Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need advice - I've removed 0Access from my system, but now what?


  • This topic is locked This topic is locked
15 replies to this topic

#1 LTLeaf

LTLeaf

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:12:29 PM

Posted 18 July 2013 - 05:25 AM

Hi! :-)  
 
I would very much like some advice from those more experienced than I, on what I should do now with my system. I was infected about... 3 weeks ago. Have been struggling with getting things back to normal since then.  I *think* all the malware is gone from my system, but the damage isn't, and I would like to avoid reinfection in future. 
 
- I'm running Windows 7, 32 bit.
 
Please bear with me, as I try to organize/condense the past few weeks of painful experience into some readable form. :-) Sorry... an outline format was the best I could manage. (It's much less convoluted than writing out the whole story in prose form...)
 
1) Approx. Jun 28 - I think? - Initial infection occurred, and after a while I became suspicious... 
  • Peerblock started blocking apparently random outgoing connection attempts.
  • So, I attempted to scan with MSE (Security Essentials). But it threw an error for some reason. 
  • Scanned with MBAM instead - twice, once in Safe mode. No threats found.
  • Scanned with TDSSKiller. One suspicious file (forged) - MpFilter.sys. Wasn't sure what to do about that, or what it meant.
 
2) Jul 3 - Realized something was *really* wrong; found & removed two threats, 
  • Googling revealed that the above signs are probable symptoms of a trojan infection - so I immediately disconnected from the net! Yeah, I know, it was a bit late....
  • Uninstalled MSE by hand (including deleting the suspicious MpFilter.sys). In Safe Mode, I downloaded a clean copy & manual updates
  • Installed MSE & the new definitions; ran a scan, which found these items:

TrojanDropper:Win32/Sirefef.gen!D

file:C:\Users\Leaf\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\6a9a982d-4800170a
Exploit:Java/CVE-2012-1723
containerfile:C:\Users\Leaf\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\6a9a982d-42e30033
file:C:\Users\Leaf\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\6a9a982d-42e30033->site/Avi.class
file:C:\Users\Leaf\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\6a9a982d-42e30033->site/Bamba.class
file:C:\Users\Leaf\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\6a9a982d-42e30033->site/Bwow.class
file:C:\Users\Leaf\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\6a9a982d-42e30033->site/color/Roganda.class
file:C:\Users\Leaf\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\6a9a982d-42e30033->site/color/XXX2.class
file:C:\Users\Leaf\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\6a9a982d-42e30033->site/Rembrand.class
 
3) I began working to repair the damage caused by infection... 
  • Updated Java and Flash first thing; used JavaRa to remove old versions of Java
  • Attempted repairs on damaged files; successfully got MSE, the BFE service, and Windows Firewall to work again
  • Tried many potential fixes on Windows Update; none worked. At all. Ever. :-(
  • SFC /scannow is now damaged & always fails with the message "Windows Resource Protection could not perform the requested operation."
  • CheckSUR (check system update readiness) always fails, too. 
  • Windows Defender isn't working either.
 
4) Jul 13 - Still had some suspicions... after a while finally found the hidden trojans.
  • I noticed that Peerblock was still blocking random outgoing connection attempts.
  • All attempts to repair Windows Update over ten days had failed.
  •  MSE had only removed a "trojan dropper"... but not a trojan? So what was still hiding?
  • I did some more Google searching; found ESET and ran it. Found 4 adware results, nothing else.
  • Some malware removal thread led me to Malwarebytes Anti-Rootkit beta, which I hadn't known about before. 
  • I downloaded MBAR, updated, and scanned. It found and removed 15 0Access trojans. O_O...
 
5) Today - Now, here's the current situation on my system... 
  • All those outgoing blocked connections in Peerblock are gone. However...
  • Peerblock still blocks a number of incoming connections while connected to the Internet. 
  • Windows Update still won't work; though the error has changed from 80096001, to 80073712.
  • My external hard drive was probably connected at the time of infection; is it possibly compromised? I've scanned it with MBAM, and MSE, and they didn't complain. 
  • Format/reinstall is sounding like my best option, after being infected by the 0Access rootkit trojan. Would that be a good idea?
  • No, I don't have a recent full-system backup image, or an uninfected restore point.
 
6) For the future - So, assuming I do a complete format/reinstall of the OS, will the system then be safe? And can I prevent reinfection? My main questions are:
  • After formatting/reinstalling Windows, will all those incoming connection attempts to the computer still happen? Or will the system be safe from that?
  • Can I be sure my external hard drive is safe to keep using?
  • Which firewall would you recommend?
  • If I take the following steps to avoid reinfection, will this be good enough - or is there more I should do?

To stay clean, I plan to:

- Never use or keep old versions of Java/Flash (& always update them from their own sites, not from any random popup prompt). 

- Keep a firewall running (and Peerblock too, is that ok?)

- Use some browser like Chrome, Firefox, or Opera, where I can disable plugins from loading automatically

- Only connect to the net from a standard user account, not administrator, & never give random plugins permission for anything

- Of course, keep my data safely backed up & create system restore points and images fairly frequently

- Keep antivirus constantly updated, & sometimes run scans from other antiviruses such as MBAM and ESET online scanner

 
Phew, I'm finally done. How was my exposition? I hope it is readable enough. ;-)
 
Thanks very much, in advance, for any and all advice! I'll be glad to have help with this; it's certainly been quite stressful to try to resolve issues and come up with answers on my own. So thanks :-)


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:29 PM

Posted 18 July 2013 - 12:51 PM

Lets take a look at these and see ,,,,

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Last....

Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by boopme, 18 July 2013 - 12:52 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 LTLeaf

LTLeaf
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:12:29 PM

Posted 18 July 2013 - 07:42 PM

Thanks for the reply! :-) 
I have just finished running all 5 scans, and here are the logs as requested. (No log from ESET)
 
Rkill 2.5.6 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 07/18/2013 01:23:37 PM in x86 mode.
Windows Version: Windows 7 Home Premium 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!
 
  * HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!
 
 
Performing miscellaneous checks:
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 07/18/2013 01:24:53 PM
Execution time: 0 hours(s), 1 minute(s), and 15 seconds(s)
 
 
MiniToolBox by Farbar  Version: 13-07-2013
Run by Leaf (administrator) on 18-07-2013 at 13:18:49
Running from "C:\Users\Leaf\Desktop"
Microsoft Windows 7 Home Premium   (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Linksys AE2500 = Wireless Network Connection 3 (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Atheros AR5007EG Wireless Network Adapter = My Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 6 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
add address name="Wireless Network Connection 2" address=192.168.137.1
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : LTLeaf
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection 6:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #3
   Physical Address. . . . . . . . . : 20-AA-4B-F7-07-8D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection 3:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Linksys AE2500
   Physical Address. . . . . . . . . : 20-AA-4B-F7-07-8D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8900:be3a:183f:9db3%18(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.2.101(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, July 18, 2013 1:01:33 PM
   Lease Expires . . . . . . . . . . : Friday, July 19, 2013 1:01:33 PM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 388016715
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-A1-54-73-00-1E-33-B6-CB-B5
   DNS Servers . . . . . . . . . . . : 67.142.163.10
                                       67.142.163.11
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter My Wireless Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter
   Physical Address. . . . . . . . . : 00-24-D2-67-BA-1C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 00-1E-33-B6-CB-B5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{23F9BC22-9B90-4A6B-A01C-3FDA91C2D34C}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:28e2:fa07:51df:4da7(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::28e2:fa07:51df:4da7%21(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter 6TO4 Adapter:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  host671420010163.direcway.com
Address:  67.142.163.10
 
Name:    google.com
Addresses:  74.125.239.46
 74.125.239.32
 74.125.239.33
 74.125.239.34
 74.125.239.35
 74.125.239.36
 74.125.239.37
 74.125.239.38
 
 
Pinging google.com [74.125.239.46] with 32 bytes of data:
Reply from 74.125.239.46: bytes=32 time=949ms TTL=50
Reply from 74.125.239.46: bytes=32 time=930ms TTL=50
 
Ping statistics for 74.125.239.46:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 930ms, Maximum = 949ms, Average = 939ms
Server:  host671420010163.direcway.com
Address:  67.142.163.10
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=822ms TTL=42
Reply from 98.139.183.24: bytes=32 time=1071ms TTL=41
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 822ms, Maximum = 1071ms, Average = 946ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 19...20 aa 4b f7 07 8d ......Microsoft Virtual WiFi Miniport Adapter #3
 18...20 aa 4b f7 07 8d ......Linksys AE2500
 12...00 24 d2 67 ba 1c ......Atheros AR5007EG Wireless Network Adapter
 11...00 1e 33 b6 cb b5 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 21...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1    192.168.2.101     40
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.2.0    255.255.255.0         On-link     192.168.2.101    296
    192.168.2.101  255.255.255.255         On-link     192.168.2.101    296
    192.168.2.255  255.255.255.255         On-link     192.168.2.101    296
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.2.101    296
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.2.101    296
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 21     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 21     58 2001::/32                On-link
 21    306 2001:0:9d38:6ab8:28e2:fa07:51df:4da7/128
                                    On-link
 18    296 fe80::/64                On-link
 21    306 fe80::/64                On-link
 21    306 fe80::28e2:fa07:51df:4da7/128
                                    On-link
 18    296 fe80::8900:be3a:183f:9db3/128
                                    On-link
  1    306 ff00::/8                 On-link
 21    306 ff00::/8                 On-link
 18    296 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
 
Catalog5 02 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
 
Catalog5 03 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 47 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 48 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 49 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 50 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 51 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 52 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/18/2013 00:42:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (07/18/2013 00:41:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (07/18/2013 00:40:46 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (07/18/2013 00:40:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (07/18/2013 00:39:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (07/18/2013 00:39:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (07/18/2013 00:39:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (07/18/2013 00:39:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (07/18/2013 00:39:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (07/18/2013 00:38:46 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
 
System errors:
=============
Error: (07/18/2013 01:02:02 PM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
 
Error: (07/18/2013 01:01:26 PM) (Source: Service Control Manager) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error: 
%%1058
 
Error: (07/18/2013 01:01:26 PM) (Source: Service Control Manager) (User: )
Description: The Net.Pipe Listener Adapter service depends the following service: was. This service might not be installed.
 
Error: (07/18/2013 01:01:26 PM) (Source: Service Control Manager) (User: )
Description: The Net.Msmq Listener Adapter service depends the following service: msmq. This service might not be installed.
 
Error: (07/18/2013 01:01:22 PM) (Source: Service Control Manager) (User: )
Description: Detected circular dependencies auto-starting services. Check the service dependency tree.
 
Error: (07/18/2013 01:01:22 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Network Inspection System service depends on a service in a group which starts later. Change the order in the service dependency tree to ensure that all services required to start this service are starting before this service is started.
 
Error: (07/18/2013 00:55:01 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service failed to start due to the following error: 
%%1053
 
Error: (07/18/2013 00:55:00 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
 
Error: (07/18/2013 00:53:54 PM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
 
Error: (07/18/2013 00:52:31 PM) (Source: Service Control Manager) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error: 
%%1058
 
 
Microsoft Office Sessions:
=========================
Error: (11/29/2010 02:41:37 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 51783 seconds with 180 seconds of active time.  This session ended with a crash.
 
Error: (11/28/2010 00:17:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 133779 seconds with 1620 seconds of active time.  This session ended with a crash.
 
Error: (11/26/2010 05:16:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 58541 seconds with 180 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-03-17 13:11:16.699
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\bbLean\plugins\bbLeanSkin\bbLeanSkinEng.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-17 13:11:16.605
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\bbLean\plugins\bbLeanSkin\bbLeanSkinEng.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-17 13:11:16.498
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\bbLean\plugins\bbLeanSkin\bbLeanSkinEng.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-17 13:11:16.389
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\bbLean\plugins\bbLeanSkin\bbLeanSkinEng.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-17 13:11:16.295
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\bbLean\plugins\bbLeanSkin\bbLeanSkinEng.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-17 13:11:16.203
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\bbLean\plugins\bbLeanSkin\bbLeanSkinEng.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-17 13:11:12.337
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\bbLean\plugins\bbLeanSkin\bbLeanSkinEng.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-17 13:11:12.209
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\bbLean\plugins\bbLeanSkin\bbLeanSkinEng.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-17 13:11:12.066
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\bbLean\plugins\bbLeanSkin\bbLeanSkinEng.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-17 13:11:11.907
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\bbLean\plugins\bbLeanSkin\bbLeanSkinEng.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
32 Bit HP CIO Components Installer (Version: 6.1.2)
ActiveState Komodo Edit 5.2.4 (Version: 5.2.4)
Adobe Photoshop Elements 7.0 (Version: 7.0)
Adobe Photoshop Elements 7.0 (Version: 7.0.0.3)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
Amazon Kindle
Amazon MP3 Downloader 1.0.15 (Version: 1.0.15)
Amazon Unbox Video (Version: 2.2.0.153)
Any Game Starter 3 Version 2.6 (Version: 2.6)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.3.10 (Unicode)
AviSynth 2.5
AVStoDVD 2.6.0 (Version: 2.6.0)
Batch Update (Version: 3.0)
Bonjour (Version: 3.0.0.10)
CamStudio Lossless Codec
CamStudio OSS Desktop Recorder (Version: 2.6 Beta r294)
CCleaner (Version: 3.22)
Celtx (2.9) (Version: 2.9 (en-US))
Color Efex Pro 3.0 Wacom Edition 3 (Version: 3.0.0.1)
Common System Files (Version: 3.0)
Corel Painter Essentials 4 (Version: 4.2)
CPUID CPU-Z 1.62.0
D3DX10 (Version: 15.4.2368.0902)
DVD Shrink 3.2
DVDStyler v2.1
EOS USB WIA Driver (Version: 6.0.1.5)
ESET Online Scanner v3
ffdshow v1.2.4422 [2012-04-09] (Version: 1.2.4422.0)
FileZilla Client 3.6.0.2 (Version: 3.6.0.2)
Free Download Manager 3.9.2
Freemake Video Downloader (Version: 3.5.1)
GIMP 2.6.10 (Version: 2.6.10)
GnuWin32: File-5.03 (Version: 5.03)
Google Advertising Cookie Opt-out (Version: 1.0.1.0)
Google Chrome (Version: 28.0.1500.71)
Google Chrome Frame (Version: 28.0.1500.71)
Google Gmail Notifier
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
Graphical Query Editor (Version: 3.0)
GTK+ 2.10.13 runtime environment
Haali Media Splitter
IETester v0.4.10 (remove only) (Version: 0.4.10)
ImgBurn (Version: 2.5.6.0)
iTunes (Version: 11.0.2.26)
Java 7 Update 25 (Version: 7.0.250)
Kudos 2 Patcher 1.0-1.01
LAME v3.98.3 for Audacity
Libronix Digital Library System
Libronix Digital Library System (Version: 3.0)
Libronix DLS Application (Version: 3.0)
Libronix DLS Shortcuts (Version: 3.0)
LibronixUpdate (Version: 3.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Age of Empires II
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Ultimate 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft Visual C# 2010 Express - ENU (Version: 10.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Movie Maker (Version: 16.4.3505.0912)
Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Notepad++ (Version: 6.2.2)
NVIDIA Photoshop Plug-ins (Version: 1.00.000)
OEB Resource Driver (Version: 3.0)
Opera 11.50 (Version: 11.50.1074)
Paint.NET v3.5.5 (Version: 3.55.0)
PDF Resource Driver (Version: 3.0)
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
Photo Gallery (Version: 16.4.3505.0912)
Picasa 3 (Version: 3.9)
QuickTime (Version: 7.0.4)
RE: Alistair++ 1 (Version: 1)
Realtek High Definition Audio Driver (Version: 6.0.1.5904)
Revo Uninstaller 1.95 (Version: 1.95)
Secunia PSI (3.0.0.7009) (Version: 3.0.0.7009)
Spybot - Search & Destroy (Version: 2.0.12)
Subtitle Edit 3.2.3 (Version: 3.2.3)
Synaptics Pointing Device Driver (Version: 11.2.4.0)
System Requirements Lab CYRI (Version: 4.5.1.0)
The Proxomitron Ver. Naoko-4.5
Tweak UI
Tweaking.com - Windows Repair (All in One) (Version: 1.9.14)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
VLC media player 2.1.0-pre1-20130604-0018 (Version: 2.1.0-pre1-20130604-0018)
WD Drive Manager (x86) (Version: 2.115)
WD Security (Version: 1.0.0)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR archiver
WOT for Internet Explorer (Version: 12.8.2.0)
Zip Motion Block Video codec (Remove Only)
ZoneAlarm Firewall (Version: 11.0.768.000)
ZoneAlarm Free Firewall (Version: 11.0.768.000)
ZoneAlarm Security (Version: 11.0.768.000)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 33%
Total physical RAM: 2940 MB
Available physical RAM: 1964.98 MB
Total Pagefile: 7348.28 MB
Available Pagefile: 6216.85 MB
Total Virtual: 3071.88 MB
Available Virtual: 2961.35 MB
 
========================= Partitions: =====================================
 
1 Drive c: © (Fixed) (Total:148.95 GB) (Free:13.24 GB) NTFS
3 Drive e: (LEXAR MEDIA) (Removable) (Total:1.87 GB) (Free:0.01 GB) FAT
 
========================= Users: ========================================
 
User accounts for \\LTLEAF
 
Administrator            Guest                    Leaf                    
 
 
**** End of log ****
 
 
13:26:24.0367 1192  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
13:26:26.0370 1192  ============================================================
13:26:26.0370 1192  Current date / time: 2013/07/18 13:26:26.0370
13:26:26.0370 1192  SystemInfo:
13:26:26.0370 1192  
13:26:26.0370 1192  OS Version: 6.1.7600 ServicePack: 0.0
13:26:26.0370 1192  Product type: Workstation
13:26:26.0370 1192  ComputerName: LTLEAF
13:26:26.0370 1192  UserName: Leaf
13:26:26.0370 1192  Windows directory: C:\Windows
13:26:26.0370 1192  System windows directory: C:\Windows
13:26:26.0370 1192  Processor architecture: Intel x86
13:26:26.0370 1192  Number of processors: 1
13:26:26.0370 1192  Page size: 0x1000
13:26:26.0370 1192  Boot type: Normal boot
13:26:26.0370 1192  ============================================================
13:26:43.0669 1192  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:26:43.0775 1192  Drive \Device\Harddisk1\DR1 - Size: 0x77700000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:26:43.0776 1192  ============================================================
13:26:43.0776 1192  \Device\Harddisk0\DR0:
13:26:43.0776 1192  MBR partitions:
13:26:43.0776 1192  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:26:43.0776 1192  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6800
13:26:43.0776 1192  \Device\Harddisk1\DR1:
13:26:43.0777 1192  MBR partitions:
13:26:43.0777 1192  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x81, BlocksNum 0x3BB77F
13:26:43.0777 1192  ============================================================
13:26:43.0784 1192  C: <-> \Device\Harddisk0\DR0\Partition2
13:26:43.0784 1192  ============================================================
13:26:43.0784 1192  Initialize success
13:26:43.0784 1192  ============================================================
13:28:04.0908 4460  ============================================================
13:28:04.0908 4460  Scan started
13:28:04.0908 4460  Mode: Manual; TDLFS; 
13:28:04.0908 4460  ============================================================
13:28:05.0432 4460  ================ Scan system memory ========================
13:28:05.0432 4460  System memory - ok
13:28:05.0435 4460  ================ Scan services =============================
13:28:05.0617 4460  [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:28:05.0637 4460  1394ohci - ok
13:28:05.0695 4460  [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
13:28:05.0698 4460  ACPI - ok
13:28:05.0724 4460  [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
13:28:05.0739 4460  AcpiPmi - ok
13:28:05.0875 4460  [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
13:28:05.0878 4460  AdobeActiveFileMonitor7.0 - ok
13:28:05.0990 4460  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:28:05.0991 4460  AdobeARMservice - ok
13:28:06.0042 4460  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
13:28:06.0064 4460  adp94xx - ok
13:28:06.0090 4460  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
13:28:06.0096 4460  adpahci - ok
13:28:06.0145 4460  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
13:28:06.0148 4460  adpu320 - ok
13:28:06.0333 4460  [ 96A0FF09E226B023DC6ACA253AACEE2E ] ADVService      C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
13:28:06.0378 4460  ADVService - ok
13:28:06.0427 4460  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:28:06.0486 4460  AeLookupSvc - ok
13:28:06.0562 4460  [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD             C:\Windows\system32\drivers\afd.sys
13:28:06.0564 4460  AFD - ok
13:28:06.0631 4460  [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
13:28:06.0708 4460  AgereSoftModem - ok
13:28:06.0730 4460  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
13:28:06.0731 4460  agp440 - ok
13:28:06.0770 4460  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
13:28:06.0772 4460  aic78xx - ok
13:28:06.0844 4460  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
13:28:06.0872 4460  ALG - ok
13:28:06.0896 4460  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
13:28:06.0899 4460  aliide - ok
13:28:06.0915 4460  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\DRIVERS\amdagp.sys
13:28:06.0917 4460  amdagp - ok
13:28:06.0928 4460  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
13:28:06.0929 4460  amdide - ok
13:28:06.0956 4460  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:28:06.0985 4460  AmdK8 - ok
13:28:07.0006 4460  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:28:07.0034 4460  AmdPPM - ok
13:28:07.0046 4460  [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
13:28:07.0049 4460  amdsata - ok
13:28:07.0063 4460  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:28:07.0066 4460  amdsbs - ok
13:28:07.0093 4460  [ B81C2B5616F6420A9941EA093A92B150 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
13:28:07.0093 4460  amdxata - ok
13:28:07.0306 4460  [ FB32F046A2578755FA0DA5052C6A9CD3 ] Apache2.2       C:\xampp\apache\bin\httpd.exe
13:28:07.0324 4460  Apache2.2 - ok
13:28:07.0344 4460  [ FEB834C02CE1E84B6A38F953CA067706 ] AppID           C:\Windows\system32\drivers\appid.sys
13:28:07.0407 4460  AppID - ok
13:28:07.0447 4460  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:28:07.0472 4460  AppIDSvc - ok
13:28:07.0504 4460  [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo         C:\Windows\System32\appinfo.dll
13:28:07.0522 4460  Appinfo - ok
13:28:07.0615 4460  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:28:07.0617 4460  Apple Mobile Device - ok
13:28:07.0657 4460  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
13:28:07.0659 4460  arc - ok
13:28:07.0684 4460  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:28:07.0686 4460  arcsas - ok
13:28:07.0836 4460  [ 2FE0D5DB69014980A970D3BF9A85D2B1 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:28:07.0838 4460  aspnet_state - ok
13:28:07.0867 4460  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:28:07.0868 4460  AsyncMac - ok
13:28:07.0888 4460  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
13:28:07.0889 4460  atapi - ok
13:28:07.0975 4460  [ AC4ADAC154563AB41CC79B0257BC685A ] athr            C:\Windows\system32\DRIVERS\athr.sys
13:28:08.0030 4460  athr - ok
13:28:08.0083 4460  [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:28:08.0127 4460  AudioEndpointBuilder - ok
13:28:08.0149 4460  [ 510C873BFA135AA829F4180352772734 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
13:28:08.0154 4460  Audiosrv - ok
13:28:08.0183 4460  [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:28:08.0213 4460  AxInstSV - ok
13:28:08.0265 4460  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
13:28:08.0332 4460  b06bdrv - ok
13:28:08.0382 4460  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
13:28:08.0449 4460  b57nd60x - ok
13:28:08.0495 4460  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:28:08.0518 4460  BDESVC - ok
13:28:08.0537 4460  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:28:08.0538 4460  Beep - ok
13:28:08.0602 4460  [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE             C:\Windows\System32\bfe.dll
13:28:08.0657 4460  BFE - ok
13:28:08.0708 4460  [ 53F476476F55A27F580661BDE09C4EC4 ] BITS            C:\Windows\System32\qmgr.dll
13:28:08.0714 4460  BITS - ok
13:28:08.0744 4460  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:28:08.0775 4460  blbdrive - ok
13:28:08.0863 4460  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:28:08.0886 4460  Bonjour Service - ok
13:28:08.0953 4460  [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:28:08.0993 4460  bowser - ok
13:28:09.0019 4460  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:28:09.0034 4460  BrFiltLo - ok
13:28:09.0053 4460  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:28:09.0063 4460  BrFiltUp - ok
13:28:09.0085 4460  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
13:28:09.0086 4460  BridgeMP - ok
13:28:09.0151 4460  [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser         C:\Windows\System32\browser.dll
13:28:09.0152 4460  Browser - ok
13:28:09.0177 4460  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:28:09.0220 4460  Brserid - ok
13:28:09.0257 4460  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:28:09.0311 4460  BrSerWdm - ok
13:28:09.0337 4460  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:28:09.0351 4460  BrUsbMdm - ok
13:28:09.0373 4460  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:28:09.0388 4460  BrUsbSer - ok
13:28:09.0530 4460  [ 8E4204330FD4890E61C762955B22BEC2 ] BstHdAndroidSvc C:\Program Files\BlueStacks\HD-Service.exe
13:28:09.0563 4460  BstHdAndroidSvc - ok
13:28:09.0636 4460  [ 9841EE36808A3E6BB650AA513E48532C ] BstHdDrv        C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys
13:28:09.0670 4460  BstHdDrv - ok
13:28:09.0732 4460  [ 222501D38D101A3E088A5E9009F6FFB1 ] BstHdLogRotatorSvc C:\Program Files\BlueStacks\HD-LogRotatorService.exe
13:28:09.0756 4460  BstHdLogRotatorSvc - ok
13:28:09.0779 4460  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:28:09.0816 4460  BTHMODEM - ok
13:28:09.0872 4460  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
13:28:09.0894 4460  bthserv - ok
13:28:09.0921 4460  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:28:09.0922 4460  cdfs - ok
13:28:09.0975 4460  [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:28:09.0976 4460  cdrom - ok
13:28:10.0011 4460  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:28:10.0057 4460  CertPropSvc - ok
13:28:10.0081 4460  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:28:10.0108 4460  circlass - ok
13:28:10.0140 4460  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
13:28:10.0144 4460  CLFS - ok
13:28:10.0211 4460  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:28:10.0213 4460  clr_optimization_v2.0.50727_32 - ok
13:28:10.0295 4460  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:28:10.0296 4460  clr_optimization_v4.0.30319_32 - ok
13:28:10.0330 4460  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:28:10.0331 4460  CmBatt - ok
13:28:10.0349 4460  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
13:28:10.0350 4460  cmdide - ok
13:28:10.0403 4460  [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:28:10.0409 4460  CNG - ok
13:28:10.0445 4460  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:28:10.0446 4460  Compbatt - ok
13:28:10.0478 4460  [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:28:10.0502 4460  CompositeBus - ok
13:28:10.0532 4460  COMSysApp - ok
13:28:10.0574 4460  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
13:28:10.0575 4460  crcdisk - ok
13:28:10.0631 4460  [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:28:10.0633 4460  CryptSvc - ok
13:28:10.0689 4460  [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:28:10.0694 4460  DcomLaunch - ok
13:28:10.0747 4460  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:28:10.0774 4460  defragsvc - ok
13:28:10.0848 4460  [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:28:10.0930 4460  DfsC - ok
13:28:10.0979 4460  [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:28:10.0984 4460  Dhcp - ok
13:28:11.0002 4460  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
13:28:11.0028 4460  discache - ok
13:28:11.0077 4460  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:28:11.0078 4460  Disk - ok
13:28:11.0136 4460  [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:28:11.0161 4460  Dnscache - ok
13:28:11.0185 4460  [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:28:11.0211 4460  dot3svc - ok
13:28:11.0285 4460  [ B5E479EB83707DD698F66953E922042C ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
13:28:11.0305 4460  Dot4 - ok
13:28:11.0376 4460  [ C25FEA07A8E7767E8B89AB96A3B96519 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:28:11.0406 4460  Dot4Print - ok
13:28:11.0458 4460  [ CF491FF38D62143203C065260567E2F7 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
13:28:11.0482 4460  dot4usb - ok
13:28:11.0513 4460  [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS             C:\Windows\system32\dps.dll
13:28:11.0536 4460  DPS - ok
13:28:11.0572 4460  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:28:11.0573 4460  drmkaud - ok
13:28:11.0603 4460  [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:28:11.0605 4460  dtsoftbus01 - ok
13:28:11.0669 4460  [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:28:11.0674 4460  DXGKrnl - ok
13:28:11.0703 4460  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
13:28:11.0726 4460  EapHost - ok
13:28:11.0848 4460  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
13:28:11.0971 4460  ebdrv - ok
13:28:12.0029 4460  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS             C:\Windows\System32\lsass.exe
13:28:12.0031 4460  EFS - ok
13:28:12.0091 4460  [ 3A74A6E33685662B125A3269B1F2114F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:28:12.0130 4460  ehRecvr - ok
13:28:12.0147 4460  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
13:28:12.0177 4460  ehSched - ok
13:28:12.0214 4460  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
13:28:12.0237 4460  elxstor - ok
13:28:12.0321 4460  [ 539CA34FBC74EC366A0D751028C32A08 ] epmntdrv        C:\Windows\system32\epmntdrv.sys
13:28:12.0346 4460  epmntdrv - ok
13:28:12.0371 4460  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
13:28:12.0384 4460  ErrDev - ok
13:28:12.0437 4460  [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv        C:\Windows\system32\EuGdiDrv.sys
13:28:12.0455 4460  EuGdiDrv - ok
13:28:12.0497 4460  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
13:28:12.0499 4460  EventSystem - ok
13:28:12.0525 4460  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
13:28:12.0552 4460  exfat - ok
13:28:12.0588 4460  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:28:12.0591 4460  fastfat - ok
13:28:12.0642 4460  [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax             C:\Windows\system32\fxssvc.exe
13:28:12.0728 4460  Fax - ok
13:28:12.0765 4460  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:28:12.0766 4460  fdc - ok
13:28:12.0786 4460  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
13:28:12.0804 4460  fdPHost - ok
13:28:12.0827 4460  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
13:28:12.0850 4460  FDResPub - ok
13:28:12.0865 4460  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:28:12.0866 4460  FileInfo - ok
13:28:12.0883 4460  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:28:12.0906 4460  Filetrace - ok
13:28:12.0978 4460  [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:28:13.0012 4460  FLEXnet Licensing Service - ok
13:28:13.0042 4460  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:28:13.0042 4460  flpydisk - ok
13:28:13.0071 4460  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:28:13.0073 4460  FltMgr - ok
13:28:13.0147 4460  [ 7FE4995528A7529A761875151EE3D512 ] FontCache       C:\Windows\system32\FntCache.dll
13:28:13.0213 4460  FontCache - ok
13:28:13.0283 4460  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:28:13.0285 4460  FontCache3.0.0.0 - ok
13:28:13.0429 4460  [ 46532E80E18BB25D3B568DA10A160653 ] FreemakeVideoCapture C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
13:28:13.0447 4460  FreemakeVideoCapture - ok
13:28:13.0485 4460  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:28:13.0486 4460  FsDepends - ok
13:28:13.0555 4460  [ 2ED0BABD4CD98ED820FD0D0BCBE96721 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
13:28:13.0557 4460  fssfltr - ok
13:28:13.0654 4460  [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
13:28:13.0700 4460  fsssvc - ok
13:28:13.0760 4460  [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:28:13.0761 4460  Fs_Rec - ok
13:28:13.0836 4460  [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:28:13.0840 4460  fvevol - ok
13:28:13.0891 4460  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:28:13.0892 4460  gagp30kx - ok
13:28:13.0969 4460  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:28:13.0970 4460  GEARAspiWDM - ok
13:28:14.0034 4460  [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc           C:\Windows\System32\gpsvc.dll
13:28:14.0100 4460  gpsvc - ok
13:28:14.0280 4460  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
13:28:14.0283 4460  gupdate - ok
13:28:14.0315 4460  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
13:28:14.0317 4460  gupdatem - ok
13:28:14.0406 4460  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:28:14.0408 4460  gusvc - ok
13:28:14.0446 4460  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:28:14.0466 4460  hcw85cir - ok
13:28:14.0549 4460  [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:28:14.0604 4460  HdAudAddService - ok
13:28:14.0649 4460  [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:28:14.0663 4460  HDAudBus - ok
13:28:14.0680 4460  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
13:28:14.0716 4460  HidBatt - ok
13:28:14.0743 4460  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:28:14.0765 4460  HidBth - ok
13:28:14.0794 4460  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:28:14.0821 4460  HidIr - ok
13:28:14.0868 4460  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
13:28:14.0894 4460  hidserv - ok
13:28:14.0933 4460  [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:28:14.0934 4460  HidUsb - ok
13:28:14.0960 4460  [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:28:14.0987 4460  hkmsvc - ok
13:28:15.0006 4460  [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:28:15.0037 4460  HomeGroupListener - ok
13:28:15.0073 4460  [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:28:15.0099 4460  HomeGroupProvider - ok
13:28:15.0276 4460  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
13:28:15.0278 4460  HpSAMD - ok
13:28:15.0353 4460  [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:28:15.0357 4460  HTTP - ok
13:28:15.0383 4460  [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:28:15.0384 4460  hwpolicy - ok
13:28:15.0426 4460  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:28:15.0427 4460  i8042prt - ok
13:28:15.0484 4460  [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
13:28:15.0490 4460  iaStorV - ok
13:28:15.0544 4460  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:28:15.0600 4460  IDriverT - ok
13:28:15.0662 4460  [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:28:15.0743 4460  idsvc - ok
13:28:15.0977 4460  [ DCE0B53570703CCE580D066F89EF58CD ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
13:28:16.0288 4460  igfx - ok
13:28:16.0331 4460  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
13:28:16.0332 4460  iirsp - ok
13:28:16.0385 4460  [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT          C:\Windows\System32\ikeext.dll
13:28:16.0451 4460  IKEEXT - ok
13:28:16.0575 4460  [ E4A2E810CB2607C9C159C0DFB0BD4C88 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
13:28:16.0594 4460  IntcAzAudAddService - ok
13:28:16.0634 4460  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
13:28:16.0635 4460  intelide - ok
13:28:16.0677 4460  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:28:16.0678 4460  intelppm - ok
13:28:16.0709 4460  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:28:16.0731 4460  IPBusEnum - ok
13:28:16.0760 4460  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:28:16.0761 4460  IpFilterDriver - ok
13:28:16.0809 4460  [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:28:16.0854 4460  iphlpsvc - ok
13:28:16.0912 4460  [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:28:16.0969 4460  IPMIDRV - ok
13:28:17.0009 4460  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:28:17.0010 4460  IPNAT - ok
13:28:17.0079 4460  [ E46B17060D3962A384AE484094614788 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:28:17.0083 4460  iPod Service - ok
13:28:17.0119 4460  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:28:17.0120 4460  IRENUM - ok
13:28:17.0143 4460  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
13:28:17.0144 4460  isapnp - ok
13:28:17.0176 4460  [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:28:17.0179 4460  iScsiPrt - ok
13:28:17.0214 4460  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:28:17.0215 4460  kbdclass - ok
13:28:17.0243 4460  [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:28:17.0273 4460  kbdhid - ok
13:28:17.0299 4460  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso          C:\Windows\system32\lsass.exe
13:28:17.0301 4460  KeyIso - ok
13:28:17.0357 4460  [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:28:17.0358 4460  KSecDD - ok
13:28:17.0376 4460  [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:28:17.0378 4460  KSecPkg - ok
13:28:17.0413 4460  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:28:17.0458 4460  KtmRm - ok
13:28:17.0512 4460  [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:28:17.0539 4460  LanmanServer - ok
13:28:17.0577 4460  [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:28:17.0602 4460  LanmanWorkstation - ok
13:28:17.0693 4460  [ A6E0D6305D1125AEAFD279AE60FEB07B ] Linksys_adapter_H C:\Windows\system32\DRIVERS\AE2500w7.sys
13:28:17.0700 4460  Linksys_adapter_H - ok
13:28:17.0733 4460  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:28:17.0764 4460  lltdio - ok
13:28:17.0787 4460  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:28:17.0812 4460  lltdsvc - ok
13:28:17.0828 4460  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:28:17.0830 4460  lmhosts - ok
13:28:17.0861 4460  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:28:17.0863 4460  LSI_FC - ok
13:28:17.0885 4460  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
13:28:17.0887 4460  LSI_SAS - ok
13:28:17.0910 4460  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:28:17.0912 4460  LSI_SAS2 - ok
13:28:17.0931 4460  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:28:17.0934 4460  LSI_SCSI - ok
13:28:17.0959 4460  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
13:28:18.0001 4460  luafv - ok
13:28:18.0082 4460  LWGENESC - ok
13:28:18.0163 4460  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:28:18.0164 4460  MBAMProtector - ok
13:28:18.0279 4460  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:28:18.0282 4460  MBAMScheduler - ok
13:28:18.0335 4460  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:28:18.0340 4460  MBAMService - ok
13:28:18.0375 4460  [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:28:18.0397 4460  Mcx2Svc - ok
13:28:18.0435 4460  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
13:28:18.0437 4460  megasas - ok
13:28:18.0473 4460  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:28:18.0478 4460  MegaSR - ok
13:28:18.0508 4460  MFE_RR - ok
13:28:18.0649 4460  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
13:28:18.0651 4460  Microsoft Office Groove Audit Service - ok
13:28:18.0684 4460  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
13:28:18.0690 4460  MMCSS - ok
13:28:18.0705 4460  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
13:28:18.0707 4460  Modem - ok
13:28:18.0736 4460  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:28:18.0757 4460  monitor - ok
13:28:18.0780 4460  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:28:18.0781 4460  mouclass - ok
13:28:18.0824 4460  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:28:18.0825 4460  mouhid - ok
13:28:18.0845 4460  [ 921C18727C5920D6C0300736646931C2 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:28:18.0846 4460  mountmgr - ok
13:28:18.0988 4460  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:28:18.0991 4460  MozillaMaintenance - ok
13:28:19.0069 4460  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
13:28:19.0073 4460  MpFilter - ok
13:28:19.0095 4460  [ 2AF5997438C55FB79D33D015C30E1974 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
13:28:19.0098 4460  mpio - ok
13:28:19.0311 4460  [ A69630D039C38018689190234F866D77 ] MpKsla2487727   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BF5A3448-21D1-4062-A424-798E5709782B}\MpKsla2487727.sys
13:28:19.0311 4460  MpKsla2487727 - ok
13:28:19.0393 4460  [ F32E2D6A1640A469A9ED4F1929A4A861 ] MpNWMon         C:\Windows\system32\DRIVERS\MpNWMon.sys
13:28:19.0395 4460  MpNWMon - ok
13:28:19.0420 4460  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:28:19.0463 4460  mpsdrv - ok
13:28:19.0518 4460  [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:28:19.0573 4460  MpsSvc - ok
13:28:19.0596 4460  [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:28:19.0597 4460  MRxDAV - ok
13:28:19.0654 4460  [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:28:19.0655 4460  mrxsmb - ok
13:28:19.0711 4460  [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:28:19.0741 4460  mrxsmb10 - ok
13:28:19.0790 4460  [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:28:19.0840 4460  mrxsmb20 - ok
13:28:19.0865 4460  [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
13:28:19.0866 4460  msahci - ok
13:28:19.0885 4460  [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
13:28:19.0888 4460  msdsm - ok
13:28:19.0910 4460  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
13:28:19.0990 4460  MSDTC - ok
13:28:20.0029 4460  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:28:20.0029 4460  Msfs - ok
13:28:20.0055 4460  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:28:20.0065 4460  mshidkmdf - ok
13:28:20.0081 4460  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
13:28:20.0082 4460  msisadrv - ok
13:28:20.0125 4460  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:28:20.0159 4460  MSiSCSI - ok
13:28:20.0171 4460  msiserver - ok
13:28:20.0210 4460  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:28:20.0211 4460  MSKSSRV - ok
13:28:20.0326 4460  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:28:20.0327 4460  MsMpSvc - ok
13:28:20.0498 4460  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:28:20.0499 4460  MSPCLOCK - ok
13:28:20.0636 4460  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:28:20.0637 4460  MSPQM - ok
13:28:20.0675 4460  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:28:20.0678 4460  MsRPC - ok
13:28:20.0701 4460  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:28:20.0701 4460  mssmbios - ok
13:28:20.0732 4460  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:28:20.0745 4460  MSTEE - ok
13:28:20.0755 4460  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:28:20.0788 4460  MTConfig - ok
13:28:20.0819 4460  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:28:20.0820 4460  Mup - ok
13:28:21.0199 4460  [ 21EEF976D53A0BCB603ABFF4AB6E4C88 ] MySQL           C:\xampp\mysql\bin\mysqld.exe
13:28:23.0193 4460  MySQL - ok
13:28:23.0229 4460  [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent        C:\Windows\system32\qagentRT.dll
13:28:23.0261 4460  napagent - ok
13:28:23.0314 4460  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:28:23.0336 4460  NativeWifiP - ok
13:28:23.0366 4460  [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:28:23.0370 4460  NDIS - ok
13:28:23.0393 4460  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:28:23.0410 4460  NdisCap - ok
13:28:23.0442 4460  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:28:23.0442 4460  NdisTapi - ok
13:28:23.0463 4460  [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:28:23.0464 4460  Ndisuio - ok
13:28:23.0487 4460  [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:28:23.0490 4460  NdisWan - ok
13:28:23.0542 4460  [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:28:23.0543 4460  NDProxy - ok
13:28:23.0629 4460  [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:28:23.0655 4460  Net Driver HPZ12 - ok
13:28:23.0683 4460  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:28:23.0685 4460  NetBIOS - ok
13:28:23.0716 4460  [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:28:23.0718 4460  NetBT - ok
13:28:23.0735 4460  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon        C:\Windows\system32\lsass.exe
13:28:23.0737 4460  Netlogon - ok
13:28:23.0788 4460  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
13:28:23.0792 4460  Netman - ok
13:28:23.0851 4460  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:28:23.0855 4460  NetMsmqActivator - ok
13:28:23.0866 4460  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:28:23.0867 4460  NetPipeActivator - ok
13:28:23.0894 4460  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
13:28:23.0944 4460  netprofm - ok
13:28:24.0025 4460  [ 27EE4B406E2F26F6117A9A420BD4CB65 ] netr28u         C:\Windows\system32\DRIVERS\netr28u.sys
13:28:24.0069 4460  netr28u - ok
13:28:24.0152 4460  [ 76B1157EF850830C5ECE61D3E591CA8B ] netr73          C:\Windows\system32\DRIVERS\netr73.sys
13:28:24.0196 4460  netr73 - ok
13:28:24.0207 4460  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:28:24.0209 4460  NetTcpActivator - ok
13:28:24.0220 4460  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:28:24.0222 4460  NetTcpPortSharing - ok
13:28:24.0273 4460  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
13:28:24.0274 4460  nfrd960 - ok
13:28:24.0332 4460  [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:28:24.0333 4460  NisDrv - ok
13:28:24.0401 4460  [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
13:28:24.0404 4460  NisSrv - ok
13:28:24.0437 4460  [ 2226496E34BD40734946A054B1CD657F ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:28:24.0467 4460  NlaSvc - ok
13:28:24.0490 4460  NLBS - ok
13:28:24.0523 4460  [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] npf             C:\Windows\system32\drivers\npf.sys
13:28:24.0524 4460  npf - ok
13:28:24.0544 4460  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:28:24.0545 4460  Npfs - ok
13:28:24.0573 4460  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
13:28:24.0592 4460  nsi - ok
13:28:24.0628 4460  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:28:24.0665 4460  nsiproxy - ok
13:28:24.0747 4460  [ A8F59428E9F361C7AC42A94AC1560BC9 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:28:24.0755 4460  Ntfs - ok
13:28:24.0782 4460  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
13:28:24.0782 4460  Null - ok
13:28:24.0805 4460  [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
13:28:24.0808 4460  nvraid - ok
13:28:24.0833 4460  [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
13:28:24.0836 4460  nvstor - ok
13:28:24.0860 4460  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
13:28:24.0863 4460  nv_agp - ok
13:28:24.0963 4460  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:28:24.0970 4460  odserv - ok
13:28:25.0032 4460  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
13:28:25.0062 4460  ohci1394 - ok
13:28:25.0132 4460  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:28:25.0135 4460  ose - ok
13:28:25.0185 4460  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:28:25.0215 4460  p2pimsvc - ok
13:28:25.0261 4460  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:28:25.0294 4460  p2psvc - ok
13:28:25.0343 4460  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:28:25.0344 4460  Parport - ok
13:28:25.0405 4460  [ 66D3415C159741ADE7038A277EFFF99F ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:28:25.0406 4460  partmgr - ok
13:28:25.0427 4460  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
13:28:25.0428 4460  Parvdm - ok
13:28:25.0458 4460  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:28:25.0509 4460  PcaSvc - ok
13:28:25.0545 4460  [ C858CB77C577780ECC456A892E7E7D0F ] pci             C:\Windows\system32\DRIVERS\pci.sys
13:28:25.0546 4460  pci - ok
13:28:25.0566 4460  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
13:28:25.0568 4460  pciide - ok
13:28:25.0595 4460  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:28:25.0596 4460  pcmcia - ok
13:28:25.0622 4460  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
13:28:25.0623 4460  pcw - ok
13:28:25.0651 4460  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:28:25.0740 4460  PEAUTH - ok
13:28:25.0818 4460  [ 9C1BFF7910C89A1D12E57343475840CB ] pla             C:\Windows\system32\pla.dll
13:28:25.0917 4460  pla - ok
13:28:25.0979 4460  [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:28:25.0984 4460  PlugPlay - ok
13:28:26.0057 4460  [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:28:26.0084 4460  Pml Driver HPZ12 - ok
13:28:26.0105 4460  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:28:26.0126 4460  PNRPAutoReg - ok
13:28:26.0152 4460  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:28:26.0156 4460  PNRPsvc - ok
13:28:26.0186 4460  [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:28:26.0191 4460  PolicyAgent - ok
13:28:26.0230 4460  [ DBFF83F709A91049621C1D35DD45C92C ] Power           C:\Windows\system32\umpo.dll
13:28:26.0281 4460  Power - ok
13:28:26.0339 4460  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:28:26.0340 4460  PptpMiniport - ok
13:28:26.0395 4460  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:28:26.0396 4460  Processor - ok
13:28:26.0513 4460  [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc         C:\Windows\system32\profsvc.dll
13:28:26.0516 4460  ProfSvc - ok
13:28:26.0570 4460  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:28:26.0572 4460  ProtectedStorage - ok
13:28:26.0592 4460  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:28:26.0635 4460  Psched - ok
13:28:26.0697 4460  [ 68B57D7C11277EA89F78255480376B4D ] PSI             C:\Windows\system32\DRIVERS\psi_mf_x86.sys
13:28:26.0718 4460  PSI - ok
13:28:26.0773 4460  [ D86B4A68565E444D76457F14172C875A ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
13:28:26.0779 4460  PxHelp20 - ok
13:28:26.0827 4460  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:28:26.0872 4460  ql2300 - ok
13:28:26.0911 4460  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:28:26.0914 4460  ql40xx - ok
13:28:26.0947 4460  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
13:28:26.0979 4460  QWAVE - ok
13:28:26.0998 4460  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:28:27.0024 4460  QWAVEdrv - ok
13:28:27.0048 4460  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:28:27.0049 4460  RasAcd - ok
13:28:27.0093 4460  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:28:27.0126 4460  RasAgileVpn - ok
13:28:27.0151 4460  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
13:28:27.0174 4460  RasAuto - ok
13:28:27.0198 4460  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:28:27.0199 4460  Rasl2tp - ok
13:28:27.0237 4460  [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan          C:\Windows\System32\rasmans.dll
13:28:27.0265 4460  RasMan - ok
13:28:27.0289 4460  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:28:27.0290 4460  RasPppoe - ok
13:28:27.0310 4460  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:28:27.0350 4460  RasSstp - ok
13:28:27.0378 4460  [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:28:27.0380 4460  rdbss - ok
13:28:27.0411 4460  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:28:27.0429 4460  rdpbus - ok
13:28:27.0448 4460  [ 1E016846895B15A99F9A176A05029075 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:28:27.0448 4460  RDPCDD - ok
13:28:27.0478 4460  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:28:27.0490 4460  RDPENCDD - ok
13:28:27.0510 4460  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:28:27.0541 4460  RDPREFMP - ok
13:28:27.0590 4460  [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:28:27.0592 4460  RDPWD - ok
13:28:27.0635 4460  [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:28:27.0638 4460  rdyboost - ok
13:28:27.0669 4460  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:28:27.0690 4460  RemoteAccess - ok
13:28:27.0719 4460  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:28:27.0722 4460  RemoteRegistry - ok
13:28:27.0753 4460  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:28:27.0775 4460  RpcEptMapper - ok
13:28:27.0811 4460  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
13:28:27.0838 4460  RpcLocator - ok
13:28:27.0861 4460  [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs           C:\Windows\system32\rpcss.dll
13:28:27.0866 4460  RpcSs - ok
13:28:27.0904 4460  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:28:27.0940 4460  rspndr - ok
13:28:28.0018 4460  [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
13:28:28.0021 4460  RTL8167 - ok
13:28:28.0046 4460  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs           C:\Windows\system32\lsass.exe
13:28:28.0048 4460  SamSs - ok
13:28:28.0094 4460  [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
13:28:28.0097 4460  sbp2port - ok
13:28:28.0127 4460  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:28:28.0166 4460  SCardSvr - ok
13:28:28.0182 4460  [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:28:28.0203 4460  scfilter - ok
13:28:28.0280 4460  [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule        C:\Windows\system32\schedsvc.dll
13:28:28.0287 4460  Schedule - ok
13:28:28.0329 4460  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:28:28.0330 4460  SCPolicySvc - ok
13:28:28.0360 4460  [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:28:28.0389 4460  SDRSVC - ok
13:28:28.0581 4460  [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
13:28:28.0628 4460  SDScannerService - ok
13:28:28.0833 4460  [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
13:28:28.0842 4460  SDUpdateService - ok
13:28:28.0864 4460  [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
13:28:28.0866 4460  SDWSCService - ok
13:28:28.0901 4460  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:28:28.0921 4460  secdrv - ok
13:28:28.0956 4460  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
13:28:28.0977 4460  seclogon - ok
13:28:29.0149 4460  [ 86C9FD4982D0BEAEDF0C8BBF02AA148B ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
13:28:29.0274 4460  Secunia PSI Agent - ok
13:28:29.0379 4460  [ 808E07BBD5C68BEB844F46F164F8509E ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
13:28:29.0538 4460  Secunia Update Agent - ok
13:28:29.0594 4460  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
13:28:29.0597 4460  SENS - ok
13:28:29.0629 4460  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:28:29.0650 4460  SensrSvc - ok
13:28:29.0668 4460  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:28:29.0668 4460  Serenum - ok
13:28:29.0702 4460  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:28:29.0703 4460  Serial - ok
13:28:29.0723 4460  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:28:29.0740 4460  sermouse - ok
13:28:29.0782 4460  [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv      C:\Windows\system32\sessenv.dll
13:28:29.0808 4460  SessionEnv - ok
13:28:29.0854 4460  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
13:28:29.0855 4460  sffdisk - ok
13:28:29.0922 4460  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:28:29.0936 4460  sffp_mmc - ok
13:28:29.0989 4460  [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
13:28:29.0989 4460  sffp_sd - ok
13:28:30.0012 4460  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:28:30.0013 4460  sfloppy - ok
13:28:30.0058 4460  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:28:30.0113 4460  SharedAccess - ok
13:28:30.0149 4460  [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:28:30.0154 4460  ShellHWDetection - ok
13:28:30.0182 4460  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\DRIVERS\sisagp.sys
13:28:30.0183 4460  sisagp - ok
13:28:30.0216 4460  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:28:30.0218 4460  SiSRaid2 - ok
13:28:30.0262 4460  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:28:30.0266 4460  SiSRaid4 - ok
13:28:30.0299 4460  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:28:30.0360 4460  Smb - ok
13:28:30.0415 4460  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:28:30.0441 4460  SNMPTRAP - ok
13:28:30.0457 4460  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:28:30.0457 4460  spldr - ok
13:28:30.0524 4460  [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler         C:\Windows\System32\spoolsv.exe
13:28:30.0528 4460  Spooler - ok
13:28:30.0631 4460  [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc          C:\Windows\system32\sppsvc.exe
13:28:30.0654 4460  sppsvc - ok
13:28:30.0674 4460  [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:28:30.0710 4460  sppuinotify - ok
13:28:30.0772 4460  [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:28:30.0775 4460  srv - ok
13:28:30.0834 4460  [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:28:30.0889 4460  srv2 - ok
13:28:30.0942 4460  [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:28:30.0964 4460  srvnet - ok
13:28:30.0989 4460  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:28:30.0993 4460  SSDPSRV - ok
13:28:31.0029 4460  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:28:31.0051 4460  SstpSvc - ok
13:28:31.0086 4460  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:28:31.0087 4460  stexstor - ok
13:28:31.0139 4460  [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc          C:\Windows\System32\wiaservc.dll
13:28:31.0146 4460  StiSvc - ok
13:28:31.0169 4460  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:28:31.0170 4460  swenum - ok
13:28:31.0206 4460  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
13:28:31.0242 4460  swprv - ok
13:28:31.0310 4460  [ 70534D1E4F9AC990536D5FB5B550B3DE ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
13:28:31.0312 4460  SynTP - ok
13:28:31.0373 4460  [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain         C:\Windows\system32\sysmain.dll
13:28:31.0446 4460  SysMain - ok
13:28:31.0469 4460  [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:28:31.0494 4460  TabletInputService - ok
13:28:31.0664 4460  [ 099AEE120CAC4A43CE307A828998392F ] TabletServicePen C:\Windows\system32\Pen_Tablet.exe
13:28:31.0780 4460  TabletServicePen - ok
13:28:31.0816 4460  [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:28:31.0821 4460  TapiSrv - ok
13:28:31.0840 4460  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
13:28:31.0862 4460  TBS - ok
13:28:31.0967 4460  [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:28:31.0976 4460  Tcpip - ok
13:28:32.0034 4460  [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:28:32.0042 4460  TCPIP6 - ok
13:28:32.0080 4460  [ E64444523ADD154F86567C469BC0B17F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:28:32.0104 4460  tcpipreg - ok
13:28:32.0128 4460  [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:28:32.0129 4460  TDPIPE - ok
13:28:32.0184 4460  [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:28:32.0184 4460  TDTCP - ok
13:28:32.0214 4460  [ CB39E896A2A83702D1737BFD402B3542 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:28:32.0215 4460  tdx - ok
13:28:32.0238 4460  [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:28:32.0239 4460  TermDD - ok
13:28:32.0281 4460  [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService     C:\Windows\System32\termsrv.dll
13:28:32.0287 4460  TermService - ok
13:28:32.0311 4460  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
13:28:32.0334 4460  Themes - ok
13:28:32.0354 4460  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
13:28:32.0357 4460  THREADORDER - ok
13:28:32.0389 4460  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
13:28:32.0413 4460  TrkWks - ok
13:28:32.0526 4460  TrueSight - ok
13:28:32.0658 4460  [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:28:32.0708 4460  TrustedInstaller - ok
13:28:32.0734 4460  [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:28:32.0755 4460  tssecsrv - ok
13:28:32.0809 4460  [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:28:32.0829 4460  tunnel - ok
13:28:32.0874 4460  [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
13:28:32.0875 4460  TVALZ - ok
13:28:32.0896 4460  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:28:32.0899 4460  uagp35 - ok
13:28:32.0929 4460  [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:28:32.0931 4460  udfs - ok
13:28:32.0972 4460  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:28:32.0993 4460  UI0Detect - ok
13:28:33.0013 4460  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
13:28:33.0014 4460  uliagpkx - ok
13:28:33.0048 4460  [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:28:33.0076 4460  umbus - ok
13:28:33.0102 4460  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:28:33.0115 4460  UmPass - ok
13:28:33.0148 4460  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
13:28:33.0152 4460  upnphost - ok
13:28:33.0188 4460  [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:28:33.0189 4460  usbccgp - ok
13:28:33.0217 4460  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
13:28:33.0232 4460  usbcir - ok
13:28:33.0254 4460  [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:28:33.0255 4460  usbehci - ok
13:28:33.0299 4460  [ EE6EF93CCFA94FAE8C6AB298273D8AE2 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:28:33.0302 4460  usbhub - ok
13:28:33.0327 4460  [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:28:33.0346 4460  usbohci - ok
13:28:33.0377 4460  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:28:33.0400 4460  usbprint - ok
13:28:33.0457 4460  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:28:33.0482 4460  usbscan - ok
13:28:33.0504 4460  [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:28:33.0505 4460  USBSTOR - ok
13:28:33.0525 4460  [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:28:33.0526 4460  usbuhci - ok
13:28:33.0548 4460  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
13:28:33.0569 4460  UxSms - ok
13:28:33.0592 4460  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc        C:\Windows\system32\lsass.exe
13:28:33.0594 4460  VaultSvc - ok
13:28:33.0628 4460  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
13:28:33.0629 4460  vdrvroot - ok
13:28:33.0660 4460  [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds             C:\Windows\System32\vds.exe
13:28:33.0703 4460  vds - ok
13:28:33.0732 4460  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:28:33.0752 4460  vga - ok
13:28:33.0775 4460  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:28:33.0776 4460  VgaSave - ok
13:28:33.0800 4460  [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
13:28:33.0826 4460  vhdmp - ok
13:28:33.0859 4460  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\DRIVERS\viaagp.sys
13:28:33.0860 4460  viaagp - ok
13:28:33.0875 4460  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
13:28:33.0909 4460  ViaC7 - ok
13:28:33.0932 4460  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
13:28:33.0933 4460  viaide - ok
13:28:33.0961 4460  [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
13:28:33.0962 4460  volmgr - ok
13:28:33.0990 4460  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:28:33.0995 4460  volmgrx - ok
13:28:34.0058 4460  [ 59F06B4968E58BC83DFC56CA4517960E ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:28:34.0060 4460  volsnap - ok
13:28:34.0142 4460  [ AA8A49F3AA4D31ECF4A46AC0E6CDD2DF ] Vsdatant        C:\Windows\system32\DRIVERS\vsdatant.sys
13:28:34.0146 4460  Vsdatant - ok
13:28:34.0290 4460  vsmon - ok
13:28:34.0338 4460  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
13:28:34.0341 4460  vsmraid - ok
13:28:34.0399 4460  [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS             C:\Windows\system32\vssvc.exe
13:28:34.0447 4460  VSS - ok
13:28:34.0474 4460  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:28:34.0492 4460  vwifibus - ok
13:28:34.0548 4460  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:28:34.0578 4460  vwififlt - ok
13:28:34.0620 4460  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:28:34.0636 4460  vwifimp - ok
13:28:34.0677 4460  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
13:28:34.0682 4460  W32Time - ok
13:28:34.0736 4460  [ 8724531219AE3F9E3729012B61DCE527 ] wacmoumonitor   C:\Windows\system32\DRIVERS\wacmoumonitor.sys
13:28:34.0738 4460  wacmoumonitor - ok
13:28:34.0806 4460  [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
13:28:34.0807 4460  wacommousefilter - ok
13:28:34.0840 4460  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:28:34.0873 4460  WacomPen - ok
13:28:34.0884 4460  [ 51D580F30D1A1F2EA4965AF6ABC2BCB2 ] wacomvhid       C:\Windows\system32\DRIVERS\wacomvhid.sys
13:28:34.0885 4460  wacomvhid - ok
13:28:34.0958 4460  [ 6D95CB7CEFE61B62472076187277EDF6 ] WacomVTHid      C:\Windows\system32\DRIVERS\WacomVTHid.sys
13:28:34.0959 4460  WacomVTHid - ok
13:28:34.0997 4460  [ 692A712062146E96D28BA0B7D75DE31B ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:28:34.0998 4460  WANARP - ok
13:28:35.0007 4460  [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:28:35.0009 4460  Wanarpv6 - ok
13:28:35.0103 4460  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:28:35.0149 4460  WatAdminSvc - ok
13:28:35.0213 4460  [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine        C:\Windows\system32\wbengine.exe
13:28:35.0312 4460  wbengine - ok
13:28:35.0346 4460  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:28:35.0373 4460  WbioSrvc - ok
13:28:35.0433 4460  [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:28:35.0478 4460  wcncsvc - ok
13:28:35.0501 4460  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:28:35.0525 4460  WcsPlugInService - ok
13:28:35.0552 4460  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:28:35.0553 4460  Wd - ok
13:28:35.0638 4460  [ 949B71704FD641F3CC058F498BBA6E3B ] WDBtnMgrSvc.exe C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
13:28:35.0666 4460  WDBtnMgrSvc.exe - ok
13:28:35.0729 4460  [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
13:28:35.0744 4460  WDC_SAM - ok
13:28:35.0808 4460  [ D76BE728B9AC2EAF719F87A26F21CFB6 ] WDDriveService  C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
13:28:35.0866 4460  WDDriveService - ok
13:28:35.0927 4460  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:28:35.0957 4460  Wdf01000 - ok
13:28:35.0973 4460  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:28:35.0977 4460  WdiServiceHost - ok
13:28:35.0987 4460  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:28:35.0991 4460  WdiSystemHost - ok
13:28:36.0047 4460  [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient       C:\Windows\System32\webclnt.dll
13:28:36.0075 4460  WebClient - ok
13:28:36.0115 4460  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:28:36.0158 4460  Wecsvc - ok
13:28:36.0185 4460  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:28:36.0228 4460  wercplsupport - ok
13:28:36.0270 4460  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:28:36.0293 4460  WerSvc - ok
13:28:36.0328 4460  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:28:36.0342 4460  WfpLwf - ok
13:28:36.0363 4460  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:28:36.0364 4460  WIMMount - ok
13:28:36.0437 4460  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
13:28:36.0510 4460  WinDefend - ok
13:28:36.0529 4460  WinHttpAutoProxySvc - ok
13:28:36.0589 4460  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:28:36.0617 4460  Winmgmt - ok
13:28:36.0715 4460  [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0  C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys
13:28:36.0732 4460  WinRing0_1_2_0 - ok
13:28:36.0783 4460  [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:28:36.0850 4460  WinRM - ok
13:28:36.0929 4460  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:28:36.0960 4460  WinUsb - ok
13:28:37.0012 4460  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:28:37.0034 4460  Wlansvc - ok
13:28:37.0195 4460  [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:28:37.0237 4460  wlidsvc - ok
13:28:37.0282 4460  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:28:37.0296 4460  WmiAcpi - ok
13:28:37.0336 4460  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:28:37.0370 4460  wmiApSrv - ok
13:28:37.0470 4460  [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
13:28:37.0478 4460  WMPNetworkSvc - ok
13:28:37.0508 4460  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:28:37.0527 4460  WPCSvc - ok
13:28:37.0544 4460  [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:28:37.0571 4460  WPDBusEnum - ok
13:28:37.0586 4460  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:28:37.0587 4460  ws2ifsl - ok
13:28:37.0627 4460  [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(1) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
13:28:37.0664 4460  WsAudio_DeviceS(1) - ok
13:28:37.0714 4460  [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(2) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
13:28:37.0734 4460  WsAudio_DeviceS(2) - ok
13:28:37.0754 4460  [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(3) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
13:28:37.0775 4460  WsAudio_DeviceS(3) - ok
13:28:37.0789 4460  [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(4) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
13:28:37.0809 4460  WsAudio_DeviceS(4) - ok
13:28:37.0824 4460  [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(5) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
13:28:37.0844 4460  WsAudio_DeviceS(5) - ok
13:28:37.0901 4460  [ A661A76333057B383A06E65F0073222F ] wscsvc          C:\Windows\system32\wscsvc.dll
13:28:37.0904 4460  wscsvc - ok
13:28:37.0915 4460  WSearch - ok
13:28:38.0014 4460  [ 77A3988CF9B5848BCBC9FB6A79508A56 ] WTouchService   C:\Program Files\WTouch\WTouchService.exe
13:28:38.0064 4460  WTouchService - ok
13:28:38.0207 4460  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
13:28:38.0260 4460  wuauserv - ok
13:28:38.0309 4460  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:28:38.0347 4460  WudfPf - ok
13:28:38.0381 4460  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:28:38.0401 4460  WUDFRd - ok
13:28:38.0462 4460  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:28:38.0487 4460  wudfsvc - ok
13:28:38.0529 4460  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:28:38.0557 4460  WwanSvc - ok
13:28:38.0602 4460  XDva344 - ok
13:28:38.0634 4460  XDva365 - ok
13:28:38.0652 4460  XDva375 - ok
13:28:38.0668 4460  XDva385 - ok
13:28:38.0762 4460  [ EBD35BDCE49B94EB247213610094F399 ] ZAPrivacyService C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
13:28:38.0763 4460  ZAPrivacyService - ok
13:28:38.0825 4460  ================ Scan global ===============================
13:28:38.0854 4460  [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
13:28:38.0930 4460  [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
13:28:38.0969 4460  [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
13:28:39.0001 4460  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
13:28:39.0037 4460  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
13:28:39.0041 4460  [Global] - ok
13:28:39.0045 4460  ================ Scan MBR ==================================
13:28:39.0060 4460  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:28:39.0332 4460  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:28:39.0332 4460  \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:28:39.0342 4460  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
13:28:39.0482 4460  \Device\Harddisk1\DR1 - ok
13:28:39.0485 4460  ================ Scan VBR ==================================
13:28:39.0490 4460  [ C07F85CC63088C166C49F69ADF842BD3 ] \Device\Harddisk0\DR0\Partition1
13:28:39.0491 4460  \Device\Harddisk0\DR0\Partition1 - ok
13:28:39.0537 4460  [ 59BAFBD8641B23C28CDEDC2A06194323 ] \Device\Harddisk0\DR0\Partition2
13:28:39.0538 4460  \Device\Harddisk0\DR0\Partition2 - ok
13:28:39.0547 4460  [ 706726832E67D646FC59C8CEFB1D4E22 ] \Device\Harddisk1\DR1\Partition1
13:28:39.0548 4460  \Device\Harddisk1\DR1\Partition1 - ok
13:28:39.0552 4460  ============================================================
13:28:39.0552 4460  Scan finished
13:28:39.0552 4460  ============================================================
13:28:39.0567 5660  Detected object count: 1
13:28:39.0567 5660  Actual detected object count: 1
13:29:03.0256 5660  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:29:03.0256 5660  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 
13:30:43.0130 4720  Deinitialize success

 

 
 
# AdwCleaner v2.305 - Logfile created 07/18/2013 at 13:31:47
# Updated 11/07/2013 by Xplode
# Operating system : Windows 7 Home Premium  (32 bits)
# User : Leaf - LTLEAF
# Boot Mode : Normal
# Running from : C:\Users\Leaf\Desktop\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
 
***** [Registry] *****
 
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16476
 
[OK] Registry is clean.
 
-\\ Mozilla Firefox v22.0 (en-US)
 
File : C:\Users\Leaf\AppData\Roaming\Mozilla\Firefox\Profiles\mdvfwd6v.default\prefs.js
 
[OK] File is clean.
 
-\\ Google Chrome v28.0.1500.71
 
File : C:\Users\Leaf\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
-\\ Opera v11.50.1074.0
 
File : C:\Users\Leaf\AppData\Roaming\Opera\Opera\operaprefs.ini
 
[OK] File is clean.
 
*************************
 
AdwCleaner[S2].txt - [910 octets] - [18/07/2013 13:31:47]
 
########## EOF - C:\AdwCleaner[S2].txt - [969 octets] ##########
 
 
 
When I ran the ESET online scanner, it finished with no threats found. Not surprising, since I've run it recently (last week, I think). 
 
Looks like TDSSKiller DID find something though - eek! 

Edited by LTLeaf, 18 July 2013 - 11:50 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:29 PM

Posted 18 July 2013 - 08:00 PM

Yes, Please rerun TDSS and change the option on this to Cure or Delete..

Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 LTLeaf

LTLeaf
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:12:29 PM

Posted 18 July 2013 - 08:12 PM

OK, I have rerun it, and selected "Delete".  Here's the end of that log... 

 

18:05:51.0372 6000  ============================================================
18:05:51.0372 6000  Scan finished
18:05:51.0372 6000  ============================================================
18:05:51.0389 4416  Detected object count: 1
18:05:51.0390 4416  Actual detected object count: 1
18:06:54.0524 4416  \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
18:06:54.0539 4416  \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
18:06:54.0567 4416  \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
18:06:54.0618 4416  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
18:06:54.0745 4416  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
18:06:54.0817 4416  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
18:06:54.0876 4416  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
18:06:54.0938 4416  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
18:06:55.0197 4416  \Device\Harddisk0\DR0\TDLFS\vckd - copied to quarantine
18:06:55.0473 4416  \Device\Harddisk0\DR0\TDLFS\dkmks.tmp - copied to quarantine
18:06:55.0522 4416  \Device\Harddisk0\DR0\TDLFS - deleted
18:06:55.0522 4416  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:29 PM

Posted 18 July 2013 - 08:21 PM

That appears to be the issue, should be good now.

Edited by boopme, 18 July 2013 - 08:25 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 LTLeaf

LTLeaf
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:12:29 PM

Posted 18 July 2013 - 11:12 PM

Thank you! I wouldn't have known to check the "TDLFS file system" option. Hopefully the system is all clean now. :-D

 

Windows Update still isn't working, but I'm going to try a repair/upgrade install of Windows, maybe it will help. If not, I might have to do a clean re-install anyway. 

 

Either way, am I safe to use this computer normally now (online purchases, etc)? Or should I not risk it? lol... I just want to be very cautious right now :)

 

 

Edit: Repair install failed, with some message starting with "Setup can't continue..."  I'm guessing it is related to the reason Windows Update and sfc fail, too. From some Google searching, it looks like a clean reinstall will be the only way to fix all these Windows errors. :-(

 

Oh well... I guess the system will be pretty safe after that!

 

Last question I have for now: Do you think my external hard drive is safe? I've already scanned it with MBAM and MSE, and it looks clean, but I'm not sure if I should trust it, since I had those trojans loaded on my system while it was attached.


Edited by LTLeaf, 18 July 2013 - 11:42 PM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:29 PM

Posted 19 July 2013 - 10:34 AM

Hello,, lets reset the Winsock.

Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.

Reboot your system to complete the process.


Appears thee are 2 Antivirs running, MSE and ZA please stop one as it causes conflicts.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:29 PM

Posted 19 July 2013 - 10:59 AM

Connect it and run ESET. It will take a few hours,

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

p22002979.gif



Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22002980.gif


Go to Step 4 and under "System Restore" click on Create button:

p22002982.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22003030.gif

Post Windows Repair log (_windows_repair_log.txt) which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 LTLeaf

LTLeaf
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:12:29 PM

Posted 19 July 2013 - 04:13 PM

Hello,, lets reset the Winsock.

Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.

Reboot your system to complete the process.


Appears thee are 2 Antivirs running, MSE and ZA please stop one as it causes conflicts.

OK, have done this and will now follow the instructions in the next post. 

 

(ZoneAlarm only has firewall installed, it tells me the antivirus part isn't installed, but I turned off the "Application Control" bit in case that is conflicting.)



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:29 PM

Posted 19 July 2013 - 08:18 PM

OK,that's fine.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 LTLeaf

LTLeaf
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:12:29 PM

Posted 20 July 2013 - 03:06 AM

:)

 

Ran ESET, and here is the result:

 

C:\$RECYCLE.BIN\S-1-5-21-3248308859-3811971282-3890869645-1001\$RVOET7G\Process.exe Win32/PrcView application cleaned by deleting - quarantined

 

 

Installed Windows Repair.... 

Step 2 - nothing interesting happened :-P

Step 3 - SFC gave the usual error: "Windows Resource Protection could not perform the requested operation." Yes, it went straight from "this process will take some time" to that error. :(

Step 4 - done

 

Now running the rest of the program... I'll post the log when it's done. 



#13 LTLeaf

LTLeaf
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:12:29 PM

Posted 20 July 2013 - 03:41 AM

Here's the log: 

 

Starting Repairs...
   Start (7/17/2013 4:43:23 PM)

Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (7/17/2013 4:43:23 PM)
   Running Repair Under Current User Account
   Done (7/17/2013 4:44:02 PM)

Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (7/17/2013 4:44:02 PM)
   Running Repair Under System Account
   Done (7/17/2013 4:46:46 PM)

Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (7/17/2013 4:46:46 PM)
   Running Repair Under System Account
   Done (7/17/2013 4:47:41 PM)

Register System Files
   Start (7/17/2013 4:47:41 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 4:48:18 PM)

Repair WMI
   Start (7/17/2013 4:48:18 PM)
   Running Repair Under Current User Account
The system cannot find the path specified.
Invalid Global Switch.

   Running Repair Under System Account
The system cannot find the path specified.
Invalid Global Switch.

   Done (7/17/2013 4:51:43 PM)

Repair Windows Firewall
   Start (7/17/2013 4:51:43 PM)
   Running Repair Under Current User Account
The Internet Connection Sharing (ICS) service is not started.

More help is available by typing NET HELPMSG 3521.

The Internet Connection Sharing (ICS) service could not be started.

The service did not report an error.

More help is available by typing NET HELPMSG 3534.

   Running Repair Under System Account
The Internet Connection Sharing (ICS) service is not started.

More help is available by typing NET HELPMSG 3521.

The Internet Connection Sharing (ICS) service could not be started.

The service did not report an error.

More help is available by typing NET HELPMSG 3534.

   Done (7/17/2013 4:53:02 PM)

Repair Internet Explorer
   Start (7/17/2013 4:53:02 PM)
   Running Repair Under Current User Account
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
   Running Repair Under System Account
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
   Done (7/17/2013 4:53:26 PM)

Repair MDAC/MS Jet
   Start (7/17/2013 4:53:26 PM)
   Running Repair Under Current User Account
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
   Running Repair Under System Account
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
   Done (7/17/2013 4:53:37 PM)

Repair Hosts File
   Start (7/17/2013 4:53:37 PM)
   Running Repair Under System Account
   Done (7/17/2013 4:53:39 PM)

Remove Policies Set By Infections
   Start (7/17/2013 4:53:40 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 4:53:44 PM)

Repair Missing Start Menu Icons Removed By Infections
   Start (7/17/2013 4:53:44 PM)
   Running Repair Under System Account
   Done (7/17/2013 4:53:49 PM)

Repair Icons
   Start (7/17/2013 4:53:49 PM)
   Running Repair Under System Account
Could Not Find C:\Users\Leaf\AppData\Local\IconCache.db.bak
Could Not Find C:\Users\Leaf\AppData\Local\IconCache.db
   Done (7/17/2013 4:53:51 PM)

Repair Winsock & DNS Cache
   Start (7/17/2013 4:53:51 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 4:54:04 PM)

Remove Temp Files
   Start (7/17/2013 4:54:04 PM)
   Running Repair Under System Account
The process cannot access the file because it is being used by another process.
The process cannot access the file because it is being used by another process.
The process cannot access the file because it is being used by another process.
The process cannot access the file because it is being used by another process.
The process cannot access the file because it is being used by another process.
C:\Users\Leaf\AppData\Local\Temp\FXSAPIDebugLogFile.txt - The process cannot access the file because it is being used by another process.
C:\Users\Leaf\AppData\Local\Temp\msdt\_F4AFA~1\inuse - The process cannot access the file because it is being used by another process.
C:\Users\Leaf\AppData\Local\Temp\SDIAG_~1 - The process cannot access the file because it is being used by another process.
C:\Users\Leaf\AppData\Local\Temp\~DF62AC4E4D5EC6E655.TMP - The process cannot access the file because it is being used by another process.
C:\Users\Leaf\AppData\Local\Temp\~DF71D3E3DE1A8C9483.TMP - The process cannot access the file because it is being used by another process.
C:\Users\Leaf\AppData\Local\Temp\~DF8769EE25871CED68.TMP - The process cannot access the file because it is being used by another process.
The process cannot access the file because it is being used by another process.
C:\Windows\Temp\ZLT02587.TMP - The process cannot access the file because it is being used by another process.
   Done (7/17/2013 4:54:07 PM)

Repair Proxy Settings
   Start (7/17/2013 4:54:07 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 4:54:11 PM)

Unhide Non System Files
   Start (7/17/2013 4:54:12 PM)
   C:\ - Total Files Unhidden: 392
   Done (7/17/2013 5:01:05 PM)

Repair Windows Updates
   Start (7/17/2013 5:01:05 PM)
   Running Repair Under Current User Account
The requested pause, continue, or stop is not valid for this service.

More help is available by typing NET HELPMSG 2191.

The Windows Update service is not started.

More help is available by typing NET HELPMSG 3521.

The system cannot find the file specified.
   Running Repair Under System Account
The requested pause, continue, or stop is not valid for this service.

More help is available by typing NET HELPMSG 2191.

The Background Intelligent Transfer Service service is not started.

More help is available by typing NET HELPMSG 3521.

The Windows Update service is not started.

More help is available by typing NET HELPMSG 3521.

The system cannot find the file specified.
   Done (7/17/2013 5:01:29 PM)

Repair CD/DVD Missing/Not Working
   Start (7/17/2013 5:01:29 PM)
   Done (7/17/2013 5:01:29 PM)

Repair Volume Shadow Copy Service
   Start (7/17/2013 5:01:29 PM)
   Running Repair Under Current User Account
The Volume Shadow Copy service is not started.

More help is available by typing NET HELPMSG 3521.

The Microsoft Software Shadow Copy Provider service is not started.

More help is available by typing NET HELPMSG 3521.

   Running Repair Under System Account
The Volume Shadow Copy service is not started.

More help is available by typing NET HELPMSG 3521.

The Microsoft Software Shadow Copy Provider service is not started.

More help is available by typing NET HELPMSG 3521.

   Done (7/17/2013 5:01:34 PM)

Repair MSI (Windows Installer)
   Start (7/17/2013 5:01:34 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:01:45 PM)

Repair bat Association
   Start (7/17/2013 5:01:45 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:01:49 PM)

Repair cmd Association
   Start (7/17/2013 5:01:50 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:01:54 PM)

Repair com Association
   Start (7/17/2013 5:01:54 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:01:59 PM)

Repair Directory Association
   Start (7/17/2013 5:01:59 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:02:04 PM)

Repair Drive Association
   Start (7/17/2013 5:02:04 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:02:09 PM)

Repair exe Association
   Start (7/17/2013 5:02:09 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:02:13 PM)

Repair Folder Association
   Start (7/17/2013 5:02:13 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:02:18 PM)

Repair inf Association
   Start (7/17/2013 5:02:18 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:02:23 PM)

Repair lnk (Shortcuts) Association
   Start (7/17/2013 5:02:23 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:02:28 PM)

Repair msc Association
   Start (7/17/2013 5:02:28 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:02:32 PM)

Repair reg Association
   Start (7/17/2013 5:02:33 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:02:37 PM)

Repair scr Association
   Start (7/17/2013 5:02:37 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:02:42 PM)

Repair Windows Safe Mode
   Start (7/17/2013 5:02:42 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:02:47 PM)

Repair Print Spooler
   Start (7/17/2013 5:02:47 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:03:00 PM)

Restore Important Windows Services
   Start (7/17/2013 5:03:00 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:03:04 PM)

Set Windows Services To Default Startup
   Start (7/17/2013 5:03:04 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/17/2013 5:03:20 PM)

Cleaning up empty logs...

All Selected Repairs Done.
   Done (7/17/2013 5:03:20 PM)
   Total Repair Time: 00:19:57

...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under System Account
   Running Repair Under System Account
Starting Repairs...
   Start (7/20/2013 1:06:22 AM)

Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (7/20/2013 1:06:22 AM)
   Running Repair Under Current User Account
   Done (7/20/2013 1:06:37 AM)

Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (7/20/2013 1:06:37 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:08:59 AM)

Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (7/20/2013 1:09:00 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:10:02 AM)

Reset File Permissions 01/14
   C:\bbLean & Sub Folders
   Start (7/20/2013 1:10:02 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:10:07 AM)

Reset File Permissions 02/14
   C:\cs & Sub Folders
   Start (7/20/2013 1:10:07 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:10:09 AM)

Reset File Permissions 03/14
   C:\games & Sub Folders
   Start (7/20/2013 1:10:09 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:13:31 AM)

Reset File Permissions 04/14
   C:\LOTR & Sub Folders
   Start (7/20/2013 1:13:31 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:13:36 AM)

Reset File Permissions 05/14
   C:\Program Files & Sub Folders
   Start (7/20/2013 1:13:36 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:19:49 AM)

Reset File Permissions 06/14
   C:\ProgramData & Sub Folders
   Start (7/20/2013 1:19:49 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:20:48 AM)

Reset File Permissions 07/14
   C:\Recovery & Sub Folders
   Start (7/20/2013 1:20:48 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:20:50 AM)

Reset File Permissions 08/14
   C:\RegBackup & Sub Folders
   Start (7/20/2013 1:20:50 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:20:57 AM)

Reset File Permissions 09/14
   C:\STARTREKNEMESIS & Sub Folders
   Start (7/20/2013 1:20:57 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:21:01 AM)

Reset File Permissions 10/14
   C:\TDSSKiller_Quarantine & Sub Folders
   Start (7/20/2013 1:21:01 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:21:04 AM)

Reset File Permissions 11/14
   C:\Tor & Sub Folders
   Start (7/20/2013 1:21:04 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:21:21 AM)

Reset File Permissions 12/14
   C:\Windows & Sub Folders
   Start (7/20/2013 1:21:21 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:26:43 AM)

Reset File Permissions 13/14
   C:\WMP32Backup & Sub Folders
   Start (7/20/2013 1:26:44 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:26:48 AM)

Reset File Permissions 14/14
   C:\xampp & Sub Folders
   Start (7/20/2013 1:26:48 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:28:08 AM)

Reset File Permissions: Cleanup
    & Sub Folders
   Start (7/20/2013 1:28:08 AM)
   Running Repair Under System Account
   Done (7/20/2013 1:28:13 AM)

Register System Files
   Start (7/20/2013 1:28:13 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:28:41 AM)

Repair WMI
   Start (7/20/2013 1:28:41 AM)
   Running Repair Under Current User Account
The system cannot find the path specified.
Invalid Global Switch.

   Running Repair Under System Account
The system cannot find the path specified.
Invalid Global Switch.

   Done (7/20/2013 1:31:33 AM)

Repair Windows Firewall
   Start (7/20/2013 1:31:33 AM)
   Running Repair Under Current User Account
The Internet Connection Sharing (ICS) service is not started.

More help is available by typing NET HELPMSG 3521.

The Internet Connection Sharing (ICS) service could not be started.

The service did not report an error.

More help is available by typing NET HELPMSG 3534.

   Running Repair Under System Account
The Internet Connection Sharing (ICS) service is not started.

More help is available by typing NET HELPMSG 3521.

The Internet Connection Sharing (ICS) service could not be started.

The service did not report an error.

More help is available by typing NET HELPMSG 3534.

   Done (7/20/2013 1:32:10 AM)

Repair Internet Explorer
   Start (7/20/2013 1:32:11 AM)
   Running Repair Under Current User Account
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
   Running Repair Under System Account
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
The system cannot find the path specified.
   Done (7/20/2013 1:32:28 AM)

Remove Policies Set By Infections
   Start (7/20/2013 1:32:28 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:32:33 AM)

Repair Icons
   Start (7/20/2013 1:32:33 AM)
   Running Repair Under System Account
Could Not Find C:\Users\Leaf\AppData\Local\IconCache.db.bak
Could Not Find C:\Users\Leaf\AppData\Local\IconCache.db
   Done (7/20/2013 1:32:35 AM)

Repair Winsock & DNS Cache
   Start (7/20/2013 1:32:35 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:32:48 AM)

Repair Proxy Settings
   Start (7/20/2013 1:32:48 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:32:53 AM)

Repair Windows Updates
   Start (7/20/2013 1:32:53 AM)
   Running Repair Under Current User Account
The requested pause, continue, or stop is not valid for this service.

More help is available by typing NET HELPMSG 2191.

The Background Intelligent Transfer Service service is not started.

More help is available by typing NET HELPMSG 3521.

The Windows Update service is not started.

More help is available by typing NET HELPMSG 3521.

The system cannot find the file specified.
   Running Repair Under System Account
The requested pause, continue, or stop is not valid for this service.

More help is available by typing NET HELPMSG 2191.

The Background Intelligent Transfer Service service is not started.

More help is available by typing NET HELPMSG 3521.

The Windows Update service is not started.

More help is available by typing NET HELPMSG 3521.

The system cannot find the file specified.
   Done (7/20/2013 1:33:16 AM)

Repair MSI (Windows Installer)
   Start (7/20/2013 1:33:16 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:33:27 AM)

Repair bat Association
   Start (7/20/2013 1:33:27 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:33:32 AM)

Repair cmd Association
   Start (7/20/2013 1:33:32 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:33:36 AM)

Repair com Association
   Start (7/20/2013 1:33:36 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:33:41 AM)

Repair Directory Association
   Start (7/20/2013 1:33:41 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:33:46 AM)

Repair Drive Association
   Start (7/20/2013 1:33:46 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:33:50 AM)

Repair exe Association
   Start (7/20/2013 1:33:50 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:33:55 AM)

Repair Folder Association
   Start (7/20/2013 1:33:55 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:34:00 AM)

Repair inf Association
   Start (7/20/2013 1:34:00 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:34:04 AM)

Repair lnk (Shortcuts) Association
   Start (7/20/2013 1:34:04 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:34:09 AM)

Repair msc Association
   Start (7/20/2013 1:34:09 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:34:14 AM)

Repair reg Association
   Start (7/20/2013 1:34:14 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:34:18 AM)

Repair scr Association
   Start (7/20/2013 1:34:18 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:34:23 AM)

Repair Print Spooler
   Start (7/20/2013 1:34:23 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:34:36 AM)

Restore Important Windows Services
   Start (7/20/2013 1:34:36 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:34:40 AM)

Set Windows Services To Default Startup
   Start (7/20/2013 1:34:40 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/20/2013 1:34:51 AM)

Cleaning up empty logs...

All Selected Repairs Done.
   Done (7/20/2013 1:34:51 AM)
   Total Repair Time: 00:28:29

...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under System Account


Edited by LTLeaf, 20 July 2013 - 03:43 AM.


#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:29 PM

Posted 22 July 2013 - 09:38 AM

I think you did not get it all out and we should get a deeper look. Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 LTLeaf

LTLeaf
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:12:29 PM

Posted 22 July 2013 - 03:05 PM

OK, I will do that.

Thanks so much for your help & time :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users