  SkypeUpdate - ok
11:52:08.0994 12500  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:52:09.0010 12500  Smb - ok
11:52:09.0057 12500  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:52:09.0072 12500  SNMPTRAP - ok
11:52:09.0088 12500  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:52:09.0104 12500  spldr - ok
11:52:09.0135 12500  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
11:52:09.0150 12500  Spooler - ok
11:52:09.0228 12500  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
11:52:09.0322 12500  sppsvc - ok
11:52:09.0353 12500  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:52:09.0353 12500  sppuinotify - ok
11:52:09.0384 12500  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:52:09.0400 12500  srv - ok
11:52:09.0431 12500  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:52:09.0447 12500  srv2 - ok
11:52:09.0462 12500  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:52:09.0462 12500  srvnet - ok
11:52:09.0509 12500  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:52:09.0525 12500  SSDPSRV - ok
11:52:09.0540 12500  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:52:09.0556 12500  SstpSvc - ok
11:52:09.0587 12500  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:52:09.0587 12500  stexstor - ok
11:52:09.0650 12500  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
11:52:09.0681 12500  stisvc - ok
11:52:09.0712 12500  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
11:52:09.0712 12500  stllssvr - ok
11:52:09.0759 12500  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:52:09.0759 12500  swenum - ok
11:52:09.0837 12500  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:52:09.0884 12500  SwitchBoard - ok
11:52:10.0461 12500  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
11:52:10.0492 12500  swprv - ok
11:52:10.0632 12500  [ 09E811486038F1C06F9E00DFFAAB7A4E ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
11:52:10.0679 12500  SynTP - ok
11:52:10.0742 12500  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
11:52:10.0804 12500  SysMain - ok
11:52:10.0835 12500  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:52:10.0835 12500  TabletInputService - ok
11:52:10.0866 12500  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:52:10.0882 12500  TapiSrv - ok
11:52:10.0913 12500  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
11:52:10.0913 12500  TBS - ok
11:52:11.0007 12500  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:52:11.0100 12500  Tcpip - ok
11:52:11.0241 12500  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:52:11.0241 12500  TCPIP6 - ok
11:52:11.0272 12500  [ 7734BDCF76898452C8D83745DA1B86FA ] tcpipBM         C:\Windows\system32\drivers\tcpipBM.sys
11:52:11.0288 12500  tcpipBM - ok
11:52:11.0319 12500  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:52:11.0319 12500  tcpipreg - ok
11:52:11.0350 12500  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:52:11.0350 12500  TDPIPE - ok
11:52:11.0381 12500  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:52:11.0381 12500  TDTCP - ok
11:52:11.0412 12500  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:52:11.0412 12500  tdx - ok
11:52:11.0459 12500  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:52:11.0459 12500  TermDD - ok
11:52:11.0506 12500  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
11:52:11.0537 12500  TermService - ok
11:52:11.0568 12500  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:52:11.0568 12500  Themes - ok
11:52:11.0600 12500  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
11:52:11.0600 12500  THREADORDER - ok
11:52:11.0631 12500  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:52:11.0631 12500  TrkWks - ok
11:52:11.0678 12500  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:52:11.0693 12500  TrustedInstaller - ok
11:52:11.0724 12500  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:52:11.0724 12500  tssecsrv - ok
11:52:11.0756 12500  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:52:11.0756 12500  TsUsbFlt - ok
11:52:11.0787 12500  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:52:11.0787 12500  tunnel - ok
11:52:11.0818 12500  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:52:11.0818 12500  uagp35 - ok
11:52:11.0849 12500  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:52:11.0849 12500  udfs - ok
11:52:11.0896 12500  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:52:11.0896 12500  UI0Detect - ok
11:52:11.0927 12500  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:52:11.0927 12500  uliagpkx - ok
11:52:11.0958 12500  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:52:11.0958 12500  umbus - ok
11:52:12.0005 12500  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:52:12.0005 12500  UmPass - ok
11:52:12.0099 12500  [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:52:12.0192 12500  UNS - ok
11:52:12.0208 12500  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:52:12.0224 12500  upnphost - ok
11:52:12.0270 12500  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
11:52:12.0270 12500  USBAAPL64 - ok
11:52:12.0302 12500  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:52:12.0302 12500  usbccgp - ok
11:52:12.0348 12500  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:52:12.0348 12500  usbcir - ok
11:52:12.0380 12500  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
11:52:12.0380 12500  usbehci - ok
11:52:12.0411 12500  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:52:12.0411 12500  usbhub - ok
11:52:12.0442 12500  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:52:12.0660 12500  usbohci - ok
11:52:13.0066 12500  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:52:13.0066 12500  usbprint - ok
11:52:13.0097 12500  [ 7AE5D88640F69F67BE24C652505A77EF ] UsbSADDiag      C:\Windows\system32\DRIVERS\lgusbd64diag.sys
11:52:13.0097 12500  UsbSADDiag - ok
11:52:13.0128 12500  [ 56CBF8771808BFDC035D4D4755C14624 ] USBSADModem     C:\Windows\system32\DRIVERS\lgusbd64modem.sys
11:52:13.0128 12500  USBSADModem - ok
11:52:13.0144 12500  [ 5F930591E48859F5AC157DBDD9F36655 ] UsbSADObex      C:\Windows\system32\DRIVERS\lgusbd64obex.sys
11:52:13.0144 12500  UsbSADObex - ok
11:52:13.0191 12500  [ EC2F6FDDE4F9688BD47E7B05FC9F2D10 ] USBSANDIS       C:\Windows\system32\DRIVERS\dc_enum.sys
11:52:13.0191 12500  USBSANDIS - ok
11:52:13.0238 12500  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:52:13.0253 12500  usbscan - ok
11:52:13.0284 12500  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:52:13.0284 12500  USBSTOR - ok
11:52:13.0300 12500  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:52:13.0316 12500  usbuhci - ok
11:52:13.0347 12500  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:52:13.0347 12500  usbvideo - ok
11:52:13.0394 12500  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
11:52:13.0394 12500  UxSms - ok
11:52:13.0409 12500  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
11:52:13.0409 12500  VaultSvc - ok
11:52:13.0425 12500  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:52:13.0440 12500  vdrvroot - ok
11:52:13.0472 12500  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
11:52:13.0503 12500  vds - ok
11:52:13.0534 12500  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:52:13.0534 12500  vga - ok
11:52:13.0550 12500  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:52:13.0550 12500  VgaSave - ok
11:52:13.0581 12500  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:52:13.0581 12500  vhdmp - ok
11:52:13.0612 12500  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:52:13.0612 12500  viaide - ok
11:52:13.0643 12500  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:52:13.0659 12500  volmgr - ok
11:52:13.0690 12500  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:52:13.0706 12500  volmgrx - ok
11:52:13.0721 12500  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:52:13.0737 12500  volsnap - ok
11:52:13.0768 12500  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
11:52:13.0768 12500  vsmraid - ok
11:52:13.0846 12500  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
11:52:13.0908 12500  VSS - ok
11:52:14.0033 12500  [ F1E8C5167F849D1089D8108C50E6FF11 ] vToolbarUpdater15.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
11:52:14.0064 12500  vToolbarUpdater15.2.0 - ok
11:52:14.0080 12500  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:52:14.0080 12500  vwifibus - ok
11:52:14.0111 12500  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:52:14.0111 12500  vwififlt - ok
11:52:14.0142 12500  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:52:14.0142 12500  vwifimp - ok
11:52:14.0174 12500  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
11:52:14.0205 12500  W32Time - ok
11:52:14.0220 12500  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:52:14.0220 12500  WacomPen - ok
11:52:14.0252 12500  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:52:14.0252 12500  WANARP - ok
11:52:14.0283 12500  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:52:14.0283 12500  Wanarpv6 - ok
11:52:14.0361 12500  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:52:14.0423 12500  WatAdminSvc - ok
11:52:14.0501 12500  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
11:52:14.0595 12500  wbengine - ok
11:52:14.0642 12500  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:52:14.0657 12500  WbioSrvc - ok
11:52:14.0688 12500  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:52:14.0704 12500  wcncsvc - ok
11:52:14.0735 12500  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:52:14.0735 12500  WcsPlugInService - ok
11:52:14.0766 12500  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:52:14.0766 12500  Wd - ok
11:52:14.0798 12500  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:52:14.0829 12500  Wdf01000 - ok
11:52:14.0844 12500  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:52:14.0860 12500  WdiServiceHost - ok
11:52:14.0860 12500  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:52:14.0876 12500  WdiSystemHost - ok
11:52:14.0907 12500  [ 94DC2BF6CBAAA95E369C3756D3115A76 ] wdkmd           C:\Windows\system32\DRIVERS\WDKMD.sys
11:52:14.0907 12500  wdkmd - ok
11:52:14.0922 12500  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
11:52:14.0922 12500  WebClient - ok
11:52:14.0954 12500  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:52:14.0954 12500  Wecsvc - ok
11:52:14.0985 12500  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:52:14.0985 12500  wercplsupport - ok
11:52:15.0016 12500  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:52:15.0032 12500  WerSvc - ok
11:52:15.0063 12500  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:52:15.0312 12500  WfpLwf - ok
11:52:15.0796 12500  [ 64DE79BF805724F0606FE7B3B2F13784 ] WiMAXAppSrv     C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
11:52:15.0843 12500  WiMAXAppSrv - ok
11:52:15.0874 12500  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
11:52:15.0874 12500  WimFltr - ok
11:52:15.0905 12500  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:52:15.0905 12500  WIMMount - ok
11:52:15.0936 12500  WinDefend - ok
11:52:15.0952 12500  WinHttpAutoProxySvc - ok
11:52:15.0999 12500  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:52:16.0014 12500  Winmgmt - ok
11:52:16.0108 12500  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
11:52:16.0202 12500  WinRM - ok
11:52:16.0248 12500  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:52:16.0264 12500  WinUsb - ok
11:52:16.0311 12500  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:52:16.0358 12500  Wlansvc - ok
11:52:16.0420 12500  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:52:16.0420 12500  wlcrasvc - ok
11:52:16.0545 12500  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:52:16.0623 12500  wlidsvc - ok
11:52:16.0685 12500  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:52:16.0685 12500  WmiAcpi - ok
11:52:16.0716 12500  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:52:16.0716 12500  wmiApSrv - ok
11:52:16.0763 12500  WMPNetworkSvc - ok
11:52:16.0779 12500  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:52:16.0794 12500  WPCSvc - ok
11:52:16.0826 12500  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:52:16.0826 12500  WPDBusEnum - ok
11:52:16.0857 12500  [ 2BF01C32D1B6F762B8234FD60D7BC588 ] WRkrn           C:\Windows\system32\drivers\WRkrn.sys
11:52:16.0857 12500  WRkrn - ok
11:52:16.0935 12500  [ 324C021698CF2AEA1FB2BE24CBDA6003 ] WRSVC           C:\Program Files (x86)\Webroot\WRSA.exe
11:52:16.0935 12500  WRSVC - ok
11:52:16.0966 12500  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:52:16.0966 12500  ws2ifsl - ok
11:52:16.0982 12500  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
11:52:16.0997 12500  wscsvc - ok
11:52:16.0997 12500  WSearch - ok
11:52:17.0091 12500  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:52:17.0169 12500  wuauserv - ok
11:52:17.0216 12500  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:52:17.0216 12500  WudfPf - ok
11:52:17.0262 12500  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:52:17.0262 12500  WUDFRd - ok
11:52:17.0294 12500  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:52:17.0294 12500  wudfsvc - ok
11:52:17.0325 12500  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:52:17.0325 12500  WwanSvc - ok
11:52:17.0387 12500  ================ Scan global ===============================
11:52:17.0418 12500  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:52:17.0450 12500  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:52:17.0465 12500  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:52:17.0496 12500  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:52:17.0512 12500  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:52:17.0528 12500  [Global] - ok
11:52:17.0528 12500  ================ Scan MBR ==================================
11:52:17.0528 12500  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:52:18.0495 12500  \Device\Harddisk0\DR0 - ok
11:52:18.0495 12500  ================ Scan VBR ==================================
11:52:18.0495 12500  [ C6E92685F316E6625F78BBD04599B9D0 ] \Device\Harddisk0\DR0\Partition1
11:52:18.0495 12500  \Device\Harddisk0\DR0\Partition1 - ok
11:52:18.0542 12500  [ BB6472E2417897808A10225AC86CE289 ] \Device\Harddisk0\DR0\Partition2
11:52:18.0542 12500  \Device\Harddisk0\DR0\Partition2 - ok
11:52:18.0557 12500  ============================================================
11:52:18.0557 12500  Scan finished
11:52:18.0557 12500  ============================================================
11:52:18.0557 3348  Detected object count: 0
11:52:18.0557 3348  Actual detected object count: 0
 

 

 



#6 Ekoehler

Ekoehler
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 14 June 2013 - 11:07 AM

AdwCleaner:

# AdwCleaner v2.303 - Logfile created 06/14/2013 at 11:55:41
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Owner - OWNER-PC
# Boot Mode : Normal
# Running from : C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4ME0TIG3\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\END
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\uTorrentControl_v2
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Users\Owner\AppData\Local\Conduit
Folder Deleted : C:\Users\Owner\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Owner\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Owner\AppData\LocalLow\uTorrentControl_v2

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2595540-EB08-451A-8B3F-54302ED9E823}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE1B714B-E96D-4773-BF2F-A03FED8A3CE8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [7582 octets] - [14/06/2013 11:55:41]

########## EOF - C:\AdwCleaner[S1].txt - [7642 octets] ##########

 

 



#7 Ekoehler

Ekoehler
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 14 June 2013 - 02:54 PM

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Users\Owner\AppData\Local\Temp\0.6874763813172616 Win32/Agent.USR trojan cleaned by deleting - quarantined
C:\Users\Owner\AppData\Local\Temp\11371007639594.exe a variant of Win32/Kryptik.BDJK trojan cleaned by deleting - quarantined
C:\Users\Owner\AppData\Local\Temp\dp.exe Win32/DealPly.B application deleted - quarantined
C:\Users\Owner\AppData\Local\Temp\jar_cache6598507345601314509.tmp multiple threats cleaned by deleting - quarantined
C:\Users\Owner\AppData\Local\Temp\msimg32.dll a variant of Win32/Kryptik.BDOG trojan cleaned by deleting - quarantined
C:\Users\Owner\AppData\Local\Temp\VidSaver6_20120718.exe Win32/Toolbar.CrossRider application cleaned by deleting - quarantined
C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\75ccc791-584010cb multiple threats cleaned by deleting - quarantined
C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\333214d5-22bd633f a variant of Java/Exploit.Agent.ONG trojan cleaned by deleting - quarantined
C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\7cdf2544-476a8e39 Java/Exploit.CVE-2013-0422.CL trojan cleaned by deleting - quarantined
C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\6950da77-1b1da6d0 Java/Exploit.CVE-2012-4681.CT trojan cleaned by deleting - quarantined
 



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:51 AM

Posted 14 June 2013 - 10:31 PM

This looks good.. Does AVG still say I sees it?


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Ekoehler

Ekoehler
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 15 June 2013 - 06:50 PM

Yes it does still appear. It says the object name is: c:\$RECYCLE.BIN\S-1-5-21-1069242949-64810438-1460155536-1000\$ce9b5c8b8b3ccd8f727116393e9d6066\n
The warning pops up when I go to empty out my recycling bin



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:51 AM

Posted 17 June 2013 - 08:13 PM

So you cannot empty the recycle bi?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Ekoehler

Ekoehler
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 18 June 2013 - 07:51 PM

I can empty it, I just get a notification from AVG after with the warning of the Trojan



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:51 AM

Posted 18 June 2013 - 07:55 PM

That's strange.. after you empty it, it keeps giving that warning?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Ekoehler

Ekoehler
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 18 June 2013 - 10:42 PM

Unfortunately it does, every time I empty it.



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:51 AM

Posted 19 June 2013 - 08:16 PM

Man!! We need to get a deeper look and see where the issue is. Please follow this Preparation Guide and post in a new topic. Title it "malaare stuck in Recycle Bin"
Explain what's happening.

Let me know if all went well.

Edited by boopme, 19 June 2013 - 08:16 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,009 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:10:51 AM

Posted 19 June 2013 - 10:45 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/t/498631/malware-stuck-in-recycle-bin/ you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users