Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

searchmagnified.com showing up on Chrome


  • Please log in to reply
9 replies to this topic

#1 Feferuco

Feferuco

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:01 AM

Posted 06 May 2012 - 02:11 PM

Using chrome, I typed in a wrong address to freedictionary and I saw this:
Posted Image

Nothing shows up on the page. The only odd thing happening is searchmagnified.com showing up on the address bar. I've run my regular AVG anti-virus scan, I've run Malwarebytes Anti-Malware. MAM did find some things, I let it delete them but the problem persists.

If I try the same address on IE (freedictionary.com), searchmagnified doesn't show up. I've tried some made up addresses on Chrome to see if I could cause searchmagnified to show up again, nothing. No pop-ups, no redirecting. Everything is working normal save for this one odd occurrence I showed in the picture.

Do I have this searchmagnified.com malware? I found this website telling me how to remove it:
http://www.fantasktek.com/Searchmagnified.com-virus-removal.html
is it legit? If it is, I can give it a try first.

BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:01 AM

Posted 06 May 2012 - 06:51 PM

Hello,

I will be helping you with your problems

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

Step 1

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Step 2

Please download Farbar Service Scanner to your Desktop and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Step 3

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Step 4

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log in your next reply.

NOTE: Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 Feferuco

Feferuco
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:01 AM

Posted 07 May 2012 - 08:31 AM

Step 1, security check log:

Results of screen317's Security Check version 0.99.32
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
AVG 2012
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

CCleaner
Java™ 6 Update 22
Java™ 6 Update 32
Java version out of date!
Adobe Flash Player 11.2.202.235
Adobe Reader X (10.1.3)
````````````````````````````````
Process Check:
objlist.exe by Laurent

AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
``````````End of Log````````````

Step 2, Farbar Service Scanner log

Farbar Service Scanner Version: 30-04-2012 01
Ran by Fernando (administrator) on 07-05-2012 at 09:50:57
Running from "F:\Fernando\Arquivos Recebidos"
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Step 3, Minitoolbox results. BTW AVG told me that it is a threat. I allowed it to run anyway, I know AVG does some false positives and I'm trusting you guys
MiniToolBox by Farbar Version: 18-01-2012
Ran by Fernando (administrator) on 07-05-2012 at 09:53:26
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : MaximoPoder
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : lan

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 10-78-D2-27-9F-23
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ac04:c7ce:813f:8a47%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : segunda-feira, 7 de maio de 2012 09:22:46
Lease Expires . . . . . . . . . . : ter‡a-feira, 8 de maio de 2012 09:22:46
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 235960530
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-36-E7-DE-10-78-D2-27-9F-23
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.lan:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:30dd:3632:428c:3192(Preferred)
Link-local IPv6 Address . . . . . : fe80::30dd:3632:428c:3192%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dsldevice.lan
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.234.100
74.125.234.110
74.125.234.97
74.125.234.99
74.125.234.102
74.125.234.96
74.125.234.105
74.125.234.101
74.125.234.103
74.125.234.98
74.125.234.104


Pinging google.com [74.125.234.102] with 32 bytes of data:
Reply from 74.125.234.102: bytes=32 time=28ms TTL=55
Reply from 74.125.234.102: bytes=32 time=24ms TTL=55

Ping statistics for 74.125.234.102:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 24ms, Maximum = 28ms, Average = 26ms
Server: dsldevice.lan
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=202ms TTL=52
Reply from 72.30.38.140: bytes=32 time=221ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 202ms, Maximum = 221ms, Average = 211ms
Server: dsldevice.lan
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...10 78 d2 27 9f 23 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 192.168.1.3 30
169.254.255.255 255.255.255.255 On-link 192.168.1.3 276
192.168.1.0 255.255.255.0 On-link 192.168.1.3 276
192.168.1.3 255.255.255.255 On-link 192.168.1.3 276
192.168.1.255 255.255.255.255 On-link 192.168.1.3 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:30dd:3632:428c:3192/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::30dd:3632:428c:3192/128
On-link
11 276 fe80::ac04:c7ce:813f:8a47/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/07/2012 09:21:45 AM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 18.0.1025.168, time stamp: 0x4f9b3c24
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x13f4
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (05/07/2012 09:19:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/06/2012 11:07:24 PM) (Source: MsiInstaller) (User: Fernando)Fernando
Description: Produto: AGEIA PhysX v7.11.13 -- Installation terminated

Error: (05/06/2012 11:37:47 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {48ca7254-6fd6-4f24-a7f6-bda3c0d4cba3}

Error: (05/06/2012 10:50:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/06/2012 10:49:14 AM) (Source: TabletServicePen) (User: )
Description: Could not init tablet driver

Error: (05/06/2012 07:18:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/05/2012 06:28:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x4f6cfb24
Faulting module name: filesystem_steam.dll_unloaded, version: 0.0.0.0, time stamp: 0x4f999dd8
Exception code: 0xc0000005
Fault offset: 0x6e08e36c
Faulting process id: 0x111c
Faulting application start time: 0xhl2.exe0
Faulting application path: hl2.exe1
Faulting module path: hl2.exe2
Report Id: hl2.exe3

Error: (05/05/2012 06:02:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/05/2012 01:18:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/06/2012 03:55:57 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (05/06/2012 02:15:20 PM) (Source: DCOM) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (05/06/2012 07:21:00 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 (KB2544521).

Error: (05/06/2012 07:21:00 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 (KB2598845).

Error: (05/06/2012 07:21:00 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 (KB2632503).

Error: (05/06/2012 07:18:04 AM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%16405

Error: (05/05/2012 03:55:34 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (05/05/2012 03:55:34 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.


Microsoft Office Sessions:
=========================
Error: (05/07/2012 09:21:45 AM) (Source: Application Error)(User: )
Description: chrome.exe18.0.1025.1684f9b3c24unknown0.0.0.000000000c00000050000000013f401cd2c4bea843261C:\Users\Fernando\AppData\Local\Google\Chrome\Application\chrome.exeunknown3583cedb-983f-11e1-84d2-1078d2279f23

Error: (05/07/2012 09:19:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/06/2012 11:07:24 PM) (Source: MsiInstaller)(User: Fernando)Fernando
Description: Produto: AGEIA PhysX v7.11.13 -- Installation terminated(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (05/06/2012 11:37:47 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {48ca7254-6fd6-4f24-a7f6-bda3c0d4cba3}

Error: (05/06/2012 10:50:39 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/06/2012 10:49:14 AM) (Source: TabletServicePen)(User: )
Description: Could not init tablet driver

Error: (05/06/2012 07:18:27 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/05/2012 06:28:35 PM) (Source: Application Error)(User: )
Description: hl2.exe0.0.0.04f6cfb24filesystem_steam.dll_unloaded0.0.0.04f999dd8c00000056e08e36c111c01cd2b042a269479c:\program files\steam\steamapps\feferuco\team fortress 2\hl2.exefilesystem_steam.dll44f55d9d-96f9-11e1-a271-1078d2279f23

Error: (05/05/2012 06:02:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/05/2012 01:18:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Photoshop CS3 (Version: 10.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Setup (Version: 1.0)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Arquivo do WinRAR
µTorrent (Version: 3.1.3)
Audiosurf
AVG 2012 (Version: 12.0.2171)
AVG 2012 (Version: 12.0.2425)
AVG 2012 (Version: 2012.0.2171)
Bamboo
Bionic Commando Rearmed
Botanicula
CCleaner (Version: 3.18)
CDisplay 1.8
Cogs
D3DX10 (Version: 15.4.2368.0902)
Dead Rising 2
Dead Rising 2 (Version: 1.0.0002.130)
Frozen Synapse
Google Chrome (Version: 18.0.1025.168)
Grand Theft Auto: Episodes from Liberty City
HiJackThis (Version: 1.0.0)
ImgBurn (Version: 2.5.7.0)
Jamestown
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 32 (Version: 6.0.320)
Just Cause 2
Last.fm 1.5.4.27091
Left 4 Dead 2
Magicka
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
MSVCRT (Version: 15.4.2862.0708)
NVIDIA 3D Vision Controller Driver 296.10 (Version: 296.10)
NVIDIA 3D Vision Driver 296.10 (Version: 296.10)
NVIDIA Control Panel 296.10 (Version: 296.10)
NVIDIA Graphics Driver 296.10 (Version: 296.10)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9610)
NVIDIA Update 1.7.11 (Version: 1.7.11)
NVIDIA Update Components (Version: 1.7.11)
OpenAL
OpenOffice.org 3.3 (Version: 3.3.9567)
PDF Settings (Version: 1.0)
Platform (Version: 1.34)
Portal 2
Steam (Version: 1.0.0.0)
Street Fighter IV
Team Fortress 2
Terraria
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VIA Gerenciador de dispositivo de plataforma (Version: 1.34)
VLC media player 2.0.1 (Version: 2.0.1)
WebTablet IE Plugin (Version: 1.1.0.4)
WebTablet Netscape Plugin (Version: 1.1.0.3)
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Galeria de Fotos (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Zeno Clash

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 3327.24 MB
Available physical RAM: 1923.54 MB
Total Pagefile: 6650.71 MB
Available Pagefile: 4942.32 MB
Total Virtual: 2047.88 MB
Available Virtual: 1942.54 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:465.66 GB) (Free:367.13 GB) NTFS
4 Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
5 Drive f: () (Fixed) (Total:367.03 GB) (Free:12.06 GB) NTFS
6 Drive g: () (Fixed) (Total:98.63 GB) (Free:13.29 GB) NTFS

========================= Users: ========================================

User accounts for \\MAXIMOPODER

Administrator Fernando Guest
UpdatusUser

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

BTW, the dates listed after Lease Obtained and Lease Expires are in portuguese, they are Monday, May 7th and Tuesday, May 8th


Step 4, Malawarebytes anti-malware log
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.07.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Fernando :: MAXIMOPODER [administrator]

07/05/2012 10:26:07
mbam-log-2012-05-07 (10-26-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 203368
Time elapsed: 3 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

EDIT:

I've reset the computer, tried to see if I could get searchmagnified.com to pop up again on Chrome, and it did. Got this address again
http://www.searchmagnified.com/?dn=freedictionary.com&pid=7PO4T2PE1

When typing "freedictionary.com" on the address bar.

Edited by Feferuco, 07 May 2012 - 08:43 AM.


#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:01 AM

Posted 07 May 2012 - 09:01 AM

Hi

Please do the following next

Step 1

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on yourr desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Select Detect TDLFS file system
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


Step 2
I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


Step 3

How is your computer running now?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 Feferuco

Feferuco
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:01 AM

Posted 08 May 2012 - 11:38 AM

Step 1, nothing found

Step 2,


C:\Users\Fernando\AppData\Local\Temp\ICReinstall\cnet2_snarfer_1_0_2_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Fernando\AppData\Local\Temp\is1598539481\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
F:\Downloads Torrent\Adobe After Effects CS4.exe BAT/HostsChanger.A application deleted - quarantined
F:\Fernando\Arquivos Recebidos\cnet2_snarfer_1_0_2_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
F:\Fernando\Arquivos Recebidos\Vegas_Pro_8.0_portable by antares315.rar.part a variant of Win32/Keygen.AR application deleted - quarantined
F:\Fernando\Programas\cnet2_tri10setup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
F:\Fernando\Programas\winamp5621_full_emusic-7plus_all.exe Win32/OpenCandy application deleted - quarantined
F:\Fernando\Programas\winamp5623_full_emusic-7plus_pt-br.exe Win32/OpenCandy application deleted - quarantined
F:\Fernando\Programas\Audio, video, 3d stuff\freeripmp3-setup.exe multiple threats deleted - quarantined
F:\Fernando\Programas\Audio, video, 3d stuff\YouTubeDownloaderSetup33.exe a variant of Win32/Toolbar.Widgi application deleted - quarantined
F:\Fernando\Programas\PC utilities\defragsetup.exe a variant of Win32/Toolbar.Widgi application deleted - quarantined
G:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Reboot.exe Win32/Reboot.NAD application cleaned by deleting - quarantined
G:\ProgramData\YouTube Downloader\ytd_installer.exe a variant of Win32/Toolbar.Widgi application deleted - quarantined
G:\Users\Fernando\AppData\Local\Temp\ICReinstall\cnet2_tri10setup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
G:\Windows\System32\Tools\Hide.exe probably a variant of Win32/Adware.Agent.CODVBVE application cleaned by deleting - quarantined


Step 3:

My computer continues as before: No pop-ups, no odd behavior, only thing suspicious is when I try freedictionary.com and I get redirected to
http://www.searchmagnified.com/?dn=freedictionary.com&pid=7PO4T2PE1

By the way, freedictionary.com isn't the actual address for the website. The actual address is thefreedictionary.com. Like I said earlier, it is a wrong address and it redirects me to a searchmagnified.com website. If I try other non-existent addresses, I don't get this.

I'm starting to think that maybe I never had searchmagnified to begin with and it is just that freedictionary.com was bought by searchmagnified.com. Though this was all pretty good because it rid me of quite a few threats along the way.

EDIT 2:

Today I tried accessing "freedictionary.com" from another computer and I got someone else to do it from his computer. Both of them returned the same address. Pretty sure now I'm not actually being redirected by malware, it is just that freedictionary.com redirects automatically to searchmagnified.com

I feel like I wasted your time dev00790, I'm sorry. But at least I cleaned some threats I didn't even know I had.

Edited by Feferuco, 08 May 2012 - 07:29 PM.


#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:01 AM

Posted 08 May 2012 - 08:09 PM

Hi

Please run TDSSkiller again, but this time with a slight change:

  • Double-click on TDSSKiller.exe on yourr desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Check the boxes next to Verify file digital signatures and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Edited by dev00790, 08 May 2012 - 08:10 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 Feferuco

Feferuco
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:01 AM

Posted 09 May 2012 - 08:00 AM

Okay, did the TDSS thing, found 2 threats, used the "skip" option because there was no "cure" option.


09:56:24.0304 1116 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
09:56:24.0830 1116 ============================================================
09:56:24.0830 1116 Current date / time: 2012/05/09 09:56:24.0830
09:56:24.0830 1116 SystemInfo:
09:56:24.0830 1116
09:56:24.0831 1116 OS Version: 6.1.7601 ServicePack: 1.0
09:56:24.0831 1116 Product type: Workstation
09:56:24.0831 1116 ComputerName: MAXIMOPODER
09:56:24.0831 1116 UserName: Fernando
09:56:24.0831 1116 Windows directory: C:\Windows
09:56:24.0831 1116 System windows directory: C:\Windows
09:56:24.0831 1116 Processor architecture: Intel x86
09:56:24.0831 1116 Number of processors: 4
09:56:24.0831 1116 Page size: 0x1000
09:56:24.0831 1116 Boot type: Normal boot
09:56:24.0831 1116 ============================================================
09:56:25.0729 1116 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
09:56:25.0738 1116 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
09:56:25.0749 1116 ============================================================
09:56:25.0749 1116 \Device\Harddisk0\DR0:
09:56:25.0749 1116 MBR partitions:
09:56:25.0749 1116 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:56:25.0749 1116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
09:56:25.0749 1116 \Device\Harddisk1\DR1:
09:56:25.0749 1116 MBR partitions:
09:56:25.0749 1116 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:56:25.0749 1116 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x2DE0F800
09:56:25.0749 1116 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x2DE42000, BlocksNum 0xC543800
09:56:25.0749 1116 ============================================================
09:56:25.0768 1116 C: <-> \Device\Harddisk0\DR0\Partition1
09:56:25.0770 1116 E: <-> \Device\Harddisk1\DR1\Partition0
09:56:25.0771 1116 F: <-> \Device\Harddisk1\DR1\Partition1
09:56:25.0771 1116 G: <-> \Device\Harddisk1\DR1\Partition2
09:56:25.0772 1116 ============================================================
09:56:25.0772 1116 Initialize success
09:56:25.0772 1116 ============================================================
09:56:40.0654 5628 ============================================================
09:56:40.0654 5628 Scan started
09:56:40.0654 5628 Mode: Manual; SigCheck; TDLFS;
09:56:40.0654 5628 ============================================================
09:56:42.0625 5628 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
09:56:42.0716 5628 1394ohci - ok
09:56:42.0728 5628 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
09:56:42.0743 5628 ACPI - ok
09:56:42.0756 5628 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
09:56:42.0808 5628 AcpiPmi - ok
09:56:42.0923 5628 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:56:42.0936 5628 AdobeARMservice - ok
09:56:42.0986 5628 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys
09:56:43.0010 5628 adp94xx - ok
09:56:43.0023 5628 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys
09:56:43.0039 5628 adpahci - ok
09:56:43.0048 5628 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys
09:56:43.0061 5628 adpu320 - ok
09:56:43.0076 5628 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
09:56:43.0108 5628 AeLookupSvc - ok
09:56:43.0161 5628 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
09:56:43.0200 5628 AFD - ok
09:56:43.0206 5628 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
09:56:43.0221 5628 agp440 - ok
09:56:43.0244 5628 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys
09:56:43.0256 5628 aic78xx - ok
09:56:43.0271 5628 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
09:56:43.0295 5628 ALG - ok
09:56:43.0307 5628 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
09:56:43.0319 5628 aliide - ok
09:56:43.0332 5628 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
09:56:43.0343 5628 amdagp - ok
09:56:43.0348 5628 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
09:56:43.0359 5628 amdide - ok
09:56:43.0371 5628 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys
09:56:43.0384 5628 AmdK8 - ok
09:56:43.0389 5628 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys
09:56:43.0414 5628 AmdPPM - ok
09:56:43.0445 5628 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
09:56:43.0457 5628 amdsata - ok
09:56:43.0490 5628 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys
09:56:43.0504 5628 amdsbs - ok
09:56:43.0519 5628 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
09:56:43.0530 5628 amdxata - ok
09:56:43.0538 5628 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
09:56:43.0567 5628 AppID - ok
09:56:43.0603 5628 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
09:56:43.0638 5628 AppIDSvc - ok
09:56:43.0654 5628 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
09:56:43.0687 5628 Appinfo - ok
09:56:43.0721 5628 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
09:56:43.0743 5628 AppMgmt - ok
09:56:43.0776 5628 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys
09:56:43.0788 5628 arc - ok
09:56:43.0797 5628 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys
09:56:43.0809 5628 arcsas - ok
09:56:44.0014 5628 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:56:44.0025 5628 aspnet_state - ok
09:56:44.0130 5628 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
09:56:44.0501 5628 AsyncMac - ok
09:56:44.0525 5628 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
09:56:44.0537 5628 atapi - ok
09:56:44.0577 5628 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
09:56:44.0647 5628 AudioEndpointBuilder - ok
09:56:44.0654 5628 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
09:56:44.0681 5628 Audiosrv - ok
09:56:46.0830 5628 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files\AVG\AVG2012\avgidsagent.exe
09:56:46.0971 5628 AVGIDSAgent - ok
09:56:47.0864 5628 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\Windows\system32\DRIVERS\avgidsdriverx.sys
09:56:47.0902 5628 AVGIDSDriver - ok
09:56:47.0941 5628 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\Windows\system32\DRIVERS\avgidsfilterx.sys
09:56:47.0949 5628 AVGIDSFilter - ok
09:56:47.0971 5628 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\Windows\system32\DRIVERS\avgidshx.sys
09:56:47.0980 5628 AVGIDSHX - ok
09:56:48.0007 5628 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\Windows\system32\DRIVERS\avgidsshimx.sys
09:56:48.0015 5628 AVGIDSShim - ok
09:56:48.0073 5628 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\Windows\system32\DRIVERS\avgldx86.sys
09:56:48.0086 5628 Avgldx86 - ok
09:56:48.0167 5628 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\Windows\system32\DRIVERS\avgmfx86.sys
09:56:48.0177 5628 Avgmfx86 - ok
09:56:48.0215 5628 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\Windows\system32\DRIVERS\avgrkx86.sys
09:56:48.0225 5628 Avgrkx86 - ok
09:56:48.0586 5628 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\Windows\system32\DRIVERS\avgtdix.sys
09:56:48.0602 5628 Avgtdix - ok
09:56:48.0783 5628 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
09:56:48.0796 5628 avgwd - ok
09:56:48.0856 5628 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
09:56:48.0882 5628 AxInstSV - ok
09:56:48.0924 5628 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys
09:56:48.0975 5628 b06bdrv - ok
09:56:49.0005 5628 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
09:56:49.0022 5628 b57nd60x - ok
09:56:49.0042 5628 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
09:56:49.0073 5628 BDESVC - ok
09:56:49.0098 5628 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
09:56:49.0142 5628 Beep - ok
09:56:49.0185 5628 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
09:56:49.0232 5628 BFE - ok
09:56:49.0576 5628 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
09:56:49.0611 5628 BITS - ok
09:56:49.0682 5628 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
09:56:49.0712 5628 blbdrive - ok
09:56:49.0886 5628 Bonjour Service (73686fe0b2e0469f89fd2075be724704) C:\Program Files\Bonjour\mDNSResponder.exe
09:56:49.0893 5628 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
09:56:49.0893 5628 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
09:56:49.0936 5628 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
09:56:49.0963 5628 bowser - ok
09:56:49.0978 5628 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys
09:56:50.0018 5628 BrFiltLo - ok
09:56:50.0042 5628 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys
09:56:50.0076 5628 BrFiltUp - ok
09:56:50.0100 5628 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
09:56:50.0142 5628 Browser - ok
09:56:50.0172 5628 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
09:56:50.0200 5628 Brserid - ok
09:56:50.0215 5628 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
09:56:50.0243 5628 BrSerWdm - ok
09:56:50.0254 5628 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:56:50.0279 5628 BrUsbMdm - ok
09:56:50.0293 5628 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
09:56:50.0324 5628 BrUsbSer - ok
09:56:50.0329 5628 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys
09:56:50.0345 5628 BTHMODEM - ok
09:56:50.0389 5628 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
09:56:50.0419 5628 bthserv - ok
09:56:50.0448 5628 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
09:56:50.0473 5628 cdfs - ok
09:56:50.0490 5628 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
09:56:50.0517 5628 cdrom - ok
09:56:50.0547 5628 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
09:56:50.0581 5628 CertPropSvc - ok
09:56:50.0617 5628 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys
09:56:50.0631 5628 circlass - ok
09:56:50.0654 5628 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
09:56:50.0668 5628 CLFS - ok
09:56:50.0744 5628 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:56:50.0758 5628 clr_optimization_v2.0.50727_32 - ok
09:56:51.0046 5628 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:56:51.0087 5628 clr_optimization_v4.0.30319_32 - ok
09:56:51.0105 5628 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\drivers\CmBatt.sys
09:56:51.0131 5628 CmBatt - ok
09:56:51.0146 5628 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
09:56:51.0160 5628 cmdide - ok
09:56:51.0597 5628 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
09:56:51.0621 5628 CNG - ok
09:56:51.0804 5628 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\drivers\compbatt.sys
09:56:51.0824 5628 Compbatt - ok
09:56:51.0840 5628 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys
09:56:51.0869 5628 CompositeBus - ok
09:56:51.0881 5628 COMSysApp - ok
09:56:51.0887 5628 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys
09:56:51.0902 5628 crcdisk - ok
09:56:51.0938 5628 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
09:56:51.0968 5628 CryptSvc - ok
09:56:52.0016 5628 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
09:56:52.0056 5628 CSC - ok
09:56:52.0092 5628 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
09:56:52.0115 5628 CscService - ok
09:56:52.0180 5628 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
09:56:52.0234 5628 DcomLaunch - ok
09:56:52.0364 5628 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
09:56:52.0398 5628 defragsvc - ok
09:56:52.0610 5628 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
09:56:52.0639 5628 DfsC - ok
09:56:52.0679 5628 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
09:56:52.0724 5628 Dhcp - ok
09:56:52.0729 5628 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
09:56:52.0758 5628 discache - ok
09:56:52.0776 5628 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys
09:56:52.0787 5628 Disk - ok
09:56:52.0824 5628 dmvsc (2a958ef85db1b61ffca65044fa4bce9e) C:\Windows\system32\drivers\dmvsc.sys
09:56:52.0860 5628 dmvsc - ok
09:56:52.0883 5628 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
09:56:52.0919 5628 Dnscache - ok
09:56:53.0165 5628 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
09:56:53.0201 5628 dot3svc - ok
09:56:53.0369 5628 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
09:56:53.0415 5628 DPS - ok
09:56:53.0435 5628 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
09:56:53.0464 5628 drmkaud - ok
09:56:53.0609 5628 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
09:56:53.0633 5628 DXGKrnl - ok
09:56:53.0785 5628 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
09:56:53.0838 5628 EapHost - ok
09:56:54.0052 5628 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys
09:56:54.0150 5628 ebdrv - ok
09:56:54.0236 5628 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
09:56:54.0252 5628 EFS - ok
09:56:54.0305 5628 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
09:56:54.0345 5628 ehRecvr - ok
09:56:54.0362 5628 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
09:56:54.0390 5628 ehSched - ok
09:56:54.0467 5628 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys
09:56:54.0497 5628 elxstor - ok
09:56:54.0510 5628 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
09:56:54.0529 5628 ErrDev - ok
09:56:54.0575 5628 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
09:56:54.0616 5628 EventSystem - ok
09:56:54.0628 5628 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
09:56:54.0653 5628 exfat - ok
09:56:54.0661 5628 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
09:56:54.0687 5628 fastfat - ok
09:56:54.0722 5628 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
09:56:54.0758 5628 Fax - ok
09:56:54.0762 5628 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
09:56:54.0788 5628 fdc - ok
09:56:54.0800 5628 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
09:56:54.0831 5628 fdPHost - ok
09:56:54.0840 5628 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
09:56:54.0864 5628 FDResPub - ok
09:56:54.0870 5628 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
09:56:54.0881 5628 FileInfo - ok
09:56:54.0895 5628 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
09:56:54.0924 5628 Filetrace - ok
09:56:55.0018 5628 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:56:55.0059 5628 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
09:56:55.0059 5628 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
09:56:55.0074 5628 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
09:56:55.0100 5628 flpydisk - ok
09:56:55.0116 5628 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
09:56:55.0133 5628 FltMgr - ok
09:56:55.0180 5628 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
09:56:55.0207 5628 FontCache - ok
09:56:55.0255 5628 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:56:55.0267 5628 FontCache3.0.0.0 - ok
09:56:55.0290 5628 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
09:56:55.0305 5628 FsDepends - ok
09:56:55.0327 5628 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
09:56:55.0340 5628 Fs_Rec - ok
09:56:55.0368 5628 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
09:56:55.0388 5628 fvevol - ok
09:56:55.0396 5628 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys
09:56:55.0408 5628 gagp30kx - ok
09:56:55.0448 5628 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
09:56:55.0487 5628 gpsvc - ok
09:56:55.0495 5628 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
09:56:55.0516 5628 hcw85cir - ok
09:56:55.0559 5628 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
09:56:55.0614 5628 HdAudAddService - ok
09:56:55.0634 5628 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:56:55.0652 5628 HDAudBus - ok
09:56:55.0657 5628 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys
09:56:55.0683 5628 HidBatt - ok
09:56:55.0689 5628 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys
09:56:55.0704 5628 HidBth - ok
09:56:55.0714 5628 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys
09:56:55.0736 5628 HidIr - ok
09:56:55.0758 5628 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
09:56:55.0797 5628 hidserv - ok
09:56:55.0801 5628 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
09:56:55.0823 5628 HidUsb - ok
09:56:55.0832 5628 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
09:56:55.0855 5628 hkmsvc - ok
09:56:55.0873 5628 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
09:56:55.0899 5628 HomeGroupListener - ok
09:56:55.0929 5628 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
09:56:55.0959 5628 HomeGroupProvider - ok
09:56:56.0013 5628 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
09:56:56.0028 5628 HpSAMD - ok
09:56:56.0048 5628 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
09:56:56.0078 5628 HTTP - ok
09:56:56.0082 5628 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
09:56:56.0093 5628 hwpolicy - ok
09:56:56.0109 5628 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
09:56:56.0131 5628 i8042prt - ok
09:56:56.0162 5628 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
09:56:56.0176 5628 iaStorV - ok
09:56:56.0603 5628 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:56:56.0667 5628 idsvc - ok
09:56:56.0697 5628 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys
09:56:56.0711 5628 iirsp - ok
09:56:56.0756 5628 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
09:56:56.0814 5628 IKEEXT - ok
09:56:56.0821 5628 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
09:56:56.0835 5628 intelide - ok
09:56:56.0852 5628 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
09:56:56.0864 5628 intelppm - ok
09:56:56.0875 5628 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
09:56:56.0900 5628 IPBusEnum - ok
09:56:56.0905 5628 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:56:56.0930 5628 IpFilterDriver - ok
09:56:56.0963 5628 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
09:56:57.0020 5628 iphlpsvc - ok
09:56:57.0026 5628 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
09:56:57.0039 5628 IPMIDRV - ok
09:56:57.0047 5628 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
09:56:57.0071 5628 IPNAT - ok
09:56:57.0090 5628 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
09:56:57.0115 5628 IRENUM - ok
09:56:57.0120 5628 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
09:56:57.0131 5628 isapnp - ok
09:56:57.0163 5628 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
09:56:57.0195 5628 iScsiPrt - ok
09:56:57.0205 5628 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
09:56:57.0219 5628 kbdclass - ok
09:56:57.0230 5628 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
09:56:57.0258 5628 kbdhid - ok
09:56:57.0277 5628 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:56:57.0292 5628 KeyIso - ok
09:56:57.0306 5628 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
09:56:57.0321 5628 KSecDD - ok
09:56:57.0399 5628 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
09:56:57.0414 5628 KSecPkg - ok
09:56:57.0570 5628 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
09:56:57.0642 5628 KtmRm - ok
09:56:57.0687 5628 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
09:56:57.0725 5628 LanmanServer - ok
09:56:57.0744 5628 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
09:56:57.0769 5628 LanmanWorkstation - ok
09:56:57.0819 5628 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
09:56:57.0862 5628 lltdio - ok
09:56:57.0884 5628 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
09:56:57.0913 5628 lltdsvc - ok
09:56:57.0928 5628 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
09:56:57.0971 5628 lmhosts - ok
09:56:57.0985 5628 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys
09:56:57.0998 5628 LSI_FC - ok
09:56:58.0004 5628 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys
09:56:58.0016 5628 LSI_SAS - ok
09:56:58.0022 5628 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys
09:56:58.0034 5628 LSI_SAS2 - ok
09:56:58.0040 5628 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys
09:56:58.0053 5628 LSI_SCSI - ok
09:56:58.0060 5628 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
09:56:58.0084 5628 luafv - ok
09:56:58.0149 5628 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
09:56:58.0171 5628 Mcx2Svc - ok
09:56:58.0176 5628 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys
09:56:58.0191 5628 megasas - ok
09:56:58.0203 5628 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys
09:56:58.0222 5628 MegaSR - ok
09:56:58.0251 5628 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
09:56:58.0294 5628 MMCSS - ok
09:56:58.0299 5628 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
09:56:58.0332 5628 Modem - ok
09:56:58.0346 5628 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
09:56:58.0367 5628 monitor - ok
09:56:58.0384 5628 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
09:56:58.0395 5628 mouclass - ok
09:56:58.0400 5628 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
09:56:58.0420 5628 mouhid - ok
09:56:58.0426 5628 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
09:56:58.0438 5628 mountmgr - ok
09:56:58.0445 5628 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
09:56:58.0458 5628 mpio - ok
09:56:58.0464 5628 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
09:56:58.0489 5628 mpsdrv - ok
09:56:58.0582 5628 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
09:56:58.0633 5628 MpsSvc - ok
09:56:58.0647 5628 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
09:56:58.0663 5628 MRxDAV - ok
09:56:58.0696 5628 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:56:58.0724 5628 mrxsmb - ok
09:56:58.0751 5628 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:56:58.0767 5628 mrxsmb10 - ok
09:56:58.0873 5628 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:56:58.0888 5628 mrxsmb20 - ok
09:56:58.0930 5628 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
09:56:58.0945 5628 msahci - ok
09:56:58.0953 5628 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
09:56:58.0969 5628 msdsm - ok
09:56:58.0997 5628 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
09:56:59.0023 5628 MSDTC - ok
09:56:59.0042 5628 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
09:56:59.0066 5628 Msfs - ok
09:56:59.0073 5628 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
09:56:59.0097 5628 mshidkmdf - ok
09:56:59.0101 5628 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
09:56:59.0113 5628 msisadrv - ok
09:56:59.0153 5628 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
09:56:59.0194 5628 MSiSCSI - ok
09:56:59.0198 5628 msiserver - ok
09:56:59.0220 5628 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
09:56:59.0255 5628 MSKSSRV - ok
09:56:59.0275 5628 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
09:56:59.0312 5628 MSPCLOCK - ok
09:56:59.0316 5628 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
09:56:59.0348 5628 MSPQM - ok
09:56:59.0376 5628 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
09:56:59.0389 5628 MsRPC - ok
09:56:59.0396 5628 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
09:56:59.0407 5628 mssmbios - ok
09:56:59.0411 5628 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
09:56:59.0436 5628 MSTEE - ok
09:56:59.0451 5628 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys
09:56:59.0474 5628 MTConfig - ok
09:56:59.0479 5628 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
09:56:59.0490 5628 Mup - ok
09:56:59.0573 5628 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
09:56:59.0621 5628 napagent - ok
09:56:59.0663 5628 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
09:56:59.0689 5628 NativeWifiP - ok
09:56:59.0720 5628 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
09:56:59.0743 5628 NDIS - ok
09:56:59.0755 5628 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
09:56:59.0790 5628 NdisCap - ok
09:56:59.0800 5628 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
09:56:59.0835 5628 NdisTapi - ok
09:56:59.0840 5628 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
09:56:59.0863 5628 Ndisuio - ok
09:56:59.0870 5628 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
09:56:59.0897 5628 NdisWan - ok
09:56:59.0902 5628 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
09:56:59.0924 5628 NDProxy - ok
09:56:59.0930 5628 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
09:56:59.0962 5628 NetBIOS - ok
09:56:59.0972 5628 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
09:56:59.0996 5628 NetBT - ok
09:57:00.0019 5628 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:57:00.0031 5628 Netlogon - ok
09:57:00.0068 5628 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
09:57:00.0094 5628 Netman - ok
09:57:00.0184 5628 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:57:00.0196 5628 NetMsmqActivator - ok
09:57:00.0200 5628 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:57:00.0212 5628 NetPipeActivator - ok
09:57:00.0237 5628 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
09:57:00.0279 5628 netprofm - ok
09:57:00.0283 5628 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:57:00.0294 5628 NetTcpActivator - ok
09:57:00.0297 5628 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:57:00.0308 5628 NetTcpPortSharing - ok
09:57:00.0343 5628 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys
09:57:00.0354 5628 nfrd960 - ok
09:57:00.0535 5628 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
09:57:00.0576 5628 NlaSvc - ok
09:57:00.0582 5628 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
09:57:00.0606 5628 Npfs - ok
09:57:00.0619 5628 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
09:57:00.0643 5628 nsi - ok
09:57:00.0648 5628 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
09:57:00.0671 5628 nsiproxy - ok
09:57:00.0872 5628 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
09:57:00.0910 5628 Ntfs - ok
09:57:00.0929 5628 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
09:57:00.0952 5628 Null - ok
09:57:03.0635 5628 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:57:03.0778 5628 nvlddmkm - ok
09:57:03.0870 5628 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
09:57:03.0885 5628 nvraid - ok
09:57:03.0917 5628 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
09:57:03.0932 5628 nvstor - ok
09:57:03.0990 5628 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
09:57:04.0012 5628 nvsvc - ok
09:57:04.0615 5628 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:57:04.0658 5628 nvUpdatusService - ok
09:57:05.0972 5628 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
09:57:06.0000 5628 nv_agp - ok
09:57:06.0031 5628 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
09:57:06.0048 5628 ohci1394 - ok
09:57:06.0078 5628 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
09:57:06.0122 5628 p2pimsvc - ok
09:57:06.0144 5628 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
09:57:06.0167 5628 p2psvc - ok
09:57:06.0178 5628 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
09:57:06.0191 5628 Parport - ok
09:57:06.0196 5628 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
09:57:06.0208 5628 partmgr - ok
09:57:06.0217 5628 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
09:57:06.0240 5628 Parvdm - ok
09:57:06.0363 5628 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
09:57:06.0384 5628 PcaSvc - ok
09:57:06.0393 5628 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
09:57:06.0428 5628 pci - ok
09:57:06.0432 5628 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
09:57:06.0445 5628 pciide - ok
09:57:06.0589 5628 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys
09:57:06.0606 5628 pcmcia - ok
09:57:06.0612 5628 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
09:57:06.0625 5628 pcw - ok
09:57:06.0659 5628 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
09:57:06.0700 5628 PEAUTH - ok
09:57:07.0418 5628 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
09:57:07.0473 5628 PeerDistSvc - ok
09:57:08.0430 5628 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
09:57:08.0530 5628 pla - ok
09:57:09.0126 5628 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
09:57:09.0162 5628 PlugPlay - ok
09:57:09.0184 5628 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
09:57:09.0205 5628 PNRPAutoReg - ok
09:57:09.0220 5628 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
09:57:09.0236 5628 PNRPsvc - ok
09:57:09.0270 5628 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
09:57:09.0309 5628 PolicyAgent - ok
09:57:09.0333 5628 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
09:57:09.0366 5628 Power - ok
09:57:09.0451 5628 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
09:57:09.0488 5628 PptpMiniport - ok
09:57:09.0500 5628 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys
09:57:09.0524 5628 Processor - ok
09:57:09.0567 5628 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
09:57:09.0602 5628 ProfSvc - ok
09:57:09.0619 5628 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:57:09.0633 5628 ProtectedStorage - ok
09:57:09.0658 5628 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
09:57:09.0692 5628 Psched - ok
09:57:09.0761 5628 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys
09:57:09.0815 5628 ql2300 - ok
09:57:10.0310 5628 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys
09:57:10.0342 5628 ql40xx - ok
09:57:10.0571 5628 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
09:57:10.0625 5628 QWAVE - ok
09:57:10.0665 5628 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
09:57:10.0684 5628 QWAVEdrv - ok
09:57:10.0690 5628 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
09:57:10.0726 5628 RasAcd - ok
09:57:10.0756 5628 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:57:10.0784 5628 RasAgileVpn - ok
09:57:10.0805 5628 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
09:57:10.0851 5628 RasAuto - ok
09:57:10.0857 5628 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:57:10.0886 5628 Rasl2tp - ok
09:57:10.0924 5628 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
09:57:10.0957 5628 RasMan - ok
09:57:10.0968 5628 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
09:57:10.0992 5628 RasPppoe - ok
09:57:10.0999 5628 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
09:57:11.0032 5628 RasSstp - ok
09:57:11.0044 5628 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
09:57:11.0076 5628 rdbss - ok
09:57:11.0102 5628 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
09:57:11.0115 5628 rdpbus - ok
09:57:11.0125 5628 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:57:11.0158 5628 RDPCDD - ok
09:57:11.0210 5628 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
09:57:11.0236 5628 RDPDR - ok
09:57:11.0248 5628 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
09:57:11.0288 5628 RDPENCDD - ok
09:57:11.0300 5628 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
09:57:11.0335 5628 RDPREFMP - ok
09:57:11.0357 5628 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
09:57:11.0387 5628 RdpVideoMiniport - ok
09:57:11.0411 5628 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
09:57:11.0456 5628 RDPWD - ok
09:57:11.0483 5628 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
09:57:11.0500 5628 rdyboost - ok
09:57:11.0524 5628 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
09:57:11.0548 5628 RemoteAccess - ok
09:57:11.0580 5628 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
09:57:11.0606 5628 RemoteRegistry - ok
09:57:11.0626 5628 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
09:57:11.0662 5628 RpcEptMapper - ok
09:57:11.0676 5628 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
09:57:11.0706 5628 RpcLocator - ok
09:57:11.0722 5628 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
09:57:11.0748 5628 RpcSs - ok
09:57:11.0787 5628 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
09:57:11.0823 5628 rspndr - ok
09:57:11.0867 5628 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\Windows\system32\DRIVERS\Rt86win7.sys
09:57:11.0915 5628 RTL8167 - ok
09:57:11.0948 5628 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
09:57:11.0972 5628 s3cap - ok
09:57:11.0993 5628 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:57:12.0007 5628 SamSs - ok
09:57:12.0026 5628 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
09:57:12.0040 5628 sbp2port - ok
09:57:12.0067 5628 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
09:57:12.0094 5628 SCardSvr - ok
09:57:12.0111 5628 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
09:57:12.0143 5628 scfilter - ok
09:57:12.0182 5628 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
09:57:12.0220 5628 Schedule - ok
09:57:12.0238 5628 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
09:57:12.0260 5628 SCPolicySvc - ok
09:57:12.0285 5628 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
09:57:12.0313 5628 SDRSVC - ok
09:57:12.0341 5628 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
09:57:12.0385 5628 secdrv - ok
09:57:12.0394 5628 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
09:57:12.0424 5628 seclogon - ok
09:57:12.0442 5628 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
09:57:12.0477 5628 SENS - ok
09:57:12.0497 5628 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
09:57:12.0531 5628 SensrSvc - ok
09:57:12.0545 5628 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
09:57:12.0557 5628 Serenum - ok
09:57:12.0583 5628 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
09:57:12.0603 5628 Serial - ok
09:57:12.0608 5628 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys
09:57:12.0620 5628 sermouse - ok
09:57:12.0646 5628 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
09:57:12.0680 5628 SessionEnv - ok
09:57:12.0690 5628 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
09:57:12.0710 5628 sffdisk - ok
09:57:12.0714 5628 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
09:57:12.0728 5628 sffp_mmc - ok
09:57:12.0732 5628 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
09:57:12.0746 5628 sffp_sd - ok
09:57:12.0757 5628 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys
09:57:12.0770 5628 sfloppy - ok
09:57:12.0800 5628 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
09:57:12.0837 5628 SharedAccess - ok
09:57:12.0864 5628 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
09:57:12.0900 5628 ShellHWDetection - ok
09:57:12.0905 5628 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
09:57:12.0918 5628 sisagp - ok
09:57:12.0928 5628 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys
09:57:12.0940 5628 SiSRaid2 - ok
09:57:12.0952 5628 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys
09:57:12.0965 5628 SiSRaid4 - ok
09:57:12.0983 5628 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
09:57:13.0007 5628 Smb - ok
09:57:13.0018 5628 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
09:57:13.0032 5628 SNMPTRAP - ok
09:57:13.0036 5628 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
09:57:13.0047 5628 spldr - ok
09:57:13.0076 5628 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
09:57:13.0101 5628 Spooler - ok
09:57:13.0216 5628 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
09:57:13.0304 5628 sppsvc - ok
09:57:13.0381 5628 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
09:57:13.0411 5628 sppuinotify - ok
09:57:13.0458 5628 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
09:57:13.0496 5628 srv - ok
09:57:13.0510 5628 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
09:57:13.0534 5628 srv2 - ok
09:57:13.0552 5628 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
09:57:13.0564 5628 srvnet - ok
09:57:13.0578 5628 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
09:57:13.0604 5628 SSDPSRV - ok
09:57:13.0611 5628 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
09:57:13.0647 5628 SstpSvc - ok
09:57:13.0684 5628 Steam Client Service - ok
09:57:13.0747 5628 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:57:13.0764 5628 Stereo Service - ok
09:57:13.0784 5628 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys
09:57:13.0798 5628 stexstor - ok
09:57:13.0838 5628 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
09:57:13.0880 5628 StiSvc - ok
09:57:13.0897 5628 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
09:57:13.0908 5628 storflt - ok
09:57:13.0918 5628 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
09:57:13.0930 5628 storvsc - ok
09:57:13.0936 5628 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
09:57:13.0947 5628 swenum - ok
09:57:13.0979 5628 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
09:57:14.0022 5628 swprv - ok
09:57:14.0046 5628 Synth3dVsc (f2ad8960812fd111e20e84659ef19d43) C:\Windows\system32\drivers\synth3dvsc.sys
09:57:14.0058 5628 Synth3dVsc - ok
09:57:14.0104 5628 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
09:57:14.0131 5628 SysMain - ok
09:57:14.0138 5628 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
09:57:14.0165 5628 TabletInputService - ok
09:57:14.0340 5628 TabletServicePen (099aee120cac4a43ce307a828998392f) C:\Windows\system32\Pen_Tablet.exe
09:57:14.0407 5628 TabletServicePen - ok
09:57:14.0498 5628 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
09:57:14.0535 5628 TapiSrv - ok
09:57:14.0549 5628 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
09:57:14.0574 5628 TBS - ok
09:57:14.0657 5628 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
09:57:14.0691 5628 Tcpip - ok
09:57:14.0710 5628 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
09:57:14.0737 5628 TCPIP6 - ok
09:57:14.0759 5628 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
09:57:14.0790 5628 tcpipreg - ok
09:57:14.0796 5628 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
09:57:14.0808 5628 TDPIPE - ok
09:57:14.0834 5628 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
09:57:14.0846 5628 TDTCP - ok
09:57:14.0859 5628 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
09:57:14.0894 5628 tdx - ok
09:57:14.0899 5628 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys
09:57:14.0911 5628 TermDD - ok
09:57:14.0930 5628 terminpt (052306fd76793d5d5ab5d9891fd1adbb) C:\Windows\system32\drivers\terminpt.sys
09:57:14.0963 5628 terminpt - ok
09:57:14.0995 5628 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
09:57:15.0028 5628 TermService - ok
09:57:15.0046 5628 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
09:57:15.0072 5628 Themes - ok
09:57:15.0092 5628 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
09:57:15.0116 5628 THREADORDER - ok
09:57:15.0143 5628 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
09:57:15.0178 5628 TrkWks - ok
09:57:15.0225 5628 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
09:57:15.0255 5628 TrustedInstaller - ok
09:57:15.0267 5628 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:57:15.0297 5628 tssecsrv - ok
09:57:15.0303 5628 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
09:57:15.0331 5628 TsUsbFlt - ok
09:57:15.0346 5628 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys
09:57:15.0371 5628 TsUsbGD - ok
09:57:15.0389 5628 tsusbhub (045acb987c650d8186c6b4a692223860) C:\Windows\system32\drivers\tsusbhub.sys
09:57:15.0402 5628 tsusbhub - ok
09:57:15.0415 5628 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
09:57:15.0438 5628 tunnel - ok
09:57:15.0444 5628 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys
09:57:15.0456 5628 uagp35 - ok
09:57:15.0471 5628 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
09:57:15.0508 5628 udfs - ok
09:57:15.0531 5628 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
09:57:15.0547 5628 UI0Detect - ok
09:57:15.0568 5628 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
09:57:15.0580 5628 uliagpkx - ok
09:57:15.0608 5628 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
09:57:15.0621 5628 umbus - ok
09:57:15.0636 5628 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys
09:57:15.0662 5628 UmPass - ok
09:57:15.0693 5628 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
09:57:15.0708 5628 UmRdpService - ok
09:57:15.0743 5628 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
09:57:15.0783 5628 upnphost - ok
09:57:15.0809 5628 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
09:57:15.0830 5628 usbccgp - ok
09:57:15.0866 5628 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
09:57:15.0884 5628 usbcir - ok
09:57:15.0902 5628 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
09:57:15.0914 5628 usbehci - ok
09:57:15.0946 5628 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
09:57:15.0970 5628 usbhub - ok
09:57:15.0988 5628 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
09:57:16.0011 5628 usbohci - ok
09:57:16.0027 5628 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\drivers\usbprint.sys
09:57:16.0043 5628 usbprint - ok
09:57:16.0071 5628 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:57:16.0113 5628 USBSTOR - ok
09:57:16.0139 5628 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
09:57:16.0154 5628 usbuhci - ok
09:57:16.0176 5628 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
09:57:16.0202 5628 UxSms - ok
09:57:16.0226 5628 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:57:16.0240 5628 VaultSvc - ok
09:57:16.0266 5628 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
09:57:16.0278 5628 vdrvroot - ok
09:57:16.0307 5628 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
09:57:16.0346 5628 vds - ok
09:57:16.0351 5628 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
09:57:16.0367 5628 vga - ok
09:57:16.0380 5628 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
09:57:16.0403 5628 VgaSave - ok
09:57:16.0407 5628 VGPU - ok
09:57:16.0418 5628 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
09:57:16.0432 5628 vhdmp - ok
09:57:16.0448 5628 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
09:57:16.0460 5628 viaagp - ok
09:57:16.0466 5628 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys
09:57:16.0486 5628 ViaC7 - ok
09:57:16.0554 5628 VIAHdAudAddService (6be743341713a0a163616408b1f0eef0) C:\Windows\system32\drivers\viahduaa.sys
09:57:16.0622 5628 VIAHdAudAddService - ok
09:57:16.0633 5628 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
09:57:16.0648 5628 viaide - ok
09:57:16.0669 5628 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
09:57:16.0687 5628 vmbus - ok
09:57:16.0692 5628 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
09:57:16.0714 5628 VMBusHID - ok
09:57:16.0720 5628 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
09:57:16.0733 5628 volmgr - ok
09:57:16.0759 5628 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
09:57:16.0775 5628 volmgrx - ok
09:57:16.0786 5628 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
09:57:16.0801 5628 volsnap - ok
09:57:16.0815 5628 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys
09:57:16.0829 5628 vsmraid - ok
09:57:16.0884 5628 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
09:57:16.0932 5628 VSS - ok
09:57:16.0936 5628 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
09:57:16.0950 5628 vwifibus - ok
09:57:16.0976 5628 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
09:57:17.0013 5628 W32Time - ok
09:57:17.0052 5628 wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\Windows\system32\DRIVERS\wacommousefilter.sys
09:57:17.0060 5628 wacommousefilter - ok
09:57:17.0079 5628 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys
09:57:17.0105 5628 WacomPen - ok
09:57:17.0119 5628 wacomvhid (51d580f30d1a1f2ea4965af6abc2bcb2) C:\Windows\system32\DRIVERS\wacomvhid.sys
09:57:17.0126 5628 wacomvhid - ok
09:57:17.0135 5628 WacomVTHid (6d95cb7cefe61b62472076187277edf6) C:\Windows\system32\DRIVERS\WacomVTHid.sys
09:57:17.0143 5628 WacomVTHid - ok
09:57:17.0155 5628 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
09:57:17.0190 5628 WANARP - ok
09:57:17.0194 5628 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
09:57:17.0216 5628 Wanarpv6 - ok
09:57:17.0294 5628 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
09:57:17.0337 5628 WatAdminSvc - ok
09:57:17.0397 5628 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
09:57:17.0441 5628 wbengine - ok
09:57:17.0451 5628 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
09:57:17.0473 5628 WbioSrvc - ok
09:57:17.0495 5628 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
09:57:17.0518 5628 wcncsvc - ok
09:57:17.0536 5628 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
09:57:17.0568 5628 WcsPlugInService - ok
09:57:17.0615 5628 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys
09:57:17.0629 5628 Wd - ok
09:57:17.0649 5628 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
09:57:17.0670 5628 Wdf01000 - ok
09:57:17.0689 5628 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
09:57:17.0725 5628 WdiServiceHost - ok
09:57:17.0728 5628 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
09:57:17.0746 5628 WdiSystemHost - ok
09:57:17.0767 5628 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
09:57:17.0795 5628 WebClient - ok
09:57:17.0813 5628 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
09:57:17.0839 5628 Wecsvc - ok
09:57:17.0850 5628 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
09:57:17.0874 5628 wercplsupport - ok
09:57:17.0887 5628 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
09:57:17.0912 5628 WerSvc - ok
09:57:17.0953 5628 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
09:57:17.0982 5628 WfpLwf - ok
09:57:17.0991 5628 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
09:57:18.0003 5628 WIMMount - ok
09:57:18.0091 5628 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
09:57:18.0135 5628 WinDefend - ok
09:57:18.0144 5628 WinHttpAutoProxySvc - ok
09:57:18.0192 5628 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
09:57:18.0216 5628 Winmgmt - ok
09:57:18.0282 5628 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
09:57:18.0341 5628 WinRM - ok
09:57:18.0408 5628 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
09:57:18.0440 5628 Wlansvc - ok
09:57:18.0575 5628 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:57:18.0608 5628 wlidsvc - ok
09:57:18.0695 5628 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
09:57:18.0710 5628 WmiAcpi - ok
09:57:18.0757 5628 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
09:57:18.0783 5628 wmiApSrv - ok
09:57:18.0859 5628 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
09:57:18.0886 5628 WMPNetworkSvc - ok
09:57:18.0910 5628 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
09:57:18.0935 5628 WPCSvc - ok
09:57:18.0951 5628 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
09:57:18.0979 5628 WPDBusEnum - ok
09:57:19.0022 5628 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
09:57:19.0064 5628 ws2ifsl - ok
09:57:19.0081 5628 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
09:57:19.0106 5628 wscsvc - ok
09:57:19.0110 5628 WSearch - ok
09:57:19.0183 5628 WTouchService (77a3988cf9b5848bcbc9fb6a79508a56) C:\Program Files\WTouch\WTouchService.exe
09:57:19.0194 5628 WTouchService - ok
09:57:19.0274 5628 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
09:57:19.0340 5628 wuauserv - ok
09:57:19.0445 5628 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
09:57:19.0485 5628 WudfPf - ok
09:57:19.0516 5628 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:57:19.0549 5628 WUDFRd - ok
09:57:19.0591 5628 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
09:57:19.0622 5628 wudfsvc - ok
09:57:19.0641 5628 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
09:57:19.0670 5628 WwanSvc - ok
09:57:19.0736 5628 xnacc (ce0c846127d6abb1e2a22e59682b2527) C:\Windows\system32\DRIVERS\xnacc.sys
09:57:19.0767 5628 xnacc - ok
09:57:19.0794 5628 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:57:19.0901 5628 \Device\Harddisk0\DR0 - ok
09:57:19.0929 5628 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
09:57:20.0032 5628 \Device\Harddisk1\DR1 - ok
09:57:20.0036 5628 Boot (0x1200) (c4ca607c4f70e77de61647d50a68c976) \Device\Harddisk0\DR0\Partition0
09:57:20.0037 5628 \Device\Harddisk0\DR0\Partition0 - ok
09:57:20.0049 5628 Boot (0x1200) (1f872216e9f5b810b10791b4a6747c26) \Device\Harddisk0\DR0\Partition1
09:57:20.0050 5628 \Device\Harddisk0\DR0\Partition1 - ok
09:57:20.0054 5628 Boot (0x1200) (21fc631463c1d11d5b975f9e75da6ff0) \Device\Harddisk1\DR1\Partition0
09:57:20.0055 5628 \Device\Harddisk1\DR1\Partition0 - ok
09:57:20.0079 5628 Boot (0x1200) (5747bbf6646577555c8b61755351558b) \Device\Harddisk1\DR1\Partition1
09:57:20.0080 5628 \Device\Harddisk1\DR1\Partition1 - ok
09:57:20.0104 5628 Boot (0x1200) (f27ce16b1139b2fa37a0c5ff9e2e422c) \Device\Harddisk1\DR1\Partition2
09:57:20.0106 5628 \Device\Harddisk1\DR1\Partition2 - ok
09:57:20.0106 5628 ============================================================
09:57:20.0106 5628 Scan finished
09:57:20.0106 5628 ============================================================
09:57:20.0121 5620 Detected object count: 2
09:57:20.0121 5620 Actual detected object count: 2
09:58:12.0340 5620 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:12.0340 5620 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:58:12.0341 5620 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:12.0341 5620 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip


But you know, like I've said, I don't think I have searchmagnified. Try accessing freedictionary.com yourself, it'll probably redirect you to searchmagnified.com

#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:01 AM

Posted 09 May 2012 - 08:34 AM

Hi

Yes I get redirected to www.searchmagnified.com sometimes when requesting www.freedictionary.com - I believe this is deliberate since it seems the later site doesn't exist.
It is not malware - this seems to be a legitimate redirect that is site based, rather than your computer.

Do you have any other problems?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 Feferuco

Feferuco
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:01 AM

Posted 09 May 2012 - 11:45 AM

Nope, thanks for all the help.

#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:01 AM

Posted 09 May 2012 - 11:53 AM

You're welcome :)

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users