Jump to content

boofasten

Members
  • Posts

    12
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Game over, the hard drive is now failing the SMART check in the BIOS. ordering a new HDD and installing MB first thing I do Thanks for your attempts to help Maurice, keep fighting the good fight
  2. Especially something that I can do off of a flash drive or something, so I don't have to load up WIndows and deal with everything being so painfully slow.
  3. Hello. I let the quick scan run all the way. It took 22 hours and didn't find anything. I was letting the longer scan run over the weekend but it froze completely sometime on Saturday night/early Sunday morning. As such, I am unable to run MBAM still and my computer is definitely still infected. The biggest problem right now is that it is unbearably slow to do anything. Even those quick scans took 10-20 times as long as it should have. Opening My Computer takes minutes if not longer. I am also operating under the assumption that what I got was a very new strain of virus that does not show up in most virus definitions yet. Do you know of a program that has been updated very recently that might be able to run? Thank you for your help Maurice
  4. DrWeb Cure-It has been running for over 12 hours now (just on the express scan). It looks like its about 75% done, but it hasn't found anything. It is still chugging along very slowly. Should I let it keep running? Or try something else? Thanks.
  5. I have to head to class now, but Stinger has been running for over an hour and seems to be stuck on CALC.EXE. It scanned the boot record and found no possible infections in the boot record or boot sectors. I will leave it running while I'm gone but it doesn't seem like it is going to make any more progress. It was running very slowly and pausing for a while on other .exe files, but now it has been on CALC.EXE for well over 40 minutes. When I get back I will run the other program. Thanks again for your help.
  6. I have removed it, but I haven't used in it months. I must have gotten the virus in just the last day or two.
  7. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 9/23/2011 7:25:30 PM System Uptime: 9/13/2012 9:59:49 AM (1 hours ago) . Motherboard: Hewlett-Packard | | 358B Processor: AMD A6-3400M APU with Radeon HD Graphics | Socket FS1 | 1400/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 581 GiB total, 256.579 GiB free. D: is FIXED (NTFS) - 15 GiB total, 1.627 GiB free. E: is CDROM () F: is FIXED (FAT32) - 0 GiB total, 0.089 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP60: 7/14/2012 11:16:57 PM - Scheduled Checkpoint RP61: 7/15/2012 1:20:31 AM - HPSF Restore Point RP62: 7/15/2012 3:00:14 AM - Windows Update RP63: 7/15/2012 6:53:31 PM - Installed Foxit Reader RP64: 7/24/2012 2:54:07 AM - Scheduled Checkpoint RP66: 8/21/2012 12:56:49 PM - Windows Modules Installer RP67: 9/5/2012 9:48:26 PM - Scheduled Checkpoint RP68: 9/13/2012 12:04:49 AM - Removed Java 6 Update 24 (64-bit) RP69: 9/13/2012 12:21:27 AM - Windows Update RP71: 9/13/2012 1:17:34 AM - Windows Update RP72: 9/13/2012 2:10:52 AM - Windows Update RP73: 9/13/2012 2:21:39 AM - Windows Update RP74: 9/13/2012 2:31:19 AM - Windows Update RP75: 9/13/2012 2:44:25 AM - Windows Update RP76: 9/13/2012 2:56:03 AM - Windows Update . ==== Installed Programs ====================== . µTorrent Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) MUI Adobe Shockwave Player 11.6 Agatha Christie - Peril at End House Amazon Kindle AMD System Monitor AMD VISION Engine Control Center Apple Application Support Apple Software Update Bejeweled 2 Deluxe Bejeweled 3 Blackhawk Striker 2 Blasterball 3 Bounce Symphony Build-a-lot 2 Cake Mania Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Chuzzle Deluxe Cool Edit Pro 2.1 CyberLink PowerDVD 10 CyberLink YouCam D3DX10 Diablo III Diner Dash 2 Restaurant Rescue Dora's World Adventure Dropbox Energy Star Digital Logo ERUNT 1.1j ESU for Microsoft Windows 7 Evernote v. 4.5.1 Farm Frenzy FATE - The Traitor Soul Foxit Reader FreeRIP v3.6 Google Chrome Google Talk (remove only) Google Talk Plugin Hewlett-Packard ACLM.NET v1.1.1.0 HP Connection Manager HP Customer Experience Enhancements HP Documentation HP DVB-T TV Tuner 8.0.64.43 HP Games HP MovieStore HP On Screen Display HP Power Manager HP Quick Launch HP Setup HP Setup Manager HP Software Framework HP Support Assistant Hulu Desktop IDT Audio ImgBurn Java Auto Updater Java 6 Update 33 Junk Mail filter update Last.fm 1.5.4.27091 Magic Desktop Mah Jong Medley Mesh Runtime Microsoft Office 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft WSE 3.0 Runtime Mozilla Firefox 13.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery P.I. - Stolen in San Francisco Namco All-Stars PAC-MAN Notepad++ Penguins! Picasa 3 Plants vs. Zombies - Game of the Year PlayReady PC Runtime x86 Poker Superstars III Polar Bowler Polar Golfer QuickTime Realtek Ethernet Controller Driver Realtek PCIE Card Reader Recovery Manager RoxioNow Player SecureW2 Enterprise Client 3.5.5 Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Skype™ 5.5 Slingo Supreme Spotify Steam System Requirements Lab CYRI Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update Installer for WildTangent Games App Virtual Villagers 4 - The Tree of Life VLC media player 2.0.1 Wheel of Fortune 2 WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 9/9/2012 9:37:57 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service. 9/13/2012 9:01:08 AM, Error: Microsoft-Windows-CorruptedFileRecovery-Server [10] - The system file C:\Windows\System32\NlsData000c.dll may be corrupted, but Windows could not determine if the file was actually damaged (error code 2147956481). No repair action was taken. Run the command "sfc /scannow" at an administrative command prompt to check for errors and to repair the file if necessary. 9/13/2012 9:01:07 AM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 5 time(s). 9/13/2012 8:54:10 AM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 4 time(s). 9/13/2012 8:28:16 AM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 3 time(s). 9/13/2012 8:24:03 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 9/13/2012 8:19:52 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 9/13/2012 7:54:42 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Peer Networking Identity Manager service to connect. 9/13/2012 7:54:42 AM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Networking Identity Manager service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. 9/13/2012 7:54:42 AM, Error: Service Control Manager [7001] - The Peer Name Resolution Protocol service depends on the Peer Networking Identity Manager service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. 9/13/2012 7:54:42 AM, Error: Service Control Manager [7000] - The Peer Networking Identity Manager service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 9/13/2012 7:43:25 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 9/13/2012 7:43:25 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 9/13/2012 5:51:18 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 9/13/2012 4:40:11 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 9/13/2012 3:47:26 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Adobe Flash Player Update Service service to connect. 9/13/2012 3:47:26 AM, Error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 9/13/2012 3:33:28 AM, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: A device attached to the system is not functioning. 9/13/2012 12:23:53 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wbengine service. 9/13/2012 12:13:48 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 9/13/2012 12:12:13 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 9/13/2012 12:12:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 9/13/2012 12:12:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 9/13/2012 12:11:56 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf 9/13/2012 12:11:53 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 9/13/2012 12:11:53 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 9/13/2012 12:11:53 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 9/13/2012 12:11:53 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 9/13/2012 12:11:53 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 9/13/2012 12:11:53 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 9/13/2012 12:11:51 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 9/13/2012 12:11:51 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 9/13/2012 12:11:51 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 9/13/2012 12:11:51 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 9/13/2012 10:00:08 AM, Error: Service Control Manager [7023] - The Microsoft Antimalware Service service terminated with the following error: %%-2147024894 9/13/2012 1:49:48 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 9/13/2012 1:49:33 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 9/13/2012 1:49:30 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21 9/13/2012 1:49:25 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 9/13/2012 1:49:25 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 9/13/2012 1:49:23 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 9/13/2012 1:49:17 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 9/13/2012 1:49:12 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter spldr Wanarpv6 9/13/2012 1:28:47 AM, Error: Service Control Manager [7022] - The Windows Defender service hung on starting. 9/13/2012 1:12:32 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. 9/13/2012 1:11:57 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Defender service to connect. 9/13/2012 1:11:57 AM, Error: Service Control Manager [7000] - The Windows Defender service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 9/13/2012 1:11:27 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect. 9/13/2012 1:11:27 AM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 9/13/2012 1:10:57 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect. 9/13/2012 1:10:57 AM, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 9/13/2012 1:10:27 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect. 9/13/2012 1:09:57 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect. 9/13/2012 1:04:24 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Support Assistant Service service. 9/11/2012 9:02:10 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IconMan_R service. 9/11/2012 12:56:41 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service. . ==== End Of File ===========================
  8. The MS Safety scanner hung after 1:46 on cewmdm.dll It did not continue after that. . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_33 Run by Jeff at 10:00:57 on 2012-09-13 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5611.4242 [GMT -4:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Hpservice.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k WbioSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\IDT\WDM\AESTSr64.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\userinit.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe C:\Program Files (x86)\SecureW2\sw2_tray.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File uRun: [spotify Web Helper] "C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe mRun: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun: [secureW2 Tray] C:\Program Files (x86)\SecureW2\sw2_tray.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" StartupFolder: C:\Users\Jeff\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{7183E284-631F-4100-A19E-C1A37DA6ED85} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{7183E284-631F-4100-A19E-C1A37DA6ED85}\2456277656E6 : DhcpNameServer = 172.19.2.10 TCP: Interfaces\{7183E284-631F-4100-A19E-C1A37DA6ED85}\255575962756C6563737F5355636572756 : DhcpNameServer = 165.230.79.226 165.230.81.226 TCP: Interfaces\{7183E284-631F-4100-A19E-C1A37DA6ED85}\E4A49445 : DhcpNameServer = 128.235.251.109 128.235.252.140 TCP: Interfaces\{7183E284-631F-4100-A19E-C1A37DA6ED85}\E6A69647 : DhcpNameServer = 128.235.251.109 128.235.252.140 TCP: Interfaces\{7183E284-631F-4100-A19E-C1A37DA6ED85}\F43657C657371303 : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File mRun-x64: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" mRun-x64: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe mRun-x64: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart mRun-x64: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun-x64: [secureW2 Tray] C:\Program Files (x86)\SecureW2\sw2_tray.exe mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm SEH-X64: EasyBits ShellExecute Hook: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\mfiwjxxl.default\ . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?] R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960] R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-10-4 89600] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-4-5 361984] R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888] R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe [2011-5-8 514232] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-7-5 227384] R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-9-17 2375168] R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344] R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\amdhub30.sys --> C:\Windows\system32\DRIVERS\amdhub30.sys [?] R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\amdxhc.sys --> C:\Windows\system32\DRIVERS\amdxhc.sys [?] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?] R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?] S2 CLKMSVC10_38F51D56;CyberLink Product - 2011/09/17 02:06:19;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-1-25 241648] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-11 250056] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 mbamchameleon;mbamchameleon;\??\C:\Windows\system32\drivers\mbamchameleon.sys --> C:\Windows\system32\drivers\mbamchameleon.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-24 113120] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?] S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] .
  9. Thank you for your help, just trying to get a head start on a solution. Rkill 2.3.14 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2012 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 09/13/2012 09:54:48 AM in x64 mode. Windows Version: Windows 7 Home Premium Service Pack 1 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * No issues found. Checking Windows Service Integrity: * Security Center (wscsvc) is not Running. Startup Type set to: Automatic (Delayed Start) * Windows Update (wuauserv) is not Running. Startup Type set to: Automatic (Delayed Start) Searching for Missing Digital Signatures: * No issues found. Program finished at: 09/13/2012 09:54:58 AM Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)
  10. 02:55:06.0329 4600 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48 02:55:07.0530 4600 ============================================================ 02:55:07.0530 4600 Current date / time: 2012/09/13 02:55:07.0530 02:55:07.0530 4600 SystemInfo: 02:55:07.0530 4600 02:55:07.0530 4600 OS Version: 6.1.7601 ServicePack: 1.0 02:55:07.0530 4600 Product type: Workstation 02:55:07.0546 4600 ComputerName: JEFF-LAPTOP 02:55:07.0546 4600 UserName: Jeff 02:55:07.0546 4600 Windows directory: C:\Windows 02:55:07.0546 4600 System windows directory: C:\Windows 02:55:07.0546 4600 Running under WOW64 02:55:07.0546 4600 Processor architecture: Intel x64 02:55:07.0546 4600 Number of processors: 4 02:55:07.0546 4600 Page size: 0x1000 02:55:07.0546 4600 Boot type: Normal boot 02:55:07.0546 4600 ============================================================ 02:55:10.0089 4600 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 02:55:10.0167 4600 ============================================================ 02:55:10.0167 4600 \Device\Harddisk0\DR0: 02:55:10.0167 4600 MBR partitions: 02:55:10.0167 4600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 02:55:10.0167 4600 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48A70800 02:55:10.0167 4600 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x48AD4800, BlocksNum 0x1D4F800 02:55:10.0167 4600 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0 02:55:10.0167 4600 ============================================================ 02:55:10.0198 4600 C: <-> \Device\Harddisk0\DR0\Partition2 02:55:10.0229 4600 D: <-> \Device\Harddisk0\DR0\Partition3 02:55:10.0245 4600 F: <-> \Device\Harddisk0\DR0\Partition4 02:55:10.0245 4600 ============================================================ 02:55:10.0245 4600 Initialize success 02:55:10.0245 4600 ============================================================ 02:55:11.0555 2712 ============================================================ 02:55:11.0555 2712 Scan started 02:55:11.0555 2712 Mode: Manual; 02:55:11.0555 2712 ============================================================ 02:55:13.0692 2712 ================ Scan system memory ======================== 02:55:13.0692 2712 System memory - ok 02:55:13.0692 2712 ================ Scan services ============================= 02:55:13.0973 2712 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 02:55:13.0973 2712 1394ohci - ok 02:55:14.0020 2712 51461388 - ok 02:55:14.0082 2712 [ 7A330A42870EB1FA81F88BE514D2D566 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys 02:55:14.0082 2712 Accelerometer - ok 02:55:14.0145 2712 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 02:55:14.0145 2712 ACPI - ok 02:55:14.0207 2712 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 02:55:14.0207 2712 AcpiPmi - ok 02:55:14.0348 2712 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 02:55:14.0348 2712 AdobeARMservice - ok 02:55:14.0566 2712 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 02:55:14.0582 2712 AdobeFlashPlayerUpdateSvc - ok 02:55:14.0644 2712 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 02:55:14.0660 2712 adp94xx - ok 02:55:14.0722 2712 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 02:55:14.0738 2712 adpahci - ok 02:55:14.0769 2712 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 02:55:14.0769 2712 adpu320 - ok 02:55:14.0816 2712 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 02:55:14.0831 2712 AeLookupSvc - ok 02:55:14.0940 2712 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe 02:55:14.0940 2712 AESTFilters - ok 02:55:15.0003 2712 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 02:55:15.0018 2712 AFD - ok 02:55:15.0081 2712 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 02:55:15.0081 2712 agp440 - ok 02:55:15.0112 2712 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 02:55:15.0112 2712 ALG - ok 02:55:15.0174 2712 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 02:55:15.0174 2712 aliide - ok 02:55:15.0237 2712 [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 02:55:15.0252 2712 AMD External Events Utility - ok 02:55:15.0299 2712 AMD FUEL Service - ok 02:55:15.0346 2712 [ 30BFEEE0DFFD5BD79D29157CF080DEED ] amdhub30 C:\Windows\system32\DRIVERS\amdhub30.sys 02:55:15.0346 2712 amdhub30 - ok 02:55:15.0408 2712 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 02:55:15.0408 2712 amdide - ok 02:55:15.0424 2712 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys 02:55:15.0424 2712 amdiox64 - ok 02:55:15.0471 2712 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 02:55:15.0471 2712 AmdK8 - ok 02:55:15.0861 2712 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 02:55:16.0157 2712 amdkmdag - ok 02:55:16.0235 2712 [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 02:55:16.0235 2712 amdkmdap - ok 02:55:16.0298 2712 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 02:55:16.0298 2712 AmdPPM - ok 02:55:16.0344 2712 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 02:55:16.0344 2712 amdsata - ok 02:55:16.0407 2712 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 02:55:16.0407 2712 amdsbs - ok 02:55:16.0422 2712 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 02:55:16.0422 2712 amdxata - ok 02:55:16.0485 2712 [ 321533578132C811EC834A1B741C994C ] amdxhc C:\Windows\system32\DRIVERS\amdxhc.sys 02:55:16.0485 2712 amdxhc - ok 02:55:16.0516 2712 [ 2FBB00A7616106B95104574C6CD640C2 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys 02:55:16.0516 2712 amd_sata - ok 02:55:16.0532 2712 [ 87D0D7645CB0D53220649BD5FE15D93E ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys 02:55:16.0532 2712 amd_xata - ok 02:55:16.0594 2712 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys 02:55:16.0594 2712 AODDriver4.1 - ok 02:55:16.0656 2712 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 02:55:16.0672 2712 AppID - ok 02:55:16.0688 2712 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 02:55:16.0688 2712 AppIDSvc - ok 02:55:16.0703 2712 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 02:55:16.0719 2712 Appinfo - ok 02:55:16.0797 2712 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 02:55:16.0797 2712 Apple Mobile Device - ok 02:55:16.0859 2712 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 02:55:16.0859 2712 arc - ok 02:55:16.0890 2712 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 02:55:16.0890 2712 arcsas - ok 02:55:17.0000 2712 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 02:55:17.0031 2712 aspnet_state - ok 02:55:17.0093 2712 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 02:55:17.0093 2712 AsyncMac - ok 02:55:17.0140 2712 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 02:55:17.0140 2712 atapi - ok 02:55:17.0202 2712 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 02:55:17.0202 2712 AtiHDAudioService - ok 02:55:17.0280 2712 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 02:55:17.0296 2712 AudioEndpointBuilder - ok 02:55:17.0312 2712 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 02:55:17.0327 2712 AudioSrv - ok 02:55:17.0390 2712 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 02:55:17.0390 2712 AxInstSV - ok 02:55:17.0452 2712 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 02:55:17.0468 2712 b06bdrv - ok 02:55:17.0530 2712 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 02:55:17.0530 2712 b57nd60a - ok 02:55:17.0702 2712 [ 0E7A9264576B40638A3FBC804DE1FF76 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys 02:55:17.0748 2712 BCM43XX - ok 02:55:17.0764 2712 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 02:55:17.0780 2712 BDESVC - ok 02:55:17.0826 2712 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 02:55:17.0826 2712 Beep - ok 02:55:17.0889 2712 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 02:55:17.0904 2712 BFE - ok 02:55:17.0951 2712 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 02:55:17.0982 2712 BITS - ok 02:55:18.0029 2712 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 02:55:18.0029 2712 blbdrive - ok 02:55:18.0092 2712 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 02:55:18.0107 2712 Bonjour Service - ok 02:55:18.0154 2712 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 02:55:18.0154 2712 bowser - ok 02:55:18.0216 2712 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 02:55:18.0216 2712 BrFiltLo - ok 02:55:18.0232 2712 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 02:55:18.0232 2712 BrFiltUp - ok 02:55:18.0279 2712 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 02:55:18.0279 2712 Browser - ok 02:55:18.0341 2712 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 02:55:18.0357 2712 Brserid - ok 02:55:18.0372 2712 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 02:55:18.0388 2712 BrSerWdm - ok 02:55:18.0419 2712 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 02:55:18.0419 2712 BrUsbMdm - ok 02:55:18.0435 2712 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 02:55:18.0435 2712 BrUsbSer - ok 02:55:18.0497 2712 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 02:55:18.0497 2712 BthEnum - ok 02:55:18.0544 2712 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 02:55:18.0544 2712 BTHMODEM - ok 02:55:18.0606 2712 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 02:55:18.0606 2712 BthPan - ok 02:55:18.0638 2712 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 02:55:18.0653 2712 BTHPORT - ok 02:55:18.0700 2712 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 02:55:18.0700 2712 bthserv - ok 02:55:18.0731 2712 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 02:55:18.0731 2712 BTHUSB - ok 02:55:18.0778 2712 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys 02:55:18.0778 2712 btwampfl - ok 02:55:18.0856 2712 [ A75BF6802A967F5AACECC3C67FEBDF55 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 02:55:18.0856 2712 btwaudio - ok 02:55:18.0903 2712 [ D895DC213EDBDA5FCC53AAD1F1E0E63B ] btwavdt C:\Windows\system32\drivers\btwavdt.sys 02:55:18.0918 2712 btwavdt - ok 02:55:18.0996 2712 [ 692F8648D7686D91E34A65AC698019D8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 02:55:19.0028 2712 btwdins - ok 02:55:19.0043 2712 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 02:55:19.0059 2712 btwl2cap - ok 02:55:19.0106 2712 [ 6D7AA2BDE0135599C5F230D69DB3B420 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 02:55:19.0106 2712 btwrchid - ok 02:55:19.0137 2712 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 02:55:19.0137 2712 cdfs - ok 02:55:19.0215 2712 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 02:55:19.0215 2712 cdrom - ok 02:55:19.0277 2712 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 02:55:19.0277 2712 CertPropSvc - ok 02:55:19.0355 2712 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 02:55:19.0355 2712 circlass - ok 02:55:19.0371 2712 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 02:55:19.0371 2712 CLFS - ok 02:55:19.0464 2712 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe 02:55:19.0480 2712 CLKMSVC10_38F51D56 - ok 02:55:19.0542 2712 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 02:55:19.0558 2712 clr_optimization_v2.0.50727_32 - ok 02:55:19.0605 2712 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 02:55:19.0605 2712 clr_optimization_v2.0.50727_64 - ok 02:55:19.0698 2712 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 02:55:19.0870 2712 clr_optimization_v4.0.30319_32 - ok 02:55:19.0886 2712 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 02:55:19.0917 2712 clr_optimization_v4.0.30319_64 - ok 02:55:19.0979 2712 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys 02:55:19.0979 2712 clwvd - ok 02:55:20.0026 2712 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 02:55:20.0042 2712 CmBatt - ok 02:55:20.0073 2712 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 02:55:20.0073 2712 cmdide - ok 02:55:20.0104 2712 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 02:55:20.0120 2712 CNG - ok 02:55:20.0182 2712 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 02:55:20.0182 2712 Compbatt - ok 02:55:20.0244 2712 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 02:55:20.0244 2712 CompositeBus - ok 02:55:20.0260 2712 COMSysApp - ok 02:55:20.0307 2712 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 02:55:20.0307 2712 crcdisk - ok 02:55:20.0369 2712 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll 02:55:20.0385 2712 CryptSvc - ok 02:55:20.0432 2712 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 02:55:20.0432 2712 DcomLaunch - ok 02:55:20.0478 2712 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 02:55:20.0478 2712 defragsvc - ok 02:55:20.0541 2712 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 02:55:20.0541 2712 DfsC - ok 02:55:20.0588 2712 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 02:55:20.0588 2712 Dhcp - ok 02:55:20.0603 2712 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 02:55:20.0603 2712 discache - ok 02:55:20.0666 2712 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 02:55:20.0666 2712 Disk - ok 02:55:20.0712 2712 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 02:55:20.0712 2712 Dnscache - ok 02:55:20.0759 2712 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 02:55:20.0759 2712 dot3svc - ok 02:55:20.0790 2712 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 02:55:20.0790 2712 DPS - ok 02:55:20.0837 2712 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 02:55:20.0837 2712 drmkaud - ok 02:55:20.0884 2712 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 02:55:20.0900 2712 DXGKrnl - ok 02:55:20.0962 2712 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 02:55:20.0962 2712 EapHost - ok 02:55:21.0071 2712 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 02:55:21.0134 2712 ebdrv - ok 02:55:21.0196 2712 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 02:55:21.0196 2712 EFS - ok 02:55:21.0290 2712 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 02:55:21.0305 2712 ehRecvr - ok 02:55:21.0321 2712 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 02:55:21.0336 2712 ehSched - ok 02:55:21.0383 2712 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 02:55:21.0399 2712 elxstor - ok 02:55:21.0430 2712 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 02:55:21.0430 2712 ErrDev - ok 02:55:21.0539 2712 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 02:55:21.0539 2712 EventSystem - ok 02:55:21.0570 2712 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 02:55:21.0570 2712 exfat - ok 02:55:21.0602 2712 ezSharedSvc - ok 02:55:21.0633 2712 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 02:55:21.0648 2712 fastfat - ok 02:55:21.0711 2712 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 02:55:21.0726 2712 Fax - ok 02:55:21.0773 2712 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 02:55:21.0773 2712 fdc - ok 02:55:21.0820 2712 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 02:55:21.0820 2712 fdPHost - ok 02:55:21.0851 2712 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 02:55:21.0851 2712 FDResPub - ok 02:55:21.0898 2712 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 02:55:21.0898 2712 FileInfo - ok 02:55:21.0914 2712 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 02:55:21.0914 2712 Filetrace - ok 02:55:21.0976 2712 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 02:55:21.0976 2712 flpydisk - ok 02:55:22.0023 2712 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 02:55:22.0023 2712 FltMgr - ok 02:55:22.0085 2712 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 02:55:22.0101 2712 FontCache - ok 02:55:22.0148 2712 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 02:55:22.0163 2712 FontCache3.0.0.0 - ok 02:55:22.0179 2712 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 02:55:22.0179 2712 FsDepends - ok 02:55:22.0241 2712 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 02:55:22.0241 2712 Fs_Rec - ok 02:55:22.0304 2712 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 02:55:22.0319 2712 fvevol - ok 02:55:22.0366 2712 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 02:55:22.0366 2712 gagp30kx - ok 02:55:22.0444 2712 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 02:55:22.0444 2712 GamesAppService - ok 02:55:22.0491 2712 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 02:55:22.0491 2712 GEARAspiWDM - ok 02:55:22.0553 2712 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 02:55:22.0569 2712 gpsvc - ok 02:55:22.0631 2712 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 02:55:22.0631 2712 gusvc - ok 02:55:22.0647 2712 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 02:55:22.0662 2712 hcw85cir - ok 02:55:22.0725 2712 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 02:55:22.0725 2712 HdAudAddService - ok 02:55:22.0772 2712 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 02:55:22.0787 2712 HDAudBus - ok 02:55:22.0803 2712 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 02:55:22.0818 2712 HidBatt - ok 02:55:22.0834 2712 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 02:55:22.0834 2712 HidBth - ok 02:55:22.0881 2712 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 02:55:22.0881 2712 HidIr - ok 02:55:22.0928 2712 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 02:55:22.0928 2712 hidserv - ok 02:55:22.0990 2712 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 02:55:22.0990 2712 HidUsb - ok 02:55:23.0021 2712 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 02:55:23.0021 2712 hkmsvc - ok 02:55:23.0052 2712 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 02:55:23.0052 2712 HomeGroupListener - ok 02:55:23.0099 2712 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 02:55:23.0099 2712 HomeGroupProvider - ok 02:55:23.0193 2712 [ 170233B8D743EFE35F462A5D516B93E3 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 02:55:23.0208 2712 HP Support Assistant Service - ok 02:55:23.0271 2712 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe 02:55:23.0286 2712 HPClientSvc - ok 02:55:23.0364 2712 [ D17F9E527F01770BD04A9223BC40EC22 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 02:55:23.0364 2712 HPDrvMntSvc.exe - ok 02:55:23.0411 2712 [ A4BE23C451ADEB252CD17A0532CAE220 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys 02:55:23.0411 2712 hpdskflt - ok 02:55:23.0489 2712 [ 0955C23C041451FB4E7099D6B2CF1C06 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 02:55:23.0505 2712 hpqwmiex - ok 02:55:23.0567 2712 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 02:55:23.0583 2712 HpSAMD - ok 02:55:23.0614 2712 [ A88A45E82BC54BFFB49C63973010226A ] hpsrv C:\Windows\system32\Hpservice.exe 02:55:23.0614 2712 hpsrv - ok 02:55:23.0692 2712 [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe 02:55:23.0708 2712 HPWMISVC - ok 02:55:23.0786 2712 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 02:55:23.0801 2712 HTTP - ok 02:55:23.0817 2712 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 02:55:23.0817 2712 hwpolicy - ok 02:55:23.0879 2712 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 02:55:23.0879 2712 i8042prt - ok 02:55:23.0942 2712 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 02:55:23.0957 2712 iaStorV - ok 02:55:24.0098 2712 [ 3A0FF117B4ADC5ABE4D968E26A337158 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe 02:55:24.0144 2712 IconMan_R - ok 02:55:24.0207 2712 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 02:55:24.0222 2712 idsvc - ok 02:55:24.0269 2712 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 02:55:24.0269 2712 iirsp - ok 02:55:24.0332 2712 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 02:55:24.0347 2712 IKEEXT - ok 02:55:24.0363 2712 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 02:55:24.0363 2712 intelide - ok 02:55:24.0410 2712 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys 02:55:24.0410 2712 intelppm - ok 02:55:24.0472 2712 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 02:55:24.0472 2712 IPBusEnum - ok 02:55:24.0534 2712 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 02:55:24.0534 2712 IpFilterDriver - ok 02:55:24.0597 2712 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 02:55:24.0597 2712 iphlpsvc - ok 02:55:24.0628 2712 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 02:55:24.0628 2712 IPMIDRV - ok 02:55:24.0644 2712 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 02:55:24.0644 2712 IPNAT - ok 02:55:24.0722 2712 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 02:55:24.0753 2712 iPod Service - ok 02:55:24.0800 2712 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 02:55:24.0800 2712 IRENUM - ok 02:55:24.0862 2712 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 02:55:24.0862 2712 isapnp - ok 02:55:24.0909 2712 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 02:55:24.0909 2712 iScsiPrt - ok 02:55:24.0940 2712 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 02:55:24.0940 2712 kbdclass - ok 02:55:24.0987 2712 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 02:55:24.0987 2712 kbdhid - ok 02:55:25.0018 2712 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 02:55:25.0018 2712 KeyIso - ok 02:55:25.0049 2712 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 02:55:25.0049 2712 KSecDD - ok 02:55:25.0065 2712 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 02:55:25.0080 2712 KSecPkg - ok 02:55:25.0127 2712 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 02:55:25.0127 2712 ksthunk - ok 02:55:25.0158 2712 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 02:55:25.0174 2712 KtmRm - ok 02:55:25.0236 2712 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 02:55:25.0252 2712 LanmanServer - ok 02:55:25.0283 2712 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 02:55:25.0299 2712 LanmanWorkstation - ok 02:55:25.0346 2712 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 02:55:25.0346 2712 lltdio - ok 02:55:25.0392 2712 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 02:55:25.0392 2712 lltdsvc - ok 02:55:25.0424 2712 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 02:55:25.0439 2712 lmhosts - ok 02:55:25.0486 2712 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 02:55:25.0486 2712 LSI_FC - ok 02:55:25.0533 2712 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 02:55:25.0533 2712 LSI_SAS - ok 02:55:25.0564 2712 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 02:55:25.0564 2712 LSI_SAS2 - ok 02:55:25.0580 2712 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 02:55:25.0595 2712 LSI_SCSI - ok 02:55:25.0626 2712 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 02:55:25.0626 2712 luafv - ok 02:55:25.0704 2712 [ ED1FC81096C86D7EDB785F47E8342A5E ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys 02:55:25.0704 2712 mbamchameleon - ok 02:55:25.0736 2712 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 02:55:25.0751 2712 Mcx2Svc - ok 02:55:25.0767 2712 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 02:55:25.0767 2712 megasas - ok 02:55:25.0829 2712 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 02:55:25.0829 2712 MegaSR - ok 02:55:25.0907 2712 Microsoft SharePoint Workspace Audit Service - ok 02:55:25.0938 2712 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 02:55:25.0938 2712 MMCSS - ok 02:55:26.0001 2712 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 02:55:26.0001 2712 Modem - ok 02:55:26.0048 2712 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 02:55:26.0048 2712 monitor - ok 02:55:26.0110 2712 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 02:55:26.0110 2712 mouclass - ok 02:55:26.0157 2712 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 02:55:26.0157 2712 mouhid - ok 02:55:26.0188 2712 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 02:55:26.0204 2712 mountmgr - ok 02:55:26.0266 2712 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 02:55:26.0282 2712 MozillaMaintenance - ok 02:55:26.0360 2712 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 02:55:26.0360 2712 MpFilter - ok 02:55:26.0422 2712 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 02:55:26.0422 2712 mpio - ok 02:55:26.0453 2712 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 02:55:26.0469 2712 mpsdrv - ok 02:55:26.0516 2712 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 02:55:26.0531 2712 MpsSvc - ok 02:55:26.0547 2712 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 02:55:26.0547 2712 MRxDAV - ok 02:55:26.0578 2712 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 02:55:26.0594 2712 mrxsmb - ok 02:55:26.0609 2712 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 02:55:26.0625 2712 mrxsmb10 - ok 02:55:26.0640 2712 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 02:55:26.0656 2712 mrxsmb20 - ok 02:55:26.0672 2712 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 02:55:26.0672 2712 msahci - ok 02:55:26.0703 2712 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 02:55:26.0703 2712 msdsm - ok 02:55:26.0734 2712 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 02:55:26.0734 2712 MSDTC - ok 02:55:26.0796 2712 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 02:55:26.0796 2712 Msfs - ok 02:55:26.0843 2712 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 02:55:26.0859 2712 mshidkmdf - ok 02:55:26.0890 2712 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 02:55:26.0890 2712 msisadrv - ok 02:55:26.0906 2712 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 02:55:26.0906 2712 MSiSCSI - ok 02:55:26.0921 2712 msiserver - ok 02:55:26.0952 2712 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 02:55:26.0952 2712 MSKSSRV - ok 02:55:27.0030 2712 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe 02:55:27.0046 2712 MsMpSvc - ok 02:55:27.0062 2712 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 02:55:27.0077 2712 MSPCLOCK - ok 02:55:27.0077 2712 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 02:55:27.0077 2712 MSPQM - ok 02:55:27.0124 2712 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 02:55:27.0124 2712 MsRPC - ok 02:55:27.0155 2712 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 02:55:27.0155 2712 mssmbios - ok 02:55:27.0202 2712 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 02:55:27.0218 2712 MSTEE - ok 02:55:27.0249 2712 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 02:55:27.0249 2712 MTConfig - ok 02:55:27.0296 2712 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 02:55:27.0296 2712 Mup - ok 02:55:27.0374 2712 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 02:55:27.0389 2712 napagent - ok 02:55:27.0545 2712 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 02:55:27.0545 2712 NativeWifiP - ok 02:55:27.0732 2712 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys 02:55:27.0764 2712 NDIS - ok 02:55:27.0857 2712 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 02:55:27.0857 2712 NdisCap - ok 02:55:27.0935 2712 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 02:55:27.0935 2712 NdisTapi - ok 02:55:28.0013 2712 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 02:55:28.0013 2712 Ndisuio - ok 02:55:28.0091 2712 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 02:55:28.0091 2712 NdisWan - ok 02:55:28.0154 2712 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 02:55:28.0154 2712 NDProxy - ok 02:55:28.0263 2712 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 02:55:28.0263 2712 NetBIOS - ok 02:55:28.0310 2712 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 02:55:28.0310 2712 NetBT - ok 02:55:28.0341 2712 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 02:55:28.0341 2712 Netlogon - ok 02:55:28.0450 2712 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 02:55:28.0466 2712 Netman - ok 02:55:28.0559 2712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 02:55:28.0606 2712 NetMsmqActivator - ok 02:55:28.0637 2712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 02:55:28.0653 2712 NetPipeActivator - ok 02:55:28.0715 2712 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 02:55:28.0731 2712 netprofm - ok 02:55:28.0762 2712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 02:55:28.0762 2712 NetTcpActivator - ok 02:55:28.0778 2712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 02:55:28.0778 2712 NetTcpPortSharing - ok 02:55:28.0824 2712 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 02:55:28.0824 2712 nfrd960 - ok 02:55:28.0918 2712 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 02:55:28.0918 2712 NisDrv - ok 02:55:29.0152 2712 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe 02:55:29.0152 2712 NisSrv - ok 02:55:29.0292 2712 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 02:55:29.0292 2712 NlaSvc - ok 02:55:29.0355 2712 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 02:55:29.0355 2712 Npfs - ok 02:55:29.0402 2712 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 02:55:29.0402 2712 nsi - ok 02:55:29.0433 2712 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 02:55:29.0433 2712 nsiproxy - ok 02:55:29.0620 2712 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 02:55:29.0667 2712 Ntfs - ok 02:55:29.0682 2712 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 02:55:29.0698 2712 Null - ok 02:55:29.0776 2712 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys 02:55:29.0776 2712 NVENETFD - ok 02:55:29.0916 2712 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 02:55:29.0994 2712 nvraid - ok 02:55:30.0119 2712 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 02:55:30.0119 2712 nvstor - ok 02:55:30.0135 2712 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 02:55:30.0150 2712 nv_agp - ok 02:55:30.0182 2712 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 02:55:30.0182 2712 ohci1394 - ok 02:55:30.0291 2712 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 02:55:30.0306 2712 ose64 - ok 02:55:30.0478 2712 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 02:55:30.0650 2712 osppsvc - ok 02:55:30.0696 2712 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 02:55:30.0696 2712 p2pimsvc - ok 02:55:30.0728 2712 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 02:55:30.0743 2712 p2psvc - ok 02:55:30.0774 2712 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 02:55:30.0774 2712 Parport - ok 02:55:30.0806 2712 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 02:55:30.0806 2712 partmgr - ok 02:55:30.0852 2712 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 02:55:30.0852 2712 PcaSvc - ok 02:55:30.0899 2712 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 02:55:30.0899 2712 pci - ok 02:55:30.0930 2712 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 02:55:30.0930 2712 pciide - ok 02:55:30.0962 2712 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 02:55:30.0977 2712 pcmcia - ok 02:55:30.0993 2712 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 02:55:30.0993 2712 pcw - ok 02:55:31.0024 2712 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 02:55:31.0040 2712 PEAUTH - ok 02:55:31.0164 2712 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 02:55:31.0164 2712 PerfHost - ok 02:55:31.0242 2712 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 02:55:31.0274 2712 pla - ok 02:55:31.0336 2712 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 02:55:31.0352 2712 PlugPlay - ok 02:55:31.0383 2712 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 02:55:31.0383 2712 PNRPAutoReg - ok 02:55:31.0414 2712 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 02:55:31.0414 2712 PNRPsvc - ok 02:55:31.0492 2712 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys 02:55:31.0492 2712 Point64 - ok 02:55:31.0523 2712 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 02:55:31.0539 2712 PolicyAgent - ok 02:55:31.0601 2712 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 02:55:31.0617 2712 Power - ok 02:55:31.0679 2712 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 02:55:31.0679 2712 PptpMiniport - ok 02:55:31.0710 2712 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 02:55:31.0710 2712 Processor - ok 02:55:31.0742 2712 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 02:55:31.0742 2712 ProfSvc - ok 02:55:31.0773 2712 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 02:55:31.0773 2712 ProtectedStorage - ok 02:55:31.0820 2712 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 02:55:31.0835 2712 Psched - ok 02:55:31.0913 2712 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 02:55:31.0944 2712 ql2300 - ok 02:55:31.0976 2712 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 02:55:31.0976 2712 ql40xx - ok 02:55:32.0022 2712 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 02:55:32.0038 2712 QWAVE - ok 02:55:32.0054 2712 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 02:55:32.0054 2712 QWAVEdrv - ok 02:55:32.0085 2712 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 02:55:32.0085 2712 RasAcd - ok 02:55:32.0132 2712 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 02:55:32.0147 2712 RasAgileVpn - ok 02:55:32.0194 2712 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 02:55:32.0194 2712 RasAuto - ok 02:55:32.0225 2712 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 02:55:32.0225 2712 Rasl2tp - ok 02:55:32.0288 2712 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 02:55:32.0288 2712 RasMan - ok 02:55:32.0350 2712 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 02:55:32.0350 2712 RasPppoe - ok 02:55:32.0366 2712 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 02:55:32.0366 2712 RasSstp - ok 02:55:32.0381 2712 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 02:55:32.0397 2712 rdbss - ok 02:55:32.0428 2712 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 02:55:32.0428 2712 rdpbus - ok 02:55:32.0475 2712 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 02:55:32.0475 2712 RDPCDD - ok 02:55:32.0506 2712 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 02:55:32.0506 2712 RDPENCDD - ok 02:55:32.0522 2712 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 02:55:32.0522 2712 RDPREFMP - ok 02:55:32.0553 2712 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 02:55:32.0568 2712 RDPWD - ok 02:55:32.0615 2712 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 02:55:32.0615 2712 rdyboost - ok 02:55:32.0646 2712 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 02:55:32.0646 2712 RemoteAccess - ok 02:55:32.0709 2712 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 02:55:32.0709 2712 RemoteRegistry - ok 02:55:32.0740 2712 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 02:55:32.0756 2712 RFCOMM - ok 02:55:32.0802 2712 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe 02:55:32.0818 2712 RoxioNow Service - ok 02:55:32.0834 2712 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 02:55:32.0834 2712 RpcEptMapper - ok 02:55:32.0865 2712 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 02:55:32.0865 2712 RpcLocator - ok 02:55:32.0912 2712 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 02:55:32.0912 2712 RpcSs - ok 02:55:32.0990 2712 [ 9D21618E7A3B2C75CF1A2ECBBE723730 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys 02:55:32.0990 2712 RSPCIESTOR - ok 02:55:33.0052 2712 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 02:55:33.0052 2712 rspndr - ok 02:55:33.0177 2712 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 02:55:33.0177 2712 RTL8167 - ok 02:55:33.0208 2712 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 02:55:33.0208 2712 SamSs - ok 02:55:33.0239 2712 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 02:55:33.0255 2712 sbp2port - ok 02:55:33.0317 2712 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 02:55:33.0333 2712 SCardSvr - ok 02:55:33.0380 2712 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 02:55:33.0380 2712 scfilter - ok 02:55:33.0504 2712 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 02:55:33.0536 2712 Schedule - ok 02:55:33.0582 2712 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 02:55:33.0582 2712 SCPolicySvc - ok 02:55:33.0660 2712 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 02:55:33.0660 2712 sdbus - ok 02:55:33.0692 2712 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 02:55:33.0692 2712 SDRSVC - ok 02:55:33.0738 2712 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 02:55:33.0738 2712 secdrv - ok 02:55:33.0770 2712 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 02:55:33.0770 2712 seclogon - ok 02:55:33.0816 2712 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 02:55:33.0816 2712 SENS - ok 02:55:33.0879 2712 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 02:55:33.0879 2712 SensrSvc - ok 02:55:33.0941 2712 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 02:55:33.0941 2712 Serenum - ok 02:55:33.0972 2712 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 02:55:33.0988 2712 Serial - ok 02:55:34.0035 2712 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 02:55:34.0035 2712 sermouse - ok 02:55:34.0097 2712 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 02:55:34.0097 2712 SessionEnv - ok 02:55:34.0128 2712 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 02:55:34.0144 2712 sffdisk - ok 02:55:34.0160 2712 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 02:55:34.0175 2712 sffp_mmc - ok 02:55:34.0191 2712 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 02:55:34.0191 2712 sffp_sd - ok 02:55:34.0206 2712 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 02:55:34.0206 2712 sfloppy - ok 02:55:34.0253 2712 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 02:55:34.0269 2712 SharedAccess - ok 02:55:34.0316 2712 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 02:55:34.0316 2712 ShellHWDetection - ok 02:55:34.0378 2712 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 02:55:34.0378 2712 SiSRaid2 - ok 02:55:34.0409 2712 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 02:55:34.0409 2712 SiSRaid4 - ok 02:55:34.0472 2712 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 02:55:34.0487 2712 Smb - ok 02:55:34.0565 2712 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 02:55:34.0565 2712 SNMPTRAP - ok 02:55:34.0581 2712 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 02:55:34.0581 2712 spldr - ok 02:55:34.0628 2712 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 02:55:34.0643 2712 Spooler - ok 02:55:34.0752 2712 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 02:55:34.0815 2712 sppsvc - ok 02:55:34.0830 2712 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 02:55:34.0846 2712 sppuinotify - ok 02:55:34.0893 2712 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 02:55:34.0893 2712 srv - ok 02:55:34.0924 2712 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 02:55:34.0940 2712 srv2 - ok 02:55:35.0002 2712 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS 02:55:35.0018 2712 SrvHsfHDA - ok 02:55:35.0064 2712 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS 02:55:35.0096 2712 SrvHsfV92 - ok 02:55:35.0142 2712 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 02:55:35.0158 2712 SrvHsfWinac - ok 02:55:35.0189 2712 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 02:55:35.0189 2712 srvnet - ok 02:55:35.0267 2712 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 02:55:35.0267 2712 SSDPSRV - ok 02:55:35.0283 2712 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 02:55:35.0298 2712 SstpSvc - ok 02:55:35.0408 2712 [ E82994866A370A480607637F28B82835 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe 02:55:35.0408 2712 STacSV - ok 02:55:35.0439 2712 Steam Client Service - ok 02:55:35.0470 2712 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 02:55:35.0470 2712 stexstor - ok 02:55:35.0532 2712 [ 3AD0ED8B19CD76D2254DE5FB298E3C26 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys 02:55:35.0548 2712 STHDA - ok 02:55:35.0595 2712 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 02:55:35.0610 2712 stisvc - ok 02:55:35.0642 2712 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 02:55:35.0642 2712 swenum - ok 02:55:35.0673 2712 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 02:55:35.0688 2712 swprv - ok 02:55:35.0782 2712 [ 33E6A285DAA5134D8EA2247914C86C09 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 02:55:35.0798 2712 SynTP - ok 02:55:35.0876 2712 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 02:55:35.0907 2712 SysMain - ok 02:55:35.0938 2712 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 02:55:35.0938 2712 TabletInputService - ok 02:55:35.0969 2712 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 02:55:35.0969 2712 TapiSrv - ok 02:55:36.0000 2712 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 02:55:36.0016 2712 TBS - ok 02:55:36.0125 2712 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 02:55:36.0156 2712 Tcpip - ok 02:55:36.0234 2712 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 02:55:36.0266 2712 TCPIP6 - ok 02:55:36.0297 2712 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 02:55:36.0297 2712 tcpipreg - ok 02:55:36.0312 2712 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 02:55:36.0312 2712 TDPIPE - ok 02:55:36.0344 2712 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 02:55:36.0344 2712 TDTCP - ok 02:55:36.0375 2712 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 02:55:36.0375 2712 tdx - ok 02:55:36.0437 2712 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 02:55:36.0437 2712 TermDD - ok 02:55:36.0484 2712 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 02:55:36.0500 2712 TermService - ok 02:55:36.0515 2712 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 02:55:36.0531 2712 Themes - ok 02:55:36.0546 2712 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 02:55:36.0562 2712 THREADORDER - ok 02:55:36.0578 2712 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 02:55:36.0593 2712 TrkWks - ok 02:55:36.0624 2712 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 02:55:36.0624 2712 TrustedInstaller - ok 02:55:36.0671 2712 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 02:55:36.0671 2712 tssecsrv - ok 02:55:36.0718 2712 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 02:55:36.0718 2712 TsUsbFlt - ok 02:55:36.0749 2712 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 02:55:36.0749 2712 TsUsbGD - ok 02:55:36.0827 2712 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 02:55:36.0827 2712 tunnel - ok 02:55:36.0858 2712 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 02:55:36.0858 2712 uagp35 - ok 02:55:36.0874 2712 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 02:55:36.0890 2712 udfs - ok 02:55:36.0936 2712 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 02:55:36.0952 2712 UI0Detect - ok 02:55:36.0968 2712 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 02:55:36.0983 2712 uliagpkx - ok 02:55:37.0046 2712 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 02:55:37.0046 2712 umbus - ok 02:55:37.0092 2712 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 02:55:37.0092 2712 UmPass - ok 02:55:37.0124 2712 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 02:55:37.0139 2712 upnphost - ok 02:55:37.0202 2712 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 02:55:37.0202 2712 USBAAPL64 - ok 02:55:37.0264 2712 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 02:55:37.0264 2712 usbaudio - ok 02:55:37.0311 2712 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 02:55:37.0311 2712 usbccgp - ok 02:55:37.0373 2712 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 02:55:37.0373 2712 usbcir - ok 02:55:37.0389 2712 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 02:55:37.0404 2712 usbehci - ok 02:55:37.0451 2712 [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys 02:55:37.0451 2712 usbfilter - ok 02:55:37.0529 2712 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 02:55:37.0545 2712 usbhub - ok 02:55:37.0560 2712 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 02:55:37.0560 2712 usbohci - ok 02:55:37.0592 2712 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys 02:55:37.0592 2712 usbprint - ok 02:55:37.0623 2712 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS 02:55:37.0623 2712 USBSTOR - ok 02:55:37.0638 2712 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 02:55:37.0654 2712 usbuhci - ok 02:55:37.0716 2712 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 02:55:37.0716 2712 usbvideo - ok 02:55:37.0748 2712 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 02:55:37.0748 2712 UxSms - ok 02:55:37.0763 2712 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 02:55:37.0763 2712 VaultSvc - ok 02:55:37.0794 2712 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 02:55:37.0794 2712 vdrvroot - ok 02:55:37.0826 2712 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 02:55:37.0826 2712 vds - ok 02:55:37.0888 2712 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 02:55:37.0888 2712 vga - ok 02:55:37.0919 2712 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 02:55:37.0919 2712 VgaSave - ok 02:55:37.0950 2712 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 02:55:37.0966 2712 vhdmp - ok 02:55:37.0982 2712 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 02:55:37.0982 2712 viaide - ok 02:55:38.0044 2712 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 02:55:38.0044 2712 volmgr - ok 02:55:38.0075 2712 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 02:55:38.0091 2712 volmgrx - ok 02:55:38.0122 2712 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 02:55:38.0122 2712 volsnap - ok 02:55:38.0169 2712 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 02:55:38.0169 2712 vsmraid - ok 02:55:38.0247 2712 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 02:55:38.0278 2712 VSS - ok 02:55:38.0325 2712 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 02:55:38.0325 2712 vwifibus - ok 02:55:38.0340 2712 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 02:55:38.0356 2712 vwififlt - ok 02:55:38.0387 2712 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 02:55:38.0387 2712 W32Time - ok 02:55:38.0418 2712 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 02:55:38.0418 2712 WacomPen - ok 02:55:38.0481 2712 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 02:55:38.0496 2712 WANARP - ok 02:55:38.0496 2712 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 02:55:38.0496 2712 Wanarpv6 - ok 02:55:38.0590 2712 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 02:55:38.0606 2712 WatAdminSvc - ok 02:55:38.0684 2712 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 02:55:38.0715 2712 wbengine - ok 02:55:38.0746 2712 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 02:55:38.0762 2712 WbioSrvc - ok 02:55:38.0793 2712 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 02:55:38.0793 2712 wcncsvc - ok 02:55:38.0824 2712 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 02:55:38.0824 2712 WcsPlugInService - ok 02:55:38.0871 2712 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 02:55:38.0871 2712 Wd - ok 02:55:38.0902 2712 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 02:55:38.0918 2712 Wdf01000 - ok 02:55:38.0949 2712 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 02:55:38.0949 2712 WdiServiceHost - ok 02:55:38.0964 2712 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 02:55:38.0964 2712 WdiSystemHost - ok 02:55:38.0996 2712 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 02:55:39.0011 2712 WebClient - ok 02:55:39.0027 2712 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 02:55:39.0042 2712 Wecsvc - ok 02:55:39.0058 2712 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 02:55:39.0058 2712 wercplsupport - ok 02:55:39.0105 2712 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 02:55:39.0120 2712 WerSvc - ok 02:55:39.0167 2712 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 02:55:39.0183 2712 WfpLwf - ok 02:55:39.0198 2712 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 02:55:39.0198 2712 WIMMount - ok 02:55:39.0230 2712 WinDefend - ok 02:55:39.0245 2712 WinHttpAutoProxySvc - ok 02:55:39.0308 2712 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 02:55:39.0323 2712 Winmgmt - ok 02:55:39.0386 2712 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 02:55:39.0432 2712 WinRM - ok 02:55:39.0510 2712 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys 02:55:39.0510 2712 WinUsb - ok 02:55:39.0557 2712 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 02:55:39.0573 2712 Wlansvc - ok 02:55:39.0651 2712 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 02:55:39.0651 2712 wlcrasvc - ok 02:55:39.0822 2712 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 02:55:39.0854 2712 wlidsvc - ok 02:55:39.0900 2712 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 02:55:39.0900 2712 WmiAcpi - ok 02:55:39.0947 2712 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 02:55:39.0963 2712 wmiApSrv - ok 02:55:40.0010 2712 WMPNetworkSvc - ok 02:55:40.0056 2712 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 02:55:40.0056 2712 WPCSvc - ok 02:55:40.0088 2712 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 02:55:40.0088 2712 WPDBusEnum - ok 02:55:40.0119 2712 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 02:55:40.0119 2712 ws2ifsl - ok 02:55:40.0134 2712 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 02:55:40.0134 2712 wscsvc - ok 02:55:40.0150 2712 WSearch - ok 02:55:40.0306 2712 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 02:55:40.0368 2712 wuauserv - ok 02:55:40.0384 2712 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 02:55:40.0384 2712 WudfPf - ok 02:55:40.0400 2712 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 02:55:40.0415 2712 WUDFRd - ok 02:55:40.0446 2712 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 02:55:40.0446 2712 wudfsvc - ok 02:55:40.0478 2712 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 02:55:40.0478 2712 WwanSvc - ok 02:55:40.0540 2712 ================ Scan global =============================== 02:55:40.0571 2712 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 02:55:40.0602 2712 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 02:55:40.0618 2712 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 02:55:40.0665 2712 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 02:55:40.0696 2712 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 02:55:40.0696 2712 [Global] - ok 02:55:40.0696 2712 ================ Scan MBR ================================== 02:55:40.0712 2712 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 02:55:41.0070 2712 \Device\Harddisk0\DR0 - ok 02:55:41.0070 2712 ================ Scan VBR ================================== 02:55:41.0070 2712 [ 0EDB7A89218BC9088D4EA18B6B5E9C55 ] \Device\Harddisk0\DR0\Partition1 02:55:41.0086 2712 \Device\Harddisk0\DR0\Partition1 - ok 02:55:41.0102 2712 [ 7F8F8B51F4D22CF5AE50A251D292E1AE ] \Device\Harddisk0\DR0\Partition2 02:55:41.0102 2712 \Device\Harddisk0\DR0\Partition2 - ok 02:55:41.0133 2712 [ 4FC70F36DDC875FF00DD7AFFDB9F8B3D ] \Device\Harddisk0\DR0\Partition3 02:55:41.0180 2712 \Device\Harddisk0\DR0\Partition3 - ok 02:55:41.0211 2712 [ 43D90F51FBDBAC715731015D1C43939B ] \Device\Harddisk0\DR0\Partition4 02:55:41.0211 2712 \Device\Harddisk0\DR0\Partition4 - ok 02:55:41.0211 2712 ============================================================ 02:55:41.0211 2712 Scan finished 02:55:41.0211 2712 ============================================================ 02:55:41.0242 3020 Detected object count: 0 02:55:41.0242 3020 Actual detected object count: 0
  11. aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-09-13 02:40:21 ----------------------------- 02:40:21.597 OS Version: Windows x64 6.1.7601 Service Pack 1 02:40:21.597 Number of processors: 4 586 0x100 02:40:21.597 ComputerName: JEFF-LAPTOP UserName: Jeff 02:40:24.093 Initialize success 02:40:31.271 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000063 02:40:31.271 Disk 0 Vendor: TOSHIBA_ GS00 Size: 610480MB BusType: 11 02:40:31.364 Disk 0 MBR read successfully 02:40:31.364 Disk 0 MBR scan 02:40:31.364 Disk 0 Windows 7 default MBR code 02:40:31.380 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048 02:40:31.380 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 595169 MB offset 409600 02:40:31.411 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15007 MB offset 1219315712 02:40:31.427 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 1250050048 02:40:31.474 Disk 0 scanning C:\Windows\system32\drivers 02:40:38.993 Service scanning 02:41:06.293 Modules scanning 02:41:06.293 Scan finished successfully 02:41:14.514 Disk 0 MBR has been saved successfully to "C:\Users\Jeff\Desktop\MBR.dat" 02:41:14.530 The log file has been saved successfully to "C:\Users\Jeff\Desktop\aswMBR.txt" RogueKiller V8.0.2 [08/31/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Jeff [Admin rights] Mode : Scan -- Date : 09/13/2012 02:42:46 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : Root.MBR ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK6476GSX SATA Disk Device +++++ --- User --- [MBR] c8cdb432569e4d3932b3a3032fbd8a53 [bSP] df2c1c2e7bbff6bdec1ef9d26964e6b2 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 595169 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1219315712 | Size: 15007 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1250050048 | Size: 103 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] c6a45de37da3e0338231e05937094ca6 [bSP] df2c1c2e7bbff6bdec1ef9d26964e6b2 : Windows 7 MBR Code
  12. Hello to anyone who can help. I'm running Windows 7 64-bit and I'm pretty sure I got a nasty virus earlier today. Must have come through a pass-through because I haven't downloaded anything. I tried to do a system restore back a week and it didn't do anything. I went through each of the Chameleon steps and each one froze while trying to kill any malware processes. I let it run for 30+ minutes and it must have been stuck in a loop. No antivirus program is able to update or complete, and Malwarebytes freezes each time. I saw this (http://forums.malwarebytes.org/index.php?showtopic=115466) topic and I'm in a similar position so I followed the steps in the first post. I will post the results next. Thank you for your assistance.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.