Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Remote Access invasion


  • Please log in to reply
6 replies to this topic

#1 ssperkins14

ssperkins14

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fayetteville, GA
  • Local time:02:32 PM

Posted 29 June 2013 - 08:57 PM

Hi! I believe I have been invaded by a virus that allows remote access to the internet through my computer.  Overall my computer is running slowly and Microsoft Security Essentials is always yellow, indicating that I need to run a scan that it is potentially at risk.  I have a Acer Aspire x1430, Windows 7 Home Premium 2009 Service Pack 1 64 bit operating system. I use Microsoft Security Essentials and have also used Anti-Superspyware in the past.  I went on vacation and when I returned  there had been a power failure while I was gone.  Upon reboot, a box popped up asking if I would like to connect to a broadband connection.  And when I went into my Remote Access settings they were set differently.  My internet connection information was changed and I had to re enable the connection that I've always used.  Could someone please give me some direction in regards to this?  

 

Thanks so much!



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:32 PM

Posted 29 June 2013 - 09:53 PM

Hello, lets see what these show.


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 ssperkins14

ssperkins14
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fayetteville, GA
  • Local time:02:32 PM

Posted 30 June 2013 - 11:31 AM

Here is the reports:

MiniToolBox by Farbar  Version: 16-06-2013
Ran by ssperkins14 (administrator) on 29-06-2013 at 23:18:19
Running from "C:\Users\ssperkins14\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : perkins01
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.ga.comcast.net.
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : hsd1.ga.comcast.net.
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : C8-9C-DC-6E-D8-8E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b531:77bc:8615:4d96%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.131(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, June 29, 2013 9:25:20 PM
   Lease Expires . . . . . . . . . . : Sunday, June 30, 2013 11:15:45 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 197696732
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-A2-3E-33-C8-9C-DC-6E-D8-8E
   DNS Servers . . . . . . . . . . . : 208.67.222.222
                                       208.67.220.220
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.hsd1.ga.comcast.net.:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter 6TO4 Adapter:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 9:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  resolver1.opendns.com
Address:  208.67.222.222
 
Name:    google.com.hsd1.ga.comcast.net
Address:  67.215.65.132
 
 
Pinging google.com [173.194.37.72] with 32 bytes of data:
Reply from 173.194.37.72: bytes=32 time=13ms TTL=56
Reply from 173.194.37.72: bytes=32 time=12ms TTL=56
 
Ping statistics for 173.194.37.72:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 12ms, Maximum = 13ms, Average = 12ms
Server:  resolver1.opendns.com
Address:  208.67.222.222
 
Name:    yahoo.com.hsd1.ga.comcast.net
Address:  67.215.65.132
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=47ms TTL=51
Reply from 98.138.253.109: bytes=32 time=47ms TTL=51
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 47ms, Maximum = 47ms, Average = 47ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...c8 9c dc 6e d8 8e ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.131     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.131    276
    192.168.1.131  255.255.255.255         On-link     192.168.1.131    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.131    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.131    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.131    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::b531:77bc:8615:4d96/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/29/2013 09:23:00 PM) (Source: RasClient) (User: )
Description: CoId={6753C244-F0CA-443C-ADBE-5FA760E8C4C2}: The user perkins01\ssperkins14 dialed a connection named Broadband Connection which has failed. The error code returned on failure is 651.
 
Error: (06/29/2013 09:22:39 PM) (Source: RasClient) (User: )
Description: CoId={80B2E36E-CD23-40CB-844F-EBDDC3C4ABFD}: The user perkins01\ssperkins14 dialed a connection named Broadband Connection which has failed. The error code returned on failure is 0.
 
Error: (06/29/2013 09:20:07 PM) (Source: RasClient) (User: )
Description: CoId={7C6D46B5-A10A-4EE3-9CB4-D808DE907A5B}: The user perkins01\ssperkins14 dialed a connection named Broadband Connection which has failed. The error code returned on failure is 638.
 
Error: (06/29/2013 09:17:54 PM) (Source: RasClient) (User: )
Description: CoId={18A3ED09-C6F5-4DE3-B4AB-D638A3AF22D9}: The user perkins01\ssperkins14 dialed a connection named Broadband Connection which has failed. The error code returned on failure is 651.
 
Error: (06/29/2013 09:16:41 PM) (Source: RasClient) (User: )
Description: CoId={E29F0460-1743-4319-8754-74203C6882C8}: The user perkins01\ssperkins14 dialed a connection named Broadband Connection which has failed. The error code returned on failure is 651.
 
Error: (06/29/2013 09:13:58 PM) (Source: RasClient) (User: )
Description: CoId={F0F77950-A23D-49AB-A426-801C4F3278B4}: The user perkins01\ssperkins14 dialed a connection named RedShark which has failed. The error code returned on failure is 651.
 
Error: (06/29/2013 09:10:05 PM) (Source: RasClient) (User: )
Description: CoId={AAD19399-883B-425C-97CA-9CF07BD7823F}: The user perkins01\ssperkins14 dialed a connection named Broadband Connection which has failed. The error code returned on failure is 0.
 
Error: (06/29/2013 09:09:16 PM) (Source: RasClient) (User: )
Description: CoId={362B2544-825B-4706-A063-FD7AFB77889E}: The user perkins01\ssperkins14 dialed a connection named Broadband Connection which has failed. The error code returned on failure is 651.
 
Error: (06/29/2013 09:08:36 PM) (Source: RasClient) (User: )
Description: CoId={15BDCC58-D4E5-4A7D-98DD-3746DE91B916}: The user perkins01\ssperkins14 dialed a connection named Broadband Connection which has failed. The error code returned on failure is 638.
 
Error: (06/29/2013 09:05:46 PM) (Source: RasClient) (User: )
Description: CoId={1982D18A-6066-4460-BB69-3C53852DEB6B}: The user perkins01\ssperkins14 dialed a connection named Broadband Connection which has failed. The error code returned on failure is 651.
 
 
System errors:
=============
Error: (06/29/2013 09:06:49 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.153.859.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.2.0223.00
 
Source Path: 4.2.0223.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (06/29/2013 08:58:07 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.153.859.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.2.0223.00
 
Source Path: 4.2.0223.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (06/29/2013 08:46:23 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.153.859.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.2.0223.00
 
Source Path: 4.2.0223.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (06/29/2013 08:46:23 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.153.859.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.2.0223.00
 
Source Path: 4.2.0223.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (06/29/2013 08:21:11 PM) (Source: DCOM) (User: perkins01)
Description: application-specificLocalActivation{48DA6741-1BF0-4A44-8325-293086C79077}{48DA6741-1BF0-4A44-8325-293086C79077}perkins01ssperkins14S-1-5-21-475562963-1728995883-2196923520-1000LocalHost (Using LRPC)
 
Error: (06/29/2013 08:21:11 PM) (Source: DCOM) (User: perkins01)
Description: application-specificLocalActivation{48DA6741-1BF0-4A44-8325-293086C79077}{48DA6741-1BF0-4A44-8325-293086C79077}perkins01ssperkins14S-1-5-21-475562963-1728995883-2196923520-1000LocalHost (Using LRPC)
 
Error: (06/29/2013 08:21:11 PM) (Source: DCOM) (User: perkins01)
Description: application-specificLocalActivation{48DA6741-1BF0-4A44-8325-293086C79077}{48DA6741-1BF0-4A44-8325-293086C79077}perkins01ssperkins14S-1-5-21-475562963-1728995883-2196923520-1000LocalHost (Using LRPC)
 
Error: (06/29/2013 08:21:11 PM) (Source: DCOM) (User: perkins01)
Description: application-specificLocalActivation{48DA6741-1BF0-4A44-8325-293086C79077}{48DA6741-1BF0-4A44-8325-293086C79077}perkins01ssperkins14S-1-5-21-475562963-1728995883-2196923520-1000LocalHost (Using LRPC)
 
Error: (06/29/2013 08:21:11 PM) (Source: DCOM) (User: perkins01)
Description: application-specificLocalActivation{48DA6741-1BF0-4A44-8325-293086C79077}{48DA6741-1BF0-4A44-8325-293086C79077}perkins01ssperkins14S-1-5-21-475562963-1728995883-2196923520-1000LocalHost (Using LRPC)
 
Error: (06/29/2013 08:21:11 PM) (Source: DCOM) (User: perkins01)
Description: application-specificLocalActivation{48DA6741-1BF0-4A44-8325-293086C79077}{48DA6741-1BF0-4A44-8325-293086C79077}perkins01ssperkins14S-1-5-21-475562963-1728995883-2196923520-1000LocalHost (Using LRPC)
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-05-28 10:28:27.485
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-28 10:28:27.376
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-11-16 09:06:05.393
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-11-16 09:06:05.331
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-08-23 11:19:02.629
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-08-23 11:19:02.582
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
 clear.fi  (Version: 1.5.1717_38186)
 clear.fi  (Version: 9.0.8031)
64 Bit HP CIO Components Installer (Version: 1.0.0)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acer eRecovery Management (Version: 5.00.3502)
Acer Updater (Version: 1.02.3500)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
AIO_CDB_ProductContext (Version: 82.0.242.000)
AIO_CDB_Software (Version: 82.0.242.000)
AIO_Scan (Version: 82.0.173.000)
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.60524.2309)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ATI AVIVO64 Codecs (Version: 11.6.0.10524)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 82.0.173.000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0524.2352.41027)
Catalyst Control Center InstallProxy (Version: 2011.0524.2352.41027)
Catalyst Control Center Localization All (Version: 2011.0524.2352.41027)
CCC Help Chinese Standard (Version: 2011.0524.2351.41027)
CCC Help Chinese Traditional (Version: 2011.0524.2351.41027)
CCC Help Czech (Version: 2011.0524.2351.41027)
CCC Help Danish (Version: 2011.0524.2351.41027)
CCC Help Dutch (Version: 2011.0524.2351.41027)
CCC Help English (Version: 2011.0524.2351.41027)
CCC Help Finnish (Version: 2011.0524.2351.41027)
CCC Help French (Version: 2011.0524.2351.41027)
CCC Help German (Version: 2011.0524.2351.41027)
CCC Help Greek (Version: 2011.0524.2351.41027)
CCC Help Hungarian (Version: 2011.0524.2351.41027)
CCC Help Italian (Version: 2011.0524.2351.41027)
CCC Help Japanese (Version: 2011.0524.2351.41027)
CCC Help Korean (Version: 2011.0524.2351.41027)
CCC Help Norwegian (Version: 2011.0524.2351.41027)
CCC Help Polish (Version: 2011.0524.2351.41027)
CCC Help Portuguese (Version: 2011.0524.2351.41027)
CCC Help Russian (Version: 2011.0524.2351.41027)
CCC Help Spanish (Version: 2011.0524.2351.41027)
CCC Help Swedish (Version: 2011.0524.2351.41027)
CCC Help Thai (Version: 2011.0524.2351.41027)
CCC Help Turkish (Version: 2011.0524.2351.41027)
ccc-utility64 (Version: 2011.0524.2352.41027)
Cisco Connect (Version: 1.4.11266.0)
clear.fi (Version: 1.5.2212.35)
clear.fi Client (Version: 1.05.3002)
D3DX10 (Version: 15.4.2368.0902)
Evernote v. 4.5.1 (Version: 4.5.1.5451)
Fax (Version: 82.0.188.000)
Fooz Kids (Version: 3.0.8)
Galerie de photos (Version: 16.4.3505.0912)
Google Chrome (Version: 27.0.1453.116)
Hotkey Utility (Version: 2.05.3505)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (Version: 8.0)
iCloud (Version: 2.1.2.8)
Identity Card (Version: 1.00.3501)
iTunes (Version: 11.0.4.4)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 16.4.3505.0912)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft SkyDrive (Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Movie Maker (Version: 16.4.3505.0912)
Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MyWinLocker Suite (Version: 4.0.14.15)
Nero Control Center 10 (Version: 10.2.11100.1.1)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.18100.8.8)
Nero DiscSpeed 10 (Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (Version: 10.5.10000)
Nero Express 10 (Version: 10.2.12000.21.100)
Nero Express 10 Help (CHM) (Version: 10.5.10200)
Nero Multimedia Suite 10 Essentials (Version: 10.5.10300)
Nero StartSmart 10 (Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (Version: 10.5.10000)
Nero Update (Version: 1.0.0018)
Photo Gallery (Version: 16.4.3505.0912)
QuickTime (Version: 7.74.80.86)
Realtek Ethernet Controller Driver (Version: 7.45.516.2011)
Safari (Version: 5.34.57.2)
Scan (Version: 8.1.0.0)
Shredder (Version: 2.0.8.9)
Skype™ 5.10 (Version: 5.10.116)
Toolbox (Version: 82.0.173.000)
UnloadSupport (Version: 1.00.0000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition
WebReg (Version: 82.0.173.000)
Windows Live (Version: 16.4.3505.0912)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 31%
Total physical RAM: 3579.27 MB
Available physical RAM: 2469.63 MB
Total Pagefile: 7156.71 MB
Available Pagefile: 5274.89 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.24 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Acer) (Fixed) (Total:441.25 GB) (Free:340.76 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\PERKINS01
 
Administrator            Guest                    ssperkins14              
the girls                
 
 
**** End of log ****
 

 

23:19:46.0950 4988  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:19:47.0456 4988  ============================================================
23:19:47.0456 4988  Current date / time: 2013/06/29 23:19:47.0456
23:19:47.0456 4988  SystemInfo:
23:19:47.0456 4988  
23:19:47.0456 4988  OS Version: 6.1.7601 ServicePack: 1.0
23:19:47.0456 4988  Product type: Workstation
23:19:47.0456 4988  ComputerName: PERKINS01
23:19:47.0457 4988  UserName: ssperkins14
23:19:47.0457 4988  Windows directory: C:\Windows
23:19:47.0457 4988  System windows directory: C:\Windows
23:19:47.0457 4988  Running under WOW64
23:19:47.0457 4988  Processor architecture: Intel x64
23:19:47.0457 4988  Number of processors: 2
23:19:47.0457 4988  Page size: 0x1000
23:19:47.0457 4988  Boot type: Normal boot
23:19:47.0457 4988  ============================================================
23:19:48.0680 4988  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:19:48.0707 4988  ============================================================
23:19:48.0707 4988  \Device\Harddisk0\DR0:
23:19:48.0707 4988  MBR partitions:
23:19:48.0707 4988  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x30D4800, BlocksNum 0x32000
23:19:48.0707 4988  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3106800, BlocksNum 0x3727F030
23:19:48.0707 4988  ============================================================
23:19:48.0733 4988  C: <-> \Device\Harddisk0\DR0\Partition2
23:19:48.0733 4988  ============================================================
23:19:48.0733 4988  Initialize success
23:19:48.0733 4988  ============================================================
23:20:21.0326 0368  ============================================================
23:20:21.0326 0368  Scan started
23:20:21.0326 0368  Mode: Manual; TDLFS; 
23:20:21.0326 0368  ============================================================
23:20:21.0517 0368  ================ Scan system memory ========================
23:20:21.0517 0368  System memory - ok
23:20:21.0518 0368  ================ Scan services =============================
23:20:21.0635 0368  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:20:21.0641 0368  1394ohci - ok
23:20:21.0665 0368  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:20:21.0671 0368  ACPI - ok
23:20:21.0680 0368  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:20:21.0682 0368  AcpiPmi - ok
23:20:21.0708 0368  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:20:21.0716 0368  adp94xx - ok
23:20:21.0730 0368  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:20:21.0737 0368  adpahci - ok
23:20:21.0751 0368  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:20:21.0755 0368  adpu320 - ok
23:20:21.0801 0368  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:20:21.0804 0368  AeLookupSvc - ok
23:20:21.0836 0368  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
23:20:21.0844 0368  AFD - ok
23:20:21.0864 0368  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:20:21.0867 0368  agp440 - ok
23:20:21.0884 0368  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:20:21.0886 0368  ALG - ok
23:20:21.0907 0368  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:20:21.0909 0368  aliide - ok
23:20:21.0936 0368  [ 514089CB4A7DF38DC4DD936ADE4114D3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:20:21.0940 0368  AMD External Events Utility - ok
23:20:21.0954 0368  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
23:20:21.0957 0368  amdide - ok
23:20:21.0971 0368  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:20:21.0973 0368  AmdK8 - ok
23:20:22.0171 0368  [ 9A4B92150A5E259A7159D914CC3A60D7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
23:20:22.0352 0368  amdkmdag - ok
23:20:22.0375 0368  [ 9DEB889D152F9C9DBA98BE8986084535 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
23:20:22.0383 0368  amdkmdap - ok
23:20:22.0400 0368  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:20:22.0402 0368  AmdPPM - ok
23:20:22.0437 0368  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:20:22.0440 0368  amdsata - ok
23:20:22.0464 0368  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:20:22.0468 0368  amdsbs - ok
23:20:22.0491 0368  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:20:22.0494 0368  amdxata - ok
23:20:22.0523 0368  [ 80A508D0C7A21BC13C01D4C671541203 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
23:20:22.0524 0368  amd_sata - ok
23:20:22.0540 0368  [ 2BE940F3A632A1A301B22B096BF221F1 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
23:20:22.0542 0368  amd_xata - ok
23:20:22.0559 0368  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
23:20:22.0562 0368  AppID - ok
23:20:22.0592 0368  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:20:22.0594 0368  AppIDSvc - ok
23:20:22.0618 0368  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
23:20:22.0620 0368  Appinfo - ok
23:20:22.0741 0368  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:20:22.0745 0368  Apple Mobile Device - ok
23:20:22.0788 0368  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
23:20:22.0791 0368  arc - ok
23:20:22.0817 0368  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:20:22.0820 0368  arcsas - ok
23:20:22.0860 0368  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:20:22.0862 0368  AsyncMac - ok
23:20:22.0884 0368  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
23:20:22.0885 0368  atapi - ok
23:20:22.0916 0368  [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
23:20:22.0920 0368  AtiHDAudioService - ok
23:20:22.0945 0368  [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie64.sys
23:20:22.0947 0368  AtiPcie - ok
23:20:22.0987 0368  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:20:22.0997 0368  AudioEndpointBuilder - ok
23:20:23.0014 0368  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:20:23.0021 0368  AudioSrv - ok
23:20:23.0033 0368  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:20:23.0037 0368  AxInstSV - ok
23:20:23.0063 0368  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:20:23.0072 0368  b06bdrv - ok
23:20:23.0091 0368  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:20:23.0097 0368  b57nd60a - ok
23:20:23.0125 0368  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:20:23.0128 0368  BDESVC - ok
23:20:23.0141 0368  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:20:23.0143 0368  Beep - ok
23:20:23.0172 0368  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
23:20:23.0182 0368  BFE - ok
23:20:23.0247 0368  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
23:20:23.0261 0368  BITS - ok
23:20:23.0277 0368  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
23:20:23.0279 0368  blbdrive - ok
23:20:23.0361 0368  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:20:23.0368 0368  Bonjour Service - ok
23:20:23.0385 0368  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:20:23.0388 0368  bowser - ok
23:20:23.0418 0368  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
23:20:23.0420 0368  BrFiltLo - ok
23:20:23.0429 0368  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
23:20:23.0431 0368  BrFiltUp - ok
23:20:23.0443 0368  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
23:20:23.0446 0368  BridgeMP - ok
23:20:23.0480 0368  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
23:20:23.0483 0368  Browser - ok
23:20:23.0503 0368  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:20:23.0508 0368  Brserid - ok
23:20:23.0518 0368  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:20:23.0521 0368  BrSerWdm - ok
23:20:23.0531 0368  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:20:23.0535 0368  BrUsbMdm - ok
23:20:23.0556 0368  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:20:23.0558 0368  BrUsbSer - ok
23:20:23.0569 0368  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:20:23.0574 0368  BTHMODEM - ok
23:20:23.0605 0368  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
23:20:23.0608 0368  bthserv - ok
23:20:23.0621 0368  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:20:23.0625 0368  cdfs - ok
23:20:23.0645 0368  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:20:23.0649 0368  cdrom - ok
23:20:23.0666 0368  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:20:23.0669 0368  CertPropSvc - ok
23:20:23.0689 0368  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
23:20:23.0691 0368  circlass - ok
23:20:23.0719 0368  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
23:20:23.0726 0368  CLFS - ok
23:20:23.0786 0368  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:20:23.0789 0368  clr_optimization_v2.0.50727_32 - ok
23:20:23.0815 0368  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:20:23.0818 0368  clr_optimization_v2.0.50727_64 - ok
23:20:23.0884 0368  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:20:23.0890 0368  clr_optimization_v4.0.30319_32 - ok
23:20:23.0942 0368  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:20:23.0949 0368  clr_optimization_v4.0.30319_64 - ok
23:20:23.0978 0368  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
23:20:23.0980 0368  CmBatt - ok
23:20:24.0000 0368  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:20:24.0002 0368  cmdide - ok
23:20:24.0028 0368  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
23:20:24.0036 0368  CNG - ok
23:20:24.0051 0368  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
23:20:24.0054 0368  Compbatt - ok
23:20:24.0075 0368  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
23:20:24.0077 0368  CompositeBus - ok
23:20:24.0086 0368  COMSysApp - ok
23:20:24.0108 0368  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:20:24.0110 0368  crcdisk - ok
23:20:24.0145 0368  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:20:24.0194 0368  CryptSvc - ok
23:20:24.0233 0368  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:20:24.0244 0368  DcomLaunch - ok
23:20:24.0280 0368  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
23:20:24.0286 0368  defragsvc - ok
23:20:24.0305 0368  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:20:24.0309 0368  DfsC - ok
23:20:24.0327 0368  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:20:24.0334 0368  Dhcp - ok
23:20:24.0343 0368  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
23:20:24.0344 0368  discache - ok
23:20:24.0366 0368  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
23:20:24.0368 0368  Disk - ok
23:20:24.0392 0368  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:20:24.0397 0368  Dnscache - ok
23:20:24.0422 0368  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:20:24.0428 0368  dot3svc - ok
23:20:24.0440 0368  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
23:20:24.0444 0368  DPS - ok
23:20:24.0469 0368  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:20:24.0471 0368  drmkaud - ok
23:20:24.0513 0368  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:20:24.0526 0368  DXGKrnl - ok
23:20:24.0541 0368  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
23:20:24.0545 0368  EapHost - ok
23:20:24.0621 0368  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:20:24.0684 0368  ebdrv - ok
23:20:24.0722 0368  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
23:20:24.0724 0368  EFS - ok
23:20:24.0790 0368  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:20:24.0806 0368  ehRecvr - ok
23:20:24.0823 0368  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
23:20:24.0826 0368  ehSched - ok
23:20:24.0855 0368  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:20:24.0864 0368  elxstor - ok
23:20:24.0875 0368  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:20:24.0878 0368  ErrDev - ok
23:20:24.0923 0368  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
23:20:24.0931 0368  EventSystem - ok
23:20:24.0948 0368  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
23:20:24.0953 0368  exfat - ok
23:20:24.0975 0368  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:20:24.0979 0368  fastfat - ok
23:20:25.0007 0368  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
23:20:25.0019 0368  Fax - ok
23:20:25.0038 0368  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
23:20:25.0040 0368  fdc - ok
23:20:25.0059 0368  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:20:25.0062 0368  fdPHost - ok
23:20:25.0075 0368  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:20:25.0078 0368  FDResPub - ok
23:20:25.0093 0368  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:20:25.0096 0368  FileInfo - ok
23:20:25.0109 0368  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:20:25.0111 0368  Filetrace - ok
23:20:25.0131 0368  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
23:20:25.0133 0368  flpydisk - ok
23:20:25.0156 0368  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:20:25.0162 0368  FltMgr - ok
23:20:25.0201 0368  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
23:20:25.0227 0368  FontCache - ok
23:20:25.0266 0368  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:20:25.0268 0368  FontCache3.0.0.0 - ok
23:20:25.0281 0368  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:20:25.0283 0368  FsDepends - ok
23:20:25.0306 0368  [ C2E475625F2C6F7DCDE4E920523A0573 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
23:20:25.0308 0368  fssfltr - ok
23:20:25.0387 0368  [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
23:20:25.0419 0368  fsssvc - ok
23:20:25.0439 0368  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:20:25.0441 0368  Fs_Rec - ok
23:20:25.0478 0368  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:20:25.0482 0368  fvevol - ok
23:20:25.0508 0368  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:20:25.0511 0368  gagp30kx - ok
23:20:25.0545 0368  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:20:25.0547 0368  GEARAspiWDM - ok
23:20:25.0588 0368  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
23:20:25.0600 0368  gpsvc - ok
23:20:25.0621 0368  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:20:25.0623 0368  hcw85cir - ok
23:20:25.0647 0368  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:20:25.0653 0368  HdAudAddService - ok
23:20:25.0669 0368  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
23:20:25.0671 0368  HDAudBus - ok
23:20:25.0682 0368  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
23:20:25.0684 0368  HidBatt - ok
23:20:25.0703 0368  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:20:25.0706 0368  HidBth - ok
23:20:25.0721 0368  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:20:25.0724 0368  HidIr - ok
23:20:25.0742 0368  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
23:20:25.0745 0368  hidserv - ok
23:20:25.0759 0368  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:20:25.0761 0368  HidUsb - ok
23:20:25.0773 0368  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:20:25.0777 0368  hkmsvc - ok
23:20:25.0795 0368  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:20:25.0801 0368  HomeGroupListener - ok
23:20:25.0826 0368  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:20:25.0832 0368  HomeGroupProvider - ok
23:20:25.0851 0368  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:20:25.0854 0368  HpSAMD - ok
23:20:25.0887 0368  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:20:25.0897 0368  HTTP - ok
23:20:25.0913 0368  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:20:25.0914 0368  hwpolicy - ok
23:20:25.0930 0368  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:20:25.0933 0368  i8042prt - ok
23:20:25.0976 0368  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:20:25.0983 0368  iaStorV - ok
23:20:26.0034 0368  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:20:26.0046 0368  idsvc - ok
23:20:26.0068 0368  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:20:26.0070 0368  iirsp - ok
23:20:26.0106 0368  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
23:20:26.0119 0368  IKEEXT - ok
23:20:26.0133 0368  IntcAzAudAddService - ok
23:20:26.0144 0368  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
23:20:26.0147 0368  intelide - ok
23:20:26.0166 0368  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
23:20:26.0169 0368  intelppm - ok
23:20:26.0186 0368  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:20:26.0190 0368  IPBusEnum - ok
23:20:26.0210 0368  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:20:26.0213 0368  IpFilterDriver - ok
23:20:26.0254 0368  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:20:26.0264 0368  iphlpsvc - ok
23:20:26.0274 0368  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:20:26.0279 0368  IPMIDRV - ok
23:20:26.0289 0368  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:20:26.0293 0368  IPNAT - ok
23:20:26.0384 0368  [ 0FF335D687C85097725A53458160E81E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:20:26.0400 0368  iPod Service - ok
23:20:26.0422 0368  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:20:26.0425 0368  IRENUM - ok
23:20:26.0433 0368  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:20:26.0436 0368  isapnp - ok
23:20:26.0460 0368  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
23:20:26.0466 0368  iScsiPrt - ok
23:20:26.0486 0368  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
23:20:26.0489 0368  kbdclass - ok
23:20:26.0505 0368  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
23:20:26.0507 0368  kbdhid - ok
23:20:26.0522 0368  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
23:20:26.0525 0368  KeyIso - ok
23:20:26.0553 0368  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:20:26.0555 0368  KSecDD - ok
23:20:26.0570 0368  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:20:26.0574 0368  KSecPkg - ok
23:20:26.0593 0368  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:20:26.0595 0368  ksthunk - ok
23:20:26.0625 0368  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:20:26.0633 0368  KtmRm - ok
23:20:26.0678 0368  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
23:20:26.0686 0368  LanmanServer - ok
23:20:26.0714 0368  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:20:26.0720 0368  LanmanWorkstation - ok
23:20:26.0793 0368  [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
23:20:26.0798 0368  Live Updater Service - ok
23:20:26.0816 0368  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:20:26.0818 0368  lltdio - ok
23:20:26.0844 0368  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:20:26.0851 0368  lltdsvc - ok
23:20:26.0864 0368  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:20:26.0867 0368  lmhosts - ok
23:20:26.0899 0368  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:20:26.0903 0368  LSI_FC - ok
23:20:26.0918 0368  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:20:26.0921 0368  LSI_SAS - ok
23:20:26.0939 0368  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
23:20:26.0942 0368  LSI_SAS2 - ok
23:20:26.0965 0368  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:20:26.0969 0368  LSI_SCSI - ok
23:20:26.0990 0368  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:20:26.0993 0368  luafv - ok
23:20:27.0039 0368  [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
23:20:27.0045 0368  LVRS64 - ok
23:20:27.0071 0368  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:20:27.0075 0368  Mcx2Svc - ok
23:20:27.0084 0368  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
23:20:27.0087 0368  megasas - ok
23:20:27.0100 0368  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
23:20:27.0106 0368  MegaSR - ok
23:20:27.0182 0368  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
23:20:27.0186 0368  Microsoft Office Groove Audit Service - ok
23:20:27.0211 0368  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
23:20:27.0216 0368  MMCSS - ok
23:20:27.0230 0368  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
23:20:27.0232 0368  Modem - ok
23:20:27.0244 0368  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:20:27.0246 0368  monitor - ok
23:20:27.0258 0368  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:20:27.0260 0368  mouclass - ok
23:20:27.0278 0368  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:20:27.0281 0368  mouhid - ok
23:20:27.0299 0368  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:20:27.0302 0368  mountmgr - ok
23:20:27.0352 0368  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:20:27.0355 0368  MozillaMaintenance - ok
23:20:27.0408 0368  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
23:20:27.0412 0368  MpFilter - ok
23:20:27.0437 0368  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:20:27.0441 0368  mpio - ok
23:20:27.0456 0368  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:20:27.0459 0368  mpsdrv - ok
23:20:27.0494 0368  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:20:27.0507 0368  MpsSvc - ok
23:20:27.0527 0368  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:20:27.0531 0368  MRxDAV - ok
23:20:27.0564 0368  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:20:27.0568 0368  mrxsmb - ok
23:20:27.0584 0368  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:20:27.0590 0368  mrxsmb10 - ok
23:20:27.0606 0368  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:20:27.0610 0368  mrxsmb20 - ok
23:20:27.0622 0368  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:20:27.0624 0368  msahci - ok
23:20:27.0641 0368  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:20:27.0645 0368  msdsm - ok
23:20:27.0664 0368  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
23:20:27.0669 0368  MSDTC - ok
23:20:27.0692 0368  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:20:27.0694 0368  Msfs - ok
23:20:27.0709 0368  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:20:27.0711 0368  mshidkmdf - ok
23:20:27.0724 0368  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:20:27.0726 0368  msisadrv - ok
23:20:27.0755 0368  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:20:27.0759 0368  MSiSCSI - ok
23:20:27.0768 0368  msiserver - ok
23:20:27.0788 0368  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:20:27.0791 0368  MSKSSRV - ok
23:20:27.0850 0368  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
23:20:27.0852 0368  MsMpSvc - ok
23:20:27.0873 0368  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:20:27.0876 0368  MSPCLOCK - ok
23:20:27.0888 0368  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:20:27.0891 0368  MSPQM - ok
23:20:27.0922 0368  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:20:27.0929 0368  MsRPC - ok
23:20:27.0950 0368  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
23:20:27.0951 0368  mssmbios - ok
23:20:27.0970 0368  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:20:27.0972 0368  MSTEE - ok
23:20:27.0986 0368  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
23:20:27.0988 0368  MTConfig - ok
23:20:28.0005 0368  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:20:28.0009 0368  Mup - ok
23:20:28.0047 0368  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
23:20:28.0058 0368  napagent - ok
23:20:28.0082 0368  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:20:28.0088 0368  NativeWifiP - ok
23:20:28.0138 0368  [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
23:20:28.0146 0368  NAUpdate - ok
23:20:28.0181 0368  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:20:28.0195 0368  NDIS - ok
23:20:28.0215 0368  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:20:28.0217 0368  NdisCap - ok
23:20:28.0234 0368  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:20:28.0236 0368  NdisTapi - ok
23:20:28.0256 0368  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:20:28.0258 0368  Ndisuio - ok
23:20:28.0275 0368  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:20:28.0279 0368  NdisWan - ok
23:20:28.0294 0368  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:20:28.0296 0368  NDProxy - ok
23:20:28.0311 0368  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:20:28.0314 0368  NetBIOS - ok
23:20:28.0331 0368  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:20:28.0335 0368  NetBT - ok
23:20:28.0356 0368  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
23:20:28.0359 0368  Netlogon - ok
23:20:28.0386 0368  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
23:20:28.0395 0368  Netman - ok
23:20:28.0421 0368  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
23:20:28.0430 0368  netprofm - ok
23:20:28.0451 0368  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:20:28.0454 0368  NetTcpPortSharing - ok
23:20:28.0477 0368  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:20:28.0480 0368  nfrd960 - ok
23:20:28.0520 0368  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:20:28.0523 0368  NisDrv - ok
23:20:28.0562 0368  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
23:20:28.0568 0368  NisSrv - ok
23:20:28.0608 0368  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:20:28.0615 0368  NlaSvc - ok
23:20:28.0628 0368  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:20:28.0630 0368  Npfs - ok
23:20:28.0649 0368  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
23:20:28.0653 0368  nsi - ok
23:20:28.0667 0368  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:20:28.0668 0368  nsiproxy - ok
23:20:28.0746 0368  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:20:28.0779 0368  Ntfs - ok
23:20:28.0805 0368  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
23:20:28.0807 0368  Null - ok
23:20:28.0847 0368  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:20:28.0851 0368  nvraid - ok
23:20:28.0886 0368  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:20:28.0891 0368  nvstor - ok
23:20:28.0913 0368  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:20:28.0917 0368  nv_agp - ok
23:20:28.0992 0368  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:20:29.0005 0368  odserv - ok
23:20:29.0018 0368  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:20:29.0021 0368  ohci1394 - ok
23:20:29.0057 0368  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:20:29.0060 0368  ose - ok
23:20:29.0098 0368  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:20:29.0106 0368  p2pimsvc - ok
23:20:29.0142 0368  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:20:29.0151 0368  p2psvc - ok
23:20:29.0163 0368  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
23:20:29.0167 0368  Parport - ok
23:20:29.0196 0368  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:20:29.0199 0368  partmgr - ok
23:20:29.0210 0368  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:20:29.0217 0368  PcaSvc - ok
23:20:29.0243 0368  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
23:20:29.0248 0368  pci - ok
23:20:29.0263 0368  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
23:20:29.0265 0368  pciide - ok
23:20:29.0289 0368  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:20:29.0293 0368  pcmcia - ok
23:20:29.0330 0368  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:20:29.0332 0368  pcw - ok
23:20:29.0358 0368  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:20:29.0368 0368  PEAUTH - ok
23:20:29.0453 0368  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:20:29.0456 0368  PerfHost - ok
23:20:29.0513 0368  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
23:20:29.0544 0368  pla - ok
23:20:29.0582 0368  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:20:29.0591 0368  PlugPlay - ok
23:20:29.0610 0368  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:20:29.0614 0368  PNRPAutoReg - ok
23:20:29.0632 0368  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:20:29.0638 0368  PNRPsvc - ok
23:20:29.0667 0368  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:20:29.0677 0368  PolicyAgent - ok
23:20:29.0714 0368  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
23:20:29.0720 0368  Power - ok
23:20:29.0749 0368  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:20:29.0752 0368  PptpMiniport - ok
23:20:29.0773 0368  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
23:20:29.0776 0368  Processor - ok
23:20:29.0802 0368  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:20:29.0808 0368  ProfSvc - ok
23:20:29.0822 0368  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:20:29.0825 0368  ProtectedStorage - ok
23:20:29.0842 0368  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:20:29.0845 0368  Psched - ok
23:20:29.0891 0368  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:20:29.0922 0368  ql2300 - ok
23:20:29.0939 0368  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:20:29.0943 0368  ql40xx - ok
23:20:29.0975 0368  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
23:20:29.0982 0368  QWAVE - ok
23:20:29.0999 0368  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:20:30.0001 0368  QWAVEdrv - ok
23:20:30.0017 0368  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:20:30.0019 0368  RasAcd - ok
23:20:30.0053 0368  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:20:30.0055 0368  RasAgileVpn - ok
23:20:30.0070 0368  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
23:20:30.0075 0368  RasAuto - ok
23:20:30.0095 0368  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:20:30.0099 0368  Rasl2tp - ok
23:20:30.0119 0368  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
23:20:30.0128 0368  RasMan - ok
23:20:30.0143 0368  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:20:30.0146 0368  RasPppoe - ok
23:20:30.0161 0368  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:20:30.0164 0368  RasSstp - ok
23:20:30.0188 0368  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:20:30.0194 0368  rdbss - ok
23:20:30.0219 0368  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
23:20:30.0221 0368  rdpbus - ok
23:20:30.0235 0368  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:20:30.0236 0368  RDPCDD - ok
23:20:30.0264 0368  [ BDF2DB2F19945AFAF102A2C03062EFB1 ] RDPDISPM        C:\Windows\system32\DRIVERS\rdpdispm.sys
23:20:30.0266 0368  RDPDISPM - ok
23:20:30.0278 0368  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:20:30.0280 0368  RDPENCDD - ok
23:20:30.0306 0368  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:20:30.0308 0368  RDPREFMP - ok
23:20:30.0344 0368  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:20:30.0348 0368  RDPWD - ok
23:20:30.0360 0368  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:20:30.0365 0368  rdyboost - ok
23:20:30.0415 0368  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:20:30.0419 0368  RemoteAccess - ok
23:20:30.0445 0368  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:20:30.0451 0368  RemoteRegistry - ok
23:20:30.0466 0368  [ CAF88D6573D21CD2AA27001DDBFDC74D ] RMCAST          C:\Windows\system32\DRIVERS\RMCAST.sys
23:20:30.0470 0368  RMCAST - ok
23:20:30.0485 0368  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:20:30.0490 0368  RpcEptMapper - ok
23:20:30.0515 0368  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
23:20:30.0519 0368  RpcLocator - ok
23:20:30.0542 0368  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\System32\rpcss.dll
23:20:30.0551 0368  RpcSs - ok
23:20:30.0565 0368  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:20:30.0568 0368  rspndr - ok
23:20:30.0604 0368  [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:20:30.0612 0368  RTL8167 - ok
23:20:30.0630 0368  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
23:20:30.0633 0368  SamSs - ok
23:20:30.0650 0368  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:20:30.0653 0368  sbp2port - ok
23:20:30.0679 0368  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:20:30.0686 0368  SCardSvr - ok
23:20:30.0712 0368  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:20:30.0714 0368  scfilter - ok
23:20:30.0743 0368  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
23:20:30.0761 0368  Schedule - ok
23:20:30.0783 0368  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:20:30.0785 0368  SCPolicySvc - ok
23:20:30.0804 0368  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:20:30.0810 0368  SDRSVC - ok
23:20:30.0824 0368  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:20:30.0827 0368  secdrv - ok
23:20:30.0840 0368  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
23:20:30.0844 0368  seclogon - ok
23:20:30.0861 0368  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
23:20:30.0866 0368  SENS - ok
23:20:30.0887 0368  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:20:30.0891 0368  SensrSvc - ok
23:20:30.0906 0368  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
23:20:30.0909 0368  Serenum - ok
23:20:30.0927 0368  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
23:20:30.0930 0368  Serial - ok
23:20:30.0939 0368  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:20:30.0944 0368  sermouse - ok
23:20:30.0979 0368  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:20:30.0984 0368  SessionEnv - ok
23:20:31.0006 0368  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:20:31.0009 0368  sffdisk - ok
23:20:31.0029 0368  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:20:31.0031 0368  sffp_mmc - ok
23:20:31.0040 0368  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:20:31.0042 0368  sffp_sd - ok
23:20:31.0052 0368  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
23:20:31.0054 0368  sfloppy - ok
23:20:31.0088 0368  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:20:31.0095 0368  SharedAccess - ok
23:20:31.0142 0368  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:20:31.0151 0368  ShellHWDetection - ok
23:20:31.0160 0368  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:20:31.0163 0368  SiSRaid2 - ok
23:20:31.0178 0368  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:20:31.0182 0368  SiSRaid4 - ok
23:20:31.0234 0368  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:20:31.0238 0368  SkypeUpdate - ok
23:20:31.0260 0368  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:20:31.0265 0368  Smb - ok
23:20:31.0293 0368  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:20:31.0298 0368  SNMPTRAP - ok
23:20:31.0309 0368  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:20:31.0311 0368  spldr - ok
23:20:31.0346 0368  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
23:20:31.0357 0368  Spooler - ok
23:20:31.0434 0368  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
23:20:31.0505 0368  sppsvc - ok
23:20:31.0538 0368  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:20:31.0544 0368  sppuinotify - ok
23:20:31.0577 0368  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:20:31.0586 0368  srv - ok
23:20:31.0615 0368  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:20:31.0622 0368  srv2 - ok
23:20:31.0642 0368  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:20:31.0646 0368  srvnet - ok
23:20:31.0668 0368  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:20:31.0674 0368  SSDPSRV - ok
23:20:31.0691 0368  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:20:31.0697 0368  SstpSvc - ok
23:20:31.0719 0368  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:20:31.0722 0368  stexstor - ok
23:20:31.0760 0368  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
23:20:31.0772 0368  stisvc - ok
23:20:31.0790 0368  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
23:20:31.0793 0368  swenum - ok
23:20:31.0816 0368  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
23:20:31.0827 0368  swprv - ok
23:20:31.0880 0368  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
23:20:31.0915 0368  SysMain - ok
23:20:31.0932 0368  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:20:31.0937 0368  TabletInputService - ok
23:20:31.0966 0368  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:20:31.0974 0368  TapiSrv - ok
23:20:31.0988 0368  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
23:20:31.0993 0368  TBS - ok
23:20:32.0072 0368  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:20:32.0112 0368  Tcpip - ok
23:20:32.0148 0368  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:20:32.0165 0368  TCPIP6 - ok
23:20:32.0214 0368  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:20:32.0216 0368  tcpipreg - ok
23:20:32.0238 0368  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:20:32.0240 0368  TDPIPE - ok
23:20:32.0266 0368  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:20:32.0268 0368  TDTCP - ok
23:20:32.0290 0368  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:20:32.0293 0368  tdx - ok
23:20:32.0306 0368  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
23:20:32.0309 0368  TermDD - ok
23:20:32.0344 0368  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
23:20:32.0353 0368  TermService - ok
23:20:32.0364 0368  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
23:20:32.0370 0368  Themes - ok
23:20:32.0384 0368  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
23:20:32.0387 0368  THREADORDER - ok
23:20:32.0407 0368  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
23:20:32.0412 0368  TrkWks - ok
23:20:32.0464 0368  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:20:32.0468 0368  TrustedInstaller - ok
23:20:32.0504 0368  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:20:32.0507 0368  tssecsrv - ok
23:20:32.0524 0368  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:20:32.0527 0368  TsUsbFlt - ok
23:20:32.0541 0368  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
23:20:32.0543 0368  TsUsbGD - ok
23:20:32.0564 0368  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:20:32.0568 0368  tunnel - ok
23:20:32.0588 0368  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:20:32.0590 0368  uagp35 - ok
23:20:32.0611 0368  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:20:32.0618 0368  udfs - ok
23:20:32.0659 0368  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:20:32.0663 0368  UI0Detect - ok
23:20:32.0685 0368  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:20:32.0696 0368  uliagpkx - ok
23:20:32.0717 0368  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:20:32.0719 0368  umbus - ok
23:20:32.0734 0368  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
23:20:32.0736 0368  UmPass - ok
23:20:32.0762 0368  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
23:20:32.0771 0368  upnphost - ok
23:20:32.0799 0368  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
23:20:32.0827 0368  USBAAPL64 - ok
23:20:32.0855 0368  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:20:32.0858 0368  usbaudio - ok
23:20:32.0897 0368  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:20:32.0899 0368  usbccgp - ok
23:20:32.0915 0368  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:20:32.0919 0368  usbcir - ok
23:20:32.0951 0368  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:20:32.0953 0368  usbehci - ok
23:20:32.0977 0368  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:20:32.0984 0368  usbhub - ok
23:20:33.0001 0368  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
23:20:33.0003 0368  usbohci - ok
23:20:33.0018 0368  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:20:33.0021 0368  usbprint - ok
23:20:33.0034 0368  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
23:20:33.0036 0368  usbscan - ok
23:20:33.0069 0368  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:20:33.0072 0368  USBSTOR - ok
23:20:33.0085 0368  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:20:33.0088 0368  usbuhci - ok
23:20:33.0107 0368  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
23:20:33.0111 0368  usbvideo - ok
23:20:33.0136 0368  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
23:20:33.0140 0368  UxSms - ok
23:20:33.0155 0368  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
23:20:33.0158 0368  VaultSvc - ok
23:20:33.0176 0368  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:20:33.0178 0368  vdrvroot - ok
23:20:33.0207 0368  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
23:20:33.0217 0368  vds - ok
23:20:33.0234 0368  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:20:33.0236 0368  vga - ok
23:20:33.0253 0368  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:20:33.0255 0368  VgaSave - ok
23:20:33.0280 0368  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:20:33.0285 0368  vhdmp - ok
23:20:33.0298 0368  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:20:33.0301 0368  viaide - ok
23:20:33.0316 0368  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:20:33.0319 0368  volmgr - ok
23:20:33.0340 0368  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:20:33.0346 0368  volmgrx - ok
23:20:33.0359 0368  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:20:33.0365 0368  volsnap - ok
23:20:33.0388 0368  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:20:33.0393 0368  vsmraid - ok
23:20:33.0443 0368  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
23:20:33.0487 0368  VSS - ok
23:20:33.0499 0368  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
23:20:33.0502 0368  vwifibus - ok
23:20:33.0518 0368  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
23:20:33.0527 0368  W32Time - ok
23:20:33.0549 0368  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:20:33.0552 0368  WacomPen - ok
23:20:33.0574 0368  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:20:33.0577 0368  WANARP - ok
23:20:33.0585 0368  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:20:33.0586 0368  Wanarpv6 - ok
23:20:33.0657 0368  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
23:20:33.0686 0368  WatAdminSvc - ok
23:20:33.0729 0368  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
23:20:33.0760 0368  wbengine - ok
23:20:33.0777 0368  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:20:33.0784 0368  WbioSrvc - ok
23:20:33.0798 0368  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:20:33.0808 0368  wcncsvc - ok
23:20:33.0822 0368  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:20:33.0826 0368  WcsPlugInService - ok
23:20:33.0853 0368  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
23:20:33.0856 0368  Wd - ok
23:20:33.0905 0368  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:20:33.0916 0368  Wdf01000 - ok
23:20:33.0936 0368  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:20:33.0941 0368  WdiServiceHost - ok
23:20:33.0950 0368  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:20:33.0956 0368  WdiSystemHost - ok
23:20:33.0982 0368  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
23:20:33.0990 0368  WebClient - ok
23:20:34.0012 0368  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:20:34.0019 0368  Wecsvc - ok
23:20:34.0036 0368  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:20:34.0041 0368  wercplsupport - ok
23:20:34.0058 0368  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:20:34.0063 0368  WerSvc - ok
23:20:34.0076 0368  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:20:34.0077 0368  WfpLwf - ok
23:20:34.0094 0368  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:20:34.0096 0368  WIMMount - ok
23:20:34.0127 0368  WinDefend - ok
23:20:34.0138 0368  WinHttpAutoProxySvc - ok
23:20:34.0199 0368  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:20:34.0204 0368  Winmgmt - ok
23:20:34.0253 0368  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
23:20:34.0296 0368  WinRM - ok
23:20:34.0328 0368  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:20:34.0331 0368  WinUsb - ok
23:20:34.0362 0368  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:20:34.0379 0368  Wlansvc - ok
23:20:34.0491 0368  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:20:34.0537 0368  wlidsvc - ok
23:20:34.0560 0368  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:20:34.0562 0368  WmiAcpi - ok
23:20:34.0593 0368  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:20:34.0597 0368  wmiApSrv - ok
23:20:34.0620 0368  WMPNetworkSvc - ok
23:20:34.0656 0368  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:20:34.0661 0368  WPCSvc - ok
23:20:34.0676 0368  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:20:34.0685 0368  WPDBusEnum - ok
23:20:34.0709 0368  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:20:34.0710 0368  ws2ifsl - ok
23:20:34.0731 0368  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
23:20:34.0736 0368  wscsvc - ok
23:20:34.0745 0368  WSearch - ok
23:20:34.0837 0368  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:20:34.0885 0368  wuauserv - ok
23:20:34.0926 0368  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:20:34.0928 0368  WudfPf - ok
23:20:34.0944 0368  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:20:34.0949 0368  WUDFRd - ok
23:20:34.0982 0368  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:20:34.0987 0368  wudfsvc - ok
23:20:35.0017 0368  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:20:35.0024 0368  WwanSvc - ok
23:20:35.0041 0368  ================ Scan global ===============================
23:20:35.0092 0368  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:20:35.0126 0368  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:20:35.0142 0368  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:20:35.0168 0368  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:20:35.0204 0368  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:20:35.0211 0368  [Global] - ok
23:20:35.0211 0368  ================ Scan MBR ==================================
23:20:35.0230 0368  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:20:35.0572 0368  \Device\Harddisk0\DR0 - ok
23:20:35.0573 0368  ================ Scan VBR ==================================
23:20:35.0582 0368  [ BBFBA65AE394D58C8CF7E595AF414350 ] \Device\Harddisk0\DR0\Partition1
23:20:35.0587 0368  \Device\Harddisk0\DR0\Partition1 - ok
23:20:35.0630 0368  [ ADA7787F395E7B7556BA95EA38DE8F0F ] \Device\Harddisk0\DR0\Partition2
23:20:35.0633 0368  \Device\Harddisk0\DR0\Partition2 - ok
23:20:35.0634 0368  ============================================================
23:20:35.0634 0368  Scan finished
23:20:35.0634 0368  ============================================================
23:20:35.0660 4076  Detected object count: 0
23:20:35.0660 4076  Actual detected object count: 0
23:21:02.0303 2696  Deinitialize success
 

 

NASvc.exe"# AdwCleaner v2.303 - Logfile created 06/29/2013 at 23:22:32
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : ssperkins14 - PERKINS01
# Boot Mode : Normal
# Running from : C:\Users\ssperkins14\Downloads\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
 
***** [Registry] *****
 
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16490
 
[OK] Registry is clean.
 
-\\ Mozilla Firefox v20.0.1 (en-US)
 
File : C:\Users\ssperkins14\AppData\Roaming\Mozilla\Firefox\Profiles\zow58kqv.default\prefs.js
 
[OK] File is clean.
 
File : C:\Users\the girls\AppData\Roaming\Mozilla\Firefox\Profiles\h6xmtz0n.default\prefs.js
 
[OK] File is clean.
 
-\\ Google Chrome v27.0.1453.116
 
File : C:\Users\ssperkins14\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
Found [l.2172] : homepage = "hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=40c90064-1822-429e-9341-2f6a9f2cca91&searchtype=hp",
 
*************************
 
AdwCleaner[R2].txt - [1086 octets] - [29/06/2013 23:22:32]
 
########## EOF - C:\AdwCleaner[R2].txt - [1146 octets] ##########
The eset online scanner is taking a long time.  I'll post that info once it's finished.
Sherry
 

 



#4 ssperkins14

ssperkins14
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fayetteville, GA
  • Local time:02:32 PM

Posted 30 June 2013 - 07:16 PM

Here is the report from eset online scanner:

 

C:\OEM\Preload\Autorun\APP\Nero 10 Essentials Acer Edition\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask.A application cleaned by deleting - quarantined


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:32 PM

Posted 30 June 2013 - 10:02 PM

How recently did you last run ComboFix?

Do you have an Antivirus?

This is outdated and exploitable by Malware, Uninstall thru Control Panel
Java 7 Update 7 (Version: 7.0.70)

Reboot and install.... Version 7 Update 25


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 ssperkins14

ssperkins14
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fayetteville, GA
  • Local time:02:32 PM

Posted 01 July 2013 - 10:57 AM

It's been quite some time since I ran ComboFix.  Microsoft Security Essentials is the main one. At one time I used Anti Super Spyware and CCCleaner.



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:32 PM

Posted 01 July 2013 - 08:17 PM

Ok it may be a buried rootkit or File corruption, from the errors listed.
 
I think you should repost your first ost with the Minitoolbox log and a DDS log from this guide.. Do steps 6,7 and 8.
 
To determine what it is we should get a deeper look. Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users