Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SUPER slow laptop...please help!


  • Please log in to reply
14 replies to this topic

#1 Splattman

Splattman

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:33 PM

Posted 25 September 2013 - 07:35 PM

My sister's laptop has possibly been infected. She said it will not operate worth a crap and is sending her to different websites when she enters an address. I would appreciate any and all help I can get to help her fix it. Thanks



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:33 PM

Posted 25 September 2013 - 08:01 PM

Hello splattman, do these, post the logs and tell me how it is.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Splattman

Splattman
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:33 PM

Posted 25 September 2013 - 08:05 PM

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Valeria (administrator) on 25-09-2013 at 20:49:07
Running from "C:\Users\Valeria\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Ralink RT5390 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=enabled
add address name="Local Area Connection" address=192.168.137.1 mask=255.255.255.0

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Valeria-HP
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Home

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 90-00-4E-4F-AD-2B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Ralink RT5390 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 90-00-4E-4F-AD-2A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::1110:2ee0:2eb:5479%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.12(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, September 25, 2013 8:43:36 PM
   Lease Expires . . . . . . . . . . : Thursday, September 26, 2013 8:43:37 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 328204366
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-E7-FD-8B-98-4B-E1-BE-9E-91
   DNS Servers . . . . . . . . . . . : 192.168.0.1
                                       205.171.203.226
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 98-4B-E1-BE-9E-91
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Home:

   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.0.12%15(Preferred)
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 192.168.0.1
                                       205.171.203.226
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{5234EEB6-9645-4B41-80B9-9D92E56E0DAB}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{42195AEF-5F49-43D7-AEC0-7739D63E96F1}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  modem
Address:  192.168.0.1

Name:    google.com
Addresses:  2607:f8b0:4004:801::1001
   74.125.228.32
   74.125.228.34
   74.125.228.36
   74.125.228.41
   74.125.228.38
   74.125.228.37
   74.125.228.39
   74.125.228.46
   74.125.228.40
   74.125.228.35
   74.125.228.33

Pinging google.com [74.125.228.39] with 32 bytes of data:
Reply from 74.125.228.39: bytes=32 time=39ms TTL=57
Reply from 74.125.228.39: bytes=32 time=39ms TTL=57

Ping statistics for 74.125.228.39:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 39ms, Maximum = 39ms, Average = 39ms
Server:  modem
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  206.190.36.45
   98.139.183.24
   98.138.253.109

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=49ms TTL=53
Reply from 98.139.183.24: bytes=32 time=132ms TTL=53

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 49ms, Maximum = 132ms, Average = 90ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...90 00 4e 4f ad 2b ......Microsoft Virtual WiFi Miniport Adapter
 11...90 00 4e 4f ad 2a ......Ralink RT5390 802.11b/g/n WiFi Adapter
 10...98 4b e1 be 9e 91 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.12     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.12    281
     192.168.0.12  255.255.255.255         On-link      192.168.0.12    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.12    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.12    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.12    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    281 fe80::/64                On-link
 15    286 fe80::5efe:192.168.0.12/128
                                    On-link
 11    281 fe80::1110:2ee0:2eb:5479/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/25/2013 08:45:43 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

Error: (09/25/2013 08:45:36 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

Error: (09/25/2013 08:37:08 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (09/25/2013 08:37:08 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (09/25/2013 08:02:23 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

Error: (09/25/2013 08:02:15 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

Error: (09/25/2013 04:56:55 PM) (Source: Application Error) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Host Process for Windows Services because of this error.

Program: Host Process for Windows Services
File:

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
 - It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
 - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: 00000000
Disk type: 0

Error: (09/25/2013 04:56:55 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: rasppp.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c972
Exception code: 0xc000001d
Fault offset: 0x00000000000300e4
Faulting process id: 0x3b0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (09/25/2013 09:13:21 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (09/25/2013 09:13:21 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

System errors:
=============
Error: (09/25/2013 08:46:15 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070006

Error: (09/25/2013 08:43:38 PM) (Source: Service Control Manager) (User: )
Description: The lxduCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (09/25/2013 08:43:38 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxduCATSCustConnectService service to connect.

Error: (09/25/2013 08:42:38 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.

Error: (09/25/2013 08:42:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.

Error: (09/25/2013 08:41:38 PM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Error: (09/25/2013 08:41:38 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.

Error: (09/25/2013 08:41:08 PM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Error: (09/25/2013 08:41:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.

Error: (09/25/2013 08:40:38 PM) (Source: Service Control Manager) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-09-24 22:45:48.996
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-09-24 22:45:48.434
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-09-24 21:35:38.738
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-12 22:45:10.831
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-12 20:41:12.004
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-18 22:04:38.343
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-21 10:35:52.993
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-21 10:12:36.342
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-08 20:33:31.826
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-08 09:15:42.853
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 2.0.2.12610)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.175)
Adobe Reader 9.4.5 MUI (Version: 9.4.5)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Rewards Client Installer (Version: 16.0.345.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.95)
Bonjour (Version: 3.0.0.2)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
Compaq Setup Manager (Version: 1.0.12844.3519)
CyberLink DVD Suite (Version: 7.0.3320)
CyberLink MediaShow (Version: 5.0.1920)
CyberLink PowerDVD 9 (Version: 9.0.1.4604)
CyberLink YouCam (Version: 3.2.3321)
D3DX10 (Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
Energy Star Digital Logo (Version: 1.0.1)
Escape Rosecliff Island (Version: 2.2.0.95)
ESU for Microsoft Windows 7 (Version: 1.0.0)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP Auto (Version: 1.0.12494.3472)
HP Client Services (Version: 1.0.12656.3472)
HP CloudDrive
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.1.2.1)
HP Games (Version: 1.0.2.5)
HP MovieStore (Version: 1.0.023)
HP MovieStore (Version: 2.0.2)
HP Photo Creations (Version: 1.0.0.4042)
HP Power Manager (Version: 1.1.2)
HP Quick Launch (Version: 2.3.6)
HP Setup (Version: 8.4.4400.3525)
HP Software Framework (Version: 4.0.108.1)
HP Support Assistant (Version: 6.1.12.1)
HP Wireless Assistant (Version: 4.0.10.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2086)
Intel® Rapid Storage Technology (Version: 9.6.2.1001)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 21 (64-bit) (Version: 6.0.210)
Java™ 6 Update 26 (Version: 6.0.260)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.3220)
Lexmark 5600-6600 Series
Lexmark Printable Web (Version: 1.0.0.0)
Lexmark Tools for Office (Version: 1.24.0.0)
LightScribe System Software (Version: 1.18.18.1)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MotoHelper MergeModules (Version: 1.2.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - The London Caper (Version: 2.2.0.95)
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.7717)
Plants vs. Zombies (Version: 2.2.0.95)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4419)
PowerDirector (Version: 8.0.3320)
QuickTime (Version: 7.69.80.9)
Ralink RT2860 Wireless LAN Card (Version: 3.1.13.0)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.18.322.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6206)
Recovery Manager (Version: 5.5.3223)
RtVOsd (Version: 1.0.6)
SpongeBob SquarePants Krabby Quest (Version: 2.2.0.95)
Synaptics Pointing Device Driver (Version: 15.1.6.64)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
VC 9.0 Runtime (Version: 1.0.0)
Virtual Families (Version: 2.2.0.95)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Wheel of Fortune 2 (Version: 2.2.0.95)
WildTangent Games App (HP Games) (Version: 4.0.5.32)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
ZoneAlarm LTD Toolbar
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 76%
Total physical RAM: 1978.92 MB
Available physical RAM: 459.8 MB
Total Pagefile: 3957.84 MB
Available Pagefile: 2098.42 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.95 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:213.73 GB) (Free:155 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:18.86 GB) (Free:2.7 GB) NTFS

========================= Users: ========================================

User accounts for \\VALERIA-HP

Administrator            Guest                    Valeria                 

**** End of log ****



#4 Splattman

Splattman
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:33 PM

Posted 25 September 2013 - 08:07 PM

20:55:14.0159 0x0c84 TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
20:55:14.0643 0x0c84 ============================================================
20:55:14.0643 0x0c84 Current date / time: 2013/09/25 20:55:14.0643
20:55:14.0643 0x0c84 SystemInfo:
20:55:14.0643 0x0c84
20:55:14.0643 0x0c84 OS Version: 6.1.7601 ServicePack: 1.0
20:55:14.0643 0x0c84 Product type: Workstation
20:55:14.0643 0x0c84 ComputerName: VALERIA-HP
20:55:14.0643 0x0c84 UserName: Valeria
20:55:14.0643 0x0c84 Windows directory: C:\Windows
20:55:14.0643 0x0c84 System windows directory: C:\Windows
20:55:14.0643 0x0c84 Running under WOW64
20:55:14.0643 0x0c84 Processor architecture: Intel x64
20:55:14.0643 0x0c84 Number of processors: 1
20:55:14.0643 0x0c84 Page size: 0x1000
20:55:14.0643 0x0c84 Boot type: Normal boot
20:55:14.0643 0x0c84 ============================================================
20:55:15.0329 0x0c84 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:55:15.0329 0x0c84 ============================================================
20:55:15.0329 0x0c84 \Device\Harddisk0\DR0:
20:55:15.0329 0x0c84 MBR partitions:
20:55:15.0329 0x0c84 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
20:55:15.0329 0x0c84 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1AB73800
20:55:15.0329 0x0c84 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1ABD7800, BlocksNum 0x25BA000
20:55:15.0329 0x0c84 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x1D191800, BlocksNum 0x33970
20:55:15.0329 0x0c84 ============================================================
20:55:15.0376 0x0c84 C: <-> \Device\Harddisk0\DR0\Partition2
20:55:15.0423 0x0c84 D: <-> \Device\Harddisk0\DR0\Partition3
20:55:15.0423 0x0c84 ============================================================
20:55:15.0423 0x0c84 Initialize success
20:55:15.0423 0x0c84 ============================================================
20:55:19.0073 0x0e90 ============================================================
20:55:19.0073 0x0e90 Scan started
20:55:19.0073 0x0e90 Mode: Manual;
20:55:19.0073 0x0e90 ============================================================
20:55:20.0321 0x0e90 ================ Scan system memory ========================
20:55:20.0321 0x0e90 System memory - ok
20:55:20.0321 0x0e90 ================ Scan services =============================
20:55:20.0462 0x0e90 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:55:20.0477 0x0e90 1394ohci - ok
20:55:20.0493 0x0e90 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:55:20.0509 0x0e90 ACPI - ok
20:55:20.0540 0x0e90 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:55:20.0540 0x0e90 AcpiPmi - ok
20:55:20.0711 0x0e90 [ 24A0876D07EF356DCBC1D7A7929354AB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:55:20.0711 0x0e90 AdobeFlashPlayerUpdateSvc - ok
20:55:20.0789 0x0e90 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:55:20.0789 0x0e90 adp94xx - ok
20:55:20.0836 0x0e90 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:55:20.0836 0x0e90 adpahci - ok
20:55:20.0883 0x0e90 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:55:20.0883 0x0e90 adpu320 - ok
20:55:20.0930 0x0e90 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:55:20.0930 0x0e90 AeLookupSvc - ok
20:55:21.0008 0x0e90 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
20:55:21.0008 0x0e90 AERTFilters - ok
20:55:21.0070 0x0e90 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:55:21.0070 0x0e90 AFD - ok
20:55:21.0133 0x0e90 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:55:21.0133 0x0e90 agp440 - ok
20:55:21.0164 0x0e90 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:55:21.0164 0x0e90 ALG - ok
20:55:21.0226 0x0e90 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:55:21.0242 0x0e90 aliide - ok
20:55:21.0257 0x0e90 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:55:21.0257 0x0e90 amdide - ok
20:55:21.0289 0x0e90 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:55:21.0289 0x0e90 AmdK8 - ok
20:55:21.0304 0x0e90 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:55:21.0320 0x0e90 AmdPPM - ok
20:55:21.0351 0x0e90 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:55:21.0367 0x0e90 amdsata - ok
20:55:21.0398 0x0e90 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:55:21.0398 0x0e90 amdsbs - ok
20:55:21.0429 0x0e90 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:55:21.0429 0x0e90 amdxata - ok
20:55:21.0476 0x0e90 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:55:21.0491 0x0e90 AppID - ok
20:55:21.0523 0x0e90 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:55:21.0523 0x0e90 AppIDSvc - ok
20:55:21.0585 0x0e90 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
20:55:21.0585 0x0e90 Appinfo - ok
20:55:21.0710 0x0e90 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:55:21.0710 0x0e90 arc - ok
20:55:21.0741 0x0e90 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:55:21.0757 0x0e90 arcsas - ok
20:55:21.0803 0x0e90 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:55:21.0803 0x0e90 AsyncMac - ok
20:55:21.0850 0x0e90 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:55:21.0850 0x0e90 atapi - ok
20:55:21.0913 0x0e90 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:55:21.0928 0x0e90 AudioEndpointBuilder - ok
20:55:21.0959 0x0e90 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:55:21.0975 0x0e90 AudioSrv - ok
20:55:22.0053 0x0e90 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:55:22.0053 0x0e90 AxInstSV - ok
20:55:22.0100 0x0e90 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:55:22.0100 0x0e90 b06bdrv - ok
20:55:22.0178 0x0e90 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:55:22.0178 0x0e90 b57nd60a - ok
20:55:22.0209 0x0e90 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:55:22.0209 0x0e90 BDESVC - ok
20:55:22.0240 0x0e90 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:55:22.0240 0x0e90 Beep - ok
20:55:22.0318 0x0e90 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:55:22.0334 0x0e90 BFE - ok
20:55:22.0381 0x0e90 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
20:55:22.0443 0x0e90 BITS - ok
20:55:22.0474 0x0e90 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:55:22.0474 0x0e90 blbdrive - ok
20:55:22.0599 0x0e90 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
20:55:22.0615 0x0e90 Bonjour Service - ok
20:55:22.0646 0x0e90 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:55:22.0646 0x0e90 bowser - ok
20:55:22.0677 0x0e90 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:55:22.0693 0x0e90 BrFiltLo - ok
20:55:22.0708 0x0e90 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:55:22.0708 0x0e90 BrFiltUp - ok
20:55:22.0802 0x0e90 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:55:22.0802 0x0e90 BridgeMP - ok
20:55:22.0849 0x0e90 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:55:22.0849 0x0e90 Browser - ok
20:55:22.0880 0x0e90 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:55:22.0880 0x0e90 Brserid - ok
20:55:22.0927 0x0e90 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:55:22.0927 0x0e90 BrSerWdm - ok
20:55:22.0942 0x0e90 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:55:22.0942 0x0e90 BrUsbMdm - ok
20:55:22.0973 0x0e90 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:55:22.0973 0x0e90 BrUsbSer - ok
20:55:23.0005 0x0e90 BTCFilterService - ok
20:55:23.0020 0x0e90 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:55:23.0020 0x0e90 BTHMODEM - ok
20:55:23.0083 0x0e90 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:55:23.0083 0x0e90 bthserv - ok
20:55:23.0161 0x0e90 catchme - ok
20:55:23.0192 0x0e90 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:55:23.0192 0x0e90 cdfs - ok
20:55:23.0254 0x0e90 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:55:23.0270 0x0e90 cdrom - ok
20:55:23.0317 0x0e90 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:55:23.0317 0x0e90 CertPropSvc - ok
20:55:23.0379 0x0e90 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:55:23.0379 0x0e90 circlass - ok
20:55:23.0410 0x0e90 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:55:23.0410 0x0e90 CLFS - ok
20:55:23.0488 0x0e90 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:55:23.0504 0x0e90 clr_optimization_v2.0.50727_32 - ok
20:55:23.0566 0x0e90 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:55:23.0566 0x0e90 clr_optimization_v2.0.50727_64 - ok
20:55:23.0660 0x0e90 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:55:23.0660 0x0e90 clr_optimization_v4.0.30319_32 - ok
20:55:23.0738 0x0e90 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:55:23.0753 0x0e90 clr_optimization_v4.0.30319_64 - ok
20:55:23.0800 0x0e90 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
20:55:23.0800 0x0e90 clwvd - ok
20:55:23.0847 0x0e90 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:55:23.0847 0x0e90 CmBatt - ok
20:55:23.0878 0x0e90 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:55:23.0878 0x0e90 cmdide - ok
20:55:23.0925 0x0e90 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:55:23.0925 0x0e90 CNG - ok
20:55:23.0972 0x0e90 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:55:23.0972 0x0e90 Compbatt - ok
20:55:24.0034 0x0e90 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:55:24.0034 0x0e90 CompositeBus - ok
20:55:24.0065 0x0e90 COMSysApp - ok
20:55:24.0097 0x0e90 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:55:24.0097 0x0e90 crcdisk - ok
20:55:24.0159 0x0e90 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:55:24.0175 0x0e90 CryptSvc - ok
20:55:24.0221 0x0e90 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:55:24.0221 0x0e90 DcomLaunch - ok
20:55:24.0268 0x0e90 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:55:24.0268 0x0e90 defragsvc - ok
20:55:24.0299 0x0e90 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:55:24.0299 0x0e90 DfsC - ok
20:55:24.0362 0x0e90 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:55:24.0377 0x0e90 Dhcp - ok
20:55:24.0409 0x0e90 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:55:24.0409 0x0e90 discache - ok
20:55:24.0455 0x0e90 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:55:24.0455 0x0e90 Disk - ok
20:55:24.0502 0x0e90 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:55:24.0502 0x0e90 Dnscache - ok
20:55:24.0549 0x0e90 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:55:24.0549 0x0e90 dot3svc - ok
20:55:24.0580 0x0e90 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:55:24.0580 0x0e90 DPS - ok
20:55:24.0627 0x0e90 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:55:24.0627 0x0e90 drmkaud - ok
20:55:24.0689 0x0e90 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:55:24.0721 0x0e90 DXGKrnl - ok
20:55:24.0767 0x0e90 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:55:24.0767 0x0e90 EapHost - ok
20:55:24.0861 0x0e90 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:55:24.0955 0x0e90 ebdrv - ok
20:55:24.0986 0x0e90 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:55:24.0986 0x0e90 EFS - ok
20:55:25.0095 0x0e90 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:55:25.0111 0x0e90 ehRecvr - ok
20:55:25.0142 0x0e90 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:55:25.0157 0x0e90 ehSched - ok
20:55:25.0204 0x0e90 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:55:25.0220 0x0e90 elxstor - ok
20:55:25.0251 0x0e90 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:55:25.0251 0x0e90 ErrDev - ok
20:55:25.0313 0x0e90 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:55:25.0329 0x0e90 EventSystem - ok
20:55:25.0345 0x0e90 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:55:25.0360 0x0e90 exfat - ok
20:55:25.0391 0x0e90 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:55:25.0391 0x0e90 fastfat - ok
20:55:25.0454 0x0e90 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:55:25.0469 0x0e90 Fax - ok
20:55:25.0501 0x0e90 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:55:25.0501 0x0e90 fdc - ok
20:55:25.0547 0x0e90 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:55:25.0547 0x0e90 fdPHost - ok
20:55:25.0563 0x0e90 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:55:25.0579 0x0e90 FDResPub - ok
20:55:25.0594 0x0e90 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:55:25.0594 0x0e90 FileInfo - ok
20:55:25.0641 0x0e90 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:55:25.0641 0x0e90 Filetrace - ok
20:55:25.0657 0x0e90 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:55:25.0657 0x0e90 flpydisk - ok
20:55:25.0719 0x0e90 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:55:25.0719 0x0e90 FltMgr - ok
20:55:25.0797 0x0e90 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
20:55:25.0828 0x0e90 FontCache - ok
20:55:25.0906 0x0e90 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:55:25.0906 0x0e90 FontCache3.0.0.0 - ok
20:55:25.0937 0x0e90 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:55:25.0937 0x0e90 FsDepends - ok
20:55:25.0969 0x0e90 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:55:25.0969 0x0e90 Fs_Rec - ok
20:55:26.0031 0x0e90 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:55:26.0047 0x0e90 fvevol - ok
20:55:26.0078 0x0e90 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:55:26.0078 0x0e90 gagp30kx - ok
20:55:26.0140 0x0e90 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:55:26.0156 0x0e90 GamesAppService - ok
20:55:26.0203 0x0e90 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:55:26.0203 0x0e90 GEARAspiWDM - ok
20:55:26.0249 0x0e90 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:55:26.0281 0x0e90 gpsvc - ok
20:55:26.0312 0x0e90 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:55:26.0327 0x0e90 hcw85cir - ok
20:55:26.0374 0x0e90 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:55:26.0374 0x0e90 HdAudAddService - ok
20:55:26.0405 0x0e90 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:55:26.0405 0x0e90 HDAudBus - ok
20:55:26.0437 0x0e90 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:55:26.0437 0x0e90 HidBatt - ok
20:55:26.0468 0x0e90 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:55:26.0468 0x0e90 HidBth - ok
20:55:26.0515 0x0e90 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:55:26.0515 0x0e90 HidIr - ok
20:55:26.0561 0x0e90 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
20:55:26.0561 0x0e90 hidserv - ok
20:55:26.0593 0x0e90 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:55:26.0593 0x0e90 HidUsb - ok
20:55:26.0639 0x0e90 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:55:26.0639 0x0e90 hkmsvc - ok
20:55:26.0686 0x0e90 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:55:26.0686 0x0e90 HomeGroupListener - ok
20:55:26.0764 0x0e90 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:55:26.0780 0x0e90 HomeGroupProvider - ok
20:55:26.0889 0x0e90 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:55:26.0889 0x0e90 HP Support Assistant Service - ok
20:55:26.0936 0x0e90 [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
20:55:26.0951 0x0e90 HP Wireless Assistant Service - ok
20:55:26.0983 0x0e90 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
20:55:26.0998 0x0e90 HPClientSvc - ok
20:55:27.0061 0x0e90 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
20:55:27.0061 0x0e90 HPDrvMntSvc.exe - ok
20:55:27.0123 0x0e90 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:55:27.0139 0x0e90 hpqwmiex - ok
20:55:27.0201 0x0e90 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:55:27.0217 0x0e90 HpSAMD - ok
20:55:27.0263 0x0e90 [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
20:55:27.0279 0x0e90 HPWMISVC - ok
20:55:27.0326 0x0e90 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:55:27.0341 0x0e90 HTTP - ok
20:55:27.0404 0x0e90 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:55:27.0404 0x0e90 hwpolicy - ok
20:55:27.0451 0x0e90 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:55:27.0451 0x0e90 i8042prt - ok
20:55:27.0497 0x0e90 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:55:27.0497 0x0e90 iaStor - ok
20:55:27.0529 0x0e90 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:55:27.0544 0x0e90 iaStorV - ok
20:55:27.0607 0x0e90 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:55:27.0622 0x0e90 idsvc - ok
20:55:27.0872 0x0e90 [ 898AB5BFED7040D7AB07AF01885EB944 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:55:28.0090 0x0e90 igfx - ok
20:55:28.0153 0x0e90 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:55:28.0153 0x0e90 iirsp - ok
20:55:28.0199 0x0e90 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:55:28.0231 0x0e90 IKEEXT - ok
20:55:28.0309 0x0e90 [ D311E2DD59A34079D89C249B2A4D9FDB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:55:28.0387 0x0e90 IntcAzAudAddService - ok
20:55:28.0402 0x0e90 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:55:28.0402 0x0e90 intelide - ok
20:55:28.0449 0x0e90 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:55:28.0465 0x0e90 intelppm - ok
20:55:28.0496 0x0e90 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:55:28.0496 0x0e90 IPBusEnum - ok
20:55:28.0543 0x0e90 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:55:28.0543 0x0e90 IpFilterDriver - ok
20:55:28.0589 0x0e90 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:55:28.0605 0x0e90 iphlpsvc - ok
20:55:28.0652 0x0e90 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:55:28.0652 0x0e90 IPMIDRV - ok
20:55:28.0668 0x0e90 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:55:28.0668 0x0e90 IPNAT - ok
20:55:28.0730 0x0e90 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:55:28.0730 0x0e90 IRENUM - ok
20:55:28.0777 0x0e90 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:55:28.0777 0x0e90 isapnp - ok
20:55:28.0824 0x0e90 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:55:28.0824 0x0e90 iScsiPrt - ok
20:55:28.0870 0x0e90 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:55:28.0870 0x0e90 kbdclass - ok
20:55:28.0902 0x0e90 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:55:28.0902 0x0e90 kbdhid - ok
20:55:28.0933 0x0e90 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:55:28.0933 0x0e90 KeyIso - ok
20:55:28.0964 0x0e90 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:55:28.0964 0x0e90 KSecDD - ok
20:55:28.0995 0x0e90 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:55:28.0995 0x0e90 KSecPkg - ok
20:55:29.0026 0x0e90 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:55:29.0042 0x0e90 ksthunk - ok
20:55:29.0073 0x0e90 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:55:29.0089 0x0e90 KtmRm - ok
20:55:29.0136 0x0e90 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
20:55:29.0136 0x0e90 LanmanServer - ok
20:55:29.0182 0x0e90 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:55:29.0182 0x0e90 LanmanWorkstation - ok
20:55:29.0276 0x0e90 [ FCBDCC6F1801E32244235608E1277752 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:55:29.0276 0x0e90 LightScribeService - ok
20:55:29.0323 0x0e90 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:55:29.0323 0x0e90 lltdio - ok
20:55:29.0354 0x0e90 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:55:29.0370 0x0e90 lltdsvc - ok
20:55:29.0401 0x0e90 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:55:29.0401 0x0e90 lmhosts - ok
20:55:29.0463 0x0e90 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:55:29.0463 0x0e90 LSI_FC - ok
20:55:29.0494 0x0e90 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:55:29.0494 0x0e90 LSI_SAS - ok
20:55:29.0526 0x0e90 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:55:29.0526 0x0e90 LSI_SAS2 - ok
20:55:29.0541 0x0e90 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:55:29.0541 0x0e90 LSI_SCSI - ok
20:55:29.0572 0x0e90 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:55:29.0572 0x0e90 luafv - ok
20:55:29.0650 0x0e90 [ E9D110AF4EDD56EEA8DD3144029739E3 ] lxduCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe
20:55:29.0666 0x0e90 lxduCATSCustConnectService - ok
20:55:29.0697 0x0e90 lxdu_device - ok
20:55:29.0744 0x0e90 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:55:29.0744 0x0e90 Mcx2Svc - ok
20:55:29.0775 0x0e90 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:55:29.0791 0x0e90 megasas - ok
20:55:29.0838 0x0e90 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:55:29.0853 0x0e90 MegaSR - ok
20:55:29.0900 0x0e90 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:55:29.0916 0x0e90 MMCSS - ok
20:55:29.0947 0x0e90 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:55:29.0947 0x0e90 Modem - ok
20:55:29.0994 0x0e90 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:55:29.0994 0x0e90 monitor - ok
20:55:30.0025 0x0e90 motccgp - ok
20:55:30.0040 0x0e90 motccgpfl - ok
20:55:30.0072 0x0e90 motmodem - ok
20:55:30.0087 0x0e90 MotoSwitchService - ok
20:55:30.0134 0x0e90 Motousbnet - ok
20:55:30.0150 0x0e90 motusbdevice - ok
20:55:30.0181 0x0e90 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:55:30.0181 0x0e90 mouclass - ok
20:55:30.0212 0x0e90 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:55:30.0212 0x0e90 mouhid - ok
20:55:30.0259 0x0e90 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:55:30.0274 0x0e90 mountmgr - ok
20:55:30.0306 0x0e90 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:55:30.0321 0x0e90 mpio - ok
20:55:30.0352 0x0e90 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:55:30.0352 0x0e90 mpsdrv - ok
20:55:30.0399 0x0e90 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:55:30.0430 0x0e90 MpsSvc - ok
20:55:30.0462 0x0e90 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:55:30.0462 0x0e90 MRxDAV - ok
20:55:30.0508 0x0e90 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:55:30.0508 0x0e90 mrxsmb - ok
20:55:30.0555 0x0e90 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:55:30.0555 0x0e90 mrxsmb10 - ok
20:55:30.0586 0x0e90 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:55:30.0586 0x0e90 mrxsmb20 - ok
20:55:30.0618 0x0e90 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:55:30.0618 0x0e90 msahci - ok
20:55:30.0649 0x0e90 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:55:30.0649 0x0e90 msdsm - ok
20:55:30.0680 0x0e90 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:55:30.0680 0x0e90 MSDTC - ok
20:55:30.0727 0x0e90 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:55:30.0742 0x0e90 Msfs - ok
20:55:30.0789 0x0e90 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:55:30.0789 0x0e90 mshidkmdf - ok
20:55:30.0836 0x0e90 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:55:30.0836 0x0e90 msisadrv - ok
20:55:30.0867 0x0e90 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:55:30.0867 0x0e90 MSiSCSI - ok
20:55:30.0883 0x0e90 msiserver - ok
20:55:30.0898 0x0e90 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:55:30.0898 0x0e90 MSKSSRV - ok
20:55:30.0914 0x0e90 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:55:30.0914 0x0e90 MSPCLOCK - ok
20:55:30.0930 0x0e90 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:55:30.0930 0x0e90 MSPQM - ok
20:55:30.0992 0x0e90 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:55:30.0992 0x0e90 MsRPC - ok
20:55:31.0008 0x0e90 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:55:31.0023 0x0e90 mssmbios - ok
20:55:31.0039 0x0e90 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:55:31.0054 0x0e90 MSTEE - ok
20:55:31.0086 0x0e90 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:55:31.0086 0x0e90 MTConfig - ok
20:55:31.0117 0x0e90 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:55:31.0117 0x0e90 Mup - ok
20:55:31.0148 0x0e90 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:55:31.0164 0x0e90 napagent - ok
20:55:31.0210 0x0e90 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:55:31.0210 0x0e90 NativeWifiP - ok
20:55:31.0273 0x0e90 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:55:31.0304 0x0e90 NDIS - ok
20:55:31.0335 0x0e90 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:55:31.0335 0x0e90 NdisCap - ok
20:55:31.0413 0x0e90 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:55:31.0413 0x0e90 NdisTapi - ok
20:55:31.0460 0x0e90 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:55:31.0476 0x0e90 Ndisuio - ok
20:55:31.0522 0x0e90 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:55:31.0522 0x0e90 NdisWan - ok
20:55:31.0554 0x0e90 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:55:31.0554 0x0e90 NDProxy - ok
20:55:31.0600 0x0e90 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:55:31.0600 0x0e90 NetBIOS - ok
20:55:31.0647 0x0e90 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:55:31.0663 0x0e90 NetBT - ok
20:55:31.0678 0x0e90 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:55:31.0678 0x0e90 Netlogon - ok
20:55:31.0725 0x0e90 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:55:31.0741 0x0e90 Netman - ok
20:55:31.0756 0x0e90 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:55:31.0788 0x0e90 netprofm - ok
20:55:31.0897 0x0e90 [ 2EED549279D7FBD10B846B5397573967 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
20:55:31.0975 0x0e90 netr28x - ok
20:55:32.0006 0x0e90 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:55:32.0022 0x0e90 NetTcpPortSharing - ok
20:55:32.0178 0x0e90 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
20:55:32.0302 0x0e90 netw5v64 - ok
20:55:32.0365 0x0e90 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:55:32.0365 0x0e90 nfrd960 - ok
20:55:32.0412 0x0e90 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:55:32.0412 0x0e90 NlaSvc - ok
20:55:32.0443 0x0e90 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:55:32.0443 0x0e90 Npfs - ok
20:55:32.0490 0x0e90 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:55:32.0490 0x0e90 nsi - ok
20:55:32.0505 0x0e90 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:55:32.0505 0x0e90 nsiproxy - ok
20:55:32.0583 0x0e90 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:55:32.0646 0x0e90 Ntfs - ok
20:55:32.0661 0x0e90 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:55:32.0661 0x0e90 Null - ok
20:55:32.0708 0x0e90 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:55:32.0708 0x0e90 nvraid - ok
20:55:32.0724 0x0e90 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:55:32.0724 0x0e90 nvstor - ok
20:55:32.0770 0x0e90 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:55:32.0770 0x0e90 nv_agp - ok
20:55:32.0973 0x0e90 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:55:32.0989 0x0e90 odserv - ok
20:55:33.0020 0x0e90 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:55:33.0020 0x0e90 ohci1394 - ok
20:55:33.0051 0x0e90 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:55:33.0051 0x0e90 ose - ok
20:55:33.0082 0x0e90 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:55:33.0098 0x0e90 p2pimsvc - ok
20:55:33.0114 0x0e90 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:55:33.0129 0x0e90 p2psvc - ok
20:55:33.0160 0x0e90 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:55:33.0176 0x0e90 Parport - ok
20:55:33.0207 0x0e90 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:55:33.0207 0x0e90 partmgr - ok
20:55:33.0238 0x0e90 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:55:33.0238 0x0e90 PcaSvc - ok
20:55:33.0285 0x0e90 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:55:33.0301 0x0e90 pci - ok
20:55:33.0316 0x0e90 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:55:33.0316 0x0e90 pciide - ok
20:55:33.0394 0x0e90 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:55:33.0410 0x0e90 pcmcia - ok
20:55:33.0441 0x0e90 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:55:33.0441 0x0e90 pcw - ok
20:55:33.0472 0x0e90 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:55:33.0488 0x0e90 PEAUTH - ok
20:55:33.0566 0x0e90 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:55:33.0566 0x0e90 PerfHost - ok
20:55:33.0660 0x0e90 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:55:33.0722 0x0e90 pla - ok
20:55:33.0769 0x0e90 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:55:33.0769 0x0e90 PlugPlay - ok
20:55:33.0800 0x0e90 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:55:33.0816 0x0e90 PNRPAutoReg - ok
20:55:33.0831 0x0e90 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:55:33.0847 0x0e90 PNRPsvc - ok
20:55:33.0894 0x0e90 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:55:33.0894 0x0e90 PolicyAgent - ok
20:55:33.0940 0x0e90 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:55:33.0940 0x0e90 Power - ok
20:55:33.0987 0x0e90 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:55:33.0987 0x0e90 PptpMiniport - ok
20:55:34.0018 0x0e90 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:55:34.0018 0x0e90 Processor - ok
20:55:34.0065 0x0e90 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:55:34.0081 0x0e90 ProfSvc - ok
20:55:34.0096 0x0e90 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:55:34.0096 0x0e90 ProtectedStorage - ok
20:55:34.0143 0x0e90 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:55:34.0159 0x0e90 Psched - ok
20:55:34.0221 0x0e90 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:55:34.0268 0x0e90 ql2300 - ok
20:55:34.0299 0x0e90 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:55:34.0299 0x0e90 ql40xx - ok
20:55:34.0346 0x0e90 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:55:34.0346 0x0e90 QWAVE - ok
20:55:34.0377 0x0e90 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:55:34.0377 0x0e90 QWAVEdrv - ok
20:55:34.0393 0x0e90 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:55:34.0393 0x0e90 RasAcd - ok
20:55:34.0440 0x0e90 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:55:34.0440 0x0e90 RasAgileVpn - ok
20:55:34.0486 0x0e90 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:55:34.0486 0x0e90 RasAuto - ok
20:55:34.0533 0x0e90 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:55:34.0533 0x0e90 Rasl2tp - ok
20:55:34.0564 0x0e90 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:55:34.0580 0x0e90 RasMan - ok
20:55:34.0611 0x0e90 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:55:34.0611 0x0e90 RasPppoe - ok
20:55:34.0627 0x0e90 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:55:34.0627 0x0e90 RasSstp - ok
20:55:34.0658 0x0e90 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:55:34.0658 0x0e90 rdbss - ok
20:55:34.0689 0x0e90 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:55:34.0689 0x0e90 rdpbus - ok
20:55:34.0705 0x0e90 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:55:34.0705 0x0e90 RDPCDD - ok
20:55:34.0752 0x0e90 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:55:34.0752 0x0e90 RDPENCDD - ok
20:55:34.0783 0x0e90 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:55:34.0783 0x0e90 RDPREFMP - ok
20:55:34.0830 0x0e90 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:55:34.0845 0x0e90 RDPWD - ok
20:55:34.0892 0x0e90 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:55:34.0908 0x0e90 rdyboost - ok
20:55:34.0923 0x0e90 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:55:34.0939 0x0e90 RemoteAccess - ok
20:55:34.0970 0x0e90 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:55:34.0970 0x0e90 RemoteRegistry - ok
20:55:35.0017 0x0e90 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:55:35.0017 0x0e90 RpcEptMapper - ok
20:55:35.0048 0x0e90 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:55:35.0064 0x0e90 RpcLocator - ok
20:55:35.0110 0x0e90 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:55:35.0110 0x0e90 RpcSs - ok
20:55:35.0157 0x0e90 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:55:35.0157 0x0e90 rspndr - ok
20:55:35.0188 0x0e90 [ 4FBDA07EF0A3097CE14C5CABF723B278 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:55:35.0204 0x0e90 RTL8167 - ok
20:55:35.0251 0x0e90 [ 4EA7E5DF0CB237156176FA0349E6E87F ] RtVOsdService C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
20:55:35.0266 0x0e90 RtVOsdService - ok
20:55:35.0282 0x0e90 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:55:35.0282 0x0e90 SamSs - ok
20:55:35.0313 0x0e90 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:55:35.0329 0x0e90 sbp2port - ok
20:55:35.0360 0x0e90 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:55:35.0391 0x0e90 SCardSvr - ok
20:55:35.0438 0x0e90 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:55:35.0438 0x0e90 scfilter - ok
20:55:35.0500 0x0e90 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:55:35.0532 0x0e90 Schedule - ok
20:55:35.0578 0x0e90 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:55:35.0578 0x0e90 SCPolicySvc - ok
20:55:35.0656 0x0e90 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
20:55:35.0656 0x0e90 sdbus - ok
20:55:35.0688 0x0e90 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:55:35.0688 0x0e90 SDRSVC - ok
20:55:35.0750 0x0e90 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:55:35.0750 0x0e90 secdrv - ok
20:55:35.0781 0x0e90 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:55:35.0781 0x0e90 seclogon - ok
20:55:35.0812 0x0e90 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
20:55:35.0828 0x0e90 SENS - ok
20:55:35.0875 0x0e90 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:55:35.0875 0x0e90 SensrSvc - ok
20:55:35.0906 0x0e90 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:55:35.0906 0x0e90 Serenum - ok
20:55:35.0922 0x0e90 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:55:35.0922 0x0e90 Serial - ok
20:55:35.0968 0x0e90 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:55:35.0968 0x0e90 sermouse - ok
20:55:36.0031 0x0e90 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:55:36.0046 0x0e90 SessionEnv - ok
20:55:36.0078 0x0e90 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:55:36.0078 0x0e90 sffdisk - ok
20:55:36.0109 0x0e90 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:55:36.0109 0x0e90 sffp_mmc - ok
20:55:36.0140 0x0e90 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:55:36.0140 0x0e90 sffp_sd - ok
20:55:36.0156 0x0e90 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:55:36.0156 0x0e90 sfloppy - ok
20:55:36.0202 0x0e90 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:55:36.0218 0x0e90 SharedAccess - ok
20:55:36.0249 0x0e90 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:55:36.0265 0x0e90 ShellHWDetection - ok
20:55:36.0312 0x0e90 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:55:36.0327 0x0e90 SiSRaid2 - ok
20:55:36.0358 0x0e90 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:55:36.0374 0x0e90 SiSRaid4 - ok
20:55:36.0405 0x0e90 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:55:36.0405 0x0e90 Smb - ok
20:55:36.0468 0x0e90 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:55:36.0468 0x0e90 SNMPTRAP - ok
20:55:36.0483 0x0e90 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:55:36.0483 0x0e90 spldr - ok
20:55:36.0546 0x0e90 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:55:36.0561 0x0e90 Spooler - ok
20:55:36.0670 0x0e90 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:55:36.0764 0x0e90 sppsvc - ok
20:55:36.0795 0x0e90 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:55:36.0795 0x0e90 sppuinotify - ok
20:55:36.0842 0x0e90 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:55:36.0842 0x0e90 srv - ok
20:55:36.0873 0x0e90 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:55:36.0889 0x0e90 srv2 - ok
20:55:36.0936 0x0e90 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:55:36.0936 0x0e90 SrvHsfHDA - ok
20:55:36.0982 0x0e90 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:55:37.0029 0x0e90 SrvHsfV92 - ok
20:55:37.0060 0x0e90 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:55:37.0092 0x0e90 SrvHsfWinac - ok
20:55:37.0123 0x0e90 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:55:37.0123 0x0e90 srvnet - ok
20:55:37.0170 0x0e90 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:55:37.0170 0x0e90 SSDPSRV - ok
20:55:37.0201 0x0e90 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:55:37.0201 0x0e90 SstpSvc - ok
20:55:37.0248 0x0e90 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:55:37.0248 0x0e90 stexstor - ok
20:55:37.0310 0x0e90 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:55:37.0310 0x0e90 stisvc - ok
20:55:37.0357 0x0e90 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:55:37.0357 0x0e90 swenum - ok
20:55:37.0388 0x0e90 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:55:37.0404 0x0e90 swprv - ok
20:55:37.0482 0x0e90 [ 961CFAC2A5318E212F459D651F28E0A4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:55:37.0513 0x0e90 SynTP - ok
20:55:37.0591 0x0e90 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:55:37.0638 0x0e90 SysMain - ok
20:55:37.0684 0x0e90 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:55:37.0684 0x0e90 TabletInputService - ok
20:55:37.0716 0x0e90 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:55:37.0716 0x0e90 TapiSrv - ok
20:55:37.0747 0x0e90 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:55:37.0747 0x0e90 TBS - ok
20:55:37.0825 0x0e90 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:55:37.0872 0x0e90 Tcpip - ok
20:55:37.0950 0x0e90 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:55:37.0965 0x0e90 TCPIP6 - ok
20:55:38.0028 0x0e90 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:55:38.0028 0x0e90 tcpipreg - ok
20:55:38.0074 0x0e90 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:55:38.0074 0x0e90 TDPIPE - ok
20:55:38.0106 0x0e90 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:55:38.0106 0x0e90 TDTCP - ok
20:55:38.0152 0x0e90 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:55:38.0152 0x0e90 tdx - ok
20:55:38.0184 0x0e90 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:55:38.0184 0x0e90 TermDD - ok
20:55:38.0246 0x0e90 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:55:38.0262 0x0e90 TermService - ok
20:55:38.0293 0x0e90 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:55:38.0293 0x0e90 Themes - ok
20:55:38.0324 0x0e90 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:55:38.0324 0x0e90 THREADORDER - ok
20:55:38.0371 0x0e90 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:55:38.0386 0x0e90 TrkWks - ok
20:55:38.0449 0x0e90 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:55:38.0449 0x0e90 TrustedInstaller - ok
20:55:38.0496 0x0e90 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:55:38.0496 0x0e90 tssecsrv - ok
20:55:38.0558 0x0e90 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:55:38.0558 0x0e90 TsUsbFlt - ok
20:55:38.0605 0x0e90 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:55:38.0605 0x0e90 tunnel - ok
20:55:38.0636 0x0e90 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:55:38.0636 0x0e90 uagp35 - ok
20:55:38.0683 0x0e90 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:55:38.0683 0x0e90 udfs - ok
20:55:38.0730 0x0e90 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:55:38.0745 0x0e90 UI0Detect - ok
20:55:38.0776 0x0e90 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:55:38.0792 0x0e90 uliagpkx - ok
20:55:38.0839 0x0e90 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:55:38.0839 0x0e90 umbus - ok
20:55:38.0870 0x0e90 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:55:38.0870 0x0e90 UmPass - ok
20:55:38.0901 0x0e90 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:55:38.0917 0x0e90 upnphost - ok
20:55:38.0932 0x0e90 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:55:38.0948 0x0e90 usbccgp - ok
20:55:38.0979 0x0e90 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:55:38.0979 0x0e90 usbcir - ok
20:55:39.0010 0x0e90 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:55:39.0010 0x0e90 usbehci - ok
20:55:39.0057 0x0e90 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:55:39.0073 0x0e90 usbhub - ok
20:55:39.0088 0x0e90 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:55:39.0088 0x0e90 usbohci - ok
20:55:39.0135 0x0e90 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:55:39.0135 0x0e90 usbprint - ok
20:55:39.0182 0x0e90 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:55:39.0182 0x0e90 usbscan - ok
20:55:39.0198 0x0e90 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:55:39.0213 0x0e90 USBSTOR - ok
20:55:39.0244 0x0e90 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:55:39.0244 0x0e90 usbuhci - ok
20:55:39.0276 0x0e90 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:55:39.0276 0x0e90 UxSms - ok
20:55:39.0291 0x0e90 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:55:39.0291 0x0e90 VaultSvc - ok
20:55:39.0354 0x0e90 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:55:39.0369 0x0e90 vdrvroot - ok
20:55:39.0432 0x0e90 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:55:39.0463 0x0e90 vds - ok
20:55:39.0494 0x0e90 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:55:39.0494 0x0e90 vga - ok
20:55:39.0510 0x0e90 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:55:39.0525 0x0e90 VgaSave - ok
20:55:39.0619 0x0e90 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:55:39.0619 0x0e90 vhdmp - ok
20:55:39.0650 0x0e90 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:55:39.0650 0x0e90 viaide - ok
20:55:39.0666 0x0e90 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:55:39.0681 0x0e90 volmgr - ok
20:55:39.0822 0x0e90 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:55:39.0822 0x0e90 volmgrx - ok
20:55:39.0868 0x0e90 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:55:39.0884 0x0e90 volsnap - ok
20:55:39.0931 0x0e90 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:55:39.0946 0x0e90 vsmraid - ok
20:55:40.0009 0x0e90 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:55:40.0056 0x0e90 VSS - ok
20:55:40.0087 0x0e90 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:55:40.0087 0x0e90 vwifibus - ok
20:55:40.0134 0x0e90 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:55:40.0134 0x0e90 vwififlt - ok
20:55:40.0180 0x0e90 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:55:40.0180 0x0e90 vwifimp - ok
20:55:40.0212 0x0e90 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:55:40.0227 0x0e90 W32Time - ok
20:55:40.0274 0x0e90 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:55:40.0274 0x0e90 WacomPen - ok
20:55:40.0336 0x0e90 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:55:40.0336 0x0e90 WANARP - ok
20:55:40.0352 0x0e90 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:55:40.0352 0x0e90 Wanarpv6 - ok
20:55:40.0461 0x0e90 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:55:40.0492 0x0e90 WatAdminSvc - ok
20:55:40.0570 0x0e90 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:55:40.0602 0x0e90 wbengine - ok
20:55:40.0633 0x0e90 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:55:40.0648 0x0e90 WbioSrvc - ok
20:55:40.0695 0x0e90 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:55:40.0695 0x0e90 wcncsvc - ok
20:55:40.0726 0x0e90 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:55:40.0726 0x0e90 WcsPlugInService - ok
20:55:40.0758 0x0e90 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:55:40.0773 0x0e90 Wd - ok
20:55:40.0820 0x0e90 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:55:40.0836 0x0e90 Wdf01000 - ok
20:55:40.0867 0x0e90 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:55:40.0882 0x0e90 WdiServiceHost - ok
20:55:40.0882 0x0e90 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:55:40.0898 0x0e90 WdiSystemHost - ok
20:55:40.0945 0x0e90 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:55:40.0945 0x0e90 WebClient - ok
20:55:40.0976 0x0e90 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:55:40.0992 0x0e90 Wecsvc - ok
20:55:41.0007 0x0e90 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:55:41.0023 0x0e90 wercplsupport - ok
20:55:41.0070 0x0e90 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:55:41.0070 0x0e90 WerSvc - ok
20:55:41.0116 0x0e90 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:55:41.0116 0x0e90 WfpLwf - ok
20:55:41.0132 0x0e90 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:55:41.0132 0x0e90 WIMMount - ok
20:55:41.0163 0x0e90 WinDefend - ok
20:55:41.0210 0x0e90 WinHttpAutoProxySvc - ok
20:55:41.0257 0x0e90 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:55:41.0272 0x0e90 Winmgmt - ok
20:55:41.0350 0x0e90 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:55:41.0397 0x0e90 WinRM - ok
20:55:41.0475 0x0e90 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:55:41.0491 0x0e90 WinUsb - ok
20:55:41.0538 0x0e90 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:55:41.0553 0x0e90 Wlansvc - ok
20:55:41.0694 0x0e90 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:55:41.0772 0x0e90 wlidsvc - ok
20:55:41.0834 0x0e90 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:55:41.0834 0x0e90 WmiAcpi - ok
20:55:41.0865 0x0e90 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:55:41.0865 0x0e90 wmiApSrv - ok
20:55:41.0896 0x0e90 WMPNetworkSvc - ok
20:55:41.0943 0x0e90 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:55:41.0943 0x0e90 WPCSvc - ok
20:55:41.0974 0x0e90 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:55:41.0974 0x0e90 WPDBusEnum - ok
20:55:42.0006 0x0e90 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:55:42.0021 0x0e90 ws2ifsl - ok
20:55:42.0052 0x0e90 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
20:55:42.0052 0x0e90 wscsvc - ok
20:55:42.0068 0x0e90 WSearch - ok
20:55:42.0162 0x0e90 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:55:42.0255 0x0e90 wuauserv - ok
20:55:42.0286 0x0e90 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:55:42.0286 0x0e90 WudfPf - ok
20:55:42.0349 0x0e90 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:55:42.0349 0x0e90 WUDFRd - ok
20:55:42.0380 0x0e90 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:55:42.0396 0x0e90 wudfsvc - ok
20:55:42.0442 0x0e90 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:55:42.0458 0x0e90 WwanSvc - ok
20:55:42.0520 0x0e90 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
20:55:42.0536 0x0e90 yukonw7 - ok
20:55:42.0552 0x0e90 ================ Scan global ===============================
20:55:42.0614 0x0e90 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:55:42.0645 0x0e90 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
20:55:42.0661 0x0e90 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
20:55:42.0692 0x0e90 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:55:42.0723 0x0e90 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:55:42.0739 0x0e90 [Global] - ok
20:55:42.0739 0x0e90 ================ Scan MBR ==================================
20:55:42.0754 0x0e90 [ 1649863E3F30904E920EAEEF15C22434 ] \Device\Harddisk0\DR0
20:55:42.0973 0x0e90 \Device\Harddisk0\DR0 - ok
20:55:42.0973 0x0e90 ================ Scan VBR ==================================
20:55:42.0973 0x0e90 [ D6135BBFC35559C290B4E2CCF3562C64 ] \Device\Harddisk0\DR0\Partition1
20:55:42.0973 0x0e90 \Device\Harddisk0\DR0\Partition1 - ok
20:55:43.0035 0x0e90 [ 49BE568513F0ADCED04F03EECAEE42F7 ] \Device\Harddisk0\DR0\Partition2
20:55:43.0035 0x0e90 \Device\Harddisk0\DR0\Partition2 - ok
20:55:43.0066 0x0e90 [ 6BC0F326D90A056BBC5F4CCAB3A502F9 ] \Device\Harddisk0\DR0\Partition3
20:55:43.0082 0x0e90 \Device\Harddisk0\DR0\Partition3 - ok
20:55:43.0144 0x0e90 [ 1D0F804706748738086C14F90D290B65 ] \Device\Harddisk0\DR0\Partition4
20:55:43.0144 0x0e90 \Device\Harddisk0\DR0\Partition4 - ok
20:55:43.0144 0x0e90 ============================================================
20:55:43.0144 0x0e90 Scan finished
20:55:43.0144 0x0e90 ============================================================
20:55:43.0160 0x091c Detected object count: 0
20:55:43.0160 0x091c Actual detected object count: 0
20:55:52.0333 0x03c0 Deinitialize success

#5 Splattman

Splattman
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:33 PM

Posted 25 September 2013 - 08:08 PM

# AdwCleaner v3.005 - Report created 25/09/2013 at 20:57:54
# Updated 22/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Valeria - VALERIA-HP
# Running from : C:\Users\Valeria\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\Users\Public\Desktop\eBay.lnk
Folder Found C:\AVG Secure Search
Folder Found C:\Program Files (x86)\Free Offers from Freeze.com
Folder Found C:\ProgramData\WeCareReminder
Folder Found C:\Users\Valeria\AppData\Local\PackageAware
Folder Found C:\Users\Valeria\AppData\LocalLow\Conduit
Folder Found C:\Users\Valeria\AppData\LocalLow\CouponAlert_2p
Folder Found C:\Users\Valeria\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\24x7help
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\CouponAlert_2p
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\iWon
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{09971CEE-01B8-42BC-9D91-456B1FAAD6BE}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3A421C8F-E238-4AEB-8874-B8B5F2CC4772}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3462C343-BE19-4143-AF70-CEFB56F46FC6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3A421C8F-E238-4AEB-8874-B8B5F2CC4772}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\wecarereminder
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\24x7help
Key Found : [x64] HKCU\Software\IGearSettings
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{09971CEE-01B8-42BC-9D91-456B1FAAD6BE}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKCU\Software\wecarereminder
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\24x7help
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0BDF6C42-132C-45F5-92DE-DC13F40C6DAB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{16FE2505-F2A0-4782-B035-AF0E5188C02C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1948934A-1C68-4B2B-9A1F-D12E2A062A1A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1F0A2185-DA7E-4614-91C0-DD5F4A76CB1B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{23B0AE65-17D2-4491-98E5-B1AA6228DDA2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{23B38049-323F-443D-9732-F454E5B15B72}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2D205ADF-C992-4EDA-99C3-096E13F38AB4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3462C343-BE19-4143-AF70-CEFB56F46FC6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3A421C8F-E238-4AEB-8874-B8B5F2CC4772}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{411B1946-3277-4A7F-9F60-745266360613}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{457A4CB8-0391-409D-98B4-C4CCB2849670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4D8EACBC-E293-4462-B91E-42EA5B54B743}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7717F4B3-397F-4CE5-9192-6EFFDE3AC999}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{84576F6E-0660-4B4F-8918-BC6C975044D4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{86D02BCF-0E0E-444F-8A8D-2D5C4A9E6578}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8867AC9B-4426-44A2-A693-C95850D3405C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B3F577-D54A-4831-B2B4-8AACEEDA85CF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C2DF3856-676C-41DC-A73B-FACBDF8E81E9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CF9D6D4E-5496-438E-BA24-5A580A59F5A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DEF07ACD-BCEA-4269-933A-4087D20842BB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBBC4E43-292A-40DF-88E3-3262B7521460}
Key Found : HKLM\SOFTWARE\Classes\Interface\{004EB151-885B-4A9E-A22D-CA98DD998D75}
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{041278C7-DF92-486D-AE85-921BDFC75A43}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0F1794F2-900B-4C81-8146-9234E5CC5BE2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1116A14B-F6A3-4FD9-A00E-FF8CF270EE48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{21D9997E-5D2A-4737-BCBA-C958C0590295}
Key Found : HKLM\SOFTWARE\Classes\Interface\{36A7148B-639E-423C-90BB-30B6E1A40BD7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{56965DCF-718F-4148-BECF-5A2B466F4556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{58E64AEE-516A-4DFC-AC38-31C50E8AF0F1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5F701D7D-C869-41F0-B0E2-8136F02B539C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{61DAB0AD-AD23-4E40-84AC-7C6CE64D4EB3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{65D8E17B-312E-4E12-913B-A841A8631143}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6BDA50D2-5597-4C68-A842-9B857FCCDA49}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6CA3D0AB-F807-462C-BA7F-E27F07F91E32}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6F99D2AE-5C90-43C2-A2FE-81DBE512E2FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{860AF5D1-0735-409D-8E5F-E3E99356D7E9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8997561D-CF0B-42C7-AAE6-78801B3ADC7F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{92580E8C-88F5-4551-9D9E-8147E7EE2C32}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A0636D37-97D0-4DC4-95A6-93AABA07437F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A786F51D-B3C7-4F52-91EF-E1A892C2A2AE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D244EAC5-A0F5-4859-A1F8-18ABC0AC3A00}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8AF87C1-0B1E-494B-AAF0-CECC3FFEDF99}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC4DAE-7794-4E16-9A98-F6001303DCD0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAB77009-B974-48DF-8229-E70CFAA11C69}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EBAA6283-B61F-4DDD-9659-56635433A307}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFB0C189-5077-4340-9838-AF7B8E792A54}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFB4F034-3EB5-48D5-84DD-89BBCF9A182F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F9D45087-1CF1-452E-9649-FDFDAC578E03}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FF2EBC1C-6579-41DB-91DD-945A1C8DB2D2}
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2559647
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C7E7FB02-C4FD-446E-8F5B-463A049935BF}
Key Found : HKLM\Software\CouponAlert_2p
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09971CEE-01B8-42BC-9D91-456B1FAAD6BE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SavingsApp_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SavingsApp_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A421C8F-E238-4AEB-8874-B8B5F2CC4772}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0BDF6C42-132C-45F5-92DE-DC13F40C6DAB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{23B38049-323F-443D-9732-F454E5B15B72}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8867AC9B-4426-44A2-A693-C95850D3405C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{95B3F577-D54A-4831-B2B4-8AACEEDA85CF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C2DF3856-676C-41DC-A73B-FACBDF8E81E9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CF9D6D4E-5496-438E-BA24-5A580A59F5A3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Found : HKLM\SOFTWARE\MozillaPlugins\@CouponAlert_2p.com/Plugin
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{865D7100-82C7-42F4-9C06-860DEC0871B2}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3462C343-BE19-4143-AF70-CEFB56F46FC6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [2pffxtbr@CouponAlert_2p.com]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Google Chrome v

[ File : C:\Users\Valeria\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : icon_url
Found : search_url
Found : keyword

*************************

AdwCleaner[R0].txt - [14047 octets] - [25/09/2013 20:57:54]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [14108 octets] ##########

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:33 PM

Posted 25 September 2013 - 08:23 PM

Hello, I know you are doing ESET now and that needs time. When it is done go in Control Panel and uninstall thes. Outdaed and exploitable by malware.
I may have missed it but I did not see what Antivirus you have installed.

Adobe Reader 9.4.5 MUI (Version: 9.4.5)
Java™ 6 Update 21 (64-bit) (Version: 6.0.210)
Java™ 6 Update 26 (Version: 6.0.260)

 
Now remove what ADwcleaner found.
 
Double click on AdwCleaner.exe to run the tool again.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished... <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Important, Reboot the machine now.

Edited by boopme, 25 September 2013 - 08:23 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Splattman

Splattman
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:33 PM

Posted 26 September 2013 - 05:26 PM

I have been running the online scanner since last night and it is only at 49%. I will post the results as soon as it is complete. It already says 17 infected files. Thank you for all your help so far. Hopefully this laptop will run like new once these processes are completed.

#8 Splattman

Splattman
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:33 PM

Posted 26 September 2013 - 06:40 PM

C:\Qoobox\Quarantine\C\Program Files (x86)\24x7Help\24x7desk.64.dll.vir Win64/24x7Help.A application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\24x7Help\24x7desk.dll.vir Win32/24x7Help.A application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\24x7Help\App24x7Help.exe.vir a variant of Win32/24x7Help.B application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\24x7Help\App24x7Hook.dll.vir Win32/24x7Help.A application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\24x7Help\App24x7Hook.exe.vir Win32/24x7Help.A application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\24x7Help\App24x7Hook64.dll.vir Win64/24x7Help.A application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\24x7Help\App24x7Hook64.exe.vir Win64/24x7Help.A application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\24x7Help\App24x7Svc.exe.vir Win32/24x7Help.A application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pimpipe.exe.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\24x7Help\App24x7Help.exe a variant of Win32/24x7Help.B application cleaned by deleting - quarantined
C:\Users\Valeria\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002b a variant of Win32/Bundled.Toolbar.Ask.D application cleaned by deleting - quarantined
C:\Users\Valeria\AppData\Local\RivalGaming\RivalGaming.dll probably a variant of Win32/Adware.Gamevance.DB application cleaned by deleting - quarantined
C:\Users\Valeria\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@rivalgaming.com\components\xpcomponent.dll a variant of Win32/Adware.Gamevance.CZ application cleaned by deleting - quarantined
C:\Users\Valeria\Downloads\ManyCamSetup (1).exe a variant of Win32/Bundled.Toolbar.Ask.D application cleaned by deleting - quarantined
C:\Users\Valeria\Downloads\ManyCamSetup.exe a variant of Win32/Bundled.Toolbar.Ask.D application cleaned by deleting - quarantined
C:\Users\Valeria\Downloads\Setup.exe a variant of Win32/Adware.iBryte.D application cleaned by deleting - quarantined
C:\Users\Valeria\Pictures\Jonis Pictures\zaSetup_101_101_000_en.exe multiple threats deleted - quarantined

#9 Splattman

Splattman
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:33 PM

Posted 26 September 2013 - 06:59 PM

# AdwCleaner v3.005 - Report created 26/09/2013 at 19:54:41
# Updated 22/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Valeria - VALERIA-HP
# Running from : C:\Users\Valeria\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686

-\\ Google Chrome v

[ File : C:\Users\Valeria\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [14257 octets] - [25/09/2013 20:57:54]
AdwCleaner[R1].txt - [878 octets] - [26/09/2013 19:52:12]
AdwCleaner[S0].txt - [13578 octets] - [25/09/2013 21:00:31]
AdwCleaner[S1].txt - [800 octets] - [26/09/2013 19:54:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [859 octets] ##########



#10 Splattman

Splattman
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:33 PM

Posted 26 September 2013 - 07:04 PM

Those 3 programs are uninstalled now.



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:33 PM

Posted 26 September 2013 - 08:10 PM

I'm sorry , whch 3?

When did you run ComboFix?

How is it now?

 

Install

Adobe Reader XI

 

Java Version 7 Update 40

 

 

Note: UN check the box by YES  to avoid installing Chrome.

Google_banner_225x66.png

Yes, install Chrome as my default browser and Google Toolbar for Internet Explorer – optional. (32.11 MB) Install Options


Edited by boopme, 26 September 2013 - 08:16 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 Splattman

Splattman
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:33 PM

Posted 26 September 2013 - 08:17 PM

Adobe Reader 9.4.5 MUI (Version: 9.4.5)
Java™ 6 Update 21 (64-bit) (Version: 6.0.210)
Java™ 6 Update 26 (Version: 6.0.260)

 

I ran ComboFix the other night hopeing it would be a quick fix, but nothing significant happened. I am sorry I failed to mention it in my earlier post. Did I possibly make it more difficult to fix? So far the laptop is running a whole lot better. I have to update her Windows and install a better AV. Other than that, it seems like a different laptop.



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:33 PM

Posted 26 September 2013 - 08:30 PM

Ok be careful comboFix  is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Its not a general malware remover.
 
Otherwise you are good to go after you do the installs.
 
 
EDIT you can try a free AV here
http://www.bleepingcomputer.com/forums/t/366982/freeware-replacements-for-common-commercial-apps/

Edited by boopme, 26 September 2013 - 08:39 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 Splattman

Splattman
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:33 PM

Posted 29 September 2013 - 01:57 PM

Thank you so much



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:33 PM

Posted 01 October 2013 - 01:33 PM

Our pleasure!!


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users